Removed rpms
============
- WebKit2GTK-5.0-lang
- gdk-pixbuf-loader-libopenraw
- libgnutls30-32bit
- libnettle8-32bit
- libtasn1-6-32bit
- libblkid1-32bit
- libcurl4-32bit
- libdbus-1-3-32bit
- libdevmapper1_03-32bit
- libdigikamcore7
- libflann1_9
- libjavascriptcoregtk-5_0-0
- libmozjs-60
- libogg0-32bit
- libopenraw1
- libpolkit0
- libwebkit2gtk-5_0-0
- libxml2-2-32bit
- libxmlrpc3
- libxmlrpc_client3
- libxmlrpc_util4
- systemd-icon-branding-openSUSE
- typelib-1_0-JavaScriptCore-5_0
- typelib-1_0-WebKit2-5_0
- webkit2gtk-5_0-injected-bundles
Added rpms
==========
- bluez-cups
- libblkid1-32bit
- libcurl4-32bit
- libdbus-1-3-32bit
- libdevmapper1_03-32bit
- libogg0-32bit
- libxml2-2-32bit
- libdigikamcore7_8_0
- libduktape206
- libgnutls30-32bit
- libnettle8-32bit
- libpolkit-agent-1-0
- libpolkit-gobject-1-0
- libtasn1-6-32bit
- pkexec
- qemu-block-nfs
- typelib-1_0-JavaScriptCore-4_1
- typelib-1_0-WebKit2-4_1
Package Source Changes
======================
MozillaFirefox
-- Firefox 102.3.0esr ESR
- Placeholder changelog-entry (bsc#1203477)
+- Firefox 102.4.0esr ESR
+ Placeholder changelog-entry (bsc#1204421)
+- Added mozilla-partial-revert-1768632.patch to fix build on i586
+
+- Firefox Extended Support Release 102.3.0 ESR
+ * Fixed: Various stability, functionality, and security fixes.
+ MFSA 2022-40 (bsc#1203477)
+ * CVE-2022-3266 (bmo#1767360)
+ Out of bounds read when decoding H264
+ * CVE-2022-40959 (bmo#1782211)
+ Bypassing FeaturePolicy restrictions on transient pages
+ * CVE-2022-40960 (bmo#1787633)
+ Data-race when parsing non-UTF-8 URLs in threads
+ * CVE-2022-40958 (bmo#1779993)
+ Bypassing Secure Context restriction for cookies with __Host
+ and __Secure prefix
+ * CVE-2022-40956 (bmo#1770094)
+ Content-Security-Policy base-uri bypass
+ * CVE-2022-40957 (bmo#1777604)
+ Incoherent instruction cache when building WASM on ARM64
+ * CVE-2022-40962 (bmo#1776655, bmo#1777574, bmo#1784835,
+ bmo#1785109, bmo#1786502, bmo#1789440)
+ Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3
- mozilla-bmo1626236.patch and mozilla-bmo1602730.patch
+ mozilla-bmo1626236.patch, mozilla-bmo1602730.patch,
+ mozilla-bmo1504834-part2.patch, mozilla-bmo1504834-part4.patch
MozillaThunderbird
+- Mozilla Thunderbird 102.4.0
+ Placeholder changelog-entry (bsc#1204421)
+- Rebase mozilla-silence-no-return-type.patch to apply with fuzz=0
+- Added mozilla-partial-revert-1768632.patch to fix build on i586
+- Mozilla Thunderbird 102.3.3
+ * new: Option added to show containing address book for a
+ contact when using `All Address Books` in vertical mode
+ (bmo#1778871)
+ * changed: Thunderbird will try to use POP NTLM authentication
+ even if not advertised by server (bmo#1793349)
+ * changed: Task List and Today Pane sidebars will no longer
+ load when not visible (bmo#1788549)
+ * fixed: Sending a message while a recipient pill was being
+ modified did not save changes (bmo#1779785)
+ * fixed: Nickname column was not available in horizontal view
+ of Address Book (bmo#1778000)
+ * fixed: Multiline organization values were displayed across
+ two columns in horizontal view of Address Book (bmo#1777780)
+ * fixed: Contact vCard fields with multiple values such as
+ Categories were truncated when saved (bmo#1792399)
+ * fixed: ICS calendar files with a `FREEBUSY` property could
+ not be imported (bmo#1783441)
+ * fixed: Thunderbird would hang if calendar event exceeded the
+ year 2035 (bmo#1789999)
+- Mozilla Thunderbird 102.3.2
+ * changed: Thunderbird will try to use POP CRAM-MD5
+ authentication even if not advertised by server (bmo#1789975)
+ * fixed: Checking messages on POP3 accounts caused POP folder
+ to lock if mail server was slow or non-responsive
+ (bmo#1792451)
+ * fixed: Newsgroups named with consecutive dots would not
+ appear when refreshing list of newsgroups (bmo#1787789)
+ * fixed: Sending news articles containing lines starting with
+ dot were sometimes clipped (bmo#1787955)
+ * fixed: CardDAV server sync silently failed if sync token
+ expired (bmo#1791183)
+ * fixed: Contacts from LDAP on macOS address books were not
+ displayed (bmo#1791347)
+ * fixed: Chat account input now accepts URIs for supported chat
+ protocols (bmo#1776706)
+ * fixed: Chat ScreenName field was not migrated to new address
+ book (bmo#1789990)
+ * fixed: Creating a New Event from the Today Pane used the
+ currently selected day from the main calendar instead of from
+ the Today Pane (bmo#1791203)
+ * fixed: `New Event` button in Today Pane was incorrectly
+ disabled sometimes (bmo#1792058)
+ * fixed: Event reminder windows did not close after being
+ dismissed or snoozed (bmo#1791228)
+ * fixed: Improved performance of recurring event date
+ calculation (bmo#1787677)
+ * fixed: Quarterly calendar events on the last day of the month
+ repeated one month early (bmo#1789362)
+ * fixed: Thunderbird would hang if calendar event exceeded the
+ year 2035 (bmo#1789999)
+ * fixed: Whitespace in calendar events was incorrectly handled
+ when upgrading from Thunderbird 91 to 102 (bmo#1790339)
+ * fixed: Various visual and UX improvements (bmo#1755623,bmo#17
+ 83903,bmo#1785851,bmo#1786434,bmo#1787286,bmo#1788151,bmo#178
+ 9728,bmo#1790499)
+- Mozilla Thunderbird 102.3.1
+ * changed: Compose window encryption options now only appear
+ for encryption technologies that have already been configured
+ (bmo#1788988)
+ * changed: Number of contacts in currently selected address
+ book now displayed at bottom of Address Book list column
+ (bmo#1745571)
+ * fixed: Password prompt did not include server hostname for
+ POP servers (bmo#1786920)
+ * fixed: `Edit Contact` was missing from Contacts sidebar
+ context menus (bmo#1771795)
+ * fixed: Address Book contact lists cut off display of some
+ characters, the result being unreadable (bmo#1780909)
+ * fixed: Menu items for dark-themed alarm dialog were invisible
+ on Windows 7 (bmo#1791738)
+ * fixed: Various security fixes
+ MFSA 2022-43 (bsc#1204411)
+ * CVE-2022-39249 (bmo#1791765)
+ Matrix SDK bundled with Thunderbird vulnerable to an
+ impersonation attack by malicious server administrators
+ * CVE-2022-39250 (bmo#1791765)
+ Matrix SDK bundled with Thunderbird vulnerable to a device
+ verification attack
+ * CVE-2022-39251 (bmo#1791765)
+ Matrix SDK bundled with Thunderbird vulnerable to an
+ impersonation attack
+ * CVE-2022-39236 (bmo#1791765)
+ Matrix SDK bundled with Thunderbird vulnerable to a data
+ corruption issue
+- Mozilla Thunderbird 102.3
+ * changed: Thunderbird will no longer attempt to import account
+ passwords when importing from another Thunderbird profile in
+ order to prevent profile corruption and permanent data loss.
+ (bmo#1790605)
+ * changed: Devtools performance profile will use Thunderbird
+ presets instead of Web Developer presets (bmo#1785954)
+ * fixed: Thunderbird startup performance improvements
+ (bmo#1785967)
+ * fixed: Saving email source and images failed
+ (bmo#1777323,bmo#1778804)
+ * fixed: Error message was shown repeatedly when temporary disk
+ space was full (bmo#1788580)
+ * fixed: Attaching OpenPGP keys without a set size to non-
+ encrypted messages briefly displayed a size of zero bytes
+ (bmo#1788952)
+ * fixed: Global Search entry box initially contained
+ "undefined" (bmo#1780963)
+ * fixed: Delete from POP Server mail filter rule intermittently
+ failed to trigger (bmo#1789418)
+ * fixed: Connections to POP3 servers without UIDL support
+ failed (bmo#1789314)
+ * fixed: Pop accounts with "Fetch headers only" set downloaded
+ complete messages if server did not advertise TOP capability
+ (bmo#1789356)
+ * fixed: "File -> New -> Address Book Contact" from Compose
+ window did not work (bmo#1782418)
+ * fixed: Attach "My vCard" option in compose window was not
+ available (bmo#1787614)
+ * fixed: Improved performance of matching a contact to an email
+ address (bmo#1782725)
+ * fixed: Address book only recognized a contact's first two
+ email addresses (bmo#1777156)
+ * fixed: Address book search and autocomplete failed if a
+ contact vCard could not be parsed (bmo#1789793)
+ * fixed: Downloading NNTP messages for offline use failed
+ (bmo#1785773)
+ * fixed: NNTP client became stuck when connecting to Public-
+ Inbox servers (bmo#1786203)
+ * fixed: Various visual and UX improvements
+ (bmo#1782235,bmo#1787448,bmo#1788725,bmo#1790324)
+ * fixed: Various security fixes
+ * unresolved: No dedicated "Department" field in address book
+ (bmo#1777780)
+ MFSA 2022-42 (bsc#1203477)
+ * CVE-2022-3266 (bmo#1767360)
+ Out of bounds read when decoding H264
+ * CVE-2022-40959 (bmo#1782211)
+ Bypassing FeaturePolicy restrictions on transient pages
+ * CVE-2022-40960 (bmo#1787633)
+ Data-race when parsing non-UTF-8 URLs in threads
+ * CVE-2022-40958 (bmo#1779993)
+ Bypassing Secure Context restriction for cookies with __Host
+ and __Secure prefix
+ * CVE-2022-40956 (bmo#1770094)
+ Content-Security-Policy base-uri bypass
+ * CVE-2022-40957 (bmo#1777604)
+ Incoherent instruction cache when building WASM on ARM64
+ * CVE-2022-3155 (bmo#1789061)
+ Attachment files saved to disk on macOS could be executed
+ without warning
+ * CVE-2022-40962 (bmo#1776655, bmo#1777574, bmo#1784835,
+ bmo#1785109, bmo#1786502, bmo#1789440)
+ Memory safety bugs fixed in Thunderbird 102.3
+
acpica
+- This version includes CEDT table support as requested in feature
+ (SLE 15 SP5):
+ jsc#PED-201
+
+- Update bundled wmidump to latest upstream 2021-10-11:
+ * Add support for '//' comments
+ * Print object_id or notify_id based on ACPI_WMI_EVENT flag
+ object_id and notify_id member are in one union. It depends on
+ ACPI_WMI_EVENT flag which member is stored in this union.
+ So print only one member based on ACPI_WMI_EVENT flag.
+- Add comment about origin of the wmidump sources
+
+- update to 20220331:
+ For the ASL Sleep() operator, issue a warning if the sleep value is
+ greater than 10 Milliseconds. Quick boottime is important, so warn about
+ sleeps greater than 10 ms. Distribution Linux kernels reach initrd in 350
+ ms, so excessive delays should be called out. 10 ms is chosen randomly,
+ but three of such delays would already make up ten percent of the
+ boottime.
+ Namespace: Avoid attempting to walk the Namespace if the Namespace does
+ not exist.
+ AML interpreter/iASL compiler: Add new Acpi 6.4 semantics for the
+ LoadTable and Load operators. DDB_HANDLE is gone, now loadtable returns a
+ pass/fail integer. Now load returns a pass/fail integer, as well as
+ storing the return value in an optional 2nd argument.
+ Headers: Use uintptr_t and offsetof() in Linux kernel builds. To avoid
+ "performing pointer subtraction with a null pointer has undefined
+ behavior" compiler warnings, use uintptr_t and offsetof() that are always
+ available during Linux kernel builds to define ACPI_UINTPTR_T and the
+ ACPI_TO_INTEGER() and ACPI_OFFSET() macros when building the ACPICA code
+ in the Linux kernel.
+ Added support for the Windows 11 _OSI string ("Windows 2021"). Submitted
+ by superm1.
+ executer/exsystem: Inform users about ACPI spec violation for the Stall()
+ operator. Values greater than 100 microseconds violate the ACPI
+ specification, so warn users about it. From the ACPI Specification
+ version 6.2 Errata A, 19.6.128 *Stall (Stall for a Short Time)*:
+ The implementation of Stall is OS-specific, but must not relinquish
+ control of the processor. Because of this, delays longer than 100
+ microseconds must use Sleep instead of Stall.
+ Data Table Compiler/Disassembler: Add support for the APMT table - ARM
+ Performance Monitoring Unit table. Submitted by @bwicaksononv.
+ Data Table Compiler/Disassembler: For MADT, add support for the OEM-
+ defined subtables (Types 0x80-0x7F).
+ Data Table Compiler: Fixed a problem with support for the SDEV table,
+ where a subtable Length was not computed correctly.
+ Data Table Compiler/Disassembler: Add/fix the CFMWS subtable to the CEDT
+ Acpi table support.
+ Data Table Compiler/Disassembler: Fix a compile issue with the CEDT and
+ add template. Submitted by MasterDrogo.
+ Data Table Compiler/Disassembler: NHLT Changes provided by Piotr Maziarz:
+ iASL/NHLT: Rename linux specific structures to DeviceInfo to improve
+ readability of the code.
+ iASL/NHLT: Fix parsing undocumented bytes at the end of Endpoint.
+ Undocumented bytes at the end of Endpoint Descriptor can be present
+ independently of Linux-specific structures. Their size can also vary.
+ iASL/NHLT: Treat TableTerminator as SpecificConfig. SpecificConfig has 4
+ bytes of size and then an amount of bytes specified by size. All of the
+ terminators that I've seen had a size equal to 4, but theoretically it
+ can vary.
+ iASL/AcpiExec: Use _exit instead of exit in signal handers (ctrl-C).
+ iASL: Remove a remark due to excessive output. Removed a remark for
+ duplicate Offset() operators, due to a user complaint.
+
+- The package build fine on arches different than x86 and ARM. Drop
+ the ExclusiveArch.
+
+- Update to version 20210930
+ * ACPICA kernel-resident subsystem:
+ * Avoid evaluating methods too early during system resume.
+ * Added a new _OSI string, "Windows 2020".
+ * iASL Compiler/Disassembler and ACPICA tools:
+ * iASL compiler: Updated the check for usage of _CRS, _DIS,
+ _PRS, and _SRSobjects
+ * iASL table disassembler: Added disassembly support for the
+ NHLT ACPI table.
+ * Added a new subtable type for ACPI 6.4 SRAT Generic Port Affinity
+ * Added the flag for online capable in the MADT, introduced in
+ ACPI 6.3.
+- Update to version 20210730:
+ * iASL Compiler/Disassembler and ACPICA tools:
+ * iasl: Check usage of _CRS, _DIS, _PRS, and _SRS objects
+ * iASL Table Disassembler/Table compiler: Fix for WPBT table with
+ no command-line arguments.
+ * Handle the case where the Command-line Arguments table field does
+ not exist (zero).
+ * Headers: Add new DBG2 Serial Port Subtypes
+ * iASL: Add full support for the AEST table (data compiler)
+ * Add PRMT module header to facilitate parsing.
+ * Table disassembler: Add missing strings to decode subtable types.
+
+- Update to version 20210604:
+ * ACPICA kernel-resident subsystem
+ * Cleaned up (delete) the context mutex during local address
+ handler object deletion.
+ * Fixed a memory leak caused by the _CID repair function.
+ * Add support for PlatformRtMechanism OperationRegion handler.
+ * Add a new utility function, AcpiUtConvertUuidToString.
+ * iASL Compiler/Disassembler and ACPICA tools:
+ * Added full support for the PRMT ACPI table
+ * Added full support for the BDAT ACPI table.
+ * Added full support for the RGRT ACPI table.
+ * Added full support for the SVKL ACPI table.
+ * Completed full support for the IVRS ACPI table.
+ * Added compiler support for IVRS, updated disassembler support
+ * Added a new utility, UtIsIdInteger, to determine if a
+ HID/CID is an integer or a string.
+ * Headers: Added more structs to the CEDT table
+ * ACPI 6.4: MADT: added Multiprocessor Wakeup Mailbox Structure.
+
+- Update to version 20210331
+ * ACPI 6.4 is now supported!
+ ACPICA kernel-resident subsystem:
+ * Always create namespace nodes.
+ * Fixed a race condition in generic serial bus operation region handler.
+ iASL Compiler/Disassembler and ACPICA tools:
+ * Add disassembly support for the IVRS table.
+ * Fixed a potential infinite loop due to type mismatch.
+ iASL/TableCompiler:
+ * update it with IORT table E.b revision changes.
+ * Add compilation support for the VIOT table.
+ * Add compilation support for CEDT table.
+ * Update of the CEDT template.
+
+- Update to version 20210105
+ ACPICA kernel-resident subsystem:
+ * Updated all copyrights to 2021. This affects all ACPICA source code
+ modules.
+ iASL Compiler/Disassembler and ACPICA tools:
+ * ASL test suite (ASLTS): Updated all copyrights to 2021.
+ * Tools and utilities: Updated all signon copyrights to 2021.
+ * iASL Table Compiler: Removed support for obsolete ACPI tables: VRTC,
+ MTMR. Al Stone.
+
+- Update to version 20200717
+ ACPICA kernel-resident subsystem:
+ * Do not increment OperationRegion reference counts for field units. Recent
+ server firmware has revealed that this reference count can overflow on
+ large servers that declare many field units (thousands) under the same
+ OperationRegion. This occurs because each field unit declaration will add
+ a reference count to the source OperationRegion. This release solves the
+ reference count overflow for OperationRegion objects by preventing
+ fieldUnits from incrementing their parent OperationRegion's reference
+ count.
+ * Replaced one-element arrays with flexible-arrays, which were introduced
+ in C99.
+ * Restored the readme file containing the directions for generation of
+ ACPICA from source on MSVC 2017. Updated the file for MSVC 2017. File is
+ located at: generate/msvc2017/readme.txt
+ iASL Compiler/Disassembler and ACPICA tools:
+ * iASL: Fixed a regression found in version 20200214. Prevent iASL from
+ emitting an extra byte of garbage data when control methods declared a
+ single parameter type without using braces. This extra byte is known to
+ cause a blue screen on the Windows AML interpreter.
+ * iASL: Made a change to allow external declarations to specify the type of
+ a named object even when some name segments are not defined. This change
+ allows the following ASL code to compile
+ (When DEV0 is not defined or not defined yet):
+ External (\_SB.DEV0.OBJ1, IntObj)
+ External (\_SB.DEV0, DeviceObj)
+ * iASL: Fixed a problem where method names in "Alias ()" statement could be
+ misinterpreted. They are now interpreted correctly as method invocations.
+ * iASL: capture a method parameter count (Within the Method info segment,
+ as well as the argument node) when using parameter type lists.
+
+- Update to version 20200528
+ ACPICA kernel-resident subsystem:
+ Removed old/obsolete Visual Studio files which were used to build the
+ Windows versions of the ACPICA tools. Since we have moved to Visual
+ Studio 2017, we are no longer supporting Visual Studio 2006 and 2009
+ project files. The new subdirectory and solution file are located at:
+ acpica/generate/msvc2017/AcpiComponents.sln
+ iASL Compiler/Disassembler and ACPICA tools:
+ * iASL: added support for a new OperationRegion Address Space (subtype):
+ PlatformRtMechanism. Support for this new keyword is being released for
+ early prototyping. It will appear in the next release of the ACPI
+ specification.
+ * iASL: do not optimize the NameString parameter of the CondRefOf operator.
+ In the previous iASL compiler release, the NameString parameter of the
+ CondRefOf was optimized. There is evidence that some implementations of
+ the AML interpreter do not perform the recursive search-to-parent search
+ during the execution of the CondRefOf operator. Therefore, the CondRefOf
+ operator behaves differently when the NameString parameter is a single
+ name segment (a NameSeg) as opposed to a full NamePath (starting at the
+ root scope) or a NameString containing parent prefixes.
+ * iASL: Prevent an inadvertent remark message. This change prevents a
+ remark if within a control method the following exist:
+ 1) An Operation Region is defined, and
+ 2) A Field operator is defined that refers to the region.
+ This happens because at the top level, the Field operator does not
+ actually create a new named object, it simply references the operation
+ region.
+ * Removed support for the acpinames utility. The acpinames was a simple
+ utility used to populate and display the ACPI namespace without executing
+ any AML code. However, ACPICA now supports executable opcodes outside of
+ control methods. This means that executable AML opcodes such as If and
+ Store opcodes need to be executed during table load. Therefore, acpinames
+ would need to be updated to match the same behavior as the acpiexec
+ utility and since acpiexec can already dump the entire namespace (via the
+ 'namespace' command), we no longer have the need to maintain acpinames.
+ * In order to dump the contents of the ACPI namepsace using acpiexec,
+ execute the following command from the command line:
+ acpiexec -b "n" [aml files]
+- Refresh parches
+
+- Enable -fcommon in CFLAGS and CXXFLAGS in order
+ to fix boo#1160383.
+
+- Add -fcommon as there are a lot re-definitions which lead to errors
+ and compile failures with gcc10 which enables -fno-common by default
+ bsc#1160383 - acpica fails with -fno-common
+
+- Update to version 20200110
+
+- Use noun phrase in summary
+
+- Update to version 20190509
+ Includes a fix that breaks VirtualBox
+ https://github.com/acpica/acpica/issues/462
+
+- Update to version 20190405
+ iASL: Implemented an enhanced multiple file compilation that combines
+ named objects from all input files to a single namespace. With this
+ feature, any unresolved external declarations as well as duplicate named
+ object declarations can be detected during compilation rather than
+ generating errors much later at runtime. The following commands are
+ examples that utilize this feature:
+ iasl dsdt.asl ssdt.asl
+ iasl dsdt.asl ssdt1.asl ssdt2.asl
+ iasl dsdt.asl ssdt*.asl
+- Adjusted patch:
+ M acpica-no-compiletime.patch
+
+- Update to version 20190215
+ Support for ACPI specification version 6.3:
+ * Add PCC operation region support for the AML interpreter. This adds PCC
+ operation region support in the AML interpreter and a default handler for
+ acpiexec. The change also renames the PCC region address space keyword to
+ PlatformCommChannel.
+ * Support for new predefined methods _NBS, _NCH, _NIC, _NIH, and _NIG.
+ These methods provide OSPM with health information and device boot
+ status.
+ * PDTT: Add TriggerOrder to the PCC Identifier structure. The field value
+ defines if the trigger needs to be invoked by OSPM before or at the end
+ of kernel crash dump processing/handling operation.
+ * SRAT: Add Generic Affinity Structure subtable. This subtable in the SRAT
+ is used for describing devices such as heterogeneous processors,
+ accelerators, GPUs, and IO devices with integrated compute or DMA
+ engines.
+ * MADT: Add support for statistical profiling in GICC. Statistical
+ profiling extension (SPE) is an architecture-specific feature for ARM.
+ * MADT: Add online capable flag. If this bit is set, system hardware
+ supports enabling this processor during OS runtime.
+ * New Error Disconnect Recover Notification value. There are a number of
+ scenarios where system Firmware in collaboration with hardware may
+ disconnect one or more devices from the rest of the system for purposes
+ of error containment. Firmware can use this new notification value to
+ alert OSPM of such a removal.
+ * PPTT: New additional fields in Processor Structure Flags. These flags
+ provide more information about processor topology.
+ * NFIT/Disassembler: Change a field name from "Address Range" to "Region
+ Type".
+ * HMAT updates: make several existing fields to be reserved as well as
+ rename subtable 0 to "memory proximity domain attributes".
+ * GTDT: Add support for new GTDT Revision 3. This revision adds information
+ for the EL2 timer.
+ * iASL: Update the HMAT example template for new fields.
+ * iASL: Add support for the new revision of the GTDT (Rev 3).
+ ACPICA kernel-resident subsystem:
+ * AML Parser: fix the main AML parse loop to correctly skip erroneous
+ extended opcodes. AML opcodes come in two lengths: 1-byte opcodes and 2-
+ byte extended opcodes. If an error occurs during an AML table load, the
+ AML parser will continue loading the table by skipping the offending
+ opcode. This implements a "load table at any cost" philosophy.
+ iASL Compiler/Disassembler and Tools:
+ * iASL: Add checks for illegal object references, such as a reference
+ outside of method to an object within a method. Such an object is only
+ temporary.
+ * iASL: Emit error for creation of a zero-length operation region. Such a
+ region is rather pointless. If encountered, a runtime error is also
+ implemented in the interpeter.
+ * Debugger: Fix a possible fault with the "test objects" command.
+ * iASL: Makefile: support parent directory filenames containing embedded
+ spaces.
+ * iASL: Update the TPM2 template to revision 4.
+ * iASL: Add the ability to report specific warnings or remarks as errors.
+ * Disassembler: Disassemble OEMx tables as actual AML byte code.
+ Previously, these tables were treated as "unknown table".
+ * iASL: Add definition and disassembly for TPM2 revision 3.
+ * iASL: Add support for TPM2 rev 3 compilation.
+- Refresh patches
+- Run spec-cleaner
+
+- Update to 20180629
+ Added changelog from mainline, installed into documentation path
+
+- Update to version 20180508
+ ACPICA kernel-resident subsystem:
+ * Completed the new (recently deployed) package resolution
+ mechanism for the Load and LoadTable ASL/AML operators. This
+ fixes a regression that was introduced in version 20180209
+ that could result in an AE_AML_INTERNAL exception during the
+ loading of a dynamic ACPI/AML table (SSDT) that contains
+ package objects.
+ iASL Compiler/Disassembler and Tools:
+ * AcpiDump and AcpiXtract: Implemented support for ACPI tables
+ larger than 1 MB. This change allows for table offsets within
+ the acpidump file to be up to 8 characters. These changes are
+ backwards compatible with existing acpidump files.
+ version 20180427
+ ACPICA kernel-resident subsystem:
+ * Debugger: Added support for Package objects in the "Test
+ Objects" command. This command walks the entire namespace and
+ evaluates all named data objects (Integers, Strings, Buffers,
+ and now Packages).
+ * Improved error messages for the namespace root node.
+ Originally, the root was referred to by the confusing string
+ "\___". This has been replaced by "Namespace Root" for
+ clarification.
+ * Fixed a potential infinite loop in the AcpiRsDumpByteList
+ function. Colin Ian King <colin.king@canonical.com>.
+ iASL Compiler/Disassembler and Tools:
+ * iASL: Implemented support to detect and flag illegal forward
+ references. For compatibility with other ACPI implementations,
+ these references are now illegal at the root level of the DSDT
+ or SSDTs. Forward references have always been illegal within
+ control methods. This change should not affect existing
+ ASL/AML code because of the fact that these references
+ have always been illegal in the other ACPI implementation.
+ * iASL: Added error messages for the case where a table OEM ID
+ and OEM TABLE ID strings are longer than the ACPI-defined length.
+ Previously, these strings were simply silently truncated.
+ * iASL: Enhanced the -tc option (which creates an AML hex file
+ in C, suitable for import into a firmware project):
+ 1) Create a unique name for the table, to simplify use of
+ multiple SSDTs.
+ 2) Add a protection #ifdef in the file, similar to a .h
+ header file. With assistance from Sami Mujawar,
+ sami.mujawar@arm.com and Evan Lloyd, evan.lloyd@arm.com
+ * AcpiExec: Added a new option, -df, to disable the local
+ fault handler. This is useful during debugging, where it may
+ be desired to drop into a debugger on a fault.
+
+- Upgrade to latest version 20180313
+- Update patches:
+ * acpica-no-compiletime.patch
+ * do_not_use_build_date_and_time.patch
+
-- Update to version 20140724
-
-- Include generate_acpi-tools_tarball.sh in the package's source.
-
-- Add acpi-tools tarball from kernel sources: tools/power/acpi
- Use latest acpidump from there instead of acpica included one.
- This fixes acpidump on latest kernels.
-- Add script for easier retrieving of acpi-tools tarball from kernel sources.
-
-- Update to version 20140214
-- Replace $RPM_OPT_FLAGS with %{optflags} as suggested by tcech@suse.cz
-
-- set HOST for make to not blindly set the hostname
- as compiler definition
-
-- Update to version 20140114
- Drop acpica-add_missing_examples_makefile.patch
- - > already included mainlaine.
-
-- Update to version 20131218
- Add acpica-add_missing_examples_makefile.patch: They forgot to add a file
- to the tarball. This patch adds it from git repo.
- Drop acpica-fix_dots_in_path_for_p_option.patch: This patch is included
- in the newly provided version tarball already.
-
-- Update to version 20131115
-- Explicitly add commit 04d10e3c1f41a776cbed96dce2326ee649b9a0f0 to fix
- bnc#855050:
- acpica-fix_dots_in_path_for_p_option.patch
-
-- Update to version 20130823
-- remove already integrated patch:
- dmar-buf10.patch
-
-- Fix Source3 vs Source4 typo (acpi_validate was broken)
-
-- Update to version 20130517
- - remove acpidump tarball, it is now included in acpica main project
-
-- Update to version 20130418
- - remove already integreated patches:
- acpica_make_CFLAGS_overridable
- bob_noop.patch
- - Add fix for DMAR table parsing issue:
- https://bugs.acpica.org/show_bug.cgi?id=999
-
-- Add wmidump/wmixtract tools for easy WMI (or other) GUID parsing
-
-- Fix tiny bug in acpi_validate which wrongly adds the file which
- is to be compiled additionally to the external reference tables
- list
-
-- Make use of -in (Ignore NoOp opcodes/operators)
- to avoid false positive errors during compliation/disassembling
-
-- Update to version 20121018
- - > remove some patches that got integrated
- - > Add one patch (bob_noop.patch) which will get integrated
- mainline: Stop and bail out when max error (200) count is reached.
- Introduce -in compile/disassemble option.
-
-- Add acpi_validate script for easy disassembling and re-compilation
- of local ACPI tables or of an already existing acpidump file
-
-- Update to latest version 20121018.
- - > one patch got accepted mainline -> removed.
-
-- Update to latest version 20120913
-- Add acpi_genl from http://www.lesswatts.org/projects/acpi/utilities.php
- Can be used to check for ACPI events via netlink (since /proc/acpi/events is
- is deprecated)
-- Adjust to new Makefile layout
-
-- Update to latest version 20120518
-
-- license update: GPL-2.0
- You added ec_access.c with a GPL-2.0 (only) license. Now the spec file
- has to be updated to reflect this
-
-- Clarify license, it's GPL-2.0+ (bnc#711299).
-
-- ACPICA version 20111123 released with full ACPI 5.0 support
- Detailed changelog can be found here:
- http://acpica.org/download/changes.txt
-
-- Fix build for 32 bit
-
-- Update to version 20110623
-- Fixed some "set but not used" errors and a link order issue
- and sent patches upstream.
-- Set "-Wno-unused-result" for some compilations -> too many
- offenders to fix that all up.
-
-- Add acpica-unix-const.patch: fix const correctness issue in
- AslCompilererror, http://www.acpica.org/bugzilla/show_bug.cgi?id=923
-
-- Add acpica-unix-20110316-gcc46.patch: fix compilation with gcc 4.6
-
-- Disable both build dates in this package and in
- the files it generates as it both trigger either unneeded
- republish of itself or other bigger packages like virtualbox
-- Provides: iasl too.
-
-- Exchange selfmade patch with mainline one to fix build
-
-- Updated to acpica version 20110316
- Changes are listed in /usr/share/doc/packages/acpica/changes.txt
-- Fixed dynamic acpi table extract via acpidump/acpixtract
- by reverting acpica commit baab09e6857a427944068c5e599ea2ffb84f765b
-- Fixed compile issue and submitted it mainline
-
-- Add possibility to see changes via new -s param: -r [ -s sleep ]
-
-- Remove stale acpidump patches
-
-- Get latest acpidump tool from Len's acpi pmtools:
- * Also dump dynamically loaded SSDTs
-- Build against its own headers instead of acpica headers
- - > unfortunately acpidump is still not part of acpica and
- adjusting things ourselves is too much overhead.
-
-- Update to version 20110112
- Changes are listed in /usr/share/doc/packages/acpica/changes.txt
-
-- Update to version 20100806
-- Added ec_access executable to be able to debug the Embedded
- Controller together with CONFIG_ACPI_EC_DEBUGFS kernel .config
- option
-
-- Update to version 20100806
- For details, see the changes.txt file in the package
- changes.txt can now be found in
- /usr/share/doc/packages/acpica/changes.txt
-
-- Update to version 20100702
- For details, see acpica-unix-20100702/changes.txt
-
-- Update to version 20100428
-
-- Avoid (when compiling AML):
- DSDT.dsl 10307: Name (_ADR, Zero)
- Error 4080 - ^ Invalid object type for reserved name,
- must be (Integer)
-
-- Updated to version 20100304
- Some ACPI 4.0 enhancements and a lot bug fixes and other
- enhancements. See changes.txt in the sources for details
-
-- Updated to version 20091013
- Includes a bug fix to correctly disassmeble Unisys ES7000 tables
-
-- as-needed fix no longer necessary
-
-- Update to acpica version 20090730
- The ACPI 4.0 implementation for ACPICA is complete with this release.
-
-- disable as-needed for this package as it fails to build with it
-
-- Initial check-in: Version 20090320
-
akonadi-server
+- In SLE-15-SP3 we had patches that made akonadi fall back to
+ sqlite if the mysql backend is not available. Those patches were
+ already merged by upstream so we can let the package Recommend
+ mysql instead of Require it, since it's not available in SLED.
+ The Requires are set unless branding-SLE is installed so the
+ requirements are used in Leap/TW but not in SLE where it's only
+ a Recommends and an alternate Requirements is used in that case
+ where the sqlite backend is installed if mysql is not available.
+
amarok
+- Use FFmpeg 4 to build amarok on Tumbleweed. The FFmpeg 5 port
+ needs more work.
+
+- Don't require QtWebEngine unconditionally
+
autoyast2
+- Log the profile/rules/classes file SHA1 sum so we can later
+ verify that a particular file was or was not used by YaST
+ (related to bsc#1204175)
+- 4.5.8
+
+- Allow empty values in ask/default, ask/selection/label and
+ ask/selection/value elements (bsc#1204448).
+- 4.5.7
+
+- fix profile location parsing and add 'repo' URL scheme (jsc#SLE-22578,
+ jsc#SLE-24584)
+- 4.5.6
+
+- Add needed packages for the selected network backend in order to
+ prevent it is not declared in the software section (bsc#1201235,
+ bsc#1201435)
+- 4.5.5
+
bind
+- Update to release 9.16.33
+ Security Fixes:
+ * Previously, there was no limit to the number of database lookups
+ performed while processing large delegations, which could be
+ abused to severely impact the performance of named running as a
+ recursive resolver. This has been fixed. (CVE-2022-2795)
+ * named running as a resolver with the stale-answer-client-timeout
+ option set to 0 could crash with an assertion failure, when
+ there was a stale CNAME in the cache for the incoming query.
+ This has been fixed. (CVE-2022-3080)
+ * A memory leak was fixed that could be externally triggered in the
+ DNSSEC verification code for the ECDSA algorithm. (CVE-2022-38177)
+ * Memory leaks were fixed that could be externally triggered in the
+ DNSSEC verification code for the EdDSA algorithm. (CVE-2022-38178)
+ Feature Changes:
+ * Response Rate Limiting (RRL) code now treats all QNAMEs that are
+ subject to wildcard processing within a given zone as the same
+ name, to prevent circumventing the limits enforced by RRL.
+ * Zones using dnssec-policy now require dynamic DNS or
+ inline-signing to be configured explicitly.
+ * A backward-compatible approach was implemented for encoding
+ internationalized domain names (IDN) in dig and converting the
+ domain to IDNA2008 form; if that fails,
+ BIND tries an IDNA2003 conversion.
+ Bug Fixes:
+ * A serve-stale bug was fixed, where BIND would try to return stale
+ data from cache for lookups that received duplicate queries or
+ queries that would be dropped. This bug resulted in premature
+ SERVFAIL responses, and has now been resolved.
+ [bsc#1203614, bsc#1203618, bsc#1203619, bsc#1203620, jsc#SLE-24600]
+
+- Add systemd drop-in directory for named service
+ [bsc#1201689, bind.spec]
+
+- Include a modified createNamedConfInclude script again, as this
+ broke compatability with existing configurations.
+ A symlink for named.conf.include to /var/lib/named is created to
+ allow for a read-only /etc directory.
+ However it is still advised to change the existing configuration.
+ See README-bind.chrootenv for a guide how to do this.
+ [bsc#1203250, vendor-files/tools/createNamedConfInclude,
+ vendor-files/docu/README-bind.chrootenv, bind.spec]
+
+- Update to release 9.16.32
+ Feature Changes:
+ * The DNSSEC algorithms RSASHA1 and NSEC3RSASHA1 are now automatically
+ disabled on systems where they are disallowed by the security policy
+ (e.g. Red Hat Enterprise Linux 9). Primary zones using those algorithms
+ need to be migrated to new algorithms prior to running on these systems,
+ as graceful migration to different DNSSEC algorithms is not possible when
+ RSASHA1 is disallowed by the operating system.
+ * Log messages related to fetch limiting have been improved to provide
+ more complete information. Specifically, the final counts of allowed
+ and spilled fetches are now logged before the counter object is destroyed.
+ Bug Fixes:
+ * Non-dynamic zones that inherit dnssec-policy from the view or options
+ blocks were not marked as inline-signed and therefore never scheduled
+ to be re-signed. This has been fixed.
+ * The old max-zone-ttl zone option was meant to be superseded by
+ the max-zone-ttl option in dnssec-policy; however, the latter option
+ was not fully effective. This has been corrected: zones no longer load
+ if they contain TTLs greater than the limit configured in dnssec-policy.
+ For zones with both the old max-zone-ttl option and dnssec-policy
+ configured, the old option is ignored, and a warning is generated.
+ * rndc dumpdb -expired was fixed to include expired RRsets,
+ even if stale-cache-enable is set to no and
+ the cache-cleaning time window has passed.
+ [bind-9.16.32.tar.xz, bind-9.16.32.tar.xz.sha512.asc,
+ bind-9.16.31.tar.xz, bind-9.16.31.tar.xz.sha512.asc,
+ bind.spec, jsc#SLE-24600]
+
bluez
-- Add shared-gatt-server-Fix-heap-overflow-when-appending-.patch
+- For pushing bluez 5.65 to 15-SP5 (bluez-5.62), sync more change log:
+ (jsc#PED-1407)
+ - The hcidump-Fix-set_ext_ctrl-global-buffer-overflow.patch
+ be merged to bluez-5.51 in 2018. (bsc#1013732)(CVE-2016-9801)
+ - The following btmon patches are merged to bluez-5.51 and later:
+ 0001-btmon-fix-segfault-caused-by-buffer-over-read.patch
+ 0002-btmon-fix-segfault-caused-by-buffer-over-read.patch
+ 0003-btmon-fix-segfault-caused-by-buffer-over-read.patch
+ 0004-btmon-Fix-crash-caused-by-integer-underflow.patch
+ 0005-btmon-fix-stack-buffer-overflow.patch
+ 0006-btmon-fix-multiple-segfaults.patch
+ 0007-btmon-fix-segfault-caused-by-integer-underflow.patch
+ 0008-btmon-fix-segfault-caused-by-integer-undeflow.patch
+ 0009-btmon-fix-segfault-caused-by-buffer-over-read.patch
+ 0010-btmon-fix-segfault-caused-by-buffer-overflow.patch
+ 0011-btmon-fix-segfault-caused-by-integer-underflow.patch
+ 0012-btmon-fix-segfault-caused-by-buffer-over-read.patch
+ (bsc#1015173)(CVE-2016-9918)(bsc#1013893)(CVE-2016-9802)
+ - The shared-gatt-server-Fix-not-properly-checking-for-sec.patch
+ be merged to bluez-5.57 in 2021.
+ (bsc#1186463 CVE-2021-0129 CVE-2020-26558)
+ - The gatt-Fix-potential-buffer-out-of-bound.patch be merged to
+ bluez-5.56 in 2021. (bsc#1187165 CVE-2021-3588)
+ - The shared-gatt-db-Introduce-gatt_db_attribute_set_fixed.patch
+ be merged to bluez-5.56 in 2021. (bsc#1187165 CVE-2021-3588)
+ - The gatt-Make-use-of-gatt_db_attribute_set_fixed_length.patch
+ be merged to bluez-5.56 in 2021. (bsc#1187165 CVE-2021-3588)
+ - Add JIRA-SLE-18497 number to 5.60, 5.61 and 5.62 update log
+ to sync with bluez.changes in SLE15-SP5.
+ - Install modprobe.conf files to %_modprobedir
+ This change already in bluez.sepc in openSUSE:Factory/bluez.
+ Sync the change log here. (bsc#1196275, jsc#SLE-20639)
+
+- For pushing bluez 5.65 to 15-SP5 (bluez-5.62), sync the spec file and
+ log: (jsc#PED-1407)
+ - SLE15-SP5 will direct use bluez.changes for openSUSE TW.
+ So keep the contents of SLE bluez.changes to bluez.changes.sle file.
+ - Put to /usr/share/doc/packages/bluez/bluez.changes.sle in package.
+
+- For pushing bluez 5.65 to 15-SP5 (bluez-5.62), sync the spec file and
+ log: (jsc#PED-1407)
+ - SLE15-SP5 will use the bluez.spec from openSUSE TW. The following
+ are changes in bluez.spec of SLE15-SP5:
+ - Obsoletes: bluez-utils <= 3.36
+ to
+ Obsoletes: bluez-utils < 3.36
+ - Obsoletes: bluez-audio <= 3.36
+ to
+ Obsoletes: bluez-audio < 3.36
+ - In %package -n libbluetooth3:
+ Obsoletes: bluez-libs <= 3.36
+ to
+ Obsoletes: bluez-libs < 3.36
+ - In %package cups, add the following statements
+ Requires: %{name}
+ Requires: cups
+ Supplements: (%{name} and cups)
+ - In %package test
+ Requires: python3-gobject2
+ to
+ Requires: python3-gobject
+ - In %package auto-enable-devices package, add
+ Requires(post): systemd
+ - Add %package obexd and %package zsh-completion
+ and their %description
+ - In %prep
+ - Removed
+ %setup -q
+ - Removed
+ [#] FIXME: Change the dbus service to be a real service, not systemd launched
+ sed -i "s:Exec=/bin/false:Exec=%{_libexecdir}/bluetooth/obexd:g" obexd/src/org.bluez.obex.service
+ sed -i "/SystemdService=.*/d" obexd/src/org.bluez.obex.service
+ [#] END FIXME
+ - In %build, add
+ - -with-dbusconfdir=%{_datadir} \
+ - In %install
+ - Removed
+ [#] FIXME: Do not delete the systemd service once we support systemd user/session services
+ rm %{buildroot}%{_userunitdir}/obex.service
+ [#] end FIXME
+ - org.bluez.mesh.service to %{_sysconfdir}/dbus-1/system-services/,
+ to
+ org.bluez.mesh.service to %{_datadir}/dbus-1/system-services/,
+ - In %files
+ - Add
+ %{_bindir}/isotest
+ %{_libexecdir}/bluetooth/obexd
+ %{_mandir}/man1/isotest.1%{?ext_man}
+ - %config %{_sysconfdir}/dbus-1/system.d/bluetooth.conf
+ to
+ %{_datadir}/dbus-1/system.d/bluetooth.conf
+ - Removed
+ %{_datadir}/dbus-1/services/org.bluez.obex.service
+ - Removed
+ %{_datadir}/zsh/site-functions/_bluetoothctl
+ - Add %files zsh-completion
+ - SLE15-SP5 will direct use bluez.changes for openSUSE TW.
+ So keep the contents of SLE bluez.changes to bluez.changes.sle file.
+ - Removed shared-gatt-server-Fix-heap-overflow-when-appending-.patch in
+ SLE15-SP5 bluez because 5.65 bluez already includes it.
-- Install modprobe.conf files to %_modprobedir (bsc#1196275, jsc#SLE-20639)
+- For pushing bluez 5.65 to 15-SP5 (bluez-5.62), sync the patches and
+ log: (jsc#PED-1407)
+ - hcidump-fixed-hci-frame-dump-stack-buffer-overflow.patch patch
+ be merged to 5.51 mainline. So 5.65 bluez already includes it.
+ (PATCH-FIX-UPSTREAM)(bsc#1013721)(CVE-2016-9800)
+ - Add the following patches from the bluez-5.62 of 15-SP5:
+ - disable_some_obex_tests.patch
+ - disable tests for bypass boo#1078285
+ - hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch
+ - bsc#1013708 CVE-2016-9797
+ - Al Cho has sent it to upstream but it not be merged:
+ https://lore.kernel.org/all/20181031081508.25927-1-acho@suse.com/T/
+ - hcidump-Fix-memory-leak-with-malformed-packet.patch
+ - bsc#1015171 CVE-2016-9917
+ - Al Cho has sent it to upstream but it not be merged:
+ https://www.spinics.net/lists/linux-bluetooth/msg79852.html
+ - hcidump-Fixed-malformed-segment-frame-length.patch
+ - bsc#1013712 CVE-2016-9798
+ - Did not send to upstream.
+ - 0001-rpi3-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch
+ - Move 43xx firmware path for RPi3 bluetooth support bsc#1140688 bsc#995059 bsc#1094902
+ - From https://www.yoctoproject.org/pipermail/yocto/2016-April/029424.html
+ - Respin the following patches
+ - bluez-test-2to3.diff
+ - Removed some parts of patch because those codes be included
+ in a1939bd51e0faba9a8550eea2590d99cb63a33c1 since 5.65.
+ - The following patches are the same between SLE15-SP5 with openSUSE TW:
+ - bluez-5.45-disable-broken-tests.diff in 15-SP5 matchs with
+ bluez-disable-broken-tests.diff in openSUSE TW.
+ - 0002-rpi3-Move-the-43xx-firmware-into-lib-firmware.patch in 15-SP5
+ matchs with RPi-Move-the-43xx-firmware-into-lib-firmware.patch in
+ openSUSE TW. (bsc#995059)(bsc#1094902)
+
+- update to 5.65:
+ * Fix issue with A2DP cache invalidation handling.
+ * Fix issue with A2DP and not initialized SEP codec.
+ * Fix issue with A2DP and multiple SetConfiguration to same SEP
+ * Fix issue with AVRCP and not properly initialized volume.
+ * Fix issue with SDP records when operating in LE only mode.
+ * Fix issue with HoG and not reading report map of instances.
+ * Fix issue with GATT server crashing while disconnecting.
+ * Fix issue with not removing connected devices.
+ * Fix issue with enabling wake support without RPA Resolution.
+ * Fix issue with pairing failed due to the error of Already Paired.
+ * Add support for CONFIGURATION_DIRECTORY environment variable.
+ * Add support for STATE_DIRECTORY environment variable.
+ * Add support for "Bonded" property with Device API.
+ * Add experimental support for ISO socket.
+- drop bluez-test-2to3.diff (obsolete/upstream)
+
+- Upgrade bluez-test requirement of PyGObject from ancient version
+ 2 to current version. (bluez/test is at least able to use it
+ since 2014)
+
+- Move the dbus-1 system.d file to /usr (bsc#1199207)
+- Fix self-obsoletion issues
+- Add supplements to cups subpackage
+- Split zsh completion into subpackage
+- Don't tell the user to write to /usr (in README-mesh.SUSE)
+
+- add Requires(post): systemd for bluez-auto-enable-devices
+ * fixes boo#1198906
+
+- update to version 5.64:
+ This is another release mostly with bug fixes on HOG, GATT, A2DP,
+ Media, AVDTP, AVRCP, and scanning failure.
+ This release includes a fix for building with old glibc (< 2.25)
+ and other minor issues found with the static code analyzing tool.
+ ISO packet support is added to the emulator as a part of LE Audio
+ development.
+- removed obsoleted 0002-Use-g_memdup2-everywhere.patch
+
+- Add code to restore user modifications for modprobe.d %config files
+ after moving the files to %_modprobedir
+- Use %_modprobedir (jsc#SLE-20639)
+
+- update to version 5.63:
+ * Fix issue with storing IRK causing invalid read access.
+ * Fix issue with disconnecting due to GattCharacteristic1.MTU.
+ * Add support for Device{Found,Lost} of advertising monitoring.
+
+- Fixes for %_libexecdir changing to /usr/libexec (bsc#1174075)
+
+- Stop nuking the obex service, we support user systemd services
+ just fine now. Following this, no longer hack the dbus service,
+ leave it as a systemd service as upstream intended.
+- Split out obex in own package with it's needed enabledment as a
+ systemd user service.
+- Add 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch:
+ obex: Use GLib helper function to manipulate paths. Instead of
+ trying to do it by hand. This also makes sure that relative paths
+ aren't used by the agent. Patch from fedora.
-- refresh patch
- hcidump-fixed-hci-frame-dump-stack-buffer-overflow.patch
+- drop obsoleted patch
+ 0005-media-rename-local-function-conflicting-with-pause-2.patch
+
+- add fedora's patches 0002-Use-g_memdup2-everywhere.patch and
+ 0005-media-rename-local-function-conflicting-with-pause-2.patch
+ to fix compatibility problems with newer glib and glibc
+
-- add bluez-test-2to3.diff to get rid of python2 dependency
+
+ I'm not going to remove it, and another maintainer can still
+ restart the removal process :-)
-- refresh other patches
+- remove bluez-5.59-0388794dc5fdb73a4ea.diff (included upstream)
+
+- add bluez-5.59-0388794dc5fdb73a4ea.diff, fixes a2dp on newly
+ paired devices, https://github.com/bluez/bluez/issues/157
+
- * new tool: mesh-cfgtest
- * new manpages: btmon.1, bluetooth-meshd.8
+- new tool: mesh-cfgtest
+- new manpages: btmon.1, bluetooth-meshd.8
+- rebased bluez-test-2to3.diff
+
+- remove upstreamed
+ bluez-avdtp-Fix-removing-all-remote-SEPs-when-loading-from.patch
+
+- add bluez-avdtp-Fix-removing-all-remote-SEPs-when-loading-from.patch
+ Fix Bluetooth headphones disconnect periodically(bsc#1183821)
+
-- remove obsolete upstreamed patches:
- shared-gatt-server-Fix-not-properly-checking-for-sec.patch
- (bsc#1186463 CVE-2021-0129)
- gatt-Fix-potential-buffer-out-of-bound.patch
- (bsc#1187165 CVE-2021-3588)
- shared-gatt-db-Introduce-gatt_db_attribute_set_fixed.patch
- (bsc#1187165 CVE-2021-3588)
- gatt-Make-use-of-gatt_db_attribute_set_fixed_length.patch
- (bsc#1187165 CVE-2021-3588)
-- refresh other patches
-- Add gatt-Fix-potential-buffer-out-of-bound.patch
- * When client features is read check if the offset is within the cli_feat
- bounds. (bsc#1187165 CVE-2021-3588)
-- Add shared-gatt-db-Introduce-gatt_db_attribute_set_fixed.patch
- * This enables user to inform if an attribute has a fixed length so it can
- automatically perform bounds checking. (bsc#1187165 CVE-2021-3588)
-- Add gatt-Make-use-of-gatt_db_attribute_set_fixed_length.patch
- * This makes use of gatt_db_attribute_set_fixed_length so the database is
- aware of the length of the values and perform bounds checking.
- (bsc#1187165 CVE-2021-3588)
+- add bluez-test-2to3.diff to get rid of python2 dependency
-- Add
- shared-gatt-server-Fix-not-properly-checking-for-sec.patch
- * Fix not properly checking for secure flags
- (bsc#1186463 CVE-2021-0129 CVE-2020-26558)
+- Packaging: remove _service and accompanying README.md,
+ maintenance in git did not work out as well as intended.
+- remove input-hog-Attempt-to-set-security-level-if-not-bonde.patch,
+ input-Add-LEAutoSecurity-setting-to-input.conf.patch: upstream
+- use autopatch, spec-cleaner
+
+- Add --enable-external-ell to actually make use of pkgconfig(ell).
+
+- Pull in python3 packages, the tests are py3 based so it does not
+ make sense to pull in py2 packages.
+
-- update to bluez-5.53:
+- bluez-5.53:
+- remove obsolete upstreamed patches:
+ * HOGP-must-only-accept-data-from-bonded-devices.patch
+ * HID-accepts-bonded-device-connections-only.patch
+- refresh other patches
+
+- Add
+ HOGP-must-only-accept-data-from-bonded-devices.patch
+ HOGP 1.0 Section 6.1 establishes that the HOGP must require
+ bonding.(bsc#1166751)(CVE-2020-0556)
+ HID-accepts-bonded-device-connections-only.patch
+ This change adds a configuration for platforms to choose a more
+ secure posture for the HID profile.(bsc#1166751)(CVE-2020-0556)
+ input-hog-Attempt-to-set-security-level-if-not-bonde.patch
+ Attempt to set security level if not bonded.
+ (bsc#1166751)(CVE-2020-0556)
+ input-Add-LEAutoSecurity-setting-to-input.conf.patch
+ Add LEAutoSecurity setting to input.conf.
+ (bsc#1166751)(CVE-2020-0556)
+
+- Fix path to systemctl in %post script
+
+- add NoSource tag for omitting README.md from src.rpm
+
+- move all deprecated tools into bluez-deprecated package which can
+ be disabled by prjconf in OBS.
+- bluez-deprecated will go away before end of 2020 in Tumbleweed!
+
+- BuildIgnore shared-mime-info, pulled in by libgio-2_0-0, not
+ required for building, but causes a build loop.
+- Add bcond for mesh, also enable mesh on Leap 15.2/SLE15SP2.
+- Properly conditionalize all files which are only built with enabled
+ mesh functionality, fixes build on Leap 15.1 and earlier.
+
+- fix udev directory from %_libexecdir to %_prefix/lib
+
+- remove obsolete 0001-mesh-Fix-segmentation-fault-on-Join-call.patch
+- disable one more segfaulting patch
+
+- add 0001-mesh-Fix-segmentation-fault-on-Join-call.patch
+ (boo#1152672)
+
+- add _service to use github.com/seifes-obs-packages/bluez.git
+ as source for the package
+
+- Combine multiple %service_* to reduce generated boilerplate.
+
+- disable mesh service due to security concerns, see boo#1151518
+- add README-mesh.SUSE to explain the issue
+- remove no longer necessary temporary-rpmlintrc
+
+- removed obsoleted patches:
+ * 0001-obexd-use-AM_LDFLAGS-for-linking.patch
+ * 0001-policy-Add-logic-to-connect-a-Sink.patch
+ * 0001-tools-Fix-build-after-y2038-changes-in-glibc.patch (bsc#1156544)
+ * bluez-5.50-a2dp-backports.patch
+ * bluez-5.50-gcc9.patch
+ * disable_some_obex_tests.patch
+ * bluez-5.45-disable-broken-tests.diff
+- add bluez-disable-broken-tests.diff
+- add temporary rpmlintrc until security team approves
+
+- Fix build with GCC 9 (boo#1121404, bko#202213):
+ * Add bluez-5.50-gcc9.patch.
+
+- Fix 43xx firmware path for RPi3 bluetooth support (bsc#1140688)
+ - Add RPi-Move-the-43xx-firmware-into-lib-firmware.patch
+
+- Add 0001-tools-Fix-build-after-y2038-changes-in-glibc.patch: Fix
+ build after y2038 changes in glibc (bsc#1156544)
+
+- Add avinfo to bluez-test, useful for debugging.
+- Only BuildRequires pkgconfig(ell) on Tumbleweed.
+- Add bluez-5.50-a2dp-backports.patch: A2DP fixes for newer codecs
+ (upstream backport).
+
+- Connect Sink profile which HSP profile connects (boo#1131772).
+ - Add 0001-policy-Add-logic-to-connect-a-Sink.patch
+
+- install bluetoothd sample config file as %doc for reference
+
+- use gcc8 for now to work around boo#1121404
+
+- add btmgmt to bluez-test
+
+- add btgatt-client to bluez-test
+
+- remove 0001-Don-t-refresh-adv_manager-for-non-LE-devices.patch,
+ fixed upstream
+
+- Add
+ CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
+ * Fix hcidump memory leak in pin_code_reply_dump().
+ (bsc#1013721)(CVE-2016-9800)
+ CVE-2016-9804-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
+ * Fix hcidump buffer overflow in commands_dump().
+ (bsc#1013877)(CVE-2016-9804)
+
+- add 0001-Don-t-refresh-adv_manager-for-non-LE-devices.patch
+ (boo#1086731)
+
-- Add --enable-external-ell to actually make use of pkgconfig(ell).
-- remove obsolete upstreamed patches:
- * 0001-obexd-use-AM_LDFLAGS-for-linking.patch
- * 0001-core-Fixes-order-InterfaceAdded.patch
- * tools-Fix-build-after-y2038-changes-in-glibc.patch
- * hcidump-Fix-set_ext_ctrl-global-buffer-overflow.patch
- * 0001-btmon-fix-segfault-caused-by-buffer-over-read.patch
- * 0002-btmon-fix-segfault-caused-by-buffer-over-read.patch
- * 0003-btmon-fix-segfault-caused-by-buffer-over-read.patch
- * 0004-btmon-Fix-crash-caused-by-integer-underflow.patch
- * 0005-btmon-fix-stack-buffer-overflow.patch
- * 0006-btmon-fix-multiple-segfaults.patch
- * 0007-btmon-fix-segfault-caused-by-integer-underflow.patch
- * 0008-btmon-fix-segfault-caused-by-integer-undeflow.patch
- * 0009-btmon-fix-segfault-caused-by-buffer-over-read.patch
- * 0010-btmon-fix-segfault-caused-by-buffer-overflow.patch
- * 0011-btmon-fix-segfault-caused-by-integer-underflow.patch
- * 0012-btmon-fix-segfault-caused-by-buffer-over-read.patch
-- use autopatch, spec-cleaner
-- refresh other patches
-
-- Add tools-Fix-build-after-y2038-changes-in-glibc.patch
- * The 32-bit SIOCGSTAMP has been deprecated. Use the deprecated
- name to fix the build.(bsc#1156544)
-
-- Add
- hcidump-Fixed-malformed-segment-frame-length.patch
- * Ensure the L2CAP SDUs whose length field match the actual frame
- length.(bsc#1013712)(CVE-2016-9798)
-- Modify bluez.changes:
- Remove (bsc#1013712)(CVE-2016-9798) tag from patch
- hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch
+- remove 0001-core-Fixes-order-InterfaceAdded.patch (upstream)
-- Add
- hcidump-Add-assoc-dump-function-assoc-date-length-ch.patch
- * amp_assoc_dump() didn't check the length of amp assoc struct.
- (bsc#1013712)(CVE-2016-9798)(bsc#1013708)(CVE-2016-9797)
- Add hcidump-Fix-memory-leak-with-malformed-packet.patch
- * Do not allow to read more than allocated data buffer size.
- (bsc#1015171)(CVE-2016-9917)
-- Refresh patches:
- patches/bluez-cups-libexec.patch
- patches/bluez-5.45-disable-broken-tests.diff
-- fix bluez.changes:
- add (bsc#1013893)(CVE-2016-9802) tag for last log.
-
-- Add:btmon: multiple memory management vulnerabilities fixed
- Multiple different memory management vulnerabilities were discovered
- in btmon while fuzzing it with American Fuzzy Lop. Purpose of this
- fuzzing effort was to find some bugs in btmon, analyse and fix them
- but also try to exploit them. Also goal was to prove that fuzzing is
- low effort way to find bugs that could end up being severe ones.
- Most common weakness appeared to be buffer over-read which was
- usually caused by missing boundary checks before accessing array.
- Integer underflows were also quite common. Most interesting bug was
- simple buffer overflow that was actually discovered already couple
- years ago by op7ic:
- https://www.spinics.net/lists/linux-bluetooth/msg68898.html
- but it was still not fixed. This particular vulnerability ended up
- being quite easily exploitable if certain mitigation technics were
- disabled.(bsc#1015173)(CVE-2016-9918)(bsc#1013893)(CVE-2016-9802)
- 0001-btmon-fix-segfault-caused-by-buffer-over-read.patch
- 0002-btmon-fix-segfault-caused-by-buffer-over-read.patch
- 0003-btmon-fix-segfault-caused-by-buffer-over-read.patch
- 0004-btmon-Fix-crash-caused-by-integer-underflow.patch
- 0005-btmon-fix-stack-buffer-overflow.patch
- 0006-btmon-fix-multiple-segfaults.patch
- 0007-btmon-fix-segfault-caused-by-integer-underflow.patch
- 0008-btmon-fix-segfault-caused-by-integer-undeflow.patch
- 0009-btmon-fix-segfault-caused-by-buffer-over-read.patch
- 0010-btmon-fix-segfault-caused-by-buffer-overflow.patch
- 0011-btmon-fix-segfault-caused-by-integer-underflow.patch
- 0012-btmon-fix-segfault-caused-by-buffer-over-read.patch
-
-- Add hcidump-fixed-hci-frame-dump-stack-buffer-overflow.patch
- to replace
- CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
- (PATCH-FIX-UPSTREAM)(bsc#1013721)(CVE-2016-9800)
- Add hcidump-Fix-set_ext_ctrl-global-buffer-overflow.patch
- to fix global buffer overflow (PATCH-FIX-UPSTREAM)
- (bsc#1013732)(CVE-2016-9801)
-- Fix %ifarch range.
-
-- add 0001-core-Fixes-order-InterfaceAdded.patch (boo#1101119)
- to fix headset connect after suspend/resume
-
-- Add lost patches for RPi3 bluetooth support (bsc#995059)(bsc#1094902)
- 0001-rpi3-bcm43xx-The-UART-speed-must-be-reset-after-the-firmw.patch
- 0002-rpi3-Move-the-43xx-firmware-into-lib-firmware.patch
-
-- Add
- CVE-2016-9800-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
- * Fix hcidump memory leak in pin_code_reply_dump().
- (bsc#1013721)(CVE-2016-9800)
- CVE-2016-9804-tool-hcidump-Fix-memory-leak-with-malformed-packet.patch
- * Fix hcidump buffer overflow in commands_dump().
- (bsc#1013877)(CVE-2016-9804)
+- add 0001-core-Fixes-order-InterfaceAdded.patch (boo#1076898)(boo#1101119)
+- fix python shebang rpmlint warning for bluez-test
calligra
+- Add the monthly poppler compatibility fixes. Replace
+ poppler-22.03.0.patch with:
+ * poppler-22.04_1.patch
+ * poppler-22.04_2.patch
+
+- Add poppler-22.03.0.patch to fix build with poppler-22.03.0
+
celt
-- Update to version 0.7.1
-- Patch celt-0.7.1-libceltsuffix.patch removes the suffix from
- libcelt to keep the build service happy.
- * improves the quality of the packet loss concealment (PLC),
- but does not change the rest of the codec. For this reason it
- is the first release not to break bit-stream compatibility with
- the previous release (0.7.0).
- The default name of the library was changed to libcelt0.so to
- make it easier to do the transition when the final 1.0 release
- comes out (with frozen bit-stream and API).
- * CELT 0.7.0 again improves the stereo quality, reduces artefacts
- at low bitrates (birdies and speech roughness) and fixes many
- bugs. In addition to the usual bitstream incompatibilities,
- the API has also changed in this release.
-
-- Updated to version 0.6.1:
- * Breaks bit-stream compatibility!
- * Improves the stereo quality, especially at lower bit-rates.
- * Many quality improvements, including better stereo coupling,
- better handling of transients, and better handling of highly
- tonal signals, packet loss robustness, larger dynamic range,
- suitable for encoding 24-bit audio, VBR implementation.
- * Pitch prediction improved and simplified.
- * New bit allocation algorithm.
- * VQ search has been improved, small CPU reduction.
- * Fixing some quality problems with low frequency tones.
- * Many bug fixes.
-
certmonger
+- Use "pkgconfig(systemd)" for the BR to allow hacksaw systemd-mini
+ package to satisfy dependencies in the openSUSE Build Service.
+
+- Add buildrequires on systemd which is required for correct installation
+ of the .service file.
+
+- Update to 0.79.13
+
chromium
+- Chromium 107.0.5304.87 (boo#1204819)
+ * CVE-2022-3723: Type Confusion in V8
+
+- Chromium 107.0.5304.68 (boo#1204732)
+ * CVE-2022-3652: Type Confusion in V8
+ * CVE-2022-3653: Heap buffer overflow in Vulkan
+ * CVE-2022-3654: Use after free in Layout
+ * CVE-2022-3655: Heap buffer overflow in Media Galleries
+ * CVE-2022-3656: Insufficient data validation in File System
+ * CVE-2022-3657: Use after free in Extensions
+ * CVE-2022-3658: Use after free in Feedback service on Chrome OS
+ * CVE-2022-3659: Use after free in Accessibility
+ * CVE-2022-3660: Inappropriate implementation in Full screen mode
+ * CVE-2022-3661: Insufficient data validation in Extensions
+- Added patches:
+ * chromium-107-compiler.patch
+ * chromium-107-system-zlib.patch
+- Removed patches:
+ * chromium-105-compiler.patch
+ * chromium-105-Bitmap-include.patch
+ * chromium-106-AutofillPopupControllerImpl-namespace.patch
+- Unbundle libyuv and libavif on TW
+- Prepare 15.5
+- Use qt on 15.4+ (15.3 too old)
+
+- Chromium 106.0.5249.119 (boo#1204223)
+ * CVE-2022-3445: Use after free in Skia
+ * CVE-2022-3446: Heap buffer overflow in WebSQL
+ * CVE-2022-3447: Inappropriate implementation in Custom Tabs
+ * CVE-2022-3448: Use after free in Permissions API
+ * CVE-2022-3449: Use after free in Safe Browsing
+ * CVE-2022-3450: Use after free in Peer Connection
+
+- Chromium 106.0.5249.103:
+ * fix possible cache manager deadlock
+ * Fix right-click menu appearing unexpectedly affecting screen
+ readers
+
cpupower
+- Update to latest turbostat version 2022.07.28
+ jsc#PED-394
+ Includes:
+ Add ADL-N platform to Turbostat
+ jsc#PED-393
+ Add RPL-P platform to Turbostat
+ jsc#PED-391
+- Explicitly add patch to support Raptorlake-S
+ jsc#PED-2065
+ A tools-power-turbostat-add-support-for-RPL-S.diff
+
curl
+- Security Fix: [bsc#1204383, CVE-2022-32221]
+ * POST following PUT confusion
+ * Add curl-CVE-2022-32221.patch
+- Security Fix: [bsc#1204386, CVE-2022-42916]
+ * HSTS bypass via IDN
+ * Add curl-CVE-2022-42916.patch
+
dbus-1
-- Remove pointless %%post scriptlet leveraging non-existent systemd env
- variables
- FIRST_ARG has been used in our systemd macros, but this has now been gone for
- years. Thus the true branch of the if has never been executed for years and is
- only causing warnings when installing dbus.
-
-- Add missing patch for CVE-2020-12049
- * fix-upstream-CVE-2020-12049_2.patch
-
-- Fix CVE-2020-12049 truncated messages lead to resource exhaustion
- (CVE-2020-12049, bsc#1172505)
- * fix-upstream-CVE-2020-12049.patch
-- Rebased fix-CVE-2019-12749.patch
-
-- Fix CVE-2020-35512 - shared UID's caused issues (CVE-2020-35512 bsc#1187105)
- * fix-upstream-userdb-constpointer.patch
- * fix-upstream-CVE-2020-35512.patch
-
-- Fix CVE-2019-12749 Authentication bypass (CVE-2019-12749 bsc#1137832)
- * added fix-CVE-2019-12749.patch
-
-- Make libdbus-1-3 own the %{_datadir}/dbus-1/system.d directory
-
-- Use %license instead of %doc [bsc#1082318]
-
-- Avoid bashisms in scriptlets.
-
-- Avoid ugly error message from %pre(install) script when installing
- for the first time.
-
-- Don't spit out a warning if /usr/bin/dbus-daemon does not exist
- when we run the pre-script.
-
-- Swap a missed libdir to libexecdir
-
-- Do not hide errors during useradd.
-
-- Fix dbus-daemon-launch-helper to use proper ref to libexecdir
-
-- use %{_libexecdir}/dbus-1 as libexecdir
-
-- Update to 1.12.2
- Deprecations:
- • Eavesdropping is officially deprecated in favour of BecomeMonitor.
- See the release notes for spec version 0.31 (in dbus 1.11.14).
- • [Unix] Flag files in /var/run/console/${username} are deprecated.
- See the release notes for 1.11.18.
- New APIs:
- • <allow> and <deny> rules in dbus-daemon configuration can now
- include send_broadcast="true", send_broadcast="false",
- max_unix_fds="N", min_unix_fds="N" (for some integer N).
- See the release notes for 1.11.18.
- • dbus_try_get_local_machine_id() is like
- dbus_get_local_machine_id(), but returns a DBusError.
- • New APIs around DBusMessageIter to simplify cleanup.
- See the release notes for 1.11.16.
- • The message bus daemon now implements the standard Introspectable,
- Peer and Properties interfaces. See the release notes for
- dbus 1.11.14 and spec version 0.31.
- • DTDs for introspection XML and bus configuration are installed.
- • [Unix] A new unix:dir=… address family resembles unix:tmpdir=… but
- never uses Linux abstract sockets, which is advantageous for
- containers. On non-Linux it is equivalent to unix:tmpdir=….
- See the release notes for dbus 1.11.14 and spec version 0.31.
- • [Unix] New option "dbus-launch --exit-with-x11".
- • [Unix] Session managers can create transient .service files in
- $XDG_RUNTIME_DIR/dbus-1/services. See the release notes for 1.11.12.
- • [Unix] A sysusers.d snippet can create the messagebus user on-demand.
- Miscellaneous behaviour changes:
- • [Unix] The session bus now logs to syslog if it was started by
- dbus-launch.
- • [Unix] Internal warnings are logged to syslog if configured.
- • [Unix] Exceeding an anti-DoS limit is logged to syslog if configured,
- or to stderr.
-- Enabled "make check test suite"
-- Patches removed, fixed upstream
- * fix-upstream-drop-install-sections-from-user-services.patch
- * fix-upstream-increase-backlog.patch
- * fix-upstream-timeout-reset-1.patch
- * fix-upstream-timeout-reset-2.patch
-
-- boo#1027201 dbus-daemon not found
-- boo#978477 systemd reseting under heavy load
- * fix-upstream-timeout-reset-1.patch
- * fix-upstream-timeout-reset-2.patch
-
-- boo#1027200 don't generate machine-id in %post systemd will do it
- on first boot.
-- swap usage of /bin/false to /usr/bin/false
-- Use libexecdir=%{_libdir}/dbus-1 rather then /lib/dbus-1
-
-- No need to set --libdir anymore now that prefix is /usr/bin,
- * fixes boo#1047532
-- No need to set --bindir, bindir in dbus-1-x11 was incorrect
-- Other fixes required to properly change prefix
-- Don't pass --with-initscripts we don't use them anymore.
-
-- Update to 1.10.20
- * Fixes:
- + Fix a reference leak when blocking on a pending call on a
- connection that has been disconnected (fdo#101481, Shin-ichi
- MORITA)
- + Don't put timestamps in the Doxygen-generated documentation,
- for closer-to-reproducible builds (fdo#100692, Simon
- McVittie)
- + Avoid an assertion failure when connecting to a
- semicolon-separated series of addresses, one of which fails
- (fdo#101257, Simon McVittie)
- * Documentation:
- + Update git URIs in HACKING document to sync up with
- cgit.freedesktop.org (fdo#100715, Simon McVittie)
-
-- swap to /usr/bin bsc#1029968
-- Add the following fixes from SLE12
- * bsc#980928 increase listen() backlog of AF_UNIX sockets to
- SOMAXCONN fix-upstream-increase-backlog.patch
-- The following bugs were already fixed but are missing changelog
- entries
- * bsc#867256 (No longer applicable)
- * bsc#916785 (No longer applicable)
- * bsc#1012564 (Not applicable)
- * fdo#90004 (Fixed Upstream)
-- Rename the following patches as a tidy up
- * dbus-log-deny.patch to feature-suse-log-deny.patch
- * dbus-do-autolaunch.patch feature-suse-do-autolaunch.patch
- * 0001-Add-RefuseManualStartStop.patch to
- feature-suse-refuse-manual-start-stop.patch
- * 0001-Drop-Install-sections-from-user-services.patch to
- fix-upstream-drop-install-sections-from-user-services.patch
-
-- Update to 1.10.18
- * Fixes
- + Re-order dbus-daemon startup so that on SELinux systems, the
- thread that reads AVC notifications retains the ability to
- write to the audit log (fdo#92832, Debian #857660; Laurent
- Bigonville)
- + Fix a harmless read overflow and some memory leaks in a unit
- test (fdo#100568, Philip Withnall)
-
-- Update to 1.10.16
- Fixes:
- * Prevent symlink attacks in the nonce-tcp transport on Unix that could
- allow an attacker to overwrite a file named "nonce", in a directory
- that the user running dbus-daemon can write, with a random value
- known only to the user running dbus-daemon. This is unlikely to be
- exploitable in practice, particularly since the nonce-tcp transport
- is really only useful on Windows.
- (fd.o #99828, Simon McVittie) (bsc#1025950)
- * Avoid symlink attacks in the "embedded tests", which are not enabled
- by default and should never be enabled in production builds of dbus.
- (fd.o #99828, Simon McVittie) (bsc#1025951)
- * Work around an undesired effect of the fix for CVE-2014-3637
- (fd.o #80559), in which processes that frequently send fds, such as
- logind during a flood of new PAM sessions, can get disconnected for
- continuously having at least one fd "in flight" for too long;
- dbus-daemon interprets that as a potential denial of service attack.
- The workaround is to disable that check for uid 0 process such as
- logind, with a message in the system log. The bug remains open while
- we look for a more general solution.
- (fd.o #95263, LP#1591411; Simon McVittie)
- * Don't run the test test-dbus-launch-x11.sh if X11 autolaunching
- was disabled at compile time. That test is not expected to work
- in that configuration. (fd.o #98665, Simon McVittie)
- Enhancements:
- * Do the Travis-CI build in Docker containers for Ubuntu LTS, Debian
- stable and Debian testing in addition to the older Ubuntu that is
- the default (fd.o #98889, Simon McVittie)
-
-- A note for scripts bsc#974092 (remove sysvinit script) is already
- fixed here.
-
-- Don't restart dbus on upgrade - Includes temporary work around
- for last version boo#1020301
-- Add 0001-Add-RefuseManualStartStop.patch don't allow users to Manually
- start or stop dbus.
-
-- Add systemd unit files to start session bus via systemd
-- Added patch:
- * 0001-Drop-Install-sections-from-user-services.patch
- + remove install section from socket unit because it does not
- need to be enabled explicitly (see fdo#92402)
-
-- Requires systemd >= 209 and drop the compatibility pkg-config
- names that don't exist in newer systemd
-
-- Drop useless --with-pic which is only for static libs
-- Abort installation when user/group creation fails
-- Avoid calling %service_* more than once
-
-- Build the dbus-1 package without X in the dbus-1.spec
-- Move the dbus-launch.nox11 to the dbus-1 package and install
- it by default
-- Build devel-doc package in dbus-1.spec and don't build any
- documentation in dbus-1-x11
-- Make dbus-1-x11 package contains only the X11-enabled dbus-launch
-- Fix some rpmlint warnings
-- Delete the dbus-1-x11.spec.in file, since maintaining it is
- more complicated then keeping in sync a dbus-1-x11.spec file of
- less then 120 lines
-
-- Create new subpackage: dbus-1-nox11
- - contains dbus-launch without x11 support
-- Rename dbus-launch to dbus-launch.x11
-- use update-alternatives to switch between dbus-launch with and
- without X11
-- Solves [bnc#934214]
-
-- Update to 1.10.12
- * Security fixes:
- + Do not treat ActivationFailure message received from
- root-owned systemd name as a format string. In principle this
- is a security vulnerability, but we do not believe it is
- exploitable in practice, because only privileged processes can
- own the org.freedesktop.systemd1 bus name, and systemd does
- not appear to send activation failures that contain "%".
- Please note that this probably *was* exploitable in dbus
- versions older than 1.6.30, 1.8.16 and 1.9.10 due to a missing
- check which at the time was only thought to be a denial of
- service vulnerability (CVE-2015-0245). If you are still
- running one of those versions, patch or upgrade immediately.
- (fdo#98157, bsc#1003898, Simon McVittie)
- * Other fixes:
- + Harden dbus-daemon against malicious or incorrect
- ActivationFailure messages by rejecting them if they do not
- come from a privileged process, or if systemd activation is
- not enabled (fdo#98157, Simon McVittie)
- + Avoid undefined behaviour when setting reply serial number
- without going via union DBusBasicValue (fdo#98035, Marc Mutz)
- + autogen.sh: fail cleanly if autoconf fails (Simon McVittie)
-
-- Moved dbus-run-session from dbus-1-x11 to dbus-1 (bdo#836296)
-
-- Update to 1.10.10
- * Fixes:
- + On Linux, when dbus-daemon is run with reduced susceptibility
- to the OOM killer (typically via systemd), do not let child
- processes inherit that setting (fdo#32851;
- Kimmo Hämäläinen, WaLyong Cho)
- + Output valid shell syntax in ~/.dbus/session-bus/ if the bus
- address contains a semicolon (fdo#94746, Thiago Macieira)
- + Fix memory leaks and thread safety in subprocess starting on
- Windows (fdo#95191, Ralf Habacker)
- + Do not require systemd to have a service file if using it for
- activation (fdo#93194; Simon McVittie; backport from 1.11.0)
- + Stop test-dbus-daemon incorrectly failing on platforms that
- cannot discover the process ID of clients (fdo#96653,
- РуÑлан Ижбулатов)
- + In tests that exercise correct handling of crashing D-Bus
- services, suppress Windows crash handler (fdo#95155;
- Yiyang Fei, Ralf Habacker)
- + Explicitly check for stdint.h (Ioan-Adrian Ratiu)
- + update-activation-environment: produce better diagnostics on
- error (fdo#96653, Simon McVittie)
- + Don't fail the build with an unused const variable warning
- under gcc 6 (fdo#97282; Thomas Zimmermann, Simon McVittie)
- + Merge dbus-1.10-ci branch, containing backports from 1.11.0
- in build/test code to support continuous integration
- (fdo#93194, Simon McVittie)
- - Avoid -Wunused-label when compiling with libselinux but no
- libaudit
- - In development builds, allow OOM tests to be disabled as
- documented
- - Accept and ignore the --tap argument in all "embedded
- tests", and run all automated tests with that argument for
- better diagnostics
- - Fix the systemd activation test under CMake by installing
- the required files
- - In Automake, fix shell syntax for installcheck-local with
- no DESTDIR
- - In Automake, don't try to run manual tests in installcheck
- - In CMake, don't run manual-tcp test as an automated test
- - Add travis-ci.org build machinery
-
-- Update to 1.10.8
- * Fixes:
- + Enable "large file support" on systems where it exists:
- dbus-daemon is not expected to open large files, but it might
- need to stat files that happen to have large inode numbers
- (fdo#93545, Hongxu Jia)
- + Eliminate padding inside DBusMessageIter on 64-bit platforms,
- which might result in a pedantic C compiler not copying the
- entire contents of a DBusMessageIter; statically assert that
- this is not an ABI change in practice (fdo#94136, Simon
- McVittie)
- + Document dbus-test-tool echo --sleep-ms=N instead of
- incorrect --sleep=N (fdo#94244, Dmitri Iouchtchenko)
- + Correctly report test failures in C tests from run-test.sh
- (fdo#93379; amit tewari, Simon McVittie)
- + When tests are enabled, run all the marshal-validate tests,
- not just the even-numbered ones (fdo#93908, Nick Lewycky)
- + Correct the expected error from one marshal-validate test,
- which was previously not run due to the above bug(fdo#93908,
- Simon McVittie)
-
-- Update to 1.10.6
- * Fixes:
- - On Unix when running tests as root, don't assert that root
- and the dbus-daemon user can still call
- UpdateActivationEnvironment; assert that those privileged
- users can call BecomeMonitor instead (fdo#93036, Simon
- McVittie)
- - On Windows, fix a memory leak in the autolaunch transport
- (fdo#92899, Simon McVittie)
- - On Windows Autotools builds, don't run tests that rely on
- dbus-run-session and other Unix-specifics (fdo#92899, Simon
- McVittie)
-
-- Update to 1.10.4
- * Changes between 1.10.2 and 1.10.4
- - Enhancements:
- + GetConnectionCredentials, GetConnectionUnixUser and
- GetConnectionUnixProcessID with argument
- "org.freedesktop.DBus" will now return details of the
- dbus-daemon itself. This is required to be able to call
- SetEnvironment on systemd. (fdo#92857, Jan Alexander
- Steffens)
- - Fixes:
- + Make UpdateActivationEnvironment always fail with
- AccessDenied on the system bus. Previously, it was
- possible to configure it so root could call it, but the
- environment variables were not actually used, because the
- launch helper would discard them. (fdo#92857, Jan Alexander
- Steffens)
- + On Unix with --systemd-activation on a user bus, make
- UpdateActivationEnvironment pass on its arguments to
- systemd's SetEnvironment method, solving inconsistency
- between the environments used for traditional activation
- and systemd user-service activation. (fdo#92857, Jan
- Alexander Steffens)
- + On Windows, don't crash if <syslog/> or --syslog is used
- (fdo#92538, Ralf Habacker)
- + On Windows, fix a memory leak when setting a DBusError from
- a Windows error (fdo#92721, Ralf Habacker)
- + On Windows, don't go into infinite recursion if we abort the
- process with backtraces enabled (fdo#92721, Ralf Habacker)
- + Fix various failing tests, variously on Windows and
- cross-platform:
- . don't test system.conf features (users, groups) that only
- make sense on the system bus, which is not supported on
- Windows
- . don't call _dbus_warn() when we skip a test, since it is
- fatal
- . fix computation of expected <standard_session_servicedirs/>
- . when running TAP tests, translate newlines to Unix format,
- fixing cross-compiled tests under Wine on Linux
- . don't stress-test refcounting under Wine, where it's
- really slow
- . stop assuming that a message looped-back to the test will
- be received immediately
- . skip some system bus tests on Windows since they make no
- sense there (fdo#92538, fdo#92721; Ralf Habacker, Simon
- McVittie)
- * Changes between 1.10.0 and 1.10.2
- - Fixes:
- + Correct error handling for activation: if there are multiple
- attempts to activate the same service and it fails
- immediately, the first attempt would get the correct reply,
- but the rest would time out. We now send the same error
- reply to each attempt. (fdo#92200, Simon McVittie)
- + If BecomeMonitor is called with a syntactically invalid
- match rule, don't crash with an assertion failure, fixing a
- regression in 1.9.10. This was not exploitable as a denial
- of service, because the check for a privileged user is done
- first. (fdo#92298, Simon McVittie)
- + On Linux with --enable-user-session, add the bus address to
- the environment of systemd services for better backwards
- compatibility (fdo#92612, Jan Alexander Steffens)
- + On Windows, fix the logic for replacing the installation
- prefix in service files' Exec lines (fdo#83539; Milan Crha,
- Simon McVittie)
- + On Windows, if installed in the conventional layout with
- ${prefix}/etc and ${prefix}/share, use relative paths
- between bus configuration files to allow the tree to be
- relocated (fdo#92028, Simon McVittie)
- + Make more of the regression tests pass in Windows builds
- (fdo#92538, Simon McVittie)
- * Summary of major changes since 1.8.0:
- - The basic setup for the well-known system and session buses is
- now done in read-only files in ${datadir} (normally /usr/share).
- - AppArmor integration has been merged, with features similar to
- the pre-existing SELinux integration. It is mostly compatible
- with the patches previously shipped by Ubuntu, with one
- significant change: Ubuntu's GetConnectionAppArmorSecurityContext
- method has been superseded by GetConnectionCredentials and was
- not included.
- - The --enable-user-session configure option can be enabled
- by OS integrators intending to use systemd to provide a
- session bus per user (in effect, treating all concurrent
- graphical and non-graphical login sessions as one large session).
- - The new listenable address mode "unix:runtime=yes" listens on
- $XDG_RUNTIME_DIR/bus, the same AF_UNIX socket used by the
- systemd user session. libdbus and "dbus-launch --autolaunch"
- will connect to this address by default. GLib >= 2.45.3 and
- sd-bus >= 209 have a matching default.
- - All executables are now dynamically linked to libdbus-1.
- Previously, some executables, most notably dbus-daemon, were
- statically linked to a specially-compiled variant of libdbus.
- This results in various private functions in the _dbus
- namespace being exposed by the shared library. These are not
- API, and must not be used outside the dbus source tree.
- - On platforms with ELF symbol versioning, all public symbols
- are versioned LIBDBUS_1_3.
- * New bus APIs:
- - org.freedesktop.DBus.GetConnectionCredentials returns
- LinuxSecurityLabel where supported
- - org.freedesktop.DBus.Monitoring interface (privileged)
- . BecomeMonitor method supersedes match rules with eavesdrop=true,
- which are now deprecated
- - org.freedesktop.DBus.Stats interface (semi-privileged)
- . now enabled by default
- . new GetAllMatchRules method
- - org.freedesktop.DBus.Verbose interface (not normally compiled)
- . toggles the effect of DBUS_VERBOSE
- * New executables:
- - dbus-test-tool
- - dbus-update-activation-environment
- * New optional dependencies:
- - The systemd: pseudo-transport requires libsystemd or libsd-daemon
- - Complete documentation requires Ducktype and yelp-tools
- - Full test coverage requires GLib 2.36 and PyGI
- - AppArmor integration requires libapparmor and optionally libaudit
- * Dependencies removed:
- - dbus-glib
-
-- Update to 1.8.20:
- * Fixes:
- - Fix a memory leak when GetConnectionCredentials() succeeds
- (fdo#91008, Jacek Bukarewicz)
- - Ensure that dbus-monitor does not reply to messages intended
- for others (fdo#90952, Simon McVittie)
-
-- Account for openSUSE:Leap in the conditional for chosing right
- local state directories (boo#941352)
-
-- Move common-begin sections around to make pre_checkin work again
-- Unconditionally build with systemd features, there are no cycles
- now, systemd no longer buildrequires dbus-1-devel
-
-- Update to 1.8.18:
- * Security hardening:
- - On Unix platforms, change the default configuration for the
- session bus to only allow EXTERNAL authentication (secure
- kernel-mediated credentials-passing), as was already done for
- the system bus.
- This avoids falling back to DBUS_COOKIE_SHA1, which relies on
- strongly unpredictable pseudo-random numbers; under certain
- circumstances (/dev/urandom unreadable or malloc() returns
- NULL), dbus could fall back to using rand(), which does not
- have the desired unpredictability. The fallback to rand() has
- not been changed in this stable-branch since the necessary
- code changes for correct error-handling are rather intrusive.
- If you are using D-Bus over the (unencrypted!) tcp: or
- nonce-tcp: transport, in conjunction with DBUS_COOKIE_SHA1
- and a shared home directory using NFS or similar, you will
- need to reconfigure the session bus to accept DBUS_COOKIE_SHA1
- by commenting out the <auth> element. This configuration is
- not recommended. (bsc#931066, fdo#90414, Simon McVittie)
- * Other fixes:
- - Add locking to DBusCounter's reference count and notify
- function (fdo#89297, Adrian Szyndela)
- - Ensure that DBusTransport's reference count is protected by
- the corresponding DBusConnection's lock (fdo#90312,
- Adrian Szyndela)
- - On Windows, listen on the same port for IPv4 and IPv6
- (previously broken by an endianness mistake), and fix a
- failure to bind TCP sockets on approximately 1 attempt in 256
- (fdo#87999, Ralf Habacker)
- - Correctly release DBusServer mutex before early-return if we
- run out of memory while copying authentication mechanisms
- (fdo#90021, Ralf Habacker)
- - Correctly initialize all fields of DBusTypeReader (fdo#90021,
- Ralf Habacker, Simon McVittie)
- - Fix some missing \n in verbose (debug log) messages
- (fdo#90021, Ralf Habacker)
- - Clean up some memory leaks in test code (fdo#90021,
- Ralf Habacker)
-
-- Sync changes from SLE12 conditionalized for suse_version <= 1315
-
-- Update to 1.8.16:
- * Security fixes:
- - Do not allow non-uid-0 processes to send forged
- ActivationFailure messages. On Linux systems with systemd
- activation, this would allow a local denial of service:
- unprivileged processes could flood the bus with these forged
- messages, winning the race with the actual service activation
- and causing an error reply to be sent back when service
- auto-activation was requested. This does not prevent the real
- service from being started, so it only works while the real
- service is not running. (CVE-2015-0245, fdo#88811, bnc#916343;
- Simon McVittie)
- * Other fixes:
- - fix a Windows build failure (fdo#88009, Ralf Habacker)
- - on Windows, allow up to 8K connections to the dbus-daemon
- instead of the previous 64, completing a previous fix which
- only worked under Autotools (fdo#71297, Ralf Habacker)
-
-- Update to 1.8.14
- * Security hardening:
- - Do not allow calls to UpdateActivationEnvironment from uids
- other than the uid of the dbus-daemon. If a system service
- installs unsafe security policy rules that allow arbitrary
- method calls (such as CVE-2014-8148) then this prevents
- memory consumption and possible privilege escalation via
- UpdateActivationEnvironment.
- We believe that in practice, privilege escalation here is
- avoided by dbus-daemon-launch-helper sanitizing its
- environment; but it seems better to be safe.
- - Do not allow calls to UpdateActivationEnvironment or the
- Stats interface on object paths other than
- /org/freedesktop/DBus. Some system services install unsafe
- security policy rules that allow arbitrary method calls to
- any destination, method and interface with a specified object
- path; while less bad than allowing arbitrary method calls,
- these security policies are still harmful, since dbus-daemon
- normally offers the same API on all object paths and other
- system services might behave similarly.
- * Other fixes:
- - Add missing initialization so GetExtendedTcpTable doesn't
- crash on Windows Vista SP0 (fdo#77008, Ilya A. Tkachenko)
-
-- Update to 1.8.12:
- * Fixes:
- - Partially revert the CVE-2014-3639 patch by increasing the
- default authentication timeout on the system bus from 5
- seconds back to 30 seconds, since this has been reported to
- cause boot regressions for some users, mostly with parallel
- boot (systemd) on slower hardware.
- On fast systems where local users are considered particularly
- hostile, administrators can return to the 5 second timeout
- (or any other value in milliseconds) by saving this as
- /etc/dbus-1/system-local.conf:
- <busconfig>
- <limit name="auth_timeout">5000</limit>
- </busconfig>
- (fdo#86431, Simon McVittie)
- - Add a message in syslog/the Journal when the auth_timeout is
- exceeded (fdo#86431, Simon McVittie)
- - Send back an AccessDenied error if the addressed recipient is
- not allowed to receive a message (and in builds with
- assertions enabled, don't assert under the same conditions).
- (fdo#86194, Jacek Bukarewicz)
-
-- Update to 1.8.10:
- * Security fixes:
- - Increase dbus-daemon's RLIMIT_NOFILE rlimit to 65536
- so that CVE-2014-3636 part A cannot exhaust the system bus'
- file descriptors, completing the incomplete fix in 1.8.8.
- (CVE-2014-7824, fdo#85105; Simon McVittie, Alban Crequy)
-
dbus-1-x11
+- Fix a potential crash that could be triggered by an invalid signature.
+ (CVE-2022-42010, bsc#1204111)
+ * fix-upstream-CVE-2022-42010.patch
+- Fix an out of bounds read caused by a fixed length array (CVE-2022-42011,
+ bsc#1204112)
+ * fix-upstream-CVE-2022-42011.patch
+- A message in non-native endianness with out-of-band Unix file descriptors
+ would cause a use-after-free and possible memory corruption CVE-2022-42012,
+ bsc#1204113)
+ * fix-upstream-CVE-2022-42012.patch
+- Disable asserts (bsc#1087072)
+- Refreshed patches
+ * fix-upstream-CVE-2020-35512.patch
+
digikam
+- Update to 7.8.0
+ * https://www.digikam.org/news/2022-09-03-7.8.0_release_announcement/
+- New features (from NEWS):
+ * General : HIF files recognized as HEIF images.
+ * IconView: Add support of GrayScale and 16 bits PSD images.
+ * General : Libraw updated to 2022-07-14 snapshot.
+ Camera format support:
+ Phase One/Leaf IIQ-S v2 support
+ Canon CR3 filmrolls/RawBurst
+ Canon CRM (movie) files
+ iled bit-packed (and 16-bit unpacked) DNGs
+ (non-standard) Deflate-compressed integer
+ DNG files are allowed
+ Camera support:
+ Canon EOS R3, R7 and R10
+ Fujifilm X-H2S, X-T30 II
+ OM System OM-1
+ Leica M11
+ Sony A7-IV (ILCE-7M4)
+ DJI Mavic 3
+ Nikon Z9: standard compression formats only
+ * Plugins : GMicQt tool updated to last version 3.1.
+- 49 bugs fixed
+- Add libheif build dependency to enable the HEIF decoder
+- Use macro for soversion
+- Remove no longer needed conflict with libdigikamcore7
+- Remove explicitly versioned libopencv_dnn dependency, should no
+ longer be needed with opencv's new soversion rules
+- Explicitly enable kfilemetadata and akonadi-contact support, they
+ are disabled by default now
+
+- Updated 0001-Revert-Exiv2-is-now-released-with-exported-targets-u.patch
+
+- Update to 7.7.0
+ * https://www.digikam.org/news/2022-06-26-7.7.0_release_announcement/
+- New features (from NEWS):
+ * Remove internal libheif and libde265 from core in favor to
+ system libraries.
+ * Update internal Libraw snashot to 2022-06-17 with Olympus OM-1
+ support.
+- 81 bugs fixed
+- Removed now included Fix-build-with-akonadi-contacts-22.04.patch
+
+- Resolve rpmlint error "libdigikamcore7.x86_64: E: shlib-policy-name-error
+ SONAME: libdigikamcore.so.7.6.0, expected package suffix: 7_6_0"
+- Move documentation out of libdigikamcore7.
+
+- Add Fix-build-with-akonadi-contacts-22.04.patch to fix build with
+ the latest Akonadi versions
+
+- Update to 7.6.0
+ * https://www.digikam.org/news/2022-03-05-7.6.0_release_announcement/
+- New features (from NEWS):
+ General: Use Qt5.15 LTS patches collection git repository from KDE
+ to build AppImage Linux bundle (snapshot 2022-01-23).
+ General: All bundles use last KF5 framework 5.90.
+ General: All bundles generate a manifest text file listing git
+ revisions of all upstream libraries used by application.
+ General: AppImage Linux bundle now support ICU to perform search
+ with UTF-8 characters in all text fields.
+ General: Update internal Libraw to snapshot 2022-02-10.
+ General: New FlowView generic plugin for digiKam and Showfoto
+ (https://github.com/cathaysia/digikamflowplugin).
+- 847 bugs fixed
+
dracut
+- Update to version 055+suse.325.g6780025c:
+ * fix(network-manager): always install the library plugins directory (bsc#1202014)
+ * feat(dracut-init.sh): add inst_libdir_dir() helper (bsc#1202014)
+ A series of fixes for NVMeoF boot (bsc#1203368):
+ * fix(man): dracut.cmdline.7: clarify "rd.nvmf.discover=fc,auto"
+ * fix(network): avoid double brackets around IPv6 address
+ * feat(nvmf): set rd.neednet=1 if tcp records encountered
+ * fix(man): dracut.cmdline(7): correct syntax for rd.nonvmf
+ * fix(network): don't use same ifname multiple times
+ * fix(nvmf): run cmdline hook before parse-ip-opts.sh
+ * fix(nvmf): avoid calling "exit" in a cmdline hook
+ * fix(nvmf): make sure "rd.nvmf.discover=fc,auto" takes precedence
+ * fix(nvmf): don't use "finished" queue for autoconnect
+ * fix(nvmf): don't create did-setup file
+ * fix(nvmf): no need to load the nvme module
+ * fix(nvmf): don't try to validate network connections in cmdline hook
+ * fix(nvmf): nvme list-subsys prints the address using commas as separator
+ * fix(nvmf): deprecate old nvmf cmdline options
+ * fix(nvmf): set executable bit on nvmf-autoconnect.sh
+
+- Update to version 055+suse.306.g5b4feffc:
+ * fix(network-legacy): misleading duplicate address detection using wicked (bsc#1201235)
+ * fix(dmsquash-live): correct regression introduced with shellcheck changes (bsc#1203894)
+
exiv2
+- add CVE-2021-37621.patch (CVE-2021-37621, bsc#1189333)
+- add CVE-2021-32617.patch (CVE-2021-32617, bsc#1186192)
+- add CVE-2020-19716.patch (CVE-2020-19716, bsc#1188645)
+- add CVE-2019-14368.patch (CVE-2019-14368, bsc#1143278)
+- add CVE-2019-20421.patch (CVE-2019-20421, bsc#1161901)
+
+- add CVE-2018-10772.patch (CVE-2018-10772, bsc#1092096)
+- add CVE-2018-18915.patch (CVE-2018-18915, bsc#1114690)
+- add CVE-2021-37620.patch (CVE-2021-37620, bsc#1189332)
+- add CVE-2021-29470.patch (CVE-2021-29470, bsc#1185447)
+
+- add CVE-2018-5772.patch (CVE-2018-5772, bsc#1076579)
+- add CVE-2018-8976.patch (CVE-2018-8976, bsc#1086810)
+- add CVE-2018-8977.patch (CVE-2018-8977, bsc#1086798)
+- add CVE-2020-18898.patch (CVE-2020-18898, bsc#1189780)
+- add CVE-2021-31291.patch (CVE-2021-29457 and CVE-2021-31291, bsc#1185002 and bsc#1188733)
+- add CVE-2021-31292.patch (CVE-2021-31292, bsc#1188756)
+- add CVE-2021-37618.patch (CVE-2021-37618, bsc#1189330)
+- add CVE-2021-37619.patch (CVE-2021-37619, bsc#1189331)
+- add CVE-2020-18899.patch (CVE-2020-18899, bsc#1189636)
+
+ * Includes fix for CVE-2019-14982 (bsc#1146294)
ffmpegthumbnailer
+- Add patches from upstream git to remove references to deprecated
+ functions in ffmpeg4 and fix building against ffmpeg5:
+ * 372cd422e57a9a3531eb9a30559d665caecff1ba.patch
+ * efb5b618f1c1471c1a7900aed3a59d851ea9a210.patch
+
-- build against ffmpeg new API.
-
freecell-solver
+- Add missing runtime requirements
+
+- skip python dependencies as they're only for the testsuite
+
frei0r-plugins
+- Use opencv 4 for building frei0r-plugins when possible.
+ opencv 3 doesn't support FFmpeg 5.
+
gnome-sudoku
+- Update to version 43.0:
+ + Updated application screenshot.
+ + Updated translations.
+- Add desktop-file-utils BuildRequires: New dependency.
+- Following the above new BuildRequires, add optional
+ appstream-glib BuildRequires and a check section and
+ verify desktop file and metadata during build.
+- Stop packaging help files as documentation.
+- Replace gcc-c++ with generic c++_compiler and c_compiler
+ BuildRequires.
+- Drop gobject-introspection BuildRequires: Package does not do
+ introspection any more.
+
+- Update to version 43.beta:
+ + Warnings now flag when solution to puzzle is violated.
