Removed rpms
============
- adobe-sourcehansans-fonts
- adobe-sourcehanserif-fonts
- dmz-icon-theme-cursors
- gamin-server
- libfam0-gamin
- libglade-2_0-0
- libhavege1
- libsgutils2-1_43-2
- libtss2-sys0
- perl-apparmor
- tcsh
- tcsh-lang
Added rpms
==========
- adobe-sourcehansans-cn-fonts
- adobe-sourcehansans-tw-fonts
- adobe-sourcehanserif-cn-fonts
- adobe-sourcehanserif-tw-fonts
- gvfs-backend-afc
- libgts-0_7-5
- libhavege2
- libimobiledevice-1_0-6
- libplist-2_0-3
- libsgutils2-1_47-2
- libssh-config
- libtss2-sys1
- libusbmuxd-2_0-6
- python3-notify2
- python3-ordered-set
- python3-psutil
- usbmuxd
Package Source Changes
======================
MozillaFirefox
+- Firefox Extended Support Release 91.3.0 ESR
+ * Fixed: Various stability, functionality, and security fixes
+ MFSA 2021-49 (bsc#1192250)
+ * CVE-2021-38503 (bmo#1729517)
+ iframe sandbox rules did not apply to XSLT stylesheets
+ * CVE-2021-38504 (bmo#1730156)
+ Use-after-free in file picker dialog
+ * CVE-2021-38505 (bmo#1730194)
+ Windows 10 Cloud Clipboard may have recorded sensitive user
+ data
+ * CVE-2021-38506 (bmo#1730750)
+ Firefox could be coaxed into going into fullscreen mode
+ without notification or warning
+ * CVE-2021-38507 (bmo#1730935)
+ Opportunistic Encryption in HTTP2 could be used to bypass the
+ Same-Origin-Policy on services hosted on other ports
+ * MOZ-2021-0008 (bmo#1667102)
+ Use-after-free in HTTP2 Session object
+ * CVE-2021-38508 (bmo#1366818)
+ Permission Prompt could be overlaid, resulting in user
+ confusion and potential spoofing
+ * CVE-2021-38509 (bmo#1718571)
+ Javascript alert box could have been spoofed onto an
+ arbitrary domain
+ * CVE-2021-38510 (bmo#1731779)
+ Download Protections were bypassed by .inetloc files on Mac
+ OS
+ * MOZ-2021-0007 (bmo#1606864, bmo#1712671, bmo#1730048,
+ bmo#1735152)
+ Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3
+- Removed mozilla-bmo1735309.patch which is now upstream
+
MozillaFirefox-branding-openSUSE:MozillaFirefox-branding-openSUSE
-- Add suseversion 150400
+- add sle_version 150300 and 150400 check
-- Add suseversion 150300
+- use HTTPS for software search plugin
aaa_base
+- use autopatch
+ - update first two patches from git originals to have the
+ same apply depth as the rest:
+ - git-01-61c106aac03930e03935172eaf94d92c02a343bd.patch
+ - git-02-4e5fe2a6ec5690b51a369d2134a1119962438fd1.patch
+ - fix get_kernel_version.c to work also for recent kernels
+ on the s390/X platform (bsc#1191563)
+ - git-37-dfc5b8af96bec249e44a83d573af1f95a661a85c.patch
+ - support xz compressed kernel (bsc#1162581)
+ - git-38-4c0060639f6fa854830a708a823976772afe7764.patch
+ - Fixing possible resource leak
+ - git-39-df622b89bc92fd882a6715c5743095528a643546.patch
+ - excluding new kernel string in version search
+
+- Add git-36-16d1cb895c2742e96a56af98111f8281bedd3188.patch:
+ * Add $HOME/.local/bin to PATH, if it exists (bsc#1192248)
+
+- Add patch git-34-9a1bc15517d6da56d75182338c0f1bc4518b2b75.patch
+ * sysctl.d/50-default.conf:
+ allow everybody to create IPPROTO_ICMP sockets (bsc#1174504)
+- Add patch git-35-91f496b1f65af29832192bad949685a7bc25da0a.patch
+ * sysctl.d/50-default.conf: fix ping_group_range syntax error
+
adobe-sourcehansans-fonts
+- Fix source URLs to be properly downloadable
+
+- Update to version 2.004
+- Add variable fonts
+
+- Update to version 2.001
+- Add all region specific fonts
+- Remove fontconfig file because Noto Sans CJK doesn't have such a
+ configuration either
+
adobe-sourcehanserif-fonts
+- Add all region-specific fonts
+
adobe-sourcesanspro-fonts
+- Revert update to Source Sans 3 and keep the pro versions
+ (boo#1189267)
+
+- Add 31-adobe-sourcesanspro.conf so that old name still works
+
+- Fixed github URL
+- Fixed Source URL again; we take the full source zip instead of
+ split release zip
+
+- Update to version 3.046
+ * Roman and Italic now are the same version
+ * The "pro" part of the name has been dropped, internally a number
+ is now used: Source Sans 3
+ * Update URL
+ * This is a major release with many changes. See the release page
+ for the details:
+ https://github.com/adobe-fonts/source-sans/releases
+
+- Update source url
+
+- Update to version 2.045 (Roman) and 1.095 (Italic):
+ * Bugfixes (too many to name here)
+- Run through spec cleaner
+- Only package the (better) otf fonts (following the Source Code
+ Pro package)
+
-- updated to version 1.040
-- improvement: Adds Zero_Width_Non_Breaking_Space character (ZWNBS, U+FEFF) to address GitHub issue #20
-
-- Update to version 1.038 (2012/09/12):
- * Updates the metrics of Majuscule letters in lighter weights.