+ + Updated translations.
+
+- Update to version 43.alpha:
+ + Add setting to initialize earmarks.
+ + Fix redundant undo stack entries for earmarks.
+
gnutls
+- FIPS: Set error state when jent init failed in FIPS mode [bsc#1202146]
+ * Add patch gnutls-FIPS-Set-error-state-when-jent-init-failed.patch
+
+- FIPS: Make XTS key check failure not fatal [bsc#1203779]
+ * Add gnutls-Make-XTS-key-check-failure-not-fatal.patch
+
+- FIPS: Zeroize the calculated hmac and new_hmac in the
+ check_binary_integrity() function. [bsc#1191021]
+ * Add gnutls-FIPS-Zeroize-check_binary_integrity.patch
+
+- FIPS: Additional modifications to the SLI. [bsc#1190698]
+ * Mark CMAC and GMAC and non-approved in gnutls_pbkfd2().
+ * Mark HMAC keylength less than 112 bits as non-approved in
+ gnutls_pbkfd2().
+ * Adapt the pbkdf2 selftest and the regression tests accordingly.
+ * Add gnutls-FIPS-SLI-pbkdf2-verify-keylengths-only-SHA.patch
+
+- FIPS: Port GnuTLS to use jitterentropy [bsc#1202146, jsc#SLE-24941]
+ * Add new dependency on jitterentropy
+ * Add gnutls-FIPS-jitterentropy.patch
+
+- Security fix: [bsc#1202020, CVE-2022-2509]
+ * Fixed double free during verification of pkcs7 signatures
+ * Add gnutls-CVE-2022-2509.patch
+
+- FIPS:
+ * Modify gnutls-FIPS-force-self-test.patch [bsc#1198979]
+ - gnutls_fips140_run_self_tests now properly releases fips_context
+
+- FIPS:
+ * Add gnutls_ECDSA_signing.patch [bsc#1190698]
+ - Check minimum keylength for symmetric key generation
+ - Only allows ECDSA signature with valid set of hashes
+ (SHA2 and SHA3)
+ * Add gnutls-FIPS-force-self-test.patch [bsc#1198979]
+ - Provides interface for running library self tests on-demand
+ - Upstream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1598
+
+- FIPS: Make sure zeroization is performed in all API functions
+ * Add gnutls-zeroization-API-functions.patch [bsc#1191021]
+ * Upsream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1573
+
+- FIPS: Add missing requirements for the SLI [bsc#1190698]
+ * Remove 3DES from FIPS approved algorithms:
+ - gnutls-Remove-3DES-from-FIPS-approved-algos.patch
+ - Upstream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1570
+ * DRBG service (gnutls_rnd) should be considered approved:
+ - gnutls-Add-missing-FIPS-service-indicator-transitions.patch
+ - gnutls-Add-missing-FIPS-service-indicator-transitions-tests.patch
+ - gnutls-pkcs12-tighten-algorithm-checks-under-FIPS.patch
+ - Upstream: https://gitlab.com/gnutls/gnutls/-/merge_requests/1569
+
+- FIPS: Mark AES-GCM as approved in the TLS context [bsc#1194907]
+ * Add gnutls-FIPS-Mark-HKDF-and-AES-GCM-as-approved-when-used-in-TLS.patch
+ * Upstream issue: https://gitlab.com/gnutls/gnutls/issues/1311
+
+- FIPS: Additional PBKDF2 requirements for KAT [bsc#1184669]
+ * The IG 10.3.A and SP800-132 require some minimum parameters for
+ the salt length, password length and iteration count. These
+ parameters should be also used in the KAT.
+ * Add gnutls-FIPS-PBKDF2-KAT-requirements.patch
+ * Upstream: https://gitlab.com/gnutls/gnutls/merge_requests/1561
+- Enable to run the regression tests also in FIPS mode.
+
+- Update to 3.7.3: [bsc#1190698, bsc#1190796]
+ * libgnutls: The allowlisting configuration mode has been added
+ to the system-wide settings. In this mode, all the algorithms
+ are initially marked as insecure or disabled, while the
+ applications can re-enable them either through the [overrides]
+ section of the configuration file or the new API (#1172).
+ * The build infrastructure no longer depends on GNU AutoGen for
+ generating command-line option handling, template file parsing
+ in certtool, and documentation generation (#773, #774). This
+ change also removes run-time or bundled dependency on the
+ libopts library, and requires Python 3.6 or later to regenerate
+ the distribution tarball. Note that this brings in known backward
+ incompatibility in command-line tools, such as long options are
+ now case sensitive, while previously they were treated in a case
+ insensitive manner: for example --RSA is no longer a valid option
+ of certtool. The existing scripts using GnuTLS tools may need
+ adjustment for this change.
+ * libgnutls: The tpm2-tss-engine compatible private blobs can be loaded
+ and used as a gnutls_privkey_t (#594). The code was originally written
+ for the OpenConnect VPN project by David Woodhouse. To generate such
+ blobs, use the tpm2tss-genkey tool from tpm2-tss-engine:
+ https://github.com/tpm2-software/tpm2-tss-engine/#rsa-operations
+ or the tpm2_encodeobject tool from unreleased tpm2-tools.
+ * libgnutls: The library now transparently enables Linux KTLS (kernel
+ TLS) when the feature is compiled in with --enable-ktls configuration
+ option (#1113). If the KTLS initialization fails it automatically falls
+ back to the user space implementation.
+ * certtool: The certtool command can now read the Certificate Transparency
+ (RFC 6962) SCT extension (#232). New API functions are also provided to
+ access and manipulate the extension values.
+ * certtool: The certtool command can now generate, manipulate, and evaluate
+ x25519 and x448 public keys, private keys, and certificates.
+ * libgnutls: Disabling a hashing algorithm through "insecure-hash"
+ configuration directive now also disables TLS ciphersuites that use it
+ as a PRF algorithm.
+ * libgnutls: PKCS#12 files are now created with modern algorithms by default
+ (!1499). Previously certtool used PKCS12-3DES-SHA1 for key derivation and
+ HMAC-SHA1 as an integity measure in PKCS#12. Now it uses AES-128-CBC with
+ PBKDF2 and SHA-256 for both key derivation and MAC algorithms, and the
+ default PBKDF2 iteration count has been increased to 600000.
+ * libgnutls: PKCS#12 keys derived using GOST algorithm now uses
+ HMAC_GOSTR3411_2012_512 instead of HMAC_GOSTR3411_2012_256 for integrity,
+ to conform with the latest TC-26 requirements (#1225).
+ * libgnutls: The library now provides a means to report the status
+ of approved cryptographic operations (!1465). To adhere to the
+ FIPS140-3 IG 2.4.C., this complements the existing mechanism to
+ prohibit the use of unapproved algorithms by making the library
+ unusable state.
+ * gnutls-cli: The gnutls-cli command now provides a --list-config
+ option to print the library configuration (!1508).
+ * libgnutls: Fixed possible race condition in
+ gnutls_x509_trust_list_verify_crt2 when a single trust list object
+ is shared among multiple threads (#1277). [GNUTLS-SA-2022-01-17,
+ CVSS: low]
+ * API and ABI modifications:
+ GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH: new flag in
+ gnutls_privkey_flags_t
+ GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH: new flag in
+ gnutls_certificate_verify_flags
+ gnutls_ecc_curve_set_enabled: Added.
+ gnutls_sign_set_secure: Added.
+ gnutls_sign_set_secure_for_certs: Added.
+ gnutls_digest_set_secure: Added.
+ gnutls_protocol_set_enabled: Added.
+ gnutls_fips140_context_init: New function
+ gnutls_fips140_context_deinit: New function
+ gnutls_fips140_push_context: New function
+ gnutls_fips140_pop_context: New function
+ gnutls_fips140_get_operation_state: New function
+ gnutls_fips140_operation_state_t: New enum
+ gnutls_transport_is_ktls_enabled: New function
+ gnutls_get_library_configuration: New function
+ * Remove patches fixed in the update:
+ - gnutls-FIPS-module-version.patch
+ - gnutls-FIPS-service-indicator.patch
+ - gnutls-FIPS-service-indicator-public-key.patch
+ - gnutls-FIPS-service-indicator-symmetric-key.patch
+ - gnutls-FIPS-RSA-PSS-flags.patch
+ - gnutls-FIPS-RSA-mod-sizes.patch
+
+- FIPS: Fix regression tests in fips and non-fips mode [bsc#1194468]
+ * Add gnutls-FIPS-disable-failing-tests.patch
+ * Remove patches:
+ - gnutls-temporarily_disable_broken_guile_reauth_test.patch
+ - gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+ - disable-psk-file-test.patch
+
+- FIPS: Provide module identifier and version [bsc#1190796]
+ * Add configurable options to output the module name/identifier
+ (--with-fips140-module-name) and the module version
+ (--with-fips140-module-version).
+ * Add the CLI option list-config that reports the configuration
+ of the library.
+ * Add gnutls-FIPS-module-version.patch
+
+- FIPS: Provide a service-level indicator [bsc#1190698]
+ * Add support for a "service indicator" as required in
+ the FIPS140-3 Implementation Guidance in section 2.4.C
+ * Add patches:
+ - gnutls-FIPS-service-indicator.patch
+ - gnutls-FIPS-service-indicator-public-key.patch
+ - gnutls-FIPS-service-indicator-symmetric-key.patch
+ - gnutls-FIPS-RSA-PSS-flags.patch
+
+- FIPS: RSA KeyGen/SigGen fail with 4096 bit key sizes [bsc#1192008]
+ * fips: allow more RSA modulus sizes
+ * Add gnutls-FIPS-RSA-mod-sizes.patch
+ * Delete gnutls-3.6.7-fips-rsa-4096.patch
+
+- Drop bogus condition "> 1550": that would mean 'more recent than
+ Tumbleweed' which is technically impossible, as Tumbleweed is the
+ leading project (and the condition causes issues as Tumbleweed
+ needs to move away from 1550 due to CODE 15 SP5 plans).
+
+- Add crypto-policies support in SLE-15-SP4 [jsc#SLE-20287]
+
+- Account for the libnettle soname bump [jsc#SLE-19765]
+
+- Update to 3.7.2 in SLE-15-SP4: [jsc#SLE-19765, jsc#SLE-18139]
+ - Add gnutls-temporarily_disable_broken_guile_reauth_test.patch
+ - Rebased patches:
+ * disable-psk-file-test.patch
+ * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+ * gnutls-fips_mode_enabled.patch
+ - Remove patches merged upstream:
+ * gnutls-CVE-2020-11501.patch
+ * gnutls-CVE-2020-13777.patch
+ * gnutls-CVE-2020-24659.patch
+ * gnutls-CVE-2021-20231.patch
+ * gnutls-CVE-2021-20232.patch
+ * gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch
+ * gnutls-fips_XTS_key_check.patch
+ * 0001-_gnutls_verify_crt_status-apply-algorithm-checks-to-.patch
+ * 0002-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch
+ * 0003-x509-trigger-fallback-verification-path-when-cert-is.patch
+ * 0004-tests-add-test-case-for-certificate-chain-supersedin.patch
+ * 0001-Add-Full-Public-Key-Check-for-DH.patch
+ * 0001-Add-test-to-ensure-DH-exchange-behaves-correctly.patch
+ * 0002-Add-test-to-ensure-ECDH-exchange-behaves-correctly.patch
+ * 0003-Add-plumbing-to-handle-Q-parameter-in-DH-exchanges.patch
+ * 0004-Always-pass-in-and-check-Q-in-TLS-1.3.patch
+ * 0005-Check-Q-for-FFDHE-primes-in-prime-check.patch
+ * 0006-Pass-down-Q-for-FFDHE-in-al-pre-TLS1.3-as-well.patch
+ * 0001-dh-primes-add-MODP-primes-from-RFC-3526.patch
+ * 0002-dhe-check-if-DH-params-in-SKE-match-the-FIPS-approve.patch
+ * 0001-dh-check-validity-of-Z-before-export.patch
+ * 0002-ecdh-check-validity-of-P-before-export.patch
+ * 0003-dh-primes-make-the-FIPS-approved-check-return-Q-valu.patch
+ * 0004-dh-perform-SP800-56A-rev3-full-pubkey-validation-on-.patch
+ * 0005-ecdh-perform-SP800-56A-rev3-full-pubkey-validation-o.patch
+ * 0001-Vendor-in-XTS-functionality-from-Nettle.patch
+ * 0001-pubkey-avoid-spurious-audit-messages-from-_gnutls_pu.patch
+ * gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch
+ * gnutls-3.6.7-fix-FTBFS-2024.patch
+ * gnutls-3.6.7-reproducible-date.patch
+
+- Update to version 3.7.2
+ * Added Linux kernel AF_ALG based acceleration
+ * Fixed timing of early data exchange
+ * The priority string option DISABLE_TLS13_COMPAT_MODE was added
+ to disable TLS 1.3 middlebox compatibility mode
+ * The GNUTLS_NO_EXPLICIT_INIT envvar has been renamed to
+ GNUTLS_NO_IMPLICIT_INIT to reflect the purpose
+ * certtool:
+ * When signing a CSR, CRL distribution point (CDP) is no
+ longer copied from the signing CA by default
+ * When producing certificates and certificate requests, subject
+ DN components that are provided individually will now be
+ ordered by assumed scale
+
+- Add gnutls-3.6.7-fix-FTBFS-2024.patch to let tests pass after 2024 (boo#1186579)
+- Add gnutls-3.6.7-reproducible-date.patch to override build date (boo#1047218)
+
+- Security fix: [bsc#1183456, CVE-2021-20232]
+ * A use after free issue in client_send_params
+ in lib/ext/pre_shared_key.c may lead to memory
+ corruption and other potential consequences.
+- Add gnutls-CVE-2021-20232.patch
+
+- Security fix: [bsc#1183457, CVE-2021-20231]
+ * A use after free issue in client sending key_share extension
+ may lead to memory corruption and other consequences.
+- Add gnutls-CVE-2021-20231.patch
+
+- Update to 3.7.1:
+ [bsc#1183456, CVE-2021-20232] [bsc#1183457, CVE-2021-20231]
+ * Fixed potential use-after-free in sending "key_share" and
+ "pre_shared_key" extensions.
+ * Fixed a regression in handling duplicated certs in a chain.
+ * Fixed sending of session ID in TLS 1.3 middlebox compatibility
+ mode. In that mode the client shall always send a non-zero
+ session ID to make the handshake resemble the TLS 1.2
+ resumption; this was not true in the previous versions.
+ * Removed dependency on the external 'fipscheck' package,
+ when compiled with --enable-fips140-mode.
+ * Added padlock acceleration for AES-192-CBC.
+- Remove patches upstream:
+ * gnutls-gnutls-cli-debug.patch
+ * gnutls-ignore-duplicate-certificates.patch
+ * gnutls-test-fixes.patch
+
+- Fix the test suite for tests/gnutls-cli-debug.sh [bsc#1171565]
+ * Don't unset system priority settings in gnutls-cli-debug.sh
+ * Upstream: gitlab.com/gnutls/gnutls/merge_requests/1387
+- Add gnutls-gnutls-cli-debug.patch
+
+- Fix: Test certificates in tests/testpkcs11-certs have expired
+ * Upstream bug: gitlab.com/gnutls/gnutls/issues/1135
+- Add gnutls-test-fixes.patch
+
+- gnutls_x509_trust_list_verify_crt2: ignore duplicate certificates
+ * Upstream bug: https://gitlab.com/gnutls/gnutls/issues/1131
+- Add gnutls-ignore-duplicate-certificates.patch
+
+- Update to 3.7.0
+ * Depend on nettle 3.6
+ * Added a new API that provides a callback function to retrieve
+ missing certificates from incomplete certificate chains
+ * Added a new API that provides a callback function to output the
+ complete path to the trusted root during certificate chain
+ verification
+ * OIDs exposed as gnutls_datum_t no longer account for the
+ terminating null bytes, while the data field is null terminated.
+ The affected API functions are: gnutls_ocsp_req_get_extension,
+ gnutls_ocsp_resp_get_response, and gnutls_ocsp_resp_get_extension
+ * Added a new set of API to enable QUIC implementation
+ * The crypto implementation override APIs deprecated in 3.6.9 are
+ now no-op
+ * Added MAGMA/KUZNYECHIK CTR-ACPKM and CMAC support
+ * Support for padlock has been fixed to make it work with Zhaoxin CPU
+ * The maximum PIN length for PKCS #11 has been increased from 31
+ bytes to 255 bytes
+- Remove patch fixed upstream:
+ * gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch
+- Fix threading bug in libgnutls [bsc#1173434]
+ * Upstream bug: gitlab.com/gnutls/gnutls/issues/1044
+
+- Avoid spurious audit messages about incompatible signature algorithms
+ (bsc#1172695)
+ * add 0001-pubkey-avoid-spurious-audit-messages-from-_gnutls_pu.patch
+
+- FIPS: Use 2048 bit prime in DH selftest (bsc#1176086)
+ * add gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch
+- FIPS: Add TLS KDF selftest (bsc#1176671)
+ * add gnutls-FIPS-TLS_KDF_selftest.patch
+
+- Escape rpm command %%expand when used in comment.
+
+- FIPS: Use 2048 bit prime in DH selftest (bsc#1176086)
+ * add gnutls-FIPS-use_2048_bit_prime_in_DH_selftest.patch
+
+- FIPS: Add TLS KDF selftest (bsc#1176671)
+ * add gnutls-FIPS-TLS_KDF_selftest.patch
+
+- Fix heap buffer overflow in handshake with no_renegotiation alert sent
+ * CVE-2020-24659 (bsc#1176181)
+- add gnutls-CVE-2020-24659.patch
+
+- FIPS: Implement (EC)DH requirements from SP800-56Arev3 (bsc#1176086)
+- add patches
+ * 0001-Add-Full-Public-Key-Check-for-DH.patch
+ * 0001-Add-test-to-ensure-DH-exchange-behaves-correctly.patch
+ * 0002-Add-test-to-ensure-ECDH-exchange-behaves-correctly.patch
+ * 0003-Add-plumbing-to-handle-Q-parameter-in-DH-exchanges.patch
+ * 0004-Always-pass-in-and-check-Q-in-TLS-1.3.patch
+ * 0005-Check-Q-for-FFDHE-primes-in-prime-check.patch
+ * 0006-Pass-down-Q-for-FFDHE-in-al-pre-TLS1.3-as-well.patch
+ * 0001-dh-primes-add-MODP-primes-from-RFC-3526.patch
+ * 0002-dhe-check-if-DH-params-in-SKE-match-the-FIPS-approve.patch
+ * 0001-dh-check-validity-of-Z-before-export.patch
+ * 0002-ecdh-check-validity-of-P-before-export.patch
+ * 0003-dh-primes-make-the-FIPS-approved-check-return-Q-valu.patch
+ * 0004-dh-perform-SP800-56A-rev3-full-pubkey-validation-on-.patch
+ * 0005-ecdh-perform-SP800-56A-rev3-full-pubkey-validation-o.patch
+- drop obsolete gnutls-3.6.7-fips_DH_ECDH_key_tests.patch
+
+- Update to 3.6.15
+ * libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing.
+ [GNUTLS-SA-2020-09-04, CVSS: medium]
+ * libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now
+ indicates that with a false return value (!1306).
+ * libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked
+ accordingly to SP800-56A rev 3 (!1295, !1299).
+ * libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than
+ the size of the internal base64 blob (#1025).
+ * libgnutls: Certificate verification failue due to OCSP must-stapling is not
+ honered is now correctly marked with the GNUTLS_CERT_INVALID flag
+ * libgnutls: The audit log message for weak hashes is no longer printed twice
+ * libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is
+ disabled in the priority string. Previously, even when TLS 1.2 is explicitly
+ disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is
+ enabled (#1054).
+- drop upstreamed patches:
+ * gnutls-detect_nettle_so.patch
+ * 0001-crypto-api-always-allocate-memory-when-serializing-i.patch
+
+- Correctly detect gmp, nettle, and hogweed libraries (bsc#1172666)
+ * add gnutls-detect_nettle_so.patch
+
+- Fix a memory leak that could lead to a DoS attack against Samba
+ servers (bsc#1172663)
+ * add 0001-crypto-api-always-allocate-memory-when-serializing-i.patch
+- Temporarily disable broken guile reauth test (bsc#1171565)
+ * add gnutls-temporarily_disable_broken_guile_reauth_test.patch
+
+- GNUTLS-SA-2020-06-03 (Fixed insecure session ticket key construction)
+ The TLS server would not bind the session ticket encryption key with a
+ value supplied by the application until the initial key rotation, allowing
+ attacker to bypass authentication in TLS 1.3 and recover previous
+ conversations in TLS 1.2 (#1011). (bsc#1172506, CVE-2020-13777)
+ * add patches:
+ + gnutls-CVE-2020-13777.patch
+- Fixed handling of certificate chain with cross-signed intermediate
+ CA certificates (#1008). (bsc#1172461)
+ * add patches:
+ + 0001-_gnutls_verify_crt_status-apply-algorithm-checks-to-.patch
+ + 0002-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch
+ + 0003-x509-trigger-fallback-verification-path-when-cert-is.patch
+ + 0004-tests-add-test-case-for-certificate-chain-supersedin.patch
+
+- Update to 3.6.14
+ * libgnutls: Fixed insecure session ticket key construction, since 3.6.4.
+ The TLS server would not bind the session ticket encryption key with a
+ value supplied by the application until the initial key rotation, allowing
+ attacker to bypass authentication in TLS 1.3 and recover previous
+ conversations in TLS 1.2 (#1011). (bsc#1172506, CVE-2020-13777)
+ [GNUTLS-SA-2020-06-03, CVSS: high]
+ * libgnutls: Fixed handling of certificate chain with cross-signed
+ intermediate CA certificates (#1008). (bsc#1172461)
+ * libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997).
+ * libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName
+ (2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority
+ Key Identifier (AKI) properly (#989, #991).
+ * certtool: PKCS #7 attributes are now printed with symbolic names (!1246).
+ * libgnutls: Use accelerated AES-XTS implementation if possible (!1244).
+ Also both accelerated and non-accelerated implementations check key block
+ according to FIPS-140-2 IG A.9 (!1233).
+ * libgnutls: Added support for AES-SIV ciphers (#463).
+ * libgnutls: Added support for 192-bit AES-GCM cipher (!1267).
+ * libgnutls: No longer use internal symbols exported from Nettle (!1235)
+ * API and ABI modifications:
+ GNUTLS_CIPHER_AES_128_SIV: Added
+ GNUTLS_CIPHER_AES_256_SIV: Added
+ GNUTLS_CIPHER_AES_192_GCM: Added
+ gnutls_pkcs7_print_signature_info: Added
+- Add key D605848ED7E69871: public key "Daiki Ueno <ueno@unixuser.org>" to
+ the keyring
+- Drop gnutls-fips_correct_nettle_soversion.patch (upstream)
+
+- Add RSA 4096 key generation support in FIPS mode (bsc#1171422)
+ * add gnutls-3.6.7-fips-rsa-4096.patch
+
+- Don't check for /etc/system-fips which we don't have (bsc#1169992)
+ * add gnutls-fips_mode_enabled.patch
+
+- Backport AES XTS support (bsc#1168835)
+ * add 0001-Vendor-in-XTS-functionality-from-Nettle.patch
+ * add gnutls-fips_XTS_key_check.patch
+
+- Use correct nettle .so version when looking for a FIPS checksum
+ (bsc#1166635)
+ * add gnutls-fips_correct_nettle_soversion.patch
+
+- Update to 3.6.13
+ * libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support)
+ The DTLS client would not contribute any randomness to the DTLS negotiation,
+ breaking the security guarantees of the DTLS protocol (#960)
+ [GNUTLS-SA-2020-03-31, CVSS: high] (bsc#1168345)
+ * libgnutls: Added new APIs to access KDF algorithms (#813).
+ * libgnutls: Added new callback gnutls_keylog_func that enables a custom
+ logging functionality.
+ * libgnutls: Added support for non-null terminated usernames in PSK
+ negotiation (#586).
+ * gnutls-cli-debug: Improved support for old servers that only support
+ SSL 3.0.
+
+- Fix zero random value in DTLS client hello
+ (CVE-2020-11501, bsc#1168345)
+ * add gnutls-CVE-2020-11501.patch
+
+- Split off FIPS checksums into a separate libgnutls30-hmac
+ subpackage (bsc#1152692)
+ * update baselibs.conf
+
+- bsc#1166881 - FIPS: gnutls: cfb8 decryption issue
+ * No longer truncate output IV if input is shorter than block size.
+ * Added gnutls-3.6.7-fips-backport_dont_truncate_output_IV.patch
+
+- bsc#1155327 jira#SLE-9518 - FIPS: add DH key test
+ * Added Diffie Hellman public key verification test.
+ * gnutls-3.6.7-fips_DH_ECDH_key_tests.patch
+
+- gnutls 3.6.12
+ * libgnutls: Introduced TLS session flag (gnutls_session_get_flags())
+ to identify sessions that client request OCSP status request (#829).
+ * libgnutls: Added support for X448 key exchange (RFC 7748) and Ed448
+ signature algorithm (RFC 8032) under TLS (#86).
+ * libgnutls: Added the default-priority-string option to system configuration;
+ it allows overriding the compiled-in default-priority-string.
+ * libgnutls: Added support for GOST CNT_IMIT ciphersuite (as defined by
+ draft-smyshlyaev-tls12-gost-suites-07).
+ By default this ciphersuite is disabled. It can be enabled by adding
+ +GOST to priority string. In the future this priority string may enable
+ other GOST ciphersuites as well. Note, that server will fail to negotiate
+ GOST ciphersuites if TLS 1.3 is enabled both on a server and a client. It
+ is recommended for now to disable TLS 1.3 in setups where GOST ciphersuites
+ are enabled on GnuTLS-based servers.
+ * libgnutls: added priority shortcuts for different GOST categories like
+ CIPHER-GOST-ALL, MAC-GOST-ALL, KX-GOST-ALL, SIGN-GOST-ALL, GROUP-GOST-ALL.
+ * libgnutls: Reject certificates with invalid time fields. That is we reject
+ certificates with invalid characters in Time fields, or invalid time formatting
+ To continue accepting the invalid form compile with --disable-strict-der-time
+ * libgnutls: Reject certificates which contain duplicate extensions. We were
+ previously printing warnings when printing such a certificate, but that is
+ not always sufficient to flag such certificates as invalid. Instead we now
+ refuse to import them (#887).
+ * libgnutls: If a CA is found in the trusted list, check in addition to
+ time validity, whether the algorithms comply to the expected level prior
+ to accepting it. This addresses the problem of accepting CAs which would
+ have been marked as insecure otherwise (#877).
+ * libgnutls: The min-verification-profile from system configuration applies
+ for all certificate verifications, not only under TLS. The configuration can
+ be overriden using the GNUTLS_SYSTEM_PRIORITY_FILE environment variable.
+ * libgnutls: The stapled OCSP certificate verification adheres to the convention
+ used throughout the library of setting the 'GNUTLS_CERT_INVALID' flag.
+ * libgnutls: On client side only send OCSP staples if they have been requested
+ by the server, and on server side always advertise that we support OCSP stapling
+ * libgnutls: Introduced the gnutls_ocsp_req_const_t which is compatible
+ with gnutls_ocsp_req_t but const.
+ * certtool: Added the --verify-profile option to set a certificate
+ verification profile. Use '--verify-profile low' for certificate verification
+ to apply the 'NORMAL' verification profile.
+ * certtool: The add_extension template option is considered even when generating
+ a certificate from a certificate request.
+
+- gnutls 3.6.11.1:
+ * libgnutls: Corrected issue with TLS 1.2 session ticket
+ handling as client during resumption
+ * libgnutls: gnutls_base64_decode2() succeeds decoding the empty
+ string to the empty string. This is a behavioral change of the
+ API but it conforms to the RFC4648 expectations
+ * libgnutls: Fixed AES-CFB8 implementation, when input is shorter
+ than the block size. Fix backported from nettle.
+ * certtool: CRL distribution points will be set in CA
+ certificates even when non self-signed
+ * gnutls-cli/serv: added raw public-key handling capabilities
+ (RFC7250). Key material can be set via the --rawpkkeyfile and
+ - -rawpkfile flags.
+
+- gnutls 3.6.10:
+ * Add support for deterministic ECDSA/DSA (RFC6979)
+ * Add functions for in-place encryption/decryption of data buffers
+ * server now selects the highest TLS protocol version, if TLS 1.3
+ is enabled and the client advertises an older protocol version
+ first
+ * Add support for GOST 28147-89 cipher in CNT (GOST counter) mode
+ and MAC generation based on GOST 28147-89 (IMIT)
+ * certtool: when outputting an encrypted private key do not
+ insert the textual description of it
+
+- Install checksums for binary integrity verification which are
+ required when running in FIPS mode (bsc#1152692, jsc#SLE-9518)
+
+- gnutls 3.6.9:
+ * add support for copying digest or MAC contexts
+ * Mark the crypto implementation override APIs as deprecated
+ * Add support for AES-GMAC, as a separate to GCM, MAC algorithm
+ * Add support for Generalname registeredID
+ * The priority configuration was enhanced to allow more elaborate
+ system-wide configuration of the library
+- includes changes from 3.6.8:
+ * Add support for AES-XTS cipher
+ * Fix calculation of Streebog digests
+ * During Diffie-Hellman operations in TLS, verify that the peer's
+ public key is on the right subgroup (y^q=1 mod p), when q is
+ available (under TLS 1.3 and under earlier versions when RFC7919
+ parameters are used).
+ * Apply STD3 ASCII rules in gnutls_idna_map() to prevent
+ hostname/domain crafting via IDNA conversion
+ * certtool: allow the digital signature key usage flag in CA
+ certificates
+ * gnutls-cli/serv: add the --keymatexport and --keymatexportsize
+ options. These allow testing the RFC5705 using these tools
+- drop patches to re-enable tests:
+ * disable-psk-file-test.patch
+ * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+
+- Explicitly require libnettle 3.4.1 (bsc#1134856)
+ * The RSA decryption code was rewritten in GnuTLS 3.6.5 in order
+ to fix CVE-2018-16868, the new implementation makes use of a new
+ rsa_sec_decrypt() function introduced in libnettle 3.4.1
+ * libnettle was recently updated to the 3.4.1 version but we need
+ to add explicit dependency on it to prevent missing symbol errors
+ with the older versions
+
+- Restored autoreconf in build.
+- Removed gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch
+ since the version requirements of required libraries are once again
+ automatically determined.
+- Added gnutls-3.6.7-SUSE_SLE15_guile_site_directory.patch because it is a
+ better patch name for handling the '--with-guile-site-dir=' problem in
+ 3.6.7.
+
+- Trim useless %if..%endif guards that do not affect the build.
+- Fix language errors in description again.
+
+- Update gnutls to 3.6.7
+ * * libgnutls, gnutls tools: Every gnutls_free() will automatically set
+ the free'd pointer to NULL. This prevents possible use-after-free and
+ double free issues. Use-after-free will be turned into NULL dereference.
+ The counter-measure does not extend to applications using gnutls_free().
+ * * libgnutls: Fixed a memory corruption (double free) vulnerability in the
+ certificate verification API. Reported by Tavis Ormandy; addressed with
+ the change above. [GNUTLS-SA-2019-03-27, #694] [bsc#1130681] (CVE-2019-3829)
+ * * libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages;
+ Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704] [bsc#1130682] (CVE-2019-3836)
+ * * libgnutls: enforce key usage limitations on certificates more actively.
+ Previously we would enforce it for TLS1.2 protocol, now we enforce it
+ even when TLS1.3 is negotiated, or on client certificates as well. When
+ an inappropriate for TLS1.3 certificate is seen on the credentials structure
+ GnuTLS will disable TLS1.3 support for that session (#690).
+ * * libgnutls: the default number of tickets sent under TLS 1.3 was increased to
+ two. This makes it easier for clients which perform multiple connections
+ to the server to use the tickets sent by a default server.
+ * * libgnutls: enforce the equality of the two signature parameters fields in
+ a certificate. We were already enforcing the signature algorithm, but there
+ was a bug in parameter checking code.
+ * * libgnutls: fixed issue preventing sending and receiving from different
+ threads when false start was enabled (#713).
+ * * libgnutls: the flag GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO now implies a writable
+ session, as non-writeable security officer sessions are undefined in PKCS#11
+ (#721).
+ * * libgnutls: no longer send downgrade sentinel in TLS 1.3.
+ Previously the sentinel value was embedded to early in version
+ negotiation and was sent even on TLS 1.3. It is now sent only when
+ TLS 1.2 or earlier is negotiated (#689).
+ * * gnutls-cli: Added option --logfile to redirect informational messages output.
+- Disabled dane support since dane is not shipped with SLE-15
+- Changed configure script to hardware guile site directory since command-line
+ option '--with-guile-site-dir=' was removed from the configure script in 3.6.7.
+ * * Modified gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch
+- Modified gnutls-3.6.0-disable-flaky-dtls_resume-test.patch to fix
+ compilation issues on PPC
+- Fixed Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification
+ and padding oracle verification (in 3.6.5) [bsc#1118087] (CVE-2018-16868)
+
+- FATE#327114 - Update gnutls to 3.6.6 to support TLS 1.3
+ * * libgnutls: gnutls_pubkey_import_ecc_raw() was fixed to set the number bits
+ on the public key (#640).
+ * * libgnutls: Added support for raw public-key authentication as defined in RFC7250.
+ Raw public-keys can be negotiated by enabling the corresponding certificate
+ types via the priority strings. The raw public-key mechanism must be explicitly
+ enabled via the GNUTLS_ENABLE_RAWPK init flag (#26, #280).
+ * * libgnutls: When on server or client side we are sending no extensions we do
+ not set an empty extensions field but we rather remove that field competely.
+ This solves a regression since 3.5.x and improves compatibility of the server
+ side with certain clients.
+ * * libgnutls: We no longer mark RSA keys in PKCS#11 tokens as RSA-PSS capable if
+ the CKA_SIGN is not set (#667).
+ * * libgnutls: The priority string option %NO_EXTENSIONS was improved to completely
+ disable extensions at all cases, while providing a functional session. This
+ also implies that when specified, TLS1.3 is disabled.
+ * * libgnutls: GNUTLS_X509_NO_WELL_DEFINED_EXPIRATION was marked as deprecated.
+ The previous definition was non-functional (#609).
+ * Removed patches:
+ 0001-dummy_wait-correctly-account-the-length-field-in-SHA.patch
+ 0002-dummy_wait-always-hash-the-same-amount-of-blocks-tha.patch
+ 0003-cbc_mac_verify-require-minimum-padding-under-SSL3.0.patch
+ 0004-hmac-sha384-and-sha256-ciphersuites-were-removed-fro.patch
+ * Added Patches:
+ * * disable failing psk-file test (race condition):
+ disable-psk-file-test.patch
+ * * Patch configure script to accept specific versions of autotools and guile
+ that are present in SUSE-SLE15. (A bug prevents configure from accepting
+ a range of compatible versions. Upstream's solution is to hardwire for
+ the most current versions.)
+ gnutls-3.6.6-SUSE_SLE15_congruent_version_requirements.patch
+ * Modified:
+ * * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+- drop no longer needed gnutls-enbale-guile-2.2.patch
+- refresh disable-psk-file-test.patch
+
+- Update to 3.6.5
+ * * libgnutls: Provide the option of transparent re-handshake/reauthentication
+ when the GNUTLS_AUTO_REAUTH flag is specified in gnutls_init() (#571).
+ * * libgnutls: Added support for TLS 1.3 zero round-trip (0-RTT) mode (#127)
+ * * libgnutls: The priority functions will ignore and not enable TLS1.3 if
+ requested with legacy TLS versions enabled but not TLS1.2. That is because
+ if such a priority string is used in the client side (e.g., TLS1.3+TLS1.0 enabled)
+ servers which do not support TLS1.3 will negotiate TLS1.2 which will be
+ rejected by the client as disabled (#621).
+ * * libgnutls: Change RSA decryption to use a new side-channel silent function.
+ This addresses a security issue where memory access patterns as well as timing
+ on the underlying Nettle rsa-decrypt function could lead to new Bleichenbacher
+ attacks. Side-channel resistant code is slower due to the need to mask
+ access and timings. When used in TLS the new functions cause RSA based
+ handshakes to be between 13% and 28% slower on average (Numbers are indicative,
+ the tests where performed on a relatively modern Intel CPU, results vary
+ depending on the CPU and architecture used). This change makes nettle 3.4.1
+ the minimum requirement of gnutls (#630). [CVSS: medium]
+ * * libgnutls: gnutls_priority_init() and friends, allow the CTYPE-OPENPGP keyword
+ in the priority string. It is only accepted as legacy option and is ignored.
+ * * libgnutls: Added support for EdDSA under PKCS#11 (#417)
+ * * libgnutls: Added support for AES-CFB8 cipher (#357)
+ * * libgnutls: Added support for AES-CMAC MAC (#351)
+ * * libgnutls: In two previous versions GNUTLS_CIPHER_GOST28147_CPB/CPC/CPD_CFB ciphers
+ have incorrectly used CryptoPro-A S-BOX instead of proper (CryptoPro-B/-C/-D
+ S-BOXes). They are fixed now.
+ * * libgnutls: Added support for GOST key unmasking and unwrapped GOST private
+ keys parsing, as specified in R 50.1.112-2016.
+ * * gnutls-serv: It applies the default settings when no --priority option is given,
+ using gnutls_set_default_priority().
+ * * p11tool: Fix initialization of security officer's PIN with the --initialize-so-pin
+ option (#561)
+ * * certtool: Add parameter --no-text that prevents certtool from outputting
+ text before PEM-encoded private key, public key, certificate, CRL or CSR.
+- minimum required libnettle is now 3.4.1
+- refresh
+ * disable-psk-file-test.patch
+ * gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+
+- search for guile-2.2 during configure, part of boo#1117121
+ add patches:
+ * gnutls-enbale-guile-2.2.patch: search for guile-2.2
+ refresh patches:
+ * disable-psk-file-test.patch: disable psk-file in Makefile.am
+
+- Temporarily disable failing psk-file test (race condition)
+ * add disable-psk-file-test.patch
+
+- Version update to 3.6.4 (bsc#1111757):
+ * * libgnutls: Added the final (RFC8446) version numbering of the TLS1.3 protocol.
+ * * libgnutls: Corrected regression since 3.6.3 in the callbacks set with
+ gnutls_certificate_set_retrieve_function() which could not handle the case where
+ no certificates were returned, or the callbacks were set to NULL (see #528).
+ * * libgnutls: gnutls_handshake() on server returns early on handshake when no
+ certificate is presented by client and the gnutls_init() flag GNUTLS_ENABLE_EARLY_START
+ is specified.
+ * * libgnutls: Added session ticket key rotation on server side with TOTP.
+ The key set with gnutls_session_ticket_enable_server() is used as a
+ master key to generate time-based keys for tickets. The rotation
+ relates to the gnutls_db_set_cache_expiration() period.
+ * * libgnutls: The 'record size limit' extension is added and preferred to the
+ 'max record size' extension when possible.
+ * * libgnutls: Provide a more flexible PKCS#11 search of trust store certificates.
+ This addresses the problem where the CA certificate doesn't have a subject key
+ identifier whereas the end certificates have an authority key identifier (#569)
+ * * libgnutls: gnutls_privkey_export_gost_raw2(), gnutls_privkey_import_gost_raw(),
+ gnutls_pubkey_export_gost_raw2(), gnutls_pubkey_import_gost_raw() import
+ and export GOST parameters in the "native" little endian format used for these
+ curves. This is an intentional incompatible change with 3.6.3.
+ * * libgnutls: Added support for seperately negotiating client and server certificate types
+ as defined in RFC7250. This mechanism must be explicitly enabled via the
+ GNUTLS_ENABLE_CERT_TYPE_NEG flag in gnutls_init().
+- Drop upstreamed patch:
+ * gnutls-3.6.3-backport-upstream-fixes.patch
+
+- gnutls-3.6.0-disable-flaky-dtls_resume-test.patch: refresh to also patch
+ test/Makefile.in as autoreconf does not work
+
+- Backport of upstream fixes (boo#1108450)
+ * gnutls-3.6.3-backport-upstream-fixes.patch
+ Fixes taken from upstream commits:
+ * * 3df5b7bc8a64 ("cert-cred: fix possible segfault when resetting cert retrieval function")
+ * * 42945a7aab6d ("allow no certificates to be reported by the gnutls_certificate_retrieve_function callbacks")
+ * * 10f83e36ed92 ("hello_ext_parse: apply the test for pre-shared key ext being last on client hello")
+ The patch was taken from https://github.com/weechat/weechat/issues/1231
+
+- Security update
+ Improve mitigations against Lucky 13 class of attacks
+ * "Just in Time" PRIME + PROBE cache-based side channel attack
+ can lead to plaintext recovery (CVE-2018-10846, bsc#1105460)
+ * HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of
+ wrong constant (CVE-2018-10845, bsc#1105459)
+ * HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not
+ enough dummy function calls (CVE-2018-10844, bsc#1105437)
+ * add patches:
+ 0001-dummy_wait-correctly-account-the-length-field-in-SHA.patch
+ 0002-dummy_wait-always-hash-the-same-amount-of-blocks-tha.patch
+ 0003-cbc_mac_verify-require-minimum-padding-under-SSL3.0.patch
+ 0004-hmac-sha384-and-sha256-ciphersuites-were-removed-fro.patch
+
+- Update to 3.6.3
+ Fixes security issues:
+ CVE-2018-10846, CVE-2018-10845, CVE-2018-10844, CVE-2017-10790
+ (bsc#1105437, bsc#1105460, bsc#1105459, bsc#1047002)
+ Other Changes:
+ * * libgnutls: Introduced support for draft-ietf-tls-tls13-28
+ * * libgnutls: Apply compatibility settings for existing applications running with TLS1.2 or
+ earlier and TLS 1.3.
+ * * Added support for Russian Public Key Infrastructure according to RFCs 4491/4357/7836.
+ * * Provide a uniform cipher list across supported TLS protocols
+ * * The SSL 3.0 protocol is disabled on compile-time by default.
+ * * libgnutls: Introduced function to switch the current FIPS140-2 operational
+ mode
+ * * libgnutls: Introduced low-level function to assist applications attempting client
+ hello extension parsing, prior to GnuTLS' parsing of the message.
+ * * libgnutls: When exporting an X.509 certificate avoid re-encoding if there are no
+ modifications to the certificate.
+ * * libgnutls: on group exchange honor the %SERVER_PRECEDENCE and select the groups
+ which are preferred by the server.
+ * * Improved counter-measures for TLS CBC record padding.
+ * * Introduced the %FORCE_ETM priority string option. This option prevents the negotiation
+ of legacy CBC ciphersuites unless encrypt-then-mac is negotiated.
+ * * libgnutls: gnutls_privkey_import_ext4() was enhanced with the
+ GNUTLS_PRIVKEY_INFO_PK_ALGO_BITS flag.
+ * * libgnutls: gnutls_pkcs11_copy_secret_key, gnutls_pkcs11_copy_x509_privkey2,
+ gnutls_pkcs11_privkey_generate3 will mark objects as sensitive by default
+ unless GNUTLS_PKCS11_OBJ_FLAG_MARK_NOT_SENSITIVE is specified. This is an API
+ change for these functions which make them err towards safety.
+ * * libgnutls: improved aarch64 cpu features detection by using getauxval().
+ * * certtool: It is now possible to specify certificate and serial CRL numbers greater
+ than 2**63-2 as a hex-encoded string both when prompted and in a template file.
+ Default certificate serial numbers are now fully random.
+- don't run autoreconf to avoid pulling in gtk-doc
+
+- Require pkgconfig(autoopts) for building
+
+- Simplify the DANE support %ifdef condition
+ * build with DANE on openSUSE only
+
+- Adjust RPM groups. Drop %if..%endif guards that are idempotent.
+
+- build without DANE support on SLE-15, as it doesn't have unbound
+ (bsc#1086428)
+
+- add back refreshed gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+ the dtls-resume test still keeps randomly failing on PPC
+
+- remove gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+ patch does not apply any more and apparently the build
+ suceeds even if the formerly flaky testcase is run (bsc#1086579)
+
+- gnutls.keyring: Nikos key refreshed to be unexpired
+
+- GnuTLS 3.6.2:
+ * libgnutls: When verifying against a self signed certificate ignore issuer.
+ That is, ignore issuer when checking the issuer's parameters strength,
+ resolving issue #347 which caused self signed certificates to be
+ additionally marked as of insufficient security level.
+ * libgnutls: Corrected MTU calculation for the CBC ciphersuites. The data
+ MTU calculation now, it correctly accounts for the fixed overhead due to
+ padding (as 1 byte), while at the same time considers the rest of the
+ padding as part of data MTU.
+ * libgnutls: Address issue of loading of all PKCS#11 modules on startup
+ on systems with a PKCS#11 trust store (as opposed to a file trust store).
+ Introduced a multi-stage initialization which loads the trust modules, and
+ other modules are deferred for the first pure PKCS#11 request.
+ * libgnutls: The SRP authentication will reject any parameters outside
+ RFC5054. This protects any client from potential MitM due to insecure
+ parameters. That also brings SRP in par with the RFC7919 changes to
+ Diffie-Hellman.
+ * libgnutls: Added the 8192-bit parameters of SRP to the accepted parameters
+ for SRP authentication.
+ * libgnutls: Addressed issue in the accelerated code affecting
+ interoperability with versions of nettle >= 3.4.
+ * libgnutls: Addressed issue in the AES-GCM acceleration under aarch64.
+ * libgnutls: Addressed issue in the AES-CBC acceleration under ssse3 (patch by
+ Vitezslav Cizek).
+ * srptool: the --create-conf option no longer includes 1024-bit parameters.
+ * p11tool: Fixed the deletion of objects in batch mode.
+- Dropped gnutls-check_aes_keysize.patch as it is included upstream now.
+
+- Use %license (boo#1082318)
+
+- Sanity check key size in SSSE3 AES cipher implementation (bsc#1074303)
+ * add gnutls-check_aes_keysize.patch
+
+- GnuTLS 3.6.1:
+ * Fix interoperability issue with openssl when safe renegotiation
+ was used
+ * gnutls_x509_crl_sign, gnutls_x509_crt_sign,
+ gnutls_x509_crq_sign, were modified to sign with a better
+ algorithm than SHA1. They will now sign with an algorithm that
+ corresponds to the security level of the signer's key.
+ * gnutls_x509_*_sign2() functions and gnutls_x509_*_privkey_sign()
+ accept GNUTLS_DIG_UNKNOWN (0) as a hash function option. That
+ will signal the function to auto-detect an appropriate hash
+ algorithm to use.
+ * Remove support for signature algorithms using SHA2-224 in TLS.
+ TLS 1.3 no longer uses SHA2-224 and it was never a widespread
+ algorithm in TLS 1.2
+ * Refuse to use client certificates containing disallowed
+ algorithms for a session, reverting a change on 3.5.5
+ * Refuse to resume a session which had a different SNI advertised
+ That improves RFC6066 support in server side.
+ * p11tool: Mark all generated objects as sensitive by default.
+ * p11tool: added options --sign-params and --hash. This allows
+ testing signature with multiple algorithms, including RSA-PSS.
+
+- Disable flaky dtls_resume test on Power
+ * add gnutls-3.6.0-disable-flaky-dtls_resume-test.patch
+
+- GnuTLS 3.6.0:
+ * Introduce a lock-free random generator which operates per-
+ thread and eliminates random-generator related bottlenecks in
+ multi-threaded operation.
+ * Replace the Salsa20 random generator with one based on CHACHA.
+ The goal is to reduce code needed in cache (CHACHA is also
+ used for TLS), and the number of primitives used by the
+ library. That does not affect the AES-DRBG random generator
+ used in FIPS140-2 mode.
+ * Add support for RSA-PSS key type as well as signatures in
+ certificates, and TLS key exchange
+ * Add support for Ed25519 signing in certificates and TLS key
+ exchange following draft-ietf-tls-rfc4492bis-17
+ * Enable X25519 key exchange by default, following
+ draft-ietf-tls-rfc4492bis-17.
+ * Add support for Diffie-Hellman group negotiation following
+ RFC7919.
+ * Introduce various sanity checks on certificate import
+ * Introduce gnutls_x509_crt_set_flags(). This function can set
+ flags in the crt structure. The only flag supported at the
+ moment is GNUTLS_X509_CRT_FLAG_IGNORE_SANITY which skips the
+ certificate sanity checks on import.
+ * PKIX certificates with unknown critical extensions are rejected
+ on verification with status GNUTLS_CERT_UNKNOWN_CRIT_EXTENSIONS
+ * Refuse to generate a certificate with an illegal version, or an
+ illegal serial number. That is, gnutls_x509_crt_set_version()
+ and gnutls_x509_crt_set_serial(), will fail on input considered
+ to be invalid in RFC5280.
+ * Call to gnutls_record_send() and gnutls_record_recv() prior to
+ handshake being complete are now refused
+ * Add support for PKCS#12 files with no salt (zero length) in
+ their password encoding, and PKCS#12 files using SHA384 and
+ SHA512 as MAC.
+ * libgnutls: Exported functions to encode and decode DSA and ECDSA
+ r,s values.
+ * Add new callback setting function to gnutls_privkey_t for
+ external keys. The new function (gnutls_privkey_import_ext4),
+ allows signing in addition to previous algorithms (RSA PKCS#1
+ 1.5, DSA, ECDSA), with RSA-PSS and Ed25519 keys.
+ * Introduce the %VERIFY_ALLOW_BROKEN and
+ %VERIFY_ALLOW_SIGN_WITH_SHA1 priority string options. These
+ allows enabling all broken and SHA1-based signature algorithms
+ in certificate verification, respectively.
+ * 3DES-CBC is no longer included in the default priorities list.
+ It has to be explicitly enabled, e.g., with a string like
+ "NORMAL:+3DES-CBC".
+ * SHA1 was marked as insecure for signing certificates.
+ Verification of certificates signed with SHA1 is now considered
+ insecure and will fail, unless flags intended to enable broken
+ algorithms are set. Other uses of SHA1 are still allowed.
+ * RIPEMD160 was marked as insecure for certificate signatures.
+ Verification of certificates signed with RIPEMD160 hash
+ algorithm is now considered insecure and will fail, unless
+ flags intended to enable broken algorithms are set.
+ * No longer enable SECP192R1 and SECP224R1 by default on TLS
+ handshakes. These curves were rarely used for that purpose,
+ provide no advantage over x25519 and were deprecated by TLS 1.3.
+ * Remove support for DEFLATE, or any other compression method.
+ * OpenPGP authentication was removed; the resulting library is ABI
+ compatible, with the openpgp related functions being stubs that
+ fail on invocation.
+ Drop gnutls-broken-openpgp-tests.patch, no longer required.
+ * Remove support for libidn (i.e., IDNA2003); gnutls can now be
+ compiled only with libidn2 which provides IDNA2008.
+ * certtool: The option '--load-ca-certificate' can now accept
+ PKCS#11 URLs in addition to files.
+ * certtool: The option '--load-crl' can now be used when
+ generating PKCS#12 files (i.e., in conjunction with '--to-p12' option).
+ * certtool: Keys with provable RSA and DSA parameters are now
+ only read and exported from PKCS#8 form, following
+ draft-mavrogiannopoulos-pkcs8-validated-parameters-00.txt.
+ This removes support for the previous a non-standard key format.
+ * certtool: Added support for generating, printing and handling
+ RSA-PSS and Ed25519 keys and certificates.
+ * certtool: the parameters --rsa, --dsa and --ecdsa to
+ - -generate-privkey are now deprecated, replaced by the
+ - -key-type option.
+ * p11tool: The --generate-rsa, --generate-ecc and --generate-dsa
+ options were replaced by the --generate-privkey option.
+ * psktool: Generate 256-bit keys by default.
+ * gnutls-server: Increase request buffer size to 16kb, and added
+ the --alpn and --alpn-fatal options, allowing testing of ALPN
+ negotiation.
+ * Enables FIPS 140-2 mode during build
+
+- Buildrequire iproute2: the test suite calls /usr/bin/ss and as
+ such we have to ensure to pull it in.
+
+- GnuTLS 3.5.15:
+ * libgnutls: Disable hardware acceleration on aarch64/ilp32 mode
+ * certtool: Keys with provable RSA and DSA parameters are now
+ only exported in PKCS#8 form
+
+- RPM group fix. Diversification of summaries.
+- Avoid aims and future plans in description. Say what it does now.
+
+- Drop the deprecated openssl compat ; discussed and suggested by
+ vcizek
+- Cleanup a bit with spec-cleaner
+
+- GnuTLS 3.5.14:
+ * Handle specially HSMs which request explicit authentication
+ * he GNUTLS_PKCS11_OBJ_FLAG_LOGIN will force a login on HSMs
+ * do not set leading zeros when copying integers on HSMs
+ * Fix issue discovering certain OCSP signers, and improved the
+ discovery of OCSP signer in the case where the Subject Public
+ Key identifier field matches
+ * ensure OCSP responses are saved with --save-ocsp even if
+ certificate verification fails.
+
+- GnuTLS 3.5.13:
+ * libgnutls: fixed issue with AES-GCM in-place encryption and
+ decryption in aarch64
+ * libgnutls: no longer parse the ResponseID field of the status
+ response TLS extension. The field is not used by GnuTLS nor is
+ made available to calling applications. That addresses a null
+ pointer dereference on server side caused by packets containing
+ the ResponseID field. GNUTLS-SA-2017-4, bsc#1043398
+ * libgnutls: tolerate certificates which do not have strict DER
+ time encoding. It is possible using 3rd party tools to generate
+ certificates with time fields that do not conform to DER
+ requirements. Since 3.4.x these certificates were rejected and
+ cannot be used with GnuTLS, however that caused problems with
+ existing private certificate infrastructures, which were
+ relying on such certificates. Tolerate reading and using these
+ certificates.
+ * minitasn1: updated to libtasn1 4.11.
+ * certtool: allow multiple certificates to be used in --p7-sign
+ with the --load-certificate option
+
+- GnuTLS 3.5.12:
+ * libgnutls: gnutls_x509_crt_check_hostname2() no longer matches
+ IP addresses against DNS fields of certificate (CN or DNSname).
+ The previous behavior was to tolerate some misconfigured
+ servers, but that was non-standard and skipped any IP
+ constraints present in higher level certificates.
+ * libgnutls: when converting to IDNA2008, fallback to IDNA2003
+ (i.e., transitional encoding) if the domain cannot be converted.
+ That provides maximum compatibility with browsers like firefox
+ that perform the same conversion.
+ * libgnutls: fix issue in RSA-PSK client callback which resulted
+ in no username being sent to the peer
+ * libgnutls: fix regression causing stapled extensions in trust
+ modules not to be considered.
+ * certtool: introduced the email_protection_key option. This
+ option was introduced in documentation for certtool without an
+ implementation of it. It is a shortcut for option
+ 'key_purpose_oid = 1.3.6.1.5.5.7.3.4'.
+ * certtool: made printing of key ID and key PIN consistent
+ between certificates, public keys, and private keys. That is
+ the private key printing now uses the same format as the rest.
+ * gnutls-cli: introduced the --sni-hostname option. This allows
+ overriding the hostname advertised to the peer.
+
+- skip trust-store tests to avoid build cycle with
+ ca-certificates-mozilla, add gnutls-3.5.11-skip-trust-store-tests.patch
+
+- GnuTLS 3.5.11:
+ * gnutls.pc: do not include libtool options into Libs.private.
+ * libgnutls: Fixed issue when rehandshaking without a client certificate in
+ a session which initially used one
+ * libgnutls: Addressed read of 4 bytes past the end of buffer in OpenPGP
+ certificate parsing (bsc#1038337)
+ * libgnutls: Introduced locks in gnutls_pkcs11_privkey_t structure access.
+ That allows PKCS#11 operations such as signing to be performed with the
+ same object from multiple threads.
+ * libgnutls: when disabling OpenPGP authentication, the resulting library
+ is ABI compatible (will openpgp related functions being stubs that fail
+ on invocation).
+
+- call gzip -n to make build fully reproducible
+
+- update to 3.5.10
+ * addresses GNUTLS-SA-2017-3 CVE-2017-7869 bsc#1034173
+ * gnutls.pc: do not include libidn2 in Requires.private
+ * libgnutls: optimized access to subject alternative names (SANs) in parsed
+ certificates
+ * libgnutls: Print the key PIN value used by the HPKP protocol as per RFC7469
+ when printing certificate information.
+ * libgnutls: gnutls_ocsp_resp_verify_direct() and gnutls_ocsp_resp_verify()
+ flags can be set from the gnutls_certificate_verify_flags enumeration.
+ This allows the functions to pass the same flags available for certificates
+ to the verification function (e.g., GNUTLS_VERIFY_DISABLE_TIME_CHECKS or
+ GNUTLS_VERIFY_ALLOW_BROKEN).
+ * libgnutls: gnutls_store_commitment() can accept flag
+ GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN. This is to allow the function to operate
+ in applications which use SHA1 for example, after SHA1 is deprecated.
+ * certtool: No longer ignore the 'add_critical_extension' template option if
+ the 'add_extension' option is not present.
+ * gnutls-cli: Added LMTP, POP3, NNTP, Sieve and PostgreSQL support to the
+ starttls-proto command- drop gnutls-3.5.9-pkgconfig.patch (upstream)
+- drop gnutls-3.5.9-pkgconfig.patch (upstream)
+- remove unknown --disable-srp flag (bsc#901857)
+
+- disable the deprecated OpenPGP authentication support
+ * see https://gitlab.com/gnutls/gnutls/issues/102
+- add gnutls-broken-openpgp-tests.patch
+
+- GnuTLS 3.5.9:
+ * libgnutls: OpenPGP references removed, functionality deprecated
+ * libgnutls: Improve detection of AVX support
+ * libgnutls: Add support for IDNA2008 with libidn2 FATE#321897
+ * p11tool: re-use ID from corresponding objects when writing
+ certificates.
+ * API and ABI modifications:
+ gnutls_idna_map: Added
+ gnutls_idna_reverse_map: Added
+- prevent pkgconfig issues due to libidn2 when building with GnuTLS
+ add gnutls-3.5.9-pkgconfig.patch
+
+- Version 3.5.8 (released 2016-01-09)
+ * libgnutls: Ensure that multiple calls to the gnutls_set_priority_*
+ functions will not leave the verification profiles field to an
+ undefined state. The last call will take precedence.
+ * libgnutls: Ensure that GNUTLS_E_DECRYPTION_FAIL will be returned
+ by PKCS#8 decryption functions when an invalid key is provided. This
+ addresses regression on decrypting certain PKCS#8 keys.
+ * libgnutls: Introduced option to override the default priority string
+ used by the library. The intention is to allow support of system-wide
+ priority strings (as set with --with-system-priority-file). The
+ configure option is --with-default-priority-string.
+ * libgnutls: Require a valid IV size on all ciphers for PKCS#8 decryption.
+ This prevents crashes when decrypting malformed PKCS#8 keys.
+ * libgnutls: Fix crash on the loading of malformed private keys with certain
+ parameters set to zero.
+ * libgnutls: Fix double free in certificate information printing. If the PKIX
+ extension proxy was set with a policy language set but no policy specified,
+ that could lead to a double free.
+ * libgnutls: Addressed memory leaks in client and server side error paths
+ (issues found using oss-fuzz project)
+ * libgnutls: Addressed memory leaks in X.509 certificate printing error paths
+ (issues found using oss-fuzz project)
+ * libgnutls: Addressed memory leaks and an infinite loop in OpenPGP certificate
+ parsing. Fixes by Alex Gaynor. (issues found using oss-fuzz project)
+ * libgnutls: Addressed invalid memory accesses in OpenPGP certificate parsing.
+ (issues found using oss-fuzz project)
+- security issues fixed: GNUTLS-SA-2017-1 GNUTLS-SA-2017-2
+
+- GnuTLS 3.5.7, the next stable branch, with the following
+ highlights:
+ * SHA3 as a certificate signature algorithm
+ * X25519 (formerly curve25519) for ephemeral EC diffie-hellman
+ key exchange
+ * TLS false start
+ * New APIs to access the Shawe-Taylor-based provable RSA and DSA
+ parameter generation
+ * Prevent the change of identity on rehandshakes by default
+
+- GnuTLS 3.4.17:
+ * libgnutls: Introduced time and constraints checks in the end
+ certificate in the gnutls_x509_crt_verify_data2() and
+ gnutls_pkcs7_verify_direct() functions.
+ * libgnutls: Set limits on the maximum number of alerts handled.
+ That is, applications using gnutls could be tricked into an
+ busy loop if the peer sends continuously alert messages.
+ Applications which set a maximum handshake time (via
+ gnutls_handshake_set_timeout) will eventually recover but
+ others may remain in a busy loops indefinitely. This is related
+ but not identical to CVE-2016-8610, due to the difference in
+ alert handling of the libraries (gnutls delegates that handling
+ to applications). boo#1005879
+ * libgnutls: Enhanced the PKCS#7 parser to allow decoding old
+ (pre-rfc5652) structures with arbitrary encapsulated content.
+ * libgnutls: Backported cipher priorities order from 3.5.x branch
+ That adds CHACHA20-POLY1305 ciphersuite to SECURE priority
+ strings.
+ * certtool: When exporting a CRQ in DER format ensure no text data
+ are intermixed.
+ * API and ABI modifications:
+ gnutls_pkcs7_get_embedded_data_oid: Added
+- includes changes from 3.4.16:
+ * libgnutls: Ensure proper cleanups on
+ gnutls_certificate_set_*key() failures due to key mismatch.
+ This prevents leaks or double freeing on such failures.
+ * libgnutls: Increased the maximum size of the handshake message
+ hash. This will allow the library to cope better with larger
+ packets, as the ones offered by current TLS 1.3 drafts.
+ * libgnutls: Allow to use client certificates despite them
+ containing disallowed algorithms for a session. That allows for
+ example a client to use DSA-SHA1 due to his old DSA
+ certificate, without requiring him to enable DSA-SHA1 (and thus
+ make it acceptable for the server's certificate).
+ * guile: Backported all improvements from 3.5.x branch.
+ * guile: Update code to the I/O port API of Guile >= 2.1.4
+ This makes sure the GnuTLS bindings will work with the
+ forthcoming 2.2 stable series of Guile, of which 2.1 is a
+ preview.
+
+- GnuTLS 3.4.15:
+ * libgnutls: Corrected the comparison of the serial size in OCSP
+ response. Previously the OCSP certificate check wouldn't verify
+ the serial length and could succeed in cases it shouldn't
+ (GNUTLS-SA-2016-3).
+ * libgnutls: Fixes in gnutls_x509_crt_list_import2, which was
+ ignoring flags if all certificates in the list fit within the
+ initially allocated memory.
+ * libgnutls: Corrected issue which made
+ gnutls_certificate_get_x509_crt() to return invalid pointers
+ when returned more than a single certificate.
+ * libgnutls: Fix gnutls_pkcs12_simple_parse to always extract the
+ complete chain.
+ * libgnutls: Added support for decrypting PKCS#8 files which use
+ the HMAC-SHA256 as PRF.
+ * libgnutls: Addressed issue with PKCS#11 signature generation on
+ ECDSA keys. The signature is now written as unsigned integers
+ into the DSASignatureValue structure. Previously signed
+ integers could be written depending on what the underlying
+ module would produce. Addresses #122.
+- fix build error for 13.2, 42.1 and 42.2
+
+- GnuTLS 3.4.14:
+ * libgnutls: Address issue when utilizing the p11-kit trust store
+ for certificate verification (GNUTLS-SA-2016-2, boo#988276)
+ * libgnutls: Fixed DTLS handshake packet reconstruction.
+ * libgnutls: Fixed issues with PKCS#11 reading of sensitive
+ objects from SafeNet Network HSM
+ * libgnutls: Corrected the writing of PKCS#11 CKA_SERIAL_NUMBER
+- drop upstreamed
+ 0001-tests-use-datefudge-in-name-constraints-test.patch
+
+- Fix a problem with expired test certificate by using datefudge
+ (boo#987139)
+ * add 0001-tests-use-datefudge-in-name-constraints-test.patch
+
+- Version 3.4.13 (released 2016-06-06)
+ * libgnutls: Consider the SSLKEYLOGFILE environment to be compatible with
+ NSS instead of using a separate variable; in addition append any keys to
+ the file instead of overwriting it.
+ * libgnutls: use secure_getenv() where available to obtain environment
+ variables. Addresses GNUTLS-SA-2016-1.
+- Version 3.4.12 (released 2016-05-20)
+ * libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default. This
+ cipher is prioritized after AES-GCM.
+ * libgnutls: Fixes in gnutls_privkey_import_ecc_raw().
+ * libgnutls: Fixed gnutls_pkcs11_get_raw_issuer() usage with the
+ GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. Previously that
+ operation could fail on certain PKCS#11 modules.
+ * libgnutls: gnutls_pkcs11_obj_import_url() and gnutls_x509_crt_import_url()
+ can accept the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag.
+ * libgnutls: gnutls_certificate_set_key() was enhanced to import the DNS
+ name of the certificates if the provided names are NULL.
+ * libgnutls: when receiving SNI names, only save and expose to application
+ the supported DNS names.
+ * libgnutls: when importing the certificate names at the
+ gnutls_certificate_set* functions, only consider the CN as a fallback
+ if DNS names are provided via the alternative name extension.
+ * gnutls-cli: on OCSP verification do not fail if we have a single valid
+ reply. Report and reproducer by Thomas Klute.
+ * libgnutls: The GNUTLS_KEYLOGFILE environment variable can be used to
+ log session keys in client side. These session keys are compatible with
+ the NSS Key Log Format and can be used to decrypt the session for
+ debugging using wireshark.
+
+- enabled guile support
+- removed duplicates
+
+- Updated to 3.4.11
+ * Version 3.4.11 (released 2016-04-11)
+ * * libgnutls: Fixes in gnutls_record_get/set_state() with DTLS.
+ Reported by Fridolin Pokorny.
+ * * libgnutls: Fixes in DSA key generation under PKCS #11. Report and
+ patches by Jan Vcelak.
+ * * libgnutls: Corrected behavior of ALPN extension parsing during
+ session resumption. Report and patches by Yuriy M. Kaminskiy.
+ * * libgnutls: Corrected regression (since 3.4.0) in
+ gnutls_server_name_set() which caused it not to accept non-null-
+ terminated hostnames. Reported by Tim Ruehsen.
+ * * libgnutls: Corrected printing of the IP Adress name constraints.
+ * * ocsptool: use HTTP/1.0 for requests. This avoids issue with servers
+ serving chunk encoding which ocsptool doesn't support. Reported by
+ Thomas Klute.
+ * * certtool: do not require a CA for OCSP signing tag. This follows the
+ recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate
+ OCSP signing to another certificate without requiring it to be a CA.
+ Reported by Thomas Klute.
+ * Version 3.4.10 (released 2016-03-03)
+ * * libgnutls: Eliminated issues preventing buffers more than 2^32 bytes
+ to be used with hashing functions.
+ * * libgnutls: Corrected leaks and other issues in
+ gnutls_x509_crt_list_import().
+ * * libgnutls: Fixes in DSA key handling for PKCS #11. Report and
+ patches by Jan Vcelak.
+ * * libgnutls: Several fixes to prevent relying on undefined behavior
+ of C (found with libubsan).
+ * Version 3.4.9 (released 2016-02-03)
+ * * libgnutls: Corrected ALPN protocol negotiation. Before GnuTLS would
+ negotiate the last commonly supported protocol, rather than the
+ first. Reported by Remi Denis-Courmont (#63).
+ * * libgnutls: Tolerate empty DN fields in informational output
+ functions.
+ * * libgnutls: Corrected regression causes by incorrect fix in
+ gnutls_x509_ext_export_key_usage() at 3.4.8 release.
+
+- follow the work in the unbound package and use the
+ libunbound-devel symbol for the buildrequires. we override it for
+ the distro build with libunbound-devel-mini to avoid build loops.
+
+- reenable dane support, require unbound-devel bsc#964346
+- split out libgnutls-dane-devel to try to avoid build cycle.
+
+- Update to 3.4.8
+ All changes since 3.4.4:
+ * libgnutls: Corrected memory leak in gnutls_pubkey_import_privkey()
+ when used with PKCS #11 keys.
+ * libgnutls: For DSA and ECDSA keys in PKCS #11 objects, import
+ their public keys from either a public key object or a certificate.
+ That is, because private keys do not contain all the required
+ parameters for a direct import.
+ * libgnutls: Fixed issue when writing ECDSA private keys in PKCS #11
+ tokens.
+ * libgnutls: Fixed out-of-bounds read in
+ gnutls_x509_ext_export_key_usage()
+ * libgnutls: The CHACHA20-POLY1305 ciphersuites were updated to
+ conform to draft-ietf-tls-chacha20-poly1305-02.
+ * libgnutls: Several fixes in PKCS #7 signing which improve
+ compatibility with the MacOSX tools.
+ * libgnutls: The max-record extension not negotiated on DTLS. This
+ resolves issue with the max-record being negotiated but ignored.
+ * certtool: Added the --p7-include-cert and --p7-show-data options.
+ * libgnutls: Properly require TLS 1.2 in all CBC-SHA256 and CBC-SHA384
+ ciphersuites. This solves an interoperability issue with openssl.
+ * libgnutls: Corrected the setting of salt size in
+ gnutls_pkcs12_mac_info().
+ * libgnutls: On a rehandshake allow switching from anonymous to ECDHE
+ and DHE ciphersuites.
+ * libgnutls: Corrected regression from 3.3.x which prevented
+ ARCFOUR128 from using arbitrary key sizes.
+ * libgnutls: Added GNUTLS_SKIP_GLOBAL_INIT macro to allow programs
+ skipping the implicit global initialization.
+ * gnutls.pc: Don't include libtool specific options to link flags.
+ * tools: Better support for FTP AUTH TLS negotiation
+ * libgnutls: Added new simple verification functions. That avoids the
+ need to install a callback to perform certificate verification. See
+ doc/examples/ex-client-x509.c for usage.
+ * libgnutls: Introduced the security parameter 'future' which is at
+ the 256-bit level of security, and 'ultra' was aligned to its
+ documented size at 192-bits.
+ * libgnutls: When writing a certificate into a PKCS #11 token, ensure
+ that CKA_SERIAL_NUMBER and CKA_ISSUER are written.
+ * libgnutls: Allow the presence of legacy ciphers and key exchanges in
+ priority strings and consider them a no-op.
+ * libgnutls: Handle the extended master secret as a mandatory
+ extension. That fixes incompatibility issues with Chromium (#45).
+ * libgnutls: Added the ability to copy a public key into a PKCS #11
+ token.
+ * tools: Added support for LDAP and XMPP negotiation for STARTTLS.
+ * p11tool: Allow writing a public key into a PKCS #11 token.
+ * certtool: Key generation security level was switched to HIGH. That
+ is, by default the tool generates 3072 bit keys for RSA and DSA.
+ * libgnutls: When re-importing CRLs to a trust list ensure that there
+ no duplicate entries.
+ * certtool: Removed any arbitrary limits imposed on input file sizes
+ and maximum number of certificates imported.
+ * certtool: Allow specifying fixed dates on CRL generation.
+ * gnutls-cli-debug: Added check for inappropriate fallback support
+ (RFC7507).
+
+- Update to 3.4.4
+ This update contains a fix for a denial of service vulnerability:
+ * Allow the parsing of very long DNs. Also fixes double free
+ in DN decoding [GNUTLS-SA-2015-3]. boo#941794 CVE-2015-6251
+ Other changes:
+ * Add high level API (gnutls_prf_rfc5705) to access the PRF as
+ specified by RFC5705.
+ * Link to trousers (TPM library) dynamically when this
+ functionality is requested. (disabled in SUSE package)
+ * Fix issue with server side sending the status request extension
+ even when not requested.
+ * Add support for RFC7507 by introducing the %FALLBACK_SCSV
+ priority string option.
+ * gnutls_pkcs11_privkey_generate2() will store the generated
+ public key, unless the GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY
+ flag is specified.
+ * Correct regression from 3.4.3 in loading PKCS #8 keys as fallback.
+ * API and ABI modifications:
+ gnutls_prf_rfc5705: Added
+ gnutls_hex_encode2: Added
+ gnutls_hex_decode2: Added
+- build with autogen for libopts compatibility
+- fix failures in test suite, add upstream commits
+ 0001-certtool-lifted-limits-on-file-size-to-load.patch
+ 0002-certtool-eliminated-memory-leaks-due-to-new-cert-loa.patch
+
+- update to 3.4.3
+ * * libgnutls: Follow closely RFC5280 recommendations and use UTCTime for
+ dates prior to 2050.
+ * * libgnutls: Force 16-byte alignment to all input to ciphers (previously it
+ was done only when cryptodev was enabled).
+ * * libgnutls: Removed support for pthread_atfork() as it has undefined
+ semantics when used with dlopen(), and may lead to a crash.
+ * * libgnutls: corrected failure when importing plain files
+ with gnutls_x509_privkey_import2(), and a password was provided.
+ * * libgnutls: Don't reject certificates if a CA has the URI or IP address
+ name constraints, and the end certificate doesn't have an IP address
+ name or a URI set.
+ * * libgnutls: set and read the hint in DHE-PSK and ECDHE-PSK ciphersuites.
+ * * p11tool: Added --list-token-urls option, and print the token module name
+ in list-tokens.
+ * * libgnutls: DTLS blocking API is more robust against infinite blocking,
+ and will notify of more possible timeouts.
+ * * libgnutls: corrected regression with Camellia-256-GCM cipher. Reported
+ by Manuel Pegourie-Gonnard.
+ * * libgnutls: Introduced the GNUTLS_NO_SIGNAL flag to gnutls_init(). That
+ allows to disable SIGPIPE for writes done within gnutls.
+ * * libgnutls: Enhanced the PKCS #7 API to allow signing and verification
+ of structures. API moved to gnutls/pkcs7.h header.
+ * * certtool: Added options to generate PKCS #7 bundles and signed
+ structures.
+- includes changes from 3.4.2:
+ * DTLS blocking API is more robust against infinite blocking,
+ and will notify of more possible timeouts.
+ * Correct regression with Camellia-256-GCM cipher.
+ * Introduce the GNUTLS_NO_SIGNAL flag to gnutls_init(). That
+ allows to disable SIGPIPE for writes done within gnutls.
+ * Enhance the PKCS #7 API to allow signing and verification
+ of structures. Move API to gnutls/pkcs7.h header.
+ * certtool: Added options to generate PKCS #7 bundles and signed
+ structures.
+
+- disable testsuite run against valgrind on aarch64
+
+- Updated to 3.4.1 (released 2015-05-03)
+ * * libgnutls: gnutls_certificate_get_ours: will return the certificate even
+ if a callback was used to send it.
+ * * libgnutls: Check for invalid length in the X.509 version field. Without
+ the check certificates with invalid length would be detected as having an
+ arbitrary version. Reported by Hanno Böck.
+ * * libgnutls: Handle DNS name constraints with a leading dot. Patch by
+ Fotis Loukos.
+ * * libgnutls: Updated system-keys support for windows to compile in more
+ versions of mingw. Patch by Tim Kosse.
+ * * libgnutls: Fix for MD5 downgrade in TLS 1.2 signatures. Reported by
+ Karthikeyan Bhargavan [GNUTLS-SA-2015-2]. bsc#929690
+ * * libgnutls: Reverted: The gnutls_handshake() process will enforce a timeout
+ by default. That caused issues with non-blocking programs.
+ * * certtool: It can generate SHA256 key IDs.
+ * * gnutls-cli: fixed crash in --benchmark-ciphers. Reported by James Cloos.
+ * * API and ABI modifications: gnutls_x509_crt_get_pk_ecc_raw: Added
+- gnutls-fix-double-mans.patch: fixed upstream
+
+- Disable buggy valgrind on armv7l
+
+- updated to 3.4.0 (released 2015-04-08)
+ * * libgnutls: Added support for AES-CCM and AES-CCM-8 (RFC6655 and RFC7251)
+ ciphersuites. The former are enabled by default, the latter need to be
+ explicitly enabled, since they reduce the overall security level.
+ * * libgnutls: Added support for Chacha20-Poly1305 ciphersuites following
+ draft-mavrogiannopoulos-chacha-tls-05 and draft-irtf-cfrg-chacha20-poly1305-10.
+ That is currently provided as technology preview and is not enabled by
+ default, since there are no assigned ciphersuite points by IETF and there
+ is no guarrantee of compatibility between draft versions. The ciphersuite
+ priority string to enable it is "+CHACHA20-POLY1305".
+ * * libgnutls: Added support for encrypt-then-authenticate in CBC
+ ciphersuites (RFC7366 -taking into account its errata text). This is
+ enabled by default and can be disabled using the %NO_ETM priority
+ string.
+ * * libgnutls: Added support for the extended master secret
+ (triple-handshake fix) following draft-ietf-tls-session-hash-02.
+ * * libgnutls: Added a new simple and hard to misuse AEAD API (crypto.h).
+ * * libgnutls: SSL 3.0 is no longer included in the default priorities
+ list. It has to be explicitly enabled, e.g., with a string like
+ "NORMAL:+VERS-SSL3.0".
+ * * libgnutls: ARCFOUR (RC4) is no longer included in the default priorities
+ list. It has to be explicitly enabled, e.g., with a string like
+ "NORMAL:+ARCFOUR-128".
+ * * libgnutls: DSA signatures and DHE-DSS are no longer included in the
+ default priorities list. They have to be explicitly enabled, e.g., with
+ a string like "NORMAL:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1". The
+ DSA ciphersuites were dropped because they had no deployment at all
+ on the internet, to justify their inclusion.
+ * * libgnutls: The priority string EXPORT was completely removed. The string
+ was already defunc as support for the EXPORT ciphersuites was removed in
+ GnuTLS 3.2.0.
+ * * libgnutls: Added API to utilize system specific private keys in
+ "gnutls/system-keys.h". It is currently provided as technology preview
+ and is restricted to windows CNG keys.
+ * * libgnutls: gnutls_x509_crt_check_hostname() and friends will use
+ RFC6125 comparison of hostnames. That introduces a dependency on libidn.
+ * * libgnutls: Depend on p11-kit 0.23.1 to comply with the final
+ PKCS #11 URLs draft (draft-pechanec-pkcs11uri-21).
+ * * libgnutls: Depend on nettle 3.1.
+ * * libgnutls: Use getrandom() or getentropy() when available. That
+ avoids the complexity of file descriptor handling and issues with
+ applications closing all open file descriptors on startup.
+ * * libgnutls: Use pthread_atfork() to detect fork when available.
+ * * libgnutls: The gnutls_handshake() process will enforce a timeout by
+ default.
+ * * libgnutls: If a key purpose (extended key usage) is specified for verification,
+ it is applied into intermediate certificates. The verification result
+ GNUTLS_CERT_PURPOSE_MISMATCH is also introduced.
+ * * libgnutls: When gnutls_certificate_set_x509_key_file2() is used in
+ combination with PKCS #11, or TPM URLs, it will utilize the provided
+ password as PIN if required. That removes the requirement for the
+ application to set a callback for PINs in that case.
+ * * libgnutls: priority strings VERS-TLS-ALL and VERS-DTLS-ALL are
+ restricted to the corresponding protocols only, and the VERS-ALL
+ string is introduced to catch all possible protocols.
+ * * libgnutls: Added helper functions to obtain information on PKCS #8
+ structures.
+ * * libgnutls: Certificate chains which are provided to gnutls_certificate_credentials_t
+ will automatically be sorted instead of failing with GNUTLS_E_CERTIFICATE_LIST_UNSORTED.
+ * * libgnutls: Added functions to export and set the record state. That
+ allows for gnutls_record_send() and recv() to be offloaded (to kernel,
+ hardware or any other subsystem).
+ * * libgnutls: Added the ability to register application specific URL
+ types, which express certificates and keys using gnutls_register_custom_url().
+ * * libgnutls: Added API to override existing ciphers, digests and MACs, e.g.,
+ to override AES-GCM using a system-specific accelerator. That is, (crypto.h)
+ gnutls_crypto_register_cipher(), gnutls_crypto_register_aead_cipher(),
+ gnutls_crypto_register_mac(), and gnutls_crypto_register_digest().
+ * * libgnutls: Added gnutls_ext_register() to register custom extensions.
+ Contributed by Thierry Quemerais.
+ * * libgnutls: Added gnutls_supplemental_register() to register custom
+ supplemental data handshake messages. Contributed by Thierry Quemerais.
+ * * libgnutls-openssl: it is no longer built by default.
+ * * certtool: Added --p8-info option, which will print PKCS #8 information
+ even if the password is not available.
+ * * certtool: --key-info option will print PKCS #8 encryption information
+ when available.
+ * * certtool: Added the --key-id and --fingerprint options.
+ * * certtool: Added the --verify-hostname, --verify-email and --verify-purpose
+ options to be used in certificate chain verification, to simulate verification
+ for specific hostname and key purpose (extended key usage).
+ * * certtool: --p12-info option will print PKCS #12 MAC and cipher information
+ when available.
+ * * certtool: it will print the A-label (ACE) names in addition to UTF-8.
+ * * p11tool: added options --set-id and --set-label.
+ * * gnutls-cli: added options --priority-list and --save-cert.
+ * * guile: Deprecated priority API has been removed. The old priority API,
+ which had been deprecated for some time, is now gone; use 'set-session-priorities!'
+ instead.
+ * * guile: Remove RSA parameters and related procedures. This API had been
+ deprecated.
+ * * guile: Fix compilation on MinGW. Previously only the static version of the
+ 'guile-gnutls-v-2' library would be built, preventing dynamic loading from Guile.
+
+- updated to 3.3.13 (released 2015-03-30)
+ * * libgnutls: When retrieving OCTET STRINGS from PKCS #12 ContentInfo
+ structures use BER to decode them (requires libtasn1 4.3). That allows
+ to decode some more complex structures.
+ * * libgnutls: When an end-certificate with no name is present and there
+ are CA name constraints, don't reject the certificate. This follows RFC5280
+ advice closely. Reported by Fotis Loukos.
+ * * libgnutls: Fixed handling of supplemental data with types > 255.
+ Patch by Thierry Quemerais.
+ * * libgnutls: Fixed double free in the parsing of CRL distribution points certificate
+ extension. Reported by Robert Święcki.
+ * * libgnutls: Fixed a two-byte stack overflow in DTLS 0.9 protocol. That
+ protocol is not enabled by default (used by openconnect VPN).
+ * * libgnutls: The maximum user data send size is set to be the same for
+ block and non-block ciphersuites. This addresses a regression with wine:
+ https://bugs.winehq.org/show_bug.cgi?id=37500
+ * * libgnutls: When generating PKCS #11 keys, set CKA_ID, CKA_SIGN,
+ and CKA_DECRYPT when needed.
+ * * libgnutls: Allow names with zero size to be set using
+ gnutls_server_name_set(). That will disable the Server Name Indication.
+ Resolves issue with wine: https://gitlab.com/gnutls/gnutls/issues/2
+- new main library major version .so.30
+- requires new libnettle >= 3.1, p11-kit-devel >= 0.23.1
+- Now need to configure --enable-openssl-compatibility (might go away)
+- added gnutls-fix-double-mans.patch: avoid double installing manpages
+- dropped gnutls-3.0.26-skip-test-fwrite.patch: does not seem to be needed
+ anymore
+- install_info_delete moved from %postun to %preun
+
+- for DANE support, use bcond_with
+- for tpm support, same
+- note p11-kit >= 0.20.7 requirement
+- note libtasn1 3.9 requirement (built-in lib used otherwise)
+
+- disable trousers and unbound again for now, as it causes too long
+ build cycles.
+
+- added unbound-devel (for DANE) and trousers-devel (for TPM support)
+- removed now upstreamed gnutls-implement-trust-store-dir-3.2.8.diff
+- libgnutls-dane0 new library added
+- updated to 3.3.13 (released 2015-02-25)
+ * * libgnutls: Enable AESNI in GCM on x86
+ * * libgnutls: Fixes in DTLS message handling
+ * * libgnutls: Check certificate algorithm consistency, i.e.,
+ check whether the signatureAlgorithm field matches the signature
+ field inside TBSCertificate.
+ * * gnutls-cli: Fixes in OCSP verification.
+- Version 3.3.12 (released 2015-01-17)
+ * * libgnutls: When negotiating TLS use the lowest enabled version in
+ the client hello, rather than the lowest supported. In addition, do
+ not use SSL 3.0 as a version in the TLS record layer, unless SSL 3.0
+ is the only protocol supported. That addresses issues with servers that
+ immediately drop the connection when the encounter SSL 3.0 as the record
+ version number. See:
+ http://lists.gnutls.org/pipermail/gnutls-help/2014-November/003673.html
+ * * libgnutls: Corrected encoding and decoding of ANSI X9.62 parameters.
+ * * libgnutls: Handle zero length plaintext for VIA PadLock functions.
+ This solves a potential crash on AES encryption for small size plaintext.
+ Patch by Matthias-Christian Ott.
+ * * libgnutls: In DTLS don't combine multiple packets which exceed MTU.
+ Reported by Andreas Schultz. https://savannah.gnu.org/support/?108715
+ * * libgnutls: In DTLS decode all handshake packets present in a record
+ packet, in a single pass. Reported by Andreas Schultz.
+ https://savannah.gnu.org/support/?108712
+ * * libgnutls: When importing a CA file with a PKCS #11 URL, simply
+ import the certificates, if the URL specifies objects, rather than
+ treating it as trust module.
+ * * libgnutls: When importing a PKCS #11 URL and we know the type of
+ object we are importing, don't require the object type in the URL.
+ * * libgnutls: fixed openpgp authentication when gnutls_certificate_set_retrieve_function2
+ was used by the server.
+ * * certtool: --pubkey-info will also attempt to load a public key from stdin.
+ * * gnutls-cli: Added --starttls-proto option. That allows to specify a
+ protocol for starttls negotiation.
+- Version 3.3.11 (released 2014-12-11)
+ * * libgnutls: Corrected regression introduced in 3.3.9 related to
+ session renegotiation. Reported by Dan Winship.
+ * * libgnutls: Corrected parsing issue with OCSP responses.
+- Version 3.3.10 (released 2014-11-10)
+ * * libgnutls: Refuse to import v1 or v2 certificates that contain
+ extensions.
+ * * libgnutls: Fixes in usage of PKCS #11 token callback
+ * * libgnutls: Fixed bug in gnutls_x509_trust_list_get_issuer() when used
+ with a PKCS #11 trust module and without the GNUTLS_TL_GET_COPY flag.
+ Reported by David Woodhouse.
+ * * libgnutls: Removed superfluous random generator refresh on every call
+ of gnutls_deinit(). That reduces load and usage of /dev/urandom.
+ * * libgnutls: Corrected issue in export of ECC parameters to X9.63 format.
+ Reported by Sean Burford [GNUTLS-SA-2014-5].
+ * * libgnutls: When gnutls_global_init() is called for a second time, it
+ will check whether the /dev/urandom fd kept is still open and matches
+ the original one. That behavior works around issues with servers that
+ close all file descriptors.
+ * * libgnutls: Corrected behavior with PKCS #11 objects that are marked
+ as CKA_ALWAYS_AUTHENTICATE.
+ * * certtool: The default cipher for PKCS #12 structures is 3des-pkcs12.
+ That option is more compatible than AES or RC4.
+- Version 3.3.9 (released 2014-10-13)
+ * * libgnutls: Fixes in the transparent import of PKCS #11 certificates.
+ Reported by Joseph Peruski.
+ * * libgnutls: Fixed issue with unexpected non-fatal errors resetting the
+ handshake's hash buffer, in applications using the heartbeat extension
+ or DTLS. Reported by Joeri de Ruiter.
+ * * libgnutls: When both a trust module and additional CAs are present
+ account the latter as well; reported by David Woodhouse.
+ * * libgnutls: added GNUTLS_TL_GET_COPY flag for
+ gnutls_x509_trust_list_get_issuer(). That allows the function to be used
+ in a thread safe way when PKCS #11 trust modules are in use.
+ * * libgnutls: fix issue in DTLS retransmission when session tickets
+ were in use; reported by Manuel Pégourié-Gonnard.
+ * * libgnutls-dane: Do not require the CA on a ca match to be direct CA.
+ * * libgnutls: Prevent abort() in library if getrusage() fails. Try to
+ detect instead which of RUSAGE_THREAD and RUSAGE_SELF would work.
+ * * guile: new 'set-session-server-name!' procedure; see the manual for
+ details.
+ * * certtool: The authority key identifier will be set in a certificate only
+ if the CA's subject key identifier is set.
+- Version 3.3.8 (released 2014-09-18)
+ * * libgnutls: Updates in the name constraints checks. No name constraints
+ will be checked for intermediate certificates. As our support for name
+ constraints is limited to e-mail addresses in DNS names, it is pointless
+ to check them on intermediate certificates.
+ * * libgnutls: Fixed issues in PKCS #11 object listing. Previously multiple
+ object listing would fail completely if a single object could not be exported.
+ * * libgnutls: Improved the performance of PKCS #11 object listing/retrieving,
+ by retrieving them in large batches. Report and suggestion by David
+ Woodhouse.
+ * * libgnutls: Fixed issue with certificates being sanitized by gnutls prior
+ to signature verification. That resulted to certain non-DER compliant modifications
+ of valid certificates, being corrected by libtasn1's parser and restructured as
+ the original. Issue found and reported by Antti Karjalainen and Matti Kamunen from
+ Codenomicon.
+ * * libgnutls: Fixes in gnutls_x509_crt_set_dn() and friends to properly handle
+ strings with embedded spaces and escaped commas.
+ * * libgnutls: when comparing a CA certificate with the trusted list compare
+ the name and key only instead of the whole certificate. That is to handle
+ cases where a CA certificate was superceded by a different one with the same
+ name and the same key.
+ * * libgnutls: when verifying a certificate against a p11-kit trusted
+ module, use the attached extensions in the module to override the CA's
+ extensions (that requires p11-kit 0.20.7).
+ * * libgnutls: In DTLS prevent sending zero-size fragments in certain cases
+ of MTU split. Reported by Manuel Pégourié-Gonnard.
+ * * libgnutls: Added gnutls_x509_trust_list_verify_crt2() which allows
+ verifying using a hostname and a purpose (extended key usage). That
+ enhances PKCS #11 trust module verification, as it can now check the purpose
+ when this function is used.
+ * * libgnutls: Corrected gnutls_x509_crl_verify() which would always report
+ a CRL signature as invalid. Reported by Armin Burgmeier.
+ * * libgnutls: added option --disable-padlock to allow disabling the padlock
+ CPU acceleration.
+ * * p11tool: when listing tokens, list their type as well.
+ * * p11tool: when listing objects from a trust module print any attached
+ extensions on certificates.
+- Version 3.3.7 (released 2014-08-24)
+ * * libgnutls: Added function to export the public key of a PKCS #11
+ private key. Contributed by Wolfgang Meyer zu Bergsten.
+ * * libgnutls: Explicitly set the exponent in PKCS #11 key generation.
+ That improves compatibility with certain PKCS #11 modules. Contributed by
+ Wolfgang Meyer zu Bergsten.
+ * * libgnutls: When generating a PKCS #11 private key allow setting
+ the WRAP/UNWRAP flags. Contributed by Wolfgang Meyer zu Bergsten.
+ * * libgnutls: gnutls_pkcs11_privkey_t will always hold an open session
+ to the key.
+ * * libgnutls: bundle replacements of inet_pton and inet_aton if not
+ available.
+ * * libgnutls: initialize parameters variable on PKCS #8 decryption.
+ * * libgnutls: gnutls_pkcs12_verify_mac() will not fail in other than SHA1
+ algorithms.
+ * * libgnutls: gnutls_x509_crt_check_hostname() will follow the RFC6125
+ requirement of checking the Common Name (CN) part of DN only if there is
+ a single CN present in the certificate.
+ * * libgnutls: The environment variable GNUTLS_FORCE_FIPS_MODE can be used
+ to force the FIPS mode, when set to 1.
+ * * libgnutls: In DTLS ignore only errors that relate to unexpected packets
+ and decryption failures.
+ * * p11tool: Added --info parameter.
+ * * certtool: Added --mark-wrap parameter.
+ * * danetool: --check will attempt to retrieve the server's certificate
+ chain and verify against it.
+ * * danetool/gnutls-cli-debug: Added --app-proto parameters which can
+ be used to enforce starttls (currently only SMTP and IMAP) on the connection.
+ * * danetool: Added openssl linking exception, to allow linking
+ with libunbound.
+- Version 3.3.6 (released 2014-07-23)
+ * * libgnutls: Use inet_ntop to print IP addresses when available
+ * * libgnutls: gnutls_x509_crt_check_hostname and friends will also check
+ IP addresses, and match documented behavior. Reported by David Woodhouse.
+ * * libgnutls: DSA key generation in FIPS140-2 mode doesn't allow 1024
+ bit parameters.
+ * * libgnutls: fixed issue in gnutls_pkcs11_reinit() which prevented tokens
+ being usable after a reinitialization.
+ * * libgnutls: fixed PKCS #11 private key operations after a fork.
+ * * libgnutls: fixed PKCS #11 ECDSA key generation.
+ * * libgnutls: The GNUTLS_CPUID_OVERRIDE environment variable can be used to
+ explicitly enable/disable the use of certain CPU capabilities. Note that CPU
+ detection cannot be overriden, i.e., VIA options cannot be enabled on an Intel
+ CPU. The currently available options are:
+ 0x1: Disable all run-time detected optimizations
+ 0x2: Enable AES-NI
+ 0x4: Enable SSSE3
+ 0x8: Enable PCLMUL
+ 0x100000: Enable VIA padlock
+ 0x200000: Enable VIA PHE
+ 0x400000: Enable VIA PHE SHA512
+ * * libdane: added dane_query_to_raw_tlsa(); patch by Simon Arlott.
+ * * p11tool: use GNUTLS_SO_PIN to read the security officer's PIN if set.
+ * * p11tool: ask for label when one isn't provided.
+ * * p11tool: added --batch parameter to disable any interactivity.
+ * * p11tool: will not implicitly enable so-login for certain types of
+ objects. That avoids issues with tokens that require different login
+ types.
+ * * certtool/p11tool: Added the --curve parameter which allows to explicitly
+ specify the curve to use.
+- Version 3.3.5 (released 2014-06-26)
+ * * libgnutls: Added gnutls_record_recv_packet() and gnutls_packet_deinit().
+ These functions provide a variant of gnutls_record_recv() that avoids
+ the final memcpy of data.
+ * * libgnutls: gnutls_x509_crl_iter_crt_serial() was added as a
+ faster variant of gnutls_x509_crl_get_crt_serial() when coping with
+ very large structures.
+ * * libgnutls: When the decoding of a printable DN element fails, then treat
+ it as unknown and print its hex value rather than failing. That works around
+ an issue in a TURKTRST root certificate which improperly encodes the
+ X520countryName element.
+ * * libgnutls: gnutls_x509_trust_list_add_trust_file() will return the number
+ of certificates present in a PKCS #11 token when loading it.
+ * * libgnutls: Allow the post client hello callback to put the handshake on
+ hold, by returning GNUTLS_E_AGAIN or GNUTLS_E_INTERRUPTED.
+ * * certtool: option --to-p12 will now consider --load-ca-certificate
+ * * certtol: Added option to specify the PKCS #12 friendly name on command line.
+ * * p11tool: Allow marking a certificate copied to a token as a CA.
+- Version 3.3.4 (released 2014-05-31)
+ * * libgnutls: Updated Andy Polyakov's assembly code. That prevents a
+ crash on certain CPUs.
+- Version 3.3.3 (released 2014-05-30)
+ * * libgnutls: Eliminated memory corruption issue in Server Hello parsing.
+ Issue reported by Joonas Kuorilehto of Codenomicon.
+ * * libgnutls: gnutls_global_set_mutex() was modified to operate with the
+ new initialization process.
+ * * libgnutls: Increased the maximum certificate size buffer
+ in the PKCS #11 subsystem.
+ * * libgnutls: Check the return code of getpwuid_r() instead of relying
+ on the result value. That avoids issue in certain systems, when using
+ tofu authentication and the home path cannot be determined. Issue reported
+ by Viktor Dukhovni.
+ * * libgnutls-dane: Improved dane_verify_session_crt(), which now attempts to
+ create a full chain. This addresses points from https://savannah.gnu.org/support/index.php?108552
+ * * gnutls-cli: --dane will only check the end certificate if PKIX validation
+ has been disabled.
+ * * gnutls-cli: --benchmark-soft-ciphers has been removed. That option cannot
+ be emulated with the implicit initialization of gnutls.
+ * * certtool: Allow multiple organizations and organizational unit names to
+ be specified in a template.
+ * * certtool: Warn when invalid configuration options are set to a template.
+ * * ocsptool: Include path in ocsp request. This resolves #108582
+ (https://savannah.gnu.org/support/?108582), reported by Matt McCutchen.
+- Version 3.3.2 (released 2014-05-06)
+ * * libgnutls: Added the 'very weak' certificate verification profile
+ that corresponds to 64-bit security level.
+ * * libgnutls: Corrected file descriptor leak on random generator
+ initialization.
+ * * libgnutls: Corrected file descriptor leak on PSK password file
+ reading. Issue identified using the Codenomicon TLS test suite.
+ * * libgnutls: Avoid deinitialization if initialization has failed.
+ * * libgnutls: null-terminate othername alternative names.
+ * * libgnutls: gnutls_x509_trust_list_get_issuer() will operate correctly
+ on a PKCS #11 trust list.
+ * * libgnutls: Several small bug fixes identified using valgrind and
+ the Codenomicon TLS test suite.
+ * * libgnutls-dane: Accept a certificate using DANE if there is at least one
+ entry that matches the certificate. Patch by simon [at] arlott.org.
+ * * libgnutls-guile: Fixed compilation issue.
+ * * certtool: Allow exporting a CRL on DER format.
+ * * certtool: The ECDSA keys generated by default use the SECP256R1 curve
+ which is supported more widely than the previously used SECP224R1.
+- Version 3.3.1 (released 2014-04-19)
+ * * libgnutls: Enforce more strict checks to heartbeat messages
+ concerning padding and payload. Suggested by Peter Dettman.
+ * * libgnutls: Allow decoding PKCS #8 files with ECC parameters
+ from openssl.
+ * * libgnutls: Several small bug fixes found by coverity.
+ * * libgnutls: The conditionally available self-test functions
+ were moved to self-test.h.
+ * * libgnutls: Fixed issue with the check of incoming data when two
+ different recv and send pointers have been specified. Reported and
+ investigated by JMRecio.
+ * * libgnutls: Fixed issue in the RSA-PSK key exchange, which would
+ result to illegal memory access if a server hint was provided. Reported
+ by André Klitzing.
+ * * libgnutls: Fixed client memory leak in the PSK key exchange, if a
+ server hint was provided.
+ * * libgnutls: Corrected the *get_*_othername_oid() functions.
+- Version 3.3.0 (released 2014-04-10)
+ * * libgnutls: The initialization of the library was moved to a
+ constructor. That is, gnutls_global_init() is no longer required
+ unless linking with a static library or a system that does not
+ support library constructors.
+ * * libgnutls: static libraries are not built by default.
+ * * libgnutls: PKCS #11 initialization is delayed to first usage.
+ That avoids long delays in gnutls initialization due to broken PKCS #11
+ modules.
+ * * libgnutls: The PKCS #11 subsystem is re-initialized "automatically"
+ on the first PKCS #11 API call after a fork.
+ * * libgnutls: certificate verification profiles were introduced
+ that can be specified as flags to verification functions. They
+ are enumerations in gnutls_certificate_verification_profiles_t
+ and can be converted to flags for use in a verification function
+ using GNUTLS_PROFILE_TO_VFLAGS().
+ * * libgnutls: Added the ability to read system-specific initial
+ keywords, if they are prefixed with '@'. That allows a compile-time
+ specified configuration file to be used to read pre-configured priority
+ strings from. That can be used to impose system specific policies.
+ * * libgnutls: Increased the default security level of priority
+ strings (NORMAL and PFS strings require at minimum a 1008 DH prime),
+ and set a verification profile by default. The LEGACY keyword is
+ introduced to set the old defaults.
+ * * libgnutls: Added support for the name constraints PKIX extension.
+ Currently only DNS names and e-mails are supported (no URIs, IPs
+ or DNs).
+ * * libgnutls: Security parameter SEC_PARAM_NORMAL was renamed to
+ SEC_PARAM_MEDIUM to avoid confusion with the priority string NORMAL.
+ * * libgnutls: Added new API in x509-ext.h to handle X.509 extensions.
+ This API handles the X.509 extensions in isolation, allowing to parse
+ similarly formatted extensions stored in other structures.
+ * * libgnutls: When generating DSA keys the macro GNUTLS_SUBGROUP_TO_BITS
+ can be used to specify a particular subgroup as the number of bits in
+ gnutls_privkey_generate; e.g., GNUTLS_SUBGROUP_TO_BITS(2048, 256).
+ * * libgnutls: DH parameter generation is now delegated to nettle.
+ That unfortunately has the side-effect that DH parameters longer than
+ 3072 bits, cannot be generated (not without a nettle update).
+ * * libgnutls: Separated nonce RNG from the main RNG. The nonce
+ random number generator is based on salsa20/12.
+ * * libgnutls: The buffer alignment provided to crypto backend is
+ enforced to be 16-byte aligned, when compiled with cryptodev
+ support. That allows certain cryptodev drivers to operate more
+ efficiently.
+ * * libgnutls: Return error when a public/private key pair that doesn't
+ match is set into a credentials structure.
+ * * libgnutls: Depend on p11-kit 0.20.0 or later.
+ * * libgnutls: The new padding (%NEW_PADDING) experimental TLS extension has
+ been removed. It was not approved by IETF.
+ * * libgnutls: The experimental xssl library is removed from the gnutls
+ distribution.
+ * * libgnutls: Reduced the number of gnulib modules used in the main library.
+ * * libgnutls: Added priority string %DISABLE_WILDCARDS.
+ * * libgnutls: Added the more extensible verification function
+ gnutls_certificate_verify_peers(), that allows checking, in addition
+ to a peer's DNS hostname, for the key purpose of the end certificate
+ (via PKIX extended key usage).
+ * * certtool: Timestamps for serial numbers were increased to 8 bytes,
+ and in batch mode to 12 (appended with 4 random bytes).
+ * * certtool: When no CRL number is provided (or value set to -1), then
+ a time-based number will be used, similarly to the serial generation
+ number in certificates.
+ * * certtool: Print the SHA256 fingerprint of a certificate in addition
+ to SHA1.
+ * * libgnutls: Added --enable-fips140-mode configuration option (unsupported).
+ That option enables (when running on FIPS140-enabled system):
+ o RSA, DSA and DH key generation as in FIPS-186-4 (using provable primes)
+ o The DRBG-CTR-AES256 deterministic random generator from SP800-90A.
+ o Self-tests on initialization on ciphers/MACs, public key algorithms
+ and the random generator.
+ o HMAC-SHA256 verification of the library on load.
+ o MD5 is included for TLS purposes but cannot be used by the high level
+ hashing functions.
+ o All ciphers except AES are disabled.
+ o All MACs and hashes except GCM and SHA are disabled (e.g., HMAC-MD5).
+ o All keys (temporal and long term) are zeroized after use.
+ o Security levels are adjusted to the FIPS140-2 recommendations (rather
+ than ECRYPT).
+
+- build with PIE for commandline tools
+
+- Updated to 3.2.21 (released 2014-12-11)
+ - libgnutls: Corrected regression introduced in 3.2.19 related to
+ session renegotiation. Reported by Dan Winship.
+ - libgnutls: Corrected parsing issue with OCSP responses.
+
+- Updated to 3.2.20 (released 2014-11-10)
+ * * libgnutls: Removed superfluous random generator refresh on every
+ call of gnutls_deinit(). That reduces load and usage of /dev/urandom.
+ * * libgnutls: Corrected issue in export of ECC parameters to X9.63
+ format. Reported by Sean Burford [GNUTLS-SA-2014-5].
+ (CVE-2014-8564 bnc#904603)
+- Updated to 3.2.19 (released 2014-10-13)
+ * * libgnutls: Fixes in the transparent import of PKCS #11 certificates.
+ Reported by Joseph Peruski.
+ * * libgnutls: Fixed issue with unexpected non-fatal errors resetting the
+ handshake's hash buffer, in applications using the heartbeat extension
+ or DTLS. Reported by Joeri de Ruiter.
+ * * libgnutls: fix issue in DTLS retransmission when session tickets were
+ in use; reported by Manuel Pégourié-Gonnard.
+ * * libgnutls: Prevent abort() in library if getrusage() fails. Try to
+ detect instead which of RUSAGE_THREAD and RUSAGE_SELF would work.
+ * * guile: new 'set-session-server-name!' procedure; see the manual
+ for details.
+
grub2
+- NVMeoFC support on grub (jsc#PED-996)
+ * 0001-ieee1275-add-support-for-NVMeoFC.patch
+ * 0002-ieee1275-ofpath-enable-NVMeoF-logical-device-transla.patch
+ * 0003-ieee1275-change-the-logic-of-ieee1275_get_devargs.patch
+ * 0004-ofpath-controller-name-update.patch
+- TDX: Enhance grub2 measurement to TD RTMR (jsc#PED-1265)
+ * 0001-commands-efi-tpm-Refine-the-status-of-log-event.patch
+ * 0002-commands-efi-tpm-Use-grub_strcpy-instead-of-grub_mem.patch
+ * 0003-efi-tpm-Add-EFI_CC_MEASUREMENT_PROTOCOL-support.patch
+- Measure the kernel on POWER10 and extend TPM PCRs (PED-1990)
+ * 0001-ibmvtpm-Add-support-for-trusted-boot-using-a-vTPM-2..patch
+ * 0002-ieee1275-implement-vec5-for-cas-negotiation.patch
+
+- Include loopback into signed grub2 image (jsc#PED-2150)
+
+- Add patches for automatic TPM disk unlock (jsc#SLE-24018) (bsc#1196668) (jsc#PED-1276)
+ * 0001-luks2-Add-debug-message-to-align-with-luks-and-geli-.patch
+ * 0002-cryptodisk-Refactor-to-discard-have_it-global.patch
+ * 0003-cryptodisk-Return-failure-in-cryptomount-when-no-cry.patch
+ * 0004-cryptodisk-Improve-error-messaging-in-cryptomount-in.patch
+ * 0005-cryptodisk-Improve-cryptomount-u-error-message.patch
+ * 0006-cryptodisk-Add-infrastructure-to-pass-data-from-cryp.patch
+ * 0007-cryptodisk-Refactor-password-input-out-of-crypto-dev.patch
+ * 0008-cryptodisk-Move-global-variables-into-grub_cryptomou.patch
+ * 0009-cryptodisk-Improve-handling-of-partition-name-in-cry.patch
+ * 0010-protectors-Add-key-protectors-framework.patch
+ * 0011-tpm2-Add-TPM-Software-Stack-TSS.patch
+ * 0012-protectors-Add-TPM2-Key-Protector.patch
+ * 0013-cryptodisk-Support-key-protectors.patch
+ * 0014-util-grub-protect-Add-new-tool.patch
+- Fix no disk unlocking happen (bsc#1196668)
+ * 0001-crytodisk-fix-cryptodisk-module-looking-up.patch
+- Fix build error
+ * fix-tpm2-build.patch
+
+- Fix installation failure due to unavailable nvram device on
+ ppc64le (bsc#1201361)
+ * 0001-grub-install-set-point-of-no-return-for-powerpc-ieee1275.patch
+
inxi
+- Updated to version 3.3.21:
+ * /usr/share/doc/packages/inxi/inxi.changelog.
+
+- update to 3.3.20:
+ 1a. More or less completed verification of AMD cpu microarch/built/process, and
+ added more accurate fallback cases for stray model IDs.
+ 1b. Extended Intel cpu data a bit more as well. Thanks linuxdaddy from slackware
+ for the research help there.
+ 2. Tentative support for finit init system (fast init). Runs in /proc/1/comm,
+ uses initctl, which may have been revived from its upstart days, not sure. Added
+ potential support for nosh, linux only, don't know how to detect other bsd init
+ system.
+ 3. Added amd/intel gpu product IDs.
+ 4. Added shortcut --filter-all/--za, activates all filters: -z, --zl, --zu,
+ - -zv. Why not?
+ 5. Added support for dm types kdmctl and xdmctl, opensuse and maybe redhat use
+ the latter to start the actual dm running the desktop/wm. You want to see that
+ because you need to do systemctl restart xdm to restart the actual dm. Thanks
+ mrmazda for pointing out this one.
+ 6. Added AlmaLinux, RockyLinux, CentosStream to system base (RHEL derived).
+ 7. Basic Raptor Lake gpu/apu support added, with patterns to detect since few
+ product ids yet. Same applies to Arctic and Alchemist, which still have no
+ product IDs.
+ 8. More disk vendors and disk vendor ids, never stops - the waters flow on, the
+ rain falls, then the sun comes out. Until one day it doesn't.
+ * /usr/share/doc/packages/inxi/inxi.changelog.
+
irqbalance
+- run tests
+- add Avoid-double-free-on-deinit_thermal.patch (bsc#1204607)
+
+- add uninitialized.patch (bsc#1204371)
+- build with thermald support on x86_64 (jsc#PED-1039)
+
+- update to 1.9.1:
+ * get irq->module relationship from /sys/bus/pci/*/driver
+ * ensure --banmod is respected
+ * check whether savedptr is NULL before invoking strlen
+ * add meson
+ * support thermal events
+ * fix irqbalance never exits
+ * irqbalance-ui: able to scroll and show coulist and irqs' name
+- drop proc-interrupts.patch (upstream)
+ D proc-interrupts.patch
+
+- Update to version 1.9.0:
+ * correct wait time in oneshot mode
+ * Document updates
+ * disable irqbalance when we only have a single cpu/cache domain
+ * fix UI to fetch full messages from UNIX socket
+ * avoid some buffer overflows
+ * fix UI printf style formatting
+ * drop bounding set from irqbalance
+
+- proc-interrupts.patch: parse_proc_interrupts: fix parsing interrupt
+ counts
+
jack
+- Added 0001-Make-jack_control-python2-3-compatible.patch from git
+ to fix boo#1132458.
+
+- Remove unnecessary requires for libjack0 and remove obsolete
+ comments.
+- Use %license on "COPYING"
+
+- Add upstream patch to fix return value check of mmap() (boo#1108981):
+ fix-mmap-return-value-check.patch
+
+- Update the waf code to the 2.0 series in order to work under
+ python3.7 taken from upstream git:
+ * jack-waf2.patch
+
-- Update to release 1.9.10
-- Removed patches jack-wafdocbuild.patch and aarch64.patch as they
- are now in upstream.
-- Upstream changes:
- * Correct JackPortAudioDriver::Open : special case for ASIO drivers.
- * Correct JackEngine::NotifyGraphReorder : graph-order callback now notified after port latencies update.
- * netjack/opus: don't re-init en/decoders.
- * Use string ids in the alsa device list.
- * controlapi: fix double free on master switch.
- * netjack1/netone opus support.
- * netjack1/2 Opus: use only 2bytes for encoded-length.
- * wscript: add header defines and libs for example-clients/netsource.
- * fix duplicate prog.includes.
- * More robust channel mapping handling in JackCoreAudioDriver.
- * Add opus support to NetJack2.
- * jack_control: fix epr command.
- * Update JackCoreAudioDriver and JackCoreAudioAdapter with more recent API.
- * Devin Anderson patch for Jack/CoreMIDI duplicated messages.
- * Fix in ALSA adapter.
- * Fix alsa driver parameter order.
- * Control API: Enforce driver/internal parameter order.
- * Extend jack_control to have parameter reset commands.
- * Align buffers to 32 byte boundaries to allow AVX processing.
- * New jack_get_cycle_times() implementation from Fons Adriennsen.
- * Update waf.
- * [firewire] Introduce UpdateLatencies() in FFADO backend.
- * [firewire] Allow FFADO backend to change the buffer size.
- * Rework JackMessageBuffer.
- * POST_PACKED_STRUCTURE used for jack_latency_range_t type.
- * Remove JACK_32_64 flag, so POST_PACKED_STRUCTURE now always used.
- * Improve libjacknet master mode.
- * In control API, UNIX like sigset_t replaced by more abstract jackctl_sigmask_t * opaque struct.
- * Check server API callback from notification thread.
- * Use a time-out in notification channel write function.
- * Fix lock management in JackEngine.
- * A bit more robust JackMessageBuffer implementation (in progress).
- * Rename JackProcessSync in JackPosixProcessSync.
- * Fix NetJack2 initialisation bug.
- * Improve ShutDown in NetManager.
- * Correct ShutDown in JackInternalClient and JackLibClient.
- * Implement shutdown for in server clients.
- * Better time-out management in NetJack2.
- * More robust server/client protocol.
- * Factorize code the server/client request in JackRequestDecoder class.
- * Cleanup drivers and internals loading code.
- * jackctl_driver_params_parse API moved in public control.h.
- * More general drivers/internals loading model on Windows.
- * Fix library symbols export issue.
- * Adrian Knoth fix in midiseq.c.
-
-- Enable firewire only for 12.1+ due to lack of libffado-devel
-
-- add aarch64.patch
-
-- license update: GPL-2.0+ and LGPL-2.1+
- jack server is licensed under GPL-2.0+
-
-- Added url as source.
- Please see http://en.opensuse.org/SourceUrls
-
-- Update to release 1.9.9.5 for bnc#801442
-- Removed patches: jack-uc_regs.patch, jack-segfault.patch they are
- incorporated.
-- Doxygen build doesn't work created jack-wafdocbuild.patch.
-- Upstream changes :
- * Adrian Knoth fix in midiseq.c.
- * Fix library symbols export issue.
- * Cleanup drivers and internals loading code.
- * jackctl_driver_params_parse API moved in public control.h.
- * Factorize code the server/client request in JackRequestDecoder class.
- * More robust server/client protocol.
- * Better time-out management in NetJack2.
- * Improve ShutDown in NetManager.
- * Correct ShutDown in JackInternalClient and JackLibClient.
- * Fix NetJack2 initialisation bug. Add EndTime function.
- * Rename JackProcessSync in JackPosixProcessSync.
- * A bit more robust JackMessageBuffer implementation.
- * Check server API callback from notification thread.
- * Use a time-out in notification channel write function.
- * Fix lock management in JackEngine.
- * In control API, UNIX like sigset_t replaced by more abstract jackctl_sigmask_t * opaque struct.
- * Improve libjacknet master mode.
- * Remove JACK_32_64 flag, so POST_PACKED_STRUCTURE now always used. POST_PACKED_STRUCTURE used for jack_latency_range_t type.
- * Rework JackMessageBuffer.
- * [firewire] Introduce UpdateLatencies() in FFADO backend.
- * [firewire] Allow FFADO backend to change the buffer size.
- * Update waf.
- * New jack_get_cycle_times() implementation from Fons Adriennsen.
- * Align buffers to 32 byte boundaries to allow AVX processing.
- * Extend jack_control to have parameter reset commands.
- * Fix alsa driver parameter order.
- * Control API: Enforce driver/internal parameter order.
- * Fix in ALSA adapter.
- * Devin Anderson patch for Jack/CoreMIDI duplicated messages.
- * Change framework installation hierarchy for OSX Mountain Lion.
- * Update JackCoreAudioDriver and JackCoreAudioAdapter with more recent API.
- * jack_control: fix epr command.
- * Add opus support to NetJack2.
- * More robust channel mapping handling in JackCoreAudioDriver.
- * netjack1/netone opus support. controlapi: fix double free on master switch.
- * Use string ids in the alsa device list. netjack/opus: don't re-init en/decoders.
- * Correct JackPortAudioDriver::Open : special case for ASIO drivers.
- * waf: configure option for enforcing autostart method
- * ALSA devices reservation fixes.
-
-- fix R_PPC64_ADDR32 fff85e94858 for symbol `' out of range
-- fix jack_connect segfault
-
-- Disable parallel build to limit resource usage and prevent hung
- build hosts.
-
-- Update to version 1.9.8
-- Remade jack-celt-build-fix.diff
-- Upstream changes :
-- Merge newer-midi branch (Devin Anderson redesign of the
- MIDI drivers: alsarawmidi, ffado, coremidi and winmme).
-- Correction in jackdmp.cpp: notify_server_stop should be done
- after server destruction.
-- Correct driver lifetime management.
-- Add XRun detection in PortAudio driver.
-- CELT code for NetJack2.
-- Merge branch switch-master-port-registration-notifications:
- correct driver port registration.
-- Libjacknet in progress.
-- Correct MIDI in NetJack2.
-- Correct OSX real-time thread setup.
-- Correct rd_acquire in dbus code.
-- Correct NetJack2 connection handling.
-- SaveConnections/RestoreConnections in NetDriver and JackAudioDriver.
-- Special version of jack_attach_shm/jack_release_shm on client
- side for POSIX shared memory, to solve a memory leak issue.
-- Another round of code improvements to handle completely
- buggy Digidesign CoreAudio user-land driver.
-- Special CATCH_CLOSE_EXCEPTION_RETURN to handle Close API calls.
-- Add JACK_NETJACK_PORT and JACK_NETJACK_MULTICAST environment
- variables for NetJack2.
-- NetJack2 now only send data on network only is ports are connected
- both sides.
-- Fix for "starting two instances of same app in parallel does not
- work" bug.
-- Enable explicit channel mapping in CoreAudio driver.
-- New JackTimedDriver class to be used by JackDummyDriver,
- JackNetDriver and JackNetOneDriver classes.
-- More robust code in synchronization primitives and JackMessageBuffer.
-- More robust Control API implementation.
-- Add jackctl_driver_get_type in Control API.
-- Singleton behaviour for JackCoreMidiDriver and JackWinMMEDriver.
-- John Emmas patch for DSP CPU computation.
-- John Emmas Windows server launching patch.
-- Fix jack_set_port_name API.
-- Enable local access in NetJack2 code.
-- Dynamic port management in JACK/CoreMidi bridge.
-
-- ppc64 doesn't have uc_regs
-
-- drop jack-CAS.diff patch to fix non ia32/x86_64/ppc build,
- seems to be fixed upstream similar
-
-- Enabled dbus support requested on multimedia list
-- Disabled engine profiling
-
-- Removed malfunctioning services
-
-- Update to version 1.9.7
-- Upstream changes :
- * Sync JackAlsaDriver::alsa_driver_check_card_type with JACK1 backend.
- * Improve backend error handling: fatal error returned by Read/Write
- now cause a Process failure (so a thread exit for blocking backends).
- * Recoverable ones (XRuns..) are now treated internally in ALSA and
- FFADO backends.
- * In jackdmp.cpp, jackctl_setup_signals moved before jackctl_server_start.
- * Correct dummy driver.
- * Adrian Knoth jack_lsp patch.
- * Remove JackPortIsActive flag.
- * New latency API implementation.
- * ComputeTotalLatencies now a client/server call.
- * Add latent test client for latency API.
- * Also print playback and capture latency in jack_lsp.
- * jack_client_has_session_callback implementation.
- * Check requested buffer size and limit to 1..8192 avoids weird
- behaviour caused by jack_bufsize foobar.
- * jack_port_type_get_buffer_size implementation.
- * Stop using alloca and allocate buffer on the heap for alsa_io.
- * Rename jdelay to jack_iodelay as per Fons' request.
- * Call buffer size callback in activate (actually this is done on
- client side in the RT thread Init method).
- * Add jack_midi_dump client. Synchronize net JACK1 with JACK1 version.
- * Synchronize jack_connect/jack_disconnect with JACK1 version.
- * Correct JackNetMaster::SetBufferSize.
- * Use jack_default_audio_sample_t instead of float consistently,
- fix ticket #201. -X now allows to add several slave backends, add -I
- to load several internal clients.
- * Rework internal slave driver management, JackServerGlobals now
- handle same parameters as jackdmp.
- * Correct JackEngine::NotifyGraphReorder, update JackDebugClient
- with latest API.
- * Devin Anderson server-ctl-proposal branch merged on trunk: improved
- control API, slave backend reworked.
- * Implement renaming in JackDriver::Open to avoid name collision.
- * Correct alsa_driver_restart (thanks Devin Anderson).
- * Correction of jack_connect/jack_disconnect: use of jack_activate
- and volatile keyword for thread shared variable.
- * Correction of JackNetOneDriver for latest CELT API.
- * Synchronize JackWeakAPI.cpp with new APIs.
-
-- Added jack-celt-build-fix.diff to fix jack build with celt-0.9.1
-
-- Update to version 1.9.6
-- Upstream changes :
- * Improve JackCoreAudioDriver and JackCoreAudioAdapter : when no
- devices are described, takes default input and output and
- aggregate them.
- * Correct JackGraphManager::DeactivatePort.
- * Correct JackMachServerChannel::Execute : keep running even in
- error cases.
- * Raise JACK_PROTOCOL_VERSION number. Arnold Krille firewire patch.
- * Fix some file header to have library side code use LGPL.
- * ffado-portname-sync.patch from ticket #163 applied.
- * Remove call to exit in library code.
- * Make jack_connect/jack_disconnect wait for effective port
- connection/disconnection.
- * Add tests to validate intclient.h API.
- * On Linux, inter-process synchronization primitive switched to
- POSIX semaphore.
- * In JackCoreAudioDriver, move code called in MeasureCallback to be
- called once in IO thread.
- * David Garcia Garzon netone patch.
- * Fix from Fernando Lopez-Lezcano for compilation on fc13.
- * Fix JackPosixSemaphore::TimedWait : same behavior as
- JackPosixSemaphore::Wait regarding EINTR.
- * David Garcia Garzon unused_pkt_buf_field_jack2 netone patch.
- * Arnold Krille firewire snooping patch.
- * Jan Engelhardt patch for get_cycles on SPARC.
- * Adrian Knoth hurd.patch, kfreebsd-fix.patch and
- alpha_ia64-sigsegv.patch from ticket 177.
- * Adrian Knoth fix for linux cycle.h (ticket 188).
- * In JackCoreAudioDriver, fix an issue when no value is given for
- input.
-
-- Enable ffado firewire support
-
-- Provide missing functions to enable SPARC compilation
-
-- Build fix: make sure $RPM_OPT_FLAGS is in CFLAGS (SPARC _needs_
- its -march=ultrasparc from prjconf to make atomic ops available)
-- Strip remaining CFLAGS since they are the same as in prjconf
-
-- use _smp_mflags instead of -j'percent'{jobs}
-
-- Update to jack-1.9.5 which now has support for distributing audio
- processing across a network.
-- Removed jack-shmat-check-fix.diff.
-
-- remove libfreebob dependency
-
-- minor spec file clean-ups
-
-- update to 0.118.0
-- don't use gcc4 patch and all that autotool stuff before ./configure
-- fixed dependencies (missing versions)
-
-- add baselibs.conf as a source
-
-- fix minor strdup memory leaks (bnc#539096)
-
-- fix requires of devel package (libjack requires libsamplerate now)
-
-- add libsndfile and libsamplerate to buildrequires to support
- netjack driver
-
-- fix mismatching pclose() (bnc#514072)
-
-- updated to version 0.116.2:
- * Stable version update since 0.109.2: quite lots of fixes and
- updates. See
- http://jackaudio.org/node/20
- http://jackaudio.org/node/21
- http://jackaudio.org/node/22
-
jasper
+- security update:
+ * CVE-2022-2963 [bsc#1202642]
+ + jasper-CVE-2022-2963.patch
+
kdump
+- fix broken URL in manpage (bsc#1187312)
+- kdumptool calibrate: modify fadump suggestions (jsc#IBM-1027)
+
kernel-default
+- scsi: qedi: Remove redundant flush_workqueue() calls
+ (jsc#PED-1525).
+- Refresh
+ patches.suse/scsi-iscsi-Fix-session-removal-on-shutdown.patch.
+- commit 57a0d4f
+
+- scsi: qedf: Fix a UAF bug in __qedf_probe() (jsc#PED-1524).
+- scsi: qedf: Fix typo in comment (jsc#PED-1524).
+- scsi: qedf: Remove redundant variable op (jsc#PED-1524).
+- scsi: qedf: Remove an unneeded NULL check on list iterator
+ (jsc#PED-1524).
+- scsi: qedf: Remove unnecessary code (jsc#PED-1524).
+- scsi: qedf: Stop using the SCSI pointer (jsc#PED-1524).
+- scsi: qedf: Change context reset messages to ratelimited
+ (jsc#PED-1524).
+- scsi: qedf: Fix refcount issue when LOGO is received during TMF
+ (jsc#PED-1524).
+- scsi: qedf: Add stag_work to all the vports (jsc#PED-1524).
+- scsi: qedi: Fix SYSFS_FLAG_FW_SEL_BOOT formatting
+ (jsc#PED-1525).
+- scsi: qedi: Remove set but unused 'page' variable
+ (jsc#PED-1525).
+- scsi: qedi: Fix cmd_cleanup_cmpl counter mismatch issue
+ (jsc#PED-1525).
+- commit a20fd84
+
+- Update kabi files. Refresh from Nov 2022 MU - 5.14.21-150400.24.28.1
+- commit a5edbce
+
+- usb: gadget: pxa25x_udc: Constify static struct pxa25x_ep_ops
+ (jsc#PED-1817).
+- commit ecf622b
+
+- usb: gadget: udc: core: Use pr_fmt() to prefix messages
+ (jsc#PED-1817).
+- commit 986d674
+
+- USB: gadget: Rename usb_gadget_probe_driver() (jsc#PED-1817).
+- commit ec7b016
+
+- ALSA: hiface: fix repeated words in comments (git-fixes).
+- commit 1897e56
+
+- ALSA: scarlett2: Add Focusrite Clarett+ 8Pre support
+ (git-fixes).
+- ALSA: scarlett2: Add support for the internal "standalone"
+ switch (git-fixes).
+- ALSA: scarlett2: Split scarlett2_config_items[] into 3 sections
+ (git-fixes).
+- ALSA: usb-audio: scarlett2: Use struct_size() helper in
+ scarlett2_usb() (git-fixes).
+- commit 51a746f
+
+- ALSA: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos
+ (git-fixes).
+- Refresh
+ patches.suse/ALSA-usb-audio-More-comprehensive-mixer-map-for-ASUS.patch.
+- commit aad3dbe
+
+- ALSA: line6: remove line6_set_raw declaration (git-fixes).
+- ALSA: usb-audio: Add quirk to enable Avid Mbox 3 support
+ (git-fixes).
+- ALSA: usb-audio: make read-only array marker static const
+ (git-fixes).
+- ALSA: line6: Replace sprintf() with sysfs_emit() (git-fixes).
+- ALSA: usb/6fire: fix repeated words in comments (git-fixes).
+- ALSA: usb-audio: remove redundant assignment to variable c
+ (git-fixes).
+- commit 7b36d72
+
+- ring-buffer: Check for NULL cpu_buffer in
+ ring_buffer_wake_waiters() (bsc#1204705).
+- commit 2e712ad
+
+- USB / dwc3: Fix three doc-build warnings (jsc#PED-1817).
+- commit 654acff
+
+- usb: dwc3: fix backwards compat with rockchip devices
+ (jsc#PED-1817).
+- commit c7590b2
+
+- usb: dwc3: core: do not use 3.0 clock when operating in 2.0 mode
+ (jsc#PED-1817).
+- Refresh
+ patches.suse/usb-dwc3-core-Enable-GUCTL1-bit-10-for-fixing-termin.patch.
+- commit 02bd07f
+
+- usb: dwc3: imx8mp: rename iomem base pointer (jsc#PED-1817).
+- commit 0504947
+
+- usb: dwc3: drd: Don't check against CONFIG_OF (jsc#PED-1817).
+- commit ce7e9f1
+
+- usb: dwc3: Program GFLADJ (jsc#PEd-1817).
+- commit daeb10e
+
+- usb: dwc3: Calculate REFCLKPER based on reference clock
+ (jsc#PED-1817).
+- commit a22b861
+
+- usb: dwc3: Get clocks individually (jsc#PED-1817).
+- blacklist.conf:
+- commit 3423db7
+
+- usb: dwc3: drd: Add support for usb-conn-gpio based
+ usb-role-switch (jsc#PED-1817).
+- commit 80843c9
+
+- Correct JIRA reference for these patches (jsc#PED-1496).
+ Use implementation, not the Epic:
+- Update
+ patches.suse/scsi-be2iscsi-Switch-to-attribute-groups.patch
+ (jsc#PED-1496).
+- Update patches.suse/scsi-bnx2i-Switch-to-attribute-groups.patch
+ (jsc#PED-1496).
+- Update
+ patches.suse/scsi-iscsi-Fix-harmless-double-shift-bug.patch
+ (jsc#PED-1496).
+- Update patches.suse/scsi-iscsi-Merge-suspend-fields.patch
+ (jsc#PED-1496).
+- Update
+ patches.suse/scsi-iscsi-Remove-iscsi_get_task-back_lock-requirement.patch
+ (jsc#PED-1496).
+- Update
+ patches.suse/scsi-iscsi-Rename-iscsi_conn_queue_work.patch
+ (jsc#PED-1496).
+- Update patches.suse/scsi-iscsi-Stop-using-the-SCSI-pointer.patch
+ (jsc#PED-1496).
+- Update patches.suse/scsi-qedi-Switch-to-attribute-groups.patch
+ (jsc#PED-1496).
+- commit 71bf164
+
+- scsi: core: Fix early registration of sysfs attributes for
+ scsi_device (jsc#PED-1561).
+- commit dfe7dcb
+
+- scsi: core: Remove two host template members that are no longer
+ used (jsc#PED-1561).
+- scsi: usb: Switch to attribute groups (jsc#PED-1561).
+- scsi: staging: unisys: Remove the shost_attrs member
+ (jsc#PED-1561).
+- commit 036b753
+
+- scsi: zfcp: Switch to attribute groups (jsc#PED-1561).
+- scsi: message: fusion: Switch to attribute groups
+ (jsc#PED-1561).
+- scsi: RDMA/srp: Switch to attribute groups (jsc#PED-1561).
+- scsi: firewire: sbp2: Switch to attribute groups (jsc#PED-1561).
+- commit ad14a91
+
+- scsi: ata: Switch to attribute groups (jsc#PED-1561).
+- libata: Introduce ncq_prio_supported sysfs sttribute
+ (jsc#PED-1561).
+- libata: print feature list on device scan (jsc#PED-1561).
+- libata: fix ata_read_log_page() warning (jsc#PED-1561).
+- commit dc4d292
+
+- libata: cleanup NCQ priority handling (jsc#PED-1561).
+- Update
+ patches.suse/libata-Add-ATA_HORKAGE_NO_NCQ_ON_ATI-for-Samsung-860.patch
+ (jsc#PED-1561).
+- commit d313a88
+
+- libata: cleanup ata_dev_configure() (jsc#PED-1561).
+- libata: cleanup device sleep capability detection
+ (jsc#PED-1561).
+- libata: simplify ata_scsi_rbuf_fill() (jsc#PED-1561).
+- commit 01272a8
+
+- scsi: qla2xxx: Switch to attribute groups (jsc#PED-1561).
+- Refresh
+ patches.suse/scsi-qla2xxx-edif-remove-old-doorbell-interface.patch.
+- commit 6464680
+
+- scsi: lpfc: Switch to attribute groups (jsc#PED-1561).
+- Refresh
+ patches.suse/scsi-lpfc-Remove-Menlo-Hornet-related-code.patch.
+- Refresh
+ patches.suse/scsi-lpfc-Remove-SANDiags-related-code.patch.
+- Refresh
+ patches.suse/scsi-lpfc-Remove-failing-soft_wwn-support.patch.
+- Refresh
+ patches.suse/scsi-lpfc-move-scsi_host_template-outside-dynamically.patch.
+- commit 4aeb242
+
+- scsi: snic: Switch to attribute groups (jsc#PED-1561).
+- scsi: smartpqi: Switch to attribute groups (jsc#PED-1561).
+- scsi: qla4xxx: Switch to attribute groups (jsc#PED-1561).
+- scsi: qedf: Switch to attribute groups (jsc#PED-1561).
+- scsi: pm8001: Switch to attribute groups (jsc#PED-1561).
+- scsi: sym53c500_cs: Switch to attribute groups (jsc#PED-1561).
+- scsi: ncr53c8xx: Switch to attribute groups (jsc#PED-1561).
+- scsi: myrs: Switch to attribute groups (jsc#PED-1561).
+- scsi: myrb: Switch to attribute groups (jsc#PED-1561).
+- scsi: mvsas: Switch to attribute groups (jsc#PED-1561).
+- scsi: mpt3sas: Switch to attribute groups (jsc#PED-1561).
+- scsi: megaraid_sas: Switch to attribute groups (jsc#PED-1561).
+- scsi: megaraid_mbox: Switch to attribute groups (jsc#PED-1561).
+- scsi: isci: Switch to attribute groups (jsc#PED-1561).
+- scsi: ipr: Switch to attribute groups (jsc#PED-1561).
+- scsi: ibmvfc: Switch to attribute groups (jsc#PED-1561).
+- scsi: ibmvscsi: Switch to attribute groups (jsc#PED-1561).
+- scsi: hptiop: Switch to attribute groups (jsc#PED-1561).
+- scsi: hpsa: Switch to attribute groups (jsc#PED-1561).
+- scsi: hisi_sas: Switch to attribute groups (jsc#PED-1561).
+- scsi: fnic: Switch to attribute groups (jsc#PED-1561).
+- scsi: cxlflash: Switch to attribute groups (jsc#PED-1561).
+- scsi: csiostor: Switch to attribute groups (jsc#PED-1561).
+- scsi: bnx2fc: Switch to attribute groups (jsc#PED-1561).
+- scsi: bfa: Switch to attribute groups (jsc#PED-1561).
+- scsi: arcmsr: Switch to attribute groups (jsc#PED-1561).
+- scsi: aacraid: Switch to attribute groups (jsc#PED-1561).
+- scsi: 53c700: Switch to attribute groups (jsc#PED-1561).
+- scsi: 3w-xxxx: Switch to attribute groups (jsc#PED-1561).
+- scsi: 3w-sas: Switch to attribute groups (jsc#PED-1561).
+- scsi: 3w-9xxx: Switch to attribute groups (jsc#PED-1561).
+- commit 3ddf4fd
+
+- Update patch references to
+ patches.suse/0001-floppy-disable-FDRAWCMD-by-default.patch
+ (bsc#1200692 CVE-2022-33981).
+- commit 913147c
+
+- usb: dwc3: Drop unneeded calls to platform_get_resource_byname()
+ (jsc#PED-1817).
+- Refresh
+ patches.suse/usb-dwc3-disable-USB-core-PHY-management.patch.
+- commit cb5354a
+
+- usb: gadget: remove unnecessary AND operation when get ep maxp
+ (jsc#PED-1817).
+- commit 528613b
+
+- usb: gadget: udc: core: Introduce check_config to verify USB
+ configuration (jsc#PEd-1817).
+- commit 69ec7cd
+
+- scsi: scsi_transport_fc: Use %u for dev_loss_tmo (bsc#1202914).
+- commit 0d14223
+
+- iommu/vt-d: Do not falsely log intel_iommu is unsupported
+ kernel option (bsc#1204947).
+- commit 440c18c
+
+- wifi: brcmfmac: Fix potential buffer overflow in
+ brcmf_fweh_event_worker() (CVE-2022-3628 bsc#1204868).
+- commit 968feec
+
+- usb: dwc3: gadget: Support Multi-Stream Transfer (jsc#PED-531).
+- commit 0ed805f
+
+- usb: dwc3: gadget: Skip resizing EP's TX FIFO if already resized
+ (jsc#PED-1817).
+- Refresh
+ patches.suse/usb-dwc3-gadget-Wait-for-ep0-xfers-to-complete-durin.patch.
+- commit b389709
+
+- usb: dwc3: reference clock period configuration (jsc#PED-1817).
+- commit 8ce586b
+
+- Drop Dell Dock regression fix patch again (bsc#1204719)
+ It tunred out to be bogus, a different fix is needed
+- commit 2c62bb9
+
+- usb: dwc3: drd: use helper to get role-switch-default-mode
+ (jsc#PED-1817).
+- commit 7f03301
+
+- usb: dwc3: Resize TX FIFOs to meet EP bursting requirements
+ (jsc#PED-1817).
+- Refresh
+ patches.suse/usb-dwc3-core-Fix-tx-rx-threshold-settings.patch.
+- Refresh
+ patches.suse/usb-dwc3-gadget-Avoid-starting-DWC3-gadget-during-UD.patch.
+- Refresh
+ patches.suse/usb-dwc3-gadget-Wait-for-ep0-xfers-to-complete-durin.patch.
+- commit 68d4f6e
+
+- scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
+- commit dc8f2da
+
+- scsi: qla2xxx: Use transport-defined speed mask for
+ supported_speeds (bsc#1204963).
+- scsi: qla2xxx: Fix serialization of DCBX TLV data request
+ (bsc#1204963).
+- commit d6d1732
+
+- Move upstreamed sound patches into sorted section
+- commit a5b0f8c
+
+- ALSA: usb-audio: Fix regression with Dell Dock jack detection
+ (bsc#1204719).
+- commit ec69ec6
+
+- Kbuild: add -Wno-shift-negative-value where -Wextra is used
+ (bsc#1204877).
+- Kbuild: use -Wdeclaration-after-statement (bsc#1204877).
+- Refresh patches.suse/Kbuild-move-to-std-gnu11.patch.
+- Refresh
+ patches.suse/Kbuild-use-std-gnu11-for-KBUILD_USERCFLAGS.patch.
+- commit e76ac45
+
+- scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957).
+- scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for
+ transceiver info (bsc#1204957).
+- scsi: lpfc: Log when congestion management limits are in effect
+ (bsc#1204957).
+- scsi: lpfc: Fix hard lockup when reading the rx_monitor from
+ debugfs (bsc#1204957).
+- scsi: lpfc: Set sli4_param's cmf option to zero when CMF is
+ turned off (bsc#1204957).
+- scsi: lpfc: Fix spelling mistake "unsolicted" -> "unsolicited"
+ (bsc#1204957).
+- scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957).
+- commit f06c1f8
+
+- RDMA/irdma: Remove the unnecessary variable saddr (git-fixes)
+ [#] Conflicts:
+ [#] series.conf
+- commit cc60033
+
+- RDMA/irdma: Use net_type to check network type (git-fixes)
+ [#] Conflicts:
+ [#] series.conf
+- commit cc0ac5a
+
+- Drop verbose nvme logging feature (bsc#1200567)
+ This feature caused regressions by logging all failed NVMe
+ commands. Though not all of them are actually a real
+ error. E.g. libnvme is probing for features and handling fails
+ correctly. Upstream fixed this by disabling this feature and looking
+ into making this an opt-in option.
+- Delete patches.suse/nvme-add-verbose-error-logging.patch.
+- Delete
+ patches.suse/nvme-don-t-print-verbose-errors-for-internal-passthr.patch.
+- commit a82baa8
+
+- RDMA/irdma: Validate udata inlen and outlen (git-fixes)
+- commit c66230c
+
+- RDMA/irdma: Add support for address handle re-use (git-fixes)
+- commit 456aa9c
+
+- RDMA/irdma: Move union irdma_sockaddr to header file (git-fixes)
+- commit 01da806
+
+- selftests/livepatch: better synchronize test_klp_callbacks_busy
+ (bsc#1071995).
+- commit 82010dd
+
+- livepatch: Add a missing newline character in
+ klp_module_coming() (bsc#1071995).
+- commit 82368b9
+
+- RDMA/srp: Support more than 255 rdma ports (git-fixes)
+- commit 6da7233
+
+- RDMA/srp: Handle dev_set_name() failure (git-fixes)
+- commit 2aa5768
+
+- RDMA/srp: Use the attribute group mechanism for sysfs attributes (git-fixes)
+- commit ee393a3
+
+- RDMA/srp: Rework the srp_add_port() error path (git-fixes)
+- commit cf4fa33
+
+- livepatch: fix race between fork and KLP transition
+ (bsc#1071995).
+- commit bc0a77a
+
+- RDMA/srpt: Introduce a reference count in struct srpt_device (git-fixes)
+- commit fecc405
+
+- RDMA/srpt: Fix a use-after-free (git-fixes)
+- commit e0cd3e8
+
+- RDMA/srpt: Duplicate port name members (git-fixes)
+- commit accb2fe
+
+- Input: applespi - avoid efivars API and invoke EFI services
+ directly (jsc#PED-1409).
+- brcmfmac: Switch to appropriate helper to load EFI variable
+ contents (jsc#PED-1409).
+- iwlwifi: Switch to proper EFI variable store interface
+ (jsc#PED-1409).
+- media: atomisp_gmin_platform: stop abusing efivar API
+ (jsc#PED-1409).
+- commit af0a2c9
+
+- Update patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
+ (bsc#1204693).
+- commit 9cde40b
+
+- efi: libstub: check Shim mode using MokSBStateRT (jsc#PED-1409).
+- efi: x86: Wipe setup_data on pure EFI boot (jsc#PED-1409).
+- efi: efibc: Guard against allocation failure (jsc#PED-1409).
+- efi/x86: libstub: remove unused variable (jsc#PED-1409).
+- efi: vars: Move efivar caching layer into efivarfs
+ (jsc#PED-1409).
+- efi: vars: Switch to new wrapper layer (jsc#PED-1409).
+- efi: vars: Remove deprecated 'efivars' sysfs interface
+ (jsc#PED-1409).
+ Update config files.
+ Refresh
+ patches.suse/0006-efi-allow-user-to-regenerate-secret-key.patch.
+- efi: vars: Drop __efivar_entry_iter() helper which is no longer
+ used (jsc#PED-1409).
+- efi: pstore: Omit efivars caching EFI varstore access layer
+ (jsc#PED-1409).
+- pstore: Add priv field to pstore_record for backend specific
+ use (jsc#PED-1409).
+- pstore: Don't use semaphores in always-atomic-context code
+ (jsc#PED-1409).
+- commit db34623
+
+- drivers: fix typo in firmware/efi/memmap.c (jsc#PED-1409).
+- efi: vars: Use locking version to iterate over efivars linked
+ lists (jsc#PED-1409).
+- efi: vars: Add thin wrapper around EFI get/set variable
+ interface (jsc#PED-1409).
+- efi: vars: Don't drop lock in the middle of efivar_init()
+ (jsc#PED-1409).
+- efi: efibc: avoid efivar API for setting variables
+ (jsc#PED-1409).
+- efi: avoid efivars layer when loading SSDTs from variables
+ (jsc#PED-1409).
+- efi: Correct comment on efi_memmap_alloc (jsc#PED-1409).
+- efi: Make code to find mirrored memory ranges generic
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch.
+- commit 8075b46
+
+- blacklist.conf: scripts/gdb: Allow to read printk log buffer on
+ 32-bit systems; hardly needed by anyone
+- commit c5107b2
+
+- printk: wake waiters for safe and NMI contexts (bsc#1204934).
+- commit ccf6fd7
+
+- printk: use atomic updates for klogd work (bsc#1204934).
+- commit 42aa5d7
+
+- printk: add missing memory barrier to wake_up_klogd()
+ (bsc#1204934).
+- commit 91ae0ab
+
+- Revert "workqueue: remove unused cancel_work()" (bsc#1204933).
+- commit a8f292e
+
+- signal: break out of wait loops on kthread_stop() (bsc#1204926).
+- commit 1f81ec4
+
+- net/mlx5e: Properly disable vlan strip on non-UL reps
+ (git-fixes).
+- commit ea8a4bd
+
+- net: ipvtap - add __init/__exit annotations to module init/exit
+ funcs (git-fixes).
+- commit bcfb537
+
+- bonding: 802.3ad: fix no transmission of LACPDUs (git-fixes).
+- commit 0446df6
+
+- net: moxa: get rid of asymmetry in DMA mapping/unmapping
+ (git-fixes).
+- commit 6609905
+
+- net: ipa: don't assume SMEM is page-aligned (git-fixes).
+- commit 41f9dec
+
+- stmmac: intel: Add a missing clk_disable_unprepare() call in
+ intel_eth_pci_remove() (git-fixes).
+- commit bb8b4d3
+
+- Update metadata references
+- commit bdfc8f9
+
+- Refresh
+ patches.suse/drm-bridge-lt8912b-fix-corrupted-image-output.patch.
+ Alt-commit
+- commit f154e04
+
+- Refresh
+ patches.suse/drm-bridge-lt8912b-set-hdmi-or-dvi-mode.patch.
+ Alt-commit
+- commit 54a25a3
+
+- Refresh patches.suse/drm-bridge-lt8912b-add-vsync-hsync.patch.
+ Alt-commit
+- commit 6755cca
+
+- Refresh
+ patches.suse/drm-amdgpu-don-t-register-a-dirty-callback-for-non-a.patch.
+ Alt-commit
+- commit 5548e46
+
+- Refresh
+ patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-SDM660.patch.
+ Alt-commit
+- commit c51fb10
+
+- Refresh
+ patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-msm8996_dsi.patch.
+ Alt-commit
+- commit e910e60
+
+- Refresh
+ patches.suse/drm-msm-dp-delete-DP_RECOVERED_CLOCK_OUT_EN-to-fix-t.patch.
+ Alt-commit
+- commit 8f4fbd6
+
+- Refresh
+ patches.suse/drm-amdgpu-make-sure-to-init-common-IP-before-gmc.patch.
+ Alt-commit
+- commit d839738
+
+- Refresh
+ patches.suse/drm-amdgpu-move-nbio-sdma_doorbell_range-into-sdma-c.patch.
+ Alt-commit
+- commit 4202af7
+
+- Refresh
+ patches.suse/drm-amdgpu-move-nbio-ih_doorbell_range-into-ih-code-.patch.
+ Alt-commit
+- commit 6a84f94
+
+- Refresh
+ patches.suse/drm-simpledrm-Fix-return-type-of-simpledrm_simple_di.patch.
+ Alt-commit
+- commit c6e149e
+
+- Refresh
+ patches.suse/drm-nouveau-fix-another-off-by-one-in-nvbios_addr.patch.
+ Alt-commit
+- commit 7c051d6
+
+- Refresh
+ patches.suse/drm-amd-display-Only-use-depth-36-bpp-linebuffers-on.patch.
+ Alt-commit
+- commit e1c296d
+
+- Refresh
+ patches.suse/Revert-drm-amdgpu-display-set-vblank_disable_immedia.patch.
+ Alt-commit
+- commit 1bf4062
+
+- Refresh
+ patches.suse/drm-fourcc-fix-integer-type-usage-in-uapi-header.patch.
+ Alt-commit
+- commit 174b777
+
+- Refresh
+ patches.suse/drm-bridge-ti-sn65dsi83-Handle-dsi_lanes-0-as-invali.patch.
+ Alt-commit
+- commit d529823
+
+- Refresh
+ patches.suse/Revert-drm-amd-pm-keep-the-BACO-feature-enabled-for-.patch.
+ Alt-commit
+- commit b27902a
+
+- docs: security: Add secrets/coco documentation (jsc#PED-1409).
+- efi: Register efi_secret platform device if EFI secret area
+ is declared (jsc#PED-1409).
+- commit df905cf
+
+- virt: Add efi_secret module to expose confidential computing
+ secrets (jsc#PED-1409).
+ Refresh patches.suse/virt-Add-SEV-SNP-guest-driver.
+ Update config files.
+ CONFIG_EFI_SECRET=y in x86_64/default
+- commit edb96ab
+
+- efi: sysfb_efi: remove unnecessary <asm/efi.h> include
+ (jsc#PED-1409).
+- x86: Fix all occurences of the "the the" typo (jsc#PED-1409).
+- efi: clean up Kconfig dependencies on CONFIG_EFI (jsc#PED-1409).
+ Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+ Update config files.
+- efi/x86: libstub: Make DXE calls mixed mode safe (jsc#PED-1409).
+- efifb: Remove redundant efifb_setup_from_dmi stub
+ (jsc#PED-1409).
+- efi/cper: Reformat CPER memory error location to more readable
+ (jsc#PED-1409).
+- EDAC/ghes: Unify CPER memory error location reporting
+ (jsc#PED-1409).
+- efi/cper: Add a cper_mem_err_status_str() to decode error
+ description (jsc#PED-1409).
+- efi: stub: prefer mirrored memory for randomized allocations
+ (jsc#PED-1409).
+- efi/arm64: libstub: run image in place if randomized by the
+ loader (jsc#PED-1409).
+- efi: libstub: pass image handle to handle_kernel_image()
+ (jsc#PED-1409).
+- efi: libstub: ensure allocated memory to be executable
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+ Update config files.
+- efi: libstub: declare DXE services table (jsc#PED-1409).
+- efi: Save location of EFI confidential computing area
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+ Update config files.
+ CONFIG_EFI_COCO_SECRET=y in x86_64/default, arm64/default and armv7hl/default
+- commit 6b0cf79
+
+- scsi: iscsi: Remove iscsi_get_task back_lock requirement
+ (jsc#PED-868).
+- scsi: iscsi: Rename iscsi_conn_queue_work() (jsc#PED-868).
+- scsi: iscsi: Fix harmless double shift bug (jsc#PED-868).
+- commit 5723646
+
+- scsi: iscsi: Merge suspend fields (jsc#PED-868).
+- Refresh
+ patches.suse/scsi-iscsi-Fix-NOP-handling-during-conn-recovery.patch.
+- commit 1473e45
+
+- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
+- commit a0cf107
+
+- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)
+- commit e49e34a
+
+- RDMA/rxe: Fix resize_finish() in rxe_queue.c (git-fixes)
+- commit 6b44016
+
+- RDMA/siw: Fix QP destroy to wait for all references dropped. (git-fixes)
+- commit 61cef3e
+
+- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes)
+- commit 296a57b
+
+- RDMA/srp: Fix srp_abort() (git-fixes)
+- commit 7984b35
+
+- RDMA/irdma: Align AE id codes to correct flush code and event (git-fixes)
+- commit c55a705
+
+- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
+- commit 85ed907
+
+- RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
+- commit 94f5187
+
+- RDMA/mlx5: Don't compare mkey tags in DEVX indirect mkey (git-fixes)
+- commit cbf3855
+
+- RDMA/irdma: Report RNR NAK generation in device caps (git-fixes)
+- commit 7306409
+
+- RDMA/irdma: Return correct WC error for bind operation failure (git-fixes)
+- commit bb7b5cd
+
+- RDMA/irdma: Return error on MR deregister CQP failure (git-fixes)
+- commit e8ec2a2
+
+- RDMA/irdma: Report the correct max cqes from query device (git-fixes)
+- commit 2b8a0ed
+
+- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
+- commit c54f89a
+
+- usb: typec: Remove retimers properly (jsc#PED-1211).
+- commit e583265
+
+- usb: typec: retimer: Add missing id check in match callback
+ (jsc#PED-1211).
+- commit cf4d688
+
+- USB: xhci: Fix comment typo (jsc#PED-531 jsc#PED-1211).
+- commit 2b3e84d
+
+- usb/typec/tcpm: fix repeated words in comments (jsc#PED-531
+ jsc#PED-1211).
+- commit 46257dd
+
+- usb: typec: Add retimer handle to port (jsc#PED-1211).
+- commit dde8f08
+
+- usb: typec: Add support for retimers (jsc#PED-1211).
+- commit cacdd0d
+
+- usb: typec: mux: Allow muxes to specify mode-switch
+ (jsc#PED-1211).
+- usb: typec: tcpm: Register USB Power Delivery Capabilities
+ (jsc#PED-531).
+- commit f8dc487
+
+- usb: typec: USB Power Delivery helpers for ports and partners
+ (jsc#PED-531 jsc#PED-1211).
+- Refresh patches.suse/0001-typeC-add-kABI-padding.patch.
+- Refresh patches.suse/typeC-Add-kABI-placeholders.patch.
+- commit 629af64
+
+- usb: typec: Separate USB Power Delivery from USB Type-C
+ (jsc#PED-531 jsc#PED-1211).
+- commit d284c3e
+
+- usb: gadget: bdc: fix typo in comment (git-fixes).
+- commit 0b9f194
+
+- usb: typec: tcpm: fix typo in comment (git-fixes).
+- commit a66c855
+
+- usb: common: usb-conn-gpio: Allow wakeup from system suspend
+ (jsc#PED-531).
+- commit 61abc68
+
+- powerpc/pseries: Move vas_migration_handler early during
+ migration (bsc#1204799 ltc#200177).
+- commit b7aa6a0
+
+- RDMA/srp: Set scmnd->result only when scmnd is not NULL (git-fixes)
+- commit 458db53
+
+- RDMA/cma: Fix arguments order in net device validation (git-fixes)
+- commit 81952c8
+
+- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
+- commit f572d06
+
+- kbuild: Add skip_encoding_btf_enum64 option to pahole
+ (git-fixes).
+- commit 934e48d
+
+- RDMA/mlx5: Add missing check for return value in get namespace flow (git-fixes)
+- commit 6e82f19
+
+- RDMA/rxe: Fix rnr retry behavior (git-fixes)
+- commit 7a75da5
+
+- RDMA/rxe: For invalidate compare according to set keys in mr (git-fixes)
+- commit 66293aa
+
+- RDMA/rxe: Fix mw bind to allow any consumer key portion (git-fixes)
+- commit c8934f1
+
+- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes)
+- commit 79b1a39
+
+- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
+- commit 706d0f6
+
+- RDMA: remove useless condition in siw_create_cq() (git-fixes)
+- commit 6f61f5a
+
+- RDMA/irdma: Fix setting of QP context err_rq_idx_valid field (git-fixes)
+- commit 026149f
+
+- RDMA/irdma: Fix VLAN connection with wildcard address (git-fixes)
+- commit f75f6bd
+
+- RDMA/irdma: Fix a window for use-after-free (git-fixes)
+- commit 5ca4a5f
+
+- RDMA/rxe: Fix deadlock in rxe_do_local_ops() (git-fixes)
+- commit afef467
+
+- RDMA/irdma: Fix sleep from invalid context BUG (git-fixes)
+- commit 735c971
+
+- RDMA/irdma: Do not advertise 1GB page size for x722 (git-fixes)
+- commit ccc988f
+
+- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
+- commit c6a81d4
+
+- RDMA/hfi1: Fix potential integer multiplication overflow errors (git-fixes)
+- commit 2b22d3a
+
+- RDMA/hns: Add the detection for CMDQ status in the device initialization process (git-fixes)
+- commit 7090c13
+
+- RDMA/rxe: Generate a completion for unsupported/invalid opcode (git-fixes)
+- commit 2a9e949
+
+- blacklist.conf: Clarify status of 6f5c672d17f583b081e283927f5040f726c54598.
+- commit cfc21b5
+
+- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing
+ pavgroup (git-fixes).
+- commit 3602f60
+
+- x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly
+ (jsc#PED-1816).
+- x86/fpu: Exclude dynamic states from init_fpstate
+ (jsc#PED-1816).
+- x86/fpu: Fix the init_fpstate size check with the actual size
+ (jsc#PED-1816).
+- x86/fpu: Configure init_fpstate attributes orderly
+ (jsc#PED-1816).
+- commit d47f5a0
+
+- drm/amdkfd: export svm_range_list_lock_and_flush_work
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit c19d328
+
+- amd/amdkfd: remove svms declaration to avoid werror
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 4bffdd8
+
+- drm/amdkfd: fix KFDSVMRangeTest.PartialUnmapSysMemTest fails
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 77d4811
+
+- Kbuild: use -std=gnu11 for KBUILD_USERCFLAGS (bsc#1204877).
+- Kbuild: move to -std=gnu11 (bsc#1204877).
+- commit 00462f0
+
+- fbdev: cyber2000fb: fix missing pci_disable_device()
+ (git-fixes).
+- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
+- iio: bmc150-accel-core: Fix unsafe buffer attributes
+ (git-fixes).
+- iio: adxl372: Fix unsafe buffer attributes (git-fixes).
+- iio: temperature: ltc2983: allocate iio channels once
+ (git-fixes).
+- iio: adc: mcp3911: use correct id bits (git-fixes).
+- iio: light: tsl2583: Fix module unloading (git-fixes).
+- usb: dwc3: gadget: Don't set IMI for no_interrupt (git-fixes).
+- usb: dwc3: gadget: Stop processing more requests on IMI
+ (git-fixes).
+- usb: bdc: change state when port disconnected (git-fixes).
+- hwmon/coretemp: Handle large core ID value (git-fixes).
+- ACPI: video: Make backlight class device registration a separate
+ step (v2) (git-fixes).
+- r8152: add PID for the Lenovo OneLink+ Dock (git-fixes).
+- net: usb: r8152: Add in new Devices that are supported for
+ Mac-Passthru (git-fixes).
+- arm64/mm: Consolidate TCR_EL1 fields (git-fixes).
+- commit 510527f
+
+- objtool,efi: Update __efi64_thunk annotation (jsc#PED-1409).
+ Refresh
+ patches.suse/efi-x86-use-naked-RET-on-mixed-mode-call-wrapper.patch.
+- efi/mokvar: move up init order (jsc#PED-1409).
+- commit de5f614
+
+- scsi: iscsi: Stop using the SCSI pointer (jsc#PED-868).
+- scsi: qedi: Switch to attribute groups (jsc#PED-868).
+- scsi: bnx2i: Switch to attribute groups (jsc#PED-868).
+- scsi: be2iscsi: Switch to attribute groups (jsc#PED-868).
+- commit 4dde282
+
+- tracing: Disable interrupt or preemption before acquiring
+ arch_spinlock_t (git-fixes).
+- commit 2afc9ce
+
+- tracing: Wake up ring buffer waiters on closing of the file
+ (git-fixes).
+- kABI: Fix after adding trace_iterator.wait_index (git-fixes).
+- commit c6de351
+
+- tracing: Fix reading strings from synthetic events (git-fixes).
+- commit b3d60fe
+
+- tracing: Add "(fault)" name injection to kernel probes
+ (git-fixes).
+- commit e8dfbfa
+
+- tracing: Move duplicate code of trace_kprobe/eprobe.c into header
+ (git-fixes).
+- commit 4676a84
+
+- ftrace: Fix char print issue in print_ip_ins() (git-fixes).
+- commit 40cb188
+
+- tracing: Do not free snapshot if tracer is on cmdline
+ (git-fixes).
+- commit 9e07624
+
+- tracing: Simplify conditional compilation code in
+ tracing_set_tracer() (git-fixes).
+- commit 35b9e24
+
+- ring-buffer: Fix race between reset page and reading page
+ (git-fixes).
+- commit e172e8c
+
+- tracing: Wake up waiters when tracing is disabled (git-fixes).
+- commit e65663f
+
+- tracing: Add ioctl() to force ring buffer waiters to wake up
+ (git-fixes).
+- commit d726bd0
+
+- ring-buffer: Add ring_buffer_wake_waiters() (git-fixes).
+- commit 3f155a7
+
+- ALSA: rme9652: use explicitly signed char (git-fixes).
+- ALSA: au88x0: use explicitly signed char (git-fixes).
+- ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600
+ (git-fixes).
+- commit 1285ea5
+
+- device property: Fix documentation for *_match_string() APIs
+ (git-fixes).
+- PM: domains: Fix handling of unavailable/disabled idle states
+ (git-fixes).
+- PM: hibernate: Allow hybrid sleep to work with s2idle
+ (git-fixes).
+- mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO
+ (git-fixes).
+- mmc: core: Fix kernel panic when remove non-standard SDIO card
+ (git-fixes).
+- mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
+ (git-fixes).
+- mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit
+ bus (git-fixes).
+- mtd: rawnand: marvell: Use correct logic for nand-keep-config
+ (git-fixes).
+- ALSA: aoa: Fix I2S device accounting (git-fixes).
+- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
+- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
+ (git-fixes).
+- ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
+ (git-fixes).
+- ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
+ (git-fixes).
+- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
+ (git-fixes).
+- drm/i915/dp: Reset frl trained flag before restarting FRL
+ training (git-fixes).
+- drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
+ (git-fixes).
+- drm/msm/dp: fix IRQ lifetime (git-fixes).
+- drm/msm/hdmi: fix memory corruption with too many bridges
+ (git-fixes).
+- drm/msm/dsi: fix memory corruption with too many bridges
+ (git-fixes).
+- drm/msm: fix use-after-free on probe deferral (git-fixes).
+- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
+ (git-fixes).
+- commit a89c8ce
+
+- efi: Allow to enable EFI runtime services by default on RT
+ (jsc#PED-1409).
+ Update config files.
+- efi: use default_groups in kobj_type (jsc#PED-1409).
+- efi/libstub: measure loaded initrd info into the TPM
+ (jsc#PED-1409).
+- efi/libstub: consolidate initrd handling across architectures
+ (jsc#PED-1409).
+- efi/libstub: x86/mixed: increase supported argument count
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/x86-prepare-asm-files-for-straight-line-speculation.patch.
+ patches.suse/efi-x86-use-naked-RET-on-mixed-mode-call-wrapper.patch.
+- efi/libstub: add prototype of
+ efi_tcg2_protocol::hash_log_extend_event() (jsc#PED-1409).
+- include/linux/efi.h: Remove unneeded whitespaces before tabs
+ (jsc#PED-1409).
+- efi: Move efifb_setup_from_dmi() prototype from arch headers
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+- commit fa39fcf
+
+- blacklist.conf: add reverted ASoC patches
+- commit 67ca727
+
+- net: mscc: ocelot: fix address of SYS_COUNT_TX_AGING counter
+ (git-fixes).
+- commit a23c712
+
+- net: dsa: sja1105: fix buffer overflow in
+ sja1105_setup_devlink_regions() (git-fixes).
+- commit 9684564
+
+- net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
+ (git-fixes).
+- commit bcb13eb
+
+- Update patch reference for USB fix (bsc#1196018 CVE-2022-28748 bsc#1202686 CVE-2022-2964)
+- commit 0ee154e
+
+- i40e: Fix to stop tx_timeout recovery if GLOBR fails
+ (git-fixes).
+- commit 9ae1da4
+
+- iavf: Fix reset error handling (git-fixes).
+- commit d4babdd
+
+- iavf: Fix adminq error handling (git-fixes).
+- commit 403a1a3
+
+- net: moxa: pass pdev instead of ndev to DMA functions
+ (git-fixes).
+- commit e117a5b
+
+- mlxsw: spectrum: Clear PTP configuration after unregistering
+ the netdevice (git-fixes).
+- commit 6677912
+
+- net: dsa: mv88e6060: prevent crash on an unused port
+ (git-fixes).
+- commit 00d6b8c
+
+- fec: Fix timer capture timing in `fec_ptp_enable_pps()`
+ (git-fixes).
+- commit 1a47f16
+
+- dpaa2-eth: trace the allocated address instead of page struct
+ (git-fixes).
+- commit 1020d1e
+
+- net: atlantic: fix aq_vec index out of range error (git-fixes).
+- commit 46d90a2
+
+- plip: avoid rcu debug splat (git-fixes).
+- commit eb203b2
+
+- net: bgmac: Fix a BUG triggered by wrong bytes_compl
+ (git-fixes).
+- commit cb50cd4
+
+- net: bcmgenet: Indicate MAC is in charge of PHY PM (git-fixes).
+- commit 1147d60
+
+- xen/netback: fix incorrect usage of
+ RING_HAS_UNCONSUMED_REQUESTS() (bsc#1204570).
+- commit 3c5f57f
+
+- can: j1939: transport: j1939_session_skb_drop_old():
+ spin_unlock_irqrestore() before kfree_skb() (git-fixes).
+- can: kvaser_usb: Fix possible completions during init_completion
+ (git-fixes).
+- openvswitch: switch from WARN to pr_warn (git-fixes).
+- can: mcp251x: mcp251x_can_probe(): add missing
+ unregister_candev() in error path (git-fixes).
+- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing
+ put_clock() in error path (git-fixes).
+- mac802154: Fix LQI recording (git-fixes).
+- media: vivid: set num_in/outputs to 0 if not supported
+ (git-fixes).
+- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check
+ 'interlaced' (git-fixes).
+- media: v4l2-dv-timings: add sanity checks for blanking values
+ (git-fixes).
+- media: vivid: dev->bitmap_cap wasn't freed in all cases
+ (git-fixes).
+- media: vivid: s_fbuf: add more sanity checks (git-fixes).
+- can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency
+ regression (git-fixes).
+- commit 78420ce
+
+- Add CVE reference to
+ patches.suse/net-usb-ax88179_178a-Fix-out-of-bounds-accesses-in-R.patch
+ (bsc#1196018 CVE-2022-28748 CVE-2022-2964).
+- commit 1298a2a
+
+- hmm-tests: add test for migrate_device_range() (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit ec3f1d0
+
+- nouveau/dmem: evict device private memory during release
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit ca9fd32
+
+- nouveau/dmem: refactor nouveau_dmem_fault_copy_one()
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 521539d
+
+- mm/migrate_device.c: add migrate_device_range() (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 63236a4
+
+- firmware_loader: move firmware sysctl to its own files
+ (PED-1263).
+- Refresh
+ patches.suse/firmware_loader-Split-sysfs-support-from-fallback.patch.
+- commit 8ae5e5b
+
+- mm/migrate_device.c: refactor migrate_vma and
+ migrate_deivce_coherent_page() (jsc#PED-1294, bsc#1204363,
+ CVE-2022-3523).
+- commit 7f2a998
+
+- mm/memremap.c: take a pgmap reference on page allocation
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 123f2df
+
+- mm/memremap: fix memunmap_pages() race with get_dev_pagemap()
+ (git-fixes).
+- commit 980c32f
+
+- mm/pagealloc: sysctl: change watermark_scale_factor max limit
+ to 30% (bnc#1189998 (PREEMPT_RT prerequisite backports)).
+- Refresh
+ patches.suse/sysctl-move-some-boundary-constants-from-sysctl.c-to.patch.
+ This was previously in the SLE15-SP4-RT branch to avoid a change in
+ behaviour of a sysctl after GA.
+- commit dce66e6
+
+- fpga: stratix10-soc: Do not use ret uninitialized in s10_probe()
+ (jsc#PED-1263).
+- commit 1865695
+
+- fpga: m10bmc-sec: d5005 bmc secure update driver (jsc#PED-1263).
+- commit a8f024e
+
+- fpga: dfl-pci: Add IDs for Intel N6000, N6001 and C6100 cards
+ (jsc#PED-1263).
+- commit 81df1d8
+
+- uio: dfl: add IOPLL user-clock feature id (jsc#PED-1263).
+- commit b574954
+
+- mfd: intel-m10-bmc: Add d5005 bmc secure update driver
+ (jsc#PED-1263).
+- commit ccd0f1e
+
+- memory: dfl-emif: Update the dfl emif driver support revision 1
+ (jsc#PED-1263).
+- commit ec569a6
+
+- regmap: spi-avmm: Use swabXX_array() helpers (jsc#PED-1263).
+- commit 4057de5
+
+- swab: Add array operations (jsc#PED-1263).
+- commit b633743
+
+- fpga: m10bmc-sec: Fix possible memory leak of flash_buf
+ (jsc#PED-1263).
+- commit c627d9d
+
+- firmware_loader: Fix memory leak in firmware upload
+ (jsc#PED-1263).
+- commit 19ff7e8
+
+- firmware_loader: Fix use-after-free during unregister
+ (jsc#PED-1263).
+- commit 4f92a6e
+
+- fpga: m10bmc-sec: add max10 secure update functions
+ (jsc#PED-1263).
+- commit fb127c6
+
+- fpga: m10bmc-sec: expose max10 canceled keys in sysfs
+ (jsc#PED-1263).
+- commit 4d15a2d
+
+- fpga: m10bmc-sec: expose max10 flash update count
+ (jsc#PED-1263).
+- commit 490a9aa
+
+- fpga: m10bmc-sec: create max10 bmc secure update (jsc#PED-1263).
+- commit bb9fcc7
+
+- mfd: intel-m10-bmc: Rename n3000bmc-secure driver
+ (jsc#PED-1263).
+- commit fc33834
+
+- firmware_loader: describe 'module' parameter of
+ firmware_upload_register() (jsc#PED-1263).
+- commit 103bb65
+
+- firmware_loader: Move definitions from sysfs_upload.h to sysfs.h
+ (jsc#PED-1263).
+- commit 87bae5e
+
+- firmware_loader: Fix configs for sysfs split (jsc#PED-1263).
+- commit 6a7a9b1
+
+- firmware_loader: Add sysfs nodes to monitor fw_upload
+ (jsc#PED-1263).
+- commit 7b04b8b
+
+- firmware_loader: Add firmware-upload support (jsc#PED-1263).
+- commit d2144d4
+
+- firmware_loader: Split sysfs support from fallback
+ (jsc#PED-1263).
+- commit e6134c4
+
+- firmware_loader: Check fw_state_is_done in loading_store
+ (jsc#PED-1263).
+- commit 87cb66d
+
+- firmware_loader: Clear data and size in fw_free_paged_buf
+ (jsc#PED-1263).
+- commit a0106fc
+
+- fpga: dfl: Allow Port to be linked to FME's DFL (jsc#PED-1263).
+- commit 54d7dcd
+
+- Documentation: fpga: dfl: add link address of feature id table
+ (jsc#PED-1263).
+- commit ae7ccad
+
+- fpga: dfl: check feature type before parse irq info
+ (jsc#PED-1263).
+- commit 7ba0e05
+
+- fpga: fpga-region: fix kernel-doc formatting issues
+ (jsc#PED-1263).
+- commit 8305210
+
+- fpga: fpga-mgr: fix kernel-doc warnings (jsc#PED-1263).
+- commit 4a86d8b
+
+- fpga: fix for coding style issues (jsc#PED-1263).
+- commit eefb2bb
+
+- uio: dfl: add HSSI subsystem feature id (jsc#PED-1263).
+- commit 942ce55
+
+- hwmon: (intel-m10-bmc-hwmon) use devm_hwmon_sanitize_name()
+ (jsc#PED-1263).
+- commit f3a8650
+
+- hwmon: introduce hwmon_sanitize_name() (jsc#PED-1263).
+- commit 1fef75a
+
+- fpga: dfl: pci: Remove usage of the deprecated
+ "pci-dma-compat.h" API (jsc#PED-1263).
+- commit 0f81b21
+
+- fpga: region: fix kernel-doc (jsc#PED-1263).
+- commit 7e5c728
+
+- fpga: region: Use standard dev_release for class driver
+ (jsc#PED-1263).
+- commit 3acc62e
+
+- fpga: bridge: Use standard dev_release for class driver
+ (jsc#PED-1263).
+- commit 3c81c95
+
+- fpga: mgr: Use standard dev_release for class driver
+ (jsc#PED-1263).
+- commit 9311bde
+
+- fpga: dfl: Avoid reads to AFU CSRs during enumeration
+ (jsc#PED-1263).
+- commit 9490eba
+
+- mfd: intel-m10-bmc: Add N5010 variant (jsc#PED-1263).
+- commit bffc1db
+
+- spi: spi-altera-dfl: support n5010 feature revision
+ (jsc#PED-1263).
+- Refresh
+ patches.suse/spi-spi-altera-dfl-Fix-an-error-handling-path.patch.
+- commit 88965da
+
+- fpga: dfl: expose feature revision from struct dfl_device
+ (jsc#PED-1263).
+- commit ac856ca
+
+- fpga: fpga-mgr: wrap the write_sg() op (jsc#PED-1263).
+- commit 8064ded
+
+- fpga: fpga-mgr: wrap the fpga_remove() op (jsc#PED-1263).
+- commit 67d203e
+
+- fpga: fpga-mgr: wrap the state() op (jsc#PED-1263).
+- commit 93c376a
+
+- fpga: fpga-mgr: wrap the status() op (jsc#PED-1263).
+- commit 69714b3
+
+- fpga: fpga-mgr: wrap the write() op (jsc#PED-1263).
+- commit 5cae3b0
+
+- fpga: fpga-mgr: make write_complete() op optional
+ (jsc#PED-1263).
+- commit 58d2ca4
+
+- fpga: fpga-mgr: wrap the write_init() op (jsc#PED-1263).
+- commit a678a0d
+
+- fpga: dfl: pci: add device IDs for Silicom N501x PAC cards
+ (jsc#PED-1263).
+- commit decfdaa
+
+- mm: free device private pages have zero refcount (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 476ed92
+
+- fpga: fpga-bridge: removed repeated word (jsc#PED-1263).
+- commit 9fd1af8
+
+- fpga: fix spelling mistakes (jsc#PED-1263).
+- commit 52e3a64
+
+- docs: driver-api: fpga: avoid using UTF-8 chars (jsc#PED-1263).
+- commit d967010
+
+- hwmon: intel-m10-bmc-hwmon: add n5010 sensors (jsc#PED-1263).
+- commit 1130849
+
+- Update config and supported.conf for Intel FPGA (jsc#PED-1263)
+ CONFIG_FW_LOADER_SYSFS=y
+ CONFIG_FW_UPLOAD=y
+ CONFIG_FPGA_M10_BMC_SEC_UPDATE=m
+ CONFIG_MFD_INTEL_M10_BMC=m
+ CONFIG_SENSORS_INTEL_M10_BMC_HWMON=m
+ CONFIG_REGMAP_SPI_AVMM=m
+- commit 20596f5
+
+- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
+- commit 0e980ee
+
+- octeontx2-pf: Fix NIX_AF_TL3_TL2X_LINKX_CFG register
+ configuration (git-fixes).
+- commit cc822b8
+
+- octeontx2-af: Fix key checking for source mac (git-fixes).
+- commit 2b15002
+
+- octeontx2-af: Fix mcam entry resource leak (git-fixes).
+- commit 1934a04
+
+- octeontx2-af: suppress external profile loading warning
+ (git-fixes).
+- commit f03aa66
+
+- octeontx2-af: Apply tx nibble fixup always (git-fixes).
+- commit 127ded0
+
+- net: tap: NULL pointer derefence in dev_parse_header_protocol
+ when skb->dev is null (git-fixes).
+- commit fd012c5
+
+- nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
+ (git-fixes).
+- commit 145a612
+
+- net/ice: fix initializing the bitmap in the switch code
+ (git-fixes).
+- commit 1864c2e
+
+- s390/pai: Fix multiple concurrent event installation
+ (jsc#PED-598).
+- s390/pai: Prevent invalid event number for pai_crypto PMU
+ (jsc#PED-598).
+- s390/pai: add support for cryptography counters (jsc#PED-598).
+- entry: Rename arch_check_user_regs() to
+ arch_enter_from_user_mode() (jsc#PED-598).
+- commit 4a60553
+
+- net/mlx5e: xsk: Account for XSK RQ UMRs when calculating ICOSQ
+ size (git-fixes).
+- commit 0f9b4b8
+
+- net/mlx5e: Remove WARN_ON when trying to offload an unsupported
+ TLS cipher/version (git-fixes).
+- commit 26fe2e5
+
+- netdevsim: fib: Fix reference count leak on route deletion
+ failure (git-fixes).
+- commit ef84aaa
+
+- ice: do not setup vlan for loopback VSI (git-fixes).
+- commit 2f72810
+
+- ice: check (DD | EOF) bits on Rx descriptor rather than (EOP |
+ RS) (git-fixes).
+- commit c63938e
+
+- can: kvaser_usb: replace run-time checks with struct
+ kvaser_usb_driver_info (git-fixes).
+- commit 435b54b
+
+- sfc: disable softirqs for ptp TX (git-fixes).
+- commit def7cc9
+
+- octeontx2-pf: Fix UDP/TCP src and dst port tc filters
+ (git-fixes).
+- commit a2053ff
+
+- net: fix IFF_TX_SKB_NO_LINEAR definition (git-fixes).
+- commit 36a8155
+
+- selftests: cgroup: add a selftest for memory.reclaim
+ (jsc#PED-808).
+- selftests: cgroup: fix alloc_anon_noexit() instantly freeing
+ memory (jsc#PED-808).
+- selftests: cgroup: return -errno from cg_read()/cg_write()
+ on failure (jsc#PED-808).
+- memcg: introduce per-memcg reclaim interface (jsc#PED-808).
+- commit ee3f4a3
+
+- thermal: intel_powerclamp: Use first online CPU as control_cpu
+ (git-fixes).
+- thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
+ (git-fixes).
+- staging: rtl8723bs: fix a potential memory leak in
+ rtw_init_cmd_priv() (git-fixes).
+- staging: vt6655: fix potential memory leak (git-fixes).
+- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
+- thunderbolt: Explicitly enable lane adapter hotplug events at
+ startup (git-fixes).
+- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
+- usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination
+ error after resume bug (git-fixes).
+- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
+- usb: host: xhci: Fix potential memory leak in
+ xhci_alloc_stream_info() (git-fixes).
+- usb: host: xhci-plat: suspend/resume clks for brcm (git-fixes).
+- usb: host: xhci-plat: suspend and resume clocks (git-fixes).
+- soundwire: intel: fix error handling on dai registration issues
+ (git-fixes).
+- soundwire: cadence: Don't overwrite msg->buf during write
+ commands (git-fixes).
+- kselftest/arm64: Fix validatation termination record after
+ EXTRA_CONTEXT (git-fixes).
+- soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA
+ (git-fixes).
+- udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
+ (git-fixes).
+- spi: Ensure that sg_table won't be used after being freed
+ (git-fixes).
+- wifi: rt2x00: correctly set BBP register 86 for MT7620
+ (git-fixes).
+- wifi: rt2x00: set SoC wmac clock register (git-fixes).
+- wifi: rt2x00: set VGC gain for both chains of MT7620
+ (git-fixes).
+- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
+ (git-fixes).
+- wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
+ (git-fixes).
+- wifi: mt76: mt7921: reset msta->airtime_ac while clearing up
+ hw value (git-fixes).
+- wifi: brcmfmac: fix use-after-free bug in
+ brcmf_netdev_start_xmit() (git-fixes).
+- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
+ (git-fixes).
+- thunderbolt: Add back Intel Falcon Ridge end-to-end flow
+ control workaround (git-fixes).
+- wifi: brcmfmac: fix invalid address access when enabling SCAN
+ log level (git-fixes).
+- selinux: use "grep -E" instead of "egrep" (git-fixes).
+- thermal: cpufreq_cooling: Check the policy first in
+ cpufreq_cooling_register() (git-fixes).
+- thermal: intel_powerclamp: Use get_cpu() instead of
+ smp_processor_id() to avoid crash (git-fixes).
+- selinux: allow FIOCLEX and FIONCLEX with policy capability
+ (git-fixes).
+- commit 2b3f1b5
+
+- gcov: support GCC 12.1 and newer compilers (git-fixes).
+- drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n
+ (git-fixes).
+- drm/amd/display: Fix vblank refcount in vrr transition
+ (git-fixes).
+- kbuild: rpm-pkg: fix breakage when V=1 is used (git-fixes).
+- kbuild: remove the target in signal traps when interrupted
+ (git-fixes).
+- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
+- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
+ (git-fixes).
+- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
+- staging: rtl8723bs: fix potential memory leak in
+ rtw_init_drv_sw() (git-fixes).
+- iio: pressure: dps310: Reset chip after timeout (git-fixes).
+- iio: pressure: dps310: Refactor startup procedure (git-fixes).
+- dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to
+ prevent overflow (git-fixes).
+- power: supply: adp5061: fix out-of-bounds read in
+ adp5061_get_chg_type() (git-fixes).
+- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
+- media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
+ (git-fixes).
+- drm/amd/display: Remove interface for periodic interrupt 1
+ (git-fixes).
+- drm/meson: explicitly remove aggregate driver at module unload
+ time (git-fixes).
+- drm/amdgpu: fix initial connector audio value (git-fixes).
+- drm: panel-orientation-quirks: Add quirk for Anbernic Win600
+ (git-fixes).
+- drm: bridge: dw_hdmi: only trigger hotplug event on link change
+ (git-fixes).
+- drm/nouveau/kms/nv140-: Disable interlacing (git-fixes).
+- gpu: lontium-lt9611: Fix NULL pointer dereference in
+ lt9611_connector_init() (git-fixes).
+- drm/komeda: Fix handling of atomic commits in the
+ atomic_commit_tail hook (git-fixes).
+- drm/virtio: Check whether transferred 2D BO is shmem
+ (git-fixes).
+- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
+ (git-fixes).
+- drm: Use size_t type for len variable in drm_copy_field()
+ (git-fixes).
+- drm/nouveau/nouveau_bo: fix potential memory leak in
+ nouveau_bo_alloc() (git-fixes).
+- platform/x86: msi-laptop: Change DMI match / alias strings to
+ fix module autoloading (git-fixes).
+- platform/chrome: cros_ec: Notify the PM of wake events during
+ resume (git-fixes).
+- mmc: sdhci-msm: add compatible string check for sdm670
+ (git-fixes).
+- regulator: core: Prevent integer underflow (git-fixes).
+- hwmon: (sht4x) do not overflow clamping operation on 32-bit
+ platforms (git-fixes).
+- net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses
+ (git-fixes).
+- openvswitch: Fix overreporting of drops in dropwatch
+ (git-fixes).
+- openvswitch: Fix double reporting of drops in dropwatch
+ (git-fixes).
+- net: ethernet: ti: davinci_mdio: Add workaround for errata i2329
+ (git-fixes).
+- ima: fix blocking of security.ima xattrs of unsupported
+ algorithms (git-fixes).
+- commit 73e3036
+
+- arm64: topology: move store_cpu_topology() to shared code
+ (git-fixes).
+- arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to
+ USB nodes (git-fixes).
+- ata: libahci_platform: Sanity check the DT child nodes number
+ (git-fixes).
+- arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power
+ supply (git-fixes).
+- ARM: dts: imx6sx: add missing properties for sram (git-fixes).
+- ARM: dts: imx6sll: add missing properties for sram (git-fixes).
+- ARM: dts: imx6sl: add missing properties for sram (git-fixes).
+- ARM: dts: imx6qp: add missing properties for sram (git-fixes).
+- ARM: dts: imx6dl: add missing properties for sram (git-fixes).
+- ARM: dts: imx6q: add missing properties for sram (git-fixes).
+- ARM: dts: imx7d-sdb: config the max pressure for tsc2046
+ (git-fixes).
+- ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n
+ (git-fixes).
+- ASoC: SOF: pci: Change DMI match info to support all Chrome
+ platforms (git-fixes).
+- ALSA: usb-audio: Fix last interface check for registration
+ (git-fixes).
+- ALSA: usb-audio: Register card at the last interface
+ (git-fixes).
+- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
+- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple
+ times (git-fixes).
+- Bluetooth: L2CAP: initialize delayed works at
+ l2cap_chan_create() (git-fixes).
+- Bluetooth: RFCOMM: Fix possible deadlock on socket
+ shutdown/release (git-fixes).
+- Bluetooth: btintel: Mark Intel controller to support LE_STATES
+ quirk (git-fixes).
+- can: bcm: check the result of can_send() in bcm_can_tx()
+ (git-fixes).
+- ARM: decompressor: Include .data.rel.ro.local (git-fixes).
+- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
+ (git-fixes).
+- ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for
+ StorageD3Enable (git-fixes).
+- ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid
+ phys address (git-fixes).
+- ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
+ (git-fixes).
+- ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd() (git-fixes).
+- commit de318d1
+
+- blacklist.conf: update blacklist
+- commit 78ca650
+
+- kABI: Fix kABI after backport Forcibly leave nested virt when SMM state
+ is toggled (git-fixes).
+- commit 8343da0
+
+- kABI: Fix kABI after backport Refactoring find_arch_event() to
+ pmc_perf_hw_id() (git-fixes).
+- commit 44b42bd
+
+- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size
+ hugetlb page (bsc#1204575).
+- commit e6fc5be
+
+- kABI: Fix kABI after backport Update vPMCs when retiring branch
+ instructions (git-fixes).
+- commit 4209455
+
+- kABI: Fix kABI after backport Add pmc->intr to refactor
+ kvm_perf_overflow{_intr}() (git-fixes).
+- commit 9fc8292
+
+- platform/x86/intel: pmc/core: Add Raptor Lake support to pmc
+ core driver (jsc#PED-1035).
+- platform/x86/intel/vsec: Add support for Raptor Lake
+ (jsc#PED-1036).
+- commit e86728a
+
+- drm/amdkfd: use kvcalloc() instead of kvmalloc() in kfd_migrate
+ (jsc#PED-1294).
+- commit ceef9d9
+
+- drm/amdkfd: Handle incomplete migration to system memory
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 002b524
+
+- drm/amdkfd: Avoid thrashing of stack and heap (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 61d33f6
+
+- drm/amdkfd: avoid conflicting address mappings (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- Refresh
+ patches.suse/drm-amdkfd-process_info-lock-not-needed-for-svm.patch.
+- commit aa4245a
+
+- drm/amdkfd: unregistered svm range not overlap with TTM range
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit eb3c57d
+
+- Do not enable CONFIG_ATARI_PARTITION (jsc#PED-1573).
+- commit 0605d12
+
+- drm/amdkfd: Fix SVM_ATTR_PREFERRED_LOC (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 2022943
+
+- mm/memory.c: fix race when faulting a device private page
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit fa41dd0
+
+- drm/amdkfd: debug message to count successfully migrated pages
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit a83f8ae
+
+- drm/amdkfd: clarify the origin of cpages returned by migration
+ functions (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit b72c8a9
+
+- drm/amdkfd: handle svm partial migration cpages 0 (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 51450c1
+
+- drm/amdkfd: ratelimited svm debug messages (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit f314d31
+
+- KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors
+ (git-fixes).
+- commit 22e05f5
+
+- overflow.h: restore __ab_c_size (git-fixes).
+- commit 9dbc158
+
+- KVM: x86: Add KVM_CAP_ENABLE_CAP to x86 (git-fixes).
+- commit 3acb74c
+
+- KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating
+ a perf event (git-fixes).
+- commit 9a723c2
+
+- overflow: Implement size_t saturating arithmetic helpers
+ (jsc#PED-1211).
+- commit fecede0
+
+- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
+ (bsc#1204753).
+- commit d072831
+
+- blacklist.conf: Add cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id
+- commit 382b2e7
+
+- blacklist.conf: Add c530a3c716b9 sched/psi: Fix periodic aggregation shut off
+- commit 56b9a2a
+
+- KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which
+ is a result of RSM (git-fixes).
+- commit 274c60f
+
+- powerpc/fadump: align destination address to pagesize
+ (bsc#1204728 ltc#200074).
+- commit 5377513
+
+- KVM: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved
+ state (git-fixes).
+- commit cd056ba
+
+- KVM: x86: nSVM: fix potential NULL derefernce on nested
+ migration (git-fixes).
+- commit 272884f
+
+- KVM: x86: Sync the states size with the XCR0/IA32_XSS at,
+ any time (git-fixes).
+- commit c927187
+
+- KVM: x86: Keep MSR_IA32_XSS unchanged for INIT (git-fixes).
+- commit c61458a
+
+- KVM: x86: Forcibly leave nested virt when SMM state is toggled
+ (git-fixes).
+- commit f22036a
+
+- Update patches.suse/usb-mon-make-mmapped-memory-read-only.patch
+ (bsc#1204653 CVE-2022-43750).
+ Added CVE and bsc
+- commit 93b1d48
+
+- KVM: x86/pmu: Fix available_event_types check for REF_CPU_CYCLES
+ event (git-fixes).
+- commit 436d9eb
+
+- KVM: x86: Update vPMCs when retiring branch instructions
+ (git-fixes).
+- Refresh
+ patches.suse/kvm-emulate-do-not-adjust-size-of-fastop-and-setcc-subroutines.patch.
+- commit 1f8391b
+
+- KVM: x86: Update vPMCs when retiring instructions (git-fixes).
+- commit c4d4a64
+
+- KVM: x86/pmu: Add pmc->intr to refactor
+ kvm_perf_overflow{_intr}() (git-fixes).
+- commit 91025b1
+
+- KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
+ (git-fixes).
+- commit 8080b0e
+
+- kABI: Fix kABI after backport Always set kvm_run->if_flag
+ (git-fixes).
+- KVM: x86: Always set kvm_run->if_flag (git-fixes).
+- commit daa5fd4
+
+- KVM: x86/mmu: Don't advance iterator after restart due to
+ yielding (git-fixes).
+- commit 86c02c7
+
+- KVM: x86/mmu: Retry page fault if root is invalidated by
+ memslot update (git-fixes).
+- commit c96dbdc
+
+- KVM: fix avic_set_running for preemptable kernels (git-fixes).
+- commit 457ae39
+
+- KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
+ (git-fixes).
+- commit 58e3def
+
+- xen/gntdev: Prevent leaking grants (git-fixes).
+- commit 73a7df7
+
+- KVM: nVMX: Ignore SIPI that arrives in L2 when vCPU is not in
+ WFS (git-fixes).
+- commit 8c88ccd
+
+- KVM: nVMX: Unconditionally purge queued/injected events on
+ nested "exit" (git-fixes).
+- commit f7976c7
+
+- KVM: x86/emulator: Fix handing of POP SS to correctly set
+ interruptibility (git-fixes).
+- commit 938654e
+
+- usb: gadget: f_fs: stricter integer overflow checks (git-fixes).
+- commit 07d2846
+
+- blacklist.conf: prerequisites too risky
+- commit 93c5479
+
+- scsi: mpi3mr: Schedule IRQ kthreads only on non-RT kernels
+ (bnc#1204498).
+- commit e73c4d3
+
+- lib/string_helpers: Consolidate string helpers implementation
+ (jsc#PED-1211).
+- commit fa50192
+
+- usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair
+ (git-fixes).
+- commit a0de208
+
+- iommu: Add capability for pre-boot DMA protection
+ (jsc#PED-1211).
+- commit 531fe4a
+
+- iommu: Use right way to retrieve iommu_ops (jsc#PED-1211).
+- commit 48ca01b
+
+- Update patch reference for
+ patches.suse/devlink-Fix-use-after-free-after-a-failed-reload.patch
+ (git-fixes bsc#1204637 CVE-2022-3625).
+- commit fd50fbc
+
+- pinctrl: Ingenic: JZ4755 bug fixes (git-fixes).
+- dyndbg: let query-modname override actual module name
+ (git-fixes).
+- dyndbg: fix module.dyndbg handling (git-fixes).
+- dyndbg: fix static_branch manipulation (git-fixes).
+- commit afe6697
+
+- io_uring: use original request task for inflight tracking
+ (CVE-2022-40476 bsc#1203435).
+- commit 941d6b4
+
+- Update
+ patches.suse/powerpc-pseries-vas-Pass-hw_cpu_id-to-node-associati.patch
+ (bsc#1194869 bsc#1204428 ltc#200180).
+- commit fe8b379
+
+- ring-buffer: Check pending waiters when doing wake ups as well
+ (git-fixes).
+- commit d934ca7
+
+- ring-buffer: Have the shortest_full queue be the shortest not
+ longest (git-fixes).
+- commit ed18dc7
+
+- ring-buffer: Allow splice to read previous partially read pages
+ (git-fixes).
+- commit 4649dee
+
+- iommu: Introduce device_iommu_capable() (jsc#PED-1211).
+- commit 7a5b8e8
+
+- ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes).
+- commit 554a8e9
+
+- net: mvpp2: fix mvpp2 debugfs leak (bsc#1204417 CVE-2022-3535).
+- bnx2x: fix potential memory leak in bnx2x_tpa_stop()
+ (bsc#1204402 CVE-2022-3542).
+- nfp: fix use-after-free in area_cache_get() (bsc#1204415
+ CVE-2022-3545).
+- commit 8e53774
+
+- tracing/osnoise: Fix possible recursive locking in
+ stop_per_cpu_kthreads (git-fixes).
+- commit f81f58f
+
+- tracing: Replace deprecated CPU-hotplug functions (git-fixes).
+- Refresh
+ patches.suse/tracing-osnoise-Fix-missed-cpus_read_unlock-in-start_per_cpu_kthreads.patch.
+- commit b1bca55
+
+- tracing: kprobe: Make gen test module work in arm and riscv
+ (git-fixes).
+- commit 57b2377
+
+- tracing: kprobe: Fix kprobe event gen test module on exit
+ (git-fixes).
+- commit 81447e5
+
+- thunderbolt: Add support for XDomain lane bonding
+ (jsc#PEd-1211).
+- commit 75a8fa9
+
+- thunderbolt: Ignore port locked error in
+ tb_port_wait_for_link_width() (jsc#PED-1211).
+- commit bf76347
+
+- thunderbolt: Split setting link width and lane bonding into
+ own functions (jsc#PEd-1211).
+- commit fc051e6
+
+- thunderbolt: Move tb_port_state() prototype to correct place
+ (jsc#PED-1211).
+- commit d0ed8bf
+
+- nilfs2: fix leak of nilfs_root in case of writer thread creation
+ failure (CVE-2022-3646 bsc#1204646).
+- nilfs2: fix use-after-free bug of struct nilfs_root
+ (CVE-2022-3649 bsc#1204647).
+- commit af91749
+
+- Update patch reference for vsock fix (CVE-2022-3629 bsc#1204635)
+- commit 6c49703
+
+- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
+ (CVE-2022-3640 bsc#1204619).
+- commit 5d68cf0
+
+- can: j1939: j1939_session_destroy(): fix memory leak of skbs
+ (CVE-2022-3633 bsc#1204650).
+- commit da3122e
+
+- thunderbolt: Add debug logging when lane is enabled/disabled
+ (jesc#PEd-531).
+- commit ca2d7e5
+
+- thunderbolt: Link USB4 ports to their USB Type-C connectors
+ (jsc#PED-1211).
+- commit f9e0651
+
+- thunderbolt: Make iommu_dma_protection more accurate
+ (jsc#PED-1211).
+- commit 318d5c5
+
+- thunderbolt: Dump path config space entries during discovery
+ (jsc#PED-1211).
+- commit 1ac89ca
+
+- Reference JIRA Impl instead Epic: jsc#PED-448 -> jsc#PED-594
+- Reference JIRA Impl instead Epic: jsc#PED-455 -> jsc#PED-588
+- commit 64fa841
+
+- s390/airq: use DMA memory for summary indicators (jsc#PED-596).
+- s390/zcrypt: Provide target domain for EP11 cprbs to scheduling
+ function (jsc#PED-596).
+- s390/zcrypt: change reply buffer size offering (jsc#PED-596).
+- s390/zcrypt: Support CPRB minor version T7 (jsc#PED-596).
+- s390/zcrypt: handle checkstopped cards with new state
+ (jsc#PED-596).
+- s390/zcrypt: CEX8S exploitation support (jsc#PED-596).
+- s390/ap/zcrypt: debug feature improvements (jsc#PED-596).
+- s390/zcrypt: rework of debug feature messages (jsc#PED-596).
+- commit caf5220
+
+- KVM: s390x: fix SCK locking (git-fixes).
+- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
+- commit aa7345b
+
+- i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter
+ (git-fixes).
+- media: venus: dec: Handle the case where find_format fails
+ (git-fixes).
+- media: atomisp: prevent integer overflow in
+ sh_css_set_black_frame() (git-fixes).
+- media: ipu3-imgu: Fix NULL pointer dereference in active
+ selection access (git-fixes).
+- media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
+ (git-fixes).
+- media: mceusb: set timeout to at least timeout provided
+ (git-fixes).
+- commit fbd2a07
+
+- Update patches.suse/watchdog-hpwdt-Include-nmi.h-only-if-CONFIG_HPWDT_NM.patch (git-fixes, jsc#PED-1694).
+ Add reference to jsc#PED-1694.
+- commit 2064b90
+
+- watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems. (jsc#PED-1694)
+ Enable HP ProLiant iLO2+ Hardware Watchdog Timer
+- commit f0e3a55
+
+- scsi: core: Remove the 'done' argument from SCSI
+ queuecommand_lck functions (jsc#PED-1561).
+- scsi: fas216: Introduce the function
+ fas216_queue_command_internal() (jsc#PED-1561).
+- scsi: core: Call scsi_done directly (jsc#PED-1561).
+- scsi: usb: Call scsi_done() directly (jsc#PED-1561).
+- scsi: target: tcm_loop: Call scsi_done() directly
+ (jsc#PED-1561).
+- scsi: staging: rts5208: Call scsi_done() directly
+ (jsc#PED-1561).
+- scsi: xen-scsifront: Call scsi_done() directly (jsc#PED-1561).
+- scsi: wd719x: Call scsi_done() directly (jsc#PED-1561).
+- scsi: wd33c93: Call scsi_done() directly (jsc#PED-1561).
+- scsi: vmw_pvscsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: virtio_scsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ufs: Call scsi_done() directly (jsc#PED-1561).
+- scsi: sym53c8xx_2: Call scsi_done() directly (jsc#PED-1561).
+- scsi: storvsc_drv: Call scsi_done() directly (jsc#PED-1561).
+- scsi: stex: Call scsi_done() directly (jsc#PED-1561).
+- scsi: snic: Call scsi_done() directly (jsc#PED-1561).
+- scsi: smartpqi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: scsi_debug: Call scsi_done() directly (jsc#PED-1561).
+- scsi: qlogicpti: Call scsi_done() directly (jsc#PED-1561).
+- scsi: qlogicfas408: Call scsi_done() directly (jsc#PED-1561).
+- scsi: qla4xxx: Call scsi_done() directly (jsc#PED-1561).
+- commit baefb85
+
+- scsi: qla2xxx: Call scsi_done() directly (jsc#PED-1561).
+- Refresh
+ patches.suse/scsi-qla2xxx-Implement-ref-count-for-SRB.patch.
+- Refresh
+ patches.suse/scsi-qla2xxx-Stop-using-the-SCSI-pointer.patch.
+- commit 47bbcd3
+
+- scsi: qla1280: Call scsi_done() directly (jsc#PED-1561).
+- scsi: qedf: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ps3rom: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ppa: Call scsi_done() directly (jsc#PED-1561).
+- commit b80549e
+
+- scsi: pmcraid: Call scsi_done() directly (jsc#PED-1561).
+- commit 881416d
+
+- scsi: pcmcia: Call scsi_done() directly (jsc#PED-1561).
+- scsi: nsp32: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ncr53c8xx: Call scsi_done() directly (jsc#PED-1561).
+- scsi: myrs: Call scsi_done() directly (jsc#PED-1561).
+- scsi: myrb: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mvumi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mpt3sas: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mpi3mr: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mesh: Call scsi_done() directly (jsc#PED-1561).
+- scsi: megaraid: Call scsi_done() directly (jsc#PED-1561).
+- scsi: megaraid_sas: Call scsi_done() directly (jsc#PED-1561).
+- scsi: megaraid_mbox: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mac53c94: Call scsi_done() directly (jsc#PED-1561).
+- scsi: lpfc: Call scsi_done() directly (jsc#PED-1561).
+- scsi: libsas: Call scsi_done() directly (jsc#PED-1561).
+- scsi: libiscsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: libfc: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ips: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ipr: Call scsi_done() directly (jsc#PED-1561).
+- scsi: initio: Call scsi_done() directly (jsc#PED-1561).
+- scsi: imm: Call scsi_done() directly (jsc#PED-1561).
+- commit 76ef02d
+
+- cpufreq: qcom: fix writes in read-only memory region
+ (git-fixes).
+- cpufreq: qcom: fix memory leak in error path (git-fixes).
+- ACPI: extlog: Handle multiple records (git-fixes).
+- HID: magicmouse: Do not set BTN_MOUSE on double report
+ (git-fixes).
+- selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in
+ convert_context() (git-fixes).
+- commit a940189
+
+- ALSA: hda/realtek: Add another HP ZBook G9 model quirks
+ (bsc#1203699).
+- commit 9b4cf06
+
+- scsi: ibmvscsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: hptiop: Call scsi_done() directly (jsc#PED-1561).
+- scsi: hpsa: Call scsi_done() directly (jsc#PED-1561).
+- scsi: fnic: Call scsi_done() directly (jsc#PED-1561).