- * Updates fonts to add small capitals and superior capital letters
- to upright styles.
- * Adds the following characters for transliteration: Blinebelow,
- blinebelow, Klinebelow klinebelow, Emacronacute, emacronacute,
- Omacronacute, omacronacute, primemod
- * Adds the following punctuation characters: bardbl, iterrobang,
- ceilingleft, ceilingright, floorleft floorright, bracketleftwhite,
- bracketrightwhite, brackhalftopleft, brackhalftopright, brackhalfbotleft,
- brackhalfbotright
- * Adds dotted zero and slashed zero.
-
-- Added Obsoletes and Provides
-
-- Renamed from SourceSansPro package, fixed .changes and .spec file
-
-- Spec: Use %{_ttfontsdir} macro instead of %{_datadir}
-
-- Updated to 1.0.36 release
- Updates fonts to fix bug in TTF versions in which the GDEF table
- was not included.
-- 1.0.35 release:
- Updates the fitting for 'u' and its related glyphs. Updates the
- kerning in the upright fonts.
-
adobe-sourceserifpro-fonts
+- Revert update to Source Serif 4 and keep the pro version
+ (boo#1189267)
+
+- Add 31-adobe-sourceserifpro.conf so that old name still works
+
+- Fix download URL again; we take the full source zip instead of
+ each split release zip
+
+- Update description to reflect name change Source Sans
+
+- Update to 4.004:
+ Major update with the following highlights:
+ * Source Serif now has six weights across five optical sizes
+ * Shift text master in design space
+ * Change the family name from Source Serif Pro to Source Serif 4
+
+- Update to 3.000 (Roman and Italic have now the same version):
+ Changes to Italic styles:
+ * extend Latin character set from AL-3 to AL-4
+ * add Cyrillic (covering AC-2)
+ * add Greek (covering AG-1)
+ Changes to Roman styles:
+ * minor updates to spacing of modifer glyphs
+ * updates to some Cyrillic characters as suggested by external
+ advisors
+ * minor updates to Cyrillic kerning
+ * updates to some Greek characters as suggested by external
+ advisors
+ Global changes:
+ * overhaul ccmp feature to decompose accented glyphs when
+ followed by combining
+ * mark, thus allowing double-stacking of accents (addresses
+ [#41], #42)
+ * add ccmp solution for Ukrainian її clash, also for Latin ïï
+ (addresses #48)
+ * add Bulgarian Cyrillic alternates both via locl and ss01 feature
+ (addresses #20)
+ * add Serbian/Macedonian Cyrillic alternates both via locl and
+ ss02 feature
+ Roman and Italic styles now support the same global character set,
+ in both static and variable versions.
+
+- Update to 2.010 (Roman) and 1.010 (Italic):
+ * Italic variant is added
+ * small fixes, mainly bugfixes
+- Only package OTF (like the Sans and Code variants of Source Pro)
+
apparmor
-- Don't provide python2 symbol for python3 package (bsc#1191690).
+- Modify add-samba-bgqd.diff: Add new rule to fix new "DENIED
+ operation="file_mmap" violation in SLE15-SP4; (bsc#1192336).
-- Be explicit about using python2 macros, when needed.
+- add aa-notify-more-arch-mr809.diff: Add support for reading s390x
+ and aarch64 wtmp files (boo#1181155)
-- update to AppArmor 2.13.6
- - fix utils hotkey conflicts in some languages
- - aa-autodep: load abstractions on start (boo#1178527)
- - add usr.lib.dovecot.script-login profile
- - minor additions in abstractions/X and the dovecot profile
- - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.6
+- add add-samba-bgqd.diff: add profile for samba-bgqd (boo#1191532)
+
+- lessopen.sh profile: allow reading files that live on NFS over UDP
+ (added to apparmor-lessopen-nfs-workaround.diff) (boo#1190552)
+
+- add profiles-python-3.10-mr783.diff: update abstractions/python and
+ profiles for python 3.10
+
+- update to AppArmor 3.0.3
+ - fix a failure in the parser tests
+ - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.3
+ for the detailed upstream changelog
+
+- update to AppArmor 3.0.2
+ - add missing permissions to several profiles and abstractions
+ (including boo#1188296)
+ - bugfixes in utils and parser (including boo#1180766 and boo#1184779)
+ - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.2
-- drop upstreamed patch libapparmor-so-number.diff
+- remove upstreamed patches:
+ - apparmor-dovecot-stats-metrics.diff
+ - abstractions-php8.diff
+ - crypto-policies-mr720.diff
+
+- added apparmor-dovecot-stats-metrics.diff to allow Prometheus metrics end-point
+
+- move Requires: python3 back to the python3-apparmor subpackage -
+ readline usage is in the python modules, not in apparmor-utils
+
+- Remove python symbols (python means currently python2), work
+ only with python3 ones (fallout from bsc#1185588).
+
+- add abstractions-php8.diff to support PHP8 in abstractions/php (boo#1186267)
+
+- add crypto-policies-mr720.diff to allow reading crypto policies
+ in abstractions/ssl_certs (boo#1183597)
+
+- replace %{?systemd_requires} with %{?systemd_ordering} to avoid dragging in
+ systemd into containers just because apparmor-parser ships a *.service file
+
+- merge libapparmor.changes into apparmor.changes
+
+- avoid file listed twice error
+
+- define %_pamdir for <= 15.x to fix the build on those releases
+
+- add apache-extra-profile-include-if-exists.diff: make <apache2.d>
+ include in apache extra profile optional to avoid problems with empty
+ profile directory (boo#1178527)
+
+- prepare usrmerge (boo#1029961)
+ * use %_pamdir
+
+- update to AppArmor 3.0.1
+ - minor additions to profiles and abstractions
+ - some bugfixes in libapparmor, apparmor_parser and the aa-* utils
+ - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
+ for the detailed upstream changelog
+- removed upstream(ed) patches:
+ - changes-since-3.0.0.diff
+ - extra-profiles-fix-Pux.diff
+ - utils-fix-hotkey-conflict.diff
+
+- Use apache provided variables for the module_directry:
+ + Use %apache_libexecdir
+ + Add apache-rpm-macros BuildRequires
+
+- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in
+ de, id and sv translations (and fix the test) (MR 675)
+- add extra-profiles-fix-Pux.diff to fix an inactive profile -
+ prevents a crash in aa-logprof and aa-genprof when creating a new
+ profile (MR 676)
+
+- update to AppArmor 3.0.0
+ - introduce feature abi declaration in profiles to enable use of
+ new rule types (for openSUSE: dbus and unix rules)
+ - support xattr attachment conditionals
+ - experimental support for kill and unconfined profile modes
+ - rewritten aa-status (in C), including support for new profile modes
+ - rewritten aa-notify (in python), finally dropping the perl
+ requirement at runtime
+ - new tool aa-features-abi for extracting feature abis from the kernel
+ - update profiles to have profile names and to use 3.0 feature abi
+ - introduce @{etc_ro} and @{etc_rw} profile variables
+ - new profile for php-fpm
+ - several updates to profiles and abstractions (including boo#1166007)
+ - fully support 'include if exists' in the aa-* tools
+ - rewrite handling of alias, include, link and variable rules in
+ the aa-* tools
+ - rewrite and simplify log handling in the aa-logprof and aa-genprof
+ - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
+ for the detailed upstream changelog
+- patches:
+ - add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
+ release up to 3e18c0785abc03ee42a022a67a27a085516a7921
+ - drop upstreamed usr-etc-abstractions-base-nameservice.diff