+- scsi: fdomain: Call scsi_done() directly (jsc#PED-1561).
+- scsi: fas216: Stop using scsi_cmnd.scsi_done (jsc#PED-1561).
+- scsi: esp_scsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: esas2r: Call scsi_done() directly (jsc#PED-1561).
+- scsi: dpt_i2o: Call scsi_done() directly (jsc#PED-1561).
+- scsi: dc395x: Call scsi_done() directly (jsc#PED-1561).
+- scsi: cxlflash: Call scsi_done() directly (jsc#PED-1561).
+- scsi: csiostor: Call scsi_done() directly (jsc#PED-1561).
+- scsi: bnx2fc: Call scsi_done() directly (jsc#PED-1561).
+- scsi: bfa: Call scsi_done() directly (jsc#PED-1561).
+- scsi: atp870u: Call scsi_done() directly (jsc#PED-1561).
+- scsi: arcmsr: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aic7xxx: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aha1542: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aha152x: Call scsi_done() directly (jsc#PED-1561).
+- scsi: advansys: Call scsi_done() directly (jsc#PED-1561).
+- scsi: acornscsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aacraid: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aacraid: Introduce aac_scsi_done() (jsc#PED-1561).
+- scsi: a100u2w: Call scsi_done() directly (jsc#PED-1561).
+- scsi: NCR5380: Call scsi_done() directly (jsc#PED-1561).
+- commit 4088abf
+
+- scsi: BusLogic: Call scsi_done() directly (jsc#PED-1561).
+- scsi: 53c700: Call scsi_done() directly (jsc#PED-1561).
+- scsi: 3w-xxxx: Call scsi_done() directly (jsc#PED-1561).
+- scsi: 3w-sas: Call scsi_done() directly (jsc#PED-1561).
+- scsi: 3w-9xxx: Call scsi_done() directly (jsc#PED-1561).
+- scsi: zfcp_scsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: message: fusion: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ib_srp: Call scsi_done() directly (jsc#PED-1561).
+- scsi: firewire: sbp2: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ata: Call scsi_done() directly (jsc#PED-1561).
+- commit 8b9488f
+
+- scsi: core: Rename scsi_mq_done() into scsi_done() and export it
+ (jsc#PED-1561).
+- scsi: core: Use a structure member to track the SCSI command
+ submitter (jsc#PED-1561).
+- commit 217e4e6
+
+- efi: Simplify arch_efi_call_virt() macro (jsc#PED-1408).
+- commit 736e2d1
+
+- scsi: pmcraid: Fix missing resource cleanup in error case
+ (jsc#PED-1561).
+- scsi: pmcraid: Fix typo in comment (jsc#PED-1561).
+- scsi: pmcraid: Remove unneeded semicolon (jsc#PED-1561).
+- scsi: pmcraid: Remove the PMCRAID_PASSTHROUGH_IOCTL ioctl
+ implementation (jsc#PED-1561).
+- scsi: pmcraid: Don't use GFP_DMA in pmcraid_alloc_sglist()
+ (jsc#PED-1561).
+- scsi: pmcraid: Fix a kernel-doc warning (jsc#PED-1561).
+- scsi: pmcraid: Switch to attribute groups (jsc#PED-1561).
+- scsi: core: Register sysfs attributes earlier (jsc#PED-1561).
+- commit 65ed53e
+
+- blacklist.conf: add an entry for IDXD that has been already fixed
+- commit 7531ae1
+
+- dmaengine: idxd: force wq context cleanup on device disable path
+ (git-fixes).
+- commit e06ba18
+
+- nilfs2: fix NULL pointer dereference at
+ nilfs_bmap_lookup_at_level() (CVE-2022-3621 bsc#1204574).
+- commit f8016b1
+
+- ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41
+ (bsc#1203922).
+- commit 1d187cf
+
+- Move upstreamed sound patches into sorted section
+- commit 4c058b6
+
+- Bluetooth: L2CAP: Fix memory leak in vhci_write (CVE-2022-3619
+ bsc#1204569).
+- commit b649754
+
+- iommu: Introduce a callback to struct iommu_resv_region
+ (jsc#PED-1408).
+- commit 480aace
+
+- drm/amdgpu: fix sdma doorbell init ordering on APUs (git-fixes).
+- net: phy: dp83822: disable MDI crossover status change interrupt
+ (git-fixes).
+- wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new()
+ (git-fixes).
+- net: phy: dp83867: Extend RX strap quirk for SGMII mode
+ (git-fixes).
+- ata: ahci-imx: Fix MODULE_ALIAS (git-fixes).
+- commit 273eb71
+
+- arm64: topology: Remove redundant setting of llc_id in CPU
+ topology (jsc#PED-1408).
+- commit 2ac7bb1
+
+- hisi_lpc: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- soundwire: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- commit a5a010e
+
+- powerpc/64s: Fix build failure when CONFIG_PPC_64S_HASH_MMU
+ is not set (bsc#1204413 ltc#200176).
+- commit 0850b12
+
+- powerpc/pseries: Stop selecting PPC_HASH_MMU_NATIVE (bsc#1204413 ltc#200176).
+- Refresh patches.suse/powerpc-Rename-PPC_NATIVE-to-PPC_HASH_MMU_NATIVE.patch.
+- commit abb9ade
+
+- thunderbolt: ACPI: Replace tb_acpi_find_port() with
+ acpi_find_child_by_adr() (jsc#PED-1408).
+- commit b06ed1f
+
+- powerpc/64s: Make hash MMU support configurable (bsc#1204413 ltc#200176).
+- Refresh patches.suse/lkdtm-disable-return-thunks-in-rodata-c.patch.
+ Update config files.
+- commit 5b2abcf
+
+- platform/x86/thinkpad_acpi: Use acpi_dev_for_each_child()
+ (jsc#PED-1408).
+- platform/x86: Replace acpi_bus_get_device() (jsc#PED-1408).
+- commit e8f90ff
+
+- fuse: fix deadlock between atomic O_TRUNC and page invalidation
+ (bsc#1204533).
+- commit a0e6630
+
+- USB: ACPI: Replace usb_acpi_find_port() with
+ acpi_find_child_by_adr() (jsc#PED-1408).
+- commit 1538aed
+
+- Correct JIRA reference to Impl entries (jsc#PED-588 jsc#PED-594 jsc#PED-812 jsc#PED-826 jsc#PED-827 jsc#PED-831 jsc#PED-840 jsc#PED-858 jsc#PED-859 jsc#PED-1033 jsc#PED-1035 jsc#PED-1038 jsc#PED-1044 jsc#PED-1046 jsc#PED-1052 jsc#PED-1054 jsc#PED-1096 jsc#PED-1165 jsc#PED-1213 jsc#PED-1516 jsc#PED-1817 jsc#PED-1820)
+- commit 048beb0
+
+- Correct JIRA reference to Impl entries (jsc#PED-833 jsc#PED-850 jsc#PED-825 jsc#PED-822 jsc#PED-846 jsc#PED-817 jsc#PED-851 jsc#PED-857 jsc#PED-842 jsc#PED-813 jsc#PED-1084 jsc#PED-1096 jsc#PED-1085 jsc#PED-1649 jsc#PED-1082 jsc#PED-856)
+- commit c7d3570
+
+- mfd: core: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- commit 4d37bd2
+
+- powerpc/pseries/vas: Add VAS IRQ primary handler (bsc#1204413
+ ltc#200176).
+- powerpc: Ignore DSI error caused by the copy/paste instruction
+ (bsc#1204413 ltc#200176).
+- powerpc/64s: Move hash MMU support code under
+ CONFIG_PPC_64S_HASH_MMU (bsc#1204413 ltc#200176).
+- Refresh patches.suse/Revert-powerpc-rtas-Implement-reentrant-rtas-call.patch
+- Refresh patches.suse/powerpc-Add-kABI-placeholder-to-struct-pci_controlle.patch
+- Refresh patches.suse/powerpc-pseries-wire-up-rng-during-setup_arch.patch
+- powerpc: make memremap_compat_align 64s-only (bsc#1204413
+ ltc#200176).
+- powerpc/64: pcpu setup avoid reading mmu_linear_psize on 64e
+ or radix (bsc#1204413 ltc#200176).
+- powerpc/64s: Rename hash_hugetlbpage.c to hugetlbpage.c
+ (bsc#1204413 ltc#200176).
+- powerpc/64s: Make flush_and_reload_slb a no-op when radix is
+ enabled (bsc#1204413 ltc#200176).
+- powerpc/pseries: lparcfg don't include slb_size line in radix
+ mode (bsc#1204413 ltc#200176).
+- powerpc/64s: Move and rename do_bad_slb_fault as it is not
+ hash specific (bsc#1204413 ltc#200176).
+- Refresh patches.suse/powerpc-64s-hash-Make-hash-faults-work-in-NMI-contex.patch
+- powerpc: Rename PPC_NATIVE to PPC_HASH_MMU_NATIVE (bsc#1204413
+ ltc#200176).
+ Update config files.
+- commit da125ff
+
+- devdax: Fix soft-reservation memory description (jsc#PED-1408).
+- ACPI: property: Remove default association from integer maximum
+ values (jsc#PED-1408).
+- ACPI: property: Ignore already existing data node tags
+ (jsc#PED-1408).
+- ACPI: property: Fix type detection of unified integer reading
+ functions (jsc#PED-1408).
+- arm64: cacheinfo: Fix incorrect assignment of signed error
+ value to unsigned fw_level (jsc#PED-1408).
+- ACPI: property: Fix error handling in acpi_init_properties()
+ (jsc#PED-1408).
+- ACPI: property: Read buffer properties as integers
+ (jsc#PED-1408).
+- ACPI: property: Add support for parsing buffer property UUID
+ (jsc#PED-1408).
+- commit 5677edc
+
+- ACPI: property: Unify integer value reading functions
+ (jsc#PED-1408).
+- ACPI: property: Switch node property referencing from ifs to
+ a switch (jsc#PED-1408).
+- ACPI: property: Move property ref argument parsing into a new
+ function (jsc#PED-1408).
+- ACPI: property: Use acpi_object_type consistently in property
+ ref parsing (jsc#PED-1408).
+- ACPI: property: Tie data nodes to acpi handles (jsc#PED-1408).
+- ACPI: VIOT: Do not dereference fwnode in struct device
+ (jsc#PED-1408).
+- ACPI/IORT: Fix build error implicit-function-declaration
+ (jsc#PED-1408).
+- ACPI/IORT: Add a helper to retrieve RMR info directly
+ (jsc#PED-1408).
+- ACPI/IORT: Add support to retrieve IORT RMR reserved regions
+ (jsc#PED-1408).
+- ACPI/IORT: Provide a generic helper to retrieve reserve regions
+ (jsc#PED-1408).
+- ACPI/IORT: Make iort_iommu_msi_get_resv_regions() return void
+ (jsc#PED-1408).
+- ACPI: PPTT: Leave the table mapped for the runtime usage
+ (jsc#PED-1408).
+- ACPI: Remove the unused find_acpi_cpu_cache_topology()
+ (jsc#PED-1408).
+- ACPI: PPTT: Use table offset as fw_token instead of virtual
+ address (jsc#PED-1408).
+- ACPI: Move PRM config option under the main ACPI config
+ (jsc#PED-1408).
+ Update config files.
+- ACPI: Enable Platform Runtime Mechanism(PRM) support on ARM64
+ (jsc#PED-1408).
+ Update config files.
+- ACPI: PRM: Change handler_addr type to void pointer
+ (jsc#PED-1408).
+- ACPI/PCI: Remove useless NULL pointer checks (jsc#PED-1408).
+- ACPI: video: Use native backlight on Dell Inspiron N4010
+ (jsc#PED-1408).
+- ACPI: video: Drop X86 dependency from Kconfig (jsc#PED-1408).
+ Update config files.
+- ACPI: resource: skip IRQ override on AMD Zen platforms
+ (jsc#PED-1408).
+- ACPI: PM: x86: Print messages regarding LPS0 idle support
+ (jsc#PED-1408).
+- ACPI: PM: s2idle: Use LPS0 idle if ACPI_FADT_LOW_POWER_S0 is
+ unset (jsc#PED-1408).
+- Revert "ACPI / PM: LPIT: Register sysfs attributes based on
+ FADT" (jsc#PED-1408).
+- ACPI: PM: s2idle: Add support for upcoming AMD uPEP HID AMDI008
+ (jsc#PED-1408).
+- ACPI: EC: Drop unused ident initializers from dmi_system_id
+ tables (jsc#PED-1408).
+- ACPI: EC: Re-use boot_ec when possible even when
+ EC_FLAGS_TRUST_DSDT_GPE is set (jsc#PED-1408).
+- ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP (jsc#PED-1408).
+- ACPI: APEI: Fix double word in a comment (jsc#PED-1408).
+- ACPI: processor: Drop leftover acpi_processor_get_limit_info()
+ declaration (jsc#PED-1408).
+- ACPI: processor: Split out thermal initialization from ACPI PSS
+ (jsc#PED-1408).
+- ACPI: bus: Drop unused list heads from struct acpi_device
+ (jsc#PED-1408).
+- ACPI: bus: Drop driver member of struct acpi_device
+ (jsc#PED-1408).
+- ACPI: bus: Drop redundant check in acpi_device_remove()
+ (jsc#PED-1408).
+- ACPI / MMC: PM: Unify fixing up device power (jsc#PED-1408).
+- ACPI: scan: Walk ACPI device's children using driver core
+ (jsc#PED-1408).
+- ACPI: bus: Introduce acpi_dev_for_each_child_reverse()
+ (jsc#PED-1408).
+- ACPI: video: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- ACPI: bus: Export acpi_dev_for_each_child() to modules
+ (jsc#PED-1408).
+- ACPI: property: Use acpi_dev_for_each_child() for child lookup
+ (jsc#PED-1408).
+- ACPI: container: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- ACPI: glue: Introduce acpi_find_child_by_adr() (jsc#PED-1408).
+- ACPI: glue: Introduce acpi_dev_has_children() (jsc#PED-1408).
+- ACPI: glue: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- ACPI: irq: Allow acpi_gsi_to_irq() to have an arch-specific
+ fallback (jsc#PED-1408).
+- APCI: irq: Add support for multiple GSI domains (jsc#PED-1408).
+- mmc: sdhci-acpi: Remove special handling for GPD win/pocket
+ devices (jsc#PED-1408).
+- commit 3b82889
+
+- r8152: Rate limit overflow messages (CVE-2022-3594 bsc#1204479).
+- commit a745ef5
+
+- Update patch reference for HID fix (CVE-2022-3577 bsc#1204470)
+- commit 3ac3b39
+
+- kcm: avoid potential race in kcm_tx_work (bsc#1204355
+ CVE-2022-3521).
+- commit 2d76ec0
+
+- tcp/udp: Fix memory leak in ipv6_renew_options() (bsc#1204354
+ CVE-2022-3524).
+- commit f8049de
+
+- Update metadata references
+- commit d0bf0fb
+
+- PCI: hv: Fix synchronization between channel callback and
+ hv_pci_bus_exit() (bsc#1204017).
+- commit ea6713d
+
+- PCI: hv: Fix synchronization between channel callback and
+ hv_compose_msi_msg() (bsc#1204017).
+- commit 230768b
+
+- PCI: hv: Use vmbus_requestor to generate transaction IDs for
+ VMbus hardening (bsc#1204017).
+- commit a19c478
+
+- Drivers: hv: vmbus: Introduce {lock,unlock}_requestor()
+ (bsc#1204017).
+- commit bc36cf4
+
+- Drivers: hv: vmbus: Introduce vmbus_request_addr_match()
+ (bsc#1204017).
+- commit 40cb8e4
+
+- Drivers: hv: vmbus: Fix handling of messages with transaction
+ ID of zero (bsc#1204017).
+- commit a5b4ebf
+
+- Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid()
+ (bsc#1204017).
+- commit 2e0386a
+
+- sch_sfb: Also store skb len before calling child enqueue
+ (CVE-2022-3586 bsc#1204439).
+- sch_sfb: Don't assume the skb is still around after enqueueing
+ to child (CVE-2022-3586 bsc#1204439).
+- commit 6788943
+
+- Update patch reference for mISDN fix (CVE-2022-3565 bsc#1204431)
+- commit 5d0836e
+
+- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
+ (git-fixes).
+- commit 1ad6725
+
+- blacklist.conf: add upstream commit that's too invasive
+- commit a605c6e
+
+- Update config files: enable CONFIG_DMABUF_MOVE_NOTIFY (jsc#PED-975)
+- commit a10be66
+
+- dmaengine: idxd: deprecate token sysfs attributes for read
+ buffers (jsc#PED-679).
+- commit c137213
+
+- dmaengine: idxd: change bandwidth token to read buffers
+ (jsc#PED-679).
+- Refresh
+ patches.suse/dmaengine-idxd-restore-traffic-class-defaults-after-.patch.
+- commit d0c1256
+
+- powercap: intel_rapl: Add support for RAPTORLAKE_S
+ (jsc#PED-1812).
+- commit 213e719
+
+- Update config files: enable CONFIG_PINCTRL_METEORLAKE (jsc#PED-732)
+- supported.conf: add pinctrl-meteorlake
+- commit efb9d9f
+
+- pinctrl: intel: Add Intel Meteor Lake pin controller support
+ (jsc#PED-732).
+- commit 0540896
+
+- i2c: i801: Add support for Intel Meteor Lake-P (jsc#PED-732).
+- spi: pxa2xx: Add support for Intel Meteor Lake-P (jsc#PED-732).
+- scsi: ufs: ufs-pci: Add support for Intel MTL (jsc#PED-732).
+- commit 11c983f
+
+- Update patch reference for Intel MTL-P USB patch (jsc#PED-732)
+- commit 4ca8c18
+
+- pinctrl: alderlake: Fix register offsets for ADL-N variant
+ (jsc#PED-676).
+- pinctrl: alderlake: Add Intel Alder Lake-N pin controller
+ support (jsc#PED-676).
+- commit 5492389
+
+- Update patch reference for Intel ADL-N eMMC patch (jsc#PED-676)
+- commit 4c38b45
+
+- thunderbolt: Add support for Intel Raptor Lake (jsc#PED-634).
+- commit 0ec42f9
+
+- pinctrl: alderlake: Add Raptor Lake-S ACPI ID (jsc#PED-634).
+- mfd: intel-lpss: Add Intel Raptor Lake PCH-S PCI IDs
+ (jsc#PED-634).
+- spi: pxa2xx: Add support for Intel Raptor Lake PCH-S
+ (jsc#PED-634).
+- commit 06d5787
+
+- Update patch references for intel_th RPL-S support (jsc#PED-634)
+- commit 900e952
+
+- i2c: i801: Add support for Intel Raptor Lake PCH-S
+ (jsc#PED-634).
+- i2c: i801: Improve handling of chip-specific feature definitions
+ (jsc#PED-634).
+- i2c: i801: Add support for Intel Ice Lake PCH-N (jsc#PED-634).
+- commit 46a17cc
+
+- scsi: ufs: ufs-pci: Add support for Intel ADL (jsc#PED-707).
+- commit 356d2a6
+
+- Update patches.suse/arm64-cpufeature-add-HWCAP-for-FEAT_RPRES.patch (git-fixes, jsc#PED-1159)
+ Add reference to jsc#PED-1599
+- commit 27aeba3
+
+- thermal: int340x: Mode setting with new OS handshake
+ (jsc#PED-678).
+- commit c03fef0
+
+- Update patches.suse/arm64-cpufeature-add-HWCAP-for-FEAT_AFP.patch (git-fixes, jsc#PED-1159)
+ Add reference to jsc#PED-1599
+- commit fb87f4f
+
+- thermal: int340x: Update OS policy capability handshake
+ (jsc#PED-678).
+- commit 2487fcb
+
+- supported.conf: Add CN10K DDR PMU driver to supported modules (jsc#PED-1765)
+- commit ee9c6f0
+
+- supported.conf: Add CN10K RNG driver to supported modules (jsc#PED-1765)
+- commit f38a789
+
+- supported.conf: Add CN10K LLC PMU driver to supported modules (jsc#PED-1765)
+- commit ff62505
+
+- hwrng: cn10k - Make check_rng_health() return an error code (jsc#PED-1765)
+- commit e96e350
+
+- hwrng: cn10k - Optimize cn10k_rng_read() (jsc#PED-1765)
+- commit 18234b8
+
+- hwrng: cn10k - Add random number generator support (jsc#PED-1765)
+ Update config/arm64/default
+- commit 80a71af
+
+- perf/marvell: Fix !CONFIG_OF build for CN10K DDR PMU driver (jsc#PED-1765)
+ Update config/arm64/default
+- commit d86ecb5
+
+- perf/marvell: cn10k DDR perf event core ownership (jsc#PED-1765)
+- commit ccedd1a
+
+- perf/marvell: cn10k DDR perfmon event overflow handling (jsc#PED-1765)
+- commit b6ab0c5
+
+- perf/marvell: CN10k DDR performance monitor support (jsc#PED-1765)
+- commit b13d58a
+
+- dt-bindings: perf: marvell: cn10k ddr performance monitor (jsc#PED-1765)
+- commit 705f151
+
+- Update patch reference for macvlan fix (CVE-2022-3526 bsc#1204353)
+- commit 740e86c
+
+- rpm/check-for-config-changes: loosen pattern for AS_HAS_*
+ This is needed to handle CONFIG_AS_HAS_NON_CONST_LEB128.
+- commit bdc0bf7
+
+- perf/marvell_cn10k: Fix TAD PMU register offset (jsc#PED-1765)
+- commit 4ccd5d2
+
+- perf/marvell_cn10k: Remove useless license text when (jsc#PED-1765)
+- commit b1994db
+
+- perf/marvell_cn10k: Fix tad_pmu_event_init() to check pmu type first (jsc#PED-1765)
+- commit cb2eb6b
+
+- perf/marvell_cn10k: Fix unused variable warning when W=1 and (jsc#PED-1765)
+- commit 4f19277
+
+- drivers: perf: marvell_cn10k: fix an IS_ERR() vs NULL check (jsc#PED-1765)
+- commit 9e52366
+
+- drivers: perf: Add LLC-TAD perf counter support (jsc#PED-1765)
+ Update config/arm64/default
+- commit 15db243
+
+- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
+- powerpc/powernv: add missing of_node_put() in
+ opal_export_attrs() (bsc#1065729).
+- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
+- commit 7c692ec
+
+- powerpc/kprobes: Fix null pointer reference in
+ arch_prepare_kprobe() (jsc#SLE-13847 git-fixes).
+- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246
+ git-fixes).
+- commit 5521322
+
+- thunderbolt: Use decimal number with port numbers (jsc#PED-531
+ jsc#PED-1211).
+- commit 1ef4993
+
+- thunderbolt: Replace usage of found with dedicated list iterator
+ variable (jsc#PED-531 jsc#PED-1211).
+- commit 3fecfc9
+
+- thunderbolt: Clarify register definitions for
+ `tb_cap_plug_events` (jsc#PED-531).
+- commit 68d4307
+
+- thunderbolt: Add internal xHCI connect flows for Thunderbolt
+ 3 devices (jsc#PED-531).
+- commit ec0de67
+
+- thunderbolt: Do not make DROM read success compulsory
+ (jsc#PED-531).
+- commit 24436e4
+
+- thunderbolt: Do not resume routers if UID is not set
+ (jsc#PED-531).
+- thunderbolt: Retry DROM reads for more failure scenarios
+ (jsc#PED-531).
+- commit a78e01a
+
+- thunderbolt: Drop duplicate NULL checks around
+ nvmem_unregister() (jsc#PED-531).
+- commit 3ea3344
+
+- thunderbolt: Replace acpi_bus_get_device() (jsc#PED-531).
+- commit 920924a
+
+- thunderbolt: Remove useless DMA-32 fallback configuration
+ (jsc#PED-531).
+- commit 871dcd2
+
+- usb: host: Initiate urb ep with udev ep0 (jsc#PED-531).
+- commit f03f8e4
+
+- arm64/bti: Disable in kernel BTI when cross section thunks are broken (git-fixes)
+- commit 2f51dd9
+
+- blacklist.conf: ("arm64/mm: drop HAVE_ARCH_PFN_VALID")
+- commit f836660
+
+- clk: at91: fix the build with binutils 2.27 (git-fixes).
+- commit a34e36d
+
+- Input: xpad - add supported devices as contributed on github
+ (git-fixes).
+- efi: libstub: drop pointless get_memory_map() call (git-fixes).
+- misc: pci_endpoint_test: Fix
+ pci_endpoint_test_{copy,write,read}() panic (git-fixes).
+- misc: pci_endpoint_test: Aggregate params checking for xfer
+ (git-fixes).
+- USB: serial: qcserial: add new usb-id for Dell branded EM7455
+ (git-fixes).
+- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
+- commit 4dee064
+
+- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
+- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
+ (git-fixes).
+- ALSA: hda/realtek: Add Intel Reference SSID to support headset
+ keys (git-fixes).
+- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
+- commit c900b4a
+
+- ACPI: HMAT: Release platform device in case of
+ platform_device_add_data() fails (git-fixes).
+- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
+ (git-fixes).
+- ALSA: hda/realtek: Correct pin configs for ASUS G533Z
+ (git-fixes).
+- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
+ (git-fixes).
+- arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or
+ restored (git-fixes).
+- drm/amd/pm: smu7_hwmgr: fix potential off-by-one overflow in
+ 'performance_levels' (git-fixes).
+- Revert "drm/amdgpu: use dirty framebuffer helper" (git-fixes).
+- drm/i915/ehl: Update MOCS table for EHL (git-fixes).
+- commit 3ca51e4
+
+- s390/qeth: Remove OSN deprecation notice (jsc#PED-448
+ LTC#198619).
+- commit 42319b3
+
+- qeth: remove a copy of the NAPI_POLL_WEIGHT define (jsc#PED-448
+ LTC#198619).
+- Refresh
+ patches.suse/net-make-drivers-set-the-TSO-limit-not-the-GSO-limit.patch.
+- Refresh patches.suse/net-switch-to-netif_napi_add_tx.patch.
+- commit f8ee04c
+
+- s390/qeth: split up L2 netdev_ops (jsc#PED-448 LTC#198619).
+- commit f50bd13
+
+- s390/qeth: don't keep track of Input Queue count (jsc#PED-448
+ LTC#198619).
+- Refresh patches.suse/s390-qdio-split-do_QDIO.
+- commit f07e1f9
+
+- s390/qeth: move qdio's QAOB cache into qeth (jsc#PED-448
+ LTC#198619).
+- Refresh patches.suse/s390-qdio-split-do_QDIO.
+- commit 7ee14b3
+
+- s390/qeth: clean up device_type management (jsc#PED-448
+ LTC#198619).
+- Refresh patches.suse/s390-qeth-Register-switchdev-event-handler.
+- commit 4489d18
+
+- s390/qeth: Fix typo 'the the' in comment (jsc#PED-448
+ LTC#198619).
+- s390/ctcm: fix typo "length to short" -> "length too short"
+ (jsc#PED-448 LTC#198619).
+- s390/net: sort out physical vs virtual pointers usage
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: Remove redundant 'flush_workqueue()' calls
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: remove check for packing mode in
+ qeth_check_outbound_queue() (jsc#PED-448 LTC#198619).
+- s390/qeth: fine-tune .ndo_select_queue() (jsc#PED-448
+ LTC#198619).
+- s390/qeth: don't offer .ndo_bridge_* ops for OSA devices
+ (jsc#PED-448 LTC#198619).
+- s390/lcs: add braces around empty function body (jsc#PED-448
+ LTC#198619).
+- s390/ctcm: add __printf format attribute to ctcm_dbf_longtext
+ (jsc#PED-448 LTC#198619).
+- s390/ctcm: fix format string (jsc#PED-448 LTC#198619).
+- s390/qeth: allocate RX queue at probe time (jsc#PED-448
+ LTC#198619).
+- s390/qeth: update kerneldoc for qeth_add_hw_header()
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: fix kernel doc comments (jsc#PED-448 LTC#198619).
+- s390/qeth: add __printf format attribute to qeth_dbf_longtext
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: fix various format strings (jsc#PED-448 LTC#198619).
+- s390/qeth: clarify remaining dev_kfree_skb_any() users
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: remove .do_ioctl() callback from driver discipline
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: improve trace entries for MAC address
+ (un)registration (jsc#PED-448 LTC#198619).
+- net: s390: constify and use eth_hw_addr_set() (jsc#PED-448
+ LTC#198619).
+- s390/netiucv: remove incorrect kernel doc indicators
+ (jsc#PED-448 LTC#198619).
+- s390/lcs: remove incorrect kernel doc indicators (jsc#PED-448
+ LTC#198619).
+- s390/ctcm: remove incorrect kernel doc indicators (jsc#PED-448
+ LTC#198619).
+- s390/net: replace in_irq() with in_hardirq() (jsc#PED-448
+ LTC#198619).
+- s390/qeth: clean up QETH_PROT_* naming (jsc#PED-448 LTC#198619).
+- commit 595cfd6
+
+- x86/cpu: Add CPU model numbers for Meteor Lake (jsc#PED-637).
+- x86/cpu: Add new Raptor Lake CPU model number (jsc#PED-716).
+- commit 612dc8d
+
+- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
+- openvswitch: add nf_ct_is_confirmed check before assigning
+ the helper (git-fixes).
+- selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1
+ (git-fixes).
+- wifi: iwlwifi: mvm: fix double list_add at
+ iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes).
+- wifi: cfg80211: fix ieee80211_data_to_8023_exthdr handling of
+ small packets (git-fixes).
+- wifi: mac80211: fix decap offload for stations on AP_VLAN
+ interfaces (git-fixes).
+- wifi: mac80211: fix probe req HE capabilities access
+ (git-fixes).
+- wifi: mac80211: do not drop packets smaller than the LLC-SNAP
+ header on fast-rx (git-fixes).
+- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
+- can: kvaser_usb_leaf: Fix TX queue out of sync after restart
+ (git-fixes).
+- can: kvaser_usb: Fix use of uninitialized completion
+ (git-fixes).
+- macvlan: enforce a consistent minimal mtu (git-fixes).
+- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq
+ (git-fixes).
+- net: ieee802154: return -EINVAL for unknown addr type
+ (git-fixes).
+- watchdog: armada_37xx_wdt: Fix .set_timeout callback
+ (git-fixes).
+- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
+ (git-fixes).
+- watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
+ (git-fixes).
+- commit cb006e7
+
+- Drop a incorrectly doubly applied WiFi fix patch
+- commit 9d35b83
+
+- s390/qdio: Fix spelling mistake (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clarify logical vs absolute in QIB's kerneldoc
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove unneeded sanity check in qdio_do_sqbs()
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: split do_QDIO() (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: split qdio_inspect_queue() (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clarify handler logic for
+ qdio_handle_activate_check() (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clean up access to queue in
+ qdio_handle_activate_check() (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: avoid allocating the qdio_irq with GFP_DMA
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: improve handling of CIWs (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: remove QDIO_SBAL_SIZE macro (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- scsi: zfcp: fix kernel doc comments (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- scsi: zfcp: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- scsi: zfcp: Use the proper SCSI midlayer interfaces for PI
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove unused support for SLIB parameters
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: consolidate QIB code (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: use dev_info() in qdio_print_subchannel_info()
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: fine-tune the queue sync (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clean up SIGA capability tracking (jsc#PED-455
+ bsc#1203836 LTC#198623).
+- s390/qdio: remove unused sync-after-IRQ infrastructure
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: use absolute data address in ESTABLISH ccw
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove unused macros (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clarify reporting of errors to the drivers
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove unneeded siga-sync for Output Queue
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove remaining tasklet & timer code (jsc#PED-455
+ bsc#1203836 LTC#198623).
+- commit ccb8c7b
+
+- wifi: cfg80211: update hidden BSSes to avoid WARN_ON
+ (git-fixes).
+- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
+ (git-fixes).
+- wifi: cfg80211/mac80211: reject bad MBSSID elements (git-fixes).
+- commit b28d368
+
+- Move upstramed WiFi fix patches into sorted section
+- commit bef1692
+
+- net: ethernet: move from strlcpy with unused retval to strscpy
+ (jsc#PED-1302).
+- net: add skb_[inner_]tcp_all_headers helpers (jsc#PED-1302).
+- ethernet: Remove vf rate limit check for drivers (jsc#PED-1302).
+- rtnetlink: add extack support in fdb del handlers
+ (jsc#PED-1302).
+- net: switch to netif_napi_add_tx() (jsc#PED-1302).
+- qlcnic: remove redundant assignment to variable index
+ (jsc#PED-1302).
+- net: qlcnic: use time_is_before_jiffies() instead of open
+ coding it (jsc#PED-1302).
+- qlcnic: Simplify DMA setting (jsc#PED-1302).
+- qlcnic: Remove redundant initialization of variable ret
+ (jsc#PED-1302).
+- qlcnic: switch from 'pci_' to 'dma_' API (jsc#PED-1302).
+- qlcnic: make the array random_data static const, makes object
+ smaller (jsc#PED-1302).
+- commit c7136a6
+
+- clk: bcm: rpi: Add support for VEC clock (bsc#1196632)
+- commit 188fe72
+
+- nvmem: core: Check input parameter for NULL in
+ nvmem_unregister() (bsc#1204241).
+- commit 66b047b
+
+- clk: bcm2835: Round UART input clock up (bsc#1188238)
+- commit f465b19
+
+- ALSA: hda/hdmi: Fix the converter allocation for the silent
+ stream (git-fixes).
+- ALSA: hda/hdmi: change type for the 'assigned' variable
+ (git-fixes).
+- commit 6c73200
+
+- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types
+ (git-fixes).
+- irqchip/ls-extirq: Fix invalid wait context by avoiding to
+ use regmap (git-fixes).
+- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
+- docs: update mediator information in CoC docs (git-fixes).
+- mmc: core: Terminate infinite loop in SD-UHS voltage switch
+ (git-fixes).
+- drm/amd/display: skip audio setup when audio stream is enabled
+ (git-fixes).
+- drm/amd/display: update gamut remap if plane has changed
+ (git-fixes).
+- drm/amd/display: Assume an LTTPR is always present on fixed_vs
+ links (git-fixes).
+- drm/amd/display: Fix double cursor on non-video RGB MPO
+ (git-fixes).
+- ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
+ (git-fixes).
+- firmware: arm_scmi: Add SCMI PM driver remove routine
+ (git-fixes).
+- firmware: arm_scmi: Harden accesses to the sensor domains
+ (git-fixes).
+- firmware: arm_scmi: Improve checks in the info_get operations
+ (git-fixes).
+- net/ieee802154: fix uninit value bug in dgram_sendmsg
+ (git-fixes).
+- dmaengine: xilinx_dma: Report error in case of
+ dma_set_mask_and_coherent API failure (git-fixes).
+- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores
+ property (git-fixes).
+- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource
+ error handling (git-fixes).
+- ALSA: hda/hdmi: Fix the converter reuse for the silent stream
+ (git-fixes).
+- rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
+ (git-fixes).
+- mmc: core: Replace with already defined values for readability
+ (git-fixes).
+- commit 07f5789
+
+- Drop TI clk patch that has been reverted in 5.15.y stable
+- commit bfab74f
+
+- mm/hmm/test: use char dev with struct device to get device node
+ (jsc#PED-1294).
+- commit 2a441da
+
+- lib/test_hmm: avoid accessing uninitialized pages
+ (jsc#PED-1294).
+- commit 629e407
+
+- mm/memremap: fix wrong function name above memremap_pages()
+ (jsc#PED-1294).
+- commit 99ceafe
+
+- Updated metadata references for bsc#1200788 CVE-2022-2153:
+ Updated patches (from Juergen Gross)
+- patches.suse/KVM-x86-Avoid-theoretical-NULL-pointer-dereference-i.patch
+- patches.suse/KVM-x86-Check-lapic_in_kernel-before-attempting-to-s.patch
+- patches.suse/KVM-x86-Forbid-VMM-to-set-SYNIC-STIMER-MSRs-when-Syn.patch
+- commit e9364fc
+
+- selftests/vm: use top_srcdir instead of recomputing relative
+ paths (jsc#PED-1294).
+- commit fcd00bf
+
+- Kselftests: remove support of libhugetlbfs from kselftests
+ (jsc#PED-1294).
+- commit 5314c14
+
+- tools/testing/selftests/vm/hmm-tests.c: fix build
+ (jsc#PED-1294).
+- commit d4e3629
+
+- mm/hmm: add a test for cross device private faults
+ (jsc#PED-1294).
+- commit 113260c
+
+- mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
+ (jsc#PED-1294).
+- commit 81464f0
+
+- tools: update hmm-test to support device coherent type
+ (jsc#PED-1294).
+- commit 7b24afa
+
+- mm: fix the handling Non-LRU pages returned by follow_page
+ (jsc#PED-1294).
+- commit a0abdab
+
+- mm/huge_memory: use helper macro IS_ERR_OR_NULL in
+ split_huge_pages_pid (jsc#PED-1294).
+- commit 64365f4
+
+- mm: remove unneeded local variable follflags (jsc#PED-1294).
+- commit f1da2a0
+
+- mm/migrate_device.c: fix a misleading and outdated comment
+ (jsc#PED-1294).
+- commit 2496c30
+
+- mm: migration: fix the FOLL_GET failure on following huge page
+ (jsc#PED-1294).
+- commit 7c67379
+
+- mm: re-allow pinning of zero pfns (again) (jsc#PED-1294).
+- commit 4e32fd5
+
+- nvdimm/pmem: cleanup the disk if pmem_release_disk() is yet
+ assigned (jsc#PED-1294).
+- commit 519f490
+
+- thunderbolt: Fix buffer allocation of devices with no
+ DisplayPort adapters (git-fixes).
+- commit 2534904
+
+- fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-2978
+ bsc#1202700).
+- commit e1802d7
+
+- thunderbolt: Add missing device ID to
+ tb_switch_is_alpine_ridge() (git-fixes).
+- commit 9447425
+
+- thunderbolt: Disable LTTPR on Intel Titan Ridge (git-fixes).
+- commit 9dce26f
+
+- usb/hcd: Fix dma_map_sg error check (git-fixes).
+- commit 82f7672
+
+- mm/gup.c: fix formatting in check_and_migrate_movable_page()
+ (jsc#PED-1294).
+- commit 6bb21eb
+
+- tools: add selftests to hmm for COW in device memory
+ (jsc#PED-1294).
+- commit fbb5441
+
+- tools: add hmm gup tests for device coherent type
+ (jsc#PED-1294).
+- commit ccae011
+
+- tools: update test_hmm script to support SP config
+ (jsc#PED-1294).
+- commit 32be4d6
+
+- lib: add support for device coherent type in test_hmm
+ (jsc#PED-1294).
+- commit 5bcf5a6
+
+- lib: test_hmm add module param for zone device type
+ (jsc#PED-1294).
+- commit e22f0bf
+
+- lib: test_hmm add ioctl to get zone device type (jsc#PED-1294).
+- commit 87c4e9c
+
+- drm/amdkfd: add SPM support for SVM (jsc#PED-1294).
+- commit 9d8092a
+
+- drm/amdkfd: fix resource_size.cocci warnings (jsc#PED-1294).
+- commit 589703d
+
+- mm/gup: migrate device coherent pages when pinning instead of
+ failing (jsc#PED-1294).
+- commit f57d4bb
+
+- kabi/severities: ignore CS35L41-specific exports (bsc#1203699)
+- commit 9f486fe
+
+- ALSA: hda: cs35l41: Support System Suspend (bsc#1203699).
+- ALSA: hda: cs35l41: Remove suspend/resume hda hooks
+ (bsc#1203699).
+- ALSA: hda/cs_dsp_ctl: Fix mutex inversion when creating controls
+ (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Ensure pwr_lock is held before
+ reading/writing controls (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Minor clean and redundant code
+ removal (bsc#1203699).
+- commit 54175bd
+
+- PCI: mediatek-gen3: Change driver name to mtk-pcie-gen3
+ (git-fixes).
+- dt-bindings: PCI: microchip,pcie-host: fix missing dma-ranges
+ (git-fixes).
+- dt-bindings: PCI: microchip,pcie-host: fix missing clocks
+ properties (git-fixes).
+- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
+ (git-fixes).
+- PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
+ (git-fixes).
+- PCI/ASPM: Correct LTR_L1.2_THRESHOLD computation (git-fixes).
+- PCI/ASPM: Ignore L1 PM Substates if device lacks capability
+ (git-fixes).
+- i2c: designware: Fix handling of real but unexpected device
+ interrupts (git-fixes).
+- pinctrl: microchip-sgpio: Correct the fwnode_irq_get() return
+ value check (git-fixes).
+- pinctrl: armada-37xx: Checks for errors in gpio_request_enable
+ callback (git-fixes).
+- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22
+ (git-fixes).
+- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
+- Input: i8042 - fix refount leak on sparc (git-fixes).
+- Input: synaptics-rmi4 - fix firmware update operations with
+ bootloader v8 (git-fixes).
+- Input: xpad - fix wireless 360 controller breaking after suspend
+ (git-fixes).
+- commit 6628947
+
+- Add cherry-picked ID for AMDGPU patch
+- commit 005b431
+
+- mm: add device coherent vma selection for memory migration
+ (jsc#PED-1294).
+- commit c7f49b6
+
+- mm: handling Non-LRU pages returned by vm_normal_pages
+ (jsc#PED-1294).
+- commit e689445
+
+- mm/migration: fix possible do_pages_stat_array racing with
+ memory offline (jsc#PED-1294).
+- commit f5b7a8c
+
+- mm: add zone device coherent type memory support (jsc#PED-1294).
+- commit c80982a
+
+- mm: re-allow pinning of zero pfns (jsc#PED-1294).
+- commit 541ae7e
+
+- octeontx2-pf: cn10k: Fix egress ratelimit configuration
+ (git-fixes).
+- commit dfc0a0a
+
+- net: sungem_phy: Add of_node_put() for reference returned by
+ of_get_parent() (git-fixes).
+- commit cc0874b
+
+- net: pcs: xpcs: propagate xpcs_read error to
+ xpcs_get_state_c37_sgmii (git-fixes).
+- commit 6750e0f
+
+- mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
+ (git-fixes).
+- commit 6f3b54a
+
+- ipv4: Fix data-races around sysctl_fib_multipath_hash_policy
+ (git-fixes).
+- commit afc53c0
+
+- iavf: Fix handling of dummy receive descriptors (git-fixes).
+- commit e9bd3c0
+
+- net: dsa: vitesse-vsc73xx: silent spi_device_id warnings
+ (git-fixes).
+- commit 155ccd4
+
+- net: dsa: sja1105: silent spi_device_id warnings (git-fixes).
+- commit ee0b547
+
+- net: stmmac: remove redunctant disable xPCS EEE call
+ (git-fixes).
+- commit 9493b1a
+
+- ixgbe: Add locking to prevent panic when setting sriov_numvfs
+ to zero (git-fixes).
+- commit 53fbc66
+
+- net: stmmac: fix dma queue left shift overflow issue
+ (git-fixes).
+- commit 1deb58f
+
+- net: dsa: microchip: ksz_common: Fix refcount leak bug
+ (git-fixes).
+- commit c46e25b
+
+- net: stmmac: fix unbalanced ptp clock issue in suspend/resume
+ flow (git-fixes).
+- commit dff326f
+
+- net: stmmac: fix pm runtime issue in stmmac_dvr_remove()
+ (git-fixes).
+- commit e347cfb
+
+- ip: Fix data-races around sysctl_ip_fwd_update_priority
+ (git-fixes).
+- commit 4ea8f18
+
+- sfc: fix kernel panic when creating VF (git-fixes).
+- commit 33eba8c
+
+- sfc: fix use after free when disabling sriov (git-fixes).
+- commit 2fa14d7
+
+- net: stmmac: fix leaks in probe (git-fixes).
+- commit 97831ef
+
+- mm: move page zone helpers from mm.h to mmzone.h (jsc#PED-1294).
+- commit 57ef364
+
+- KVM: x86: Register perf callbacks after calling vendor's
+ hardware_setup() (git-fixes).
+- Refresh
+ patches.suse/KVM-x86-Register-Processor-Trace-interrupt-hook-iff-.patch.
+- commit 871c62a
+
+- mm: build migrate_vma_* for all configs with ZONE_DEVICE support
+ (jsc#PED-1294).
+- Update config files.
+- commit 0314c06
+
+- USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
+ (git-fixes).
+- commit 31ce443
+
+- KVM: VMX: Inject #PF on ENCLS as "emulated" #PF (git-fixes).
+- commit cc0ea0c
+
+- usb: ehci: Fix a function name in comments (git-fixes).
+- commit 610087d
+
+- usb: host: remove dead EHCI support for on-chip PMC MSP71xx
+ USB controller (jsc#PED-531).
+- commit 62f8e77
+
+- x86/mce: Retrieve poison range from hardware (jsc#PED-1408).
+- ACPI: CPPC: Don't require flexible address space if
+ X86_FEATURE_CPPC is supported (jsc#PED-1408).
+- ACPI: CPPC: Fix enabling CPPC on AMD systems with shared memory
+ (jsc#PED-1408).
+- commit ac7776e
+
+- xhci: remove unused lpm_failed_dev member from struct xhci_hcd
+ (jsc#PED-531).
+- commit 85de64c
+
+- xhci: remove unused command member from struct xhci_hcd struct
+ (jsc#PED-531).
+- commit 5e975fe
+
+- USB: xhci: make xhci_get_endpoint_address static (jsc#PED-531).
+- commit dcf3baa
+
+- ACPI: CPPC: Don't require _OSC if X86_FEATURE_CPPC is supported
+ (jsc#PED-1408).
+- tools headers cpufeatures: Sync with the kernel sources
+ (jsc#PED-1408).
+- x86/cpufeatures: Add AMD Collaborative Processor Performance
+ Control feature flag (jsc#PED-1408).
+ Refresh patches.suse/x86-cpu-amd-Enumerate-BTC_NO.patch.
+- commit bf4cd56
+
+- USB: hcd-pci: Drop the unused id parameter from
+ usb_hcd_pci_probe() (jsc#PED-531).
+- commit b826b6a
+
+- xen: update ring.h (jsc#PED-531).
+- commit 4472a2b
+
+- xen/xenbus: add xenbus_setup_ring() service function
+ (jsc#PED-531).
+- commit f043eec
+
+- KVM: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled
+ (git-fixes).
+- commit 93cdb54
+
+- net: ftgmac100: Hold reference returned by
+ of_get_child_by_name() (git-fixes).
+- commit 0961942
+
+- bnxt_en: Fix bnxt_refclk_read() (git-fixes).
+- commit 4187bc1
+
+- bnxt_en: fix livepatch query (git-fixes).
+- commit cc62415
+
+- bnxt_en: Fix bnxt_reinit_after_abort() code path (git-fixes).
+- commit e387d75
+
+- bnxt_en: reclaim max resources if sriov enable fails
+ (git-fixes).
+- commit 9161aa5
+
+- net/mlx5e: Ring the TX doorbell on DMA errors (git-fixes).
+- commit 7fdc3a9
+
+- net/mlx5e: Fix enabling sriov while tc nic rules are offloaded
+ (git-fixes).
+- commit 5e19505
+
+- KVM: x86: do not report preemption if the steal time cache is
+ stale (git-fixes).
+- commit c293d6b
+
+- net: ethernet: ti: am65-cpsw: Fix devlink port register sequence
+ (git-fixes).
+- commit 385f6b7
+
+- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness
+ conversion (git-fixes).
+- commit 368984e
+
+- can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct
+ length to read dev_id (git-fixes).
+- commit 809cb98
+
+- usb: renesas-xhci: Do not print any log while fw verif success
+ (jsc#PED-531).
+- commit bad9850
+
+- xen/usbfront: use xenbus_setup_ring() and xenbus_teardown_ring()
+ (jsc#PED-531).
+- commit 41ef599
+
+- xen/usb: switch xen-hcd to use INVALID_GRANT_REF (jsc#PED-531).
+- commit e4f01cd
+
+- xen/usb: harden xen_hcd against malicious backends
+ (jsc#PED-531).
+- commit 36bb0d3
+
+- xen/grant-table: remove readonly parameter from functions
+ (jsc#PED-531).
+- Refresh
+ patches.suse/xen-blkfront-force-data-bouncing-when-backend-is-unt.patch.
+- commit 80f5ba9
+
+- xen/usb: don't use arbitrary_virt_to_machine() (jsc#PED-531).
+- commit 71d02c4
+
+- mm: move the migrate_vma_* device migration code into its own
+ file (jsc#PED-1294).
+- Update config files.
+- commit ffdaa32
+
+- mm/migrate: remove redundant variables used in a for-loop
+ (jsc#PED-1294).
+- commit 53fa906
+
+- x86/PCI: Revert "x86/PCI: Clip only host bridge windows for
+ E820 regions" (jsc#PED-1408).
+- ACPI: clean up white space in a few places for consistency
+ (jsc#PED-1408).
+- ACPI: video: improve PM notifer callback (jsc#PED-1408).
+- ACPI: battery: Make "not-charging" the default on no charging
+ or full info (jsc#PED-1408).
+- ACPI: CPPC: fix typo in comment (jsc#PED-1408).
+- ACPI: processor: idle: Expose max_cstate/nocst/bm_check_disable
+ read-only in sysfs (jsc#PED-1408).
+- ACPI: glue: Rearrange find_child_checks() (jsc#PED-1408).
+- ACPI: DPTF: Support Meteor Lake (jsc#PED-1408).
+- ACPI: NFIT: Drop nfit_device_lock() (jsc#PED-1408).
+- PCI/ACPI: negotiate CXL _OSC (jsc#PED-1408).
+- PCI/ACPI: Prefer CXL _OSC instead of PCIe _OSC for CXL host
+ bridges (jsc#PED-1408).
+- PCI/ACPI: add a helper for retrieving _OSC Control DWORDs
+ (jsc#PED-1408).
+- acpi/nfit: rely on mce->misc to determine poison granularity
+ (jsc#PED-1408).
+- x86/PCI: Disable E820 reserved region clipping starting in 2023
+ (jsc#PED-1408).
+- x86/PCI: Disable E820 reserved region clipping via quirks
+ (jsc#PED-1408).
+- x86/PCI: Add kernel cmdline options to use/ignore E820 reserved
+ regions (jsc#PED-1408).
+- x86/PCI: Clip only host bridge windows for E820 regions
+ (jsc#PED-1408).
+- x86: Log resource clipping for E820 regions (jsc#PED-1408).
+- x86/PCI: Eliminate remove_e820_regions() common subexpressions
+ (jsc#PED-1408).
+- device property: Add irq_get to fwnode operation (jsc#PED-1408).
+- ACPI: property: Move acpi_fwnode_device_get_match_data() up
+ (jsc#PED-1408).
+- device property: Convert device_{dma_supported,get_dma_attr}
+ to fwnode (jsc#PED-1408).
+- cpufreq: CPPC: Enable fast_switch (jsc#PED-1408).
+- ACPI: bus: Set CPPC _OSC bits for all and when CPPC_LIB is
+ supported (jsc#PED-1408).
+ Refresh
+ patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch.
+- ACPI: CPPC: Check _OSC for flexible address space
+ (jsc#PED-1408).
+ Refresh
+ patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch.
+- x86/ACPI: Preserve ACPI-table override during hibernation
+ (jsc#PED-1408).
+- x86: ACPI: Make mp_config_acpi_gsi() a void function
+ (jsc#PED-1408).
+- ACPI: DPTF: Add support for high frequency impedance
+ notification (jsc#PED-1408).
+- ACPI: DPTF: Correct description of INT3407 / INT3532 attributes
+ (jsc#PED-1408).
+- ACPI, APEI, EINJ: Refuse to inject into the zero page
+ (jsc#PED-1408).
+- ACPI: APEI: Fix missing ERST record id (jsc#PED-1408).
+- ACPI: BGRT: use static for BGRT_SHOW kobj_attribute defines
+ (jsc#PED-1408).
+- ACPI: SPCR: Add support for NVIDIA 16550-compatible port subtype
+ (jsc#PED-1408).
+- ACPI: bus: Avoid non-ACPI device objects in walks over children
+ (jsc#PED-1408).
+- PCI: ACPI: PM: Power up devices in D3cold before scanning them
+ (jsc#PED-1408).
+- ACPI: PM: Introduce acpi_dev_power_up_children_with_adr()
+ (jsc#PED-1408).
+- ACPI: bus: Introduce acpi_dev_for_each_child() (jsc#PED-1408).
+- ACPI: PM: Always print final debug message in
+ acpi_device_set_power() (jsc#PED-1408).
+- ACPI: PM: Unify debug messages in acpi_device_set_power()
+ (jsc#PED-1408).
+- ACPI: PM: Change pr_fmt() in device_pm.c (jsc#PED-1408).
+- ACPI: PM: Convert debug message in acpi_device_get_power()
+ (jsc#PED-1408).
+- Revert "ACPICA: executer/exsystem: Warn about sleeps greater
+ than 10 ms" (jsc#PED-1408).
+- ACPICA: Update version to 20220331 (jsc#PED-1408).
+- ACPICA: exsystem.c: Use ACPI_FORMAT_UINT64 for 64-bit output
+ (jsc#PED-1408).
+- ACPICA: IORT: Updates for revision E.d (jsc#PED-1408).
+- ACPICA: executer/exsystem: Fix some typo mistakes
+ (jsc#PED-1408).
+- ACPICA: iASL/MADT: Add OEM-defined subtable (jsc#PED-1408).
+- ACPICA: executer/exsystem: Warn about sleeps greater than 10 ms
+ (jsc#PED-1408).
+- ACPICA: executer/exsystem: Inform users about ACPI spec
+ violation (jsc#PED-1408).
+- ACPICA: Add support for ARM Performance Monitoring Unit Table
+ (jsc#PED-1408).
+- ACPICA: executer/exsystem: Add units to time variable names
+ (jsc#PED-1408).
+- ACPICA: Headers: Replace zero-length array with flexible-array
+ member (jsc#PED-1408).
+- ACPICA: Removed some tabs and // comments (jsc#PED-1408).
+- ACPICA: Update copyright notices to the year 2022
+ (jsc#PED-1408).
+- ACPICA: Clean up double word in comment (jsc#PED-1408).
+- ACPICA: Add new ACPI 6.4 semantics for LoadTable() operator
+ (jsc#PED-1408).
+- ACPICA: Add new ACPI 6.4 semantics to the Load() operator
+ (jsc#PED-1408).
+- ACPICA: iASL: NHLT: Rename linux specific strucures to
+ device_info (jsc#PED-1408).
+- ACPICA: iASL: NHLT: Fix parsing undocumented bytes at the end
+ of Endpoint Descriptor (jsc#PED-1408).
+- ACPICA: iASL: NHLT: Treat Terminator as specific_config
+ (jsc#PED-1408).
+- ACPICA: Add the subtable CFMWS to the CEDT table (jsc#PED-1408).
+- ACPICA: Add support for the Windows 11 _OSI string
+ (jsc#PED-1408).
+- ACPI: utils: include UUID in _DSM evaluation warning
+ (jsc#PED-1408).
+- ACPI: Add perf low power callback (jsc#PED-1408).
+ Refresh
+ patches.suse/ACPI-acpi_pad-Do-not-launch-acpi_pad-threads-on-idle-cpus.patch.
+- commit 54d6015
+
+- ACPI: APEI: do not add task_work to kernel thread to avoid
+ memory leak (git-fixes).
+- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
+ (git-fixes).
+- dt-bindings: crypto: ti,sa2ul: drop dma-coherent property
+ (git-fixes).
+- selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle
+ (git-fixes).
+- crypto: cavium - prevent integer overflow loading firmware
+ (git-fixes).
+- crypto: marvell/octeontx - prevent integer overflows
+ (git-fixes).
+- crypto: inside-secure - Replace generic aes with libaes
+ (git-fixes).
+- Revert "crypto: qat - reduce size of mapped region" (git-fixes).
+- crypto: inside-secure - Change swab to swab32 (git-fixes).
+- crypto: ccp - Release dma channels before dmaengine unrgister
+ (git-fixes).
+- crypto: akcipher - default implementation for setting a private
+ key (git-fixes).
+- crypto: qat - fix default value of WDT timer (git-fixes).
+- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
+ (git-fixes).
+- crypto: sahara - don't sleep when in softirq (git-fixes).
+- drm/amdgpu/display: change pipe policy for DCN 2.1 (git-fixes).
+- drm/i915: Reject unsupported TMDS rates on ICL+ (git-fixes).
+- drm/amdgpu/display: change pipe policy for DCN 2.0 (git-fixes).
+- drm/amd/display: Correct MPC split policy for DCN301
+ (git-fixes).
+- commit 353fbde
+
+- Update
+ patches.suse/mm-rmap-Fix-anon_vma-degree-ambiguity-leading-to-double-reuse.patch
+ (CVE-2022-42703, bsc#1204168, git-fixes, bsc#1203098).
+- commit fef8e31
+
+- mm/migrate.c: rework migration_entry_wait() to not take a
+ pageref (jsc#PED-1294).
+- commit 313eb0c
+
+- blacklist.conf: 30ea703a38ef x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype
+- commit fdb1f20
+
+- misc: sgi-gru: fix use-after-free error in
+ gru_set_context_option, gru_fault and gru_handle_user_call_os
+ (CVE-2022-3424 bsc#1204166).
+- commit bbc730f
+
+- wifi: mac80211: fix crash in beacon protection for P2P-device
+ (CVE-2022-42722 bsc#1204125).
+- commit 38da0b9
+
+- usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC
+ (git-fixes).
+- blacklist.conf: outside kABI fixes build fixes are important
+- Update config files.
+- commit 8852d4a
+
+- powerpc/kvm: Remove obsolete and unneeded select (git-fixes).
+- blacklist.conf: outside kABI freezes, build fixes are important
+- commit 329cacc
+
+- net: delete redundant function declaration (git-fixes).
+- blacklist.conf: broke kABI, applicable in SP5
+- commit b7a266b
+
+- habanalabs: select CRC32 (git-fixes).
+- blacklist.conf: outside kABI freezes build fixes are important
+- commit 33fa2e9
+
+- tracing: Fix smatch warning for do while check in
+ event_hist_trigger_parse() (git-fixes).
+- blacklist.conf: no longer unreasonable in SP5
+- commit 7c1653b
+
+- tracing: Tag trace_percpu_buffer as a percpu pointer
+ (git-fixes).
+- blacklist.conf: broke kABI in a hard to fix way, hence can be applied
+ in SP5
+- commit 36fd9f7
+
+- x86/Kconfig: Fix an unused variable error in dell-smm-hwmon
+ (git-fixes).
+- blacklist.conf: can be unblacklisted in SP5 and will make backporting
+ easier
+- commit 59cf2b3
+
+- wifi: mac80211: fix MBSSID parsing use-after-free
+ (CVE-2022-42719 bsc#1204051).
+- commit bab6e58
+
+- mac80211: fix memory leaks with element parsing (CVE-2022-42719
+ bsc#1204051).
+- commit f9a2be2
+
+- wifi: mac80211: refactor elements parsing with parameter struct
+ (CVE-2022-42719 bsc#1204051).
+- mac80211: always allocate struct ieee802_11_elems
+ (CVE-2022-42719 bsc#1204051).
+- mac80211: mlme: find auth challenge directly (CVE-2022-42719
+ bsc#1204051).
+- mac80211: move CRC into struct ieee802_11_elems (CVE-2022-42719
+ bsc#1204051).
+- commit b28a982
+
+- ipv4: Handle attempt to delete multipath route when fib_info
+ contains an nh reference (bsc#1204171 CVE-2022-3435).
+- commit 1b0c1c8
+
+- selftests: net: fix nexthop warning cleanup double ip typo
+ (bsc#1204171 CVE-2022-3435).
+- commit e3962a5
+
+- selftests: net: add delete nexthop route warning test
+ (bsc#1204171 CVE-2022-3435).
+- commit 85deab0
+
+- wifi: cfg80211: avoid nontransmitted BSS list corruption
+ (CVE-2022-42721 bsc#1204060).
+- wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720
+ bsc#1204059).
+- commit 82311e4
+
+- net: ipv4: fix route with nexthop object delete warning
+ (bsc#1204171 CVE-2022-3435).
+- commit a94edc1
+
+- Update metadata references
+- commit 61773f9
+
+- powercap: RAPL: Add Power Limit4 support for Alder Lake-N and
+ Raptor Lake-P (jsc#PED-769).
+- powercap: intel_rapl: Add support for RAPTORLAKE_P
+ (jsc#PED-686).
+- powercap: intel_rapl: add support for ALDERLAKE_N (jsc#PED-695).
+- powercap: RAPL: Add Power Limit4 support for RaptorLake
+ (jsc#PED-769).
+- powercap: intel_rapl: add support for RaptorLake (jsc#PED-769).
+- powercap: intel_rapl: support new layout of Psys PowerLimit
+ Register on SPR (jsc#PED-648).
+- powercap: Add Power Limit4 support for Alder Lake SoC
+ (jsc#PED-769).
+- commit ee363a4
+
+- selftests/powerpc: Skip energy_scale_info test on older firmware
+ (git-fixes).
+- commit 1eff3d6
+
+- Revert "SUNRPC: Remove unreachable error condition" (git-fixes).
+- NFS: Fix another fsync() issue after a server reboot
+ (git-fixes).
+- NFSv4: Fixes for nfs4_inode_return_delegation() (git-fixes).
+- commit 80742b5
+
+- blacklist.conf: and unwanted md patches
+- commit 96bda12
+
+- scsi: stex: Properly zero out the passthrough command structure
+ (bsc#1203514 CVE-2022-40768).
+- commit f2b2e4a
+
+- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
+- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
+- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
+- commit 6c7f2c9
+
+- sbitmap: Avoid leaving waitqueue in invalid state in
+ __sbq_wake_up() (git-fixes).
+- commit 3c6ffc4
+
+- staging: vt6655: fix some erroneous memory clean-up loops
+ (git-fixes).
+- virt: vbox: convert to use dev_groups (git-fixes).
+- usb: mtu3: fix failed runtime suspend in host only mode
+ (git-fixes).
+- Revert "usb: storage: Add quirk for Samsung Fit flash"
+ (git-fixes).
+- usb: mon: make mmapped memory read only (git-fixes).
+- xhci: Don't show warning for reinit on known broken suspend
+ (git-fixes).
+- xhci: dbc: Fix memory leak in xhci_alloc_dbc() (git-fixes).
+- commit 4feb234
+
+- usb: gadget: function: fix dangling pnp_string in f_printer.c
+ (git-fixes).
+- USB: serial: console: move mutex_unlock() before
+ usb_serial_put() (git-fixes).
+- usb: common: debug: Check non-standard control requests
+ (git-fixes).
+- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
+ lpuart_dma_shutdown (git-fixes).
+- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
+- uas: ignore UAS for Thinkplus chips (git-fixes).
+- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
+- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
+- thunderbolt: Explicitly reset plug events delay back to USB4
+ spec value (git-fixes).
+- commit d8ee195
+
+- soc: sunxi_sram: Make use of the helper function
+ devm_platform_ioremap_resource() (git-fixes).
+- Refresh
+ patches.suse/soc-sunxi-sram-Prevent-the-driver-from-being-unbound.patch.
+- commit a85e811
+
+- spmi: pmic-arb: correct duplicate APID to PPID mapping logic
+ (git-fixes).
+- spmi: pmic-arb: do not ack and clear peripheral interrupts in
+ cleanup_irq (git-fixes).
+- slimbus: qcom-ngd: cleanup in probe error path (git-fixes).
+- slimbus: qcom-ngd: use correct error in message of
+ pdr_add_lookup() failure (git-fixes).
+- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
+ (git-fixes).
+- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
+ (git-fixes).
+- soc: sunxi: sram: Fix probe function ordering issues
+ (git-fixes).
+- commit 3e1f43f
+
+- serial: 8250: Fix restoring termios speed after suspend
+ (git-fixes).
+- drivers: serial: jsm: fix some leaks in probe (git-fixes).
+- remoteproc: imx_rproc: Simplify some error message (git-fixes).
+- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
+- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
+- platform/x86: msi-laptop: Fix old-ec check for backlight
+ registering (git-fixes).
+- commit a448666
+
+- misc: ocxl: fix possible refcount leak in afu_ioctl()
+ (git-fixes).
+- phy: qualcomm: call clk_disable_unprepare in the error handling
+ (git-fixes).
+- phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference
+ returned by of_get_parent() (git-fixes).
+- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
+- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
+ (git-fixes).
+- mtd: rawnand: fsl_elbc: Fix none ECC mode (git-fixes).
+- mtd: rawnand: intel: Don't re-define NAND_DATA_IFACE_CHECK_ONLY
+ (git-fixes).
+- mtd: rawnand: intel: Remove undocumented compatible string
+ (git-fixes).
+- mtd: rawnand: intel: Read the chip-select line from the correct
+ OF node (git-fixes).
+- mtd: devices: docg3: check the return value of devm_ioremap()
+ in the probe (git-fixes).
+- platform/x86: asus-wmi: Document the panel_od sysfs attribute
+ (git-fixes).
+- platform/x86: asus-wmi: Document the egpu_enable sysfs attribute
+ (git-fixes).
+- platform/x86: asus-wmi: Document the dgpu_disable sysfs
+ attribute (git-fixes).
+- platform/chrome: cros_ec_typec: Correct alt mode index
+ (git-fixes).
+- platform/chrome: fix memory corruption in ioctl (git-fixes).
+- platform/chrome: fix double-free in chromeos_laptop_prepare()
+ (git-fixes).
+- platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT
+ failure (git-fixes).
+- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
+ (git-fixes).
+- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
+ (git-fixes).
+- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
+ (git-fixes).
+- commit b26b1a7
+
+- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
+ (git-fixes).
+- mailbox: mpfs: account for mbox offsets while sending
+ (git-fixes).
+- mailbox: mpfs: fix handling of the reg property (git-fixes).
+- mfd: sm501: Add check for platform_driver_register()
+ (git-fixes).
+- mfd: fsl-imx25: Fix check for platform_get_irq() errors
+ (git-fixes).
+- mfd: lp8788: Fix an error handling path in lp8788_irq_init()
+ and lp8788_irq_init() (git-fixes).
+- mfd: lp8788: Fix an error handling path in lp8788_probe()
+ (git-fixes).
+- mfd: fsl-imx25: Fix an error handling path in
+ mx25_tsadc_setup_irq() (git-fixes).
+- mfd: intel_soc_pmic: Fix an error handling path in
+ intel_soc_pmic_i2c_probe() (git-fixes).
+- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
+ (git-fixes).
+- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (git-fixes).
+- media: uvcvideo: Fix memory leak in uvc_gpio_parse (git-fixes).
+- media: meson: vdec: add missing clk_disable_unprepare on error
+ in vdec_hevc_start() (git-fixes).
+- media: cedrus: Fix endless loop in cedrus_h265_skip_bits()
+ (git-fixes).
+- media: cedrus: Set the platform driver data earlier (git-fixes).
+- memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
+ (git-fixes).
+- memory: of: Fix refcount leak bug in of_get_ddr_timings()
+ (git-fixes).
+- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
+ (git-fixes).
+- media: v4l2-compat-ioctl32.c: zero buffer passed to
+ v4l2_compat_get_array_args() (git-fixes).
+- commit f4e8a30
+
+- iio: adc: ad7923: fix channel readings for some variants
+ (git-fixes).
+- iio: ltc2497: Fix reading conversion results (git-fixes).
+- iio: dac: ad5593r: Fix i2c read protocol requirements
+ (git-fixes).
+- iio: magnetometer: yas530: Change data type of hard_offsets
+ to signed (git-fixes).
+- iio: ABI: Fix wrong format of differential capacitance channel
+ ABI (git-fixes).
+- iio: inkern: fix return value in
+ devm_of_iio_channel_get_by_name() (git-fixes).
+- iio: inkern: only release the device node when done with it
+ (git-fixes).
+- iio: adc: at91-sama5d2_adc: disable/prepare buffer on
+ suspend/resume (git-fixes).
+- iio: adc: at91-sama5d2_adc: lock around oversampling and sample
+ freq (git-fixes).
+- iio: adc: at91-sama5d2_adc: check return status for pressure
+ and touch (git-fixes).
+- commit b02859c
+
+- firmware: google: Test spinlock on panic path to avoid lockups
+ (git-fixes).
+- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
+ (git-fixes).
+- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
+ (git-fixes).
+- dt-bindings: phy: qcom,qmp-usb3-dp: fix bogus clock-cells
+ property (git-fixes).
+- dt-bindings: phy: qcom,qmp: fix bogus clock-cells property
+ (git-fixes).
+- dt-bindings: mtd: intel: lgm-nand: Fix maximum chip select value
+ (git-fixes).
+- dt-bindings: mtd: intel: lgm-nand: Fix compatible string
+ (git-fixes).
+- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
+- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
+- HID: multitouch: Add memory barriers (git-fixes).
+- hid: hid-logitech-hidpp: avoid unnecessary assignments in
+ hidpp_connect_event (git-fixes).
+- drm/omap: dss: Fix refcount leak bugs (git-fixes).
+- drm/msm/dp: correct 1.62G link rate at
+ dp_catalog_ctrl_config_msa() (git-fixes).
+- drm/msm/dp: Silence inconsistent indent warning (git-fixes).
+- drm/msm/dpu: Fix comment typo (git-fixes).
+- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
+- dt-bindings: display/msm: dpu-sdm845: add missing DPU opp-table
+ (git-fixes).
+- dt-bindings: display/msm: dpu-sc7180: add missing DPU opp-table
+ (git-fixes).
+- commit 71c6639
+
+- drm/scheduler: quieten kernel-doc warnings (git-fixes).
+- commit 95b96ec
+
+- drm/amdgpu: add missing pci_disable_device() in
+ amdgpu_pmops_runtime_resume() (git-fixes).
+- drm/bridge: megachips: Fix a null pointer dereference bug
+ (git-fixes).
+- drm: fix drm_mipi_dbi build errors (git-fixes).
+- drm/msm: Make .remove and .shutdown HW shutdown consistent
+ (git-fixes).
+- drm:pl111: Add of_node_put() when breaking out of
+ for_each_available_child_of_node() (git-fixes).
+- drm/bridge: parade-ps8640: Fix regulator supply order
+ (git-fixes).
+- drm/virtio: Unlock reservations on
+ virtio_gpu_object_shmem_init() error (git-fixes).
+- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
+- commit f6c9019
+
+- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
+ (git-fixes).
+- clk: baikal-t1: Add SATA internal ref clock buffer (git-fixes).
+- dmaengine: ioat: stop mod_timer from resurrecting deleted
+ timer in __cleanup() (git-fixes).
+- dmaengine: mxs: use platform_driver_register (git-fixes).
+- dmaengine: hisilicon: Add multi-thread support for a DMA channel
+ (git-fixes).
+- dmaengine: hisilicon: Fix CQ head update (git-fixes).
+- dmaengine: hisilicon: Disable channels when unregister hisi_dma
+ (git-fixes).
+- drm/bridge: Avoid uninitialized variable warning (git-fixes).
+- drm/nouveau: fix a use-after-free in
+ nouveau_gem_prime_import_sg_table() (git-fixes).
+- drm: bridge: adv7511: fix CEC power down control register offset
+ (git-fixes).
+- commit 89292ab
+
+- clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent
+ (git-fixes).
+- clk: baikal-t1: Fix invalid xGMAC PTP clock divider (git-fixes).
+- clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD
+ (git-fixes).
+- clk: imx: scu: fix memleak on platform_device_add() fails
+ (git-fixes).
+- clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical
+ (git-fixes).
+- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying
+ num_parents (git-fixes).
+- clk: ast2600: BCLK comes from EPLL (git-fixes).
+- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
+ (git-fixes).
+- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
+ (git-fixes).
+- commit c248e05
+
+- clk: tegra20: Fix refcount leak in tegra20_clock_init
+ (git-fixes).
+- clk: tegra: Fix refcount leak in tegra114_clock_init
+ (git-fixes).
+- clk: tegra: Fix refcount leak in tegra210_clock_init
+ (git-fixes).
+- clk: sprd: Hold reference returned by of_get_parent()
+ (git-fixes).
+- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
+- clk: qoriq: Hold reference returned by of_get_parent()
+ (git-fixes).
+- clk: oxnas: Hold reference returned by of_get_parent()
+ (git-fixes).
+- clk: meson: Hold reference returned by of_get_parent()
+ (git-fixes).
+- ata: fix ata_id_has_dipm() (git-fixes).
+- ata: fix ata_id_has_ncq_autosense() (git-fixes).
+- ata: fix ata_id_has_devslp() (git-fixes).
+- ata: fix ata_id_sense_reporting_enabled() and
+ ata_id_has_sense_reporting() (git-fixes).
+- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
+ (git-fixes).
+- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
+ (git-fixes).
+- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
+ (git-fixes).
+- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
+ (git-fixes).
+- ASoC: codecs: tx-macro: fix kcontrol put (git-fixes).
+- ASoC: da7219: Fix an error handling path in
+ da7219_register_dai_clks() (git-fixes).
+- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx
+ API (git-fixes).
+- ASoC: wm_adsp: Handle optional legacy support (git-fixes).
+- commit 8f6277f
+
+- Move upstreamed DRM, NVMe and sound patches into sorted section
+- commit 48ff6f0
+
+- arm64: ftrace: fix module PLTs with mcount (git-fixes).
+- ARM: Drop CMDLINE_* dependency on ATAGS (git-fixes).
+- ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
+ (git-fixes).
+- ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
+ (git-fixes).
+- ARM: dts: turris-omnia: Add label for wan port (git-fixes).
+- ARM: dts: armada-38x: Add gpio-ranges for pin muxing
+ (git-fixes).
+- ARM: dts: kirkwood: lsxl: remove first ethernet port
+ (git-fixes).
+- ARM: dts: kirkwood: lsxl: fix serial line (git-fixes).
+- ARM: dts: turris-omnia: Fix mpp26 pin name and comment
+ (git-fixes).
+- arm64: dts: qcom: sc7280: Cleanup the lpasscc node (git-fixes).
+- arm64: dts: ti: k3-j7200: fix main pinmux range (git-fixes).
+- ARM: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus
+ (git-fixes).
+- ARM: defconfig: drop CONFIG_USB_FSL_USB2 (git-fixes).
+- ARM: defconfig: drop CONFIG_PTP_1588_CLOCK=y (git-fixes).
+- ARM: defconfig: drop CONFIG_SERIAL_OMAP references (git-fixes).
+- ARM: defconfig: clean up multi_v4t and multi_v5 configs
+ (git-fixes).
+- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
+- ASoC: tas2764: Fix mute/unmute (git-fixes).
+- ASoC: tas2764: Drop conflicting set_bias_level power setting
+ (git-fixes).
+- ASoC: tas2764: Allow mono streams (git-fixes).
+- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
+- ASoC: mt6359: fix tests for platform_get_irq() failure
+ (git-fixes).
+- ALSA: hda/hdmi: Don't skip notification handling during PM
+ operation (git-fixes).
+- ALSA: dmaengine: increment buffer pointer atomically
+ (git-fixes).
+- ALSA: asihpi - Remove useless code in hpi_meter_get_peak()
+ (git-fixes).
+- ASoC: wcd934x: fix order of Slimbus unprepare/disable
+ (git-fixes).
+- ASoC: wcd9335: fix order of Slimbus unprepare/disable
+ (git-fixes).
+- ARM: dts: integrator: Tag PCI host with device_type (git-fixes).
+- commit 5a02ba2
+
+- i40e: Fix dropped jumbo frames statistics (git-fixes).
+- commit b407b7d
+
+- net: bonding: fix use-after-free after 802.3ad slave unbind
+ (git-fixes).
+- commit 05b9579
+
+- net: bonding: fix possible NULL deref in rlb code (git-fixes).
+- commit 8542934
+
+- net: dp83822: disable rx error interrupt (git-fixes).
+- commit f74888c
+
+- net: dp83822: disable false carrier interrupt (git-fixes).
+- commit ba1cc16
+
+- net: dsa: bcm_sf2: force pause link settings (git-fixes).
+- commit 5258d4a
+
+- net/dsa/hirschmann: Add missing of_node_get() in
+ hellcreek_led_setup() (git-fixes).
+- commit 29e4721
+
+- ice: Fix switchdev rules book keeping (git-fixes).
+- commit 5c21799
+
+- igb: Make DMA faster when CPU is active on the PCIe link
+ (git-fixes).
+- commit db90cd9
+
+- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
+ (git-fixes).
+- commit da7ba2e
+
+- igb: fix a use-after-free issue in igb_clean_tx_ring
+ (git-fixes).
+- commit 12acd2f
+
+- net: bgmac: Fix an erroneous kfree() in bgmac_remove()
+ (git-fixes).
+- commit 547f6a9
+
+- mlxsw: spectrum_cnt: Reorder counter pools (git-fixes).
+- commit f2c7808
+
+- net: hns3: don't push link state to VF if unalive (git-fixes).
+- commit 7f6680c
+
+- net: hns3: set port base vlan tbl_sta to false before removing
+ old vlan (git-fixes).
+- commit 8c8d58b
+
+- i40e: Fix call trace in setup_tx_descriptors (git-fixes).
+- commit 7d70f11
+
+- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes).
+- commit 6a72a8e
+
+- ixgbe: fix bcast packets Rx on VF after promisc removal
+ (git-fixes).
+- commit ddb5b75
+
+- net: dsa: mv88e6xxx: use BMSR_ANEGCOMPLETE bit for filling
+ an_complete (git-fixes).
+- commit b8286fc
+
+- net: altera: Fix refcount leak in altera_tse_mdio_create
+ (git-fixes).
+- commit e80ff1b
+
+- net/mlx4_en: Fix wrong return value on ioctl EEPROM query
+ failure (git-fixes).
+- commit a76859c
+
+- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
+ (git-fixes).
+- commit 04259d9
+
+- stmmac: intel: Fix an error handling path in
+ intel_eth_pci_probe() (git-fixes).
+- commit fed21d9
+
+- net: ethernet: bgmac: Fix refcount leak in
+ bcma_mdio_mii_register (git-fixes).
+- commit 2227ee5
+
+- net: bgmac: support MDIO described in DT (git-fixes).
+- commit bf1f5f9
+
+- mm/migrate.c: remove MIGRATE_PFN_LOCKED (jsc#PED-1294).
+- commit 53d0a98
+
+- mm: refactor the ZONE_DEVICE handling in migrate_vma_pages
+ (jsc#PED-1294).
+- commit 5ff0982
+
+- mm: refactor the ZONE_DEVICE handling in migrate_vma_insert_page
+ (jsc#PED-1294).
+- commit c27db83
+
+- mm: refactor check_and_migrate_movable_pages (jsc#PED-1294).
+- commit a588dc0
+
+- mm: generalize the pgmap based page_free infrastructure
+ (jsc#PED-1294).
+- commit 2037cd5
+
+- fsdax: depend on ZONE_DEVICE || FS_DAX_LIMITED (jsc#PED-1294).
+- commit 00cc65d
+
+- mm: remove the extra ZONE_DEVICE struct page refcount
+ (jsc#PED-1294).
+- commit 0cba7f0
+
+- memremap: remove support for external pgmap refcounts
+ (jsc#PED-1294).
+- commit 2a29910
+
+- nvdimm/pmem: stop using q_usage_count as external pgmap refcount
+ (jsc#PED-1294).
+- commit fa7e3a6
+
+- mm/memremap: add ZONE_DEVICE support for compound pages
+ (jsc#PED-1294).
+- commit fabe0fa
+
+- mm/page_alloc: refactor memmap_init_zone_device() page init
+ (jsc#PED-1294).
+- commit f04239b
+
+- mm/page_alloc: split prep_compound_page into head and tail
+ subparts (jsc#PED-1294).
+- commit a82c6bd
+
+- drm/nouveau: wait for the exclusive fence after the shared ones v2 (bsc#1152472)
+ Backporting notes:
+ * context changes
+- commit 0261ec2
+
+- drm/amd/display: Changed pipe split policy to allow for multi-display (bsc#1152472)
+ Backporting notes:
+ * remove changes to non-existing 201 and 31 directories
+- commit e6a9bdd
+
+- drm/amdgpu/gfx9: switch to golden tsc registers for renoir+ (bsc#1152472)
+ Backporting notes:
+ * replace IP_VERSION() with CHIP_ constants
+- commit d27747b
+
+- blacklist.conf: Append 'drm/bridge: Add stubs for devm_drm_of_get_bridge when OF is disabled'
+- commit e1d0d55
+
+- blacklist.conf: Append 'drm/amd/display: Fix wrong format specifier in amdgpu_dm.c'
+- commit debed4c
+
+- blacklist.conf: Append 'drm/amdgpu: Fix resource leak on probe error path'
+- commit 116f3cc
+
+- drm/amdgpu/gfx10: add wraparound gpu counter check for APUs as well (bsc#1152472)
+ Backporting notes:
+ * also fix default branch
+- commit 0bf8eb3
+
+- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915 (bsc#1152489)
+ Backporting notes:
+ * update additional patch on top
+- commit 1550ef2
+
+- Update
+ patches.suse/ACPI-processor-idle-Practically-limit-Dummy-wait-wor.patch
+ (bsc#1203767,bsc#1203802).
+- commit c6ebacb
+
+- Update
+ patches.suse/x86-cpu-Add-new-Alderlake-and-Raptorlake-CPU-model-n.patch
+ (jsc#PED-743 jsc#PED-740).
+ Add a reference.
+- commit 1883c41
+
+- mm: don't include <linux/memremap.h> in <linux/mm.h>
+ (jsc#PED-1294).
+- commit b73066e
+
+- mm: simplify freeing of devmap managed pages (jsc#PED-1294).
+- commit e54adcf
+
+- mm: move free_devmap_managed_page to memremap.c (jsc#PED-1294).
+- commit e5afda3
+
+- nvme: ensure subsystem reset is single threaded (bsc#1203290
+ CVE-2022-3169).
+- commit f73d666
+
+- mm: remove pointless includes from <linux/hmm.h> (jsc#PED-1294).
+- commit 5917f7a
+
+- mm: remove the __KERNEL__ guard from <linux/mm.h>
+ (jsc#PED-1294).
+- commit 1864b4d
+
+- mm: remove a pointless CONFIG_ZONE_DEVICE check in
+ memremap_pages (jsc#PED-1294).
+- commit b4b9519
+
+- nvme: restrict management ioctls to admin (bsc#1203290
+ CVE-2022-3169).
+- commit c28a770
+
+- net/mlx5e: Update netdev features after changing XDP state
+ (git-fixes).
+- commit 5d7478c
+
+- net/mlx5e: Disable softirq in mlx5e_activate_rq to avoid race
+ condition (git-fixes).
+- commit 92e1426
+
+- hinic: Avoid some over memory allocation (git-fixes).
+- commit 41f381d
+
+- net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
+ (git-fixes).
+- commit b92d6d0
+
+- net: chelsio: cxgb4: Avoid potential negative array offset
+ (git-fixes).
+- commit 4cc759d
+
+- net/mlx5e: TC, fix decap fallback to uplink when int port not
+ supported (git-fixes).
+- commit 35c9b8d
+
+- net: dsa: ksz9477: port mirror sniffing limited to one port
+ (git-fixes).
+- commit 9996ff6
+
+- nvme: don't print verbose errors for internal passthrough
+ requests (bsc#1202187).
+- commit eaa4989
+
+- blacklist.conf: update the list
+- commit 78eff9b
+
+- s390/smp: enforce lowcore protection on CPU restart (git-fixes).
+- KVM: s390: pv: don't present the ecall interrupt twice
+ (bsc#1203229 LTC#199905).
+- commit aed7a32
+
+- x86: Expose init_freq_invariance() to topology header
+ (jsc#PED-1408).
+- commit c0d8e97
+
+- ACPI: AGDI: Fix missing prototype warning for acpi_agdi_init()
+ (jsc#PED-1408).
+- ACPI, APEI: Use the correct variable for sizeof()
+ (jsc#PED-1408).
+- ACPI: tables: Make LAPIC_ADDR_OVR address readable in message
+ (jsc#PED-1408).
+- ACPI: IPMI: replace usage of found with dedicated list iterator
+ variable (jsc#PED-1408).
+- ACPI: CPPC: Change default error code and clean up debug
+ messages in probe (jsc#PED-1408).
+ Refresh
+ patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch.
+ patches.suse/ACPI-CPPC-Do-not-prevent-CPPC-from-working-in-the-fu.patch.
+- ACPI / x86: Add support for LPS0 callback handler
+ (jsc#PED-1408).
+- Input: soc_button_array - add support for Microsoft Surface 3
+ (MSHW0028) buttons (jsc#PED-1408).
+- PM: hibernate: Honour ACPI hardware signature by default for
+ virtual guests (jsc#PED-1408).
+- ACPI: AGDI: Add driver for Arm Generic Diagnostic Dump and
+ Reset device (jsc#PED-1408).
+ Update config files.
+- ACPI: APEI: rename ghes_init() with an "acpi_" prefix
+ (jsc#PED-1408).
+ Refresh patches.suse/ACPI-VIOT-Fix-ACS-setup.patch.
+- ACPI: LPSS: Provide an SSP type to the driver (jsc#PED-1408).
+- ACPI: LPSS: Constify properties member in struct
+ lpss_device_desc (jsc#PED-1408).
+- ACPI: platform: Constify properties parameter in
+ acpi_create_platform_device() (jsc#PED-1408).
+- ACPI: fan: Add additional attributes for fine grain control
+ (jsc#PED-1408).
+- ACPI: fan: Properly handle fine grain control (jsc#PED-1408).
+- ACPI: fan: Optimize struct acpi_fan_fif (jsc#PED-1408).
+- ACPI: fan: Separate file for attributes creation (jsc#PED-1408).
+- ACPI: fan: Fix error reporting to user space (jsc#PED-1408).
+- x86, ACPI: rename init_freq_invariance_cppc() to
+ arch_init_invariance_cppc() (jsc#PED-1408).
+- ACPI: EC: Rearrange code in acpi_ec_submit_event()
+ (jsc#PED-1408).
+- ACPI: EC: Reduce indentation level in acpi_ec_submit_event()
+ (jsc#PED-1408).
+- ACPI: EC: Do not return result from advance_transaction()
+ (jsc#PED-1408).
+- x86/ACPI: CPPC: Move init_freq_invariance_cppc() into x86 CPPC
+ (jsc#PED-1408).
+- x86/ACPI: CPPC: Move AMD maximum frequency ratio setting
+ function into x86 CPPC (jsc#PED-1408).
+- x86/ACPI: CPPC: Rename cppc_msr.c to cppc.c (jsc#PED-1408).
+- ACPI / x86: Add skip i2c clients quirk for Lenovo Yoga Tablet
+ 1050F/L (jsc#PED-1408).
+- ACPI / x86: Add skip i2c clients quirk for Nextbook Ares 8
+ (jsc#PED-1408).
+- ACPI: clean up double words in two comments (jsc#PED-1408).
+- ACPI: property: Get rid of redundant 'else' (jsc#PED-1408).
+- ACPI: EC / PM: Print additional debug message in
+ acpi_ec_dispatch_gpe() (jsc#PED-1408).
+- ACPI: PM: Print additional debug message in acpi_s2idle_wake()
+ (jsc#PED-1408).
+- ACPI: tables: Add AGDI to the list of known table signatures
+ (jsc#PED-1408).
+- ACPI: tables: Add CEDT signature to the list of known tables
+ (jsc#PED-1408).
+- ACPI: bus: Introduce acpi_bus_for_each_dev() (jsc#PED-1408).
+- ACPI: OSL: Fix and clean up acpi_os_read/write_port()
+ (jsc#PED-1408).
+- ACPICA: Use uintptr_t and offsetof() in Linux kernel builds
+ (jsc#PED-1408).
+- ACPI: scan: Use ida_alloc() instead of ida_simple_get()
+ (jsc#PED-1408).
+- commit 2486d41
+
+- media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment.
+- commit 20a025b
+
+- Clean up kernel-config settings via run_oldconfig.sh
+ Invoke run_oldconfig.sh to clean the kernel-config settings from
+ unset symbols. Otherwise these settings interfere with actual config
+ changes.
+- commit 8a799ae
+
+- blacklist.conf: not relevant in our configurations
+- commit 586058b
+
+- media: imx-jpeg: Disable slot interrupt when frame done
+ (git-fixes).
+- commit 36d622f
+
+- media: imx-jpeg: Refactor function mxc_jpeg_parse (git-fixes).
+- commit e2ddfcf
+
+- media: imx-jpeg: Fix potential array out of bounds in
+ queue_setup (git-fixes).
+- commit 8041860
+
+- media: imx-jpeg: Add pm-sleep support for imx-jpeg (git-fixes).
+- commit d514aa5
+
+- x86/ibt,ftrace: Make function-graph play nice (bsc#1203969).
+- commit c020446
+
+- media: imx-jpeg: Leave a blank space before the configuration
+ data (git-fixes).
+- commit a2d45c7
+
+- blacklist.conf: Append 'sysfb: Enable boot time VESA graphic mode selection'
+- commit b93ba64
+
+- media: imx-jpeg: Correct some definition according specification
+ (git-fixes).
+- commit bdf4126
+
+- blacklist.conf: not relevant in our configurations
+- commit 8171bfe
+
+- media: vsp1: Fix offset calculation for plane cropping.
+- commit dc309b5
+
+- media: exynos4-is: Change clk_disable to clk_disable_unprepare
+ (git-fixes).
+- commit 332ca3f
+
+- media: st-delta: Fix PM disable depth imbalance in delta_probe
+ (git-fixes).
+- commit 30518b0
+
+- media: exynos4-is: Fix PM disable depth imbalance in
+ fimc_is_probe (git-fixes).
+- commit f62e31e
+
+- media: aspeed: Fix an error handling path in
+ aspeed_video_probe() (git-fixes).
+- commit c014d5c
+
+- media: coda: Add more H264 levels for CODA960 (git-fixes).
+- commit 75d6462
+
+- media: coda: Fix reported H264 profile (git-fixes).
+- commit 1533555
+
+- Revert "constraints: increase disk space for all architectures"
+ (bsc#1203693).
+ This reverts commit 43a9011f904bc7328d38dc340f5e71aecb6b19ca.
+- commit 3d33373
+
+- blacklist.conf: Append 'fbdev: Hot-unplug firmware fb devices on forced removal'
+- commit 0b6410b
+
+- blacklist.conf: Append 'Revert "fbdev: fbmem: add a helper to determine if an aperture is used by a fw fb"'
+- commit b1ae504
+
+- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
+- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
+- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
+- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
+ (git-fixes).
+- wifi: ath11k: fix number of VHT beamformee spatial streams
+ (git-fixes).
+- wifi: mt76: mt7915: do not check state before configuring
+ implicit beamform (git-fixes).
+- wifi: mt76: mt7615: add mt7615_mutex_acquire/release in
+ mt7615_sta_set_decap_offload (git-fixes).
+- wifi: mt76: sdio: fix transmitting packet hangs (git-fixes).
+- wifi: rtl8xxxu: Remove copy-paste leftover in
+ gen2_update_rate_mask (git-fixes).
+- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
+ (git-fixes).
+- wifi: rtl8xxxu: Fix skb misuse in TX queue selection
+ (git-fixes).
+- wifi: rtw88: add missing destroy_workqueue() on error path in
+ rtw_core_init() (git-fixes).
+- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
+ (git-fixes).
+- wifi: ath10k: add peer map clean up for peer delete in
+ ath10k_sta_state() (git-fixes).
+- wifi: mac80211: allow bw change during channel switch in mesh
+ (git-fixes).
+- wifi: rtlwifi: 8192de: correct checking of IQK reload
+ (git-fixes).
+- commit 3bb5d97
+
+- spi/omap100k:Fix PM disable depth imbalance in
+ omap1_spi100k_probe (git-fixes).
+- spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe
+ (git-fixes).
+- spi: meson-spicc: do not rely on busy flag in pow2 clk ops
+ (git-fixes).
+- spi: qup: add missing clk_disable_unprepare on error in
+ spi_qup_pm_resume_runtime() (git-fixes).
+- spi: qup: add missing clk_disable_unprepare on error in
+ spi_qup_resume() (git-fixes).
+- spi: mt7621: Fix an error message in mt7621_spi_probe()
+ (git-fixes).
+- regulator: qcom_rpm: Fix circular deferral regression
+ (git-fixes).
+- net: wwan: iosm: Call mutex_init before locking it (git-fixes).
+- mwifiex: fix sleep in atomic context bugs caused by
+ dev_coredumpv (git-fixes).
+- net: thunderbolt: Enable DMA paths only after rings are enabled
+ (git-fixes).
+- commit e714654
+
+- hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase
+ mp2888 controller (git-fixes).
+- hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API
+ (git-fixes).
+- i2c: mlxbf: support lock mechanism (git-fixes).
+- mISDN: fix use-after-free bugs in l1oip timer handlers
+ (git-fixes).
+- eth: alx: take rtnl_lock on resume (git-fixes).
+- Bluetooth: hci_core: Fix not handling link timeouts propertly
+ (git-fixes).
+- Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem()
+ failure (git-fixes).
+- Bluetooth: btusb: mediatek: fix WMT failure during runtime
+ suspend (git-fixes).
+- can: rx-offload: can_rx_offload_init_queue(): fix typo
+ (git-fixes).
+- commit ac7ee01
+
+- blacklist.conf: df5b035b5683 x86/cacheinfo: Add a cpu_llc_shared_mask() UP variant
+- commit bc73e4e
+
+- blacklist.conf: 00da0cb385d0 Documentation/ABI: Mention retbleed vulnerability info file for sysfs
+- commit 4726e8f
+
+- Drop the ACPI patch temporarily as it causes a regression (bsc#1203794)
+ Delete patches.suse/ACPI-resource-skip-IRQ-override-on-AMD-Zen-platforms.patch
+- commit 8842ef4
+
+- fbcon: Fix accelerated fbdev scrolling while logo is still shown (bsc#1152472)
+- commit 7656242
+
+- parisc/stifb: Fix fb_is_primary_device() only available with (bsc#1152489)
+- commit dee3343
+
+- parisc/stifb: Keep track of hardware path of graphics card (bsc#1152489)
+- commit daa8575
+
+- parisc/stifb: Implement fb_is_primary_device() (bsc#1152489)
+- commit f86cf76
+
+- fbcon: Add option to enable legacy hardware acceleration (bsc#1152472)
+ Backporting changes:
+ * context fixes in other patch
+ * update config
+- commit 68203bf
+
+- parisc/sticon: fix reverse colors (bsc#1152489)
+- commit f94c66b
+
+- char: pcmcia: synclink_cs: Fix use-after-free in mgslpc_ops
+ (CVE-2022-41848 bsc#1203987).
+- commit a144c48
+
+- fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ (CVE-2022-41849 bsc#1203992).
+- commit db3bfe7
+
+- net: mana: Add rmb after checking owner bits (git-fixes).
+- commit 85bfc78
+
+- Makefile.debug: re-enable debug info for .S files (git-fixes).
+- commit 50458f2
+
+- powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL
+ (bsc#1194869).
+- commit 48283d1
+
+- usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
+ (git-fixes).
+- Refresh
+ patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch.
+- commit 0719451
+
+- usb: typec: ucsi: Remove incorrect warning (git-fixes).
+- media: rkvdec: Disable H.264 error detection (git-fixes).
+- media: dvb_vb2: fix possible out of bound access (git-fixes).
+- ASoC: cs42l42: Only report button state if there was a button
+ interrupt (git-fixes).
+- commit 06be809
+
+- net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529).
+- commit 209f0a1
+
+- Add cherry-picked commit id for an AMDGPU patch (git-fixes)
+- commit 505fbbc
+
+- usb: dwc3: gadget: Refactor pullup() (git-fixes).
+- commit f481a77
+
+- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
+ (git-fixes).
+- Refresh
+ patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch.
+- Refresh
+ patches.suse/usb-dwc3-gadget-Prevent-repeat-pullup.patch.
+- commit 6d90a05
+
+- wifi: mac80211: fix regression with non-QoS drivers (git-fixes).
+- selftests: Fix the if conditions of in test_extra_filter()
+ (git-fixes).
+- net: phy: Don't WARN for PHY_UP state in mdio_bus_phy_resume()
+ (git-fixes).
+- usbnet: Fix memory leak in usbnet_disconnect() (git-fixes).
+- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
+- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
+- soc: sunxi: sram: Prevent the driver from being unbound
+ (git-fixes).
+- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
+- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx
+ accounting (git-fixes).
+- serial: tegra: Use uart_xmit_advance(), fixes icount.tx
+ accounting (git-fixes).
+- serial: Create uart_xmit_advance() (git-fixes).
+- USB: serial: option: add Quectel RM520N (git-fixes).
+- USB: serial: option: add Quectel BG95 0x0203 composition
+ (git-fixes).
+- thunderbolt: Add support for Intel Maple Ridge single port
+ controller (git-fixes).
+- Revert "usb: add quirks for Lenovo OneLink+ Dock" (git-fixes).
+- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
+- commit ce89825
+
+- gpio: mvebu: Fix check for pwm support on non-A8K platforms
+ (git-fixes).
+- Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address
+ (git-fixes).
+- Input: iqs62x-keys - drop unused device node references
+ (git-fixes).
+- Input: melfas_mip4 - fix return value check in mip4_probe()
+ (git-fixes).
+- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
+ (git-fixes).
+- mmc: hsq: Fix data stomping during mmc recovery (git-fixes).
+- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
+ (git-fixes).
+- commit 02160f0
+
+- drm/i915/gt: Restrict forced preemption to the active context
+ (git-fixes).
+- Revert "drm: bridge: analogix/dp: add panel prepare/unprepare
+ in suspend/resume time" (git-fixes).
+- drm/bridge: lt8912b: fix corrupted image output (git-fixes).
+- drm/bridge: lt8912b: set hdmi or dvi mode (git-fixes).
+- drm/bridge: lt8912b: add vsync hsync (git-fixes).
+- Revert "firmware: arm_scmi: Add clock management to the SCMI
+ power domain" (git-fixes).
+- drm/amdgpu: don't register a dirty callback for non-atomic
+ (git-fixes).
+- firmware: arm_scmi: Fix the asynchronous reset requests
+ (git-fixes).
+- firmware: arm_scmi: Harden accesses to the reset domains
+ (git-fixes).
+- commit 509f7ae
+
+- clk: iproc: Do not rely on node name for correct PLL setup
+ (git-fixes).
+- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI
+ clocks (git-fixes).
+- clk: ingenic-tcu: Properly enable registers before accessing
+ timers (git-fixes).
+- arm64: dts: qcom: sm8350: fix UFS PHY serdes size (git-fixes).
+- ARM: dts: am33xx: Fix MMCHS0 dma properties (git-fixes).
+- ASoC: tas2770: Reinit regcache on reset (git-fixes).
+- ASoC: imx-card: Fix refcount issue with of_node_put (git-fixes).
+- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
+ (git-fixes).
+- drm/gma500: Fix BUG: sleeping function called from invalid
+ context errors (git-fixes).
+- drm/amdgpu: make sure to init common IP before gmc (git-fixes).
+- drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline
+ for stack usage (git-fixes).
+- drm/amd/display: Reduce number of arguments of dml31's
+ CalculateFlipSchedule() (git-fixes).
+- drm/amd/display: Reduce number of arguments of dml31's
+ CalculateWatermarksAndDRAMSpeedChangeSupport() (git-fixes).
+- drm/amd/display: Limit user regamma to a valid value
+ (git-fixes).
+- drm/amdgpu: use dirty framebuffer helper (git-fixes).
+- drm/amd/pm: disable BACO entry/exit completely on several
+ sienna cichlid cards (git-fixes).
+- drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV
+ (git-fixes).
+- drm/amdgpu: Separate vf2pf work item init from virt data
+ exchange (git-fixes).
+- commit 931f4f4
+
+- Add blacklist and alt-commit for ASoC cs35l41 patches (bsc#1203699)
+- commit b1bfeae
+
+- net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529).
+- commit 6f3c833
+
+- scsi: smartpqi: Add module param to disable managed ints
+ (bsc#1203893).
+- commit e1af9a1
+
+- scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).
+- scsi: lpfc: Fix various issues reported by tools (bsc#1203939).
+- scsi: lpfc: Add reporting capability for Link Degrade Signaling
+ (bsc#1203939).
+- scsi: lpfc: Rework FDMI attribute registration for unintential
+ padding (bsc#1203939).
+- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and
+ consistency (bsc#1203939).
+- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd
+ (bsc#1203939).
+- scsi: lpfc: Update congestion mode logging for Emulex SAN
+ Manager application (bsc#1203939).
+- scsi: lpfc: Move scsi_host_template outside dynamically
+ allocated/freed phba (bsc#1185032 bsc#1203939).
+ Dropped:
+ patches.suse/lpfc-decouple-port_template-and-vport_template.patch
+- scsi: lpfc: Fix multiple NVMe remoteport registration calls
+ for the same NPort ID (bsc#1203939).
+- scsi: lpfc: Add missing free iocb and nlp kref put for early
+ return VMID cases (bsc#1203939).
+- scsi: lpfc: Fix mbuf pool resource detected as busy at driver
+ unload (bsc#1203939).
+- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology
+ (bsc#1203939).
+- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling
+ (bsc#1203939).
+- scsi: lpfc: Remove unneeded result variable (bsc#1203939).
+- scsi: lpfc: Remove the unneeded result variable (bsc#1203939).
+- commit 23fee86
+
+- supported.conf: mark spi-pxa2xx-platform as supported (bsc#1203699)
+ It's required for the sound on recent Intel machines
+- commit d17d5e0
+
+- scsi: lpfc: Add missing destroy_workqueue() in error path
+ (bsc#1203939).
+- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of
+ DID_REQUEUE (bsc#1203939).
+- commit 495ecbc
+
+- wifi: cfg80211: ensure length byte is present before access
+ (CVE-2022-41674 bsc#1203770).
+- wifi: cfg80211/mac80211: reject bad MBSSID elements
+ (CVE-2022-41674 bsc#1203770).
+- wifi: cfg80211: fix u8 overflow in
+ cfg80211_update_notlisted_nontrans() (CVE-2022-41674
+ bsc#1203770).
+- commit 79b409a
+
+- scsi: qla2xxx: Remove unused declarations for qla2xxx
+ (bsc#1203935).
+- scsi: qla2xxx: Fix spelling mistake "definiton" -> "definition"
+ (bsc#1203935).
+- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).
+- scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).
+- scsi: qla2xxx: Define static symbols (bsc#1203935).
+- scsi: qla2xxx: Enhance driver tracing with separate tunable
+ and more (bsc#1203935).
+- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image
+ Status (bsc#1203935).
+- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).
+- scsi: qla2xxx: Fix response queue handler reading stale packets
+ (bsc#1203935).
+- scsi: qla2xxx: Revert "scsi: qla2xxx: Fix response queue
+ handler reading stale packets" (bsc#1203935).
+- scsi: qla2xxx: Log message "skipping scsi_scan_host()" as
+ informational (bsc#1203935).
+- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).
+- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from
+ qlt_stop_phase1() (bsc#1203935).
+- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).
+- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).
+- commit 76fee71
+
+- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()
+ (bsc#1203935).
+- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port
+ ISP27XX (bsc#1203935).
+- commit df43957
+
+- mm: rename is_pinnable_page() to is_longterm_pinnable_page()
+ (jsc#PED-1294).
+- commit 8c9ae5e
+
+- mm: fix is_pinnable_page against a cma page (jsc#PED-1294).
+- commit e5e0125
+
+- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
+ (bsc#1196869).
+- commit 421a33e
+
+- ALSA: hda/realtek: More robust component matching for CS35L41
+ (bsc#1203699).
+- commit 13ee63f
+
+- kABI: fix adding another field to scsi_device (bsc#1203039).
+- scsi: core: Add BLIST_NO_ASK_VPD_SIZE for some VDASD
+ (bsc#1203039).
+- Refresh
+ patches.kabi/blk-mq-fix-kabi-support-concurrent-queue-quiesce-unquiesce.patch.
+- Refresh patches.kabi/kABI-fix-adding-field-to-scsi_device.patch.
+- commit 38a6998
+
+- mm: Fix PASID use-after-free issue (bsc#1203908).
+- commit e2ea645
+
+- cgroup: cgroup_get_from_id() must check the looked-up kn is
+ a directory (bsc#1203906).
+- commit 2c277d7
+
+- spi: propagate error code to the caller of
+ acpi_spi_device_alloc() (bsc#1203699).
+- spi: Return deferred probe error when controller isn't yet
+ available (bsc#1203699).
+- commit 719f957
+
+- cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
+ (bsc#1196869).
+- commit 20ffc1f
+
+- kABI workaround for spi changes (bsc#1203699).
+- commit 57d4f4f
+
+- cgroup: Fix race condition at rebind_subsystems() (bsc#1203902).
+- commit ec3105d
+
+- ALSA: hda/realtek: Add quirk for HP Zbook Firefly 14 G9 model
+ (bsc#1203699).
+- commit 274acc0
+
+- cs-dsp and serial-multi-instantiate enablement (bsc#1203699)
+- Update config files
+- Update supported.conf
+- commit 6b0538d
+
+- platform/x86: serial-multi-instantiate: Add CLSA0101 Laptop
+ (bsc#1203699).
+- ACPI: scan: Add CLSA0101 Laptop Support (bsc#1203699).
+- ACPI / scan: Create platform device for CS35L41 (bsc#1203699).
+- platform/x86: serial-multi-instantiate: Add SPI support
+ (bsc#1203699).
+- platform/x86: serial-multi-instantiate: Reorganize I2C functions
+ (bsc#1203699).
+- platform/x86: i2c-multi-instantiate: Rename it for a generic
+ serial driver name (bsc#1203699).
+- spi: Add API to count spi acpi resources (bsc#1203699).
+- spi: Support selection of the index of the ACPI Spi Resource
+ before alloc (bsc#1203699).
+- spi: Create helper API to lookup ACPI info for spi device
+ (bsc#1203699).
+- i2c: acpi: Add an i2c_acpi_client_count() helper function
+ (bsc#1203699).
+- commit 66cfc1c
+
+- ALSA: hda/cs8409: Support new Dolphin Variants (bsc#1203699).
+- ALSA: hda/realtek: Add quirk for Lenovo Yoga7 14IAL7
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Clarify support for CSC3551 without _DSD
+ Properties (bsc#1203699).
+- ALSA: hda/realtek: Add quirks for ASUS Zenbooks using CS35L41
+ (bsc#1203699).
+- ASoC: cs35l41: Read System Name from ACPI _SUB to identify
+ firmware (bsc#1203699).
+- commit 3025b3b
+
+- ALSA: hda: cs35l41: Support CLSA0101 (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
+- commit d934822
+
+- ACPI: utils: Add api to read _SUB from ACPI (bsc#1203699).
+- ALSA: hda: cs35l41: Use the CS35L41 HDA internal define
+ (bsc#1203699).
+- ALSA: hda/realtek: Enable speaker and mute LEDs for HP laptops
+ (bsc#1203699).
+- commit 6e401a7
+
+- Revert "ALSA: hda: cs35l41: Allow compilation test on non-ACPI
+ configurations" (bsc#1203699).
+- ALSA: hda: cs35l41: Add module parameter to control firmware
+ load (bsc#1203699).
+- ALSA: hda: cs35l41: Support Firmware switching and reloading
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Add defaulted values into dsp bypass config
+ sequence (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Add fw id strings (bsc#1203699).
+- ALSA: hda: cs35l41: Read Speaker Calibration data from UEFI
+ variables (bsc#1203699).
+- ALSA: hda: cs35l41: Support Hibernation during Suspend
+ (bsc#1203699).
+- commit 8707600
+
+- ASoC: cs35l41: Add support for CLSA3541 ACPI device ID
+ (bsc#1203699).
+- ASoC: cs35l41: Do not print error when waking from hibernation
+ (bsc#1203699).
+- ASoC: cs35l41: Add common cs35l41 enter hibernate function
+ (bsc#1203699).
+- ASoC: cs35l41: Move cs35l41 exit hibernate function into shared
+ code (bsc#1203699).
+- ALSA: hda: cs35l41: Support Speaker ID for laptops
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Support multiple load paths for firmware
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Support reading subsystem id from ACPI
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Save Subsystem ID inside CS35L41 Driver
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Add initial DSP support and firmware loading
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Save codec object inside component struct
+ (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Add apis to write the controls
+ directly (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Add Library to support CS_DSP ALSA
+ controls (bsc#1203699).
+- ALSA: hda: cs35l41: Consolidate selections under
+ SND_HDA_SCODEC_CS35L41 (bsc#1203699).
+- ALSA: hda: cs35l41: Drop wrong use of ACPI_PTR() (bsc#1203699).
+- ALSA: hda: cs35l41: Allow compilation test on non-ACPI
+ configurations (bsc#1203699).
+- ALSA: hda: cs35l41: Don't dereference fwnode handle
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Improve dev_err_probe() messaging
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Fix comments wrt serial-multi-instantiate
+ reference (bsc#1203699).
+- commit 0179f7c
+
+- ALSA: hda/cs8409: change cs8409_fixups v.pins initializers to
+ static (bsc#1203699).
+- ASoC: cs35l41: Add ASP TX3/4 source to register patch
+ (bsc#1203699).
+- ASoC: cs35l41: Correct some control names (bsc#1203699).
+- ASoC: cs35l41: Add endianness flag in snd_soc_component_driver
+ (bsc#1203699).
+- commit f2b0e66
+
+- ASoC: cs35l41: Fix an out-of-bounds access in
+ otp_packed_element_t (bsc#1203699).
+- ASoC: cs35l41: Add one more variable in the debug log
+ (bsc#1203699).
+- commit a26b9a2
+
+- ALSA: hda/realtek: Enable mute/micmute LEDs support for HP
+ Laptops (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch.
+- commit 342e19c
+
+- ALSA: hda/realtek: Fix mute led issue on thinkpad with cs35l41
+ s-codec (bsc#1203699).
+- commit 0fd2db1
+
+- ALSA: hda: cs35l41: Add Amp Name based on channel and index
+ (bsc#1203699).
+- ASoC: cs35l41: Move cs_dsp config struct into shared code
+ (bsc#1203699).
+- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic
+ boost on EliteBook 845/865 G9 (bsc#1203699).
+- ASoC: cs35l41: Fix a shift-out-of-bounds warning found by UBSAN
+ (bsc#1203699).
+- ASoC: cs35l41: Add one more variable in the debug log
+ (bsc#1203699).
+- commit 4800a47
+
+- ASoC: cs35l41: Move cs35l41 fs errata into shared code
+ (bsc#1203699).
+- ASoC: cs35l41: Move cs35l41_set_cspl_mbox_cmd to shared code
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Enable GPIO2 Interrupt for CLSA0100 laptops
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Add Support for Interrupts (bsc#1203699).
+- ALSA: hda: cs35l41: Remove Set Channel Map api from binding
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Set Speaker Position for CLSA0100 Laptop
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Fix error in spi cs35l41 hda driver name
+ (bsc#1203699).
+- ALSA: hda/cs8409: Add Speaker Playback Switch for Warlock
+ (bsc#1203699).
+- ALSA: hda/cs8409: Add Speaker Playback Switch for Cyborg
+ (bsc#1203699).
+- ALSA: hda/cs8409: Support new Odin Variants (bsc#1203699).
+- commit 346d9b0
+
+- ALSA: hda/cs8409: Support manual mode detection for CS42L42
+ (bsc#1203699).
+- ALSA: hda/cs8409: Use general cs42l42 include in cs8409 hda
+ driver (bsc#1203699).
+- ASoC: cs35l41: Support external boost (bsc#1203699).
+- ALSA: hda: cs35l41: Move external boost handling to lib for
+ ASoC use (bsc#1203699).
+- ALSA: hda: cs35l41: Handle all external boost setups the same
+ way (bsc#1203699).
+- ALSA: hda: cs35l41: Reorganize log for playback actions
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Remove cs35l41_hda_reg_sequence struct
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Move boost config to initialization code
+ (bsc#1203699).
+- ALSA: cs35l41: Enable Internal Boost in shared lib
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Mute the device before shutdown
+ (bsc#1203699).
+- commit e34c590
+
+- ASoC: cs42l42: Move CS42L42 register descriptions to general
+ include (bsc#1203699).
+- ASoC: cs42l42: Add warnings about DETECT_MODE and PLL_START
+ (bsc#1203699).
+- ASoC: cs42l42: Handle system suspend (bsc#1203699).
+- ASoC: cs42l42: Change jack_detect_mutex to a lock of all IRQ
+ handling (bsc#1203699).
+- ASoC: cs42l42: Report full jack status when plug is detected
+ (bsc#1203699).
+- ASoC: cs42l42: Report initial jack state (bsc#1203699).
+- ASoC: cs42l42: Remove redundant pll_divout member (bsc#1203699).
+- ASoC: cs42l42: Simplify reporting of jack unplug (bsc#1203699).
+- ASoC: cs42l42: Remove redundant writes to RS_PLUG/RS_UNPLUG
+ masks (bsc#1203699).
+- ASoC: cs42l42: Remove redundant writes to DETECT_MODE
+ (bsc#1203699).
+- ASoC: cs42l42: Add control for audio slow-start switch
+ (bsc#1203699).
+- ASoC: cs42l42: free_irq() before powering-down on probe() fail
+ (bsc#1203699).
+- ASoC: cs42l42: Reset and power-down on remove() and failed
+ probe() (bsc#1203699).
+- ASoC: cs42l42: Prevent NULL pointer deref in interrupt handler
+ (bsc#1203699).
+- ASoC: cs42l42: Remove unused runtime_suspend/runtime_resume
+ callbacks (bsc#1203699).
+- ASoC: cs42l42: Use two thresholds and increased wait time for
+ manual type detection (bsc#1203699).
+- ASoC: cs42l42: Implement Manual Type detection as fallback
+ (bsc#1203699).
+- ASoC: cs42l42: Minor fix all errors reported by checkpatch.pl
+ script (bsc#1203699).
+- ASoC: cs42l42: Always enable TS_PLUG and TS_UNPLUG interrupts
+ (bsc#1203699).
+- ASoC: cs42l42: Fix WARN in remove() if running without an
+ interrupt (bsc#1203699).
+- ASoC: cs42l42: Mark OSC_SWITCH_STATUS register volatile
+ (bsc#1203699).
+- ASoC: cs42l42: Set correct SRC MCLK (bsc#1203699).
+- ASoC: cs42l42: Allow time for HP/ADC to power-up after enable
+ (bsc#1203699).
+- ASoC: cs42l42: Use PLL for SCLK > 12.288MHz (bsc#1203699).
+- ASoC: cs42l42: Don't claim to support 192k (bsc#1203699).
+- ASoC: cs42l42: Don't reconfigure the PLL while it is running
+ (bsc#1203699).
+- commit 866431d
+
+- ALSA: hda: cs35l41: Put the device into safe mode for external
+ boost (bsc#1203699).
+- ALSA: hda: cs35l41: Add Boost type flag (bsc#1203699).
+- ALSA: hda: cs35l41: Always configure the DAI (bsc#1203699).
+- ALSA: hda: cs35l41: Fix I2S params comments (bsc#1203699).
+- ALSA: cs35l41: Move cs35l41_gpio_config to shared lib
+ (bsc#1203699).
+- ALSA: cs35l41: Check hw_config before using it (bsc#1203699).
+- ALSA: cs35l41: Unify hardware configuration (bsc#1203699).
+- commit ac37bc4
+
+- ALSA: hda/cs8409: Add new Dolphin HW variants (bsc#1203699).
+- ALSA: hda/cs8409: Disable HSBIAS_SENSE_EN for Cyborg
+ (bsc#1203699).
+- ALSA: hda/cs8409: Support new Warlock MLK Variants
+ (bsc#1203699).
+- ALSA: hda/cs8409: Fix Full Scale Volume setting for all variants
+ (bsc#1203699).
+- ALSA: hda/cs8409: Re-order quirk table into ascending order
+ (bsc#1203699).
+- ALSA: hda/cs8409: Fix Warlock to use mono mic configuration
+ (bsc#1203699).
+- commit af84f1a
+
+- ALSA: hda/realtek: Add mute and micmut LED support for Zbook
+ Fury 17 G9 (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch.
+- commit 7831f17
+
+- ASoC: cs35l41: Remove unnecessary param (bsc#1203699).
+- ALSA: hda/realtek: Fix LED on Zbook Studio G9 (bsc#1203699).
+- commit 8ea9da8
+
+- ALSA: hda/realtek: Add support for HP Laptops (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L-024a7ad9eb4d.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L.patch.
+- commit a813cc9
+
+- ASoC: cs35l41: Fix DSP mbox start command and global enable
+ order (bsc#1203699).
+- ASoC: cs35l41: Fix max number of TX channels (bsc#1203699).
+- ASoC: cs35l41: Fix GPIO2 configuration (bsc#1203699).
+- ALSA: hda: cs35l41: Make cs35l41_hda_remove() return void
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Tidyup code (bsc#1203699).
+- ALSA: hda: cs35l41: Make use of the helper function
+ dev_err_probe() (bsc#1203699).
+- ALSA: hda: cs35l41: Add missing default cases (bsc#1203699).
+- ALSA: hda: cs35l41: Move cs35l41* calls to its own symbol
+ namespace (bsc#1203699).
+- ALSA: hda: cs35l41: Add calls to newly added test key function
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Avoid overwriting register patch
+ (bsc#1203699).
+- ALSA: hda: cs35l41: fix double free on error in probe()
+ (bsc#1203699).
+- commit 31fd8da
+
+- firmware: cs_dsp: Add memory chunk helpers (bsc#1203699).
+- firmware: cs_dsp: Add pre_stop callback (bsc#1203699).
+- ASoC: wm_adsp: Minor clean and redundant code removal
+ (bsc#1203699).
+- ASoC: wm_adsp: Fix event for preloader (bsc#1203699).
+- ASoC: wm_adsp: Compressed stream DSP memory structs should be
+ __packed (bsc#1203699).
+- firmware: cs_dsp: Fix overrun of unterminated control name
+ string (bsc#1203699).
+- ASoC: wm_adsp: Expand firmware loading search options
+ (bsc#1203699).
+- ASoC: wm_adsp: Add trace caps to speaker protection FW
+ (bsc#1203699).
+- ASoC: wm_adsp: Make compressed buffers optional (bsc#1203699).
+- ASoC: wm_adsp: Correct control read size when parsing compressed
+ buffer (bsc#1203699).
+- ASoC: cs35l41: Add support for hibernate memory retention mode
+ (bsc#1203699).
+- ASoC: cs35l41: Update handling of test key registers
+ (bsc#1203699).
+- ASoC: wm_adsp: Add support for "toggle" preloaders
+ (bsc#1203699).
+- firmware: cs_dsp: Clear core reset for cache (bsc#1203699).
+- ASoC: cs35l41: Correct handling of some registers in the cache
+ (bsc#1203699).
+- ASoC: cs35l41: Correct DSP power down (bsc#1203699).
+- ASoC: cs35l41: Remove incorrect comment (bsc#1203699).
+- ASoC: cs35l41: Add cs35l51/53 IDs (bsc#1203699).
+- ALSA: hda: Fix dependencies of CS35L41 on SPI/I2C buses
+ (bsc#1203699).
+- ALSA: hda: Fix dependency on ASoC cs35l41 codec (bsc#1203699).
+- firmware: cs_dsp: Move lockdep asserts to avoid potential null
+ pointer (bsc#1203699).
+- firmware: cs_dsp: Allow creation of event controls
+ (bsc#1203699).
+- firmware: cs_dsp: Add offset to cs_dsp read/write (bsc#1203699).
+- firmware: cs_dsp: Clarify some kernel doc comments
+ (bsc#1203699).
+- firmware: cs_dsp: Perform NULL check in
+ cs_dsp_coeff_write/read_ctrl (bsc#1203699).
+- firmware: cs_dsp: Add support for rev 2 coefficient files
+ (bsc#1203699).
+- firmware: cs_dsp: Print messages from bin files (bsc#1203699).
+- firmware: cs_dsp: Add pre_run callback (bsc#1203699).
+- firmware: cs_dsp: Add version checks on coefficient loading
+ (bsc#1203699).
+- firmware: cs_dsp: Add lockdep asserts to interface functions
+ (bsc#1203699).
+- firmware: cs_dsp: tidy includes in cs_dsp.c and cs_dsp.h
+ (bsc#1203699).
+- ASoC: wm_adsp: wm_adsp_control_add() error: uninitialized symbol
+ 'ret' (bsc#1203699).
+- commit 545439c
+
+- supported.conf: Add cs_dsp firmware module (bsc#1203699)
+- commit af1ea30
+
+- Update config files: enable CS35L41 support (bsc#1203699)
+- commit 195ddb7
+
+- ALSA: hda/realtek: Add CS35L41 support for Thinkpad laptops
+ (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch.
+- commit 0a4cbdb
+
+- ALSA: hda/realtek: Add support for Legion 7 16ACHg6 laptop
+ (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-ALC287-Add-Lenovo-IdeaPad-Slim-9i-14ITL5-sp.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Legion-Y9000X-2019.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch.
+- commit b3dce35
+
+- ALSA: hda: cs35l41: Add support for CS35L41 in HDA systems
+ (bsc#1203699).
+- commit 39ffdf8
+
+- ASoC: cs35l41: Document CS35l41 External Boost (bsc#1203699).
+- ASoC: cs35l41: Create shared function for boost configuration
+ (bsc#1203699).
+- ASoC: cs35l41: Create shared function for setting channels
+ (bsc#1203699).
+- ASoC: cs35l41: Create shared function for errata patches
+ (bsc#1203699).
+- ASoC: cs35l41: Move power initializations to reg_sequence
+ (bsc#1203699).
+- ASoC: cs35l41: Move cs35l41_otp_unpack to shared code
+ (bsc#1203699).
+- ASoC: cs35l41: Convert tables to shared source code
+ (bsc#1203699).
+- ASoC: cs35l41: Fix undefined reference to core functions
+ (bsc#1203699).
+- ASoC: cs35l41: Fix link problem (bsc#1203699).
+- ASoC: wm_adsp: Remove the wmfw_add_ctl helper function
+ (bsc#1203699).
+- ASoC: cs35l41: DSP Support (bsc#1203699).
+- ASoC: dt-bindings: cs42l42: Convert binding to yaml
+ (bsc#1203699).
+- ASoC: cs35l41: Set the max SPI speed for the whole device
+ (bsc#1203699).
+- ASoC: cs35l41: Change monitor widgets to siggens (bsc#1203699).
+- ASoC: cs35l41: Make cs35l41_remove() return void (bsc#1203699).
+- ASoC: wm_adsp: remove a repeated including (bsc#1203699).
+- firmware: cs_dsp: add driver to support firmware loading on
+ Cirrus Logic DSPs (bsc#1203699).
+- ASoC: wm_adsp: Separate wm_adsp specifics in cs_dsp_client_ops
+ (bsc#1203699).
+- ASoC: wm_adsp: Split out struct cs_dsp from struct wm_adsp
+ (bsc#1203699).
+- ASoC: wm_adsp: move firmware loading to client (bsc#1203699).
+- ASoC: wm_adsp: Pass firmware names as parameters when starting
+ DSP core (bsc#1203699).
+- ASoC: wm_adsp: Move check of dsp->running to better place
+ (bsc#1203699).
+- ASoC: wm_adsp: Separate generic cs_dsp_coeff_ctl handling
+ (bsc#1203699).
+- ASoC: wm_adsp: Move sys_config_size to wm_adsp (bsc#1203699).
+- ASoC: wm_adsp: Split DSP power operations into helper functions
+ (bsc#1203699).
+- ASoC: wm_adsp: Separate some ASoC and generic functions
+ (bsc#1203699).
+- ASoC: wm_adsp: Introduce cs_dsp logging macros (bsc#1203699).
+- ASoC: wm_adsp: Rename generic DSP support (bsc#1203699).
+- ASoC: wm_adsp: Cancel ongoing work when removing controls
+ (bsc#1203699).
+- ASoC: wm_adsp: Switch to using wm_coeff_read_ctrl for compressed
+ buffers (bsc#1203699).
+- ASoC: wm_adsp: Move check for control existence (bsc#1203699).
+- ASoC: wm_adsp: Remove use of snd_ctl_elem_type_t (bsc#1203699).
+- ASoC: cs35l41: Binding fixes (bsc#1203699).
+- misc: cs35l41: Remove unused pdn variable (bsc#1203699).
+- ASoC: cs35l41: Fix a bunch of trivial code formating/style
+ issues (bsc#1203699).
+- ASoC: cs35l41: Fixup the error messages (bsc#1203699).
+- ASoC: cs35l41: Don't overwrite returned error code
+ (bsc#1203699).
+- ASoC: cs35l41: Combine adjacent register writes (bsc#1203699).
+- ASoC: cs35l41: Use regmap_read_poll_timeout to wait for OTP boot
+ (bsc#1203699).
+- ASoC: cs35l41: Fix use of an uninitialised variable
+ (bsc#1203699).
+- ASoC: cs35l41: Add bindings for CS35L41 (bsc#1203699).
+- ASoC: cs35l41: CS35L41 Boosted Smart Amplifier (bsc#1203699).
+- ASoC: wm_adsp: Remove pointless string comparison (bsc#1203699).
+- commit 5d21207
+
+- kABI: Add back removed struct paca member (bsc#1203664
+ ltc#199236).
+- Revert "powerpc/rtas: Implement reentrant rtas call"
+ (bsc#1203664 ltc#199236).
+- commit 93ebb75
+
+- blacklist.conf: add scsi commit that's too invasive
+- commit ed3d357
+
+- struct ehci_hcd: hide new element going into a hole (git-fixes).
+- commit 859270b
+
+- USB: Fix ehci infinite suspend-resume loop issue in zhaoxin
+ (git-fixes).
+- commit 71e1e4f
+
+- xen/usb: don't use arbitrary_virt_to_machine() (git-fixes).
+- commit 9497b70
+
+- usb: host: xhci: fix a comment typo in xhci_mem_init()
+ (git-fixes).
+- usb: host: xhci: use ffs() in xhci_mem_init() (git-fixes).
+- commit f930b4a
+
+- usb: Drop commas after SoC match table sentinels (git-fixes).
+- commit c8fc91a
+
+- struct xhci_hcd: restore member now dynamically allocated
+ (git-fixes).
+- commit ac47acd
+
+- USB: core: Fix RST error in hub.c (git-fixes).
+- commit 19a77db
+
+- Update config files. (jsc#PED-1763)
+- supported.conf:
+- commit 9894f49
+
+- fuse: Remove the control interface for virtio-fs (bsc#1203798).
+- commit a23dd0d
+
+- constraints: increase disk space for all architectures
+ References: bsc#1203693
+ aarch64 is already suffering. SLE15-SP5 x86_64 stats show that it is
+ very close to the limit.
+- commit 43a9011
+
+- usb.h: struct usb_device: hide new member (git-fixes).
+- commit fbd8f4a
+
+- USB: core: Prevent nested device-reset calls (git-fixes).
+- commit 9ef8532
+
+- usb: dwc3: disable USB core PHY management (git-fixes).
+- commit 1a35727
+
+- Update patch referecen for ALSA fix (CVE-2022-3303 bsc#1203769)
+- commit 9addbc1
+
+- ACPI: processor idle: Practically limit "Dummy wait" workaround
+ to old Intel systems (bsc#1203767).
+- commit ec98644
+
+- NFSv4.2: Update mode bits after ALLOCATE and DEALLOCATE
+ (git-fixes).
+- NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
+ (git-fixes).
+- md: call __md_stop_writes in md_stop (git-fixes).
+- SUNRPC: RPC level errors should set task->tk_rpc_status
+ (git-fixes).
+- NFSv4.2 fix problems with __nfs42_ssc_open (git-fixes).
+- net/sunrpc: fix potential memory leaks in
+ rpc_sysfs_xprt_state_change() (git-fixes).
+- SUNRPC: Reinitialise the backchannel request buffers before
+ reuse (git-fixes).
+- NFSv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes).
+- NFSv4: Fix races in the legacy idmapper upcall (git-fixes).
+- sunrpc: fix expiry of auth creds (git-fixes).
+- NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
+ (git-fixes).
+- NFSv4.1: Don't decrease the value of seq_nr_highest_sent
+ (git-fixes).
+- pNFS/flexfiles: Report RDMA connection errors to the server
+ (git-fixes).
+- Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
+ (git-fixes).
+- lockd: detect and reject lock arguments that overflow
+ (git-fixes).
+- SUNRPC: Fix xdr_encode_bool() (git-fixes).
+- nfsd: eliminate the NFSD_FILE_BREAK_* flags (git-fixes).
+- md-raid10: fix KASAN warning (git-fixes).
+- NFSD: restore EINVAL error translation in nfsd_commit()
+ (git-fixes).
+- NFSD: Clean up the show_nf_flags() macro (git-fixes).
+- SUNRPC: Don't leak sockets in xs_local_connect() (git-fixes).
+- SUNRPC: Don't call connect() more than once on a TCP socket
+ (git-fixes).
+- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
+- NFSD: Fix offset type in I/O trace points (git-fixes).
+- NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests
+ (git-fixes).
+- commit 510ad2f
+
+- x86/sev: Add missing __init annotations to SEV init routines
+ (jsc#SLE-19924 jsc#SLE-24814).
+- Refresh
+ patches.suse/x86-sev-Get-the-AP-jump-table-address-from-secrets-page.
+- commit e7f768c
+
+- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
+ (git-fixes).
+- commit c7d72a7
+
+- i2c: mlxbf: Fix frequency calculation (git-fixes).
+- i2c: mlxbf: prevent stack overflow in
+ mlxbf_i2c_smbus_start_transaction() (git-fixes).
+- i2c: mlxbf: incorrect base address passed during io write
+ (git-fixes).
+- i2c: imx: If pm_runtime_get_sync() returned 1 device access
+ is possible (git-fixes).
+- commit abc7475
+
+- blacklist.conf: remove blacklisted patch
+ This patch was incorrectly blacklisted, but in fact
+ is needeed, so remove the blacklist first.
+- commit 858de69
+
+- serial: fsl_lpuart: Reset prior to registration (git-fixes).
+- workqueue: don't skip lockdep work dependency in
+ cancel_work_sync() (git-fixes).
+- arm64: topology: fix possible overflow in amu_fie_setup()
+ (git-fixes).
+- media: flexcop-usb: fix endpoint type check (git-fixes).
+- usb: dwc3: core: leave default DMA if the controller does not
+ support 64-bit DMA (git-fixes).
+- drm/panel: simple: Fix innolux_g121i1_l01 bus_format
+ (git-fixes).
+- drm/mediatek: dsi: Move mtk_dsi_stop() call back to
+ mtk_dsi_poweroff() (git-fixes).
+- drm/mediatek: dsi: Add atomic {destroy,duplicate}_state,
+ reset callbacks (git-fixes).
+- drm/panfrost: devfreq: set opp to the recommended one to
+ configure regulator (git-fixes).
+- ASoC: nau8824: Fix semaphore unbalance at error paths
+ (git-fixes).
+- regulator: pfuze100: Fix the global-out-of-bounds access in
+ pfuze100_regulator_probe() (git-fixes).
+- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
+- wifi: mac80211_hwsim: check length for virtio packets
+ (git-fixes).
+- tty: serial: atmel: Preserve previous USART mode if RS485
+ disabled (git-fixes).
+- drm/tegra: vic: Fix build warning when CONFIG_PM=n (git-fixes).
+- video: fbdev: pxa3xx-gcu: Fix integer overflow in
+ pxa3xx_gcu_write (git-fixes).
+- serial: atmel: remove redundant assignment in rs485_config
+ (git-fixes).
+- video: fbdev: i740fb: Error out if 'pixclock' equals zero
+ (git-fixes).
+- commit 05ff2c7
+
+- scsi: mpt3sas: Fix use-after-free warning (git-fixes).
+- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
+- commit 338849f
+
+- kexec_file: drop weak attribute from functions (bsc#1196444).
+- commit 3df1852
+
+- KVM: avoid NULL pointer dereference in kvm_dirty_ring_push
+ (bsc#1198189 CVE-2022-1263).
+- commit 7717214
+
+- kexec, KEYS, s390: Make use of built-in and secondary keyring
+ for signature verification (bsc#1196444).
+- commit a0517d1
+
+- arm64: kexec_file: use more system keyrings to verify kernel
+ image signature (bsc#1196444).
+- kexec, KEYS: make the code in bzImage64_verify_sig generic
+ (bsc#1196444).
+- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).
+- kexec: drop weak attribute from functions (bsc#1196444).
+- x86/kexec: fix memory leak of elf header buffer (bsc#1196444).
+- commit 6bb0d35
+
+- arm64: dts: rockchip: Remove 'enable-active-low' from
+ rk3399-puma (git-fixes).
+- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz
+ (git-fixes).
+- arm64: dts: rockchip: Fix typo in lisense text for PX30.Core
+ (git-fixes).
+- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes).
+- selftests: forwarding: add shebang for sch_red.sh (git-fixes).
+- can: gs_usb: gs_can_open(): fix race dev->can.state condition
+ (git-fixes).
+- gve: Fix GFP flags when allocing pages (git-fixes).
+- wifi: mt76: fix reading current per-tid starting sequence
+ number for aggregation (git-fixes).
+- batman-adv: Fix hang up with small MTU hard-interface
+ (git-fixes).
+- net: phy: aquantia: wait for the suspend/resume operations to
+ finish (git-fixes).
+- gpiolib: cdev: Set lineevent_state::irq after IRQ register
+ successfully (git-fixes).
+- gpio: mockup: fix NULL pointer dereference when removing debugfs
+ (git-fixes).
+- selftests: forwarding: Fix failing tests with old libnet
+ (git-fixes).
+- commit 4895eee
+
+- dt-bindings: Add headers for Host1x and VIC on Tegra234
+ (jsc#PED-1763).
+- dt-bindings: memory: Add Tegra234 MGBE memory clients
+ (jsc#PED-1763).
+- dt-bindings: Add Tegra234 MGBE clocks and resets (jsc#PED-1763).
+- dt-bindings: power: Add Tegra234 MGBE power domains
+ (jsc#PED-1763).
+- dt-bindings: Add headers for Tegra234 GPCDMA (jsc#PED-1763).
+- dt-bindings: tegra186-hsp: add type for shared mailboxes
+ (jsc#PED-1763).
+- arm64: tegra: Add QSPI controllers on Tegra234 (jsc#PED-1763).
+- dt-bindings: memory: Add Tegra234 PCIe memory (jsc#PED-1763).
+- dt-bindings: power: Add Tegra234 PCIe power domains
+ (jsc#PED-1763).
+- dt-bindings: Add Tegra234 PCIe clocks and resets (jsc#PED-1763).
+- dt-bindings: Add HDA support for Tegra234 (jsc#PED-1763).
+- dt-bindings: Add Tegra234 APE support (jsc#PED-1763).
+- dt-bindings: Add headers for Tegra234 PWM (jsc#PED-1763).
+- dt-bindings: Add headers for Tegra234 I2C (jsc#PED-1763).
+- dt-bindings: gpio: Add Tegra234 support (jsc#PED-1763).
+- dt-bindings: memory: tegra: Add Tegra234 support (jsc#PED-1763).
+- dt-bindings: Update headers for Tegra234 (jsc#PED-1763).
+- commit 44a5986
+
+- net/mlx5: CT: Fix header-rewrite re-use for tupels (git-fixes).
+- commit a413591
+
+- net/mlx5e: TC NIC mode, fix tc chains miss table (git-fixes).
+- commit 7bd201a
+
+- net: enetc: Use pci_release_region() to release some resources
+ (git-fixes).
+- commit 15bc221
+
+- net: dsa: mv88e6xxx: Fix refcount leak in
+ mv88e6xxx_mdios_register (git-fixes).
+- commit 568058d
+
+- net: dsa: restrict SMSC_LAN9303_I2C kconfig (git-fixes).
+- commit a7df60c
+
+- net: stmmac: fix out-of-bounds access in a selftest (git-fixes).
+- commit 1d801d7
+
+- net: macb: Fix PTP one step sync support (git-fixes).
+- commit c6f42d2
+
+- net: wwan: iosm: remove pointless null check (git-fixes).
+- commit 4eccfc1
+
+- eth: sun: cassini: remove dead code (git-fixes).
+- commit aa42615
+
+- net: stmmac: remove unused get_addr() callback (git-fixes).
+- commit 14586bc
+
+- Revert "ice: Hide bus-info in ethtool for PRs in switchdev mode"
+ (git-fixes).
+- commit 2b88535
+
+- net: ethernet: stmmac: fix write to sgmii_adapter_base
+ (git-fixes).
+- commit 63c3906
+
+- net: dsa: felix: fix tagging protocol changes with multiple
+ CPU ports (git-fixes).
+- commit 41e3617
+
+- net: dsa: introduce helpers for iterating through ports using dp
+ (git-fixes).
+- commit 5001021
+
+- ice: arfs: fix use-after-free when freeing @rx_cpu_rmap
+ (git-fixes).
+- commit 1bdfd3c
+
+- net: hns3: add netdev reset check for hns3_set_tunable()
+ (git-fixes).
+- commit f002bf7
+
+- net: phy: at803x: move page selection fix to config_init
+ (git-fixes).
+- commit 02fb6c3
+
+- ice: Match on all profiles in slow-path (git-fixes).
+- commit 5ba2957
+
+- net: ipa: kill ipa_cmd_pipeline_clear() (git-fixes).
+- commit 1308dcb
+
+- blacklist.conf: update blacklist
+- commit e0df553
+
+- blacklist.conf: update blacklist
+- commit d975e01
+
+- blacklist.conf: update blacklist
+- commit 2402036
+
+- ALSA: hda: Fix Nvidia dp infoframe (git-fixes).
+- ALSA: hda/tegra: set depop delay for tegra (git-fixes).
+- ALSA: hda/tegra: Update scratch reg. communication (git-fixes).
+- ALSA: hda/tegra: Add Tegra234 hda driver support (git-fixes).
+- commit 636d297
+
+- ALSA: hda/realtek: Add a quirk for HP OMEN 16 (8902) mute LED
+ (git-fixes).
+- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
+- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
+ (git-fixes).
+- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
+- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530
+ laptop (git-fixes).
+- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570
+ laptop (git-fixes).
+- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
+- ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
+- commit a4ecf82
+
+- dmaengine: ti: k3-udma-private: Fix refcount leak bug in
+ of_xudma_dev_get() (git-fixes).
+- Revert "ALSA: usb-audio: Split endpoint setups for hw_params
+ and prepare" (git-fixes).
+- ALSA: core: Fix double-free at snd_card_new() (git-fixes).
+- ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes).
+- ALSA: hda: Fix hang at HD-audio codec unbinding due to refcount
+ saturation (git-fixes).
+- ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible
+ (git-fixes).
+- gpio: mockup: remove gpio debugfs when remove device
+ (git-fixes).
+- Input: iforce - add support for Boeder Force Feedback Wheel
+ (git-fixes).
+- Input: goodix - add compatible string for GT1158 (git-fixes).
+- Input: goodix - add support for GT1158 (git-fixes).
+- drm/msm/rd: Fix FIFO-full deadlock (git-fixes).
+- drm/amd/amdgpu: skip ucode loading if ucode_size == 0
+ (git-fixes).
+- usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS
+ (git-fixes).
+- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell
+ Dot keymap fixes (git-fixes).
+- platform/surface: aggregator_registry: Add support for Surface
+ Laptop Go 2 (git-fixes).
+- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).
+- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered
+ message (git-fixes).
+- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo
+ (git-fixes).
+- ACPI: resource: skip IRQ override on AMD Zen platforms
+ (git-fixes).
+- ARM: dts: imx: align SPI NOR node name with dtschema
+ (git-fixes).
+- commit 6a1df1e
+
+- Refresh patches.suse/iommu-vt-d-Acquiring-lock-in-domain-ID-allocation-helpers
+ Fix spin deadlock in intel_iommu (bsc#1203505)
+- commit 69d294e
+
+- media: dvb-core: Fix UAF due to refcount races at releasing
+ (CVE-2022-41218 bsc#1202960).
+- commit bdcd7ab
+
+- cpufreq: tegra194: Staticize struct tegra_cpufreq_soc instances
+ (jsc#PED-1763).
+- commit 2b309dd
+
+- ASoC: tegra: AHUB routes for OPE module (jsc#PED-1763).
+- commit ae8614b
+
+- PCI: tegra194: Add Tegra234 PCIe support (jsc#PED-1763).
+- commit 9848d71
+
+- PCI: tegra194: Extend Endpoint mode support (jsc#PED-1763).
+- commit 64c6d53
+
+- PCI: tegra194: Clean up the exit path for Endpoint mode
+ (jsc#PED-1763).
+- commit 77cf561
+
+- PCI: tegra194: Enable support for 256 Byte payload
+ (jsc#PED-1763).
+- commit 3d70757
+
+- PCI: tegra194: Clear bandwidth management status (jsc#PED-1763).
+- commit 4eb1d6d
+
+- PCI: tegra194: Find RAS DES PCIe capability offset
+ (jsc#PED-1763).
+- commit 6869f7e
+
+- Revert "PCI: tegra194: Rename tegra_pcie_dw to tegra194_pcie"
+ (jsc#PED-1763).
+- Refresh
+ patches.suse/PCI-tegra194-Fix-Root-Port-interrupt-handling.patch.
+- commit 7c3a2c4
+
+- dmaengine: tegra: Add terminate() for Tegra234 (jsc#PED-1763).
+- commit 14777c3
+
+- phy: tegra: Add PCIe PIPE2UPHY support for Tegra234
+ (jsc#PED-1763).
+- commit 8045a50
+
+- gpu: host1x: Register context bus unconditionally
+ (jsc#PED-1763).
+- commit 1cdd50a
+
+- spi: dt-bindings: Add compatible for Tegra241 QSPI
+ (jsc#PED-1763).
+- commit f5277d1
+
+- spi: tegra210-quad: Multi-cs support (jsc#PED-1763).
+- commit 5df9b77
+
+- memory: tegra: Add MGBE memory clients for Tegra234
+ (jsc#PED-1763).
+- commit fe9c9ad
+
+- clocksource/drivers/timer-tegra186: Add support for Tegra234
+ SoC (jsc#PED-1763).
+- commit 9102f99
+
+- clocksource: Add Tegra186 timers support (jsc#PED-1763).
+- Update config files
+- commit f783dd3
+
+- gpu: host1x: Add context bus (jsc#PED-1763).
+- commit 62055eb
+
+- iommu/arm-smmu: Support Tegra234 SMMU (jsc#PED-1763).
+- commit b6d01d1
+
+- cpufreq: tegra194: Add support for Tegra234 (jsc#PED-1763).
+- commit 6ccf722
+
+- cpufreq: tegra194: add soc data to support multiple soc
+ (jsc#PED-1763).
+- commit d6431d8
+
+- dmaengine: tegra: Remove unused switch case (jsc#PED-1763).
+- commit 21ff5bc
+
+- dmaengine: tegra: Fix uninitialized variable usage
+ (jsc#PED-1763).
+- commit 8692e6a
+
+- dmaengine: tegra: Use platform_get_irq() to get IRQ resource
+ (jsc#PED-1763).
+- commit dce0f23
+
+- dmaengine: tegra: Remove unused including <linux/version.h>
+ (jsc#PED-1763).
+- commit e600cdf
+
+- dmaengine: tegra: Add tegra gpcdma driver (jsc#PED-1763).
+- Update config files.
+- supported.conf
+- commit 8c4f76d
+
+- PCI: tegra194: Remove unnecessary MSI enable reg save and
+ restore (jsc#PED-1763).
+- commit 028846a
+
+- mailbox: tegra-hsp: Add 128-bit shared mailbox support
+ (jsc#PED-1763).
+- commit 2799912
+
+- mailbox: tegra-hsp: Add tegra_hsp_sm_ops (jsc#PED-1763).
+- commit 301d237
+
+- memory: tegra: Add MC error logging on Tegra186 onward
+ (jsc#PED-1763).
+- commit 803123e
+
+- memory: tegra: Add memory controller channels support
+ (jsc#PED-1763).
+- commit 91c35b0
+
+- memory: tegra: Add APE memory clients for Tegra234
+ (jsc#PED-1763).
+- commit bddcc01
+
+- memory: tegra: Add Tegra234 support (jsc#PED-1763).
+- commit 15d156c
+
+- soc/tegra: pmc: Update Tegra234 reset sources (jsc#PED-1763).
+- ASoC: tegra: AHUB routes for ASRC module (jsc#PED-1763).
+- soc/tegra: pmc: Add Tegra234 wake events (jsc#PED-1763).
+- commit 055208f
+
+- ASoC: tegra: Update AHUB driver for Tegra234 (jsc#PED-1763).
+- ALSA: hda/tegra: Hardcode GCAP ISS value on T234 (jsc#PED-1763).
+- commit 12ff211
+
+- PCI: tegra194: Rename tegra_pcie_dw to tegra194_pcie
+ (jsc#PED-1763).
+- Refresh
+ patches.suse/PCI-tegra194-Fix-Root-Port-interrupt-handling.patch.
+- Refresh
+ patches.suse/PCI-tegra194-Fix-link-up-retry-sequence.patch.
+- commit 43c995b
+
+- misc: sram: Add compatible string for Tegra234 SYSRAM
+ (jsc#PED-1763).
+- commit c359d28
+
+- gpio: tegra186: Add support for Tegra234 (jsc#PED-1763).
+- Refresh
+ patches.suse/gpio-tegra186-Add-support-for-Tegra241.patch.
+- commit 794cc29
+
+- gpu: host1x: select CONFIG_DMA_SHARED_BUFFER (jsc#PED-1763).
+- commit 805f6b6
+
+- Update kabi files: import symvers from MU 5.14.21-150400.24.21
+- commit a9db6f7
+
+- blacklist.conf: e9b6013a7ce3 x86/speculation: Update link to AMD speculation whitepaper
+- commit 2ebf815
+
+- EDAC/dmc520: Don't print an error for each unconfigured
+ interrupt line (bsc#1190497).
+- commit c59e321
+
+- blacklist.conf: ad2c302bc604 EDAC/sifive: Fix non-kernel-doc comment
+- commit 1146177
+
+- Update patch reference for media fix (CVE-2022-3239 bsc#1203552)
+- commit 9054a9f
+
+- supported.conf: Add drivers/virt/coco/sevguest/sevguest
+- commit 14b71be
+
+- virt: Add SEV-SNP guest driver (jsc#SLE-19924, jsc#SLE-24814).
+- Update config files.
+- commit 07e76d6
+
+- scsi: smartpqi: Shorten drive visibility after removal
+ (bsc#1200622).
+- commit 575230a
+
+- x86/sev: Provide support for SNP guest request NAEs
+ (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
+- commit eaa3ba3
+
+- x86/boot: Add Confidential Computing type to setup_data
+ (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+- commit cecec70
+
+- x86/mm: Validate memory when changing the C-bit (jsc#SLE-19924,
+ jsc#SLE-24814).
+- Refresh
+ patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
+- commit d7a984b
+
+- x86/sev: Check the VMPL level (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
+- commit df057b9
+
+- x86/sev: Add a helper for the PVALIDATE instruction
+ (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
+- commit 27da7ad
+
+- x86/compressed/64: Detect/setup SEV/SME features earlier during
+ boot (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/x86-sev-define-the-linux-specific-guest-termination-reasons.patch.
+- commit 509599d
+
+- kABI: Fix kABI after SNP-Guest backport (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Get the AP jump table address from secrets page
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/boot: Put globals that are accessed early into the .data
+ section (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Fix bool function returning negative value
+ (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Fix return value check in alloc_shared_pages()
+ (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement
+ (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Add support to get extended report
+ (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Add support to derive key (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Register SEV-SNP guest request platform device
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Add a sev= cmdline option (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Use firmware-validated CPUID for SEV-SNP guests
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Add SEV-SNP feature detection/setup (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/compressed/64: Add identity mapping for Confidential
+ Computing blob (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Export and rename add_identity_map()
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP
+ guests (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Add SEV-SNP feature detection/setup
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/boot: Add a pointer to Confidential Computing blob in
+ bootparams (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/64: Add support for SEV-SNP CPUID table in #VC
+ handlers (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Move MSR-based VMGEXITs for CPUID to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- KVM: x86: Move lookup of indexed CPUID leafs to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI kexec handling into common code
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI vendor table lookup to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI config table lookup to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI system table lookup to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI detection to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/head/64: Re-enable stack protection (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Use SEV-SNP AP creation to start secondary CPUs
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/kernel: Validate ROM memory before accessing when SEV-SNP
+ is active (jsc#SLE-19924, jsc#SLE-24814).
+- x86/kernel: Mark the .bss..decrypted section as shared in the
+ RMP table (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Add helper for validating pages in early enc attribute
+ changes (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Register GHCB memory when SEV-SNP is active
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Register GHCB memory when SEV-SNP is active
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Add helper for validating pages in the
+ decompression stage (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Check SEV-SNP features support (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/mm: Extend cc_attr to include AMD SEV-SNP (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Detect/setup SEV/SME features earlier in boot
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/boot: Use MSR read/write helpers instead of inline assembly
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/boot: Introduce helpers for MSR reads/writes (jsc#SLE-19924,
+ jsc#SLE-24814).
+- KVM: SVM: Update the SEV-ES save area mapping (jsc#SLE-19924,
+ jsc#SLE-24814).
+- KVM: SVM: Create a separate mapping for the GHCB save area
+ (jsc#SLE-19924, jsc#SLE-24814).
+- KVM: SVM: Create a separate mapping for the SEV-ES save area
+ (jsc#SLE-19924, jsc#SLE-24814).
+- KVM: SVM: Define sev_features and VMPL field in the VMSA
+ (jsc#SLE-19924, jsc#SLE-24814).
+- commit 08ede5a
+
+- md: unlock mddev before reap sync_thread in action_store
+ (bsc#1197659).
+- commit b42af07
+
+- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type
+ in mpc85xx (git-fixes).
+- pinctrl: sunxi: Fix name for A100 R_PIO (git-fixes).
+- pinctrl: qcom: sc8180x: Fix wrong pin numbers (git-fixes).
+- pinctrl: qcom: sc8180x: Fix gpio_wakeirq_map (git-fixes).
+- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).
+- drm/meson: Correct OSD1 global alpha value (git-fixes).
+- drm/amdgpu: move nbio sdma_doorbell_range() into sdma code
+ for vega (git-fixes).
+- drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega
+ (git-fixes).
+- of/device: Fix up of_dma_configure_id() stub (git-fixes).
+- of: fdt: fix off-by-one error in unflatten_dt_nodes()
+ (git-fixes).
+- drm/i915: Implement WaEdpLinkRateDataReload (git-fixes).
+- vfio/type1: Unpin zero pages (git-fixes).
+- efi: capsule-loader: Fix use-after-free in efi_capsule_write
+ (git-fixes).
+- efi: libstub: Disable struct randomization (git-fixes).
+- fbdev: chipsfb: Add missing pci_disable_device() in
+ chipsfb_pci_init() (git-fixes).
+- commit a8d151e
+
+- ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion
+ (git-fixes).
+- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly
+ (git-fixes).
+- drm/radeon: add a force flush to delay work when radeon
+ (git-fixes).
+- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup
+ (git-fixes).
+- drm/amdgpu: Move psp_xgmi_terminate call from
+ amdgpu_xgmi_remove_device to psp_hw_fini (git-fixes).
+- drm/gem: Fix GEM handle release errors (git-fixes).
+- ASoC: mchp-spdiftx: remove references to mchp_i2s_caps
+ (git-fixes).
+- drm/bridge: display-connector: implement bus fmts callbacks
+ (git-fixes).
+- commit a41cdd0
+
+- xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
+ (git-fixes).
+- commit 37ef226
+
+- xen-blkfront: Cache feature_persistent value before
+ advertisement (git-fixes).
+- commit 3ed3cdd
+
+- Update references:
+ - patches.kabi/kabi-return-type-change-of-secure_ipv-46-_port_ephem.patch
+ - patches.suse/secure_seq-use-the-64-bits-of-the-siphash-for-port-o.patch
+ - patches.suse/tcp-add-small-random-increments-to-the-source-port.patch
+ - patches.suse/tcp-drop-the-hash_32-part-from-the-index-calculation.patch
+ - patches.suse/tcp-dynamically-allocate-the-perturb-table-used-by-s.patch
+ - patches.suse/tcp-increase-source-port-perturb-table-to-2-16.patch
+ - patches.suse/tcp-resalt-the-secret-every-10-seconds.patch
+ - patches.suse/tcp-use-different-parts-of-the-port_offset-for-index.patch
+ (add CVE-2022-32296 bsc#1200288)
+- commit 07e021d
+
+- xen-netback: only remove 'hotplug-status' when the vif is
+ actually destroyed (git-fixes).
+- commit 33b6bc1
+
+- xen-blkfront: Advertise feature-persistent as user requested
+ (git-fixes).
+- commit 55b30a0
+
+- xen-blkback: Advertise feature-persistent as user requested
+ (git-fixes).
+- commit aa17727
+
+- xen-blkfront: Apply 'feature_persistent' parameter when connect
+ (git-fixes).
+- commit ea0d055
+
+- xen-blkback: Apply 'feature_persistent' parameter when connect
+ (git-fixes).
+- commit 8bac828
+
+- xen-blkback: fix persistent grants negotiation (git-fixes).
+- commit 8c9e86e
+
+- xen/gntdev: Avoid blocking in unmap_grant_pages() (git-fixes).
+- commit 8ae5e2f
+
+- x86/xen: Remove undefined behavior in setup_features()
+ (git-fixes).
+- commit fe2de2e
+
+- xen-blkfront: Handle NULL gendisk (git-fixes).
+- commit ff9be3a
+
+- blacklist.conf: add 1dbd11ca75fe ("xen: remove gnttab_query_foreign_access")
+ as it would break KABI
+- commit 893d5df
+
+- KVM: SVM: fix tsc scaling cache logic (bsc#1203263).
+- commit 9311053
+
+- xen/grants: prevent integer overflow in gnttab_dma_alloc_pages()
+ (git-fixes).
+- commit 4acefb4
+
+- KVM: VMX: Heed the 'msr' argument in msr_write_intercepted()
+ (git-fixes).
+- commit c7cc445
+
+- KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall
+ (git-fixes).
+- commit cfc201b
+
+- KVM: x86: hyper-v: Drop redundant 'ex' parameter from
+ kvm_hv_send_ipi() (git-fixes).
+- commit 001f866
+
+- KVM: X86: Fix when shadow_root_level=5 && guest root_level<4
+ (git-fixes).
+- commit 4d133af
+
+- jfs: prevent NULL deref in diFree (bsc#1203389 CVE-2022-3202).
+- commit 1259272
+
kernel-kvmsmall
+- scsi: qedi: Remove redundant flush_workqueue() calls
+ (jsc#PED-1525).
+- Refresh
+ patches.suse/scsi-iscsi-Fix-session-removal-on-shutdown.patch.
+- commit 57a0d4f
+
+- scsi: qedf: Fix a UAF bug in __qedf_probe() (jsc#PED-1524).
+- scsi: qedf: Fix typo in comment (jsc#PED-1524).
+- scsi: qedf: Remove redundant variable op (jsc#PED-1524).
+- scsi: qedf: Remove an unneeded NULL check on list iterator
+ (jsc#PED-1524).
+- scsi: qedf: Remove unnecessary code (jsc#PED-1524).
+- scsi: qedf: Stop using the SCSI pointer (jsc#PED-1524).
+- scsi: qedf: Change context reset messages to ratelimited
+ (jsc#PED-1524).
+- scsi: qedf: Fix refcount issue when LOGO is received during TMF
+ (jsc#PED-1524).
+- scsi: qedf: Add stag_work to all the vports (jsc#PED-1524).
+- scsi: qedi: Fix SYSFS_FLAG_FW_SEL_BOOT formatting
+ (jsc#PED-1525).
+- scsi: qedi: Remove set but unused 'page' variable
+ (jsc#PED-1525).
+- scsi: qedi: Fix cmd_cleanup_cmpl counter mismatch issue
+ (jsc#PED-1525).
+- commit a20fd84
+
+- Update kabi files. Refresh from Nov 2022 MU - 5.14.21-150400.24.28.1
+- commit a5edbce
+
+- usb: gadget: pxa25x_udc: Constify static struct pxa25x_ep_ops
+ (jsc#PED-1817).
+- commit ecf622b
+
+- usb: gadget: udc: core: Use pr_fmt() to prefix messages
+ (jsc#PED-1817).
+- commit 986d674
+
+- USB: gadget: Rename usb_gadget_probe_driver() (jsc#PED-1817).
+- commit ec7b016
+
+- ALSA: hiface: fix repeated words in comments (git-fixes).
+- commit 1897e56
+
+- ALSA: scarlett2: Add Focusrite Clarett+ 8Pre support
+ (git-fixes).
+- ALSA: scarlett2: Add support for the internal "standalone"
+ switch (git-fixes).
+- ALSA: scarlett2: Split scarlett2_config_items[] into 3 sections
+ (git-fixes).
+- ALSA: usb-audio: scarlett2: Use struct_size() helper in
+ scarlett2_usb() (git-fixes).
+- commit 51a746f
+
+- ALSA: usb-audio: Add mixer mapping for Gigabyte B450/550 Mobos
+ (git-fixes).
+- Refresh
+ patches.suse/ALSA-usb-audio-More-comprehensive-mixer-map-for-ASUS.patch.
+- commit aad3dbe
+
+- ALSA: line6: remove line6_set_raw declaration (git-fixes).
+- ALSA: usb-audio: Add quirk to enable Avid Mbox 3 support
+ (git-fixes).
+- ALSA: usb-audio: make read-only array marker static const
+ (git-fixes).
+- ALSA: line6: Replace sprintf() with sysfs_emit() (git-fixes).
+- ALSA: usb/6fire: fix repeated words in comments (git-fixes).
+- ALSA: usb-audio: remove redundant assignment to variable c
+ (git-fixes).
+- commit 7b36d72
+
+- ring-buffer: Check for NULL cpu_buffer in
+ ring_buffer_wake_waiters() (bsc#1204705).
+- commit 2e712ad
+
+- USB / dwc3: Fix three doc-build warnings (jsc#PED-1817).
+- commit 654acff
+
+- usb: dwc3: fix backwards compat with rockchip devices
+ (jsc#PED-1817).
+- commit c7590b2
+
+- usb: dwc3: core: do not use 3.0 clock when operating in 2.0 mode
+ (jsc#PED-1817).
+- Refresh
+ patches.suse/usb-dwc3-core-Enable-GUCTL1-bit-10-for-fixing-termin.patch.
+- commit 02bd07f
+
+- usb: dwc3: imx8mp: rename iomem base pointer (jsc#PED-1817).
+- commit 0504947
+
+- usb: dwc3: drd: Don't check against CONFIG_OF (jsc#PED-1817).
+- commit ce7e9f1
+
+- usb: dwc3: Program GFLADJ (jsc#PEd-1817).
+- commit daeb10e
+
+- usb: dwc3: Calculate REFCLKPER based on reference clock
+ (jsc#PED-1817).
+- commit a22b861
+
+- usb: dwc3: Get clocks individually (jsc#PED-1817).
+- blacklist.conf:
+- commit 3423db7
+
+- usb: dwc3: drd: Add support for usb-conn-gpio based
+ usb-role-switch (jsc#PED-1817).
+- commit 80843c9
+
+- Correct JIRA reference for these patches (jsc#PED-1496).
+ Use implementation, not the Epic:
+- Update
+ patches.suse/scsi-be2iscsi-Switch-to-attribute-groups.patch
+ (jsc#PED-1496).
+- Update patches.suse/scsi-bnx2i-Switch-to-attribute-groups.patch
+ (jsc#PED-1496).
+- Update
+ patches.suse/scsi-iscsi-Fix-harmless-double-shift-bug.patch
+ (jsc#PED-1496).
+- Update patches.suse/scsi-iscsi-Merge-suspend-fields.patch
+ (jsc#PED-1496).
+- Update
+ patches.suse/scsi-iscsi-Remove-iscsi_get_task-back_lock-requirement.patch
+ (jsc#PED-1496).
+- Update
+ patches.suse/scsi-iscsi-Rename-iscsi_conn_queue_work.patch
+ (jsc#PED-1496).
+- Update patches.suse/scsi-iscsi-Stop-using-the-SCSI-pointer.patch
+ (jsc#PED-1496).
+- Update patches.suse/scsi-qedi-Switch-to-attribute-groups.patch
+ (jsc#PED-1496).
+- commit 71bf164
+
+- scsi: core: Fix early registration of sysfs attributes for
+ scsi_device (jsc#PED-1561).
+- commit dfe7dcb
+
+- scsi: core: Remove two host template members that are no longer
+ used (jsc#PED-1561).
+- scsi: usb: Switch to attribute groups (jsc#PED-1561).
+- scsi: staging: unisys: Remove the shost_attrs member
+ (jsc#PED-1561).
+- commit 036b753
+
+- scsi: zfcp: Switch to attribute groups (jsc#PED-1561).
+- scsi: message: fusion: Switch to attribute groups
+ (jsc#PED-1561).
+- scsi: RDMA/srp: Switch to attribute groups (jsc#PED-1561).
+- scsi: firewire: sbp2: Switch to attribute groups (jsc#PED-1561).
+- commit ad14a91
+
+- scsi: ata: Switch to attribute groups (jsc#PED-1561).
+- libata: Introduce ncq_prio_supported sysfs sttribute
+ (jsc#PED-1561).
+- libata: print feature list on device scan (jsc#PED-1561).
+- libata: fix ata_read_log_page() warning (jsc#PED-1561).
+- commit dc4d292
+
+- libata: cleanup NCQ priority handling (jsc#PED-1561).
+- Update
+ patches.suse/libata-Add-ATA_HORKAGE_NO_NCQ_ON_ATI-for-Samsung-860.patch
+ (jsc#PED-1561).
+- commit d313a88
+
+- libata: cleanup ata_dev_configure() (jsc#PED-1561).
+- libata: cleanup device sleep capability detection
+ (jsc#PED-1561).
+- libata: simplify ata_scsi_rbuf_fill() (jsc#PED-1561).
+- commit 01272a8
+
+- scsi: qla2xxx: Switch to attribute groups (jsc#PED-1561).
+- Refresh
+ patches.suse/scsi-qla2xxx-edif-remove-old-doorbell-interface.patch.
+- commit 6464680
+
+- scsi: lpfc: Switch to attribute groups (jsc#PED-1561).
+- Refresh
+ patches.suse/scsi-lpfc-Remove-Menlo-Hornet-related-code.patch.
+- Refresh
+ patches.suse/scsi-lpfc-Remove-SANDiags-related-code.patch.
+- Refresh
+ patches.suse/scsi-lpfc-Remove-failing-soft_wwn-support.patch.
+- Refresh
+ patches.suse/scsi-lpfc-move-scsi_host_template-outside-dynamically.patch.
+- commit 4aeb242
+
+- scsi: snic: Switch to attribute groups (jsc#PED-1561).
+- scsi: smartpqi: Switch to attribute groups (jsc#PED-1561).
+- scsi: qla4xxx: Switch to attribute groups (jsc#PED-1561).
+- scsi: qedf: Switch to attribute groups (jsc#PED-1561).
+- scsi: pm8001: Switch to attribute groups (jsc#PED-1561).
+- scsi: sym53c500_cs: Switch to attribute groups (jsc#PED-1561).
+- scsi: ncr53c8xx: Switch to attribute groups (jsc#PED-1561).
+- scsi: myrs: Switch to attribute groups (jsc#PED-1561).
+- scsi: myrb: Switch to attribute groups (jsc#PED-1561).
+- scsi: mvsas: Switch to attribute groups (jsc#PED-1561).
+- scsi: mpt3sas: Switch to attribute groups (jsc#PED-1561).
+- scsi: megaraid_sas: Switch to attribute groups (jsc#PED-1561).
+- scsi: megaraid_mbox: Switch to attribute groups (jsc#PED-1561).
+- scsi: isci: Switch to attribute groups (jsc#PED-1561).
+- scsi: ipr: Switch to attribute groups (jsc#PED-1561).
+- scsi: ibmvfc: Switch to attribute groups (jsc#PED-1561).
+- scsi: ibmvscsi: Switch to attribute groups (jsc#PED-1561).
+- scsi: hptiop: Switch to attribute groups (jsc#PED-1561).
+- scsi: hpsa: Switch to attribute groups (jsc#PED-1561).
+- scsi: hisi_sas: Switch to attribute groups (jsc#PED-1561).
+- scsi: fnic: Switch to attribute groups (jsc#PED-1561).
+- scsi: cxlflash: Switch to attribute groups (jsc#PED-1561).
+- scsi: csiostor: Switch to attribute groups (jsc#PED-1561).
+- scsi: bnx2fc: Switch to attribute groups (jsc#PED-1561).
+- scsi: bfa: Switch to attribute groups (jsc#PED-1561).
+- scsi: arcmsr: Switch to attribute groups (jsc#PED-1561).
+- scsi: aacraid: Switch to attribute groups (jsc#PED-1561).
+- scsi: 53c700: Switch to attribute groups (jsc#PED-1561).
+- scsi: 3w-xxxx: Switch to attribute groups (jsc#PED-1561).
+- scsi: 3w-sas: Switch to attribute groups (jsc#PED-1561).
+- scsi: 3w-9xxx: Switch to attribute groups (jsc#PED-1561).
+- commit 3ddf4fd
+
+- Update patch references to
+ patches.suse/0001-floppy-disable-FDRAWCMD-by-default.patch
+ (bsc#1200692 CVE-2022-33981).
+- commit 913147c
+
+- usb: dwc3: Drop unneeded calls to platform_get_resource_byname()
+ (jsc#PED-1817).
+- Refresh
+ patches.suse/usb-dwc3-disable-USB-core-PHY-management.patch.
+- commit cb5354a
+
+- usb: gadget: remove unnecessary AND operation when get ep maxp
+ (jsc#PED-1817).
+- commit 528613b
+
+- usb: gadget: udc: core: Introduce check_config to verify USB
+ configuration (jsc#PEd-1817).
+- commit 69ec7cd
+
+- scsi: scsi_transport_fc: Use %u for dev_loss_tmo (bsc#1202914).
+- commit 0d14223
+
+- iommu/vt-d: Do not falsely log intel_iommu is unsupported
+ kernel option (bsc#1204947).
+- commit 440c18c
+
+- wifi: brcmfmac: Fix potential buffer overflow in
+ brcmf_fweh_event_worker() (CVE-2022-3628 bsc#1204868).
+- commit 968feec
+
+- usb: dwc3: gadget: Support Multi-Stream Transfer (jsc#PED-531).
+- commit 0ed805f
+
+- usb: dwc3: gadget: Skip resizing EP's TX FIFO if already resized
+ (jsc#PED-1817).
+- Refresh
+ patches.suse/usb-dwc3-gadget-Wait-for-ep0-xfers-to-complete-durin.patch.
+- commit b389709
+
+- usb: dwc3: reference clock period configuration (jsc#PED-1817).
+- commit 8ce586b
+
+- Drop Dell Dock regression fix patch again (bsc#1204719)
+ It tunred out to be bogus, a different fix is needed
+- commit 2c62bb9
+
+- usb: dwc3: drd: use helper to get role-switch-default-mode
+ (jsc#PED-1817).
+- commit 7f03301
+
+- usb: dwc3: Resize TX FIFOs to meet EP bursting requirements
+ (jsc#PED-1817).
+- Refresh
+ patches.suse/usb-dwc3-core-Fix-tx-rx-threshold-settings.patch.
+- Refresh
+ patches.suse/usb-dwc3-gadget-Avoid-starting-DWC3-gadget-during-UD.patch.
+- Refresh
+ patches.suse/usb-dwc3-gadget-Wait-for-ep0-xfers-to-complete-durin.patch.
+- commit 68d4f6e
+
+- scsi: lpfc: Update the obsolete adapter list (bsc#1204142).
+- commit dc8f2da
+
+- scsi: qla2xxx: Use transport-defined speed mask for
+ supported_speeds (bsc#1204963).
+- scsi: qla2xxx: Fix serialization of DCBX TLV data request
+ (bsc#1204963).
+- commit d6d1732
+
+- Move upstreamed sound patches into sorted section
+- commit a5b0f8c
+
+- ALSA: usb-audio: Fix regression with Dell Dock jack detection
+ (bsc#1204719).
+- commit ec69ec6
+
+- Kbuild: add -Wno-shift-negative-value where -Wextra is used
+ (bsc#1204877).
+- Kbuild: use -Wdeclaration-after-statement (bsc#1204877).
+- Refresh patches.suse/Kbuild-move-to-std-gnu11.patch.
+- Refresh
+ patches.suse/Kbuild-use-std-gnu11-for-KBUILD_USERCFLAGS.patch.
+- commit e76ac45
+
+- scsi: lpfc: Update lpfc version to 14.2.0.8 (bsc#1204957).
+- scsi: lpfc: Create a sysfs entry called lpfc_xcvr_data for
+ transceiver info (bsc#1204957).
+- scsi: lpfc: Log when congestion management limits are in effect
+ (bsc#1204957).
+- scsi: lpfc: Fix hard lockup when reading the rx_monitor from
+ debugfs (bsc#1204957).
+- scsi: lpfc: Set sli4_param's cmf option to zero when CMF is
+ turned off (bsc#1204957).
+- scsi: lpfc: Fix spelling mistake "unsolicted" -> "unsolicited"
+ (bsc#1204957).
+- scsi: lpfc: Fix memory leak in lpfc_create_port() (bsc#1204957).
+- commit f06c1f8
+
+- RDMA/irdma: Remove the unnecessary variable saddr (git-fixes)
+ [#] Conflicts:
+ [#] series.conf
+- commit cc60033
+
+- RDMA/irdma: Use net_type to check network type (git-fixes)
+ [#] Conflicts:
+ [#] series.conf
+- commit cc0ac5a
+
+- Drop verbose nvme logging feature (bsc#1200567)
+ This feature caused regressions by logging all failed NVMe
+ commands. Though not all of them are actually a real
+ error. E.g. libnvme is probing for features and handling fails
+ correctly. Upstream fixed this by disabling this feature and looking
+ into making this an opt-in option.
+- Delete patches.suse/nvme-add-verbose-error-logging.patch.
+- Delete
+ patches.suse/nvme-don-t-print-verbose-errors-for-internal-passthr.patch.
+- commit a82baa8
+
+- RDMA/irdma: Validate udata inlen and outlen (git-fixes)
+- commit c66230c
+
+- RDMA/irdma: Add support for address handle re-use (git-fixes)
+- commit 456aa9c
+
+- RDMA/irdma: Move union irdma_sockaddr to header file (git-fixes)
+- commit 01da806
+
+- selftests/livepatch: better synchronize test_klp_callbacks_busy
+ (bsc#1071995).
+- commit 82010dd
+
+- livepatch: Add a missing newline character in
+ klp_module_coming() (bsc#1071995).
+- commit 82368b9
+
+- RDMA/srp: Support more than 255 rdma ports (git-fixes)
+- commit 6da7233
+
+- RDMA/srp: Handle dev_set_name() failure (git-fixes)
+- commit 2aa5768
+
+- RDMA/srp: Use the attribute group mechanism for sysfs attributes (git-fixes)
+- commit ee393a3
+
+- RDMA/srp: Rework the srp_add_port() error path (git-fixes)
+- commit cf4fa33
+
+- livepatch: fix race between fork and KLP transition
+ (bsc#1071995).
+- commit bc0a77a
+
+- RDMA/srpt: Introduce a reference count in struct srpt_device (git-fixes)
+- commit fecc405
+
+- RDMA/srpt: Fix a use-after-free (git-fixes)
+- commit e0cd3e8
+
+- RDMA/srpt: Duplicate port name members (git-fixes)
+- commit accb2fe
+
+- Input: applespi - avoid efivars API and invoke EFI services
+ directly (jsc#PED-1409).
+- brcmfmac: Switch to appropriate helper to load EFI variable
+ contents (jsc#PED-1409).
+- iwlwifi: Switch to proper EFI variable store interface
+ (jsc#PED-1409).
+- media: atomisp_gmin_platform: stop abusing efivar API
+ (jsc#PED-1409).
+- commit af0a2c9
+
+- Update patches.suse/kbuild-Add-skip_encoding_btf_enum64-option-to-pahole.patch
+ (bsc#1204693).
+- commit 9cde40b
+
+- efi: libstub: check Shim mode using MokSBStateRT (jsc#PED-1409).
+- efi: x86: Wipe setup_data on pure EFI boot (jsc#PED-1409).
+- efi: efibc: Guard against allocation failure (jsc#PED-1409).
+- efi/x86: libstub: remove unused variable (jsc#PED-1409).
+- efi: vars: Move efivar caching layer into efivarfs
+ (jsc#PED-1409).
+- efi: vars: Switch to new wrapper layer (jsc#PED-1409).
+- efi: vars: Remove deprecated 'efivars' sysfs interface
+ (jsc#PED-1409).
+ Update config files.
+ Refresh
+ patches.suse/0006-efi-allow-user-to-regenerate-secret-key.patch.
+- efi: vars: Drop __efivar_entry_iter() helper which is no longer
+ used (jsc#PED-1409).
+- efi: pstore: Omit efivars caching EFI varstore access layer
+ (jsc#PED-1409).
+- pstore: Add priv field to pstore_record for backend specific
+ use (jsc#PED-1409).
+- pstore: Don't use semaphores in always-atomic-context code
+ (jsc#PED-1409).
+- commit db34623
+
+- drivers: fix typo in firmware/efi/memmap.c (jsc#PED-1409).
+- efi: vars: Use locking version to iterate over efivars linked
+ lists (jsc#PED-1409).
+- efi: vars: Add thin wrapper around EFI get/set variable
+ interface (jsc#PED-1409).
+- efi: vars: Don't drop lock in the middle of efivar_init()
+ (jsc#PED-1409).
+- efi: efibc: avoid efivar API for setting variables
+ (jsc#PED-1409).
+- efi: avoid efivars layer when loading SSDTs from variables
+ (jsc#PED-1409).
+- efi: Correct comment on efi_memmap_alloc (jsc#PED-1409).
+- efi: Make code to find mirrored memory ranges generic
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch.
+- commit 8075b46
+
+- blacklist.conf: scripts/gdb: Allow to read printk log buffer on
+ 32-bit systems; hardly needed by anyone
+- commit c5107b2
+
+- printk: wake waiters for safe and NMI contexts (bsc#1204934).
+- commit ccf6fd7
+
+- printk: use atomic updates for klogd work (bsc#1204934).
+- commit 42aa5d7
+
+- printk: add missing memory barrier to wake_up_klogd()
+ (bsc#1204934).
+- commit 91ae0ab
+
+- Revert "workqueue: remove unused cancel_work()" (bsc#1204933).
+- commit a8f292e
+
+- signal: break out of wait loops on kthread_stop() (bsc#1204926).
+- commit 1f81ec4
+
+- net/mlx5e: Properly disable vlan strip on non-UL reps
+ (git-fixes).
+- commit ea8a4bd
+
+- net: ipvtap - add __init/__exit annotations to module init/exit
+ funcs (git-fixes).
+- commit bcfb537
+
+- bonding: 802.3ad: fix no transmission of LACPDUs (git-fixes).
+- commit 0446df6
+
+- net: moxa: get rid of asymmetry in DMA mapping/unmapping
+ (git-fixes).
+- commit 6609905
+
+- net: ipa: don't assume SMEM is page-aligned (git-fixes).
+- commit 41f9dec
+
+- stmmac: intel: Add a missing clk_disable_unprepare() call in
+ intel_eth_pci_remove() (git-fixes).
+- commit bb8b4d3
+
+- Update metadata references
+- commit bdfc8f9
+
+- Refresh
+ patches.suse/drm-bridge-lt8912b-fix-corrupted-image-output.patch.
+ Alt-commit
+- commit f154e04
+
+- Refresh
+ patches.suse/drm-bridge-lt8912b-set-hdmi-or-dvi-mode.patch.
+ Alt-commit
+- commit 54a25a3
+
+- Refresh patches.suse/drm-bridge-lt8912b-add-vsync-hsync.patch.
+ Alt-commit
+- commit 6755cca
+
+- Refresh
+ patches.suse/drm-amdgpu-don-t-register-a-dirty-callback-for-non-a.patch.
+ Alt-commit
+- commit 5548e46
+
+- Refresh
+ patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-SDM660.patch.
+ Alt-commit
+- commit c51fb10
+
+- Refresh
+ patches.suse/drm-msm-dsi-Fix-number-of-regulators-for-msm8996_dsi.patch.
+ Alt-commit
+- commit e910e60
+
+- Refresh
+ patches.suse/drm-msm-dp-delete-DP_RECOVERED_CLOCK_OUT_EN-to-fix-t.patch.
+ Alt-commit
+- commit 8f4fbd6
+
+- Refresh
+ patches.suse/drm-amdgpu-make-sure-to-init-common-IP-before-gmc.patch.
+ Alt-commit
+- commit d839738
+
+- Refresh
+ patches.suse/drm-amdgpu-move-nbio-sdma_doorbell_range-into-sdma-c.patch.
+ Alt-commit
+- commit 4202af7
+
+- Refresh
+ patches.suse/drm-amdgpu-move-nbio-ih_doorbell_range-into-ih-code-.patch.
+ Alt-commit
+- commit 6a84f94
+
+- Refresh
+ patches.suse/drm-simpledrm-Fix-return-type-of-simpledrm_simple_di.patch.
+ Alt-commit
+- commit c6e149e
+
+- Refresh
+ patches.suse/drm-nouveau-fix-another-off-by-one-in-nvbios_addr.patch.
+ Alt-commit
+- commit 7c051d6
+
+- Refresh
+ patches.suse/drm-amd-display-Only-use-depth-36-bpp-linebuffers-on.patch.
+ Alt-commit
+- commit e1c296d
+
+- Refresh
+ patches.suse/Revert-drm-amdgpu-display-set-vblank_disable_immedia.patch.
+ Alt-commit
+- commit 1bf4062
+
+- Refresh
+ patches.suse/drm-fourcc-fix-integer-type-usage-in-uapi-header.patch.
+ Alt-commit
+- commit 174b777
+
+- Refresh
+ patches.suse/drm-bridge-ti-sn65dsi83-Handle-dsi_lanes-0-as-invali.patch.
+ Alt-commit
+- commit d529823
+
+- Refresh
+ patches.suse/Revert-drm-amd-pm-keep-the-BACO-feature-enabled-for-.patch.
+ Alt-commit
+- commit b27902a
+
+- docs: security: Add secrets/coco documentation (jsc#PED-1409).
+- efi: Register efi_secret platform device if EFI secret area
+ is declared (jsc#PED-1409).
+- commit df905cf
+
+- virt: Add efi_secret module to expose confidential computing
+ secrets (jsc#PED-1409).
+ Refresh patches.suse/virt-Add-SEV-SNP-guest-driver.
+ Update config files.
+ CONFIG_EFI_SECRET=y in x86_64/default
+- commit edb96ab
+
+- efi: sysfb_efi: remove unnecessary <asm/efi.h> include
+ (jsc#PED-1409).
+- x86: Fix all occurences of the "the the" typo (jsc#PED-1409).
+- efi: clean up Kconfig dependencies on CONFIG_EFI (jsc#PED-1409).
+ Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+ Update config files.
+- efi/x86: libstub: Make DXE calls mixed mode safe (jsc#PED-1409).
+- efifb: Remove redundant efifb_setup_from_dmi stub
+ (jsc#PED-1409).
+- efi/cper: Reformat CPER memory error location to more readable
+ (jsc#PED-1409).
+- EDAC/ghes: Unify CPER memory error location reporting
+ (jsc#PED-1409).
+- efi/cper: Add a cper_mem_err_status_str() to decode error
+ description (jsc#PED-1409).
+- efi: stub: prefer mirrored memory for randomized allocations
+ (jsc#PED-1409).
+- efi/arm64: libstub: run image in place if randomized by the
+ loader (jsc#PED-1409).
+- efi: libstub: pass image handle to handle_kernel_image()
+ (jsc#PED-1409).
+- efi: libstub: ensure allocated memory to be executable
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+ Update config files.
+- efi: libstub: declare DXE services table (jsc#PED-1409).
+- efi: Save location of EFI confidential computing area
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+ Update config files.
+ CONFIG_EFI_COCO_SECRET=y in x86_64/default, arm64/default and armv7hl/default
+- commit 6b0cf79
+
+- scsi: iscsi: Remove iscsi_get_task back_lock requirement
+ (jsc#PED-868).
+- scsi: iscsi: Rename iscsi_conn_queue_work() (jsc#PED-868).
+- scsi: iscsi: Fix harmless double shift bug (jsc#PED-868).
+- commit 5723646
+
+- scsi: iscsi: Merge suspend fields (jsc#PED-868).
+- Refresh
+ patches.suse/scsi-iscsi-Fix-NOP-handling-during-conn-recovery.patch.
+- commit 1473e45
+
+- RDMA/usnic: fix set-but-not-unused variable 'flags' warning (git-fixes)
+- commit a0cf107
+
+- IB/rdmavt: Add __init/__exit annotations to module init/exit funcs (git-fixes)
+- commit e49e34a
+
+- RDMA/rxe: Fix resize_finish() in rxe_queue.c (git-fixes)
+- commit 6b44016
+
+- RDMA/siw: Fix QP destroy to wait for all references dropped. (git-fixes)
+- commit 61cef3e
+
+- RDMA/siw: Always consume all skbuf data in sk_data_ready() upcall. (git-fixes)
+- commit 296a57b
+
+- RDMA/srp: Fix srp_abort() (git-fixes)
+- commit 7984b35
+
+- RDMA/irdma: Align AE id codes to correct flush code and event (git-fixes)
+- commit c55a705
+
+- RDMA/rxe: Fix the error caused by qp->sk (git-fixes)
+- commit 85ed907
+
+- RDMA/rxe: Fix "kernel NULL pointer dereference" error (git-fixes)
+- commit 94f5187
+
+- RDMA/mlx5: Don't compare mkey tags in DEVX indirect mkey (git-fixes)
+- commit cbf3855
+
+- RDMA/irdma: Report RNR NAK generation in device caps (git-fixes)
+- commit 7306409
+
+- RDMA/irdma: Return correct WC error for bind operation failure (git-fixes)
+- commit bb7b5cd
+
+- RDMA/irdma: Return error on MR deregister CQP failure (git-fixes)
+- commit e8ec2a2
+
+- RDMA/irdma: Report the correct max cqes from query device (git-fixes)
+- commit 2b8a0ed
+
+- RDMA/siw: Pass a pointer to virt_to_page() (git-fixes)
+- commit c54f89a
+
+- usb: typec: Remove retimers properly (jsc#PED-1211).
+- commit e583265
+
+- usb: typec: retimer: Add missing id check in match callback
+ (jsc#PED-1211).
+- commit cf4d688
+
+- USB: xhci: Fix comment typo (jsc#PED-531 jsc#PED-1211).
+- commit 2b3e84d
+
+- usb/typec/tcpm: fix repeated words in comments (jsc#PED-531
+ jsc#PED-1211).
+- commit 46257dd
+
+- usb: typec: Add retimer handle to port (jsc#PED-1211).
+- commit dde8f08
+
+- usb: typec: Add support for retimers (jsc#PED-1211).
+- commit cacdd0d
+
+- usb: typec: mux: Allow muxes to specify mode-switch
+ (jsc#PED-1211).
+- usb: typec: tcpm: Register USB Power Delivery Capabilities
+ (jsc#PED-531).
+- commit f8dc487
+
+- usb: typec: USB Power Delivery helpers for ports and partners
+ (jsc#PED-531 jsc#PED-1211).
+- Refresh patches.suse/0001-typeC-add-kABI-padding.patch.
+- Refresh patches.suse/typeC-Add-kABI-placeholders.patch.
+- commit 629af64
+
+- usb: typec: Separate USB Power Delivery from USB Type-C
+ (jsc#PED-531 jsc#PED-1211).
+- commit d284c3e
+
+- usb: gadget: bdc: fix typo in comment (git-fixes).
+- commit 0b9f194
+
+- usb: typec: tcpm: fix typo in comment (git-fixes).
+- commit a66c855
+
+- usb: common: usb-conn-gpio: Allow wakeup from system suspend
+ (jsc#PED-531).
+- commit 61abc68
+
+- powerpc/pseries: Move vas_migration_handler early during
+ migration (bsc#1204799 ltc#200177).
+- commit b7aa6a0
+
+- RDMA/srp: Set scmnd->result only when scmnd is not NULL (git-fixes)
+- commit 458db53
+
+- RDMA/cma: Fix arguments order in net device validation (git-fixes)
+- commit 81952c8
+
+- RDMA/rxe: Fix error unwind in rxe_create_qp() (git-fixes)
+- commit f572d06
+
+- kbuild: Add skip_encoding_btf_enum64 option to pahole
+ (git-fixes).
+- commit 934e48d
+
+- RDMA/mlx5: Add missing check for return value in get namespace flow (git-fixes)
+- commit 6e82f19
+
+- RDMA/rxe: Fix rnr retry behavior (git-fixes)
+- commit 7a75da5
+
+- RDMA/rxe: For invalidate compare according to set keys in mr (git-fixes)
+- commit 66293aa
+
+- RDMA/rxe: Fix mw bind to allow any consumer key portion (git-fixes)
+- commit c8934f1
+
+- RDMA/siw: Fix duplicated reported IW_CM_EVENT_CONNECT_REPLY event (git-fixes)
+- commit 79b1a39
+
+- RDMA/qedr: Fix potential memory leak in __qedr_alloc_mr() (git-fixes)
+- commit 706d0f6
+
+- RDMA: remove useless condition in siw_create_cq() (git-fixes)
+- commit 6f61f5a
+
+- RDMA/irdma: Fix setting of QP context err_rq_idx_valid field (git-fixes)
+- commit 026149f
+
+- RDMA/irdma: Fix VLAN connection with wildcard address (git-fixes)
+- commit f75f6bd
+
+- RDMA/irdma: Fix a window for use-after-free (git-fixes)
+- commit 5ca4a5f
+
+- RDMA/rxe: Fix deadlock in rxe_do_local_ops() (git-fixes)
+- commit afef467
+
+- RDMA/irdma: Fix sleep from invalid context BUG (git-fixes)
+- commit 735c971
+
+- RDMA/irdma: Do not advertise 1GB page size for x722 (git-fixes)
+- commit ccc988f
+
+- RDMA/qedr: Fix reporting QP timeout attribute (git-fixes)
+- commit c6a81d4
+
+- RDMA/hfi1: Fix potential integer multiplication overflow errors (git-fixes)
+- commit 2b22d3a
+
+- RDMA/hns: Add the detection for CMDQ status in the device initialization process (git-fixes)
+- commit 7090c13
+
+- RDMA/rxe: Generate a completion for unsupported/invalid opcode (git-fixes)
+- commit 2a9e949
+
+- blacklist.conf: Clarify status of 6f5c672d17f583b081e283927f5040f726c54598.
+- commit cfc21b5
+
+- s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing
+ pavgroup (git-fixes).
+- commit 3602f60
+
+- x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly
+ (jsc#PED-1816).
+- x86/fpu: Exclude dynamic states from init_fpstate
+ (jsc#PED-1816).
+- x86/fpu: Fix the init_fpstate size check with the actual size
+ (jsc#PED-1816).
+- x86/fpu: Configure init_fpstate attributes orderly
+ (jsc#PED-1816).
+- commit d47f5a0
+
+- drm/amdkfd: export svm_range_list_lock_and_flush_work
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit c19d328
+
+- amd/amdkfd: remove svms declaration to avoid werror
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 4bffdd8
+
+- drm/amdkfd: fix KFDSVMRangeTest.PartialUnmapSysMemTest fails
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 77d4811
+
+- Kbuild: use -std=gnu11 for KBUILD_USERCFLAGS (bsc#1204877).
+- Kbuild: move to -std=gnu11 (bsc#1204877).
+- commit 00462f0
+
+- fbdev: cyber2000fb: fix missing pci_disable_device()
+ (git-fixes).
+- fbdev: da8xx-fb: Fix error handling in .remove() (git-fixes).
+- iio: bmc150-accel-core: Fix unsafe buffer attributes
+ (git-fixes).
+- iio: adxl372: Fix unsafe buffer attributes (git-fixes).
+- iio: temperature: ltc2983: allocate iio channels once
+ (git-fixes).
+- iio: adc: mcp3911: use correct id bits (git-fixes).
+- iio: light: tsl2583: Fix module unloading (git-fixes).
+- usb: dwc3: gadget: Don't set IMI for no_interrupt (git-fixes).
+- usb: dwc3: gadget: Stop processing more requests on IMI
+ (git-fixes).
+- usb: bdc: change state when port disconnected (git-fixes).
+- hwmon/coretemp: Handle large core ID value (git-fixes).
+- ACPI: video: Make backlight class device registration a separate
+ step (v2) (git-fixes).
+- r8152: add PID for the Lenovo OneLink+ Dock (git-fixes).
+- net: usb: r8152: Add in new Devices that are supported for
+ Mac-Passthru (git-fixes).
+- arm64/mm: Consolidate TCR_EL1 fields (git-fixes).
+- commit 510527f
+
+- objtool,efi: Update __efi64_thunk annotation (jsc#PED-1409).
+ Refresh
+ patches.suse/efi-x86-use-naked-RET-on-mixed-mode-call-wrapper.patch.
+- efi/mokvar: move up init order (jsc#PED-1409).
+- commit de5f614
+
+- scsi: iscsi: Stop using the SCSI pointer (jsc#PED-868).
+- scsi: qedi: Switch to attribute groups (jsc#PED-868).
+- scsi: bnx2i: Switch to attribute groups (jsc#PED-868).
+- scsi: be2iscsi: Switch to attribute groups (jsc#PED-868).
+- commit 4dde282
+
+- tracing: Disable interrupt or preemption before acquiring
+ arch_spinlock_t (git-fixes).
+- commit 2afc9ce
+
+- tracing: Wake up ring buffer waiters on closing of the file
+ (git-fixes).
+- kABI: Fix after adding trace_iterator.wait_index (git-fixes).
+- commit c6de351
+
+- tracing: Fix reading strings from synthetic events (git-fixes).
+- commit b3d60fe
+
+- tracing: Add "(fault)" name injection to kernel probes
+ (git-fixes).
+- commit e8dfbfa
+
+- tracing: Move duplicate code of trace_kprobe/eprobe.c into header
+ (git-fixes).
+- commit 4676a84
+
+- ftrace: Fix char print issue in print_ip_ins() (git-fixes).
+- commit 40cb188
+
+- tracing: Do not free snapshot if tracer is on cmdline
+ (git-fixes).
+- commit 9e07624
+
+- tracing: Simplify conditional compilation code in
+ tracing_set_tracer() (git-fixes).
+- commit 35b9e24
+
+- ring-buffer: Fix race between reset page and reading page
+ (git-fixes).
+- commit e172e8c
+
+- tracing: Wake up waiters when tracing is disabled (git-fixes).
+- commit e65663f
+
+- tracing: Add ioctl() to force ring buffer waiters to wake up
+ (git-fixes).
+- commit d726bd0
+
+- ring-buffer: Add ring_buffer_wake_waiters() (git-fixes).
+- commit 3f155a7
+
+- ALSA: rme9652: use explicitly signed char (git-fixes).
+- ALSA: au88x0: use explicitly signed char (git-fixes).
+- ALSA: usb-audio: Add quirks for M-Audio Fast Track C400/600
+ (git-fixes).
+- commit 1285ea5
+
+- device property: Fix documentation for *_match_string() APIs
+ (git-fixes).
+- PM: domains: Fix handling of unavailable/disabled idle states
+ (git-fixes).
+- PM: hibernate: Allow hybrid sleep to work with s2idle
+ (git-fixes).
+- mmc: sdhci_am654: 'select', not 'depends' REGMAP_MMIO
+ (git-fixes).
+- mmc: core: Fix kernel panic when remove non-standard SDIO card
+ (git-fixes).
+- mmc: sdhci-pci-core: Disable ES for ASUS BIOS on Jasper Lake
+ (git-fixes).
+- mmc: sdhci-esdhc-imx: Propagate ESDHC_FLAG_HS400* only on 8bit
+ bus (git-fixes).
+- mtd: rawnand: marvell: Use correct logic for nand-keep-config
+ (git-fixes).
+- ALSA: aoa: Fix I2S device accounting (git-fixes).
+- ALSA: Use del_timer_sync() before freeing timer (git-fixes).
+- ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev()
+ (git-fixes).
+- ASoC: qcom: lpass-cpu: Mark HDMI TX parity register as volatile
+ (git-fixes).
+- ASoC: qcom: lpass-cpu: mark HDMI TX registers as volatile
+ (git-fixes).
+- ALSA: ac97: fix possible memory leak in snd_ac97_dev_register()
+ (git-fixes).
+- drm/i915/dp: Reset frl trained flag before restarting FRL
+ training (git-fixes).
+- drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
+ (git-fixes).
+- drm/msm/dp: fix IRQ lifetime (git-fixes).
+- drm/msm/hdmi: fix memory corruption with too many bridges
+ (git-fixes).
+- drm/msm/dsi: fix memory corruption with too many bridges
+ (git-fixes).
+- drm/msm: fix use-after-free on probe deferral (git-fixes).
+- drm/msm: Fix return type of mdp4_lvds_connector_mode_valid
+ (git-fixes).
+- commit a89c8ce
+
+- efi: Allow to enable EFI runtime services by default on RT
+ (jsc#PED-1409).
+ Update config files.
+- efi: use default_groups in kobj_type (jsc#PED-1409).
+- efi/libstub: measure loaded initrd info into the TPM
+ (jsc#PED-1409).
+- efi/libstub: consolidate initrd handling across architectures
+ (jsc#PED-1409).
+- efi/libstub: x86/mixed: increase supported argument count
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/x86-prepare-asm-files-for-straight-line-speculation.patch.
+ patches.suse/efi-x86-use-naked-RET-on-mixed-mode-call-wrapper.patch.
+- efi/libstub: add prototype of
+ efi_tcg2_protocol::hash_log_extend_event() (jsc#PED-1409).
+- include/linux/efi.h: Remove unneeded whitespaces before tabs
+ (jsc#PED-1409).
+- efi: Move efifb_setup_from_dmi() prototype from arch headers
+ (jsc#PED-1409).
+ Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+- commit fa39fcf
+
+- blacklist.conf: add reverted ASoC patches
+- commit 67ca727
+
+- net: mscc: ocelot: fix address of SYS_COUNT_TX_AGING counter
+ (git-fixes).
+- commit a23c712
+
+- net: dsa: sja1105: fix buffer overflow in
+ sja1105_setup_devlink_regions() (git-fixes).
+- commit 9684564
+
+- net: dsa: microchip: ksz9477: fix fdb_dump last invalid entry
+ (git-fixes).
+- commit bcb13eb
+
+- Update patch reference for USB fix (bsc#1196018 CVE-2022-28748 bsc#1202686 CVE-2022-2964)
+- commit 0ee154e
+
+- i40e: Fix to stop tx_timeout recovery if GLOBR fails
+ (git-fixes).
+- commit 9ae1da4
+
+- iavf: Fix reset error handling (git-fixes).
+- commit d4babdd
+
+- iavf: Fix adminq error handling (git-fixes).
+- commit 403a1a3
+
+- net: moxa: pass pdev instead of ndev to DMA functions
+ (git-fixes).
+- commit e117a5b
+
+- mlxsw: spectrum: Clear PTP configuration after unregistering
+ the netdevice (git-fixes).
+- commit 6677912
+
+- net: dsa: mv88e6060: prevent crash on an unused port
+ (git-fixes).
+- commit 00d6b8c
+
+- fec: Fix timer capture timing in `fec_ptp_enable_pps()`
+ (git-fixes).
+- commit 1a47f16
+
+- dpaa2-eth: trace the allocated address instead of page struct
+ (git-fixes).
+- commit 1020d1e
+
+- net: atlantic: fix aq_vec index out of range error (git-fixes).
+- commit 46d90a2
+
+- plip: avoid rcu debug splat (git-fixes).
+- commit eb203b2
+
+- net: bgmac: Fix a BUG triggered by wrong bytes_compl
+ (git-fixes).
+- commit cb50cd4
+
+- net: bcmgenet: Indicate MAC is in charge of PHY PM (git-fixes).
+- commit 1147d60
+
+- xen/netback: fix incorrect usage of
+ RING_HAS_UNCONSUMED_REQUESTS() (bsc#1204570).
+- commit 3c5f57f
+
+- can: j1939: transport: j1939_session_skb_drop_old():
+ spin_unlock_irqrestore() before kfree_skb() (git-fixes).
+- can: kvaser_usb: Fix possible completions during init_completion
+ (git-fixes).
+- openvswitch: switch from WARN to pr_warn (git-fixes).
+- can: mcp251x: mcp251x_can_probe(): add missing
+ unregister_candev() in error path (git-fixes).
+- can: mscan: mpc5xxx: mpc5xxx_can_probe(): add missing
+ put_clock() in error path (git-fixes).
+- mac802154: Fix LQI recording (git-fixes).
+- media: vivid: set num_in/outputs to 0 if not supported
+ (git-fixes).
+- media: videodev2.h: V4L2_DV_BT_BLANKING_HEIGHT should check
+ 'interlaced' (git-fixes).
+- media: v4l2-dv-timings: add sanity checks for blanking values
+ (git-fixes).
+- media: vivid: dev->bitmap_cap wasn't freed in all cases
+ (git-fixes).
+- media: vivid: s_fbuf: add more sanity checks (git-fixes).
+- can: kvaser_usb: kvaser_usb_leaf: fix CAN clock frequency
+ regression (git-fixes).
+- commit 78420ce
+
+- Add CVE reference to
+ patches.suse/net-usb-ax88179_178a-Fix-out-of-bounds-accesses-in-R.patch
+ (bsc#1196018 CVE-2022-28748 CVE-2022-2964).
+- commit 1298a2a
+
+- hmm-tests: add test for migrate_device_range() (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit ec3f1d0
+
+- nouveau/dmem: evict device private memory during release
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit ca9fd32
+
+- nouveau/dmem: refactor nouveau_dmem_fault_copy_one()
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 521539d
+
+- mm/migrate_device.c: add migrate_device_range() (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 63236a4
+
+- firmware_loader: move firmware sysctl to its own files
+ (PED-1263).
+- Refresh
+ patches.suse/firmware_loader-Split-sysfs-support-from-fallback.patch.
+- commit 8ae5e5b
+
+- mm/migrate_device.c: refactor migrate_vma and
+ migrate_deivce_coherent_page() (jsc#PED-1294, bsc#1204363,
+ CVE-2022-3523).
+- commit 7f2a998
+
+- mm/memremap.c: take a pgmap reference on page allocation
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 123f2df
+
+- mm/memremap: fix memunmap_pages() race with get_dev_pagemap()
+ (git-fixes).
+- commit 980c32f
+
+- mm/pagealloc: sysctl: change watermark_scale_factor max limit
+ to 30% (bnc#1189998 (PREEMPT_RT prerequisite backports)).
+- Refresh
+ patches.suse/sysctl-move-some-boundary-constants-from-sysctl.c-to.patch.
+ This was previously in the SLE15-SP4-RT branch to avoid a change in
+ behaviour of a sysctl after GA.
+- commit dce66e6
+
+- fpga: stratix10-soc: Do not use ret uninitialized in s10_probe()
+ (jsc#PED-1263).
+- commit 1865695
+
+- fpga: m10bmc-sec: d5005 bmc secure update driver (jsc#PED-1263).
+- commit a8f024e
+
+- fpga: dfl-pci: Add IDs for Intel N6000, N6001 and C6100 cards
+ (jsc#PED-1263).
+- commit 81df1d8
+
+- uio: dfl: add IOPLL user-clock feature id (jsc#PED-1263).
+- commit b574954
+
+- mfd: intel-m10-bmc: Add d5005 bmc secure update driver
+ (jsc#PED-1263).
+- commit ccd0f1e
+
+- memory: dfl-emif: Update the dfl emif driver support revision 1
+ (jsc#PED-1263).
+- commit ec569a6
+
+- regmap: spi-avmm: Use swabXX_array() helpers (jsc#PED-1263).
+- commit 4057de5
+
+- swab: Add array operations (jsc#PED-1263).
+- commit b633743
+
+- fpga: m10bmc-sec: Fix possible memory leak of flash_buf
+ (jsc#PED-1263).
+- commit c627d9d
+
+- firmware_loader: Fix memory leak in firmware upload
+ (jsc#PED-1263).
+- commit 19ff7e8
+
+- firmware_loader: Fix use-after-free during unregister
+ (jsc#PED-1263).
+- commit 4f92a6e
+
+- fpga: m10bmc-sec: add max10 secure update functions
+ (jsc#PED-1263).
+- commit fb127c6
+
+- fpga: m10bmc-sec: expose max10 canceled keys in sysfs
+ (jsc#PED-1263).
+- commit 4d15a2d
+
+- fpga: m10bmc-sec: expose max10 flash update count
+ (jsc#PED-1263).
+- commit 490a9aa
+
+- fpga: m10bmc-sec: create max10 bmc secure update (jsc#PED-1263).
+- commit bb9fcc7
+
+- mfd: intel-m10-bmc: Rename n3000bmc-secure driver
+ (jsc#PED-1263).
+- commit fc33834
+
+- firmware_loader: describe 'module' parameter of
+ firmware_upload_register() (jsc#PED-1263).
+- commit 103bb65
+
+- firmware_loader: Move definitions from sysfs_upload.h to sysfs.h
+ (jsc#PED-1263).
+- commit 87bae5e
+
+- firmware_loader: Fix configs for sysfs split (jsc#PED-1263).
+- commit 6a7a9b1
+
+- firmware_loader: Add sysfs nodes to monitor fw_upload
+ (jsc#PED-1263).
+- commit 7b04b8b
+
+- firmware_loader: Add firmware-upload support (jsc#PED-1263).
+- commit d2144d4
+
+- firmware_loader: Split sysfs support from fallback
+ (jsc#PED-1263).
+- commit e6134c4
+
+- firmware_loader: Check fw_state_is_done in loading_store
+ (jsc#PED-1263).
+- commit 87cb66d
+
+- firmware_loader: Clear data and size in fw_free_paged_buf
+ (jsc#PED-1263).
+- commit a0106fc
+
+- fpga: dfl: Allow Port to be linked to FME's DFL (jsc#PED-1263).
+- commit 54d7dcd
+
+- Documentation: fpga: dfl: add link address of feature id table
+ (jsc#PED-1263).
+- commit ae7ccad
+
+- fpga: dfl: check feature type before parse irq info
+ (jsc#PED-1263).
+- commit 7ba0e05
+
+- fpga: fpga-region: fix kernel-doc formatting issues
+ (jsc#PED-1263).
+- commit 8305210
+
+- fpga: fpga-mgr: fix kernel-doc warnings (jsc#PED-1263).
+- commit 4a86d8b
+
+- fpga: fix for coding style issues (jsc#PED-1263).
+- commit eefb2bb
+
+- uio: dfl: add HSSI subsystem feature id (jsc#PED-1263).
+- commit 942ce55
+
+- hwmon: (intel-m10-bmc-hwmon) use devm_hwmon_sanitize_name()
+ (jsc#PED-1263).
+- commit f3a8650
+
+- hwmon: introduce hwmon_sanitize_name() (jsc#PED-1263).
+- commit 1fef75a
+
+- fpga: dfl: pci: Remove usage of the deprecated
+ "pci-dma-compat.h" API (jsc#PED-1263).
+- commit 0f81b21
+
+- fpga: region: fix kernel-doc (jsc#PED-1263).
+- commit 7e5c728
+
+- fpga: region: Use standard dev_release for class driver
+ (jsc#PED-1263).
+- commit 3acc62e
+
+- fpga: bridge: Use standard dev_release for class driver
+ (jsc#PED-1263).
+- commit 3c81c95
+
+- fpga: mgr: Use standard dev_release for class driver
+ (jsc#PED-1263).
+- commit 9311bde
+
+- fpga: dfl: Avoid reads to AFU CSRs during enumeration
+ (jsc#PED-1263).
+- commit 9490eba
+
+- mfd: intel-m10-bmc: Add N5010 variant (jsc#PED-1263).
+- commit bffc1db
+
+- spi: spi-altera-dfl: support n5010 feature revision
+ (jsc#PED-1263).
+- Refresh
+ patches.suse/spi-spi-altera-dfl-Fix-an-error-handling-path.patch.
+- commit 88965da
+
+- fpga: dfl: expose feature revision from struct dfl_device
+ (jsc#PED-1263).
+- commit ac856ca
+
+- fpga: fpga-mgr: wrap the write_sg() op (jsc#PED-1263).
+- commit 8064ded
+
+- fpga: fpga-mgr: wrap the fpga_remove() op (jsc#PED-1263).
+- commit 67d203e
+
+- fpga: fpga-mgr: wrap the state() op (jsc#PED-1263).
+- commit 93c376a
+
+- fpga: fpga-mgr: wrap the status() op (jsc#PED-1263).
+- commit 69714b3
+
+- fpga: fpga-mgr: wrap the write() op (jsc#PED-1263).
+- commit 5cae3b0
+
+- fpga: fpga-mgr: make write_complete() op optional
+ (jsc#PED-1263).
+- commit 58d2ca4
+
+- fpga: fpga-mgr: wrap the write_init() op (jsc#PED-1263).
+- commit a678a0d
+
+- fpga: dfl: pci: add device IDs for Silicom N501x PAC cards
+ (jsc#PED-1263).
+- commit decfdaa
+
+- mm: free device private pages have zero refcount (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 476ed92
+
+- fpga: fpga-bridge: removed repeated word (jsc#PED-1263).
+- commit 9fd1af8
+
+- fpga: fix spelling mistakes (jsc#PED-1263).
+- commit 52e3a64
+
+- docs: driver-api: fpga: avoid using UTF-8 chars (jsc#PED-1263).
+- commit d967010
+
+- hwmon: intel-m10-bmc-hwmon: add n5010 sensors (jsc#PED-1263).
+- commit 1130849
+
+- Update config and supported.conf for Intel FPGA (jsc#PED-1263)
+ CONFIG_FW_LOADER_SYSFS=y
+ CONFIG_FW_UPLOAD=y
+ CONFIG_FPGA_M10_BMC_SEC_UPDATE=m
+ CONFIG_MFD_INTEL_M10_BMC=m
+ CONFIG_SENSORS_INTEL_M10_BMC_HWMON=m
+ CONFIG_REGMAP_SPI_AVMM=m
+- commit 20596f5
+
+- HID: hidraw: fix memory leak in hidraw_release() (git-fixes).
+- commit 0e980ee
+
+- octeontx2-pf: Fix NIX_AF_TL3_TL2X_LINKX_CFG register
+ configuration (git-fixes).
+- commit cc822b8
+
+- octeontx2-af: Fix key checking for source mac (git-fixes).
+- commit 2b15002
+
+- octeontx2-af: Fix mcam entry resource leak (git-fixes).
+- commit 1934a04
+
+- octeontx2-af: suppress external profile loading warning
+ (git-fixes).
+- commit f03aa66
+
+- octeontx2-af: Apply tx nibble fixup always (git-fixes).
+- commit 127ded0
+
+- net: tap: NULL pointer derefence in dev_parse_header_protocol
+ when skb->dev is null (git-fixes).
+- commit fd012c5
+
+- nfp: ethtool: fix the display error of `ethtool -m DEVNAME`
+ (git-fixes).
+- commit 145a612
+
+- net/ice: fix initializing the bitmap in the switch code
+ (git-fixes).
+- commit 1864c2e
+
+- s390/pai: Fix multiple concurrent event installation
+ (jsc#PED-598).
+- s390/pai: Prevent invalid event number for pai_crypto PMU
+ (jsc#PED-598).
+- s390/pai: add support for cryptography counters (jsc#PED-598).
+- entry: Rename arch_check_user_regs() to
+ arch_enter_from_user_mode() (jsc#PED-598).
+- commit 4a60553
+
+- net/mlx5e: xsk: Account for XSK RQ UMRs when calculating ICOSQ
+ size (git-fixes).
+- commit 0f9b4b8
+
+- net/mlx5e: Remove WARN_ON when trying to offload an unsupported
+ TLS cipher/version (git-fixes).
+- commit 26fe2e5
+
+- netdevsim: fib: Fix reference count leak on route deletion
+ failure (git-fixes).
+- commit ef84aaa
+
+- ice: do not setup vlan for loopback VSI (git-fixes).
+- commit 2f72810
+
+- ice: check (DD | EOF) bits on Rx descriptor rather than (EOP |
+ RS) (git-fixes).
+- commit c63938e
+
+- can: kvaser_usb: replace run-time checks with struct
+ kvaser_usb_driver_info (git-fixes).
+- commit 435b54b
+
+- sfc: disable softirqs for ptp TX (git-fixes).
+- commit def7cc9
+
+- octeontx2-pf: Fix UDP/TCP src and dst port tc filters
+ (git-fixes).
+- commit a2053ff
+
+- net: fix IFF_TX_SKB_NO_LINEAR definition (git-fixes).
+- commit 36a8155
+
+- selftests: cgroup: add a selftest for memory.reclaim
+ (jsc#PED-808).
+- selftests: cgroup: fix alloc_anon_noexit() instantly freeing
+ memory (jsc#PED-808).
+- selftests: cgroup: return -errno from cg_read()/cg_write()
+ on failure (jsc#PED-808).
+- memcg: introduce per-memcg reclaim interface (jsc#PED-808).
+- commit ee3f4a3
+
+- thermal: intel_powerclamp: Use first online CPU as control_cpu
+ (git-fixes).
+- thermal/drivers/qcom/tsens-v0_1: Fix MSM8939 fourth sensor hw_id
+ (git-fixes).
+- staging: rtl8723bs: fix a potential memory leak in
+ rtw_init_cmd_priv() (git-fixes).
+- staging: vt6655: fix potential memory leak (git-fixes).
+- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
+- thunderbolt: Explicitly enable lane adapter hotplug events at
+ startup (git-fixes).
+- usb: idmouse: fix an uninit-value in idmouse_open (git-fixes).
+- usb: dwc3: core: Enable GUCTL1 bit 10 for fixing termination
+ error after resume bug (git-fixes).
+- usb: musb: Fix musb_gadget.c rxstate overflow bug (git-fixes).
+- usb: host: xhci: Fix potential memory leak in
+ xhci_alloc_stream_info() (git-fixes).
+- usb: host: xhci-plat: suspend/resume clks for brcm (git-fixes).
+- usb: host: xhci-plat: suspend and resume clocks (git-fixes).
+- soundwire: intel: fix error handling on dai registration issues
+ (git-fixes).
+- soundwire: cadence: Don't overwrite msg->buf during write
+ commands (git-fixes).
+- kselftest/arm64: Fix validatation termination record after
+ EXTRA_CONTEXT (git-fixes).
+- soc/tegra: fuse: Drop Kconfig dependency on TEGRA20_APB_DMA
+ (git-fixes).
+- udmabuf: Set ubuf->sg = NULL if the creation of sg table fails
+ (git-fixes).
+- spi: Ensure that sg_table won't be used after being freed
+ (git-fixes).
+- wifi: rt2x00: correctly set BBP register 86 for MT7620
+ (git-fixes).
+- wifi: rt2x00: set SoC wmac clock register (git-fixes).
+- wifi: rt2x00: set VGC gain for both chains of MT7620
+ (git-fixes).
+- wifi: rt2x00: set correct TX_SW_CFG1 MAC register for MT7620
+ (git-fixes).
+- wifi: rt2x00: don't run Rt5592 IQ calibration on MT7620
+ (git-fixes).
+- wifi: mt76: mt7921: reset msta->airtime_ac while clearing up
+ hw value (git-fixes).
+- wifi: brcmfmac: fix use-after-free bug in
+ brcmf_netdev_start_xmit() (git-fixes).
+- wifi: ath9k: avoid uninit memory read in ath9k_htc_rx_msg()
+ (git-fixes).
+- thunderbolt: Add back Intel Falcon Ridge end-to-end flow
+ control workaround (git-fixes).
+- wifi: brcmfmac: fix invalid address access when enabling SCAN
+ log level (git-fixes).
+- selinux: use "grep -E" instead of "egrep" (git-fixes).
+- thermal: cpufreq_cooling: Check the policy first in
+ cpufreq_cooling_register() (git-fixes).
+- thermal: intel_powerclamp: Use get_cpu() instead of
+ smp_processor_id() to avoid crash (git-fixes).
+- selinux: allow FIOCLEX and FIONCLEX with policy capability
+ (git-fixes).
+- commit 2b3f1b5
+
+- gcov: support GCC 12.1 and newer compilers (git-fixes).
+- drm/amd/display: Fix build breakage with CONFIG_DEBUG_FS=n
+ (git-fixes).
+- drm/amd/display: Fix vblank refcount in vrr transition
+ (git-fixes).
+- kbuild: rpm-pkg: fix breakage when V=1 is used (git-fixes).
+- kbuild: remove the target in signal traps when interrupted
+ (git-fixes).
+- clk: bcm2835: Make peripheral PLLC critical (git-fixes).
+- clk: zynqmp: pll: rectify rate rounding in zynqmp_pll_round_rate
+ (git-fixes).
+- clk: zynqmp: Fix stack-out-of-bounds in strncpy` (git-fixes).
+- staging: rtl8723bs: fix potential memory leak in
+ rtw_init_drv_sw() (git-fixes).
+- iio: pressure: dps310: Reset chip after timeout (git-fixes).
+- iio: pressure: dps310: Refactor startup procedure (git-fixes).
+- dmaengine: ti: k3-udma: Reset UDMA_CHAN_RT byte counters to
+ prevent overflow (git-fixes).
+- power: supply: adp5061: fix out-of-bounds read in
+ adp5061_get_chg_type() (git-fixes).
+- HID: roccat: Fix use-after-free in roccat_read() (git-fixes).
+- media: cx88: Fix a null-ptr-deref bug in buffer_prepare()
+ (git-fixes).
+- drm/amd/display: Remove interface for periodic interrupt 1
+ (git-fixes).
+- drm/meson: explicitly remove aggregate driver at module unload
+ time (git-fixes).
+- drm/amdgpu: fix initial connector audio value (git-fixes).
+- drm: panel-orientation-quirks: Add quirk for Anbernic Win600
+ (git-fixes).
+- drm: bridge: dw_hdmi: only trigger hotplug event on link change
+ (git-fixes).
+- drm/nouveau/kms/nv140-: Disable interlacing (git-fixes).
+- gpu: lontium-lt9611: Fix NULL pointer dereference in
+ lt9611_connector_init() (git-fixes).
+- drm/komeda: Fix handling of atomic commits in the
+ atomic_commit_tail hook (git-fixes).
+- drm/virtio: Check whether transferred 2D BO is shmem
+ (git-fixes).
+- drm: Prevent drm_copy_field() to attempt copying a NULL pointer
+ (git-fixes).
+- drm: Use size_t type for len variable in drm_copy_field()
+ (git-fixes).
+- drm/nouveau/nouveau_bo: fix potential memory leak in
+ nouveau_bo_alloc() (git-fixes).
+- platform/x86: msi-laptop: Change DMI match / alias strings to
+ fix module autoloading (git-fixes).
+- platform/chrome: cros_ec: Notify the PM of wake events during
+ resume (git-fixes).
+- mmc: sdhci-msm: add compatible string check for sdm670
+ (git-fixes).
+- regulator: core: Prevent integer underflow (git-fixes).
+- hwmon: (sht4x) do not overflow clamping operation on 32-bit
+ platforms (git-fixes).
+- net: ethernet: ti: davinci_mdio: fix build for mdio bitbang uses
+ (git-fixes).
+- openvswitch: Fix overreporting of drops in dropwatch
+ (git-fixes).
+- openvswitch: Fix double reporting of drops in dropwatch
+ (git-fixes).
+- net: ethernet: ti: davinci_mdio: Add workaround for errata i2329
+ (git-fixes).
+- ima: fix blocking of security.ima xattrs of unsupported
+ algorithms (git-fixes).
+- commit 73e3036
+
+- arm64: topology: move store_cpu_topology() to shared code
+ (git-fixes).
+- arm64: dts: imx8mp: Add snps,gfladj-refclk-lpm-sel quirk to
+ USB nodes (git-fixes).
+- ata: libahci_platform: Sanity check the DT child nodes number
+ (git-fixes).
+- arm64: dts: imx8mq-librem5: Add bq25895 as max17055's power
+ supply (git-fixes).
+- ARM: dts: imx6sx: add missing properties for sram (git-fixes).
+- ARM: dts: imx6sll: add missing properties for sram (git-fixes).
+- ARM: dts: imx6sl: add missing properties for sram (git-fixes).
+- ARM: dts: imx6qp: add missing properties for sram (git-fixes).
+- ARM: dts: imx6dl: add missing properties for sram (git-fixes).
+- ARM: dts: imx6q: add missing properties for sram (git-fixes).
+- ARM: dts: imx7d-sdb: config the max pressure for tsc2046
+ (git-fixes).
+- ARM: 9242/1: kasan: Only map modules if CONFIG_KASAN_VMALLOC=n
+ (git-fixes).
+- ASoC: SOF: pci: Change DMI match info to support all Chrome
+ platforms (git-fixes).
+- ALSA: usb-audio: Fix last interface check for registration
+ (git-fixes).
+- ALSA: usb-audio: Register card at the last interface
+ (git-fixes).
+- Bluetooth: L2CAP: Fix user-after-free (git-fixes).
+- Bluetooth: hci_sysfs: Fix attempting to call device_add multiple
+ times (git-fixes).
+- Bluetooth: L2CAP: initialize delayed works at
+ l2cap_chan_create() (git-fixes).
+- Bluetooth: RFCOMM: Fix possible deadlock on socket
+ shutdown/release (git-fixes).
+- Bluetooth: btintel: Mark Intel controller to support LE_STATES
+ quirk (git-fixes).
+- can: bcm: check the result of can_send() in bcm_can_tx()
+ (git-fixes).
+- ARM: decompressor: Include .data.rel.ro.local (git-fixes).
+- ACPI: video: Add Toshiba Satellite/Portege Z830 quirk
+ (git-fixes).
+- ACPI: x86: Add a quirk for Dell Inspiron 14 2-in-1 for
+ StorageD3Enable (git-fixes).
+- ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid
+ phys address (git-fixes).
+- ARM: 9247/1: mm: set readonly for MT_MEMORY_RO with ARM_LPAE
+ (git-fixes).
+- ARM: 9244/1: dump: Fix wrong pg_level in walk_pmd() (git-fixes).
+- commit de318d1
+
+- blacklist.conf: update blacklist
+- commit 78ca650
+
+- kABI: Fix kABI after backport Forcibly leave nested virt when SMM state
+ is toggled (git-fixes).
+- commit 8343da0
+
+- kABI: Fix kABI after backport Refactoring find_arch_event() to
+ pmc_perf_hw_id() (git-fixes).
+- commit 44b42bd
+
+- mm/hugetlb: fix races when looking up a CONT-PTE/PMD size
+ hugetlb page (bsc#1204575).
+- commit e6fc5be
+
+- kABI: Fix kABI after backport Update vPMCs when retiring branch
+ instructions (git-fixes).
+- commit 4209455
+
+- kABI: Fix kABI after backport Add pmc->intr to refactor
+ kvm_perf_overflow{_intr}() (git-fixes).
+- commit 9fc8292
+
+- platform/x86/intel: pmc/core: Add Raptor Lake support to pmc
+ core driver (jsc#PED-1035).
+- platform/x86/intel/vsec: Add support for Raptor Lake
+ (jsc#PED-1036).
+- commit e86728a
+
+- drm/amdkfd: use kvcalloc() instead of kvmalloc() in kfd_migrate
+ (jsc#PED-1294).
+- commit ceef9d9
+
+- drm/amdkfd: Handle incomplete migration to system memory
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit 002b524
+
+- drm/amdkfd: Avoid thrashing of stack and heap (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 61d33f6
+
+- drm/amdkfd: avoid conflicting address mappings (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- Refresh
+ patches.suse/drm-amdkfd-process_info-lock-not-needed-for-svm.patch.
+- commit aa4245a
+
+- drm/amdkfd: unregistered svm range not overlap with TTM range
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit eb3c57d
+
+- Do not enable CONFIG_ATARI_PARTITION (jsc#PED-1573).
+- commit 0605d12
+
+- drm/amdkfd: Fix SVM_ATTR_PREFERRED_LOC (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 2022943
+
+- mm/memory.c: fix race when faulting a device private page
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit fa41dd0
+
+- drm/amdkfd: debug message to count successfully migrated pages
+ (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit a83f8ae
+
+- drm/amdkfd: clarify the origin of cpages returned by migration
+ functions (jsc#PED-1294, bsc#1204363, CVE-2022-3523).
+- commit b72c8a9
+
+- drm/amdkfd: handle svm partial migration cpages 0 (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit 51450c1
+
+- drm/amdkfd: ratelimited svm debug messages (jsc#PED-1294,
+ bsc#1204363, CVE-2022-3523).
+- commit f314d31
+
+- KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors
+ (git-fixes).
+- commit 22e05f5
+
+- overflow.h: restore __ab_c_size (git-fixes).
+- commit 9dbc158
+
+- KVM: x86: Add KVM_CAP_ENABLE_CAP to x86 (git-fixes).
+- commit 3acb74c
+
+- KVM: x86/pmu: Don't truncate the PerfEvtSeln MSR when creating
+ a perf event (git-fixes).
+- commit 9a723c2
+
+- overflow: Implement size_t saturating arithmetic helpers
+ (jsc#PED-1211).
+- commit fecede0
+
+- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset
+ (bsc#1204753).
+- commit d072831
+
+- blacklist.conf: Add cgroup: cgroup: Honor caller's cgroup NS when resolving cgroup id
+- commit 382b2e7
+
+- blacklist.conf: Add c530a3c716b9 sched/psi: Fix periodic aggregation shut off
+- commit 56b9a2a
+
+- KVM: x86: nSVM/nVMX: set nested_run_pending on VM entry which
+ is a result of RSM (git-fixes).
+- commit 274c60f
+
+- powerpc/fadump: align destination address to pagesize
+ (bsc#1204728 ltc#200074).
+- commit 5377513
+
+- KVM: x86: nSVM: mark vmcb01 as dirty when restoring SMM saved
+ state (git-fixes).
+- commit cd056ba
+
+- KVM: x86: nSVM: fix potential NULL derefernce on nested
+ migration (git-fixes).
+- commit 272884f
+
+- KVM: x86: Sync the states size with the XCR0/IA32_XSS at,
+ any time (git-fixes).
+- commit c927187
+
+- KVM: x86: Keep MSR_IA32_XSS unchanged for INIT (git-fixes).
+- commit c61458a
+
+- KVM: x86: Forcibly leave nested virt when SMM state is toggled
+ (git-fixes).
+- commit f22036a
+
+- Update patches.suse/usb-mon-make-mmapped-memory-read-only.patch
+ (bsc#1204653 CVE-2022-43750).
+ Added CVE and bsc
+- commit 93b1d48
+
+- KVM: x86/pmu: Fix available_event_types check for REF_CPU_CYCLES
+ event (git-fixes).
+- commit 436d9eb
+
+- KVM: x86: Update vPMCs when retiring branch instructions
+ (git-fixes).
+- Refresh
+ patches.suse/kvm-emulate-do-not-adjust-size-of-fastop-and-setcc-subroutines.patch.
+- commit 1f8391b
+
+- KVM: x86: Update vPMCs when retiring instructions (git-fixes).
+- commit c4d4a64
+
+- KVM: x86/pmu: Add pmc->intr to refactor
+ kvm_perf_overflow{_intr}() (git-fixes).
+- commit 91025b1
+
+- KVM: x86/pmu: Refactoring find_arch_event() to pmc_perf_hw_id()
+ (git-fixes).
+- commit 8080b0e
+
+- kABI: Fix kABI after backport Always set kvm_run->if_flag
+ (git-fixes).
+- KVM: x86: Always set kvm_run->if_flag (git-fixes).
+- commit daa5fd4
+
+- KVM: x86/mmu: Don't advance iterator after restart due to
+ yielding (git-fixes).
+- commit 86c02c7
+
+- KVM: x86/mmu: Retry page fault if root is invalidated by
+ memslot update (git-fixes).
+- commit c96dbdc
+
+- KVM: fix avic_set_running for preemptable kernels (git-fixes).
+- commit 457ae39
+
+- KVM: x86: Add compat handler for KVM_X86_SET_MSR_FILTER
+ (git-fixes).
+- commit 58e3def
+
+- xen/gntdev: Prevent leaking grants (git-fixes).
+- commit 73a7df7
+
+- KVM: nVMX: Ignore SIPI that arrives in L2 when vCPU is not in
+ WFS (git-fixes).
+- commit 8c88ccd
+
+- KVM: nVMX: Unconditionally purge queued/injected events on
+ nested "exit" (git-fixes).
+- commit f7976c7
+
+- KVM: x86/emulator: Fix handing of POP SS to correctly set
+ interruptibility (git-fixes).
+- commit 938654e
+
+- usb: gadget: f_fs: stricter integer overflow checks (git-fixes).
+- commit 07d2846
+
+- blacklist.conf: prerequisites too risky
+- commit 93c5479
+
+- scsi: mpi3mr: Schedule IRQ kthreads only on non-RT kernels
+ (bnc#1204498).
+- commit e73c4d3
+
+- lib/string_helpers: Consolidate string helpers implementation
+ (jsc#PED-1211).
+- commit fa50192
+
+- usb: cdc-wdm: Use skb_put_data() instead of skb_put/memcpy pair
+ (git-fixes).
+- commit a0de208
+
+- iommu: Add capability for pre-boot DMA protection
+ (jsc#PED-1211).
+- commit 531fe4a
+
+- iommu: Use right way to retrieve iommu_ops (jsc#PED-1211).
+- commit 48ca01b
+
+- Update patch reference for
+ patches.suse/devlink-Fix-use-after-free-after-a-failed-reload.patch
+ (git-fixes bsc#1204637 CVE-2022-3625).
+- commit fd50fbc
+
+- pinctrl: Ingenic: JZ4755 bug fixes (git-fixes).
+- dyndbg: let query-modname override actual module name
+ (git-fixes).
+- dyndbg: fix module.dyndbg handling (git-fixes).
+- dyndbg: fix static_branch manipulation (git-fixes).
+- commit afe6697
+
+- io_uring: use original request task for inflight tracking
+ (CVE-2022-40476 bsc#1203435).
+- commit 941d6b4
+
+- Update
+ patches.suse/powerpc-pseries-vas-Pass-hw_cpu_id-to-node-associati.patch
+ (bsc#1194869 bsc#1204428 ltc#200180).
+- commit fe8b379
+
+- ring-buffer: Check pending waiters when doing wake ups as well
+ (git-fixes).
+- commit d934ca7
+
+- ring-buffer: Have the shortest_full queue be the shortest not
+ longest (git-fixes).
+- commit ed18dc7
+
+- ring-buffer: Allow splice to read previous partially read pages
+ (git-fixes).
+- commit 4649dee
+
+- iommu: Introduce device_iommu_capable() (jsc#PED-1211).
+- commit 7a5b8e8
+
+- ftrace: Properly unset FTRACE_HASH_FL_MOD (git-fixes).
+- commit 554a8e9
+
+- net: mvpp2: fix mvpp2 debugfs leak (bsc#1204417 CVE-2022-3535).
+- bnx2x: fix potential memory leak in bnx2x_tpa_stop()
+ (bsc#1204402 CVE-2022-3542).
+- nfp: fix use-after-free in area_cache_get() (bsc#1204415
+ CVE-2022-3545).
+- commit 8e53774
+
+- tracing/osnoise: Fix possible recursive locking in
+ stop_per_cpu_kthreads (git-fixes).
+- commit f81f58f
+
+- tracing: Replace deprecated CPU-hotplug functions (git-fixes).
+- Refresh
+ patches.suse/tracing-osnoise-Fix-missed-cpus_read_unlock-in-start_per_cpu_kthreads.patch.
+- commit b1bca55
+
+- tracing: kprobe: Make gen test module work in arm and riscv
+ (git-fixes).
+- commit 57b2377
+
+- tracing: kprobe: Fix kprobe event gen test module on exit
+ (git-fixes).
+- commit 81447e5
+
+- thunderbolt: Add support for XDomain lane bonding
+ (jsc#PEd-1211).
+- commit 75a8fa9
+
+- thunderbolt: Ignore port locked error in
+ tb_port_wait_for_link_width() (jsc#PED-1211).
+- commit bf76347
+
+- thunderbolt: Split setting link width and lane bonding into
+ own functions (jsc#PEd-1211).
+- commit fc051e6
+
+- thunderbolt: Move tb_port_state() prototype to correct place
+ (jsc#PED-1211).
+- commit d0ed8bf
+
+- nilfs2: fix leak of nilfs_root in case of writer thread creation
+ failure (CVE-2022-3646 bsc#1204646).
+- nilfs2: fix use-after-free bug of struct nilfs_root
+ (CVE-2022-3649 bsc#1204647).
+- commit af91749
+
+- Update patch reference for vsock fix (CVE-2022-3629 bsc#1204635)
+- commit 6c49703
+
+- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
+ (CVE-2022-3640 bsc#1204619).
+- commit 5d68cf0
+
+- can: j1939: j1939_session_destroy(): fix memory leak of skbs
+ (CVE-2022-3633 bsc#1204650).
+- commit da3122e
+
+- thunderbolt: Add debug logging when lane is enabled/disabled
+ (jesc#PEd-531).
+- commit ca2d7e5
+
+- thunderbolt: Link USB4 ports to their USB Type-C connectors
+ (jsc#PED-1211).
+- commit f9e0651
+
+- thunderbolt: Make iommu_dma_protection more accurate
+ (jsc#PED-1211).
+- commit 318d5c5
+
+- thunderbolt: Dump path config space entries during discovery
+ (jsc#PED-1211).
+- commit 1ac89ca
+
+- Reference JIRA Impl instead Epic: jsc#PED-448 -> jsc#PED-594
+- Reference JIRA Impl instead Epic: jsc#PED-455 -> jsc#PED-588
+- commit 64fa841
+
+- s390/airq: use DMA memory for summary indicators (jsc#PED-596).
+- s390/zcrypt: Provide target domain for EP11 cprbs to scheduling
+ function (jsc#PED-596).
+- s390/zcrypt: change reply buffer size offering (jsc#PED-596).
+- s390/zcrypt: Support CPRB minor version T7 (jsc#PED-596).
+- s390/zcrypt: handle checkstopped cards with new state
+ (jsc#PED-596).
+- s390/zcrypt: CEX8S exploitation support (jsc#PED-596).
+- s390/ap/zcrypt: debug feature improvements (jsc#PED-596).
+- s390/zcrypt: rework of debug feature messages (jsc#PED-596).
+- commit caf5220
+
+- KVM: s390x: fix SCK locking (git-fixes).
+- KVM: s390: Clarify SIGP orders versus STOP/RESTART (git-fixes).
+- commit aa7345b
+
+- i2c: qcom-cci: Fix ordering of pm_runtime_xx and i2c_add_adapter
+ (git-fixes).
+- media: venus: dec: Handle the case where find_format fails
+ (git-fixes).
+- media: atomisp: prevent integer overflow in
+ sh_css_set_black_frame() (git-fixes).
+- media: ipu3-imgu: Fix NULL pointer dereference in active
+ selection access (git-fixes).
+- media: v4l2: Fix v4l2_i2c_subdev_set_name function documentation
+ (git-fixes).
+- media: mceusb: set timeout to at least timeout provided
+ (git-fixes).
+- commit fbd2a07
+
+- Update patches.suse/watchdog-hpwdt-Include-nmi.h-only-if-CONFIG_HPWDT_NM.patch (git-fixes, jsc#PED-1694).
+ Add reference to jsc#PED-1694.
+- commit 2064b90
+
+- watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems. (jsc#PED-1694)
+ Enable HP ProLiant iLO2+ Hardware Watchdog Timer
+- commit f0e3a55
+
+- scsi: core: Remove the 'done' argument from SCSI
+ queuecommand_lck functions (jsc#PED-1561).
+- scsi: fas216: Introduce the function
+ fas216_queue_command_internal() (jsc#PED-1561).
+- scsi: core: Call scsi_done directly (jsc#PED-1561).
+- scsi: usb: Call scsi_done() directly (jsc#PED-1561).
+- scsi: target: tcm_loop: Call scsi_done() directly
+ (jsc#PED-1561).
+- scsi: staging: rts5208: Call scsi_done() directly
+ (jsc#PED-1561).
+- scsi: xen-scsifront: Call scsi_done() directly (jsc#PED-1561).
+- scsi: wd719x: Call scsi_done() directly (jsc#PED-1561).
+- scsi: wd33c93: Call scsi_done() directly (jsc#PED-1561).
+- scsi: vmw_pvscsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: virtio_scsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ufs: Call scsi_done() directly (jsc#PED-1561).
+- scsi: sym53c8xx_2: Call scsi_done() directly (jsc#PED-1561).
+- scsi: storvsc_drv: Call scsi_done() directly (jsc#PED-1561).
+- scsi: stex: Call scsi_done() directly (jsc#PED-1561).
+- scsi: snic: Call scsi_done() directly (jsc#PED-1561).
+- scsi: smartpqi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: scsi_debug: Call scsi_done() directly (jsc#PED-1561).
+- scsi: qlogicpti: Call scsi_done() directly (jsc#PED-1561).
+- scsi: qlogicfas408: Call scsi_done() directly (jsc#PED-1561).
+- scsi: qla4xxx: Call scsi_done() directly (jsc#PED-1561).
+- commit baefb85
+
+- scsi: qla2xxx: Call scsi_done() directly (jsc#PED-1561).
+- Refresh
+ patches.suse/scsi-qla2xxx-Implement-ref-count-for-SRB.patch.
+- Refresh
+ patches.suse/scsi-qla2xxx-Stop-using-the-SCSI-pointer.patch.
+- commit 47bbcd3
+
+- scsi: qla1280: Call scsi_done() directly (jsc#PED-1561).
+- scsi: qedf: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ps3rom: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ppa: Call scsi_done() directly (jsc#PED-1561).
+- commit b80549e
+
+- scsi: pmcraid: Call scsi_done() directly (jsc#PED-1561).
+- commit 881416d
+
+- scsi: pcmcia: Call scsi_done() directly (jsc#PED-1561).
+- scsi: nsp32: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ncr53c8xx: Call scsi_done() directly (jsc#PED-1561).
+- scsi: myrs: Call scsi_done() directly (jsc#PED-1561).
+- scsi: myrb: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mvumi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mpt3sas: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mpi3mr: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mesh: Call scsi_done() directly (jsc#PED-1561).
+- scsi: megaraid: Call scsi_done() directly (jsc#PED-1561).
+- scsi: megaraid_sas: Call scsi_done() directly (jsc#PED-1561).
+- scsi: megaraid_mbox: Call scsi_done() directly (jsc#PED-1561).
+- scsi: mac53c94: Call scsi_done() directly (jsc#PED-1561).
+- scsi: lpfc: Call scsi_done() directly (jsc#PED-1561).
+- scsi: libsas: Call scsi_done() directly (jsc#PED-1561).
+- scsi: libiscsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: libfc: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ips: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ipr: Call scsi_done() directly (jsc#PED-1561).
+- scsi: initio: Call scsi_done() directly (jsc#PED-1561).
+- scsi: imm: Call scsi_done() directly (jsc#PED-1561).
+- commit 76ef02d
+
+- cpufreq: qcom: fix writes in read-only memory region
+ (git-fixes).
+- cpufreq: qcom: fix memory leak in error path (git-fixes).
+- ACPI: extlog: Handle multiple records (git-fixes).
+- HID: magicmouse: Do not set BTN_MOUSE on double report
+ (git-fixes).
+- selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in
+ convert_context() (git-fixes).
+- commit a940189
+
+- ALSA: hda/realtek: Add another HP ZBook G9 model quirks
+ (bsc#1203699).
+- commit 9b4cf06
+
+- scsi: ibmvscsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: hptiop: Call scsi_done() directly (jsc#PED-1561).
+- scsi: hpsa: Call scsi_done() directly (jsc#PED-1561).
+- scsi: fnic: Call scsi_done() directly (jsc#PED-1561).
+- scsi: fdomain: Call scsi_done() directly (jsc#PED-1561).
+- scsi: fas216: Stop using scsi_cmnd.scsi_done (jsc#PED-1561).
+- scsi: esp_scsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: esas2r: Call scsi_done() directly (jsc#PED-1561).
+- scsi: dpt_i2o: Call scsi_done() directly (jsc#PED-1561).
+- scsi: dc395x: Call scsi_done() directly (jsc#PED-1561).
+- scsi: cxlflash: Call scsi_done() directly (jsc#PED-1561).
+- scsi: csiostor: Call scsi_done() directly (jsc#PED-1561).
+- scsi: bnx2fc: Call scsi_done() directly (jsc#PED-1561).
+- scsi: bfa: Call scsi_done() directly (jsc#PED-1561).
+- scsi: atp870u: Call scsi_done() directly (jsc#PED-1561).
+- scsi: arcmsr: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aic7xxx: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aha1542: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aha152x: Call scsi_done() directly (jsc#PED-1561).
+- scsi: advansys: Call scsi_done() directly (jsc#PED-1561).
+- scsi: acornscsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aacraid: Call scsi_done() directly (jsc#PED-1561).
+- scsi: aacraid: Introduce aac_scsi_done() (jsc#PED-1561).
+- scsi: a100u2w: Call scsi_done() directly (jsc#PED-1561).
+- scsi: NCR5380: Call scsi_done() directly (jsc#PED-1561).
+- commit 4088abf
+
+- scsi: BusLogic: Call scsi_done() directly (jsc#PED-1561).
+- scsi: 53c700: Call scsi_done() directly (jsc#PED-1561).
+- scsi: 3w-xxxx: Call scsi_done() directly (jsc#PED-1561).
+- scsi: 3w-sas: Call scsi_done() directly (jsc#PED-1561).
+- scsi: 3w-9xxx: Call scsi_done() directly (jsc#PED-1561).
+- scsi: zfcp_scsi: Call scsi_done() directly (jsc#PED-1561).
+- scsi: message: fusion: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ib_srp: Call scsi_done() directly (jsc#PED-1561).
+- scsi: firewire: sbp2: Call scsi_done() directly (jsc#PED-1561).
+- scsi: ata: Call scsi_done() directly (jsc#PED-1561).
+- commit 8b9488f
+
+- scsi: core: Rename scsi_mq_done() into scsi_done() and export it
+ (jsc#PED-1561).
+- scsi: core: Use a structure member to track the SCSI command
+ submitter (jsc#PED-1561).
+- commit 217e4e6
+
+- efi: Simplify arch_efi_call_virt() macro (jsc#PED-1408).
+- commit 736e2d1
+
+- scsi: pmcraid: Fix missing resource cleanup in error case
+ (jsc#PED-1561).
+- scsi: pmcraid: Fix typo in comment (jsc#PED-1561).
+- scsi: pmcraid: Remove unneeded semicolon (jsc#PED-1561).
+- scsi: pmcraid: Remove the PMCRAID_PASSTHROUGH_IOCTL ioctl
+ implementation (jsc#PED-1561).
+- scsi: pmcraid: Don't use GFP_DMA in pmcraid_alloc_sglist()
+ (jsc#PED-1561).
+- scsi: pmcraid: Fix a kernel-doc warning (jsc#PED-1561).
+- scsi: pmcraid: Switch to attribute groups (jsc#PED-1561).
+- scsi: core: Register sysfs attributes earlier (jsc#PED-1561).
+- commit 65ed53e
+
+- blacklist.conf: add an entry for IDXD that has been already fixed
+- commit 7531ae1
+
+- dmaengine: idxd: force wq context cleanup on device disable path
+ (git-fixes).
+- commit e06ba18
+
+- nilfs2: fix NULL pointer dereference at
+ nilfs_bmap_lookup_at_level() (CVE-2022-3621 bsc#1204574).
+- commit f8016b1
+
+- ALSA: hda/realtek: Add quirk for ASUS Zenbook using CS35L41
+ (bsc#1203922).
+- commit 1d187cf
+
+- Move upstreamed sound patches into sorted section
+- commit 4c058b6
+
+- Bluetooth: L2CAP: Fix memory leak in vhci_write (CVE-2022-3619
+ bsc#1204569).
+- commit b649754
+
+- iommu: Introduce a callback to struct iommu_resv_region
+ (jsc#PED-1408).
+- commit 480aace
+
+- drm/amdgpu: fix sdma doorbell init ordering on APUs (git-fixes).
+- net: phy: dp83822: disable MDI crossover status change interrupt
+ (git-fixes).
+- wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new()
+ (git-fixes).
+- net: phy: dp83867: Extend RX strap quirk for SGMII mode
+ (git-fixes).
+- ata: ahci-imx: Fix MODULE_ALIAS (git-fixes).
+- commit 273eb71
+
+- arm64: topology: Remove redundant setting of llc_id in CPU
+ topology (jsc#PED-1408).
+- commit 2ac7bb1
+
+- hisi_lpc: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- soundwire: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- commit a5a010e
+
+- powerpc/64s: Fix build failure when CONFIG_PPC_64S_HASH_MMU
+ is not set (bsc#1204413 ltc#200176).
+- commit 0850b12
+
+- powerpc/pseries: Stop selecting PPC_HASH_MMU_NATIVE (bsc#1204413 ltc#200176).
+- Refresh patches.suse/powerpc-Rename-PPC_NATIVE-to-PPC_HASH_MMU_NATIVE.patch.
+- commit abb9ade
+
+- thunderbolt: ACPI: Replace tb_acpi_find_port() with
+ acpi_find_child_by_adr() (jsc#PED-1408).
+- commit b06ed1f
+
+- powerpc/64s: Make hash MMU support configurable (bsc#1204413 ltc#200176).
+- Refresh patches.suse/lkdtm-disable-return-thunks-in-rodata-c.patch.
+ Update config files.
+- commit 5b2abcf
+
+- platform/x86/thinkpad_acpi: Use acpi_dev_for_each_child()
+ (jsc#PED-1408).
+- platform/x86: Replace acpi_bus_get_device() (jsc#PED-1408).
+- commit e8f90ff
+
+- fuse: fix deadlock between atomic O_TRUNC and page invalidation
+ (bsc#1204533).
+- commit a0e6630
+
+- USB: ACPI: Replace usb_acpi_find_port() with
+ acpi_find_child_by_adr() (jsc#PED-1408).
+- commit 1538aed
+
+- Correct JIRA reference to Impl entries (jsc#PED-588 jsc#PED-594 jsc#PED-812 jsc#PED-826 jsc#PED-827 jsc#PED-831 jsc#PED-840 jsc#PED-858 jsc#PED-859 jsc#PED-1033 jsc#PED-1035 jsc#PED-1038 jsc#PED-1044 jsc#PED-1046 jsc#PED-1052 jsc#PED-1054 jsc#PED-1096 jsc#PED-1165 jsc#PED-1213 jsc#PED-1516 jsc#PED-1817 jsc#PED-1820)
+- commit 048beb0
+
+- Correct JIRA reference to Impl entries (jsc#PED-833 jsc#PED-850 jsc#PED-825 jsc#PED-822 jsc#PED-846 jsc#PED-817 jsc#PED-851 jsc#PED-857 jsc#PED-842 jsc#PED-813 jsc#PED-1084 jsc#PED-1096 jsc#PED-1085 jsc#PED-1649 jsc#PED-1082 jsc#PED-856)
+- commit c7d3570
+
+- mfd: core: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- commit 4d37bd2
+
+- powerpc/pseries/vas: Add VAS IRQ primary handler (bsc#1204413
+ ltc#200176).
+- powerpc: Ignore DSI error caused by the copy/paste instruction
+ (bsc#1204413 ltc#200176).
+- powerpc/64s: Move hash MMU support code under
+ CONFIG_PPC_64S_HASH_MMU (bsc#1204413 ltc#200176).
+- Refresh patches.suse/Revert-powerpc-rtas-Implement-reentrant-rtas-call.patch
+- Refresh patches.suse/powerpc-Add-kABI-placeholder-to-struct-pci_controlle.patch
+- Refresh patches.suse/powerpc-pseries-wire-up-rng-during-setup_arch.patch
+- powerpc: make memremap_compat_align 64s-only (bsc#1204413
+ ltc#200176).
+- powerpc/64: pcpu setup avoid reading mmu_linear_psize on 64e
+ or radix (bsc#1204413 ltc#200176).
+- powerpc/64s: Rename hash_hugetlbpage.c to hugetlbpage.c
+ (bsc#1204413 ltc#200176).
+- powerpc/64s: Make flush_and_reload_slb a no-op when radix is
+ enabled (bsc#1204413 ltc#200176).
+- powerpc/pseries: lparcfg don't include slb_size line in radix
+ mode (bsc#1204413 ltc#200176).
+- powerpc/64s: Move and rename do_bad_slb_fault as it is not
+ hash specific (bsc#1204413 ltc#200176).
+- Refresh patches.suse/powerpc-64s-hash-Make-hash-faults-work-in-NMI-contex.patch
+- powerpc: Rename PPC_NATIVE to PPC_HASH_MMU_NATIVE (bsc#1204413
+ ltc#200176).
+ Update config files.
+- commit da125ff
+
+- devdax: Fix soft-reservation memory description (jsc#PED-1408).
+- ACPI: property: Remove default association from integer maximum
+ values (jsc#PED-1408).
+- ACPI: property: Ignore already existing data node tags
+ (jsc#PED-1408).
+- ACPI: property: Fix type detection of unified integer reading
+ functions (jsc#PED-1408).
+- arm64: cacheinfo: Fix incorrect assignment of signed error
+ value to unsigned fw_level (jsc#PED-1408).
+- ACPI: property: Fix error handling in acpi_init_properties()
+ (jsc#PED-1408).
+- ACPI: property: Read buffer properties as integers
+ (jsc#PED-1408).
+- ACPI: property: Add support for parsing buffer property UUID
+ (jsc#PED-1408).
+- commit 5677edc
+
+- ACPI: property: Unify integer value reading functions
+ (jsc#PED-1408).
+- ACPI: property: Switch node property referencing from ifs to
+ a switch (jsc#PED-1408).
+- ACPI: property: Move property ref argument parsing into a new
+ function (jsc#PED-1408).
+- ACPI: property: Use acpi_object_type consistently in property
+ ref parsing (jsc#PED-1408).
+- ACPI: property: Tie data nodes to acpi handles (jsc#PED-1408).
+- ACPI: VIOT: Do not dereference fwnode in struct device
+ (jsc#PED-1408).
+- ACPI/IORT: Fix build error implicit-function-declaration
+ (jsc#PED-1408).
+- ACPI/IORT: Add a helper to retrieve RMR info directly
+ (jsc#PED-1408).
+- ACPI/IORT: Add support to retrieve IORT RMR reserved regions
+ (jsc#PED-1408).
+- ACPI/IORT: Provide a generic helper to retrieve reserve regions
+ (jsc#PED-1408).
+- ACPI/IORT: Make iort_iommu_msi_get_resv_regions() return void
+ (jsc#PED-1408).
+- ACPI: PPTT: Leave the table mapped for the runtime usage
+ (jsc#PED-1408).
+- ACPI: Remove the unused find_acpi_cpu_cache_topology()
+ (jsc#PED-1408).
+- ACPI: PPTT: Use table offset as fw_token instead of virtual
+ address (jsc#PED-1408).
+- ACPI: Move PRM config option under the main ACPI config
+ (jsc#PED-1408).
+ Update config files.
+- ACPI: Enable Platform Runtime Mechanism(PRM) support on ARM64
+ (jsc#PED-1408).
+ Update config files.
+- ACPI: PRM: Change handler_addr type to void pointer
+ (jsc#PED-1408).
+- ACPI/PCI: Remove useless NULL pointer checks (jsc#PED-1408).
+- ACPI: video: Use native backlight on Dell Inspiron N4010
+ (jsc#PED-1408).
+- ACPI: video: Drop X86 dependency from Kconfig (jsc#PED-1408).
+ Update config files.
+- ACPI: resource: skip IRQ override on AMD Zen platforms
+ (jsc#PED-1408).
+- ACPI: PM: x86: Print messages regarding LPS0 idle support
+ (jsc#PED-1408).
+- ACPI: PM: s2idle: Use LPS0 idle if ACPI_FADT_LOW_POWER_S0 is
+ unset (jsc#PED-1408).
+- Revert "ACPI / PM: LPIT: Register sysfs attributes based on
+ FADT" (jsc#PED-1408).
+- ACPI: PM: s2idle: Add support for upcoming AMD uPEP HID AMDI008
+ (jsc#PED-1408).
+- ACPI: EC: Drop unused ident initializers from dmi_system_id
+ tables (jsc#PED-1408).
+- ACPI: EC: Re-use boot_ec when possible even when
+ EC_FLAGS_TRUST_DSDT_GPE is set (jsc#PED-1408).
+- ACPI: APEI: Fix _EINJ vs EFI_MEMORY_SP (jsc#PED-1408).
+- ACPI: APEI: Fix double word in a comment (jsc#PED-1408).
+- ACPI: processor: Drop leftover acpi_processor_get_limit_info()
+ declaration (jsc#PED-1408).
+- ACPI: processor: Split out thermal initialization from ACPI PSS
+ (jsc#PED-1408).
+- ACPI: bus: Drop unused list heads from struct acpi_device
+ (jsc#PED-1408).
+- ACPI: bus: Drop driver member of struct acpi_device
+ (jsc#PED-1408).
+- ACPI: bus: Drop redundant check in acpi_device_remove()
+ (jsc#PED-1408).
+- ACPI / MMC: PM: Unify fixing up device power (jsc#PED-1408).
+- ACPI: scan: Walk ACPI device's children using driver core
+ (jsc#PED-1408).
+- ACPI: bus: Introduce acpi_dev_for_each_child_reverse()
+ (jsc#PED-1408).
+- ACPI: video: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- ACPI: bus: Export acpi_dev_for_each_child() to modules
+ (jsc#PED-1408).
+- ACPI: property: Use acpi_dev_for_each_child() for child lookup
+ (jsc#PED-1408).
+- ACPI: container: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- ACPI: glue: Introduce acpi_find_child_by_adr() (jsc#PED-1408).
+- ACPI: glue: Introduce acpi_dev_has_children() (jsc#PED-1408).
+- ACPI: glue: Use acpi_dev_for_each_child() (jsc#PED-1408).
+- ACPI: irq: Allow acpi_gsi_to_irq() to have an arch-specific
+ fallback (jsc#PED-1408).
+- APCI: irq: Add support for multiple GSI domains (jsc#PED-1408).
+- mmc: sdhci-acpi: Remove special handling for GPD win/pocket
+ devices (jsc#PED-1408).
+- commit 3b82889
+
+- r8152: Rate limit overflow messages (CVE-2022-3594 bsc#1204479).
+- commit a745ef5
+
+- Update patch reference for HID fix (CVE-2022-3577 bsc#1204470)
+- commit 3ac3b39
+
+- kcm: avoid potential race in kcm_tx_work (bsc#1204355
+ CVE-2022-3521).
+- commit 2d76ec0
+
+- tcp/udp: Fix memory leak in ipv6_renew_options() (bsc#1204354
+ CVE-2022-3524).
+- commit f8049de
+
+- Update metadata references
+- commit d0bf0fb
+
+- PCI: hv: Fix synchronization between channel callback and
+ hv_pci_bus_exit() (bsc#1204017).
+- commit ea6713d
+
+- PCI: hv: Fix synchronization between channel callback and
+ hv_compose_msi_msg() (bsc#1204017).
+- commit 230768b
+
+- PCI: hv: Use vmbus_requestor to generate transaction IDs for
+ VMbus hardening (bsc#1204017).
+- commit a19c478
+
+- Drivers: hv: vmbus: Introduce {lock,unlock}_requestor()
+ (bsc#1204017).
+- commit bc36cf4
+
+- Drivers: hv: vmbus: Introduce vmbus_request_addr_match()
+ (bsc#1204017).
+- commit 40cb8e4
+
+- Drivers: hv: vmbus: Fix handling of messages with transaction
+ ID of zero (bsc#1204017).
+- commit a5b4ebf
+
+- Drivers: hv: vmbus: Introduce vmbus_sendpacket_getid()
+ (bsc#1204017).
+- commit 2e0386a
+
+- sch_sfb: Also store skb len before calling child enqueue
+ (CVE-2022-3586 bsc#1204439).
+- sch_sfb: Don't assume the skb is still around after enqueueing
+ to child (CVE-2022-3586 bsc#1204439).
+- commit 6788943
+
+- Update patch reference for mISDN fix (CVE-2022-3565 bsc#1204431)
+- commit 5d0836e
+
+- scsi: libsas: Fix use-after-free bug in smp_execute_task_sg()
+ (git-fixes).
+- commit 1ad6725
+
+- blacklist.conf: add upstream commit that's too invasive
+- commit a605c6e
+
+- Update config files: enable CONFIG_DMABUF_MOVE_NOTIFY (jsc#PED-975)
+- commit a10be66
+
+- dmaengine: idxd: deprecate token sysfs attributes for read
+ buffers (jsc#PED-679).
+- commit c137213
+
+- dmaengine: idxd: change bandwidth token to read buffers
+ (jsc#PED-679).
+- Refresh
+ patches.suse/dmaengine-idxd-restore-traffic-class-defaults-after-.patch.
+- commit d0c1256
+
+- powercap: intel_rapl: Add support for RAPTORLAKE_S
+ (jsc#PED-1812).
+- commit 213e719
+
+- Update config files: enable CONFIG_PINCTRL_METEORLAKE (jsc#PED-732)
+- supported.conf: add pinctrl-meteorlake
+- commit efb9d9f
+
+- pinctrl: intel: Add Intel Meteor Lake pin controller support
+ (jsc#PED-732).
+- commit 0540896
+
+- i2c: i801: Add support for Intel Meteor Lake-P (jsc#PED-732).
+- spi: pxa2xx: Add support for Intel Meteor Lake-P (jsc#PED-732).
+- scsi: ufs: ufs-pci: Add support for Intel MTL (jsc#PED-732).
+- commit 11c983f
+
+- Update patch reference for Intel MTL-P USB patch (jsc#PED-732)
+- commit 4ca8c18
+
+- pinctrl: alderlake: Fix register offsets for ADL-N variant
+ (jsc#PED-676).
+- pinctrl: alderlake: Add Intel Alder Lake-N pin controller
+ support (jsc#PED-676).
+- commit 5492389
+
+- Update patch reference for Intel ADL-N eMMC patch (jsc#PED-676)
+- commit 4c38b45
+
+- thunderbolt: Add support for Intel Raptor Lake (jsc#PED-634).
+- commit 0ec42f9
+
+- pinctrl: alderlake: Add Raptor Lake-S ACPI ID (jsc#PED-634).
+- mfd: intel-lpss: Add Intel Raptor Lake PCH-S PCI IDs
+ (jsc#PED-634).
+- spi: pxa2xx: Add support for Intel Raptor Lake PCH-S
+ (jsc#PED-634).
+- commit 06d5787
+
+- Update patch references for intel_th RPL-S support (jsc#PED-634)
+- commit 900e952
+
+- i2c: i801: Add support for Intel Raptor Lake PCH-S
+ (jsc#PED-634).
+- i2c: i801: Improve handling of chip-specific feature definitions
+ (jsc#PED-634).
+- i2c: i801: Add support for Intel Ice Lake PCH-N (jsc#PED-634).
+- commit 46a17cc
+
+- scsi: ufs: ufs-pci: Add support for Intel ADL (jsc#PED-707).
+- commit 356d2a6
+
+- Update patches.suse/arm64-cpufeature-add-HWCAP-for-FEAT_RPRES.patch (git-fixes, jsc#PED-1159)
+ Add reference to jsc#PED-1599
+- commit 27aeba3
+
+- thermal: int340x: Mode setting with new OS handshake
+ (jsc#PED-678).
+- commit c03fef0
+
+- Update patches.suse/arm64-cpufeature-add-HWCAP-for-FEAT_AFP.patch (git-fixes, jsc#PED-1159)
+ Add reference to jsc#PED-1599
+- commit fb87f4f
+
+- thermal: int340x: Update OS policy capability handshake
+ (jsc#PED-678).
+- commit 2487fcb
+
+- supported.conf: Add CN10K DDR PMU driver to supported modules (jsc#PED-1765)
+- commit ee9c6f0
+
+- supported.conf: Add CN10K RNG driver to supported modules (jsc#PED-1765)
+- commit f38a789
+
+- supported.conf: Add CN10K LLC PMU driver to supported modules (jsc#PED-1765)
+- commit ff62505
+
+- hwrng: cn10k - Make check_rng_health() return an error code (jsc#PED-1765)
+- commit e96e350
+
+- hwrng: cn10k - Optimize cn10k_rng_read() (jsc#PED-1765)
+- commit 18234b8
+
+- hwrng: cn10k - Add random number generator support (jsc#PED-1765)
+ Update config/arm64/default
+- commit 80a71af
+
+- perf/marvell: Fix !CONFIG_OF build for CN10K DDR PMU driver (jsc#PED-1765)
+ Update config/arm64/default
+- commit d86ecb5
+
+- perf/marvell: cn10k DDR perf event core ownership (jsc#PED-1765)
+- commit ccedd1a
+
+- perf/marvell: cn10k DDR perfmon event overflow handling (jsc#PED-1765)
+- commit b6ab0c5
+
+- perf/marvell: CN10k DDR performance monitor support (jsc#PED-1765)
+- commit b13d58a
+
+- dt-bindings: perf: marvell: cn10k ddr performance monitor (jsc#PED-1765)
+- commit 705f151
+
+- Update patch reference for macvlan fix (CVE-2022-3526 bsc#1204353)
+- commit 740e86c
+
+- rpm/check-for-config-changes: loosen pattern for AS_HAS_*
+ This is needed to handle CONFIG_AS_HAS_NON_CONST_LEB128.
+- commit bdc0bf7
+
+- perf/marvell_cn10k: Fix TAD PMU register offset (jsc#PED-1765)
+- commit 4ccd5d2
+
+- perf/marvell_cn10k: Remove useless license text when (jsc#PED-1765)
+- commit b1994db
+
+- perf/marvell_cn10k: Fix tad_pmu_event_init() to check pmu type first (jsc#PED-1765)
+- commit cb2eb6b
+
+- perf/marvell_cn10k: Fix unused variable warning when W=1 and (jsc#PED-1765)
+- commit 4f19277
+
+- drivers: perf: marvell_cn10k: fix an IS_ERR() vs NULL check (jsc#PED-1765)
+- commit 9e52366
+
+- drivers: perf: Add LLC-TAD perf counter support (jsc#PED-1765)
+ Update config/arm64/default
+- commit 15db243
+
+- powerpc/mm/64s: Drop pgd_huge() (bsc#1065729).
+- powerpc/powernv: add missing of_node_put() in
+ opal_export_attrs() (bsc#1065729).
+- powerpc/pci_dn: Add missing of_node_put() (bsc#1065729).
+- commit 7c692ec
+
+- powerpc/kprobes: Fix null pointer reference in
+ arch_prepare_kprobe() (jsc#SLE-13847 git-fixes).
+- powerpc/64: Remove unused SYS_CALL_TABLE symbol (jsc#SLE-9246
+ git-fixes).
+- commit 5521322
+
+- thunderbolt: Use decimal number with port numbers (jsc#PED-531
+ jsc#PED-1211).
+- commit 1ef4993
+
+- thunderbolt: Replace usage of found with dedicated list iterator
+ variable (jsc#PED-531 jsc#PED-1211).
+- commit 3fecfc9
+
+- thunderbolt: Clarify register definitions for
+ `tb_cap_plug_events` (jsc#PED-531).
+- commit 68d4307
+
+- thunderbolt: Add internal xHCI connect flows for Thunderbolt
+ 3 devices (jsc#PED-531).
+- commit ec0de67
+
+- thunderbolt: Do not make DROM read success compulsory
+ (jsc#PED-531).
+- commit 24436e4
+
+- thunderbolt: Do not resume routers if UID is not set
+ (jsc#PED-531).
+- thunderbolt: Retry DROM reads for more failure scenarios
+ (jsc#PED-531).
+- commit a78e01a
+
+- thunderbolt: Drop duplicate NULL checks around
+ nvmem_unregister() (jsc#PED-531).
+- commit 3ea3344
+
+- thunderbolt: Replace acpi_bus_get_device() (jsc#PED-531).
+- commit 920924a
+
+- thunderbolt: Remove useless DMA-32 fallback configuration
+ (jsc#PED-531).
+- commit 871dcd2
+
+- usb: host: Initiate urb ep with udev ep0 (jsc#PED-531).
+- commit f03f8e4
+
+- arm64/bti: Disable in kernel BTI when cross section thunks are broken (git-fixes)
+- commit 2f51dd9
+
+- blacklist.conf: ("arm64/mm: drop HAVE_ARCH_PFN_VALID")
+- commit f836660
+
+- clk: at91: fix the build with binutils 2.27 (git-fixes).
+- commit a34e36d
+
+- Input: xpad - add supported devices as contributed on github
+ (git-fixes).
+- efi: libstub: drop pointless get_memory_map() call (git-fixes).
+- misc: pci_endpoint_test: Fix
+ pci_endpoint_test_{copy,write,read}() panic (git-fixes).
+- misc: pci_endpoint_test: Aggregate params checking for xfer
+ (git-fixes).
+- USB: serial: qcserial: add new usb-id for Dell branded EM7455
+ (git-fixes).
+- efi: Correct Macmini DMI match in uefi cert quirk (git-fixes).
+- commit 4dee064
+
+- ALSA: oss: Fix potential deadlock at unregistration (git-fixes).
+- ALSA: rawmidi: Drop register_mutex in snd_rawmidi_free()
+ (git-fixes).
+- ALSA: hda/realtek: Add Intel Reference SSID to support headset
+ keys (git-fixes).
+- ALSA: hda/realtek: Add quirk for ASUS GV601R laptop (git-fixes).
+- commit c900b4a
+
+- ACPI: HMAT: Release platform device in case of
+ platform_device_add_data() fails (git-fixes).
+- rtc: stmp3xxx: Add failure handling for stmp3xxx_wdt_register()
+ (git-fixes).
+- ALSA: hda/realtek: Correct pin configs for ASUS G533Z
+ (git-fixes).
+- ALSA: hda/realtek: remove ALC289_FIXUP_DUAL_SPK for Dell 5530
+ (git-fixes).
+- arm64: mte: Avoid setting PG_mte_tagged if no tags cleared or
+ restored (git-fixes).
+- drm/amd/pm: smu7_hwmgr: fix potential off-by-one overflow in
+ 'performance_levels' (git-fixes).
+- Revert "drm/amdgpu: use dirty framebuffer helper" (git-fixes).
+- drm/i915/ehl: Update MOCS table for EHL (git-fixes).
+- commit 3ca51e4
+
+- s390/qeth: Remove OSN deprecation notice (jsc#PED-448
+ LTC#198619).
+- commit 42319b3
+
+- qeth: remove a copy of the NAPI_POLL_WEIGHT define (jsc#PED-448
+ LTC#198619).
+- Refresh
+ patches.suse/net-make-drivers-set-the-TSO-limit-not-the-GSO-limit.patch.
+- Refresh patches.suse/net-switch-to-netif_napi_add_tx.patch.
+- commit f8ee04c
+
+- s390/qeth: split up L2 netdev_ops (jsc#PED-448 LTC#198619).
+- commit f50bd13
+
+- s390/qeth: don't keep track of Input Queue count (jsc#PED-448
+ LTC#198619).
+- Refresh patches.suse/s390-qdio-split-do_QDIO.
+- commit f07e1f9
+
+- s390/qeth: move qdio's QAOB cache into qeth (jsc#PED-448
+ LTC#198619).
+- Refresh patches.suse/s390-qdio-split-do_QDIO.
+- commit 7ee14b3
+
+- s390/qeth: clean up device_type management (jsc#PED-448
+ LTC#198619).
+- Refresh patches.suse/s390-qeth-Register-switchdev-event-handler.
+- commit 4489d18
+
+- s390/qeth: Fix typo 'the the' in comment (jsc#PED-448
+ LTC#198619).
+- s390/ctcm: fix typo "length to short" -> "length too short"
+ (jsc#PED-448 LTC#198619).
+- s390/net: sort out physical vs virtual pointers usage
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: Remove redundant 'flush_workqueue()' calls
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: remove check for packing mode in
+ qeth_check_outbound_queue() (jsc#PED-448 LTC#198619).
+- s390/qeth: fine-tune .ndo_select_queue() (jsc#PED-448
+ LTC#198619).
+- s390/qeth: don't offer .ndo_bridge_* ops for OSA devices
+ (jsc#PED-448 LTC#198619).
+- s390/lcs: add braces around empty function body (jsc#PED-448
+ LTC#198619).
+- s390/ctcm: add __printf format attribute to ctcm_dbf_longtext
+ (jsc#PED-448 LTC#198619).
+- s390/ctcm: fix format string (jsc#PED-448 LTC#198619).
+- s390/qeth: allocate RX queue at probe time (jsc#PED-448
+ LTC#198619).
+- s390/qeth: update kerneldoc for qeth_add_hw_header()
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: fix kernel doc comments (jsc#PED-448 LTC#198619).
+- s390/qeth: add __printf format attribute to qeth_dbf_longtext
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: fix various format strings (jsc#PED-448 LTC#198619).
+- s390/qeth: clarify remaining dev_kfree_skb_any() users
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: remove .do_ioctl() callback from driver discipline
+ (jsc#PED-448 LTC#198619).
+- s390/qeth: improve trace entries for MAC address
+ (un)registration (jsc#PED-448 LTC#198619).
+- net: s390: constify and use eth_hw_addr_set() (jsc#PED-448
+ LTC#198619).
+- s390/netiucv: remove incorrect kernel doc indicators
+ (jsc#PED-448 LTC#198619).
+- s390/lcs: remove incorrect kernel doc indicators (jsc#PED-448
+ LTC#198619).
+- s390/ctcm: remove incorrect kernel doc indicators (jsc#PED-448
+ LTC#198619).
+- s390/net: replace in_irq() with in_hardirq() (jsc#PED-448
+ LTC#198619).
+- s390/qeth: clean up QETH_PROT_* naming (jsc#PED-448 LTC#198619).
+- commit 595cfd6
+
+- x86/cpu: Add CPU model numbers for Meteor Lake (jsc#PED-637).
+- x86/cpu: Add new Raptor Lake CPU model number (jsc#PED-716).
+- commit 612dc8d
+
+- mmc: sdhci-sprd: Fix minimum clock limit (git-fixes).
+- openvswitch: add nf_ct_is_confirmed check before assigning
+ the helper (git-fixes).
+- selftests: netfilter: Fix nft_fib.sh for all.rp_filter=1
+ (git-fixes).
+- wifi: iwlwifi: mvm: fix double list_add at
+ iwl_mvm_mac_wake_tx_queue (other cases) (git-fixes).
+- wifi: cfg80211: fix ieee80211_data_to_8023_exthdr handling of
+ small packets (git-fixes).
+- wifi: mac80211: fix decap offload for stations on AP_VLAN
+ interfaces (git-fixes).
+- wifi: mac80211: fix probe req HE capabilities access
+ (git-fixes).
+- wifi: mac80211: do not drop packets smaller than the LLC-SNAP
+ header on fast-rx (git-fixes).
+- can: kvaser_usb_leaf: Fix CAN state after restart (git-fixes).
+- can: kvaser_usb_leaf: Fix TX queue out of sync after restart
+ (git-fixes).
+- can: kvaser_usb: Fix use of uninitialized completion
+ (git-fixes).
+- macvlan: enforce a consistent minimal mtu (git-fixes).
+- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq
+ (git-fixes).
+- net: ieee802154: return -EINVAL for unknown addr type
+ (git-fixes).
+- watchdog: armada_37xx_wdt: Fix .set_timeout callback
+ (git-fixes).
+- watchdog: ftwdt010_wdt: fix test for platform_get_irq() failure
+ (git-fixes).
+- watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING
+ (git-fixes).
+- commit cb006e7
+
+- Drop a incorrectly doubly applied WiFi fix patch
+- commit 9d35b83
+
+- s390/qdio: Fix spelling mistake (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clarify logical vs absolute in QIB's kerneldoc
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove unneeded sanity check in qdio_do_sqbs()
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: split do_QDIO() (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: split qdio_inspect_queue() (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clarify handler logic for
+ qdio_handle_activate_check() (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clean up access to queue in
+ qdio_handle_activate_check() (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: avoid allocating the qdio_irq with GFP_DMA
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: improve handling of CIWs (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: remove QDIO_SBAL_SIZE macro (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- scsi: zfcp: fix kernel doc comments (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- scsi: zfcp: Use scsi_cmd_to_rq() instead of scsi_cmnd.request
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- scsi: zfcp: Use the proper SCSI midlayer interfaces for PI
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove unused support for SLIB parameters
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: consolidate QIB code (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: use dev_info() in qdio_print_subchannel_info()
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: fine-tune the queue sync (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clean up SIGA capability tracking (jsc#PED-455
+ bsc#1203836 LTC#198623).
+- s390/qdio: remove unused sync-after-IRQ infrastructure
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: use absolute data address in ESTABLISH ccw
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove unused macros (jsc#PED-455 bsc#1203836
+ LTC#198623).
+- s390/qdio: clarify reporting of errors to the drivers
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove unneeded siga-sync for Output Queue
+ (jsc#PED-455 bsc#1203836 LTC#198623).
+- s390/qdio: remove remaining tasklet & timer code (jsc#PED-455
+ bsc#1203836 LTC#198623).
+- commit ccb8c7b
+
+- wifi: cfg80211: update hidden BSSes to avoid WARN_ON
+ (git-fixes).
+- wifi: mac80211_hwsim: avoid mac80211 warning on bad rate
+ (git-fixes).
+- wifi: cfg80211/mac80211: reject bad MBSSID elements (git-fixes).
+- commit b28d368
+
+- Move upstramed WiFi fix patches into sorted section
+- commit bef1692
+
+- net: ethernet: move from strlcpy with unused retval to strscpy
+ (jsc#PED-1302).
+- net: add skb_[inner_]tcp_all_headers helpers (jsc#PED-1302).
+- ethernet: Remove vf rate limit check for drivers (jsc#PED-1302).
+- rtnetlink: add extack support in fdb del handlers
+ (jsc#PED-1302).
+- net: switch to netif_napi_add_tx() (jsc#PED-1302).
+- qlcnic: remove redundant assignment to variable index
+ (jsc#PED-1302).
+- net: qlcnic: use time_is_before_jiffies() instead of open
+ coding it (jsc#PED-1302).
+- qlcnic: Simplify DMA setting (jsc#PED-1302).
+- qlcnic: Remove redundant initialization of variable ret
+ (jsc#PED-1302).
+- qlcnic: switch from 'pci_' to 'dma_' API (jsc#PED-1302).
+- qlcnic: make the array random_data static const, makes object
+ smaller (jsc#PED-1302).
+- commit c7136a6
+
+- clk: bcm: rpi: Add support for VEC clock (bsc#1196632)
+- commit 188fe72
+
+- nvmem: core: Check input parameter for NULL in
+ nvmem_unregister() (bsc#1204241).
+- commit 66b047b
+
+- clk: bcm2835: Round UART input clock up (bsc#1188238)
+- commit f465b19
+
+- ALSA: hda/hdmi: Fix the converter allocation for the silent
+ stream (git-fixes).
+- ALSA: hda/hdmi: change type for the 'assigned' variable
+ (git-fixes).
+- commit 6c73200
+
+- drm/i915/gvt: fix a memory leak in intel_gvt_init_vgpu_types
+ (git-fixes).
+- irqchip/ls-extirq: Fix invalid wait context by avoiding to
+ use regmap (git-fixes).
+- USB: serial: ftdi_sio: fix 300 bps rate for SIO (git-fixes).
+- docs: update mediator information in CoC docs (git-fixes).
+- mmc: core: Terminate infinite loop in SD-UHS voltage switch
+ (git-fixes).
+- drm/amd/display: skip audio setup when audio stream is enabled
+ (git-fixes).
+- drm/amd/display: update gamut remap if plane has changed
+ (git-fixes).
+- drm/amd/display: Assume an LTTPR is always present on fixed_vs
+ links (git-fixes).
+- drm/amd/display: Fix double cursor on non-video RGB MPO
+ (git-fixes).
+- ARM: dts: fix Moxa SDIO 'compatible', remove 'sdhci' misnomer
+ (git-fixes).
+- firmware: arm_scmi: Add SCMI PM driver remove routine
+ (git-fixes).
+- firmware: arm_scmi: Harden accesses to the sensor domains
+ (git-fixes).
+- firmware: arm_scmi: Improve checks in the info_get operations
+ (git-fixes).
+- net/ieee802154: fix uninit value bug in dgram_sendmsg
+ (git-fixes).
+- dmaengine: xilinx_dma: Report error in case of
+ dma_set_mask_and_coherent API failure (git-fixes).
+- dmaengine: xilinx_dma: cleanup for fetching xlnx,num-fstores
+ property (git-fixes).
+- dmaengine: xilinx_dma: Fix devm_platform_ioremap_resource
+ error handling (git-fixes).
+- ALSA: hda/hdmi: Fix the converter reuse for the silent stream
+ (git-fixes).
+- rpmsg: qcom: glink: replace strncpy() with strscpy_pad()
+ (git-fixes).
+- mmc: core: Replace with already defined values for readability
+ (git-fixes).
+- commit 07f5789
+
+- Drop TI clk patch that has been reverted in 5.15.y stable
+- commit bfab74f
+
+- mm/hmm/test: use char dev with struct device to get device node
+ (jsc#PED-1294).
+- commit 2a441da
+
+- lib/test_hmm: avoid accessing uninitialized pages
+ (jsc#PED-1294).
+- commit 629e407
+
+- mm/memremap: fix wrong function name above memremap_pages()
+ (jsc#PED-1294).
+- commit 99ceafe
+
+- Updated metadata references for bsc#1200788 CVE-2022-2153:
+ Updated patches (from Juergen Gross)
+- patches.suse/KVM-x86-Avoid-theoretical-NULL-pointer-dereference-i.patch
+- patches.suse/KVM-x86-Check-lapic_in_kernel-before-attempting-to-s.patch
+- patches.suse/KVM-x86-Forbid-VMM-to-set-SYNIC-STIMER-MSRs-when-Syn.patch
+- commit e9364fc
+
+- selftests/vm: use top_srcdir instead of recomputing relative
+ paths (jsc#PED-1294).
+- commit fcd00bf
+
+- Kselftests: remove support of libhugetlbfs from kselftests
+ (jsc#PED-1294).
+- commit 5314c14
+
+- tools/testing/selftests/vm/hmm-tests.c: fix build
+ (jsc#PED-1294).
+- commit d4e3629
+
+- mm/hmm: add a test for cross device private faults
+ (jsc#PED-1294).
+- commit 113260c
+
+- mm/hmm.c: allow VM_MIXEDMAP to work with hmm_range_fault
+ (jsc#PED-1294).
+- commit 81464f0
+
+- tools: update hmm-test to support device coherent type
+ (jsc#PED-1294).
+- commit 7b24afa
+
+- mm: fix the handling Non-LRU pages returned by follow_page
+ (jsc#PED-1294).
+- commit a0abdab
+
+- mm/huge_memory: use helper macro IS_ERR_OR_NULL in
+ split_huge_pages_pid (jsc#PED-1294).
+- commit 64365f4
+
+- mm: remove unneeded local variable follflags (jsc#PED-1294).
+- commit f1da2a0
+
+- mm/migrate_device.c: fix a misleading and outdated comment
+ (jsc#PED-1294).
+- commit 2496c30
+
+- mm: migration: fix the FOLL_GET failure on following huge page
+ (jsc#PED-1294).
+- commit 7c67379
+
+- mm: re-allow pinning of zero pfns (again) (jsc#PED-1294).
+- commit 4e32fd5
+
+- nvdimm/pmem: cleanup the disk if pmem_release_disk() is yet
+ assigned (jsc#PED-1294).
+- commit 519f490
+
+- thunderbolt: Fix buffer allocation of devices with no
+ DisplayPort adapters (git-fixes).
+- commit 2534904
+
+- fs: fix UAF/GPF bug in nilfs_mdt_destroy (CVE-2022-2978
+ bsc#1202700).
+- commit e1802d7
+
+- thunderbolt: Add missing device ID to
+ tb_switch_is_alpine_ridge() (git-fixes).
+- commit 9447425
+
+- thunderbolt: Disable LTTPR on Intel Titan Ridge (git-fixes).
+- commit 9dce26f
+
+- usb/hcd: Fix dma_map_sg error check (git-fixes).
+- commit 82f7672
+
+- mm/gup.c: fix formatting in check_and_migrate_movable_page()
+ (jsc#PED-1294).
+- commit 6bb21eb
+
+- tools: add selftests to hmm for COW in device memory
+ (jsc#PED-1294).
+- commit fbb5441
+
+- tools: add hmm gup tests for device coherent type
+ (jsc#PED-1294).
+- commit ccae011
+
+- tools: update test_hmm script to support SP config
+ (jsc#PED-1294).
+- commit 32be4d6
+
+- lib: add support for device coherent type in test_hmm
+ (jsc#PED-1294).
+- commit 5bcf5a6
+
+- lib: test_hmm add module param for zone device type
+ (jsc#PED-1294).
+- commit e22f0bf
+
+- lib: test_hmm add ioctl to get zone device type (jsc#PED-1294).
+- commit 87c4e9c
+
+- drm/amdkfd: add SPM support for SVM (jsc#PED-1294).
+- commit 9d8092a
+
+- drm/amdkfd: fix resource_size.cocci warnings (jsc#PED-1294).
+- commit 589703d
+
+- mm/gup: migrate device coherent pages when pinning instead of
+ failing (jsc#PED-1294).
+- commit f57d4bb
+
+- kabi/severities: ignore CS35L41-specific exports (bsc#1203699)
+- commit 9f486fe
+
+- ALSA: hda: cs35l41: Support System Suspend (bsc#1203699).
+- ALSA: hda: cs35l41: Remove suspend/resume hda hooks
+ (bsc#1203699).
+- ALSA: hda/cs_dsp_ctl: Fix mutex inversion when creating controls
+ (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Ensure pwr_lock is held before
+ reading/writing controls (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Minor clean and redundant code
+ removal (bsc#1203699).
+- commit 54175bd
+
+- PCI: mediatek-gen3: Change driver name to mtk-pcie-gen3
+ (git-fixes).
+- dt-bindings: PCI: microchip,pcie-host: fix missing dma-ranges
+ (git-fixes).
+- dt-bindings: PCI: microchip,pcie-host: fix missing clocks
+ properties (git-fixes).
+- PCI: Sanitise firmware BAR assignments behind a PCI-PCI bridge
+ (git-fixes).
+- PCI: Fix used_buses calculation in pci_scan_child_bus_extend()
+ (git-fixes).
+- PCI/ASPM: Correct LTR_L1.2_THRESHOLD computation (git-fixes).
+- PCI/ASPM: Ignore L1 PM Substates if device lacks capability
+ (git-fixes).
+- i2c: designware: Fix handling of real but unexpected device
+ interrupts (git-fixes).
+- pinctrl: microchip-sgpio: Correct the fwnode_irq_get() return
+ value check (git-fixes).
+- pinctrl: armada-37xx: Checks for errors in gpio_request_enable
+ callback (git-fixes).
+- pinctrl: armada-37xx: Fix definitions for MPP pins 20-22
+ (git-fixes).
+- pinctrl: armada-37xx: Add missing GPIO-only pins (git-fixes).
+- Input: i8042 - fix refount leak on sparc (git-fixes).
+- Input: synaptics-rmi4 - fix firmware update operations with
+ bootloader v8 (git-fixes).
+- Input: xpad - fix wireless 360 controller breaking after suspend
+ (git-fixes).
+- commit 6628947
+
+- Add cherry-picked ID for AMDGPU patch
+- commit 005b431
+
+- mm: add device coherent vma selection for memory migration
+ (jsc#PED-1294).
+- commit c7f49b6
+
+- mm: handling Non-LRU pages returned by vm_normal_pages
+ (jsc#PED-1294).
+- commit e689445
+
+- mm/migration: fix possible do_pages_stat_array racing with
+ memory offline (jsc#PED-1294).
+- commit f5b7a8c
+
+- mm: add zone device coherent type memory support (jsc#PED-1294).
+- commit c80982a
+
+- mm: re-allow pinning of zero pfns (jsc#PED-1294).
+- commit 541ae7e
+
+- octeontx2-pf: cn10k: Fix egress ratelimit configuration
+ (git-fixes).
+- commit dfc0a0a
+
+- net: sungem_phy: Add of_node_put() for reference returned by
+ of_get_parent() (git-fixes).
+- commit cc0874b
+
+- net: pcs: xpcs: propagate xpcs_read error to
+ xpcs_get_state_c37_sgmii (git-fixes).
+- commit 6750e0f
+
+- mlxsw: spectrum_router: Fix IPv4 nexthop gateway indication
+ (git-fixes).
+- commit 6f3b54a
+
+- ipv4: Fix data-races around sysctl_fib_multipath_hash_policy
+ (git-fixes).
+- commit afc53c0
+
+- iavf: Fix handling of dummy receive descriptors (git-fixes).
+- commit e9bd3c0
+
+- net: dsa: vitesse-vsc73xx: silent spi_device_id warnings
+ (git-fixes).
+- commit 155ccd4
+
+- net: dsa: sja1105: silent spi_device_id warnings (git-fixes).
+- commit ee0b547
+
+- net: stmmac: remove redunctant disable xPCS EEE call
+ (git-fixes).
+- commit 9493b1a
+
+- ixgbe: Add locking to prevent panic when setting sriov_numvfs
+ to zero (git-fixes).
+- commit 53fbc66
+
+- net: stmmac: fix dma queue left shift overflow issue
+ (git-fixes).
+- commit 1deb58f
+
+- net: dsa: microchip: ksz_common: Fix refcount leak bug
+ (git-fixes).
+- commit c46e25b
+
+- net: stmmac: fix unbalanced ptp clock issue in suspend/resume
+ flow (git-fixes).
+- commit dff326f
+
+- net: stmmac: fix pm runtime issue in stmmac_dvr_remove()
+ (git-fixes).
+- commit e347cfb
+
+- ip: Fix data-races around sysctl_ip_fwd_update_priority
+ (git-fixes).
+- commit 4ea8f18
+
+- sfc: fix kernel panic when creating VF (git-fixes).
+- commit 33eba8c
+
+- sfc: fix use after free when disabling sriov (git-fixes).
+- commit 2fa14d7
+
+- net: stmmac: fix leaks in probe (git-fixes).
+- commit 97831ef
+
+- mm: move page zone helpers from mm.h to mmzone.h (jsc#PED-1294).
+- commit 57ef364
+
+- KVM: x86: Register perf callbacks after calling vendor's
+ hardware_setup() (git-fixes).
+- Refresh
+ patches.suse/KVM-x86-Register-Processor-Trace-interrupt-hook-iff-.patch.
+- commit 871c62a
+
+- mm: build migrate_vma_* for all configs with ZONE_DEVICE support
+ (jsc#PED-1294).
+- Update config files.
+- commit 0314c06
+
+- USB: add RESET_RESUME quirk for NVIDIA Jetson devices in RCM
+ (git-fixes).
+- commit 31ce443
+
+- KVM: VMX: Inject #PF on ENCLS as "emulated" #PF (git-fixes).
+- commit cc0ea0c
+
+- usb: ehci: Fix a function name in comments (git-fixes).
+- commit 610087d
+
+- usb: host: remove dead EHCI support for on-chip PMC MSP71xx
+ USB controller (jsc#PED-531).
+- commit 62f8e77
+
+- x86/mce: Retrieve poison range from hardware (jsc#PED-1408).
+- ACPI: CPPC: Don't require flexible address space if
+ X86_FEATURE_CPPC is supported (jsc#PED-1408).
+- ACPI: CPPC: Fix enabling CPPC on AMD systems with shared memory
+ (jsc#PED-1408).
+- commit ac7776e
+
+- xhci: remove unused lpm_failed_dev member from struct xhci_hcd
+ (jsc#PED-531).
+- commit 85de64c
+
+- xhci: remove unused command member from struct xhci_hcd struct
+ (jsc#PED-531).
+- commit 5e975fe
+
+- USB: xhci: make xhci_get_endpoint_address static (jsc#PED-531).
+- commit dcf3baa
+
+- ACPI: CPPC: Don't require _OSC if X86_FEATURE_CPPC is supported
+ (jsc#PED-1408).
+- tools headers cpufeatures: Sync with the kernel sources
+ (jsc#PED-1408).
+- x86/cpufeatures: Add AMD Collaborative Processor Performance
+ Control feature flag (jsc#PED-1408).
+ Refresh patches.suse/x86-cpu-amd-Enumerate-BTC_NO.patch.
+- commit bf4cd56
+
+- USB: hcd-pci: Drop the unused id parameter from
+ usb_hcd_pci_probe() (jsc#PED-531).
+- commit b826b6a
+
+- xen: update ring.h (jsc#PED-531).
+- commit 4472a2b
+
+- xen/xenbus: add xenbus_setup_ring() service function
+ (jsc#PED-531).
+- commit f043eec
+
+- KVM: x86: Inject #UD on emulated XSETBV if XSAVES isn't enabled
+ (git-fixes).
+- commit 93cdb54
+
+- net: ftgmac100: Hold reference returned by
+ of_get_child_by_name() (git-fixes).
+- commit 0961942
+
+- bnxt_en: Fix bnxt_refclk_read() (git-fixes).
+- commit 4187bc1
+
+- bnxt_en: fix livepatch query (git-fixes).
+- commit cc62415
+
+- bnxt_en: Fix bnxt_reinit_after_abort() code path (git-fixes).
+- commit e387d75
+
+- bnxt_en: reclaim max resources if sriov enable fails
+ (git-fixes).
+- commit 9161aa5
+
+- net/mlx5e: Ring the TX doorbell on DMA errors (git-fixes).
+- commit 7fdc3a9
+
+- net/mlx5e: Fix enabling sriov while tc nic rules are offloaded
+ (git-fixes).
+- commit 5e19505
+
+- KVM: x86: do not report preemption if the steal time cache is
+ stale (git-fixes).
+- commit c293d6b
+
+- net: ethernet: ti: am65-cpsw: Fix devlink port register sequence
+ (git-fixes).
+- commit 385f6b7
+
+- can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix endianness
+ conversion (git-fixes).
+- commit 368984e
+
+- can: mcp251xfd: mcp251xfd_register_get_dev_id(): use correct
+ length to read dev_id (git-fixes).
+- commit 809cb98
+
+- usb: renesas-xhci: Do not print any log while fw verif success
+ (jsc#PED-531).
+- commit bad9850
+
+- xen/usbfront: use xenbus_setup_ring() and xenbus_teardown_ring()
+ (jsc#PED-531).
+- commit 41ef599
+
+- xen/usb: switch xen-hcd to use INVALID_GRANT_REF (jsc#PED-531).
+- commit e4f01cd
+
+- xen/usb: harden xen_hcd against malicious backends
+ (jsc#PED-531).
+- commit 36bb0d3
+
+- xen/grant-table: remove readonly parameter from functions
+ (jsc#PED-531).
+- Refresh
+ patches.suse/xen-blkfront-force-data-bouncing-when-backend-is-unt.patch.
+- commit 80f5ba9
+
+- xen/usb: don't use arbitrary_virt_to_machine() (jsc#PED-531).
+- commit 71d02c4
+
+- mm: move the migrate_vma_* device migration code into its own
+ file (jsc#PED-1294).
+- Update config files.
+- commit ffdaa32
+
+- mm/migrate: remove redundant variables used in a for-loop
+ (jsc#PED-1294).
+- commit 53fa906
+
+- x86/PCI: Revert "x86/PCI: Clip only host bridge windows for
+ E820 regions" (jsc#PED-1408).
+- ACPI: clean up white space in a few places for consistency
+ (jsc#PED-1408).
+- ACPI: video: improve PM notifer callback (jsc#PED-1408).
+- ACPI: battery: Make "not-charging" the default on no charging
+ or full info (jsc#PED-1408).
+- ACPI: CPPC: fix typo in comment (jsc#PED-1408).
+- ACPI: processor: idle: Expose max_cstate/nocst/bm_check_disable
+ read-only in sysfs (jsc#PED-1408).
+- ACPI: glue: Rearrange find_child_checks() (jsc#PED-1408).
+- ACPI: DPTF: Support Meteor Lake (jsc#PED-1408).
+- ACPI: NFIT: Drop nfit_device_lock() (jsc#PED-1408).
+- PCI/ACPI: negotiate CXL _OSC (jsc#PED-1408).
+- PCI/ACPI: Prefer CXL _OSC instead of PCIe _OSC for CXL host
+ bridges (jsc#PED-1408).
+- PCI/ACPI: add a helper for retrieving _OSC Control DWORDs
+ (jsc#PED-1408).
+- acpi/nfit: rely on mce->misc to determine poison granularity
+ (jsc#PED-1408).
+- x86/PCI: Disable E820 reserved region clipping starting in 2023
+ (jsc#PED-1408).
+- x86/PCI: Disable E820 reserved region clipping via quirks
+ (jsc#PED-1408).
+- x86/PCI: Add kernel cmdline options to use/ignore E820 reserved
+ regions (jsc#PED-1408).
+- x86/PCI: Clip only host bridge windows for E820 regions
+ (jsc#PED-1408).
+- x86: Log resource clipping for E820 regions (jsc#PED-1408).
+- x86/PCI: Eliminate remove_e820_regions() common subexpressions
+ (jsc#PED-1408).
+- device property: Add irq_get to fwnode operation (jsc#PED-1408).
+- ACPI: property: Move acpi_fwnode_device_get_match_data() up
+ (jsc#PED-1408).
+- device property: Convert device_{dma_supported,get_dma_attr}
+ to fwnode (jsc#PED-1408).
+- cpufreq: CPPC: Enable fast_switch (jsc#PED-1408).
+- ACPI: bus: Set CPPC _OSC bits for all and when CPPC_LIB is
+ supported (jsc#PED-1408).
+ Refresh
+ patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch.
+- ACPI: CPPC: Check _OSC for flexible address space
+ (jsc#PED-1408).
+ Refresh
+ patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch.
+- x86/ACPI: Preserve ACPI-table override during hibernation
+ (jsc#PED-1408).
+- x86: ACPI: Make mp_config_acpi_gsi() a void function
+ (jsc#PED-1408).
+- ACPI: DPTF: Add support for high frequency impedance
+ notification (jsc#PED-1408).
+- ACPI: DPTF: Correct description of INT3407 / INT3532 attributes
+ (jsc#PED-1408).
+- ACPI, APEI, EINJ: Refuse to inject into the zero page
+ (jsc#PED-1408).
+- ACPI: APEI: Fix missing ERST record id (jsc#PED-1408).
+- ACPI: BGRT: use static for BGRT_SHOW kobj_attribute defines
+ (jsc#PED-1408).
+- ACPI: SPCR: Add support for NVIDIA 16550-compatible port subtype
+ (jsc#PED-1408).
+- ACPI: bus: Avoid non-ACPI device objects in walks over children
+ (jsc#PED-1408).
+- PCI: ACPI: PM: Power up devices in D3cold before scanning them
+ (jsc#PED-1408).
+- ACPI: PM: Introduce acpi_dev_power_up_children_with_adr()
+ (jsc#PED-1408).
+- ACPI: bus: Introduce acpi_dev_for_each_child() (jsc#PED-1408).
+- ACPI: PM: Always print final debug message in
+ acpi_device_set_power() (jsc#PED-1408).
+- ACPI: PM: Unify debug messages in acpi_device_set_power()
+ (jsc#PED-1408).
+- ACPI: PM: Change pr_fmt() in device_pm.c (jsc#PED-1408).
+- ACPI: PM: Convert debug message in acpi_device_get_power()
+ (jsc#PED-1408).
+- Revert "ACPICA: executer/exsystem: Warn about sleeps greater
+ than 10 ms" (jsc#PED-1408).
+- ACPICA: Update version to 20220331 (jsc#PED-1408).
+- ACPICA: exsystem.c: Use ACPI_FORMAT_UINT64 for 64-bit output
+ (jsc#PED-1408).
+- ACPICA: IORT: Updates for revision E.d (jsc#PED-1408).
+- ACPICA: executer/exsystem: Fix some typo mistakes
+ (jsc#PED-1408).
+- ACPICA: iASL/MADT: Add OEM-defined subtable (jsc#PED-1408).
+- ACPICA: executer/exsystem: Warn about sleeps greater than 10 ms
+ (jsc#PED-1408).
+- ACPICA: executer/exsystem: Inform users about ACPI spec
+ violation (jsc#PED-1408).
+- ACPICA: Add support for ARM Performance Monitoring Unit Table
+ (jsc#PED-1408).
+- ACPICA: executer/exsystem: Add units to time variable names
+ (jsc#PED-1408).
+- ACPICA: Headers: Replace zero-length array with flexible-array
+ member (jsc#PED-1408).
+- ACPICA: Removed some tabs and // comments (jsc#PED-1408).
+- ACPICA: Update copyright notices to the year 2022
+ (jsc#PED-1408).
+- ACPICA: Clean up double word in comment (jsc#PED-1408).
+- ACPICA: Add new ACPI 6.4 semantics for LoadTable() operator
+ (jsc#PED-1408).
+- ACPICA: Add new ACPI 6.4 semantics to the Load() operator
+ (jsc#PED-1408).
+- ACPICA: iASL: NHLT: Rename linux specific strucures to
+ device_info (jsc#PED-1408).
+- ACPICA: iASL: NHLT: Fix parsing undocumented bytes at the end
+ of Endpoint Descriptor (jsc#PED-1408).
+- ACPICA: iASL: NHLT: Treat Terminator as specific_config
+ (jsc#PED-1408).
+- ACPICA: Add the subtable CFMWS to the CEDT table (jsc#PED-1408).
+- ACPICA: Add support for the Windows 11 _OSI string
+ (jsc#PED-1408).
+- ACPI: utils: include UUID in _DSM evaluation warning
+ (jsc#PED-1408).
+- ACPI: Add perf low power callback (jsc#PED-1408).
+ Refresh
+ patches.suse/ACPI-acpi_pad-Do-not-launch-acpi_pad-threads-on-idle-cpus.patch.
+- commit 54d6015
+
+- ACPI: APEI: do not add task_work to kernel thread to avoid
+ memory leak (git-fixes).
+- lib/sg_pool: change module_init(sg_pool_init) to subsys_initcall
+ (git-fixes).
+- dt-bindings: crypto: ti,sa2ul: drop dma-coherent property
+ (git-fixes).
+- selftest: tpm2: Add Client.__del__() to close /dev/tpm* handle
+ (git-fixes).
+- crypto: cavium - prevent integer overflow loading firmware
+ (git-fixes).
+- crypto: marvell/octeontx - prevent integer overflows
+ (git-fixes).
+- crypto: inside-secure - Replace generic aes with libaes
+ (git-fixes).
+- Revert "crypto: qat - reduce size of mapped region" (git-fixes).
+- crypto: inside-secure - Change swab to swab32 (git-fixes).
+- crypto: ccp - Release dma channels before dmaengine unrgister
+ (git-fixes).
+- crypto: akcipher - default implementation for setting a private
+ key (git-fixes).
+- crypto: qat - fix default value of WDT timer (git-fixes).
+- crypto: hisilicon/zip - fix mismatch in get/set sgl_sge_nr
+ (git-fixes).
+- crypto: sahara - don't sleep when in softirq (git-fixes).
+- drm/amdgpu/display: change pipe policy for DCN 2.1 (git-fixes).
+- drm/i915: Reject unsupported TMDS rates on ICL+ (git-fixes).
+- drm/amdgpu/display: change pipe policy for DCN 2.0 (git-fixes).
+- drm/amd/display: Correct MPC split policy for DCN301
+ (git-fixes).
+- commit 353fbde
+
+- Update
+ patches.suse/mm-rmap-Fix-anon_vma-degree-ambiguity-leading-to-double-reuse.patch
+ (CVE-2022-42703, bsc#1204168, git-fixes, bsc#1203098).
+- commit fef8e31
+
+- mm/migrate.c: rework migration_entry_wait() to not take a
+ pageref (jsc#PED-1294).
+- commit 313eb0c
+
+- blacklist.conf: 30ea703a38ef x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype
+- commit fdb1f20
+
+- misc: sgi-gru: fix use-after-free error in
+ gru_set_context_option, gru_fault and gru_handle_user_call_os
+ (CVE-2022-3424 bsc#1204166).
+- commit bbc730f
+
+- wifi: mac80211: fix crash in beacon protection for P2P-device
+ (CVE-2022-42722 bsc#1204125).
+- commit 38da0b9
+
+- usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC
+ (git-fixes).
+- blacklist.conf: outside kABI fixes build fixes are important
+- Update config files.
+- commit 8852d4a
+
+- powerpc/kvm: Remove obsolete and unneeded select (git-fixes).
+- blacklist.conf: outside kABI freezes, build fixes are important
+- commit 329cacc
+
+- net: delete redundant function declaration (git-fixes).
+- blacklist.conf: broke kABI, applicable in SP5
+- commit b7a266b
+
+- habanalabs: select CRC32 (git-fixes).
+- blacklist.conf: outside kABI freezes build fixes are important
+- commit 33fa2e9
+
+- tracing: Fix smatch warning for do while check in
+ event_hist_trigger_parse() (git-fixes).
+- blacklist.conf: no longer unreasonable in SP5
+- commit 7c1653b
+
+- tracing: Tag trace_percpu_buffer as a percpu pointer
+ (git-fixes).
+- blacklist.conf: broke kABI in a hard to fix way, hence can be applied
+ in SP5
+- commit 36fd9f7
+
+- x86/Kconfig: Fix an unused variable error in dell-smm-hwmon
+ (git-fixes).
+- blacklist.conf: can be unblacklisted in SP5 and will make backporting
+ easier
+- commit 59cf2b3
+
+- wifi: mac80211: fix MBSSID parsing use-after-free
+ (CVE-2022-42719 bsc#1204051).
+- commit bab6e58
+
+- mac80211: fix memory leaks with element parsing (CVE-2022-42719
+ bsc#1204051).
+- commit f9a2be2
+
+- wifi: mac80211: refactor elements parsing with parameter struct
+ (CVE-2022-42719 bsc#1204051).
+- mac80211: always allocate struct ieee802_11_elems
+ (CVE-2022-42719 bsc#1204051).
+- mac80211: mlme: find auth challenge directly (CVE-2022-42719
+ bsc#1204051).
+- mac80211: move CRC into struct ieee802_11_elems (CVE-2022-42719
+ bsc#1204051).
+- commit b28a982
+
+- ipv4: Handle attempt to delete multipath route when fib_info
+ contains an nh reference (bsc#1204171 CVE-2022-3435).
+- commit 1b0c1c8
+
+- selftests: net: fix nexthop warning cleanup double ip typo
+ (bsc#1204171 CVE-2022-3435).
+- commit e3962a5
+
+- selftests: net: add delete nexthop route warning test
+ (bsc#1204171 CVE-2022-3435).
+- commit 85deab0
+
+- wifi: cfg80211: avoid nontransmitted BSS list corruption
+ (CVE-2022-42721 bsc#1204060).
+- wifi: cfg80211: fix BSS refcounting bugs (CVE-2022-42720
+ bsc#1204059).
+- commit 82311e4
+
+- net: ipv4: fix route with nexthop object delete warning
+ (bsc#1204171 CVE-2022-3435).
+- commit a94edc1
+
+- Update metadata references
+- commit 61773f9
+
+- powercap: RAPL: Add Power Limit4 support for Alder Lake-N and
+ Raptor Lake-P (jsc#PED-769).
+- powercap: intel_rapl: Add support for RAPTORLAKE_P
+ (jsc#PED-686).
+- powercap: intel_rapl: add support for ALDERLAKE_N (jsc#PED-695).
+- powercap: RAPL: Add Power Limit4 support for RaptorLake
+ (jsc#PED-769).
+- powercap: intel_rapl: add support for RaptorLake (jsc#PED-769).
+- powercap: intel_rapl: support new layout of Psys PowerLimit
+ Register on SPR (jsc#PED-648).
+- powercap: Add Power Limit4 support for Alder Lake SoC
+ (jsc#PED-769).
+- commit ee363a4
+
+- selftests/powerpc: Skip energy_scale_info test on older firmware
+ (git-fixes).
+- commit 1eff3d6
+
+- Revert "SUNRPC: Remove unreachable error condition" (git-fixes).
+- NFS: Fix another fsync() issue after a server reboot
+ (git-fixes).
+- NFSv4: Fixes for nfs4_inode_return_delegation() (git-fixes).
+- commit 80742b5
+
+- blacklist.conf: and unwanted md patches
+- commit 96bda12
+
+- scsi: stex: Properly zero out the passthrough command structure
+ (bsc#1203514 CVE-2022-40768).
+- commit f2b2e4a
+
+- ALSA: hda: Fix position reporting on Poulsbo (git-fixes).
+- ALSA: usb-audio: Fix potential memory leaks (git-fixes).
+- ALSA: usb-audio: Fix NULL dererence at error path (git-fixes).
+- commit 6c7f2c9
+
+- sbitmap: Avoid leaving waitqueue in invalid state in
+ __sbq_wake_up() (git-fixes).
+- commit 3c6ffc4
+
+- staging: vt6655: fix some erroneous memory clean-up loops
+ (git-fixes).
+- virt: vbox: convert to use dev_groups (git-fixes).
+- usb: mtu3: fix failed runtime suspend in host only mode
+ (git-fixes).
+- Revert "usb: storage: Add quirk for Samsung Fit flash"
+ (git-fixes).
+- usb: mon: make mmapped memory read only (git-fixes).
+- xhci: Don't show warning for reinit on known broken suspend
+ (git-fixes).
+- xhci: dbc: Fix memory leak in xhci_alloc_dbc() (git-fixes).
+- commit 4feb234
+
+- usb: gadget: function: fix dangling pnp_string in f_printer.c
+ (git-fixes).
+- USB: serial: console: move mutex_unlock() before
+ usb_serial_put() (git-fixes).
+- usb: common: debug: Check non-standard control requests
+ (git-fixes).
+- tty: serial: fsl_lpuart: disable dma rx/tx use flags in
+ lpuart_dma_shutdown (git-fixes).
+- tty: xilinx_uartps: Fix the ignore_status (git-fixes).
+- uas: ignore UAS for Thinkplus chips (git-fixes).
+- usb-storage: Add Hiksemi USB3-FW to IGNORE_UAS (git-fixes).
+- uas: add no-uas quirk for Hiksemi usb_disk (git-fixes).
+- thunderbolt: Explicitly reset plug events delay back to USB4
+ spec value (git-fixes).
+- commit d8ee195
+
+- soc: sunxi_sram: Make use of the helper function
+ devm_platform_ioremap_resource() (git-fixes).
+- Refresh
+ patches.suse/soc-sunxi-sram-Prevent-the-driver-from-being-unbound.patch.
+- commit a85e811
+
+- spmi: pmic-arb: correct duplicate APID to PPID mapping logic
+ (git-fixes).
+- spmi: pmic-arb: do not ack and clear peripheral interrupts in
+ cleanup_irq (git-fixes).
+- slimbus: qcom-ngd: cleanup in probe error path (git-fixes).
+- slimbus: qcom-ngd: use correct error in message of
+ pdr_add_lookup() failure (git-fixes).
+- soc: qcom: smem_state: Add refcounting for the 'state->of_node'
+ (git-fixes).
+- soc: qcom: smsm: Fix refcount leak bugs in qcom_smsm_probe()
+ (git-fixes).
+- soc: sunxi: sram: Fix probe function ordering issues
+ (git-fixes).
+- commit 3e1f43f
+
+- serial: 8250: Fix restoring termios speed after suspend
+ (git-fixes).
+- drivers: serial: jsm: fix some leaks in probe (git-fixes).
+- remoteproc: imx_rproc: Simplify some error message (git-fixes).
+- sbitmap: fix possible io hung due to lost wakeup (git-fixes).
+- platform/x86: msi-laptop: Fix resource cleanup (git-fixes).
+- platform/x86: msi-laptop: Fix old-ec check for backlight
+ registering (git-fixes).
+- commit a448666
+
+- misc: ocxl: fix possible refcount leak in afu_ioctl()
+ (git-fixes).
+- phy: qualcomm: call clk_disable_unprepare in the error handling
+ (git-fixes).
+- phy: amlogic: phy-meson-axg-mipi-pcie-analog: Hold reference
+ returned by of_get_parent() (git-fixes).
+- mtd: rawnand: atmel: Unmap streaming DMA mappings (git-fixes).
+- mtd: rawnand: meson: fix bit map use in meson_nfc_ecc_correct()
+ (git-fixes).
+- mtd: rawnand: fsl_elbc: Fix none ECC mode (git-fixes).
+- mtd: rawnand: intel: Don't re-define NAND_DATA_IFACE_CHECK_ONLY
+ (git-fixes).
+- mtd: rawnand: intel: Remove undocumented compatible string
+ (git-fixes).
+- mtd: rawnand: intel: Read the chip-select line from the correct
+ OF node (git-fixes).
+- mtd: devices: docg3: check the return value of devm_ioremap()
+ in the probe (git-fixes).
+- platform/x86: asus-wmi: Document the panel_od sysfs attribute
+ (git-fixes).
+- platform/x86: asus-wmi: Document the egpu_enable sysfs attribute
+ (git-fixes).
+- platform/x86: asus-wmi: Document the dgpu_disable sysfs
+ attribute (git-fixes).
+- platform/chrome: cros_ec_typec: Correct alt mode index
+ (git-fixes).
+- platform/chrome: fix memory corruption in ioctl (git-fixes).
+- platform/chrome: fix double-free in chromeos_laptop_prepare()
+ (git-fixes).
+- platform/chrome: cros_ec_proto: Update version on GET_NEXT_EVENT
+ failure (git-fixes).
+- mmc: wmt-sdmmc: Fix an error handling path in wmt_mci_probe()
+ (git-fixes).
+- mmc: au1xmmc: Fix an error handling path in au1xmmc_probe()
+ (git-fixes).
+- net: usb: qmi_wwan: Add new usb-id for Dell branded EM7455
+ (git-fixes).
+- commit b26b1a7
+
+- mailbox: bcm-ferxrm-mailbox: Fix error check for dma_map_sg
+ (git-fixes).
+- mailbox: mpfs: account for mbox offsets while sending
+ (git-fixes).
+- mailbox: mpfs: fix handling of the reg property (git-fixes).
+- mfd: sm501: Add check for platform_driver_register()
+ (git-fixes).
+- mfd: fsl-imx25: Fix check for platform_get_irq() errors
+ (git-fixes).
+- mfd: lp8788: Fix an error handling path in lp8788_irq_init()
+ and lp8788_irq_init() (git-fixes).
+- mfd: lp8788: Fix an error handling path in lp8788_probe()
+ (git-fixes).
+- mfd: fsl-imx25: Fix an error handling path in
+ mx25_tsadc_setup_irq() (git-fixes).
+- mfd: intel_soc_pmic: Fix an error handling path in
+ intel_soc_pmic_i2c_probe() (git-fixes).
+- media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
+ (git-fixes).
+- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (git-fixes).
+- media: uvcvideo: Fix memory leak in uvc_gpio_parse (git-fixes).
+- media: meson: vdec: add missing clk_disable_unprepare on error
+ in vdec_hevc_start() (git-fixes).
+- media: cedrus: Fix endless loop in cedrus_h265_skip_bits()
+ (git-fixes).
+- media: cedrus: Set the platform driver data earlier (git-fixes).
+- memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings()
+ (git-fixes).
+- memory: of: Fix refcount leak bug in of_get_ddr_timings()
+ (git-fixes).
+- memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()
+ (git-fixes).
+- media: v4l2-compat-ioctl32.c: zero buffer passed to
+ v4l2_compat_get_array_args() (git-fixes).
+- commit f4e8a30
+
+- iio: adc: ad7923: fix channel readings for some variants
+ (git-fixes).
+- iio: ltc2497: Fix reading conversion results (git-fixes).
+- iio: dac: ad5593r: Fix i2c read protocol requirements
+ (git-fixes).
+- iio: magnetometer: yas530: Change data type of hard_offsets
+ to signed (git-fixes).
+- iio: ABI: Fix wrong format of differential capacitance channel
+ ABI (git-fixes).
+- iio: inkern: fix return value in
+ devm_of_iio_channel_get_by_name() (git-fixes).
+- iio: inkern: only release the device node when done with it
+ (git-fixes).
+- iio: adc: at91-sama5d2_adc: disable/prepare buffer on
+ suspend/resume (git-fixes).
+- iio: adc: at91-sama5d2_adc: lock around oversampling and sample
+ freq (git-fixes).
+- iio: adc: at91-sama5d2_adc: check return status for pressure
+ and touch (git-fixes).
+- commit b02859c
+
+- firmware: google: Test spinlock on panic path to avoid lockups
+ (git-fixes).
+- iio: adc: at91-sama5d2_adc: fix AT91_SAMA5D2_MR_TRACKTIM_MAX
+ (git-fixes).
+- fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
+ (git-fixes).
+- dt-bindings: phy: qcom,qmp-usb3-dp: fix bogus clock-cells
+ property (git-fixes).
+- dt-bindings: phy: qcom,qmp: fix bogus clock-cells property
+ (git-fixes).
+- dt-bindings: mtd: intel: lgm-nand: Fix maximum chip select value
+ (git-fixes).
+- dt-bindings: mtd: intel: lgm-nand: Fix compatible string
+ (git-fixes).
+- HSI: omap_ssi_port: Fix dma_map_sg error check (git-fixes).
+- HSI: omap_ssi: Fix refcount leak in ssi_probe (git-fixes).
+- HID: multitouch: Add memory barriers (git-fixes).
+- hid: hid-logitech-hidpp: avoid unnecessary assignments in
+ hidpp_connect_event (git-fixes).
+- drm/omap: dss: Fix refcount leak bugs (git-fixes).
+- drm/msm/dp: correct 1.62G link rate at
+ dp_catalog_ctrl_config_msa() (git-fixes).
+- drm/msm/dp: Silence inconsistent indent warning (git-fixes).
+- drm/msm/dpu: Fix comment typo (git-fixes).
+- drm/msm/dpu: index dpu_kms->hw_vbif using vbif_idx (git-fixes).
+- dt-bindings: display/msm: dpu-sdm845: add missing DPU opp-table
+ (git-fixes).
+- dt-bindings: display/msm: dpu-sc7180: add missing DPU opp-table
+ (git-fixes).
+- commit 71c6639
+
+- drm/scheduler: quieten kernel-doc warnings (git-fixes).
+- commit 95b96ec
+
+- drm/amdgpu: add missing pci_disable_device() in
+ amdgpu_pmops_runtime_resume() (git-fixes).
+- drm/bridge: megachips: Fix a null pointer dereference bug
+ (git-fixes).
+- drm: fix drm_mipi_dbi build errors (git-fixes).
+- drm/msm: Make .remove and .shutdown HW shutdown consistent
+ (git-fixes).
+- drm:pl111: Add of_node_put() when breaking out of
+ for_each_available_child_of_node() (git-fixes).
+- drm/bridge: parade-ps8640: Fix regulator supply order
+ (git-fixes).
+- drm/virtio: Unlock reservations on
+ virtio_gpu_object_shmem_init() error (git-fixes).
+- drm/mipi-dsi: Detach devices when removing the host (git-fixes).
+- commit f6c9019
+
+- clk: bcm2835: fix bcm2835_clock_rate_from_divisor declaration
+ (git-fixes).
+- clk: baikal-t1: Add SATA internal ref clock buffer (git-fixes).
+- dmaengine: ioat: stop mod_timer from resurrecting deleted
+ timer in __cleanup() (git-fixes).
+- dmaengine: mxs: use platform_driver_register (git-fixes).
+- dmaengine: hisilicon: Add multi-thread support for a DMA channel
+ (git-fixes).
+- dmaengine: hisilicon: Fix CQ head update (git-fixes).
+- dmaengine: hisilicon: Disable channels when unregister hisi_dma
+ (git-fixes).
+- drm/bridge: Avoid uninitialized variable warning (git-fixes).
+- drm/nouveau: fix a use-after-free in
+ nouveau_gem_prime_import_sg_table() (git-fixes).
+- drm: bridge: adv7511: fix CEC power down control register offset
+ (git-fixes).
+- commit 89292ab
+
+- clk: baikal-t1: Add shared xGMAC ref/ptp clocks internal parent
+ (git-fixes).
+- clk: baikal-t1: Fix invalid xGMAC PTP clock divider (git-fixes).
+- clk: vc5: Fix 5P49V6901 outputs disabling when enabling FOD
+ (git-fixes).
+- clk: imx: scu: fix memleak on platform_device_add() fails
+ (git-fixes).
+- clk: qcom: apss-ipq6018: mark apcs_alias0_core_clk as critical
+ (git-fixes).
+- clk: qcom: gcc-msm8916: use ARRAY_SIZE instead of specifying
+ num_parents (git-fixes).
+- clk: ast2600: BCLK comes from EPLL (git-fixes).
+- clk: mediatek: mt8183: mfgcfg: Propagate rate changes to parent
+ (git-fixes).
+- clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe
+ (git-fixes).
+- commit c248e05
+
+- clk: tegra20: Fix refcount leak in tegra20_clock_init
+ (git-fixes).
+- clk: tegra: Fix refcount leak in tegra114_clock_init
+ (git-fixes).
+- clk: tegra: Fix refcount leak in tegra210_clock_init
+ (git-fixes).
+- clk: sprd: Hold reference returned by of_get_parent()
+ (git-fixes).
+- clk: berlin: Add of_node_put() for of_get_parent() (git-fixes).
+- clk: qoriq: Hold reference returned by of_get_parent()
+ (git-fixes).
+- clk: oxnas: Hold reference returned by of_get_parent()
+ (git-fixes).
+- clk: meson: Hold reference returned by of_get_parent()
+ (git-fixes).
+- ata: fix ata_id_has_dipm() (git-fixes).
+- ata: fix ata_id_has_ncq_autosense() (git-fixes).
+- ata: fix ata_id_has_devslp() (git-fixes).
+- ata: fix ata_id_sense_reporting_enabled() and
+ ata_id_has_sense_reporting() (git-fixes).
+- ASoC: mt6660: Fix PM disable depth imbalance in mt6660_i2c_probe
+ (git-fixes).
+- ASoC: wm5102: Fix PM disable depth imbalance in wm5102_probe
+ (git-fixes).
+- ASoC: wm5110: Fix PM disable depth imbalance in wm5110_probe
+ (git-fixes).
+- ASoC: wm8997: Fix PM disable depth imbalance in wm8997_probe
+ (git-fixes).
+- ASoC: codecs: tx-macro: fix kcontrol put (git-fixes).
+- ASoC: da7219: Fix an error handling path in
+ da7219_register_dai_clks() (git-fixes).
+- ASoC: eureka-tlv320: Hold reference returned from of_find_xxx
+ API (git-fixes).
+- ASoC: wm_adsp: Handle optional legacy support (git-fixes).
+- commit 8f6277f
+
+- Move upstreamed DRM, NVMe and sound patches into sorted section
+- commit 48ff6f0
+
+- arm64: ftrace: fix module PLTs with mcount (git-fixes).
+- ARM: Drop CMDLINE_* dependency on ATAGS (git-fixes).
+- ARM: dts: exynos: fix polarity of VBUS GPIO of Origen
+ (git-fixes).
+- ARM: dts: exynos: correct s5k6a3 reset polarity on Midas family
+ (git-fixes).
+- ARM: dts: turris-omnia: Add label for wan port (git-fixes).
+- ARM: dts: armada-38x: Add gpio-ranges for pin muxing
+ (git-fixes).
+- ARM: dts: kirkwood: lsxl: remove first ethernet port
+ (git-fixes).
+- ARM: dts: kirkwood: lsxl: fix serial line (git-fixes).
+- ARM: dts: turris-omnia: Fix mpp26 pin name and comment
+ (git-fixes).
+- arm64: dts: qcom: sc7280: Cleanup the lpasscc node (git-fixes).
+- arm64: dts: ti: k3-j7200: fix main pinmux range (git-fixes).
+- ARM: dts: imx6qdl-kontron-samx6i: hook up DDC i2c bus
+ (git-fixes).
+- ARM: defconfig: drop CONFIG_USB_FSL_USB2 (git-fixes).
+- ARM: defconfig: drop CONFIG_PTP_1588_CLOCK=y (git-fixes).
+- ARM: defconfig: drop CONFIG_SERIAL_OMAP references (git-fixes).
+- ARM: defconfig: clean up multi_v4t and multi_v5 configs
+ (git-fixes).
+- ASoC: rsnd: Add check for rsnd_mod_power_on (git-fixes).
+- ASoC: tas2764: Fix mute/unmute (git-fixes).
+- ASoC: tas2764: Drop conflicting set_bias_level power setting
+ (git-fixes).
+- ASoC: tas2764: Allow mono streams (git-fixes).
+- ASoC: fsl_sai: Remove unnecessary FIFO reset in ISR (git-fixes).
+- ASoC: mt6359: fix tests for platform_get_irq() failure
+ (git-fixes).
+- ALSA: hda/hdmi: Don't skip notification handling during PM
+ operation (git-fixes).
+- ALSA: dmaengine: increment buffer pointer atomically
+ (git-fixes).
+- ALSA: asihpi - Remove useless code in hpi_meter_get_peak()
+ (git-fixes).
+- ASoC: wcd934x: fix order of Slimbus unprepare/disable
+ (git-fixes).
+- ASoC: wcd9335: fix order of Slimbus unprepare/disable
+ (git-fixes).
+- ARM: dts: integrator: Tag PCI host with device_type (git-fixes).
+- commit 5a02ba2
+
+- i40e: Fix dropped jumbo frames statistics (git-fixes).
+- commit b407b7d
+
+- net: bonding: fix use-after-free after 802.3ad slave unbind
+ (git-fixes).
+- commit 05b9579
+
+- net: bonding: fix possible NULL deref in rlb code (git-fixes).
+- commit 8542934
+
+- net: dp83822: disable rx error interrupt (git-fixes).
+- commit f74888c
+
+- net: dp83822: disable false carrier interrupt (git-fixes).
+- commit ba1cc16
+
+- net: dsa: bcm_sf2: force pause link settings (git-fixes).
+- commit 5258d4a
+
+- net/dsa/hirschmann: Add missing of_node_get() in
+ hellcreek_led_setup() (git-fixes).
+- commit 29e4721
+
+- ice: Fix switchdev rules book keeping (git-fixes).
+- commit 5c21799
+
+- igb: Make DMA faster when CPU is active on the PCIe link
+ (git-fixes).
+- commit db90cd9
+
+- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers
+ (git-fixes).
+- commit da7ba2e
+
+- igb: fix a use-after-free issue in igb_clean_tx_ring
+ (git-fixes).
+- commit 12acd2f
+
+- net: bgmac: Fix an erroneous kfree() in bgmac_remove()
+ (git-fixes).
+- commit 547f6a9
+
+- mlxsw: spectrum_cnt: Reorder counter pools (git-fixes).
+- commit f2c7808
+
+- net: hns3: don't push link state to VF if unalive (git-fixes).
+- commit 7f6680c
+
+- net: hns3: set port base vlan tbl_sta to false before removing
+ old vlan (git-fixes).
+- commit 8c8d58b
+
+- i40e: Fix call trace in setup_tx_descriptors (git-fixes).
+- commit 7d70f11
+
+- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (git-fixes).
+- commit 6a72a8e
+
+- ixgbe: fix bcast packets Rx on VF after promisc removal
+ (git-fixes).
+- commit ddb5b75
+
+- net: dsa: mv88e6xxx: use BMSR_ANEGCOMPLETE bit for filling
+ an_complete (git-fixes).
+- commit b8286fc
+
+- net: altera: Fix refcount leak in altera_tse_mdio_create
+ (git-fixes).
+- commit e80ff1b
+
+- net/mlx4_en: Fix wrong return value on ioctl EEPROM query
+ failure (git-fixes).
+- commit a76859c
+
+- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list
+ (git-fixes).
+- commit 04259d9
+
+- stmmac: intel: Fix an error handling path in
+ intel_eth_pci_probe() (git-fixes).
+- commit fed21d9
+
+- net: ethernet: bgmac: Fix refcount leak in
+ bcma_mdio_mii_register (git-fixes).
+- commit 2227ee5
+
+- net: bgmac: support MDIO described in DT (git-fixes).
+- commit bf1f5f9
+
+- mm/migrate.c: remove MIGRATE_PFN_LOCKED (jsc#PED-1294).
+- commit 53d0a98
+
+- mm: refactor the ZONE_DEVICE handling in migrate_vma_pages
+ (jsc#PED-1294).
+- commit 5ff0982
+
+- mm: refactor the ZONE_DEVICE handling in migrate_vma_insert_page
+ (jsc#PED-1294).
+- commit c27db83
+
+- mm: refactor check_and_migrate_movable_pages (jsc#PED-1294).
+- commit a588dc0
+
+- mm: generalize the pgmap based page_free infrastructure
+ (jsc#PED-1294).
+- commit 2037cd5
+
+- fsdax: depend on ZONE_DEVICE || FS_DAX_LIMITED (jsc#PED-1294).
+- commit 00cc65d
+
+- mm: remove the extra ZONE_DEVICE struct page refcount
+ (jsc#PED-1294).
+- commit 0cba7f0
+
+- memremap: remove support for external pgmap refcounts
+ (jsc#PED-1294).
+- commit 2a29910
+
+- nvdimm/pmem: stop using q_usage_count as external pgmap refcount
+ (jsc#PED-1294).
+- commit fa7e3a6
+
+- mm/memremap: add ZONE_DEVICE support for compound pages
+ (jsc#PED-1294).
+- commit fabe0fa
+
+- mm/page_alloc: refactor memmap_init_zone_device() page init
+ (jsc#PED-1294).
+- commit f04239b
+
+- mm/page_alloc: split prep_compound_page into head and tail
+ subparts (jsc#PED-1294).
+- commit a82c6bd
+
+- drm/nouveau: wait for the exclusive fence after the shared ones v2 (bsc#1152472)
+ Backporting notes:
+ * context changes
+- commit 0261ec2
+
+- drm/amd/display: Changed pipe split policy to allow for multi-display (bsc#1152472)
+ Backporting notes:
+ * remove changes to non-existing 201 and 31 directories
+- commit e6a9bdd
+
+- drm/amdgpu/gfx9: switch to golden tsc registers for renoir+ (bsc#1152472)
+ Backporting notes:
+ * replace IP_VERSION() with CHIP_ constants
+- commit d27747b
+
+- blacklist.conf: Append 'drm/bridge: Add stubs for devm_drm_of_get_bridge when OF is disabled'
+- commit e1d0d55
+
+- blacklist.conf: Append 'drm/amd/display: Fix wrong format specifier in amdgpu_dm.c'
+- commit debed4c
+
+- blacklist.conf: Append 'drm/amdgpu: Fix resource leak on probe error path'
+- commit 116f3cc
+
+- drm/amdgpu/gfx10: add wraparound gpu counter check for APUs as well (bsc#1152472)
+ Backporting notes:
+ * also fix default branch
+- commit 0bf8eb3
+
+- drm/i915/hdmi: convert intel_hdmi_to_dev to intel_hdmi_to_i915 (bsc#1152489)
+ Backporting notes:
+ * update additional patch on top
+- commit 1550ef2
+
+- Update
+ patches.suse/ACPI-processor-idle-Practically-limit-Dummy-wait-wor.patch
+ (bsc#1203767,bsc#1203802).
+- commit c6ebacb
+
+- Update
+ patches.suse/x86-cpu-Add-new-Alderlake-and-Raptorlake-CPU-model-n.patch
+ (jsc#PED-743 jsc#PED-740).
+ Add a reference.
+- commit 1883c41
+
+- mm: don't include <linux/memremap.h> in <linux/mm.h>
+ (jsc#PED-1294).
+- commit b73066e
+
+- mm: simplify freeing of devmap managed pages (jsc#PED-1294).
+- commit e54adcf
+
+- mm: move free_devmap_managed_page to memremap.c (jsc#PED-1294).
+- commit e5afda3
+
+- nvme: ensure subsystem reset is single threaded (bsc#1203290
+ CVE-2022-3169).
+- commit f73d666
+
+- mm: remove pointless includes from <linux/hmm.h> (jsc#PED-1294).
+- commit 5917f7a
+
+- mm: remove the __KERNEL__ guard from <linux/mm.h>
+ (jsc#PED-1294).
+- commit 1864b4d
+
+- mm: remove a pointless CONFIG_ZONE_DEVICE check in
+ memremap_pages (jsc#PED-1294).
+- commit b4b9519
+
+- nvme: restrict management ioctls to admin (bsc#1203290
+ CVE-2022-3169).
+- commit c28a770
+
+- net/mlx5e: Update netdev features after changing XDP state
+ (git-fixes).
+- commit 5d7478c
+
+- net/mlx5e: Disable softirq in mlx5e_activate_rq to avoid race
+ condition (git-fixes).
+- commit 92e1426
+
+- hinic: Avoid some over memory allocation (git-fixes).
+- commit 41f381d
+
+- net: huawei: hinic: Use devm_kcalloc() instead of devm_kzalloc()
+ (git-fixes).
+- commit b92d6d0
+
+- net: chelsio: cxgb4: Avoid potential negative array offset
+ (git-fixes).
+- commit 4cc759d
+
+- net/mlx5e: TC, fix decap fallback to uplink when int port not
+ supported (git-fixes).
+- commit 35c9b8d
+
+- net: dsa: ksz9477: port mirror sniffing limited to one port
+ (git-fixes).
+- commit 9996ff6
+
+- nvme: don't print verbose errors for internal passthrough
+ requests (bsc#1202187).
+- commit eaa4989
+
+- blacklist.conf: update the list
+- commit 78eff9b
+
+- s390/smp: enforce lowcore protection on CPU restart (git-fixes).
+- KVM: s390: pv: don't present the ecall interrupt twice
+ (bsc#1203229 LTC#199905).
+- commit aed7a32
+
+- x86: Expose init_freq_invariance() to topology header
+ (jsc#PED-1408).
+- commit c0d8e97
+
+- ACPI: AGDI: Fix missing prototype warning for acpi_agdi_init()
+ (jsc#PED-1408).
+- ACPI, APEI: Use the correct variable for sizeof()
+ (jsc#PED-1408).
+- ACPI: tables: Make LAPIC_ADDR_OVR address readable in message
+ (jsc#PED-1408).
+- ACPI: IPMI: replace usage of found with dedicated list iterator
+ variable (jsc#PED-1408).
+- ACPI: CPPC: Change default error code and clean up debug
+ messages in probe (jsc#PED-1408).
+ Refresh
+ patches.suse/ACPI-CPPC-Only-probe-for-_CPC-if-CPPC-v2-is-acked.patch.
+ patches.suse/ACPI-CPPC-Do-not-prevent-CPPC-from-working-in-the-fu.patch.
+- ACPI / x86: Add support for LPS0 callback handler
+ (jsc#PED-1408).
+- Input: soc_button_array - add support for Microsoft Surface 3
+ (MSHW0028) buttons (jsc#PED-1408).
+- PM: hibernate: Honour ACPI hardware signature by default for
+ virtual guests (jsc#PED-1408).
+- ACPI: AGDI: Add driver for Arm Generic Diagnostic Dump and
+ Reset device (jsc#PED-1408).
+ Update config files.
+- ACPI: APEI: rename ghes_init() with an "acpi_" prefix
+ (jsc#PED-1408).
+ Refresh patches.suse/ACPI-VIOT-Fix-ACS-setup.patch.
+- ACPI: LPSS: Provide an SSP type to the driver (jsc#PED-1408).
+- ACPI: LPSS: Constify properties member in struct
+ lpss_device_desc (jsc#PED-1408).
+- ACPI: platform: Constify properties parameter in
+ acpi_create_platform_device() (jsc#PED-1408).
+- ACPI: fan: Add additional attributes for fine grain control
+ (jsc#PED-1408).
+- ACPI: fan: Properly handle fine grain control (jsc#PED-1408).
+- ACPI: fan: Optimize struct acpi_fan_fif (jsc#PED-1408).
+- ACPI: fan: Separate file for attributes creation (jsc#PED-1408).
+- ACPI: fan: Fix error reporting to user space (jsc#PED-1408).
+- x86, ACPI: rename init_freq_invariance_cppc() to
+ arch_init_invariance_cppc() (jsc#PED-1408).
+- ACPI: EC: Rearrange code in acpi_ec_submit_event()
+ (jsc#PED-1408).
+- ACPI: EC: Reduce indentation level in acpi_ec_submit_event()
+ (jsc#PED-1408).
+- ACPI: EC: Do not return result from advance_transaction()
+ (jsc#PED-1408).
+- x86/ACPI: CPPC: Move init_freq_invariance_cppc() into x86 CPPC
+ (jsc#PED-1408).
+- x86/ACPI: CPPC: Move AMD maximum frequency ratio setting
+ function into x86 CPPC (jsc#PED-1408).
+- x86/ACPI: CPPC: Rename cppc_msr.c to cppc.c (jsc#PED-1408).
+- ACPI / x86: Add skip i2c clients quirk for Lenovo Yoga Tablet
+ 1050F/L (jsc#PED-1408).
+- ACPI / x86: Add skip i2c clients quirk for Nextbook Ares 8
+ (jsc#PED-1408).
+- ACPI: clean up double words in two comments (jsc#PED-1408).
+- ACPI: property: Get rid of redundant 'else' (jsc#PED-1408).
+- ACPI: EC / PM: Print additional debug message in
+ acpi_ec_dispatch_gpe() (jsc#PED-1408).
+- ACPI: PM: Print additional debug message in acpi_s2idle_wake()
+ (jsc#PED-1408).
+- ACPI: tables: Add AGDI to the list of known table signatures
+ (jsc#PED-1408).
+- ACPI: tables: Add CEDT signature to the list of known tables
+ (jsc#PED-1408).
+- ACPI: bus: Introduce acpi_bus_for_each_dev() (jsc#PED-1408).
+- ACPI: OSL: Fix and clean up acpi_os_read/write_port()
+ (jsc#PED-1408).
+- ACPICA: Use uintptr_t and offsetof() in Linux kernel builds
+ (jsc#PED-1408).
+- ACPI: scan: Use ida_alloc() instead of ida_simple_get()
+ (jsc#PED-1408).
+- commit 2486d41
+
+- media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment.
+- commit 20a025b
+
+- Clean up kernel-config settings via run_oldconfig.sh
+ Invoke run_oldconfig.sh to clean the kernel-config settings from
+ unset symbols. Otherwise these settings interfere with actual config
+ changes.
+- commit 8a799ae
+
+- blacklist.conf: not relevant in our configurations
+- commit 586058b
+
+- media: imx-jpeg: Disable slot interrupt when frame done
+ (git-fixes).
+- commit 36d622f
+
+- media: imx-jpeg: Refactor function mxc_jpeg_parse (git-fixes).
+- commit e2ddfcf
+
+- media: imx-jpeg: Fix potential array out of bounds in
+ queue_setup (git-fixes).
+- commit 8041860
+
+- media: imx-jpeg: Add pm-sleep support for imx-jpeg (git-fixes).
+- commit d514aa5
+
+- x86/ibt,ftrace: Make function-graph play nice (bsc#1203969).
+- commit c020446
+
+- media: imx-jpeg: Leave a blank space before the configuration
+ data (git-fixes).
+- commit a2d45c7
+
+- blacklist.conf: Append 'sysfb: Enable boot time VESA graphic mode selection'
+- commit b93ba64
+
+- media: imx-jpeg: Correct some definition according specification
+ (git-fixes).
+- commit bdf4126
+
+- blacklist.conf: not relevant in our configurations
+- commit 8171bfe
+
+- media: vsp1: Fix offset calculation for plane cropping.
+- commit dc309b5
+
+- media: exynos4-is: Change clk_disable to clk_disable_unprepare
+ (git-fixes).
+- commit 332ca3f
+
+- media: st-delta: Fix PM disable depth imbalance in delta_probe
+ (git-fixes).
+- commit 30518b0
+
+- media: exynos4-is: Fix PM disable depth imbalance in
+ fimc_is_probe (git-fixes).
+- commit f62e31e
+
+- media: aspeed: Fix an error handling path in
+ aspeed_video_probe() (git-fixes).
+- commit c014d5c
+
+- media: coda: Add more H264 levels for CODA960 (git-fixes).
+- commit 75d6462
+
+- media: coda: Fix reported H264 profile (git-fixes).
+- commit 1533555
+
+- Revert "constraints: increase disk space for all architectures"
+ (bsc#1203693).
+ This reverts commit 43a9011f904bc7328d38dc340f5e71aecb6b19ca.
+- commit 3d33373
+
+- blacklist.conf: Append 'fbdev: Hot-unplug firmware fb devices on forced removal'
+- commit 0b6410b
+
+- blacklist.conf: Append 'Revert "fbdev: fbmem: add a helper to determine if an aperture is used by a fw fb"'
+- commit b1ae504
+
+- spi: s3c64xx: Fix large transfers with DMA (git-fixes).
+- vhost/vsock: Use kvmalloc/kvfree for larger packets (git-fixes).
+- wifi: rtl8xxxu: Improve rtl8xxxu_queue_select (git-fixes).
+- wifi: rtl8xxxu: Fix AIFS written to REG_EDCA_*_PARAM
+ (git-fixes).
+- wifi: ath11k: fix number of VHT beamformee spatial streams
+ (git-fixes).
+- wifi: mt76: mt7915: do not check state before configuring
+ implicit beamform (git-fixes).
+- wifi: mt76: mt7615: add mt7615_mutex_acquire/release in
+ mt7615_sta_set_decap_offload (git-fixes).
+- wifi: mt76: sdio: fix transmitting packet hangs (git-fixes).
+- wifi: rtl8xxxu: Remove copy-paste leftover in
+ gen2_update_rate_mask (git-fixes).
+- wifi: rtl8xxxu: gen2: Fix mistake in path B IQ calibration
+ (git-fixes).
+- wifi: rtl8xxxu: Fix skb misuse in TX queue selection
+ (git-fixes).
+- wifi: rtw88: add missing destroy_workqueue() on error path in
+ rtw_core_init() (git-fixes).
+- wifi: rtl8xxxu: tighten bounds checking in rtl8xxxu_read_efuse()
+ (git-fixes).
+- wifi: ath10k: add peer map clean up for peer delete in
+ ath10k_sta_state() (git-fixes).
+- wifi: mac80211: allow bw change during channel switch in mesh
+ (git-fixes).
+- wifi: rtlwifi: 8192de: correct checking of IQK reload
+ (git-fixes).
+- commit 3bb5d97
+
+- spi/omap100k:Fix PM disable depth imbalance in
+ omap1_spi100k_probe (git-fixes).
+- spi: dw: Fix PM disable depth imbalance in dw_spi_bt1_probe
+ (git-fixes).
+- spi: meson-spicc: do not rely on busy flag in pow2 clk ops
+ (git-fixes).
+- spi: qup: add missing clk_disable_unprepare on error in
+ spi_qup_pm_resume_runtime() (git-fixes).
+- spi: qup: add missing clk_disable_unprepare on error in
+ spi_qup_resume() (git-fixes).
+- spi: mt7621: Fix an error message in mt7621_spi_probe()
+ (git-fixes).
+- regulator: qcom_rpm: Fix circular deferral regression
+ (git-fixes).
+- net: wwan: iosm: Call mutex_init before locking it (git-fixes).
+- mwifiex: fix sleep in atomic context bugs caused by
+ dev_coredumpv (git-fixes).
+- net: thunderbolt: Enable DMA paths only after rings are enabled
+ (git-fixes).
+- commit e714654
+
+- hwmon: (pmbus/mp2888) Fix sensors readouts for MPS Multi-phase
+ mp2888 controller (git-fixes).
+- hwmon: (gsc-hwmon) Call of_node_get() before of_find_xxx API
+ (git-fixes).
+- i2c: mlxbf: support lock mechanism (git-fixes).
+- mISDN: fix use-after-free bugs in l1oip timer handlers
+ (git-fixes).
+- eth: alx: take rtnl_lock on resume (git-fixes).
+- Bluetooth: hci_core: Fix not handling link timeouts propertly
+ (git-fixes).
+- Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem()
+ failure (git-fixes).
+- Bluetooth: btusb: mediatek: fix WMT failure during runtime
+ suspend (git-fixes).
+- can: rx-offload: can_rx_offload_init_queue(): fix typo
+ (git-fixes).
+- commit ac7ee01
+
+- blacklist.conf: df5b035b5683 x86/cacheinfo: Add a cpu_llc_shared_mask() UP variant
+- commit bc73e4e
+
+- blacklist.conf: 00da0cb385d0 Documentation/ABI: Mention retbleed vulnerability info file for sysfs
+- commit 4726e8f
+
+- Drop the ACPI patch temporarily as it causes a regression (bsc#1203794)
+ Delete patches.suse/ACPI-resource-skip-IRQ-override-on-AMD-Zen-platforms.patch
+- commit 8842ef4
+
+- fbcon: Fix accelerated fbdev scrolling while logo is still shown (bsc#1152472)
+- commit 7656242
+
+- parisc/stifb: Fix fb_is_primary_device() only available with (bsc#1152489)
+- commit dee3343
+
+- parisc/stifb: Keep track of hardware path of graphics card (bsc#1152489)
+- commit daa8575
+
+- parisc/stifb: Implement fb_is_primary_device() (bsc#1152489)
+- commit f86cf76
+
+- fbcon: Add option to enable legacy hardware acceleration (bsc#1152472)
+ Backporting changes:
+ * context fixes in other patch
+ * update config
+- commit 68203bf
+
+- parisc/sticon: fix reverse colors (bsc#1152489)
+- commit f94c66b
+
+- char: pcmcia: synclink_cs: Fix use-after-free in mgslpc_ops
+ (CVE-2022-41848 bsc#1203987).
+- commit a144c48
+
+- fbdev: smscufx: Fix use-after-free in ufx_ops_open()
+ (CVE-2022-41849 bsc#1203992).
+- commit db3bfe7
+
+- net: mana: Add rmb after checking owner bits (git-fixes).
+- commit 85bfc78
+
+- Makefile.debug: re-enable debug info for .S files (git-fixes).
+- commit 50458f2
+
+- powerpc/pseries/vas: Pass hw_cpu_id to node associativity HCALL
+ (bsc#1194869).
+- commit 48283d1
+
+- usb: dwc3: gadget: Don't modify GEVNTCOUNT in pullup()
+ (git-fixes).
+- Refresh
+ patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch.
+- commit 0719451
+
+- usb: typec: ucsi: Remove incorrect warning (git-fixes).
+- media: rkvdec: Disable H.264 error detection (git-fixes).
+- media: dvb_vb2: fix possible out of bound access (git-fixes).
+- ASoC: cs42l42: Only report button state if there was a button
+ interrupt (git-fixes).
+- commit 06be809
+
+- net: mana: Add support of XDP_REDIRECT action (bug#1201310, jsc#PED-529).
+- commit 209f0a1
+
+- Add cherry-picked commit id for an AMDGPU patch (git-fixes)
+- commit 505fbbc
+
+- usb: dwc3: gadget: Refactor pullup() (git-fixes).
+- commit f481a77
+
+- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
+ (git-fixes).
+- Refresh
+ patches.suse/usb-dwc3-gadget-Avoid-duplicate-requests-to-enable-R.patch.
+- Refresh
+ patches.suse/usb-dwc3-gadget-Prevent-repeat-pullup.patch.
+- commit 6d90a05
+
+- wifi: mac80211: fix regression with non-QoS drivers (git-fixes).
+- selftests: Fix the if conditions of in test_extra_filter()
+ (git-fixes).
+- net: phy: Don't WARN for PHY_UP state in mdio_bus_phy_resume()
+ (git-fixes).
+- usbnet: Fix memory leak in usbnet_disconnect() (git-fixes).
+- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
+- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
+- soc: sunxi: sram: Prevent the driver from being unbound
+ (git-fixes).
+- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
+- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx
+ accounting (git-fixes).
+- serial: tegra: Use uart_xmit_advance(), fixes icount.tx
+ accounting (git-fixes).
+- serial: Create uart_xmit_advance() (git-fixes).
+- USB: serial: option: add Quectel RM520N (git-fixes).
+- USB: serial: option: add Quectel BG95 0x0203 composition
+ (git-fixes).
+- thunderbolt: Add support for Intel Maple Ridge single port
+ controller (git-fixes).
+- Revert "usb: add quirks for Lenovo OneLink+ Dock" (git-fixes).
+- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
+- commit ce89825
+
+- gpio: mvebu: Fix check for pwm support on non-A8K platforms
+ (git-fixes).
+- Input: snvs_pwrkey - fix SNVS_HPVIDR1 register address
+ (git-fixes).
+- Input: iqs62x-keys - drop unused device node references
+ (git-fixes).
+- Input: melfas_mip4 - fix return value check in mip4_probe()
+ (git-fixes).
+- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
+ (git-fixes).
+- mmc: hsq: Fix data stomping during mmc recovery (git-fixes).
+- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width
+ (git-fixes).
+- commit 02160f0
+
+- drm/i915/gt: Restrict forced preemption to the active context
+ (git-fixes).
+- Revert "drm: bridge: analogix/dp: add panel prepare/unprepare
+ in suspend/resume time" (git-fixes).
+- drm/bridge: lt8912b: fix corrupted image output (git-fixes).
+- drm/bridge: lt8912b: set hdmi or dvi mode (git-fixes).
+- drm/bridge: lt8912b: add vsync hsync (git-fixes).
+- Revert "firmware: arm_scmi: Add clock management to the SCMI
+ power domain" (git-fixes).
+- drm/amdgpu: don't register a dirty callback for non-atomic
+ (git-fixes).
+- firmware: arm_scmi: Fix the asynchronous reset requests
+ (git-fixes).
+- firmware: arm_scmi: Harden accesses to the reset domains
+ (git-fixes).
+- commit 509f7ae
+
+- clk: iproc: Do not rely on node name for correct PLL setup
+ (git-fixes).
+- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI
+ clocks (git-fixes).
+- clk: ingenic-tcu: Properly enable registers before accessing
+ timers (git-fixes).
+- arm64: dts: qcom: sm8350: fix UFS PHY serdes size (git-fixes).
+- ARM: dts: am33xx: Fix MMCHS0 dma properties (git-fixes).
+- ASoC: tas2770: Reinit regcache on reset (git-fixes).
+- ASoC: imx-card: Fix refcount issue with of_node_put (git-fixes).
+- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid
+ (git-fixes).
+- drm/gma500: Fix BUG: sleeping function called from invalid
+ context errors (git-fixes).
+- drm/amdgpu: make sure to init common IP before gmc (git-fixes).
+- drm/amd/display: Mark dml30's UseMinimumDCFCLK() as noinline
+ for stack usage (git-fixes).
+- drm/amd/display: Reduce number of arguments of dml31's
+ CalculateFlipSchedule() (git-fixes).
+- drm/amd/display: Reduce number of arguments of dml31's
+ CalculateWatermarksAndDRAMSpeedChangeSupport() (git-fixes).
+- drm/amd/display: Limit user regamma to a valid value
+ (git-fixes).
+- drm/amdgpu: use dirty framebuffer helper (git-fixes).
+- drm/amd/pm: disable BACO entry/exit completely on several
+ sienna cichlid cards (git-fixes).
+- drm/amd/amdgpu: fixing read wrong pf2vf data in SRIOV
+ (git-fixes).
+- drm/amdgpu: Separate vf2pf work item init from virt data
+ exchange (git-fixes).
+- commit 931f4f4
+
+- Add blacklist and alt-commit for ASoC cs35l41 patches (bsc#1203699)
+- commit b1bfeae
+
+- net: mana: Add the Linux MANA PF driver (bug#1201309, jsc#PED-529).
+- commit 6f3c833
+
+- scsi: smartpqi: Add module param to disable managed ints
+ (bsc#1203893).
+- commit e1af9a1
+
+- scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).
+- scsi: lpfc: Fix various issues reported by tools (bsc#1203939).
+- scsi: lpfc: Add reporting capability for Link Degrade Signaling
+ (bsc#1203939).
+- scsi: lpfc: Rework FDMI attribute registration for unintential
+ padding (bsc#1203939).
+- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and
+ consistency (bsc#1203939).
+- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd
+ (bsc#1203939).
+- scsi: lpfc: Update congestion mode logging for Emulex SAN
+ Manager application (bsc#1203939).
+- scsi: lpfc: Move scsi_host_template outside dynamically
+ allocated/freed phba (bsc#1185032 bsc#1203939).
+ Dropped:
+ patches.suse/lpfc-decouple-port_template-and-vport_template.patch
+- scsi: lpfc: Fix multiple NVMe remoteport registration calls
+ for the same NPort ID (bsc#1203939).
+- scsi: lpfc: Add missing free iocb and nlp kref put for early
+ return VMID cases (bsc#1203939).
+- scsi: lpfc: Fix mbuf pool resource detected as busy at driver
+ unload (bsc#1203939).
+- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology
+ (bsc#1203939).
+- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling
+ (bsc#1203939).
+- scsi: lpfc: Remove unneeded result variable (bsc#1203939).
+- scsi: lpfc: Remove the unneeded result variable (bsc#1203939).
+- commit 23fee86
+
+- supported.conf: mark spi-pxa2xx-platform as supported (bsc#1203699)
+ It's required for the sound on recent Intel machines
+- commit d17d5e0
+
+- scsi: lpfc: Add missing destroy_workqueue() in error path
+ (bsc#1203939).
+- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of
+ DID_REQUEUE (bsc#1203939).
+- commit 495ecbc
+
+- wifi: cfg80211: ensure length byte is present before access
+ (CVE-2022-41674 bsc#1203770).
+- wifi: cfg80211/mac80211: reject bad MBSSID elements
+ (CVE-2022-41674 bsc#1203770).
+- wifi: cfg80211: fix u8 overflow in
+ cfg80211_update_notlisted_nontrans() (CVE-2022-41674
+ bsc#1203770).
+- commit 79b409a
+
+- scsi: qla2xxx: Remove unused declarations for qla2xxx
+ (bsc#1203935).
+- scsi: qla2xxx: Fix spelling mistake "definiton" -> "definition"
+ (bsc#1203935).
+- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).
+- scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).
+- scsi: qla2xxx: Define static symbols (bsc#1203935).
+- scsi: qla2xxx: Enhance driver tracing with separate tunable
+ and more (bsc#1203935).
+- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image
+ Status (bsc#1203935).
+- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).
+- scsi: qla2xxx: Fix response queue handler reading stale packets
+ (bsc#1203935).
+- scsi: qla2xxx: Revert "scsi: qla2xxx: Fix response queue
+ handler reading stale packets" (bsc#1203935).
+- scsi: qla2xxx: Log message "skipping scsi_scan_host()" as
+ informational (bsc#1203935).
+- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).
+- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from
+ qlt_stop_phase1() (bsc#1203935).
+- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).
+- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).
+- commit 76fee71
+
+- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()
+ (bsc#1203935).
+- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port
+ ISP27XX (bsc#1203935).
+- commit df43957
+
+- mm: rename is_pinnable_page() to is_longterm_pinnable_page()
+ (jsc#PED-1294).
+- commit 8c9ae5e
+
+- mm: fix is_pinnable_page against a cma page (jsc#PED-1294).
+- commit e5e0125
+
+- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
+ (bsc#1196869).
+- commit 421a33e
+
+- ALSA: hda/realtek: More robust component matching for CS35L41
+ (bsc#1203699).
+- commit 13ee63f
+
+- kABI: fix adding another field to scsi_device (bsc#1203039).
+- scsi: core: Add BLIST_NO_ASK_VPD_SIZE for some VDASD
+ (bsc#1203039).
+- Refresh
+ patches.kabi/blk-mq-fix-kabi-support-concurrent-queue-quiesce-unquiesce.patch.
+- Refresh patches.kabi/kABI-fix-adding-field-to-scsi_device.patch.
+- commit 38a6998
+
+- mm: Fix PASID use-after-free issue (bsc#1203908).
+- commit e2ea645
+
+- cgroup: cgroup_get_from_id() must check the looked-up kn is
+ a directory (bsc#1203906).
+- commit 2c277d7
+
+- spi: propagate error code to the caller of
+ acpi_spi_device_alloc() (bsc#1203699).
+- spi: Return deferred probe error when controller isn't yet
+ available (bsc#1203699).
+- commit 719f957
+
+- cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock
+ (bsc#1196869).
+- commit 20ffc1f
+
+- kABI workaround for spi changes (bsc#1203699).
+- commit 57d4f4f
+
+- cgroup: Fix race condition at rebind_subsystems() (bsc#1203902).
+- commit ec3105d
+
+- ALSA: hda/realtek: Add quirk for HP Zbook Firefly 14 G9 model
+ (bsc#1203699).
+- commit 274acc0
+
+- cs-dsp and serial-multi-instantiate enablement (bsc#1203699)
+- Update config files
+- Update supported.conf
+- commit 6b0538d
+
+- platform/x86: serial-multi-instantiate: Add CLSA0101 Laptop
+ (bsc#1203699).
+- ACPI: scan: Add CLSA0101 Laptop Support (bsc#1203699).
+- ACPI / scan: Create platform device for CS35L41 (bsc#1203699).
+- platform/x86: serial-multi-instantiate: Add SPI support
+ (bsc#1203699).
+- platform/x86: serial-multi-instantiate: Reorganize I2C functions
+ (bsc#1203699).
+- platform/x86: i2c-multi-instantiate: Rename it for a generic
+ serial driver name (bsc#1203699).
+- spi: Add API to count spi acpi resources (bsc#1203699).
+- spi: Support selection of the index of the ACPI Spi Resource
+ before alloc (bsc#1203699).
+- spi: Create helper API to lookup ACPI info for spi device
+ (bsc#1203699).
+- i2c: acpi: Add an i2c_acpi_client_count() helper function
+ (bsc#1203699).
+- commit 66cfc1c
+
+- ALSA: hda/cs8409: Support new Dolphin Variants (bsc#1203699).
+- ALSA: hda/realtek: Add quirk for Lenovo Yoga7 14IAL7
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Clarify support for CSC3551 without _DSD
+ Properties (bsc#1203699).
+- ALSA: hda/realtek: Add quirks for ASUS Zenbooks using CS35L41
+ (bsc#1203699).
+- ASoC: cs35l41: Read System Name from ACPI _SUB to identify
+ firmware (bsc#1203699).
+- commit 3025b3b
+
+- ALSA: hda: cs35l41: Support CLSA0101 (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
+- commit d934822
+
+- ACPI: utils: Add api to read _SUB from ACPI (bsc#1203699).
+- ALSA: hda: cs35l41: Use the CS35L41 HDA internal define
+ (bsc#1203699).
+- ALSA: hda/realtek: Enable speaker and mute LEDs for HP laptops
+ (bsc#1203699).
+- commit 6e401a7
+
+- Revert "ALSA: hda: cs35l41: Allow compilation test on non-ACPI
+ configurations" (bsc#1203699).
+- ALSA: hda: cs35l41: Add module parameter to control firmware
+ load (bsc#1203699).
+- ALSA: hda: cs35l41: Support Firmware switching and reloading
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Add defaulted values into dsp bypass config
+ sequence (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Add fw id strings (bsc#1203699).
+- ALSA: hda: cs35l41: Read Speaker Calibration data from UEFI
+ variables (bsc#1203699).
+- ALSA: hda: cs35l41: Support Hibernation during Suspend
+ (bsc#1203699).
+- commit 8707600
+
+- ASoC: cs35l41: Add support for CLSA3541 ACPI device ID
+ (bsc#1203699).
+- ASoC: cs35l41: Do not print error when waking from hibernation
+ (bsc#1203699).
+- ASoC: cs35l41: Add common cs35l41 enter hibernate function
+ (bsc#1203699).
+- ASoC: cs35l41: Move cs35l41 exit hibernate function into shared
+ code (bsc#1203699).
+- ALSA: hda: cs35l41: Support Speaker ID for laptops
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Support multiple load paths for firmware
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Support reading subsystem id from ACPI
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Save Subsystem ID inside CS35L41 Driver
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Add initial DSP support and firmware loading
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Save codec object inside component struct
+ (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Add apis to write the controls
+ directly (bsc#1203699).
+- ALSA: hda: hda_cs_dsp_ctl: Add Library to support CS_DSP ALSA
+ controls (bsc#1203699).
+- ALSA: hda: cs35l41: Consolidate selections under
+ SND_HDA_SCODEC_CS35L41 (bsc#1203699).
+- ALSA: hda: cs35l41: Drop wrong use of ACPI_PTR() (bsc#1203699).
+- ALSA: hda: cs35l41: Allow compilation test on non-ACPI
+ configurations (bsc#1203699).
+- ALSA: hda: cs35l41: Don't dereference fwnode handle
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Improve dev_err_probe() messaging
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Fix comments wrt serial-multi-instantiate
+ reference (bsc#1203699).
+- commit 0179f7c
+
+- ALSA: hda/cs8409: change cs8409_fixups v.pins initializers to
+ static (bsc#1203699).
+- ASoC: cs35l41: Add ASP TX3/4 source to register patch
+ (bsc#1203699).
+- ASoC: cs35l41: Correct some control names (bsc#1203699).
+- ASoC: cs35l41: Add endianness flag in snd_soc_component_driver
+ (bsc#1203699).
+- commit f2b0e66
+
+- ASoC: cs35l41: Fix an out-of-bounds access in
+ otp_packed_element_t (bsc#1203699).
+- ASoC: cs35l41: Add one more variable in the debug log
+ (bsc#1203699).
+- commit a26b9a2
+
+- ALSA: hda/realtek: Enable mute/micmute LEDs support for HP
+ Laptops (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch.
+- commit 342e19c
+
+- ALSA: hda/realtek: Fix mute led issue on thinkpad with cs35l41
+ s-codec (bsc#1203699).
+- commit 0fd2db1
+
+- ALSA: hda: cs35l41: Add Amp Name based on channel and index
+ (bsc#1203699).
+- ASoC: cs35l41: Move cs_dsp config struct into shared code
+ (bsc#1203699).
+- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic
+ boost on EliteBook 845/865 G9 (bsc#1203699).
+- ASoC: cs35l41: Fix a shift-out-of-bounds warning found by UBSAN
+ (bsc#1203699).
+- ASoC: cs35l41: Add one more variable in the debug log
+ (bsc#1203699).
+- commit 4800a47
+
+- ASoC: cs35l41: Move cs35l41 fs errata into shared code
+ (bsc#1203699).
+- ASoC: cs35l41: Move cs35l41_set_cspl_mbox_cmd to shared code
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Enable GPIO2 Interrupt for CLSA0100 laptops
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Add Support for Interrupts (bsc#1203699).
+- ALSA: hda: cs35l41: Remove Set Channel Map api from binding
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Set Speaker Position for CLSA0100 Laptop
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Fix error in spi cs35l41 hda driver name
+ (bsc#1203699).
+- ALSA: hda/cs8409: Add Speaker Playback Switch for Warlock
+ (bsc#1203699).
+- ALSA: hda/cs8409: Add Speaker Playback Switch for Cyborg
+ (bsc#1203699).
+- ALSA: hda/cs8409: Support new Odin Variants (bsc#1203699).
+- commit 346d9b0
+
+- ALSA: hda/cs8409: Support manual mode detection for CS42L42
+ (bsc#1203699).
+- ALSA: hda/cs8409: Use general cs42l42 include in cs8409 hda
+ driver (bsc#1203699).
+- ASoC: cs35l41: Support external boost (bsc#1203699).
+- ALSA: hda: cs35l41: Move external boost handling to lib for
+ ASoC use (bsc#1203699).
+- ALSA: hda: cs35l41: Handle all external boost setups the same
+ way (bsc#1203699).
+- ALSA: hda: cs35l41: Reorganize log for playback actions
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Remove cs35l41_hda_reg_sequence struct
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Move boost config to initialization code
+ (bsc#1203699).
+- ALSA: cs35l41: Enable Internal Boost in shared lib
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Mute the device before shutdown
+ (bsc#1203699).
+- commit e34c590
+
+- ASoC: cs42l42: Move CS42L42 register descriptions to general
+ include (bsc#1203699).
+- ASoC: cs42l42: Add warnings about DETECT_MODE and PLL_START
+ (bsc#1203699).
+- ASoC: cs42l42: Handle system suspend (bsc#1203699).
+- ASoC: cs42l42: Change jack_detect_mutex to a lock of all IRQ
+ handling (bsc#1203699).
+- ASoC: cs42l42: Report full jack status when plug is detected
+ (bsc#1203699).
+- ASoC: cs42l42: Report initial jack state (bsc#1203699).
+- ASoC: cs42l42: Remove redundant pll_divout member (bsc#1203699).
+- ASoC: cs42l42: Simplify reporting of jack unplug (bsc#1203699).
+- ASoC: cs42l42: Remove redundant writes to RS_PLUG/RS_UNPLUG
+ masks (bsc#1203699).
+- ASoC: cs42l42: Remove redundant writes to DETECT_MODE
+ (bsc#1203699).
+- ASoC: cs42l42: Add control for audio slow-start switch
+ (bsc#1203699).
+- ASoC: cs42l42: free_irq() before powering-down on probe() fail
+ (bsc#1203699).
+- ASoC: cs42l42: Reset and power-down on remove() and failed
+ probe() (bsc#1203699).
+- ASoC: cs42l42: Prevent NULL pointer deref in interrupt handler
+ (bsc#1203699).
+- ASoC: cs42l42: Remove unused runtime_suspend/runtime_resume
+ callbacks (bsc#1203699).
+- ASoC: cs42l42: Use two thresholds and increased wait time for
+ manual type detection (bsc#1203699).
+- ASoC: cs42l42: Implement Manual Type detection as fallback
+ (bsc#1203699).
+- ASoC: cs42l42: Minor fix all errors reported by checkpatch.pl
+ script (bsc#1203699).
+- ASoC: cs42l42: Always enable TS_PLUG and TS_UNPLUG interrupts
+ (bsc#1203699).
+- ASoC: cs42l42: Fix WARN in remove() if running without an
+ interrupt (bsc#1203699).
+- ASoC: cs42l42: Mark OSC_SWITCH_STATUS register volatile
+ (bsc#1203699).
+- ASoC: cs42l42: Set correct SRC MCLK (bsc#1203699).
+- ASoC: cs42l42: Allow time for HP/ADC to power-up after enable
+ (bsc#1203699).
+- ASoC: cs42l42: Use PLL for SCLK > 12.288MHz (bsc#1203699).
+- ASoC: cs42l42: Don't claim to support 192k (bsc#1203699).
+- ASoC: cs42l42: Don't reconfigure the PLL while it is running
+ (bsc#1203699).
+- commit 866431d
+
+- ALSA: hda: cs35l41: Put the device into safe mode for external
+ boost (bsc#1203699).
+- ALSA: hda: cs35l41: Add Boost type flag (bsc#1203699).
+- ALSA: hda: cs35l41: Always configure the DAI (bsc#1203699).
+- ALSA: hda: cs35l41: Fix I2S params comments (bsc#1203699).
+- ALSA: cs35l41: Move cs35l41_gpio_config to shared lib
+ (bsc#1203699).
+- ALSA: cs35l41: Check hw_config before using it (bsc#1203699).
+- ALSA: cs35l41: Unify hardware configuration (bsc#1203699).
+- commit ac37bc4
+
+- ALSA: hda/cs8409: Add new Dolphin HW variants (bsc#1203699).
+- ALSA: hda/cs8409: Disable HSBIAS_SENSE_EN for Cyborg
+ (bsc#1203699).
+- ALSA: hda/cs8409: Support new Warlock MLK Variants
+ (bsc#1203699).
+- ALSA: hda/cs8409: Fix Full Scale Volume setting for all variants
+ (bsc#1203699).
+- ALSA: hda/cs8409: Re-order quirk table into ascending order
+ (bsc#1203699).
+- ALSA: hda/cs8409: Fix Warlock to use mono mic configuration
+ (bsc#1203699).
+- commit af84f1a
+
+- ALSA: hda/realtek: Add mute and micmut LED support for Zbook
+ Fury 17 G9 (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch.
+- commit 7831f17
+
+- ASoC: cs35l41: Remove unnecessary param (bsc#1203699).
+- ALSA: hda/realtek: Fix LED on Zbook Studio G9 (bsc#1203699).
+- commit 8ea9da8
+
+- ALSA: hda/realtek: Add support for HP Laptops (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-a-quirk-for-HP-OMEN-16-8902-mut.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-HP-Dev-One.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-mute-micmute-LEDs-for-HP-machin.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L-024a7ad9eb4d.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-right-sounds-and-mute-micmute-L.patch.
+- commit a813cc9
+
+- ASoC: cs35l41: Fix DSP mbox start command and global enable
+ order (bsc#1203699).
+- ASoC: cs35l41: Fix max number of TX channels (bsc#1203699).
+- ASoC: cs35l41: Fix GPIO2 configuration (bsc#1203699).
+- ALSA: hda: cs35l41: Make cs35l41_hda_remove() return void
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Tidyup code (bsc#1203699).
+- ALSA: hda: cs35l41: Make use of the helper function
+ dev_err_probe() (bsc#1203699).
+- ALSA: hda: cs35l41: Add missing default cases (bsc#1203699).
+- ALSA: hda: cs35l41: Move cs35l41* calls to its own symbol
+ namespace (bsc#1203699).
+- ALSA: hda: cs35l41: Add calls to newly added test key function
+ (bsc#1203699).
+- ALSA: hda: cs35l41: Avoid overwriting register patch
+ (bsc#1203699).
+- ALSA: hda: cs35l41: fix double free on error in probe()
+ (bsc#1203699).
+- commit 31fd8da
+
+- firmware: cs_dsp: Add memory chunk helpers (bsc#1203699).
+- firmware: cs_dsp: Add pre_stop callback (bsc#1203699).
+- ASoC: wm_adsp: Minor clean and redundant code removal
+ (bsc#1203699).
+- ASoC: wm_adsp: Fix event for preloader (bsc#1203699).
+- ASoC: wm_adsp: Compressed stream DSP memory structs should be
+ __packed (bsc#1203699).
+- firmware: cs_dsp: Fix overrun of unterminated control name
+ string (bsc#1203699).
+- ASoC: wm_adsp: Expand firmware loading search options
+ (bsc#1203699).
+- ASoC: wm_adsp: Add trace caps to speaker protection FW
+ (bsc#1203699).
+- ASoC: wm_adsp: Make compressed buffers optional (bsc#1203699).
+- ASoC: wm_adsp: Correct control read size when parsing compressed
+ buffer (bsc#1203699).
+- ASoC: cs35l41: Add support for hibernate memory retention mode
+ (bsc#1203699).
+- ASoC: cs35l41: Update handling of test key registers
+ (bsc#1203699).
+- ASoC: wm_adsp: Add support for "toggle" preloaders
+ (bsc#1203699).
+- firmware: cs_dsp: Clear core reset for cache (bsc#1203699).
+- ASoC: cs35l41: Correct handling of some registers in the cache
+ (bsc#1203699).
+- ASoC: cs35l41: Correct DSP power down (bsc#1203699).
+- ASoC: cs35l41: Remove incorrect comment (bsc#1203699).
+- ASoC: cs35l41: Add cs35l51/53 IDs (bsc#1203699).
+- ALSA: hda: Fix dependencies of CS35L41 on SPI/I2C buses
+ (bsc#1203699).
+- ALSA: hda: Fix dependency on ASoC cs35l41 codec (bsc#1203699).
+- firmware: cs_dsp: Move lockdep asserts to avoid potential null
+ pointer (bsc#1203699).
+- firmware: cs_dsp: Allow creation of event controls
+ (bsc#1203699).
+- firmware: cs_dsp: Add offset to cs_dsp read/write (bsc#1203699).
+- firmware: cs_dsp: Clarify some kernel doc comments
+ (bsc#1203699).
+- firmware: cs_dsp: Perform NULL check in
+ cs_dsp_coeff_write/read_ctrl (bsc#1203699).
+- firmware: cs_dsp: Add support for rev 2 coefficient files
+ (bsc#1203699).
+- firmware: cs_dsp: Print messages from bin files (bsc#1203699).
+- firmware: cs_dsp: Add pre_run callback (bsc#1203699).
+- firmware: cs_dsp: Add version checks on coefficient loading
+ (bsc#1203699).
+- firmware: cs_dsp: Add lockdep asserts to interface functions
+ (bsc#1203699).
+- firmware: cs_dsp: tidy includes in cs_dsp.c and cs_dsp.h
+ (bsc#1203699).
+- ASoC: wm_adsp: wm_adsp_control_add() error: uninitialized symbol
+ 'ret' (bsc#1203699).
+- commit 545439c
+
+- supported.conf: Add cs_dsp firmware module (bsc#1203699)
+- commit af1ea30
+
+- Update config files: enable CS35L41 support (bsc#1203699)
+- commit 195ddb7
+
+- ALSA: hda/realtek: Add CS35L41 support for Thinkpad laptops
+ (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch.
+- commit 0a4cbdb
+
+- ALSA: hda/realtek: Add support for Legion 7 16ACHg6 laptop
+ (bsc#1203699).
+- Refresh
+ patches.suse/ALSA-hda-ALC287-Add-Lenovo-IdeaPad-Slim-9i-14ITL5-sp.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Legion-Y9000X-2019.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-Lenovo-Yoga9-14IAP7.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-Add-quirk-for-the-Framework-Laptop.patch.
+- Refresh
+ patches.suse/ALSA-hda-realtek-fix-speakers-and-micmute-on-HP-855-.patch.
+- commit b3dce35
+
+- ALSA: hda: cs35l41: Add support for CS35L41 in HDA systems
+ (bsc#1203699).
+- commit 39ffdf8
+
+- ASoC: cs35l41: Document CS35l41 External Boost (bsc#1203699).
+- ASoC: cs35l41: Create shared function for boost configuration
+ (bsc#1203699).
+- ASoC: cs35l41: Create shared function for setting channels
+ (bsc#1203699).
+- ASoC: cs35l41: Create shared function for errata patches
+ (bsc#1203699).
+- ASoC: cs35l41: Move power initializations to reg_sequence
+ (bsc#1203699).
+- ASoC: cs35l41: Move cs35l41_otp_unpack to shared code
+ (bsc#1203699).
+- ASoC: cs35l41: Convert tables to shared source code
+ (bsc#1203699).
+- ASoC: cs35l41: Fix undefined reference to core functions
+ (bsc#1203699).
+- ASoC: cs35l41: Fix link problem (bsc#1203699).
+- ASoC: wm_adsp: Remove the wmfw_add_ctl helper function
+ (bsc#1203699).
+- ASoC: cs35l41: DSP Support (bsc#1203699).
+- ASoC: dt-bindings: cs42l42: Convert binding to yaml
+ (bsc#1203699).
+- ASoC: cs35l41: Set the max SPI speed for the whole device
+ (bsc#1203699).
+- ASoC: cs35l41: Change monitor widgets to siggens (bsc#1203699).
+- ASoC: cs35l41: Make cs35l41_remove() return void (bsc#1203699).
+- ASoC: wm_adsp: remove a repeated including (bsc#1203699).
+- firmware: cs_dsp: add driver to support firmware loading on
+ Cirrus Logic DSPs (bsc#1203699).
+- ASoC: wm_adsp: Separate wm_adsp specifics in cs_dsp_client_ops
+ (bsc#1203699).
+- ASoC: wm_adsp: Split out struct cs_dsp from struct wm_adsp
+ (bsc#1203699).
+- ASoC: wm_adsp: move firmware loading to client (bsc#1203699).
+- ASoC: wm_adsp: Pass firmware names as parameters when starting
+ DSP core (bsc#1203699).
+- ASoC: wm_adsp: Move check of dsp->running to better place
+ (bsc#1203699).
+- ASoC: wm_adsp: Separate generic cs_dsp_coeff_ctl handling
+ (bsc#1203699).
+- ASoC: wm_adsp: Move sys_config_size to wm_adsp (bsc#1203699).
+- ASoC: wm_adsp: Split DSP power operations into helper functions
+ (bsc#1203699).
+- ASoC: wm_adsp: Separate some ASoC and generic functions
+ (bsc#1203699).
+- ASoC: wm_adsp: Introduce cs_dsp logging macros (bsc#1203699).
+- ASoC: wm_adsp: Rename generic DSP support (bsc#1203699).
+- ASoC: wm_adsp: Cancel ongoing work when removing controls
+ (bsc#1203699).
+- ASoC: wm_adsp: Switch to using wm_coeff_read_ctrl for compressed
+ buffers (bsc#1203699).
+- ASoC: wm_adsp: Move check for control existence (bsc#1203699).
+- ASoC: wm_adsp: Remove use of snd_ctl_elem_type_t (bsc#1203699).
+- ASoC: cs35l41: Binding fixes (bsc#1203699).
+- misc: cs35l41: Remove unused pdn variable (bsc#1203699).
+- ASoC: cs35l41: Fix a bunch of trivial code formating/style
+ issues (bsc#1203699).
+- ASoC: cs35l41: Fixup the error messages (bsc#1203699).
+- ASoC: cs35l41: Don't overwrite returned error code
+ (bsc#1203699).
+- ASoC: cs35l41: Combine adjacent register writes (bsc#1203699).
+- ASoC: cs35l41: Use regmap_read_poll_timeout to wait for OTP boot
+ (bsc#1203699).
+- ASoC: cs35l41: Fix use of an uninitialised variable
+ (bsc#1203699).
+- ASoC: cs35l41: Add bindings for CS35L41 (bsc#1203699).
+- ASoC: cs35l41: CS35L41 Boosted Smart Amplifier (bsc#1203699).
+- ASoC: wm_adsp: Remove pointless string comparison (bsc#1203699).
+- commit 5d21207
+
+- kABI: Add back removed struct paca member (bsc#1203664
+ ltc#199236).
+- Revert "powerpc/rtas: Implement reentrant rtas call"
+ (bsc#1203664 ltc#199236).
+- commit 93ebb75
+
+- blacklist.conf: add scsi commit that's too invasive
+- commit ed3d357
+
+- struct ehci_hcd: hide new element going into a hole (git-fixes).
+- commit 859270b
+
+- USB: Fix ehci infinite suspend-resume loop issue in zhaoxin
+ (git-fixes).
+- commit 71e1e4f
+
+- xen/usb: don't use arbitrary_virt_to_machine() (git-fixes).
+- commit 9497b70
+
+- usb: host: xhci: fix a comment typo in xhci_mem_init()
+ (git-fixes).
+- usb: host: xhci: use ffs() in xhci_mem_init() (git-fixes).
+- commit f930b4a
+
+- usb: Drop commas after SoC match table sentinels (git-fixes).
+- commit c8fc91a
+
+- struct xhci_hcd: restore member now dynamically allocated
+ (git-fixes).
+- commit ac47acd
+
+- USB: core: Fix RST error in hub.c (git-fixes).
+- commit 19a77db
+
+- Update config files. (jsc#PED-1763)
+- supported.conf:
+- commit 9894f49
+
+- fuse: Remove the control interface for virtio-fs (bsc#1203798).
+- commit a23dd0d
+
+- constraints: increase disk space for all architectures
+ References: bsc#1203693
+ aarch64 is already suffering. SLE15-SP5 x86_64 stats show that it is
+ very close to the limit.
+- commit 43a9011
+
+- usb.h: struct usb_device: hide new member (git-fixes).
+- commit fbd8f4a
+
+- USB: core: Prevent nested device-reset calls (git-fixes).
+- commit 9ef8532
+
+- usb: dwc3: disable USB core PHY management (git-fixes).
+- commit 1a35727
+
+- Update patch referecen for ALSA fix (CVE-2022-3303 bsc#1203769)
+- commit 9addbc1
+
+- ACPI: processor idle: Practically limit "Dummy wait" workaround
+ to old Intel systems (bsc#1203767).
+- commit ec98644
+
+- NFSv4.2: Update mode bits after ALLOCATE and DEALLOCATE
+ (git-fixes).
+- NFSv4: Turn off open-by-filehandle and NFS re-export for NFSv4.0
+ (git-fixes).
+- md: call __md_stop_writes in md_stop (git-fixes).
+- SUNRPC: RPC level errors should set task->tk_rpc_status
+ (git-fixes).
+- NFSv4.2 fix problems with __nfs42_ssc_open (git-fixes).
+- net/sunrpc: fix potential memory leaks in
+ rpc_sysfs_xprt_state_change() (git-fixes).
+- SUNRPC: Reinitialise the backchannel request buffers before
+ reuse (git-fixes).
+- NFSv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes).
+- NFSv4: Fix races in the legacy idmapper upcall (git-fixes).
+- sunrpc: fix expiry of auth creds (git-fixes).
+- NFSv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
+ (git-fixes).
+- NFSv4.1: Don't decrease the value of seq_nr_highest_sent
+ (git-fixes).
+- pNFS/flexfiles: Report RDMA connection errors to the server
+ (git-fixes).
+- Revert "pNFS: nfs3_set_ds_client should set NFS_CS_NOPING"
+ (git-fixes).
+- lockd: detect and reject lock arguments that overflow
+ (git-fixes).
+- SUNRPC: Fix xdr_encode_bool() (git-fixes).
+- nfsd: eliminate the NFSD_FILE_BREAK_* flags (git-fixes).
+- md-raid10: fix KASAN warning (git-fixes).
+- NFSD: restore EINVAL error translation in nfsd_commit()
+ (git-fixes).
+- NFSD: Clean up the show_nf_flags() macro (git-fixes).
+- SUNRPC: Don't leak sockets in xs_local_connect() (git-fixes).
+- SUNRPC: Don't call connect() more than once on a TCP socket
+ (git-fixes).
+- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
+- NFSD: Fix offset type in I/O trace points (git-fixes).
+- NFS: Fix WARN_ON due to unionization of nfs_inode.nrequests
+ (git-fixes).
+- commit 510ad2f
+
+- x86/sev: Add missing __init annotations to SEV init routines
+ (jsc#SLE-19924 jsc#SLE-24814).
+- Refresh
+ patches.suse/x86-sev-Get-the-AP-jump-table-address-from-secrets-page.
+- commit e7f768c
+
+- scsi: Revert "scsi: qla2xxx: Fix disk failure to rediscover"
+ (git-fixes).
+- commit c7d72a7
+
+- i2c: mlxbf: Fix frequency calculation (git-fixes).
+- i2c: mlxbf: prevent stack overflow in
+ mlxbf_i2c_smbus_start_transaction() (git-fixes).
+- i2c: mlxbf: incorrect base address passed during io write
+ (git-fixes).
+- i2c: imx: If pm_runtime_get_sync() returned 1 device access
+ is possible (git-fixes).
+- commit abc7475
+
+- blacklist.conf: remove blacklisted patch
+ This patch was incorrectly blacklisted, but in fact
+ is needeed, so remove the blacklist first.
+- commit 858de69
+
+- serial: fsl_lpuart: Reset prior to registration (git-fixes).
+- workqueue: don't skip lockdep work dependency in
+ cancel_work_sync() (git-fixes).
+- arm64: topology: fix possible overflow in amu_fie_setup()
+ (git-fixes).
+- media: flexcop-usb: fix endpoint type check (git-fixes).
+- usb: dwc3: core: leave default DMA if the controller does not
+ support 64-bit DMA (git-fixes).
+- drm/panel: simple: Fix innolux_g121i1_l01 bus_format
+ (git-fixes).
+- drm/mediatek: dsi: Move mtk_dsi_stop() call back to
+ mtk_dsi_poweroff() (git-fixes).
+- drm/mediatek: dsi: Add atomic {destroy,duplicate}_state,
+ reset callbacks (git-fixes).
+- drm/panfrost: devfreq: set opp to the recommended one to
+ configure regulator (git-fixes).
+- ASoC: nau8824: Fix semaphore unbalance at error paths
+ (git-fixes).
+- regulator: pfuze100: Fix the global-out-of-bounds access in
+ pfuze100_regulator_probe() (git-fixes).
+- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
+- wifi: mac80211_hwsim: check length for virtio packets
+ (git-fixes).
+- tty: serial: atmel: Preserve previous USART mode if RS485
+ disabled (git-fixes).
+- drm/tegra: vic: Fix build warning when CONFIG_PM=n (git-fixes).
+- video: fbdev: pxa3xx-gcu: Fix integer overflow in
+ pxa3xx_gcu_write (git-fixes).
+- serial: atmel: remove redundant assignment in rs485_config
+ (git-fixes).
+- video: fbdev: i740fb: Error out if 'pixclock' equals zero
+ (git-fixes).
+- commit 05ff2c7
+
+- scsi: mpt3sas: Fix use-after-free warning (git-fixes).
+- scsi: qla2xxx: Fix disk failure to rediscover (git-fixes).
+- commit 338849f
+
+- kexec_file: drop weak attribute from functions (bsc#1196444).
+- commit 3df1852
+
+- KVM: avoid NULL pointer dereference in kvm_dirty_ring_push
+ (bsc#1198189 CVE-2022-1263).
+- commit 7717214
+
+- kexec, KEYS, s390: Make use of built-in and secondary keyring
+ for signature verification (bsc#1196444).
+- commit a0517d1
+
+- arm64: kexec_file: use more system keyrings to verify kernel
+ image signature (bsc#1196444).
+- kexec, KEYS: make the code in bzImage64_verify_sig generic
+ (bsc#1196444).
+- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).
+- kexec: drop weak attribute from functions (bsc#1196444).
+- x86/kexec: fix memory leak of elf header buffer (bsc#1196444).
+- commit 6bb0d35
+
+- arm64: dts: rockchip: Remove 'enable-active-low' from
+ rk3399-puma (git-fixes).
+- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz
+ (git-fixes).
+- arm64: dts: rockchip: Fix typo in lisense text for PX30.Core
+ (git-fixes).
+- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes).
+- selftests: forwarding: add shebang for sch_red.sh (git-fixes).
+- can: gs_usb: gs_can_open(): fix race dev->can.state condition
+ (git-fixes).
+- gve: Fix GFP flags when allocing pages (git-fixes).
+- wifi: mt76: fix reading current per-tid starting sequence
+ number for aggregation (git-fixes).
+- batman-adv: Fix hang up with small MTU hard-interface
+ (git-fixes).
+- net: phy: aquantia: wait for the suspend/resume operations to
+ finish (git-fixes).
+- gpiolib: cdev: Set lineevent_state::irq after IRQ register
+ successfully (git-fixes).
+- gpio: mockup: fix NULL pointer dereference when removing debugfs
+ (git-fixes).
+- selftests: forwarding: Fix failing tests with old libnet
+ (git-fixes).
+- commit 4895eee
+
+- dt-bindings: Add headers for Host1x and VIC on Tegra234
+ (jsc#PED-1763).
+- dt-bindings: memory: Add Tegra234 MGBE memory clients
+ (jsc#PED-1763).
+- dt-bindings: Add Tegra234 MGBE clocks and resets (jsc#PED-1763).
+- dt-bindings: power: Add Tegra234 MGBE power domains
+ (jsc#PED-1763).
+- dt-bindings: Add headers for Tegra234 GPCDMA (jsc#PED-1763).
+- dt-bindings: tegra186-hsp: add type for shared mailboxes
+ (jsc#PED-1763).
+- arm64: tegra: Add QSPI controllers on Tegra234 (jsc#PED-1763).
+- dt-bindings: memory: Add Tegra234 PCIe memory (jsc#PED-1763).
+- dt-bindings: power: Add Tegra234 PCIe power domains
+ (jsc#PED-1763).
+- dt-bindings: Add Tegra234 PCIe clocks and resets (jsc#PED-1763).
+- dt-bindings: Add HDA support for Tegra234 (jsc#PED-1763).
+- dt-bindings: Add Tegra234 APE support (jsc#PED-1763).
+- dt-bindings: Add headers for Tegra234 PWM (jsc#PED-1763).
+- dt-bindings: Add headers for Tegra234 I2C (jsc#PED-1763).
+- dt-bindings: gpio: Add Tegra234 support (jsc#PED-1763).
+- dt-bindings: memory: tegra: Add Tegra234 support (jsc#PED-1763).
+- dt-bindings: Update headers for Tegra234 (jsc#PED-1763).
+- commit 44a5986
+
+- net/mlx5: CT: Fix header-rewrite re-use for tupels (git-fixes).
+- commit a413591
+
+- net/mlx5e: TC NIC mode, fix tc chains miss table (git-fixes).
+- commit 7bd201a
+
+- net: enetc: Use pci_release_region() to release some resources
+ (git-fixes).
+- commit 15bc221
+
+- net: dsa: mv88e6xxx: Fix refcount leak in
+ mv88e6xxx_mdios_register (git-fixes).
+- commit 568058d
+
+- net: dsa: restrict SMSC_LAN9303_I2C kconfig (git-fixes).
+- commit a7df60c
+
+- net: stmmac: fix out-of-bounds access in a selftest (git-fixes).
+- commit 1d801d7
+
+- net: macb: Fix PTP one step sync support (git-fixes).
+- commit c6f42d2
+
+- net: wwan: iosm: remove pointless null check (git-fixes).
+- commit 4eccfc1
+
+- eth: sun: cassini: remove dead code (git-fixes).
+- commit aa42615
+
+- net: stmmac: remove unused get_addr() callback (git-fixes).
+- commit 14586bc
+
+- Revert "ice: Hide bus-info in ethtool for PRs in switchdev mode"
+ (git-fixes).
+- commit 2b88535
+
+- net: ethernet: stmmac: fix write to sgmii_adapter_base
+ (git-fixes).
+- commit 63c3906
+
+- net: dsa: felix: fix tagging protocol changes with multiple
+ CPU ports (git-fixes).
+- commit 41e3617
+
+- net: dsa: introduce helpers for iterating through ports using dp
+ (git-fixes).
+- commit 5001021
+
+- ice: arfs: fix use-after-free when freeing @rx_cpu_rmap
+ (git-fixes).
+- commit 1bdfd3c
+
+- net: hns3: add netdev reset check for hns3_set_tunable()
+ (git-fixes).
+- commit f002bf7
+
+- net: phy: at803x: move page selection fix to config_init
+ (git-fixes).
+- commit 02fb6c3
+
+- ice: Match on all profiles in slow-path (git-fixes).
+- commit 5ba2957
+
+- net: ipa: kill ipa_cmd_pipeline_clear() (git-fixes).
+- commit 1308dcb
+
+- blacklist.conf: update blacklist
+- commit e0df553
+
+- blacklist.conf: update blacklist
+- commit d975e01
+
+- blacklist.conf: update blacklist
+- commit 2402036
+
+- ALSA: hda: Fix Nvidia dp infoframe (git-fixes).
+- ALSA: hda/tegra: set depop delay for tegra (git-fixes).
+- ALSA: hda/tegra: Update scratch reg. communication (git-fixes).
+- ALSA: hda/tegra: Add Tegra234 hda driver support (git-fixes).
+- commit 636d297
+
+- ALSA: hda/realtek: Add a quirk for HP OMEN 16 (8902) mute LED
+ (git-fixes).
+- ALSA: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
+- ALSA: hda/realtek: Add pincfg for ASUS G533Z HP jack
+ (git-fixes).
+- ALSA: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
+- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5530
+ laptop (git-fixes).
+- ALSA: hda/realtek: Enable 4-speaker output Dell Precision 5570
+ laptop (git-fixes).
+- ALSA: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
+- ALSA: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
+- commit a4ecf82
+
+- dmaengine: ti: k3-udma-private: Fix refcount leak bug in
+ of_xudma_dev_get() (git-fixes).
+- Revert "ALSA: usb-audio: Split endpoint setups for hw_params
+ and prepare" (git-fixes).
+- ALSA: core: Fix double-free at snd_card_new() (git-fixes).
+- ALSA: hda/realtek: Re-arrange quirk table entries (git-fixes).
+- ALSA: hda: Fix hang at HD-audio codec unbinding due to refcount
+ saturation (git-fixes).
+- ARM: dts: imx6qdl-kontron-samx6i: fix spi-flash compatible
+ (git-fixes).
+- gpio: mockup: remove gpio debugfs when remove device
+ (git-fixes).
+- Input: iforce - add support for Boeder Force Feedback Wheel
+ (git-fixes).
+- Input: goodix - add compatible string for GT1158 (git-fixes).
+- Input: goodix - add support for GT1158 (git-fixes).
+- drm/msm/rd: Fix FIFO-full deadlock (git-fixes).
+- drm/amd/amdgpu: skip ucode loading if ucode_size == 0
+ (git-fixes).
+- usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS
+ (git-fixes).
+- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell
+ Dot keymap fixes (git-fixes).
+- platform/surface: aggregator_registry: Add support for Surface
+ Laptop Go 2 (git-fixes).
+- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).
+- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered
+ message (git-fixes).
+- HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo
+ (git-fixes).
+- ACPI: resource: skip IRQ override on AMD Zen platforms
+ (git-fixes).
+- ARM: dts: imx: align SPI NOR node name with dtschema
+ (git-fixes).
+- commit 6a1df1e
+
+- Refresh patches.suse/iommu-vt-d-Acquiring-lock-in-domain-ID-allocation-helpers
+ Fix spin deadlock in intel_iommu (bsc#1203505)
+- commit 69d294e
+
+- media: dvb-core: Fix UAF due to refcount races at releasing
+ (CVE-2022-41218 bsc#1202960).
+- commit bdcd7ab
+
+- cpufreq: tegra194: Staticize struct tegra_cpufreq_soc instances
+ (jsc#PED-1763).
+- commit 2b309dd
+
+- ASoC: tegra: AHUB routes for OPE module (jsc#PED-1763).
+- commit ae8614b
+
+- PCI: tegra194: Add Tegra234 PCIe support (jsc#PED-1763).
+- commit 9848d71
+
+- PCI: tegra194: Extend Endpoint mode support (jsc#PED-1763).
+- commit 64c6d53
+
+- PCI: tegra194: Clean up the exit path for Endpoint mode
+ (jsc#PED-1763).
+- commit 77cf561
+
+- PCI: tegra194: Enable support for 256 Byte payload
+ (jsc#PED-1763).
+- commit 3d70757
+
+- PCI: tegra194: Clear bandwidth management status (jsc#PED-1763).
+- commit 4eb1d6d
+
+- PCI: tegra194: Find RAS DES PCIe capability offset
+ (jsc#PED-1763).
+- commit 6869f7e
+
+- Revert "PCI: tegra194: Rename tegra_pcie_dw to tegra194_pcie"
+ (jsc#PED-1763).
+- Refresh
+ patches.suse/PCI-tegra194-Fix-Root-Port-interrupt-handling.patch.
+- commit 7c3a2c4
+
+- dmaengine: tegra: Add terminate() for Tegra234 (jsc#PED-1763).
+- commit 14777c3
+
+- phy: tegra: Add PCIe PIPE2UPHY support for Tegra234
+ (jsc#PED-1763).
+- commit 8045a50
+
+- gpu: host1x: Register context bus unconditionally
+ (jsc#PED-1763).
+- commit 1cdd50a
+
+- spi: dt-bindings: Add compatible for Tegra241 QSPI
+ (jsc#PED-1763).
+- commit f5277d1
+
+- spi: tegra210-quad: Multi-cs support (jsc#PED-1763).
+- commit 5df9b77
+
+- memory: tegra: Add MGBE memory clients for Tegra234
+ (jsc#PED-1763).
+- commit fe9c9ad
+
+- clocksource/drivers/timer-tegra186: Add support for Tegra234
+ SoC (jsc#PED-1763).
+- commit 9102f99
+
+- clocksource: Add Tegra186 timers support (jsc#PED-1763).
+- Update config files
+- commit f783dd3
+
+- gpu: host1x: Add context bus (jsc#PED-1763).
+- commit 62055eb
+
+- iommu/arm-smmu: Support Tegra234 SMMU (jsc#PED-1763).
+- commit b6d01d1
+
+- cpufreq: tegra194: Add support for Tegra234 (jsc#PED-1763).
+- commit 6ccf722
+
+- cpufreq: tegra194: add soc data to support multiple soc
+ (jsc#PED-1763).
+- commit d6431d8
+
+- dmaengine: tegra: Remove unused switch case (jsc#PED-1763).
+- commit 21ff5bc
+
+- dmaengine: tegra: Fix uninitialized variable usage
+ (jsc#PED-1763).
+- commit 8692e6a
+
+- dmaengine: tegra: Use platform_get_irq() to get IRQ resource
+ (jsc#PED-1763).
+- commit dce0f23
+
+- dmaengine: tegra: Remove unused including <linux/version.h>
+ (jsc#PED-1763).
+- commit e600cdf
+
+- dmaengine: tegra: Add tegra gpcdma driver (jsc#PED-1763).
+- Update config files.
+- supported.conf
+- commit 8c4f76d
+
+- PCI: tegra194: Remove unnecessary MSI enable reg save and
+ restore (jsc#PED-1763).
+- commit 028846a
+
+- mailbox: tegra-hsp: Add 128-bit shared mailbox support
+ (jsc#PED-1763).
+- commit 2799912
+
+- mailbox: tegra-hsp: Add tegra_hsp_sm_ops (jsc#PED-1763).
+- commit 301d237
+
+- memory: tegra: Add MC error logging on Tegra186 onward
+ (jsc#PED-1763).
+- commit 803123e
+
+- memory: tegra: Add memory controller channels support
+ (jsc#PED-1763).
+- commit 91c35b0
+
+- memory: tegra: Add APE memory clients for Tegra234
+ (jsc#PED-1763).
+- commit bddcc01
+
+- memory: tegra: Add Tegra234 support (jsc#PED-1763).
+- commit 15d156c
+
+- soc/tegra: pmc: Update Tegra234 reset sources (jsc#PED-1763).
+- ASoC: tegra: AHUB routes for ASRC module (jsc#PED-1763).
+- soc/tegra: pmc: Add Tegra234 wake events (jsc#PED-1763).
+- commit 055208f
+
+- ASoC: tegra: Update AHUB driver for Tegra234 (jsc#PED-1763).
+- ALSA: hda/tegra: Hardcode GCAP ISS value on T234 (jsc#PED-1763).
+- commit 12ff211
+
+- PCI: tegra194: Rename tegra_pcie_dw to tegra194_pcie
+ (jsc#PED-1763).
+- Refresh
+ patches.suse/PCI-tegra194-Fix-Root-Port-interrupt-handling.patch.
+- Refresh
+ patches.suse/PCI-tegra194-Fix-link-up-retry-sequence.patch.
+- commit 43c995b
+
+- misc: sram: Add compatible string for Tegra234 SYSRAM
+ (jsc#PED-1763).
+- commit c359d28
+
+- gpio: tegra186: Add support for Tegra234 (jsc#PED-1763).
+- Refresh
+ patches.suse/gpio-tegra186-Add-support-for-Tegra241.patch.
+- commit 794cc29
+
+- gpu: host1x: select CONFIG_DMA_SHARED_BUFFER (jsc#PED-1763).
+- commit 805f6b6
+
+- Update kabi files: import symvers from MU 5.14.21-150400.24.21
+- commit a9db6f7
+
+- blacklist.conf: e9b6013a7ce3 x86/speculation: Update link to AMD speculation whitepaper
+- commit 2ebf815
+
+- EDAC/dmc520: Don't print an error for each unconfigured
+ interrupt line (bsc#1190497).
+- commit c59e321
+
+- blacklist.conf: ad2c302bc604 EDAC/sifive: Fix non-kernel-doc comment
+- commit 1146177
+
+- Update patch reference for media fix (CVE-2022-3239 bsc#1203552)
+- commit 9054a9f
+
+- supported.conf: Add drivers/virt/coco/sevguest/sevguest
+- commit 14b71be
+
+- virt: Add SEV-SNP guest driver (jsc#SLE-19924, jsc#SLE-24814).
+- Update config files.
+- commit 07e76d6
+
+- scsi: smartpqi: Shorten drive visibility after removal
+ (bsc#1200622).
+- commit 575230a
+
+- x86/sev: Provide support for SNP guest request NAEs
+ (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
+- commit eaa3ba3
+
+- x86/boot: Add Confidential Computing type to setup_data
+ (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+- commit cecec70
+
+- x86/mm: Validate memory when changing the C-bit (jsc#SLE-19924,
+ jsc#SLE-24814).
+- Refresh
+ patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
+- commit d7a984b
+
+- x86/sev: Check the VMPL level (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
+- commit df057b9
+
+- x86/sev: Add a helper for the PVALIDATE instruction
+ (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/revert-x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv.patch.
+- commit 27da7ad
+
+- x86/compressed/64: Detect/setup SEV/SME features earlier during
+ boot (jsc#SLE-19924, jsc#SLE-24814).
+- Refresh
+ patches.suse/x86-sev-define-the-linux-specific-guest-termination-reasons.patch.
+- commit 509599d
+
+- kABI: Fix kABI after SNP-Guest backport (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Get the AP jump table address from secrets page
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/boot: Put globals that are accessed early into the .data
+ section (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Fix bool function returning negative value
+ (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Fix return value check in alloc_shared_pages()
+ (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement
+ (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Add support to get extended report
+ (jsc#SLE-19924, jsc#SLE-24814).
+- virt: sevguest: Add support to derive key (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Register SEV-SNP guest request platform device
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Add a sev= cmdline option (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Use firmware-validated CPUID for SEV-SNP guests
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Add SEV-SNP feature detection/setup (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/compressed/64: Add identity mapping for Confidential
+ Computing blob (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Export and rename add_identity_map()
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP
+ guests (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Add SEV-SNP feature detection/setup
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/boot: Add a pointer to Confidential Computing blob in
+ bootparams (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/64: Add support for SEV-SNP CPUID table in #VC
+ handlers (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Move MSR-based VMGEXITs for CPUID to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- KVM: x86: Move lookup of indexed CPUID leafs to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI kexec handling into common code
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI vendor table lookup to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI config table lookup to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI system table lookup to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed/acpi: Move EFI detection to helper
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/head/64: Re-enable stack protection (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Use SEV-SNP AP creation to start secondary CPUs
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/kernel: Validate ROM memory before accessing when SEV-SNP
+ is active (jsc#SLE-19924, jsc#SLE-24814).
+- x86/kernel: Mark the .bss..decrypted section as shared in the
+ RMP table (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Add helper for validating pages in early enc attribute
+ changes (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Register GHCB memory when SEV-SNP is active
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Register GHCB memory when SEV-SNP is active
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/compressed: Add helper for validating pages in the
+ decompression stage (jsc#SLE-19924, jsc#SLE-24814).
+- x86/sev: Check SEV-SNP features support (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/mm: Extend cc_attr to include AMD SEV-SNP (jsc#SLE-19924,
+ jsc#SLE-24814).
+- x86/sev: Detect/setup SEV/SME features earlier in boot
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/boot: Use MSR read/write helpers instead of inline assembly
+ (jsc#SLE-19924, jsc#SLE-24814).
+- x86/boot: Introduce helpers for MSR reads/writes (jsc#SLE-19924,
+ jsc#SLE-24814).
+- KVM: SVM: Update the SEV-ES save area mapping (jsc#SLE-19924,
+ jsc#SLE-24814).
+- KVM: SVM: Create a separate mapping for the GHCB save area
+ (jsc#SLE-19924, jsc#SLE-24814).
+- KVM: SVM: Create a separate mapping for the SEV-ES save area
+ (jsc#SLE-19924, jsc#SLE-24814).
+- KVM: SVM: Define sev_features and VMPL field in the VMSA
+ (jsc#SLE-19924, jsc#SLE-24814).
+- commit 08ede5a
+
+- md: unlock mddev before reap sync_thread in action_store
+ (bsc#1197659).
+- commit b42af07
+
+- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type
+ in mpc85xx (git-fixes).
+- pinctrl: sunxi: Fix name for A100 R_PIO (git-fixes).
+- pinctrl: qcom: sc8180x: Fix wrong pin numbers (git-fixes).
+- pinctrl: qcom: sc8180x: Fix gpio_wakeirq_map (git-fixes).
+- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).
+- drm/meson: Correct OSD1 global alpha value (git-fixes).
+- drm/amdgpu: move nbio sdma_doorbell_range() into sdma code
+ for vega (git-fixes).
+- drm/amdgpu: move nbio ih_doorbell_range() into ih code for vega
+ (git-fixes).
+- of/device: Fix up of_dma_configure_id() stub (git-fixes).
+- of: fdt: fix off-by-one error in unflatten_dt_nodes()
+ (git-fixes).
+- drm/i915: Implement WaEdpLinkRateDataReload (git-fixes).
+- vfio/type1: Unpin zero pages (git-fixes).
+- efi: capsule-loader: Fix use-after-free in efi_capsule_write
+ (git-fixes).
+- efi: libstub: Disable struct randomization (git-fixes).
+- fbdev: chipsfb: Add missing pci_disable_device() in
+ chipsfb_pci_init() (git-fixes).
+- commit a8d151e
+
+- ASoC: mchp-spdiftx: Fix clang -Wbitfield-constant-conversion
+ (git-fixes).
+- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly
+ (git-fixes).
+- drm/radeon: add a force flush to delay work when radeon
+ (git-fixes).
+- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup
+ (git-fixes).
+- drm/amdgpu: Move psp_xgmi_terminate call from
+ amdgpu_xgmi_remove_device to psp_hw_fini (git-fixes).
+- drm/gem: Fix GEM handle release errors (git-fixes).
+- ASoC: mchp-spdiftx: remove references to mchp_i2s_caps
+ (git-fixes).
+- drm/bridge: display-connector: implement bus fmts callbacks
+ (git-fixes).
+- commit a41cdd0
+
+- xen/gntdev: Ignore failure to unmap INVALID_GRANT_HANDLE
+ (git-fixes).
+- commit 37ef226
+
+- xen-blkfront: Cache feature_persistent value before
+ advertisement (git-fixes).
+- commit 3ed3cdd
+
+- Update references:
+ - patches.kabi/kabi-return-type-change-of-secure_ipv-46-_port_ephem.patch
+ - patches.suse/secure_seq-use-the-64-bits-of-the-siphash-for-port-o.patch
+ - patches.suse/tcp-add-small-random-increments-to-the-source-port.patch
+ - patches.suse/tcp-drop-the-hash_32-part-from-the-index-calculation.patch
+ - patches.suse/tcp-dynamically-allocate-the-perturb-table-used-by-s.patch
+ - patches.suse/tcp-increase-source-port-perturb-table-to-2-16.patch
+ - patches.suse/tcp-resalt-the-secret-every-10-seconds.patch
+ - patches.suse/tcp-use-different-parts-of-the-port_offset-for-index.patch
+ (add CVE-2022-32296 bsc#1200288)
+- commit 07e021d
+
+- xen-netback: only remove 'hotplug-status' when the vif is
+ actually destroyed (git-fixes).
+- commit 33b6bc1
+
+- xen-blkfront: Advertise feature-persistent as user requested
+ (git-fixes).
+- commit 55b30a0
+
+- xen-blkback: Advertise feature-persistent as user requested
+ (git-fixes).
+- commit aa17727
+
+- xen-blkfront: Apply 'feature_persistent' parameter when connect
+ (git-fixes).
+- commit ea0d055
+
+- xen-blkback: Apply 'feature_persistent' parameter when connect
+ (git-fixes).
+- commit 8bac828
+
+- xen-blkback: fix persistent grants negotiation (git-fixes).
+- commit 8c9e86e
+
+- xen/gntdev: Avoid blocking in unmap_grant_pages() (git-fixes).
+- commit 8ae5e2f
+
+- x86/xen: Remove undefined behavior in setup_features()
+ (git-fixes).
+- commit fe2de2e
+
+- xen-blkfront: Handle NULL gendisk (git-fixes).
+- commit ff9be3a
+
+- blacklist.conf: add 1dbd11ca75fe ("xen: remove gnttab_query_foreign_access")
+ as it would break KABI
+- commit 893d5df
+
+- KVM: SVM: fix tsc scaling cache logic (bsc#1203263).
+- commit 9311053
+
+- xen/grants: prevent integer overflow in gnttab_dma_alloc_pages()
+ (git-fixes).
+- commit 4acefb4
+
+- KVM: VMX: Heed the 'msr' argument in msr_write_intercepted()
+ (git-fixes).
+- commit c7cc445
+
+- KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall
+ (git-fixes).
+- commit cfc201b
+
+- KVM: x86: hyper-v: Drop redundant 'ex' parameter from
+ kvm_hv_send_ipi() (git-fixes).
+- commit 001f866
+
+- KVM: X86: Fix when shadow_root_level=5 && guest root_level<4
+ (git-fixes).
+- commit 4d133af
+
+- jfs: prevent NULL deref in diFree (bsc#1203389 CVE-2022-3202).
+- commit 1259272
+
libebml
+- Update to version 1.4.4
+ * Fix ABI compatibility: unfortunately release 1.4.3 broke ABI
+ compatibility. This release restores the compatibility with
+ release 1.4.2. Please use it instead of release 1.4.3. In
+ other words: 1.4.2 & 1.4.4 are compatible, while 1.4.3 is
+ compatible with neither 1.4.2 nor 1.4.4.
+
+- update to 1.4.3:
+ * A C++14 compliant C++ compiler is now required.
+ * Fix compilation with g++ 11. Fixes #80.
+ * Remove Coremake project files
+ * Updated the bundled utf8cpp to v3.2.1.
+ * Fixed several problems in `EbmlBinary:` potential segfault by
+ writing to a `nullptr`, potential memory leak under certain error
+ conditions.
+ * Fixed problems with the generated `pkg-config` files if any of the
+ installation paths are absolute.
+- drop 0001-include-appropriate-header-files-for-std-numeric_lim.patch (upstream)
+
libheif
+- Add missing gdk-pixbuf loader scriptlets (bsc#1199987).
+
libksba
+- Security fix: [bsc#1204357, CVE-2022-3515]
+ * Detect a possible overflow directly in the TLV parser.
+ * Add libksba-CVE-2022-3515.patch
+
-- add libtool as buildrequire to avoid implicit dependency
-
-- update to libksba-1.2.0
- - New functions to allow the creation of X.509 certificates.
- - Interface changes relative to the 1.1.0 release:
- ksba_certreq_set_serial NEW
- ksba_certreq_set_issuer NEW
- ksba_certreq_set_validity NEW
- ksba_certreq_set_siginfo NEW
-
-- update to libksba-1.1.0
- * New functions to fix a leak in dirmngr.
- * Interface changes relative to the 1.0.0 release:
- ksba_reader_set_release_notify NEW
- ksba_writer_set_release_notify NEW
-- clean up specfile
-
-- Use %_smp_mflags
-
-- update to libksba-1.0.8
- * Fixed a CMS parsing bug exhibited by Lotus Notes.
-
-- update to libksba-1.0.7
- * Detect overflow while parsing OIDs. Map BER encoded OIDs to well
- known names.
- * Allow mixed case names in DNs.
-
-- update to libksba-1.0.6
- * Support SHA-{384,512} based signature generation.
- * The RSA algorithmIdentifier ASN.1 sequence is now emitted with an
- explicit NULL parameter. Despite the interop testing we did in the
- past, some software still requires this and thus we better follow
- the best current practise.
-
-- remove static libraries and "la" files
-- fix buildrequires and -devel package dependencies
-
libmad
+- length-check.patch: incorporate previous frame_length.diff checks
+
+- length-check.patch: replaces frame_length.diff. Fixes now also
+ bsc#1036968, bsc#1036969 (CVE-2017-8373, CVE-2017-8372)
+- use %license for the license
+
-- Fixup to adhere openSUSE specfile requirements.
-
-- fix build on > 12.1 by BuildRequires: autoconf automake libtool
-- call autoreconf to rebuild configure from patched configure.ac
-
-- disable static and remove .la files
-- patch away CFLAGS mangling completely
-
-- add patch to keep -O2 in CFLAGS
-- pass --enable-accuracy
-
libmatroska
+- update to 1.7.1:
+ * Fix ABI compatibility: unfortunately release 1.7.0 broke ABI
+ compatibility. This release restores the compatibility with
+ release 1.6.3. Please use it instead of release 1.7.0. In other
+ words: 1.6.3 & 1.7.1 are compatible, while 1.7.0 is compatible
+ with neither 1.6.3 nor 1.7.1.
+
+- update to 1.7.0:
+ * A C++14 compliant C++ compiler is now required.
+ * libEBML v1.4.3 is now required.
+ * Remove Coremake project files
+ * Add `KaxInternalBlock::GetRelativeTimestamp()` to access unscaled
+ block timestamps.
+ * Fixed problems with the generated `pkg-config` files if any of the
+ installation paths are absolute.
+ * Added several enums in `namespace libmatroska` for the various
+ elements that are constrained to a set of options:
+ `MatroskaTrackType`, `MatroskaTrackEncodingCompAlgo`,
+ `MatroskaChapterTranslateCodec`, `MatroskaTrackTranslateCodec`,
+ `MatroskaVideoFlagInterlaced`, `MatroskaVideoFieldOrder`,
+ `MatroskaVideoStereoMode`, `MatroskaVideoAlphaMode`,
+ `MatroskaVideoOldStereoMode`, `MatroskaVideoDisplayUnit`,
+ `MatroskaVideoAspectRatioType`, `MatroskaVideoMatrixCoefficients`,
+ `MatroskaColourChromaSitingHorz`, `MatroskaColourChromaSitingVert`,
+ `MatroskaVideoRange`, `MatroskaVideoTransferCharacteristics`,
+ `MatroskaVideoPrimaries`, `MatroskaVideoProjectionType`,
+ `MatroskaAudioEmphasis`, `MatroskaTrackPlaneType`,
+ `MatroskaContentEncodingScope`, `MatroskaContentEncodingType`,
+ `MatroskaContentEncodingAlgo`, `MatroskaAESSettingsCipherMode`,
+ `MatroskaContentSignatureAlgo`, `MatroskaContentSigHashAlgo`,
+ `MatroskaChapterSkipType`, `MatroskaChapterProcessTime` and
+ `MatroskaTargetTypeValue`.
+ * Updated the semantics to the latest specifications, deprecating the
+ following elements by preventing code to write them:
+ `KaxClusterSilentTracks`, `KaxClusterSilentTrackNumber`,
+ `KaxSlices`, `KaxReferenceFrame`, `KaxReferenceOffset`,
+ `KaxReferenceTimeCode`, `KaxTrackTimecodeScale`,
+ `KaxCodecDecodeAll`, `KaxVideoAspectRatio`, `KaxTrickTrackUID`,
+ `KaxTrickTrackSegmentUID`, `KaxTrickTrackFlag`,
+ `KaxTrickMasterTrackUID`, `KaxTrickMasterTrackSegmentUID`,
+ `KaxContentSignature`, `KaxContentSigKeyID`, `KaxContentSigAlgo` and
+ `KaxContentSigHashAlgo`.
+ * Updated the semantics to the latest specifications, making the
+ following elements mandatory (but having default values):
+ `KaxCodecDelay`, `KaxVideoPixelCropBottom`, `KaxVideoPixelCropTop`,
+ `KaxVideoPixelCropLeft`, `KaxVideoPixelCropRight`,
+ `KaxVideoBitsPerChannel`, `KaxCueCodecState`,
+ `KaxTagTargetTypeValue`, `KaxTrackLanguage`, `KaxVideoStereoMode`,
+ `KaxVideoAlphaMode`, `KaxEditionFlagOrdered`,
+ `KaxVideoChromaSitHorz`, `KaxVideoChromaSitVert`,
+ `KaxVideoColourRange`, `KaxVideoColourMatrix`,
+ `KaxVideoColourTransferCharacter`, `KaxVideoColourPrimaries` and
+ `KaxVideoDisplayUnit`.
+ * Updated the semantics to the latest specifications, removing the
+ default values from the following elements: `KaxCueBlockNumber`,
+ `KaxFlagHearingImpaired`, `KaxFlagVisualImpaired`,
+ `KaxFlagTextDescriptions`, and `KaxFlagOriginal`.
+ * Updated the semantics to the latest specifications, adding the
+ following new elements: `TagDefaultBogus` (as a placeholder for
+ accidentally used but wrong EBML ID 0x44b4), `KaxEmphasis`,
+
libmbim
+- update to 1.26.4:
+ * meson: force building doc on normal builds, not only during install.
+ * meson: fix 'export_packages' in GIR setup.
+ * compat: deprecate the MbimLteAttachStatus type.
+ * net-port-manager: use unaligned netlink attribute length.
+ * include MBIM proxy control service in docs.
+ * codegen: add section doc for each service.
+ * utils: add missing short description in section.
+ * compat: add missing MbimLteAttachStatus doc.
+ * device: add missing mbim_device_list_links() doc.
+ * device: fix MbimDevice 'device-in-session' property doc.
+ * version: add missing MBIM_CHECK_VERSION() documentation.
+ * device: fix wrong reference to QmiDevice
+ * Several other minor improvements and fixes.
+
libmediawiki
+- Update to 5.38.0
+ * compile fixes for current Qt
+- Drop Fix-compilation-error-with-Qt-5.15.patch, merged upstream
+- Add signature file and keyring
+- Add needed dependencies to the devel package
+
libnettle
+- POWER10 performance enhancements for cryptography [jsc#PED-546]
+ * Backport the P0 performance enhancements.
+ * Add patches:
+ - libnettle-PowerPC-Implement-Poly1305-single-block-update-based.patch
+ - libnettle-PowerPC-Use-defined-structure-constants-of-P1305-in.patch
+ - libnettle-Workaround-for-qemu-bug-affecting-the-ppc-intruction.patch
+
libogg
-- Orthographic fixes to descriptions. RPM group fix.
-
-- Update to version 1.3.2
- * Fix an bug in oggpack_writecopy().
-
-- Xiph libogg 1.3.1
- * Guard against very large packets.
- * Respect the configure --docdir override.
- * Documentation fixes.
-- fix SLE build
-
-- own aclocal directory
-
-- -O20 optimization level does not exist, use -O3
-
-- updated to version 1.3.0
- * Add ogg_stream_flush_fill() call
- This produces longer packets on flush, similar to
- what ogg_stream_pageout_fill() does for single pages.
-- run spec-cleaner on it
-- remove "SLES10 -> SLES11 upgrade path" parts since the upgrade
- already happened and anyway the entry in bugzilla is not public
-
-- replace _service with real file
-
-- update to version 1.2.2
- * Build fix (types correction) for Mac OS X
- * Update win32 project files to Visual Studio 2008
- * ogg_stream_pageout_fill documentation fix
-
-- update to version 1.2.1
- * Various build updates (see SVN)
- * Add ogg_stream_pageout_fill() to API to allow applications
- greater explicit flexibility in page sizing.
- * Documentation updates including multiplexing description,
- terminology and API (incl. ogg_packet_clear(),
- ogg_stream_pageout_fill())
- * Correct possible buffer overwrite in stream encoding on 32 bit
- when a single packet exceed 250MB.
- * Correct read-buffer overrun [without side effects] under
- similar circumstances.
- * Update unit testing to work properly with new page spill
- heuristic.
- * Alter default flushing behavior to span less often and use
- larger page sizes when packet sizes are large.
- * Build fixes for additional compilers
- * Documentation updates
-- run spec-cleaner
-- removed configure.dif (reapply if -fsigned-char causes problems)
-- removed libogg-compile-warning-fix.diff (upstreamed)
-
-- add baselibs.conf as a source
-
libreoffice
+- Update to 7.3.6.2 (jsc#SLE-23447):
+ https://wiki.documentfoundation.org/Releases/7.3.6/RC2
+ https://wiki.documentfoundation.org/Releases/7.3.6/RC1
+ https://wiki.documentfoundation.org/Releases/7.3.5/RC2
+ https://wiki.documentfoundation.org/Releases/7.3.5/RC1
+ https://wiki.documentfoundation.org/Releases/7.3.4/RC2
+ https://wiki.documentfoundation.org/Releases/7.3.4/RC1
+ https://wiki.documentfoundation.org/Releases/7.3.3/RC2
+ https://wiki.documentfoundation.org/Releases/7.3.3/RC1
+- LO-L3: Empty table rows appear with lower height
+ * bsc1197498.patch
+- LO-L3: PPTX saved from LO shows with different colors in MSO
+ * bsc1200009.patch
+- LO-L3: PPTX: transparency of PNG image not "shown"
+ * bsc1201093.patch
+- LO-L3: video stops after one iteration instead of playing in loop
+ * bsc1202032.patch
+- LO-L3: Video is "blown" up, distorting proportions
+ * bsc1202114.patch
+- Fix CVE-2022-3140, Macro URL arbitrary script execution
+ (CVE-2022-3140, bsc#1203209)
+ * CVE-2022-3140-4.patch
+- Updated bundled dependencies:
+ * curl-7.79.1 -> curl-7.83.1
+- Remove upstreamed patches:
+ * bsc1192616.patch
+
+ * fixes for the following security vulnerabilities:
+ CVE-2022-26305 (bsc#1201868)
+ CVE-2022-26307 (bsc#1201872)
libstorage-ng
+- merge gh#openSUSE/libstorage-ng#901
+- set used feature flag for quota (bsc#1204773)
+- 4.5.48
+
+- merge gh#openSUSE/libstorage-ng#900
+- make result of ParitionTable::is_partition_id_supported() depend
+ on parted version
+- 4.5.47
+
+- merge gh#openSUSE/libstorage-ng#899
+- allow to work with other linux flavours
+- 4.5.46
+
+- merge gh#openSUSE/libstorage-ng#898
+- allow blkid to exit with exit status 2 (bsc#1203285)
+- 4.5.45
+
libtasn1
+- Add libtasn1-CVE-2021-46848.patch: Fixed off-by-one array size check
+ that affects asn1_encode_simple_der (CVE-2021-46848, bsc#1204690).
+
libtheora
-- update to version 1.0 final
- * new additional encoder and decoder libs with new api.
-
libupnp
+- Update to release 1.14.14
+ * Skip leading UTF-8 BOM in XML documents
+
libxml2
+- Update to version 2.10.3 (bsc#1204366, CVE-2022-40303, bsc#1204367, CVE-2022-40304):
+ + Security:
+ - [CVE-2022-40304] Fix dict corruption caused by entity
+ reference cycles
+ - [CVE-2022-40303] Fix integer overflows with XML_PARSE_HUGE
+ - Fix overflow check in SAX2.c
+ + Build system: cmake: Set SOVERSION
+- Rebase patches with quilt.
+
+- Build for now with --with-legacy to enable APIs that have been
+ deprecated recently. (bsc#1202965)
+
+- Update to version 2.10.2:
+ * Improvements:
+ + Remove set-but-unused variable in xmlXPathScanName
+ + Silence -Warray-bounds warning
+ * Build system
+ + build: require automake-1.16.3 or later
+ + Remove generated files from distribution
+ * Test suite: Don't create missing.xml when running testapi
+- Add configure --with-python=%{__python3} inbefore python build,
+ as upstream no longer ships pre-grenerated files.
+- Use sed to fix env-script-interpreter in documentation example.
+- Pass with-ftp to configure, build ftp support.
+
+- Update to version 2.10.1:
+ * Regressions: Fix xmlCtxtReadDoc with encoding
+ * Bug fixes: Fix HTML parser with threads and --without-legacy
+ * Build system:
+ + Fix build with Python 3.10
+ + cmake: Disable version script on macOS
+ + Remove Makefile rule to build testapi.c
+ * Documentation:
+ + Switch back to HTML output for API documentation
+ + Port doc/examples/index.py to Python 3
+ + Fix order of exports in libxml2-api.xml
+ + Remove libxml2-refs.xml
+
+- Update to 2.10.0:
+ * Security
+ + [CVE-2022-2309] Reset nsNr in xmlCtxtReset
+ + Reserve byte for NUL terminator and report errors consistently in xmlBuf and
+ xmlBuffer
+ + Fix missing NUL terminators in xmlBuf and xmlBuffer functions
+ + Fix integer overflow in xmlBufferDump()
+ + xmlBufAvail() should return length without including a byte for NUL
+ terminator
+ + Fix ownership of xmlNodePtr & xmlAttrPtr fields in xmlSetTreeDoc()
+ + Use xmlNewDocText in xmlXIncludeCopyRange
+ + Fix use-after-free bugs when calling xmlTextReaderClose() before
+ xmlFreeTextReader() on post-validating parser
+ + Use UPDATE_COMPAT() consistently in buf.c
+ + fix: xmlXPathParserContext could be double-delete in OOM case.
+ * Removals and deprecations
+ + Disable XPointer location support by default
+ + Remove outdated xml2Conf.sh
+ + Deprecate module init and cleanup functions
+ + Remove obsolete XML Software Autoupdate (XSA) file
+ + Remove DOCBparser
+ + Remove obsolete Python test framework
+ + Remove broken VxWorks support
+ + Remove broken Mac OS 9 support
+ + Remove broken bakefile support
+ + Remove broken Visual Studio 2010 support
+ + Remove broken Windows CE support
+ + Deprecate IDREF-related functions in valid.h
+ + Deprecate legacy functions
+ + Disable legacy support by default
+ + Deprecate all functions in nanoftp.h
+ + Disable FTP support by default
+ + Add XML_DEPRECATED macro
+ + Remove elfgcchack.h
+ * Regressions
+ + Skip incorrectly opened HTML comments
+ + Restore behavior of htmlDocContentDumpFormatOutput()
+ * Bug fixes
+ + Fix memory leak with invalid XSD
+ + Make XPath depth check work with recursive invocations
+ + Fix memory leak in xmlLoadEntityContent error path
+ + Avoid double-free if malloc fails in inputPush
+ + Properly fold whitespace around the QName value when validating an XSD
+ schema.
+ + Add whitespace folding for some atomic data types that it's missing on.
+ + Don't add IDs containing unexpanded entity references
+ * Improvements
+ + Avoid calling xmlSetTreeDoc
+ + Simplify xmlFreeNode
+ + Don't reset nsDef when changing node content
+ + Fix unintended fall-through in xmlNodeAddContentLen
+ + Remove unused xmlBuf functions
+ + Implement xpath1() XPointer scheme
+ + Add configuration flag for XPointer locations support
+ + Fix compiler warnings in Python code
+ + Mark more static data as `const`
+ + Make xmlStaticCopyNode non-recursive
+ + Clean up encoding switching code
+ + Simplify recursive pthread mutex
+ + Use non-recursive mutex in dict.c
+ + Fix parser progress checks
+ + Avoid arithmetic on freed pointers
+ + Improve buffer allocation scheme
+ + Remove unneeded #includes
+ + Add support for some non-standard escapes in regular expressions.
+ + htmlParseComment: handle abruptly-closed comments
+ + Add let variable tag support
+ + Add value-of tag support
+ + Remove useless call to xmlRelaxNGCleanupTypes
+ + Don't include ICU headers in public headers
+ + Update `xmlStrlen()` to use POSIX / ISO C `strlen()`
+ + Fix unused variable warnings with disabled features
+ + Only warn on invalid redeclarations of predefined entities
+ + Remove unneeded code in xmlreader.c
+ + Rework validation context flags
+ * Portability
+ + Use NAN/INFINITY if available to init XPath NaN/Inf
+ + Fix Python tests on macOS
+ + Fix xmlCleanupThreads on Windows
+ + Fix reinitialization of library on Windows
+ + Don't mix declarations and code in runtest.c
+ + Use portable python shebangs
+ + Use critical sections as mutex on Windows
+ + Don't set HAVE_WIN32_THREADS in win32config.h
+ + Use stdint.h with newer MSVC
+ + Remove cruft from win32config.h
+ + Remove isinf/isnan emulation in win32config.h
+ + Always fopen files with "rb"
+ + Remove __DJGPP__ checks
+ + Remove useless __CYGWIN__ checks
+ * Build system
+ + Don't autogenerate doc/examples/Makefile.am
+ + cmake: Install libxml.m4 on UNIX-like platforms
+ + cmake: Use symbol versioning on UNIX-like platforms
+ + Port genUnicode.py to Python 3
+ + Port gentest.py to Python 3
+ + cmake: Fix build without thread support
+ + cmake: Install documentation in CMAKE_INSTALL_DOCDIR
+ + cmake: Remove non needed files in docs dir
+ + configure: move XML_PRIVATE_LIBS after WIN32_EXTRA_LIBADD is set
+ + Move local Autoconf macros into m4 directory
+ + Use XML_PRIVATE_LIBS in libxml2_la_LIBADD
+ + Update libxml-2.0-uninstalled.pc.in
+ + Remove LIBS from XML_PRIVATE_LIBS
+ + Add WIN32_EXTRA_LIBADD to XML_PRIVATE_LIBS
+ + Don't overlink executables
+ + cmake: Adjust paths for UNIX or UNIX-like target systems
+ + build: Make use of variables in libxml's pkg-config file
+ + Avoid obsolescent `test -a` constructs
+ + Move AM_MAINTAINER_MODE to AM section
+ + configure.ac: make AM_SILENT_RULES([yes]) unconditional
+ + Streamline documentation installation
+ + Don't try to recreate COPYING symlink
+ + Detect libm using libtool's macros
+ + configure.ac: disable static libraries by default
+ + python/Makefile.am: nest python docs in $(docdir)
+ + python/Makefile.am: rely on global AM_INIT_AUTOMAKE
+ + Makefile.am: install examples more idiomatically
+ + configure.ac: remove useless AC_SUBST
+ + Respect `--sysconfdir` in source files
+ + Ignore configure backup file created by recent autoreconf too
+ + Only install *.html and *.c example files
+ + Remove --with-html-dir option
+ + Rework documentation build system
+ + Remove old website
+ + Use AM_PATH_PYTHON/PKG_CHECK_MODULES for python bindings
+ + Update genChRanges.py
+ + Update build_glob.py
+ + Remove ICONV_CONST test
+ + Remove obsolete AC_HEADER checks
+ + Don't check for standard C89 library functions
+ + Don't check for standard C89 headers
+ + Remove special configuration for certain maintainers
+ * Test suite, CI
+ + Disable network in API tests
+ + testapi: remove leading slash from "/missing.xml"
+ + Build Autotools CI tests out of source tree (VPATH)
+ + Add --with-minimum build to CI tests
+ + Fix warnings when testing --with-minimum build
+ + cmake: Run all tests when threads are disabled
+ + Also build CI tests with -Werror
+ + Move doc/examples tests to new test suite
+ + Simplify 'make check' targets
+ + Fix schemas and relaxng tests
+ + Remove unused result files
+ + Allow missing result files in runtest
+ + Move regexp tests to runtest
+ + Move SVG tests to runtest.c
+ + Move testModule to new test suite
+ + Move testThreads to new test suite
+ + Remove major parts of old test suite
+ + Make testchar return an error on failure
+ + Add CI job for static build
+ + python/tests: open() relative to test scripts
+ + Port some test scripts to Python 3
+ * Documentation
+ + Improve documentation of tree manipulation API
+ + Update xml2-config man page
+ + Consolidate man pages
+ + Rename xmlcatalog_man.xml
+ + Make examples a standalone HTML page
+ + Fix documentation in entities.c
+ + Add note about optimization flags
+
libzypp
+- Resolver: Fix missing --[no]-recommends initialization in
+ update (fixes #openSUSE/zypper#459, bsc#1201972)
+- Log ONLY_NAMESPACE_RECOMMENDED because this is what corresponds
+ to --[no]-recommends.
+- version 17.31.2 (22)
+
+- UsrEtc: Store logrotate files in %{_distconfdir} if defined
+ (fixes #402)
+- Log backtrace on SIGABRT too.
+- Need to explicitly enable building experimental code. Otherwise
+ an old Notcurses++ package which happens to be present in the
+ buildenv breaks the build (fixes #412).
+- Work around libyui/libyui#78 on code 15.4 and older.
+- Stop using std::*ary_function; deprecated and removed in c++17.
+- Don't expose header files which use types not available in
+ c++11. In 15.3 and older, YAST and PK compile with -std=c++11.
+- Remove no longer needed %post code (bsc#1203649)
+- Enable zck support for SLE15-SP4 and newer. On Leap it is enabled
+ since 15.1 (bsc#1189282)
+- version 17.31.1 (22)
+
live555
+- update to 2022.10.01:
+ - Updated the previous revision so that the virtual function "specialHandlingOfAuthenticationFailure()"
+ is now called only if there is an actual authentication failure - not on the first time that
+ we send back a "401 Unauthorized" response.
+ - Added a new virtual function "specialHandlingOfAuthenticationFailure()" to "RTSPServer" to
+ allow a subclassed "RTSPServer" to take special action (e.g., statistics logging)
+ whenever an authentication failure occurs.
+
lvm2
+- dracut-initqueue timeouts with 5.3.18-150300.59.63 kernel on ppc64le (bsc#1199074)
+ - in lvm2.spec, change device_mapper_version from 1.02.185 to %{lvm2_version}_1.02.185
+
+- lvm.conf should re-enable commented out option use_lvmlockd (bsc#1204219)
+ - re-enable "use_lvmlockd = 0" in lvm.conf
+
lvm2:devicemapper
+- dracut-initqueue timeouts with 5.3.18-150300.59.63 kernel on ppc64le (bsc#1199074)
+ - in lvm2.spec, change device_mapper_version from 1.02.185 to %{lvm2_version}_1.02.185
+
+- lvm.conf should re-enable commented out option use_lvmlockd (bsc#1204219)
+ - re-enable "use_lvmlockd = 0" in lvm.conf
+
manpages-l10n
+- Add manpages-l10n-4.15.0-fix-links.patch: Fix incorrect links in
+ man2 (boo#1202798).
+
manufacturer-PPDs
+- use grep -E instead of egrep to be compatible with newer grep versions
+
-- Add a line-feed to the end of all PPDs to fix those PPDs where
- it is missing. See Novell/Suse Bugzilla bug #309832:
- Unix/Linux text files must end with a line-feed.
- Otherwise reading the last line results EOF and then some
- programs may ignore the last line.
-
mariadb
+- Update to 10.6.10:
+ https://mariadb.com/kb/en/library/mariadb-10610-release-notes
+ https://mariadb.com/kb/en/library/mariadb-10610-changelog
+ * fixes for the following security vulnerabilities:
+ 10.6.10: none
+
+ CVE-2022-38791 (bsc#1202863)
mcelog
+- Includes following SLE 15 SP5 jira features:
+ * jsc#PED-671 mcelog: Update to latest release
+ * jsc#PED-686 [CPU Features] Update mcelog support for ADL-N
+ * jsc#PED-638 [CPU Features] Update mcelog support for MTL-P
+- Update to version 189:
+ * mcelog: Add another Raptor Lake CPU model
+ * Fix generation of cputype files
+ * mcelog: Add missing model numbers for Broadwell and Raptorlake
+ * mcelog: Makefile: Only touch cputype.h if needed to create it
+ * Makefile: add install-nodoc target
+ * Use env as the shebang target
+ * Add missing dependencies for cputype include files
+ * mcelog: Reverse sens of check to call resolveaddr()
+ * mcelog: Reverse the sense of the check to set memory_error_support
+ * mcelog: Drop CASE_INTEL define
+ * mcelog: Generate cpu_choices[] from table
+ * mcelog: Generate the cputype_name[] array from the table
+ * mcelog: Add CPU model numbers to table and generate switch function
+ * mcelog: Generate CPU_* enums from a table
+ * mcelog: Add two more Alderlake model numbers
+ * mcelog: Reduce default threshold for corrected error page offline
+ * Make genconfig use python3
+ * mcelog: Add support for Raptorlake
+ * Fix warnings in sysfs.c
+ * mcelog: Change "DDR4" string to "DDR" for i10nm platforms
+ * Fix logrotate syntax
+ * remove outdated mcelog.conf.5 manual file
+ * add furture print function for Python2
+ * fix python errors in genconfig.py
+ * fix the buf not freed in read_field
+ * mcelog: Print warning for locked down kernel
+ * mcelog: Handle sysfs files without length
+- Had to adopt to latest CPU identification model
+ mainline patch:
+ b54ee05056a76e mcelog: Drop CASE_INTEL define
+ and friends
+ A add_new_amd_cpu_defines
+ D add-defines.patch
+ M Start-consolidating-AMD-specific-stuff.patch
+ M add-f10h-support.patch
+ M add-f11h-support.patch
+ M add-f12h-support.patch
+ M add-f14h-support.patch
+ M add-f15h-support.patch
+ M add-f16h-support.patch
+ M email.patch
+ M fix_setgroups_missing_call.patch
+
metamail
+- Update ot mimelang-0.3
+ * Avoid to run on NULL if no UTF-8 marker is found
+
-- rename getline to my_getline to avoid conflict with function
- from glibc
-
mosh
+- Update to version 1.4.0:
+ * New features:
+ Support OSC 52 clipboard copy integration (Alex Cornejo)
+ Allow non-inserting prediction (--predict-overwrite) (John Hood)
+ Don't do prediction on large pastes into mosh-client (John Hood)
+ Add true color support (Kang Jianbin)
+ Add syslog logging of connections (Tom Judge)
+ If exec()ing the remote command fails, pause briefly (John Hood)
+ * Bug fixes:
+ ignore unknown renditions (Keith Winstein)
+ Overlays were getting set to the wrong colors (John Hood)
+ Fix issue with incorrect true-color background erase colors (John Hood)
+ Use HAVE_UTEMPTER instead of HAVE_UPTEMPTER (Michael Jarvis)
+ Apply latest consecutive resize, not earliest (Peter Edwards)
+ Use CLOCK_MONOTONIC_RAW when available (Harry Sintonen)
+ Add tmux and alacritty to title_term_types (Naïm Favier)
+ Don't sometimes hang just after launching ssh (Kalle Samuels)
+ * Internal changes:
+ Reformat printed strings in source (John Hood)
+ Code cleanups (John Hood, Anders Kaseorg, Benjamin Barenblat, Alex Chernyakhovsky)
+ Always use non-blocking sockets for recvmsg() (John Hood)
+ Add Perl compile (John Hood)
+ Improvements to the test suite (John Hood)
+ Fixes to autoconf configure (Anders Kaseorg)
+ Cleanups to our cryptography code (Benjamin Barenblat, Alex Chernyakhovsky)
+ * Infrastructure changes:
+ Add support for OCLint static checker (John Hood)
+ Switch from Travis-CI to Github Actions (Wolfgang E. Sanyer, Alex Chernyakhovsky)
+ Add code coverage and fuzzing infrastructure (Alex Chernyakhovsky)
+
multipath-tools
+- Update to version 0.9.2+59+suse.ac8942d:
+ * Fix segfault in "multipath -t" command (boo#1204731)
+
+- Update to version 0.9.2+57+suse.cf3c1e9:
+ * Fix multipathd authorization bypass and symlink attack
+ (bsc#1202739 CVE-2022-41973 CVE-2022-41974)
+ * add multipath-dracut.conf: dracut config file to install
+ tmpfiles.d/multipath.conf in initramfs
+ * Use "queue_mode bio" for NVMeoF/TCP devices
+ * Upstream bug fixes and hwtable updates
+- Drop recompress.service, it just slows down build
+
ntfs-3g_ntfsprogs
+- Add patches to fix CVE-2022-40284 (bsc#1204734):
+ * ntfs-3g-CVE-2022-40284-0001-Rejected-zero-sized-runs.patch
+ * ntfs-3g-CVE-2022-40284-0002-Avoided-merging-runlists-with-no-runs.patch
+
openjpeg2
+ openjpeg2-CVE-2018-20846.patch (CVE-2018-20846, bsc#1140205),
+ openjpeg2-CVE-2018-21010.patch (CVE-2018-21010, bsc#1149789),
+ openjpeg2-CVE-2020-27814.patch (CVE-2020-27814, bsc#1179594),
+ openjpeg2-CVE-2020-27824.patch (CVE-2020-27824, bsc#1179821),
+ openjpeg2-CVE-2020-27841.patch (CVE-2020-27841, bsc#1180042),
+ openjpeg2-CVE-2020-27842.patch (CVE-2020-27842, bsc#1180043),
+ openjpeg2-CVE-2020-27843.patch (CVE-2020-27843, bsc#1180044),
+ openjpeg2-CVE-2020-27845.patch (CVE-2020-27845, bsc#1180046).
+
+- Add security fixes:
-- version 2.0.1
- - New Features:
- * Digital Cinema profiles have been fixed and updated
- * New option to disable MCT if needed
- * extended RAW support: it is now possible to input raw images
- with subsampled color components (422, 420, etc)
- - API/ABI modifications: (see abi_compat_report_2.0.1.html in dev-utils/scripts)
- * No changes, API/ABI fully compatible with 2.0.0
- - Misc:
- * OpenJPEG is now officialy conformant with JPEG 2000 Part-1
- and will soon become official reference software at the
- JPEG committee.
- * Huge amount of bug fixes. See CHANGES for details.
-- adjust library name
-
openssl-1_1
+- FIPS: Default to RFC-7919 groups for genparam and dhparam
+ * Add openssl-1_1-FIPS-default-RFC7919.patch [bsc#1180995]
+
+- FIPS: list only FIPS approved digest and public key algorithms
+ [bsc#1121365, bsc#1190888, bsc#1193859, bsc#1198471, bsc#1198472]
+ * Add openssl-1_1-fips-list-only-approved-digest-and-pubkey-algorithms.patch
+ * Disabled test 15-test_ec.t in FIPS mode
+
+- FIPS: Add KAT for the RAND_DRBG implementation [bsc#1203069]
+ * Add openssl-1_1-fips-drbg-selftest.patch
+
+- FIPS: openssl: RAND api should call into FIPS DRBG [bsc#1201293]
+ * The FIPS_drbg implementation is not FIPS validated anymore. To
+ provide backwards compatibility for applications that need FIPS
+ compliant RNG number generation and use FIPS_drbg_generate,
+ this function was re-wired to call the FIPS validated DRBG
+ instance instead through the RAND_bytes() call.
+ * Add openssl-1_1-FIPS_drbg-rewire.patch
+
+- Fix memory leaks introduced by openssl-1.1.1-fips.patch [bsc#1203046]
+ * Add patch openssl-1.1.1-fips-fix-memory-leaks.patch
+
+- FIPS: OpenSSL: Port openssl to use jitterentropy
+ [bsc#1202148, jsc#SLE-24941]
+ * Add openssl-1_1-jitterentropy-3.4.0.patch
+ * Add build dependency on jitterentropy-devel >= 3.4.0 and
+ libjitterentropy3 >= 3.4.0
+
+- FIPS: OpenSSL Provide a service-level indicator [bsc#1190651]
+ * Add patches:
+ - openssl-1_1-ossl-sli-000-fix-build-error.patch
+ - openssl-1_1-ossl-sli-001-fix-faults-preventing-make-update.patch
+ - openssl-1_1-ossl-sli-002-ran-make-update.patch
+ - openssl-1_1-ossl-sli-003-add-sli.patch
+
+- FIPS: Add zeroization of temporary variables to the hmac integrity
+ function FIPSCHECK_verify(). [bsc#1190653]
+ * Add openssl-1_1-Zeroization.patch
+
opensuse-welcome
+- Update to version 0.1.9+git.0.66be0d8:
+ * fix: it's called Plasma
+ * fix: make openSUSE welcome work again (boo#1194380)
+ * fix: undead the URLs to Telegram groups
+ * Translation updates
+
ovmf
+- Update to edk2-stable202208 (jsc#PED-1410)
+ - Features (https://github.com/tianocore/edk2/releases):
+ Add CRC16 and CRC32C to MdePkg
+ IntelFsp2Pkg/ConfigEditor: Support FSP 2.3 header
+ Extend SecureBootVariableLib interfaces
+ UEFI HTTPS Boot Support for HTTP Client Authentication (Basic or Digest)
+ Support 64bit FspResetType for X64 build
+ IntelFsp2Pkg/FspSecCore: Add FSP-I entry for SMM support
+ Add PCI_DEVICE_PPI definition to EDK2
+ Support to assign the subject name to sign the capsule file
+ - Patches (git log --oneline --reverse edk2-stable202205..edk2-stable202208):
+ 7f0890776e MdeModulePkg/UniversalPayload: Align Identifier value with UPL spec
+ b4be5f05dd UefiPayloadPkg: Align Identifier value with UPL spec
+ dac2fc8146 UefiPayloadPkg: Align SpecRevision value with UPL spec
+ 3ca7326b37 OvmfPkg/VirtioGpuDxe: replace struct copy with CopyMem call
+ fa2b212d61 IntelFsp2Pkg: Add FSP 2.3 header support
+ 11d8abcba2 IntelFsp2Pkg: FSP_TEMP_RAM_INIT call must follow X64 Calling Convention
+ df1c7e91b4 IntelFsp2WrapperPkg: FSP_TEMP_RAM_INIT call for X64 Calling Convention
+ 62044aa99b OvmfPkg/ResetVector: Removing SEV-ES CPUID bit check
+ 54cd0d9b2f OvmfPkg: Fix TDVMCALL error in ApRunLoop.nasm
+ 64706ef761 OvmfPkg: Search EFI_RESOURCE_MEMORY_UNACCEPTED for Fw hoblist
+ 81ab97b7b9 OvmfPkg/AmdSev: remove unused SMM bits from .dsc and .fdf files
+ 0223898f3e OvmfPkg/Microvm: drop CODE and VARS files
+ b57911c84c OvmfPkg/FdtPciHostBridgeLib: io range is not mandatory
+ 47f44097eb OvmfPkg/Platform: unfix PcdPciExpressBaseAddress
+ ad3bafa7d5 OvmfPkg/Microvm/pcie: no vbeshim please
+ bd10d4e201 OvmfPkg/Microvm/pcie: mPhysMemAddressWidth tweak
+ 632574ced1 OvmfPkg/Microvm/pcie: add pcie support
+ 5c9f151e0c OvmfPkg: CloudHv: Fix FW_BASE_ADDRESS
+ 43f3cfce19 OvmfPkg: Check for QemuFwCfg availability before accessing it
+ 3129ed374c OvmfPkg: CloudHv: Rely on QemuFwCfgLibNull implementation
+ bf25f27e00 OvmfPkg: Don't access A20 gate register on Cloud Hypervisor
+ 72c5afd0b4 Security: Add HashLibTdx
+ b1567b2e15 CryptoPkg: Add SecCryptLib
+ dc443e4437 SecurityPkg: Add definition of EFI_CC_EVENT_HOB_GUID
+ a708536dce OvmfPkg: Introduce SecMeasurementLib
+ 4b0a622635 OvmfPkg/IntelTdx: Measure Td HobList and Configuration FV
+ ac03c339de OvmfPkg: Add PCDs for LAML/LASA field in CC EVENTLOG ACPI table
+ f8264e1303 MdePkg: Define CC Measure EventLog ACPI Table
+ 57a6ee3461 OvmfPkg/IntelTdx: Add TdTcg2Dxe
+ 0a4019ec9d OvmfPkg/IntelTdx: Enable RTMR based measurement and measure boot
+ 0b36dea3f8 BaseTools: Fix dependency issue in PcdValueInit
+ 4f89e4b3e8 .pytool: UncrustifyCheck: Set IgnoreFiles path relative to package path
+ 2818fda9bc Security: Add SecTpmMeasurementLibTdx
+ ff0ffe5999 OvmfPkg: Implement MeasureHobList/MeasureFvImage
+ a81a650da1 OvmfPkg: Delete SecMeasurementLibTdx
+ ff36b2550f OvmfPkg/Sec: fix stack switch
+ 21a9b605b8 CpuException: Avoid allocating code pages for DXE instance
+ 34d505123e CpuException: Init global variables in-place
+ 2fbc5ff0a5 CpuException: Avoid allocating page but using global variables
+ 2a09527ebc CpuException: Remove InitializeCpuInterruptHandlers
+ e7abb94d1f CpuException: Add InitializeSeparateExceptionStacks
+ 54aeed7e00 MpInitLib: Allocate code buffer for PEI phase
+ 76323c3145 MpInitLib: remove unneeded global ASM_PFX
+ b4d7b9d2b5 MpInitLib: Put SEV logic in separate file
+ 283ab9437a MpInitLib: Only allocate below 1MB memory for 16bit code
+ ccc269756f MpInitLib: Move the Above1Mb vector allocation to MpInitLibInitialize
+ f0b97e165e Revert "OvmfPkg/Sec: fix stack switch"
+ b09ada6edc MdePkg: Remove "assert" from SmmCpuRendevousLibNull.c
+ 92288f4334 MdePkg/BaseLib: Add CRC16-ANSI and CRC32c implementations
+ e2ae0bed29 ArmPkg/ArmExceptionLib: Follow new CpuExceptionHandlerLib APIs
+ 6676162f64 DxeMain: Fix the bug that StackGuard is not enabled
+ 16d97fa601 OvmfPkg: Use PcdOvmfWorkAreaBase instead of PcdSevEsWorkAreaBase
+ 05e57cc9ce SecurityPkg/HashLibTdx: Return EFI_UNSUPPORTED if it is not Tdx guest
+ 92ab049719 BaseTools: output the intermediate library instance when error occurs
+ cc2db6ebfb UefiPayloadPkg: Increase the PcdMaximumUnicodeStringLength
+ e8034b534a UefiPayloadPkg: Always split page table entry to 4K if it covers stack.
+ cfe165140a UefiPayloadPkg: UniversalPayloadBuild.py to support --pcd feature
+ b97243dea3 MdeModulePkg/XhciDxe: Check return value of XHC_PAGESIZE register
+ 3930d1791a ArmPlatformPkg: Remove overly verbose DEBUG lines in LcdGraphicsBlt
+ aa1bce0e5e OvmfPkg: reduce the number of dsc include files for tpm libs
+ 6c9f218bc0 OvmfPkg/Library: Create base HardwareInfoLib for PCI Host Bridges
+ 2b1a5b8c61 Ovmf/HardwareInfoLib: Create Pei lib to parse directly from fw-cfg
+ a1bd79c514 Ovmf/HardwareInfoLib: Add Dxe lib to dynamically parse heterogenous data
+ 3497fd5c26 Ovmf/PlatformPei: Use host-provided GPA end if available
+ 3f5b1b9132 OvmfPkg/PciHostBridgeUtilityLib: Initialize RootBridges apertures with spec
+ f304308e1c ArmPlatformPkg: Add PCD for serial debug port interrupt
+ 4bfd668e5e UefiCpuPkg: CpuDxe: Set RW and P Attributes on Split Pages
+ 2aee08c0b6 UefiPayloadPkg: Backward support with python 3.6
+ 8f0722434b ArmVirtPkg: Include DxeHardwareInfoLib library class in dsc
+ 15b25045e6 Ovmf: Include HardwareInfoLib library classes for IntelTdx
+ b600f253b3 BaseTools/Ecc: Fix grammar in Ecc error message
+ 7f4eca4cc2 MdeModulePkg/XhciDxe: Add access xHCI Extended Capabilities Pointer
+ 5914128871 BaseTools: Fix the GenMake bug for .cpp source file
+ c13377153f MdePkg/Acpi62: Add type 7 NFIT Platform Capabilities Structure support
+ 21e6ef7522 UefiPayloadPkg: Align Attribute value with UPL spec
+ 8d0564deaf pip-requirements.txt: Update basetools version to 0.1.24
+ f966093f5b OvmfPkg/PlatformCI: add IntelTdxBuild.py
+ 70586d4e3a MdePkg/Acpi62: Add bit definitions to NFIT Platform Capabilities Structure
+ 7861b24dc9 ArmPkg/Drivers: ArmGicIsInterruptEnabled returns incorrect value
+ e1eef3a8b0 NetworkPkg: Add Wi-Fi Wpa3 support in WifiConnectManager
+ 134fbd552c SecurityPkg: UefiSecureBoot: Definitions of cert and payload structures
+ d6bee54c45 SecurityPkg: PlatformPKProtectionLib: Added PK protection interface
+ 56c717aafa SecurityPkg: SecureBootVariableLib: Updated time based payload creator
+ 6de7c084db SecurityPkg: SecureBootVariableLib: Updated signature list creator
+ 6eb4079475 SecurityPkg: SecureBootVariableLib: Added newly supported interfaces
+ fe73e9cd89 SecurityPkg: SecureBootVariableProvisionLib: Updated implementation
+ d2a0f379d5 SecurityPkg: Secure Boot Drivers: Added common header files
+ 5678ebb42b SecurityPkg: SecureBootConfigDxe: Updated invocation pattern
+ dbc4e3675f SecurityPkg: SecureBootVariableLib: Added unit tests
+ 152e37cc5a OvmfPkg: Pipeline: Resolve SecureBootVariableLib dependency
+ f193b945ea EmulatorPkg: Pipeline: Resolve SecureBootVariableLib dependency
+ 9ab18fec82 StandaloneMmPkg: Fix issue about SpPcpuSharedBufSize field
+ 31d3eeb103 StandaloneMmPkg: Replace DEBUG_INFO with DEBUG_ERROR
+ 5496c763aa StandaloneMmPkg: Fix check buffer address failed issue from TF-A
+ e93bc6309b UefiCpuPkg/SecCore: Add debug messages to illuminate data flow
+ 86a0f84470 ArmVirtPkg: Pipeline: Resolving newly introduced dependency
+ c8e30482fd .gitignore: Ignore build tools build logs
+ f6f3cc7ead UefiPayloadPkg: Add CryptoDxe driver to UefiPayload
+ 12dd064a18 MdePkg/include: Update DMAR definitions to Intel VT-d spec ver4.0
+ 9ab389c01b UefiCpuPkg: Update SEC_IDT_TABLE struct
+ 470206ba7f IntelFsp2Pkg: Update SEC_IDT_TABLE struct
+ 0d23c447d6 DynamicTablesPkg: Add support to specify FADT minor revision
+ 07c8e5e59b UefiPayloadPkg/PlatformBootManagerLib: Evenly space boot prompt
+ 176016387f BaseTools: add '-p' for Linux 'cp' command.
+ 039bdb4d3e BaseTools: Fix DSC LibraryClass precedence rule
+ fc4a132c0e DynamicTables: Fix DT PCI interrupt flags parsing
+ 792ebb6374 DynamicTablesPkg: Fix generated _HID value for SBSA
+ c966204049 IntelFsp2Pkg: Add Definition of EDKII_PEI_VARIABLE_PPI
+ 586b4a104b Maintainers.txt: Add IntelFsp2*Pkg Maintainer
+ e18a5f813c Maintainers.txt: Update Maintainers/reviewers for UefiPayloadPkg
+ e21b203911 UefiPayloadPkg: Add macro to support selective driver in UPL
+ f0064ac3af Maintainers.txt: Update email address
+ 6cda306da1 DynamicTablesPkg: AcpiSsdtPcieLibArm: Correct translation value
+ 9ac155bf0b DynamicTablesPkg: AcpiSsdtPcieLibArm: Support UID > 0xF
+ 19a8768365 DynamicTablesPkg: AcpiSsdtPcieLibArm: Create support library
+ 671b0cea51 NetworkPkg/HttpBootDxe: Add Support for HTTP Boot Basic Authentication
+ 140446cd59 IntelFsp2Pkg: Support 64bit FspResetType for X64 build.
+ 24eac4caf3 IntelFsp2WrapperPkg: Support 64bit FspResetType for X64 build.
+ 4824924377 IntelFsp2Pkg/FspSecCore: Add FSP-I API for SMM support.
+ 3b8cee1781 Maintainers.txt: update Gary's email address
+ 7ef91af84c EmulatorPkg/PosixFileSystem: Add NULL check on memory allocation
+ 494f333aba MdeModulePkg/CoreDxe: Allow DXE Drivers to use untested memory
+ 343f37b5c0 MdeModulePkg/SetupBrowserDxe:Follow spec'd way to reconnect driver
+ c8af26627a ArmPkg/CpuDxe: drop ARM_PROCESSOR_TABLE pseudo-ACPI table
+ 5a3641bfcd IntelFsp2Pkg: Add FSPI_ARCH_UPD.
+ bf1ff540d9 MdePkg/UefiDevicePathLib: Add support for PEIMs
+ 6964b5c48c MdeModulePkg/Include: Long debug string is truncated to 104 char
+ d32a84b5ad BaseTools: INF should use latest Pcd value instead of default value
+ 8ee26529d1 BaseTools/VolInfo: Correct alignment attributes display
+ c0b7679aac BaseTools/VolInfo: Increase define for highest section value
+ fca5de51e1 BaseTools/VolInfo: Correct EFI_SECTION_VERSION display
+ 8a5782d704 UefiCpuPkg: Fix nasm warning "signed byte value exceeds"
+ a47241f133 UefiPayloadPkg: Add macro to support selection of CryptoDxe driver
+ 69f76d0f72 Maintainers.txt: Remove OvmfPkg/XenTimerDxe reference
+ a8c4fe23c4 Maintainers.txt: Add missing github ids
+ 7f1c89f167 Maintainers.txt: Remove reviewer Harry Han
+ b68d566439 BaseTools/Capsule: Support signtool input subject name to sign capsule file
+ e3d468acb9 BaseTools/VolInfo: Show encapsulation sections
+ 2677286307 UefiPayloadPkg: Fix RelaAddress type always mismatch in if condition
+ f26b70cb9f UefiPayloadPkg: Add support for logging to CBMEM console
+ 57783adfb5 OvmfPkg: Change default to disable MptScsi and PvScsi
+ 1774a44ad9 Maintainers.txt: Remove MptScsi and PvScsi reviewers
+ 0e7add1d75 OvmfPkg/XenHypercallLib: Fix naming of AArch64
+ 3eca64f157 IntelFsp2Pkg: FSPI_UPD is not mandatory.
+ 0d0bfcb457 IntelFsp2Pkg: Fix GenCfgOpt bug for FSPI_UPD support.
+ 8a210b9ac0 ShellPkg: Acpiview: Abbreviate field names to preserve alignment
+ 65c4f3f2be DynamicTablesPkg: Handle error when IdMappingToken is NULL
+ f5cea604a6 DynamicTablesPkg: IORT set reference to Id array only if present
+ 238f903e8d DynamicTablesPkg: IORT set reference to interrupt array if present
+ 4c55f6394f MdePkg: IORT header update for IORT Rev E.d spec
+ cd67efa1b2 ShellPkg: Acpiview: IORT parser update for IORT Rev E.d spec
+ de200b7e2c DynamicTablesPkg: Update ArmNameSpaceObjects for IORT Rev E.d
+ e9150618ec DynamicTablesPkg: IORT generator updates for Rev E.d spec
+ 6f4e10d6db SecurityPkg: Add retry mechanism for tpm command
+ 19cbfaa431 OvmfPkg/QemuVideoDxe: Zero out PixelInformation in QueryMode
+ a551de0d93 ArmVirtPkg: Fix KVM Guest Firmware
+ 0dc9b78a46 Maintainers.txt: Add missing Github IDs for OvmfPkg TPM/TGC modules
+ d219119721 UefiPayloadPkg/PlatformBootManagerLib: Correct spacing in boot prompt
+ 79aab22fca UefiPayloadPkg: Add a Macro to enable Boot Logo
+ 444260d45e UefiPayloadPkg: Load Boot Logo into ACPI table
+ 86757f0b47 MdeModulePkg: Add EDKII_PCI_DEVICE_PPI definition
+ a8f59e2eb4 MdeModulePkg/AhciPei: Use PCI_DEVICE_PPI to manage AHCI device
+ 3e599bbc10 DynamicTablesPkg: Fix using RmrNodeCount unitlitialised
+ a0a03b5154 BaseTools/GenSec: Fix typo
+ f5f8c08db9 BaseTools/VolInfo: Show FV section boundaries
+ d241a09afb BaseTools/VolInfo: Parse EFI_SECTION_FREEFORM_SUBTYPE_GUID header
+ cf02322c98 BaseTools/GenSec: Support EFI_SECTION_FREEFORM_SUBTYPE_GUID sections
+ 1ee1622817 Basetools/GenFw: Allow AARCH64 builds to use the --prm flag
+ 9f197e44b1 PrmPkg: Enable external visibility on PRM symbols
+ 21200d9fe6 PrmPkg: Build Prm Samples with GCC for AARCH64
+ 57faeb782a PrmPkg: Support AArch64 builds using GCC
+ 1da2012d93 PrmPkg: Add details on AArch64 build to the Readme.
+ 0f7bccf584 UefiCpuPkg: Simplify InitializeSeparateExceptionStacks
+ 9a24c3546e MdeModulePkg: Move CPU_EXCEPTION_INIT_DATA to UefiCpuPkg
+ f1688ec9da UefiCpuPkg: Simplify the struct definition of CPU_EXCEPTION_INIT_DATA
+ 75e3c2435c UefiCpuPkg: Create CpuPageTableLib for manipulating X86 paging structs
+ f336e30ba1 UefiCpuPkg/CpuPageTableLib: Return error on invalid parameters
+ bf334513b3 CpuPageTableLib: Fix a bug when a bit is 1 in Attribute, 0 in Mask
+ 13a0471bfd CpuPageTableLib: Refactor the logic
+ 9cb8974f06 CpuPageTableLib: Split the page entry when LA is aligned but PA is not
+ c16f02f776 CpuPageTableLib: Avoid treating non-leaf entry as leaf one
+ f4c845e46b CpuPageTableLib: Fix parent attributes are not inherited properly
+ 9f53fd4ba7 CpuPageTableLib: Fix a bug to avoid unnecessary changing to page table
+ 927113c83b CpuPageTableLib: Fix bug that wrongly requires extra size for mapping
+ e9e2ecab2d CpuPageTableLib: define IA32_PAGE_LEVEL enum type internally
+ e76496530c MdePkg/Library/UefiDevicePathLib: Add back StandaloneMm INF file
+ bd06717863 MdeModulePkg: Enhance bus scan for all root bridge instances
+ 74f44d920a ShellPkg/SmbiosView: Display extended memory info in smbiosview -t 17
+ 83d5871184 UefiCpuPkg/PiSmmCpuDxeSmm: Add a new mIsShadowStack flag
+ 7b4754904e UefiCpuPkg/PiSmmCpuDxeSmm: Remove mInternalCr3 in PiSmmCpuDxeSmm
+ 62391b4ce9 MdeModulePkg/DxeIpl: Remove clearing CR0.WP when protecting pagetable
+ 803ed060ee UefiPayloadPkg: Remove clearing CR0.WP when protecting pagetable
+ a2b61de2f6 IntelFsp2Pkg: FSPM_ARCH2_UPD mismatching bug.
+ 809b5a3d2a MdeModulePkg: Update the SMBIOS version by UPL
+ 2812668bfc UefiCpuPkg/CpuPageTableLib/UnitTest: Add host based unit test
+ 30d62f5e31 OvmfPkg/PlatformDxe: Check ExtractConfig and RouteConfig arguments
+ b94836b224 OvmfPkg/VirtioGpuDxe: Check QueryMode arguments
+ 3f282f4510 OvmfPkg/VirtioFsDxe: Check GetDriverName arguments
+ 64a20bea97 MdeModulePkg/DumpDynPcd: Remove unsupported format specifiers
+ 9102518d29 MdePkg: Improved Smbios Type9 table and Smbios spec v3.5.0 Changes
+ 35d167ef3c ShellPkg: Improved Smbios Type 9 table changes in PrintInfo.c
+ 68bf712d4f MdePkg: Added support for SMBIOS spec v3.6.0 to Smbios.h
+ e2ac68a23b BaseTools/Source/C/GenSec: Fix EFI_SECTION_FREEFORM_SUBTYPE_GUID header
+ d5fd86f256 ShellPkg: Adds Local APIC parser to AcpiView
+ 2bb0020675 UefiPayloadPkg: Return PciRootBridges instead of NULL
+ c15c9fa420 UefiPayloadPkg: Add macro to control NvmExpressDxe
+ 938430741f RedfishPkg/RedfishDiscoverDxe: USB Redfish host interface is not supported
+ eebef1b3b7 RedfishPkg: Redfish modules may need to use the functions which are private
+ f2bf043aaa RedfishPkg: Redfish functions for REST requests are not fully spec complied
+ dfdba857a6 UefiPayloadPkg: Fix Coverity report defect
+ 4d83ee04f4 ShellPkg: Add revision check for DSDT Header on Arm
+ 0ede7cad73 Maintainers.txt: Update maintainers list
+ 722e03bc2e Revert "UefiCpuPkg/CpuPageTableLib/UnitTest: Add host based unit test"
+ 166c49c212 Revert "ShellPkg: Adds Local APIC parser to AcpiView"
+ 39ff9769ca Revert "BaseTools: Fix DSC LibraryClass precedence rule"
+ ba0e0e4c6a BaseTools: Fix DevicePath GNUmakefile for macOS
+ - Respin the following patches:
+ ovmf-Revert-UefiCpuPkg-Replace-Opcode-with-the-correspond.patch
+
+- Add patches to disable option ROM on sev (bsc#1199156)
+ ovmf-bsc1199156-OvmfPkg-IncompatiblePciDeviceSupportDxe-Ignore-Optio.patch
+
package-update-indicator
+- Update to version 8:
+ * Add setting to disable preferences widgets
+ * Fix typos and improve German translations
+ * Add new setting to hide indicator menu items
+ * Add new setting "always-active"
+ * Add Brazilian Portugese translations
+ * Add Dutch translations
+ * Do not hardcode pkg-config
+ * Fix desktop files
+ * Remove translated icon names
+ * Add Spanish translations
+- remove obsolete patch
+ org.guido-berhoerster.code.package-update-indicator.desktop.in.patch
+- Changes by Mihai Moldovan <ionic@ionic.de>:
+ * Update copyright notice.
+ * Add properly extracted license.
+ * Check destroot with fdupes for good measure.
+ * Make some dependencies more explicit and remove duplicate
+ ones (xsltproc vs. libxml2-tools).
+ * Add glib gsettings schemas macros.
+ * Reflow description to 67 characters.
+ * Use more (single) quotes.
+ * Re-sort files list alphabetically, use %{name} to avoid
+ redundancy.
+
perl-Image-ExifTool
+- Update to version 12.45:
+ * Added new IPTC Video Metadata version 1.3 tags
+ * Added a couple of new Canon lenses (thanks Norbert Wasser)
+ * Added a new Sony LensType (thanks Jos Roost)
+ * Added known Unknown value for IPTC ChromaticityColorant (thanks Herb)
+ * Added new Nikon WhiteBalanceFineTune tag (thanks Milos Komarcevic)
+ * Extract the raw thermal data from all frames of a SEQ file when -ee2 is used
+ * Decode individual tags in QuickTime ColorRepresentation
+ * Decode a new Matroska tag
+ * Improved verbose "nothing changed" messages when writing
+ * Patched -ee option to extract metadata after the first Cluster in MKV videos
+ (previously only -U and -v did this)
+ * Patched to differentiate Java bytecode .class files from Mach-O fat binaries
+ * Patched to avoid "Use of uninitialized value" warning when deleting GPS
+ coordinates via the newly writable Composite tags
+ * Patched to avoid duplicating raw data when writing Sony ARW images where the
+ raw data is double-referenced as both strips and tiles (affects ARW images
+ from some newer models like the ILCE-1 when SonyRawFileType is "Lossless
+ Compressed RAW 2")
+ * Patched to avoid "fixing" the order of IFD entries in TIFF-based RAW files
+ to improve compatibility with some RAW viewers
+ * Minor change to Composite FileNumber to remove "-" when -n is used
+ * Fixed problem extracting some timed metadata when "-api ignoretags=all" was
+ used with "-api requesttags" to request the specific information
+ * Fixed -validate feature to avoid incorrectly warning about non-capitalized
+ boolean values in XMP
+
permissions
+ * permissions for enlightenment helper on 32bit arches (bsc#1194047)
+
+- Update to version 20201225:
+ * fix regression introduced by backport of security fix (bsc#1203911)
+
+- Update to version 20201225:
polkit
-- CVE-2021-4115: fixed a denial of service via file descriptor leak (bsc#1195542)
- added CVE-2021-4115.patch
+- obsolete libpolkit0 also from baselibs.
-- CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568)
- added CVE-2021-4034-pkexec-fix.patch
+- Update to version 121:
+ + Addition of duktape as a JS engine backend.
+ + Other small fixes and improvements. For more details, visit:
+ gitlab.freedesktop.org/polkit/polkit/-/blob/121/NEWS.md
+ + Updated translations.
+- Drop merged-upstream patches:
+ + CVE-2021-4034-pkexec-fix.patch;
+ + 0001-CVE-2021-4115-GHSL-2021-077-fix.patch;
+ + duktape-support.patch;
+ + pkexec.patch.
+- Replace Intltool with Gettext as a build requirement following
+ the migration from last release (0.120).
+- Add Meson as a build requirement while dropping Libtool and
+ replace all Autotools macros with Meson ones. And pass the
+ following options to Meson: session_tracking=libsystemd-login;
+ systemdsystemunitdir=%{_unitdir}; os_type=suse;
+ pam_module_dir=%{_pam_moduledir}; pam_prefix=%{_pam_vendordir};
+ examples=true; tests=true; gtk_doc=true; man=true and
+ js_engine=duktape.
+- Drop no longer needed Libtool as a build requirement, following
+ Autotools replacement.
+- Add explicit pkgconfig module build requirements for glib-2.0 and
+ gobject-2.0 that are searched by the build scripts. They were
+ already being pulled by their siblings [pkgconfig(gio-2.0) and
+ pkgconfig(gio-unix-2.0)].
+- Drop conditional macro, which was wrapping "BuildArch: noarch"
+ for the doc subpackage, based on long gone EOLed (open)SUSE
+ release (11.2).
+- Add missing 'Requires(post): permissions' for the pkexec
+ subpackage.
+- Add python3-dbus-python and python3-python-dbusmock as build
+ requirements in order to run test in the check section.
+- Add polkit-fix-pam-prefix.patch to use the value of pam_prefix
+ Meson option, like it was designed to, rather than hard-coded
+ path for pam configuration files.
+- Remove unneeded executable bit from 50-default.rules file.
+
+- Use %_pam_vendordir
+
+- add split-provides for polkit:/usr/bin/pkexec. (bsc#1202070)
+
+- split out pkexec into seperate package to make system hardening
+ easier (to avoid installing it jsc#PED-132 jsc#PED-148).
+
+- Fixed denial of service via file descriptor leak (bsc#1195542 CVE-2021-4115)
+ 0001-CVE-2021-4115-GHSL-2021-077-fix.patch
+
+- Switch from mozjs to duktape:
+ * Add duktape-support.patch
+
+- Fixed pkexec Local Privilege Escalation aka pwnkit (CVE-2021-4034 bsc#1194568)
+ CVE-2021-4034-pkexec-fix.patch
+
+- update to 0.120:
+ * transition from Intltool to gettext
+ * several tarball, meson and pipeline fixups
+ * Portuguese translation
+ * Romanian translation
+ * meson build system added
+ * CVE-2021-3560 mitigation
+ * properties in text listener
+ * typos fixups
+ * Update Hungarian translation
+- drop CVE-2021-3560.patch (upstream)
+
+- fork libpolkit0 package into libpolkit-agent-1-0 and libpolkit-gobject-1-0
+ as mandated. bsc#1191781
+
+- Change to using systemd-sysusers
+- Remove unneeded shadow dependency, no longer required due to
+ systemd-sysusers
+- Fix 50-default.rules file-parent-ownership-mismatch warning
+- Remove --with-pic, no effect with --disable-static
+
+- Move /etc/polkit-1/rules.d/50-default.rules to
+ /usr/share/polkit-1/rules.d/50-default.rules. The first location
+ is only for admin changes.
+- Move /etc/dbus-1/system.d to /usr/share/dbus-1/system.d, the
+ first location is only for admin changes
+- Move pam configuration to /usr/etc/pam.d
+
+- also set libprivdir during build, otherwhise systemd and D-Bus service files
+ contain the wrong path and we'll get runtime errors.
+
+- Update to version 0.118:
+ + Updated dependency to mozjs78.
+ + Tarball fixes.
+- Replace pkgconfig(mozjs-68) for pkgconfig(mozjs-78)
+ BuildRequires following upstreams port.
+
+- Update to version 0.117:
+ + Activated Gitlab CI.
+ + Updated dependency to mozjs68.
+ + Memory management fixes.
+ + Updated translations.
+- Replace pkgconfig(mozjs-60) for pkgconfig(mozjs-68)
+ BuildRequires following upstreams port.
+
pragha
+- Bump gupnp version requirement to fix Tumbleweed build
+
python-lxml
-- add CVE-2022-2309.patch (bsc#1201253, CVE-2022-2309)
+- Update BR for libxml2-devel to the current version.
+- Add missing BR for python-base.
-- With the new update to 4.7.1, the old Bugzilla entries are also
- fixed:
- - bsc#1118088 (related to CVE-2018-19787)
- - bsc#1184177 (related to CVE-2021-28957)
-- Update to 4.7.1 (officially released 2021-12-13)
- Features added
- - Chunked Unicode string parsing via parser.feed() now encodes the input
- data to the native UTF-8 encoding directly, instead of going through
- Py_UNICODE / wchar_t encoding first, which previously required duplicate
- recoding in most cases.
- Bugs fixed
- - The standard namespace prefixes were mishandled during "C14N2"
- serialisation
- on Python 3.
- See
- https://mail.python.org/archives/list/lxml@python.org/thread/
- 6ZFBHFOVHOS5GFDOAMPCT6HM5HZPWQ4Q/
- - lxml.objectify previously accepted non-XML numbers with underscores
- (like "1_000") as integers or float values in Python 3.6 and later.
- It now adheres to the number format of the XML spec again.
- - LP#1939031: Static wheels of lxml now contain the header files of zlib
- and libiconv (in addition to the already provided headers of
- libxml2/libxslt/libexslt).
- Other changes
- - Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows).
-- Update to 4.7.0 (2021-12-13)
- - Release retracted due to missing files in lxml/includes/.
-- UPdate to 4.6.5 (2021-12-12)
- Bugs fixed
- - A vulnerability (GHSL-2021-1038) in the HTML cleaner
- - allowed sneaking script content through SVG images
- - (bnc#1193752, CVE-2021-43818).
- - A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed
- - sneaking script content through CSS imports and other crafted
- - constructs (CVE-2021-43818).
-- Update 4.6.4 (2021-11-01)
- Features added
- - GH#317: A new property system_url was added to DTD entities.
- - Patch by Thirdegree.
- - GH#314: The STATIC_* variables in setup.py can now be passed
- - via env vars.
- - Patch by Isaac Jurado.
-- Update 4.6.3 (2021-03-21)
- Bugs fixed
- - A vulnerability (CVE-2021-28957) was discovered in the HTML
- - Cleaner by Kevin Chung, which allowed JavaScript to pass through.
- - The cleaner now removes the HTML5 formaction attribute.
-- Update 4.6.2 (2020-11-26)
- Bugs fixed
- - A vulnerability (bnc#1179534, CVE-2020-27783) was discovered in the HTML
- Cleaner
- - by Yaniv Nizry, which allowed JavaScript to pass through. The cleaner
- - now removes more sneaky "style" content.
-- Update 4.6.1 (2020-10-18)
- Bugs fixed
- - A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry,
- - which allowed JavaScript to pass through. The cleaner now removes
- - more sneaky "style" content.
-- Update 4.6.0 (2020-10-17)
- Features added
- - GH#310: lxml.html.InputGetter supports __len__() to count the number
- - of input fields. Patch by Aidan Woolley.
- - lxml.html.InputGetter has a new .items() method to ease processing
- - all input fields.
- - lxml.html.InputGetter.keys() now returns the field names in document
- - order.
- - GH-309: The API documentation is now generated using sphinx-apidoc.
- - Patch by Chris Mayo.
- Bugs fixed
- - LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes
- - when a default namespace was defined.
- - TreeBuilder.close() raised AssertionError in some error cases where
- - it should have raised XMLSyntaxError. It now raises a combined
- - exception to keep up backwards compatibility, while switching to
- - XMLSyntaxError as an interface.
-- Update 4.5.2 (2020-07-09)
- Bugs fixed
- - Cleaner() now validates that only known configuration options
- - can be set.
- - LP#1882606: Cleaner.clean_html() discarded comments and PIs
- - regardless of the corresponding configuration option, if
- - remove_unknown_tags was set.
- - LP#1880251: Instead of globally overwriting the document loader
- - in libxml2, lxml now sets it per parser run, which improves the
- - interoperability with other users of libxml2 such as libxmlsec.
- - LP#1881960: Fix build in CPython 3.10 by using Cython 0.29.21.
- - The setup options "--with-xml2-config" and "--with-xslt-config"
- - were accidentally renamed to "--xml2-config" and "--xslt-config"
- - in 4.5.1 and are now available again.
-- Update 4.5.1 (2020-05-19)
- Bugs fixed
- - LP#1570388: Fix failures when serialising documents larger than
- - 2GB in some cases.
- - LP#1865141, GH#298: QName values were not accepted by the
- - el.iter() method. Patch by xmo-odoo.
- - LP#1863413, GH#297: The build failed to detect libraries on Linux
- - that are only configured via pkg-config. Patch by Hugh McMaster.
-- Update 4.5.0 (2020-01-29)
- Features added
- - A new function indent() was added to insert tail whitespace for
- - pretty-printing an XML tree.
- Bugs fixed
- - LP#1857794: Tail text of nodes that get removed from a document
- using item deletion disappeared silently instead of sticking with
- the node that was removed.
- Other changes
- - MacOS builds are 64-bit-only by default. Set CFLAGS and LDFLAGS
- explicitly to override it.
- - Linux/MacOS Binary wheels now use libxml2 2.9.10 and libxslt 1.1.34.
- - LP#1840234: The package version number is now available as
- lxml.__version__.
-- Update 4.4.3 (2020-01-28)
- Bugs fixed
- - LP#1844674: itertext() was missing tail text of comments and PIs
- since 4.4.0.
+- update to version 4.9.1 (bsc#1201253, CVE-2022-2309):
+ * Bugs fixed
+ + A crash was resolved when using iterwalk() (or canonicalize())
+ after parsing certain incorrect input. Note that iterwalk() can
+ crash on valid input parsed with the same parser after failing
+ to parse the incorrect input.
+
+- update to 4.9.0:
+ * The mixin inheritance order in ``lxml.html`` was corrected.
+ * Built with Cython 0.29.30 to adapt to changes in Python 3.11 and 3.12.
+
+- update to 4.8.0:
+ * GH#337: Path-like objects are now supported throughout the API instead of
+ just strings.
+ * The ``ElementMaker`` now supports ``QName`` values as tags, which always
+ override the default namespace of the factory.
+ * GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in
+ lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively.
+ * Built with Cython 0.29.28.
+
+- update to 4.7.1:
+ * Chunked Unicode string parsing via ``parser.feed()`` now encodes the input data
+ to the native UTF-8 encoding directly, instead of going through ``Py_UNICODE`` /
+ ``wchar_t`` encoding first, which previously required duplicate recoding in most cases.
+ * The standard namespace prefixes were mishandled during "C14N2" serialisation on Python 3.
+ * ``lxml.objectify`` previously accepted non-XML numbers with underscores (like "1_000")
+ as integers or float values in Python 3.6 and later. It now adheres to the number
+ format of the XML spec again.
+ * LP#1939031: Static wheels of lxml now contain the header files of zlib and libiconv
+ (in addition to the already provided headers of libxml2/libxslt/libexslt).
+ * Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows).
+
+- update to 4.6.5 (bsc#1193752, CVE-2021-43818):
+ * A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script
+ content through SVG images.
+ * A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script
+ content through CSS imports and other crafted constructs.
+
+- update to 4.6.4:
+ * A new property ``system_url`` was added to DTD entities.
+ * The ``STATIC_*`` variables in ``setup.py`` can now be passed via env vars.
+- remove python-lxml-test_etree.patch (upstream)
+
+- Add missing dependency on python-base for the devel subpackage.
+
+- Adapt test_etree.py to a behavioural change in libxml2 2.9.11+
+ * Add python-lxml-test_etree.patch
+
+- update to 4.6.3:
+ * A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung,
+ which allowed JavaScript to pass through. The cleaner now removes the HTML5
+ ``formaction`` attribute. (bsc#1184177)
+
+- update to 4.6.2:
+ * A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry,
+ which allowed JavaScript to pass through. The cleaner now removes more sneaky
+ "style" content. (bsc#1179534)
+ * A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, which allowed
+ JavaScript to pass through. The cleaner now removes more sneaky "style" content.
+ * GH#310: ``lxml.html.InputGetter`` supports ``__len__()`` to count the number of input fields.
+ Patch by Aidan Woolley.
+ * ``lxml.html.InputGetter`` has a new ``.items()`` method to ease processing all input fields.
+ * ``lxml.html.InputGetter.keys()`` now returns the field names in document order.
+ * GH-309: The API documentation is now generated using ``sphinx-apidoc``.
+ * LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes
+ when a default namespace was defined.
+ * ``TreeBuilder.close()`` raised ``AssertionError`` in some error cases where it
+ should have raised ``XMLSyntaxError``. It now raises a combined exception to
+ keep up backwards compatibility, while switching to ``XMLSyntaxError`` as an
+ interface.
+
+- update to 4.5.2:
+ * ``Cleaner()`` now validates that only known configuration options can be set.
+ * LP#1882606: ``Cleaner.clean_html()`` discarded comments and PIs regardless of the
+ corresponding configuration option, if ``remove_unknown_tags`` was set.
+ * LP#1880251: Instead of globally overwriting the document loader in libxml2, lxml now
+ sets it per parser run, which improves the interoperability with other users of libxml2
+ such as libxmlsec.
+ * LP#1881960: Fix build in CPython 3.10 by using Cython 0.29.21.
+ * The setup options "--with-xml2-config" and "--with-xslt-config" were accidentally renamed
+ to "--xml2-config" and "--xslt-config" in 4.5.1 and are now available again.
+
+- Update to 4.5.1
+ * LP#1570388: Fix failures when serialising documents larger
+ than 2GB in some cases.
+ * LP#1865141, GH#298: QName values were not accepted by the
+ el.iter() method. Patch by xmo-odoo.
+ * LP#1863413, GH#297: The build failed to detect libraries on
+ Linux that are only configured via pkg-config.
+
+- Remove explicit Provides of python-doc, which is just wrong.
+
+- update to 4.5.0
+ * A new function indent() was added to insert tail whitespace
+ for pretty-printing an XML tree.
+ * LP#1857794 Tail text of nodes that get removed from a document
+ using item deletion disappeared silently instead of sticking with the node
+ that was removed.
+ * LP#1840234: The package version number is now available as lxml.__version__
- Security problem found by Omar Eissa.
+ Security problem found by Omar Eissa. (CVE-2018-19787, bsc#1118088)
qemu
+- qtests test are not realiable when run inside OBS builders, so
+ let's disable that part of the testsuite for now. There is work
+ ongoing to run it somewhere else (on dedicated hosts) to avoid
+ loosing coverage. (bsc#1204566)
+
+- Improve dependency handling (e.g., what's recommended vs. what's
+ required.
+- Add a subpackage (qemu-headless) that brings in all the packages
+ that are needed for creating VMs with tools like virt-install
+ or VirtManager, run either locally or from a remote host.
+ (bsc#1202166)
+
+- Build fails due to exceeding 10 GB disk limit (10430 MB):
+ raise disk space contraint to 12 GB
+
+- Fixes bsc#1204082
+ * Patches added:
+ block-io_uring-revert-Use-io_uring_regis.patch
+
+- Due to change in where some documentation files are, if
+ qemu-guest-agent is installed, we need to make sure we update it
+ to our version (bsc#1203995)
+
+- The links in the forsplit dirs, in each subpackage, born to deal with
+ package & subpackage splitting, are not really used. In fact, they're
+ "Provides:"-ed by a bunch of subpackages, but there's no "Requires:"
+ for any of them. Let's just get rid of them.
+
+- The old qemu-binfmt weappers around the various qemu-$ARCH Linux
+ user emulation binaries (see, e.g., bsc#1186256) are not necessary
+ any longer, and bsc#1143725 can now be considered fixed.
+ * Patches dropped:
+ linux-user-add-binfmt-wrapper-for-argv-0.patch
+ linux-user-binfmt-support-host-binaries.patch
+
+- Fix bsc#1204001. Patches are not upstream, and have been picked up
+ and backported from the ML. This is something we usually prefer to
+ avoid, but this is urgent, and the patches looks fine, with high
+ chances for them to be included as they are (and if they're not, we
+ will revisit this, i.e., drop them and re-include the ones that are
+ actually committed)
+ * Patches added:
+ linux-user-add-more-compat-ioctl-definit.patch
+ linux-user-drop-conditionals-for-obsolet.patch
+ linux-user-remove-conditionals-for-many-.patch
+ meson-enforce-a-minimum-Linux-kernel-hea.patch
+
+- Improve the output of update_git.sh, by including the list of
+ repos to which we have downstream patches.
+
+- Fix: bsc#1202665, CVE-2022-2962
+ * Patches added:
+ net-tulip-Restrict-DMA-engine-to-memorie.patch
+
+- skip tests that don't work under qemu-linux-user emulation
+
rdma-core
+- Add rdma-ndd-disable-systemd-ProtectHostName-feature.patch to fix issue
+ where rdma-ndd would not be aware of dynamic hostnames retrived through DHCP
+
+- Update to v42.0
+ - Fixes for all providers
+- Dropped patches merged upstream:
+ - util-Add-barriers-support-for-RISC-V.patch
+ - cmake-Make-modprobe.d-path-configurable.patch
+- Update gen-pandoc.sh to support python3
+
+- skip valgrind on riscv64
+
+- Update to v39.1
+ - Major fixes for hns provider
+ - Bug fixes for all providers
+ - systemd hardening
+ - NDR rate support
+- Dropped srp_daemon-Detect-proper-path-to-systemctl.patch
+ as it was fixed upstream
+
+- util-Add-barriers-support-for-RISC-V.patch: Backport from upstream: Add
+ barriers support for RISC-V
+
rsync
+- Fix --delay-updates never updates after interruption [bsc#1204538]
+ * Added patch rsync-fix-delay-updates-never-updates-after-interruption.patch
+
+- Add support for --trust-sender parameter (patch by Jie Gong in
+ bsc#1202970). (related to CVE-2022-29154, bsc#1201840)
+ * Added patch rsync-CVE-2022-29154-trust-sender-1.patch
+ * Added patch rsync-CVE-2022-29154-trust-sender-2.patch
+
sushi
+- Update to version 43.0:
+ + Another stable Sushi release.
+- Changes from version 43.rc:
+ + Make Webkit-4.1 a hard dependency.
+
swtpm
-- Update to version 0.5.3
+- remove selinux support for now.
+
+- Updated to version 0.7.3:
+ - swtpm:
+ - Use uint64_t in tlv_data_append() to avoid integer overflows
+ - Use uint64_t to avoid integer wrap-around when adding a uint32_t
+- removed allow-FORTIFY_SOURCE=3.patch (upstreamed)
+
+- Cheery-pick upstream patch allow-FORTIFY_SOURCE=3.patch.
+
+- Update to version 0.7.2:
+ - swtpm:
+ - Do not chdir(/) when using --daemon
+ - swtpm-localca:
+ - Re-implement variable resolution for swtpm-localca.conf
+ - tests:
+ - Use ${WORKDIR} in config files to test env. var replacement
+ - man pages:
+ - Add missing .config directory to path description when using ${HOME}
+ - build-sys:
+ - Add probing for -fstack-protector
+
+- Update to version 0.7.1:
- - Fix --print-capabilities for 'swtpm chardev'
+
+- Update to version 0.7.0:
+ - swtpm:
+ - Support for linear file storage backend (file://)
+ - Report 'tpm-1.2' & 'tpm-2.0' in --print-capabilities depending what
+ libtpms supports
+ - Add implementation of SWTPM_HMAC using OpenSSL 3.0 APIs
+ - Wipe keys from stack and heap
+ - Many other small changes
+ - Make --daemon not racy
+ - swtpm_setup:
+ - Only activate SHA256 PCR bank, not SHA1 bank anymore by default
+ - Support for linear file storage backend (file://)
+ - Implement option --create-config-files to create config files
+ - Use non-deprecated APIs to contruct RSA key (OSSL 3)
+ - Report stderr as returned by external tool (swtpm-localcal)
+ - Replace '+' and ',' characters in VMId's to make work with
+ common name in X509 subject
+ - Add support for --reconfigure flag to change active PCR banks
+ - swtpm_localca:
+ - Created certificates for CAs and TPM that do not expire
- - Rename deprecated libtasn1 types
- - man pages:
- - Update the doc of the flag to connect to TPM via UnixIO socket
+ - Allow passing -1 for days to get a non-expiring certificate
+ - test:
+ - ASAN-related test changes and skipping of tests if ASAN is used
+ - Fix tests using tpm2-abrmd by preventing concurrency
+ - Skip chardev related tests after checking for chardev support
+ - exit with error code if mktemp fails
+ - OSSL 3: Make TPM 1.2 test compile; skip IBM TSS 2 test
+ - build-sys:
+ - Introduce --enable-sanitizers to configure
+ - Remove check for pip3 that was used by python swtpm_setup
+ - Allow passing of aditional CFLAGS during build
+
+- Update to version 0.6.1:
+ - swtpm:
+ - Clear keys from stack and heap
+ - swtpm-localca:
+ - Add missing else branch for pkcs11 and PIN
+ - swtpm_setup:
+ - Initialize Gerror and free it
+ - Replace '\\s' in regex with [[:space:]] to fix cygwin
+ - tests:
+ - Kill tpm2-abrmd with SIGKILL rather SIGTERM
+ - build-sys:
+ - Use -DOPENSSL_SUPPRESS_DEPRECATED to suppress deprecation warnings (OSSL 3)
+ - Enable configuring with CFLAGS and passing additional CFLAGS on build
+
+- Update to version 0.6.0:
+ - Addressed potential symlink attack issue (CVE-2020-28407)
+ - Rewritten in 'C'; needs json-glib
+ - Use timeouts for communicating with swtpm (Unix socket)
+ - Fix --print-capabilities for 'swtpm chardev'
+ - Various cleanups and fixes (coverity)
+- Enable selinux support
+- Removed swtpm-rename_deprecated_libtasn1_types.patch: upstream
+- Fix rpmlint errors
+
+- swtpm_cert: rename deprecated libtasn1 types.
+ * https://github.com/stefanberger/swtpm/pull/443
+ * Add swtpm-rename_deprecated_libtasn1_types.patch
tiff
+- security update:
+ * CVE-2022-2519 [bsc#1202968]
+ * CVE-2022-2520 [bsc#1202973]
+ * CVE-2022-2521 [bsc#1202971]
+ + tiff-CVE-2022-2519,CVE-2022-2520,CVE-2022-2521.patch
+ * CVE-2022-2867 [bsc#1202466]
+ * CVE-2022-2868 [bsc#1202467]
+ * CVE-2022-2869 [bsc#1202468]
+ + tiff-CVE-2022-2867,CVE-2022-2868,CVE-2022-2869.patch
+
+- CVE-2022-34266 [bsc#1201971] and [bsc#1201723]:
+ Rename tiff-CVE-2022-0561.patch to
+ tiff-CVE-2022-0561,CVE-2022-34266.patch
+ This CVE is actually a duplicate.
+
+- security update:
+ * CVE-2022-34526 [bsc#1202026]
+ + tiff-CVE-2022-34526.patch
+
tumbler
+- Exclude RAW thumbnailer on Leap 15.5+ as well
+
+- Allow building against libgepub-0.7 (boo#1203644):
+ + Adjust BuildRequires to work with libgepub-0.6 or libgepub-0.7.
+ + Replace libgepub-0.6 occurences in configure script with
+ libgepub-0.7 when libgepub 0.7 is present.
+
+- Update to version 4.16.1
+ * gst-thumbnailer: Add mime type check (gxo#xfce/tumbler#65)
+ * desktop-thumbnailer: Guard against null path
+ * Fix typo in gthread version (gxo#xfce/tumbler!14)
+
+- Exclude RAW thumbnailer on Tumbleweed only to fix build on Leap
+
+- RelMgr override: do not package raw thumbnailer, as tumbler does
+ not yet support openraw 0.3.
+
util-linux
+- Fix file conflict during upgrade (boo#1204211).
+
util-linux-systemd
+- Fix file conflict during upgrade (boo#1204211).
+
vigra
+- Drop baselibs.conf, not necessary
+- Use %autosetup
+- Add patch to fix build against newer hdf5 (boo#1202460):
+ * 0001-Add-compatibility-for-hdf5-1-12.patch
+
-- Version bump to 1.9.0
- * see http://hci.iwr.uni-heidelberg.de/vigra/doc/vigra/CreditsChangelog.html
-- Update openexr finding and libdir target.
-
xen
+- bsc#1203806 - VUL-0: CVE-2022-33746: xen: P2M pool freeing may
+ take excessively long (XSA-410)
+ xsa410-01.patch
+ xsa410-02.patch
+ xsa410-03.patch
+ xsa410-04.patch
+ xsa410-05.patch
+ xsa410-06.patch
+ xsa410-07.patch
+ xsa410-08.patch
+ xsa410-09.patch
+ xsa410-10.patch
+- bsc#1203807 - VUL-0: CVE-2022-33748: xen: lock order inversion in
+ transitive grant copy handling (XSA-411)
+ xsa411.patch
+
+- bsc#1201994 - Xen DomU unable to emulate audio device
+ 62fde97e-tools-libxl-Replace-deprecated-soundhw-on-QEMU-command-line.patch
+
+- Things are compiling fine now with gcc12.
+ Drop gcc12-fixes.patch
+
+- Update to Xen 4.16.2 bug fix release (bsc#1027519)
+ xen-4.16.2-testing-src.tar.bz2
+ * No upstream changelog found in sources or webpage
+- Drop patches contained in new tarball
+ 625fca42-VT-d-reserved-CAP-ND.patch
+ 626f7ee8-x86-MSR-handle-P5-MC-reads.patch
+ 627549d6-IO-shutdown-race.patch
+ 62a1e594-x86-clean-up-_get_page_type.patch
+ 62a1e5b0-x86-ABAC-race-in-_get_page_type.patch
+ 62a1e5d2-x86-introduce-_PAGE_-for-mem-types.patch
+ 62a1e5f0-x86-dont-change-cacheability-of-directmap.patch
+ 62a1e60e-x86-split-cache_flush-out-of-cache_writeback.patch
+ 62a1e62b-x86-AMD-work-around-CLFLUSH-ordering.patch
+ 62a1e649-x86-track-and-flush-non-coherent.patch
+ 62a99614-IOMMU-x86-gcc12.patch
+ 62ab0fab-x86-spec-ctrl-VERW-flushing-runtime-cond.patch
+ 62ab0fac-x86-spec-ctrl-enum-for-MMIO-Stale-Data.patch
+ 62ab0fad-x86-spec-ctrl-add-unpriv-mmio.patch
+ 62bdd840-x86-spec-ctrl-only-adjust-idle-with-legacy-IBRS.patch
+ 62bdd841-x86-spec-ctrl-knobs-for-STIBP-and-PSFD.patch
+ 62c56cc0-libxc-fix-compilation-error-with-gcc13.patch
+ 62cc31ed-x86-honour-spec-ctrl-0-for-unpriv-mmio.patch
+ 62cc31ee-cmdline-extend-parse_boolean.patch
+ 62cc31ef-x86-spec-ctrl-fine-grained-cmdline-subopts.patch
+ 62cd91d0-x86-spec-ctrl-rework-context-switching.patch
+ 62cd91d1-x86-spec-ctrl-rename-SCF_ist_wrmsr.patch
+ 62cd91d2-x86-spec-ctrl-rename-opt_ibpb.patch
+ 62cd91d3-x86-spec-ctrl-rework-SPEC_CTRL_ENTRY_FROM_INTR_IST.patch
+ 62cd91d4-x86-spec-ctrl-IBPB-on-entry.patch
+ 62cd91d5-x86-cpuid-BTC_NO-enum.patch
+ 62cd91d6-x86-spec-ctrl-enable-Zen2-chickenbit.patch
+ 62cd91d7-x86-spec-ctrl-mitigate-Branch-Type-Confusion.patch
+ xsa408.patch
+
+- bsc#1167608, bsc#1201631 - fix built-in default of max_event_channels
+ A previous change to the built-in default had a logic error,
+ effectively restoring the upstream limit of 1023 channels per domU.
+ Fix the logic to calculate the default based on the number of vcpus.
+ adjust libxl.max_event_channels.patch
+
xfce4-notifyd
+- Update to version 0.6.4
+ - settings: Improve app icon and name matching
+ - settings: Sort known apps by notification count
+ - settings: Show 'Unspecified app' instead of empty line
+ - daemon: Improve application icon matching
+ - Correctly reset position during slideout (gxo#apps/xfce4-notifyd#42)
+ - panel-plugin: Remove duplicate function call (gxo#apps/xfce4-notifyd#40)
+ - panel-plugin: Fix file monitor (gxo#apps/xfce4-notifyd#40)
+ - Properly free the GKeyFile
+ - tests: Add logging test
+ - Fix compiler warnings
+ - Fix tooltip grammar
+ - build: Fix intltool lock file problem during make distcheck
+ - Update gitignore
+ - Update COPYING (gxo#apps/xfce4-notifyd#61)
+ - Translation Updates
+
xfce4-panel
+- Update to 4.16.5
+ * systray: Help to keep status notifiers from vanishing
+ (gxo#xfce/xfce4-panel#102,gxo#xfce/xfce4-panel#243, gxo#xfce/xfce4-panel#599)
+ * panel: Populate item dialog after setting dialog screen (gxo#xfce/xfce4-panel#62)
+ * systray: Perform sanity checks also for "NewStatus" signal (gxo#xfce/xfce4-panel#602)
+ * pager: Properly disconnect signal handler
+ * tasklist: Guard against null workspace
+ * panel: Be sure to save plugins before xfconf_shutdown()
+ * tasklist: Fix critical warning when starting on a disconnected device
+ * Update `.gitignore`
+ * libxfce4panel: Destroy plugin prefs dialog on plugin "destroy" signal
+ * build: Fix intltool lock file problem during make distcheck
+ * prefs-dialog: Filter out irrelevant selection changes in "Items" tab
+ * wrapper: Ensure that provider stays alive when processing "g-signal"
+ * Revert "panel: Keep a reference on item during drag and drop"
+ * tasklist: Fix wireframe for CSD windows (v2) (gxo#xfce/xfce4-panel#562)
+ * Translation Updates
+
xfce4-pulseaudio-plugin
+- Update to version 0.4.5
+ * Use Source Output Info for recording indicator
+ to reduce flickering (gxo#panel-plugins/xfce4-pulseaudio-plugin#81)
+ and to hide it with pavucontrol
+ (gxo#panel-plugins/xfce4-pulseaudio-plugin#80)
+ * Display notification on mic volume changes
+ (gxo#panel-plugins/xfce4-pulseaudio-plugin#42)
+ * Fix accidental toggling of the mute switch
+ (gxo#panel-plugins/xfce4-pulseaudio-plugin#64)
+ * Show notification even when volume is already at max/min
+ (gxo#panel-plugins/xfce4-pulseaudio-plugin#52)
+ * Optionally play system sound on volume changes
+ (gxo#panel-plugins/xfce4-pulseaudio-plugin#4)
+ * Fix menu position when panel autohide is enabled
+ * Fix compilation with gcc 10
+ * about: Bump copyright year
+ * Fix typos
+ * Translation Updates
+
+- Update to version 0.4.4
+ - Add a recording indicator
+ - Filter out multiple button press events
+ - Bump urls
+ - Fix make distcheck
+ - autoconf: AC_OUTPUT -> AC_CONFIG_FILES + AC_OUTPUT
+ - Update `.gitignore`
+ - Create new README.md. Update configure.ac.in
+ - Add basic GitLab pipeline
+ - Translation Updates
+
xfce4-screenshooter
+- Update to version 1.9.11
+ * Add support to WebP (gxo#apps/xfce4-screenshooter#76)
+ * Fix window capture in HiDPI mode (gxo#apps/xfce4-screenshooter#73)
+ * Fix intltool lock file problem during make distcheck
+ * Add option to Show in File Manager when saving
+ (gxo#apps/xfce4-screenshooter#47)
+ * Do not quit after dismissing dialog if invoked from plugin
+ (gxo#apps/xfce4-screenshooter#71)
+ * Update COPYING (gxo#apps/xfce4-screenshooter#70)
+ * Translation Updates
+
xfdesktop
+- Update to version 4.16.1
+ - Resolve deadlock on background change (gxo#xfce/xfdesktop#188)
+ - Allocate memory after error processing
+ - Remove unused function call (gxo#xfce/xfdesktop#157)
+ - autoconf: Remove AC_HEADER_STDC
+ - Do not delete property not set
+ - Set a pixmap XID, not the XID of the root window (gxo#xfce/xfdesktop#62)
+ - Fix next background (gxo#xfce/xfdesktop!16)
+ - build: Fix intltool lock file problem during make distcheck
+ - Increase opacity of xfce-verticals bg (gxo#xfce/xfdesktop#125)
+ - Fix Applications Menu memory leak (gxo#xfce/xfdesktop#102)
+ - Fix gettext extraction from settings/xfce-backdrop-settings.desktop.in.in
+ - Translation Updates
+
xorg-x11-server
+- U_xkb-proof-GetCountedString-against-request-length-at.patch
+ * security update for CVE-2022-3550 (bsc#1204412)
+- U_xkb-fix-some-possible-memleaks-in-XkbGetKbdByName.patch
+ * security update for CVE-2022-3551 (bsc#1204416)
+
yast2
+- Improve logging in the ProductControl module, use the new
+ "log.group" call to group logs for each workflow step
+ (bsc#1204625)
+- 4.5.18
+
+- remove #postprocess_url from RelURL class (jsc#SLE-22578, jsc#SLE-24584)
+- 4.5.17
+
yast2-add-on
+- support 'repo' scheme for add-ons (jsc#SLE-22578, jsc#SLE-24584)
+- 4.5.2
+
yast2-bootloader
+- prevent leak of grub2 password to logs(bsc#1201962)
+- 4.5.7
+
yast2-country
+- Use Canadian (CSA) instead of Canadian (Multilingual) keyboard
+ layout, adapting to xkeyboard-config-2.37 (bsc#1204573)
+- 4.5.2
+
yast2-firstboot
+- Compute properly dependencies of WSL GUI pattern (jsc#PM-3439)
+- 4.5.5
+
+- Add client to select product in WSL (jsc#PED-1380).
+- Allow installing WSL GUI pattern (jsc#PM-3439).
+- 4.5.4
+
yast2-installation
+- add 'repo', 'cd', 'dvd', 'hd', and 'label' schemes to
+ Yast::Transfer::FileFromUrl (jsc#SLE-22578, jsc#SLE-24584)
+- 4.5.8
+
yast2-iscsi-client
+- Call external commands without path (bsc#1204959)
+- 4.5.6
+
yast2-network
+- Do not assume wicked will be installed by default anymore and
+ return the needed packages by the selected backend when them
+ are not installed (bsc#1201235, bsc#1201435)
+- 4.5.9
+
yast2-packager
+- support 'repo' scheme for add-ons (jsc#SLE-22578, jsc#SLE-24584)
+- 4.5.6
+
yast2-ruby-bindings
+- Added "log.group" method for grouping the log messages
+ (bsc#1204625)
+- Update Rakefile to allow installing the Ruby files in inst-sys
+ using the "yupdate" command
+- 4.5.4
+
yast2-storage-ng
+- Fix hash vs keyword arguments in RSpec expectations (bsc#1204871)
+- 4.5.11
+
+- Unit tests adapted to a recent behavior change in libstorage-ng
+ (gh#openSUSE/libstorage-ng#900).
+- 4.5.10
+
zlib
-- Fix heap-based buffer over-read or buffer overflow in inflate via
- large gzip header extra field (bsc#1202175, CVE-2022-37434,
- CVE-2022-37434-extra-header-1.patch,
- CVE-2022-37434-extra-header-2.patch).
+- Add Power8 optimizations:
+ * zlib-1.2.12-add-optimized-slide_hash-for-power.patch
+ * zlib-1.2.12-add-vectorized-longest_match-for-power.patch
+ * zlib-1.2.12-adler32-vector-optimizations-for-power.patch
+ * zlib-1.2.12-fix-invalid-memory-access-on-ppc-and-ppc64.patch
+- Update zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
-- CVE-2018-25032: Fix memory corruption on deflate, bsc#1197459
- * bsc1197459.patch
+- Update to 1.2.12:
+ * A lot of bug fixes
+ * Improve speed of crc32 functions
+ * Use ARM crc32 instructions if the ARM architecture has them
+ For the complete changes, see ChangeLog
+- Fixes CVE-2022-37434, heap-based buffer over-read or buffer overflow in
+ inflate.c via a large gzip header extra field
+ (CVE-2022-37434, bsc#1202175)
+- Added patches:
+ * zlib-1.2.11-covscan-issues-rhel9.patch
+ * zlib-1.2.11-covscan-issues.patch
+ * zlib-1.2.12-s390-vectorize-crc32.patch
+ * zlib-1.2.12-optimized-crc32-power8.patch
+ * zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
+ * zlib-1.2.12-fix-configure.patch
+ * zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
+ * zlib-1.2.12-fix-CVE-2022-37434.patch
+ * zlib-1.2.5-minizip-fixuncrypt.patch
+- Removed patches:
+ * bsc1197459.patch (upstreamed)
+ * zlib-power8-fate325307.patch
+ (replaced by zlib-1.2.12-optimized-crc32-power8.patch)
+ * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch
+ (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
+ * 410.patch
+ (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
+- Refreshed patches:
+ * zlib-format.patch
+ * zlib-no-version-check.patch
+- Disable profiling since it breaks tests
+- Update zlib-rpmlintrc
-- Update 410.patch to include new fixes from upstream,
- fixes bsc#1192688
+- switch to https urls
+
+- Fix memory corruption on deflate, bsc#1197459
+ * bsc1197459.patch - CVE-2018-25032
+- Update 410.patch
+ * Remove included patches:
+ bsc1174551-fxi-imcomplete-raw-streams.patch
+ zlib-compression-switching.patch
+ zlib-s390x-z15-fix-hw-compression.patch
- to match upstream commit
-- Drop patches which changes have been merged in 410.patch:
- * zlib-compression-switching.patch
- * zlib-390x-z15-fix-hw-compression.patch
- * bsc1174551-fxi-imcomplete-raw-streams.patch
+
+- Don't install (internal) crypt.h header in minizip
+ * minizip-dont-install-crypt-header.patch
+- install to /usr (boo#1029961)
+
+- Provide a testsuite subpackage to run post-build validation
+
zypper
+- BuildRequires: libzypp-devel >= 17.31.2.
+- Fix --[no]-allow-vendor-change feedback in install command
+ (bsc#1201972)
+- version 1.14.57
+
+- UsrEtc: Store logrotate files in %{_distconfdir} if defined
+ (fixes #441, fixes #444)
+- Remove unneeded code to compute the PPP status.
+ Since libzypp 17.23.0 the PPP status is auto established. No
+ extra solver run is needed.
+- Make sure 'up' respects solver related CLI options (bsc#1201972)
+- Fix tests to use locale "C.UTF-8" rather than "en_US".
+- Fix man page (fixes #451)
+- version 1.14.56
+