+ - drop 2.13-only libapparmor-so-number.diff
+ - refresh apparmor-enable-profile-cache.diff - partially upstreamed
+ - update apparmor-samba-include-permissions-for-shares.diff and
+ apparmor-lessopen-profile.patch - switch to "include if exists"
+ - apparmor-lessopen-profile.patch: add abi rule to lessopen profile
+ - refresh apparmor-lessopen-nfs-workaround.diff
+- move away very loose apache profile that doesn't even match the
+ apache2 binary path in openSUSE to avoid confusion (boo#872984)
+- move rewritten aa-status from utils to parser subpackage
+- add aa-features-abi to parser subpackage
+- replace perl and libnotify-tools requires with requiring
+ python3-notify2 and python3-psutil (needed by the rewritten
+ aa-notify)
+- drop ancient cleanup for /etc/init.d/subdomain from parser %pre
+- drop (never enabled) conditionals to build with python2 and to
+ build the python-apparmor subpackage (upstream dropped python2
+ support)
+- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed
+- set PYFLAKES path for utils check
+- add precompiled_cache build conditional to allow faster local
+ builds without using kvm
+- remove duplicated BuildRequires: swig
+ - fix two potential build failures in libapparmor
+ - fix log parsing for logs with an embedded newline
+ - some fixes in cache handling
+ - preserve errno across aa_*_unref() functions
+- no longer package static libapparmor.a
+- Fix RPM groups
+
+- libapparmor.spec is based on the AppArmor 2.11 apparmor.spec, but
+ with minimum BuildRequires
autoyast2
+- use Y2Storage::Arch to determine whether UEFI is available (bsc#937067)
+- 4.4.24
+
+- During autoupgrade merge the selected product workflow in order
+ to execute 2nd stage modules (bsc#1192437)
+- 4.4.23
+
+- Do not process the <add-on/> section during the 2nd stage
+ (bsc#1192185).
+- 4.4.22
+
bcm20702a1-firmware
+- Fix build on Leap which does not have %_firmwaredir
+
+- fix boo#1175038 - remove unnecessary %postun scriptlet that is
+ incorrectly deleting all package files on upgrade; all files are
+ already listed in %files as %ghost so no scriptlet is needed.
+
+- use %_firmwaredir
+
blktrace
+- Fix crash due to dropped first event while using pipe input (bsc#1191788).
+ * blkparse: skip check_cpu_map with pipe input
+ * blkparse: fix incorrectly sized memset in check_cpu_map
+ * Added:
+ - blkparse-skip-check_cpu_map-with-pipe-input.patch
+ - blkparse-fix-incorrectly-sized-memset-in-check_cpu_m.patch
+
-- Update to v1.0.3 (bnc#720300 and others).
- - Updated documentation
- - Fixed multiple output errors
- - Added FLUSH/FUA support
- - Misc bug fixes
-
-- disable parallel build again
-
-- Remove redundant tags/sections from specfile
-- Use %_smp_mflags for parallel build
-
-- Fix build with no-add-needed (missing -pthread)
-
-- Fix memory leak (bnc #546035)
-
-- Fix memory leak in btrecord (bnc #523444).
-
-- Fix typo in btt (bnc #511264).
-
-- Update to version 1.0.1:
- * blkrawverify: warn and return error if no traces are found
- * blkiomon manpage and usage reference invalid "msg-queue-name" option
- * fix up btrace options & manpage
- * more manpage fixups
- * fix max-pkts option inconsistencies
- * Converted to using the correct remap entries
- * blkiomon: fix unaligned accesses on ia64
- * fix off-by-one issues in blkiomon.h
- * fix include statement in stats.h
- * handle race to mkdir at startup
- * Fixed plug/unplug logic in btt
- * Working on fixing % time q plugged
- * fix trivial typo in manpage
- * Add NOTIFY to activity mask
- * Blktrace failed to lock reader threads on the cpu used by the
- corresponding writer. This resulted in stale data being consumed when
- blktrace accidently read at a position that was being written to at the
- same time. This issue surfaced as "bad trace magic" warnings emitted by
- blktrace tools.
- * Generate matplotlib plots for btt generated data
- * Update Jenkins hash to lookup3() variant
- * Fixed EAGAIN handling in blktrace.c
- * O_NOATIME isn't always present
- * btt: Added no remap option
- * btt general cleanup plus valgrind clean
- * btt: Missed fopen conversion to my_fopen
- * Code review updates
- * Reworked blktrace master/thread interface
- * Cleaned up devs that have no data
- * Moved starting of tracing after tracers are going
- * btt: fixed open in setup_ifile
- * Synchronized trace gathering
- * Invoke gethostbyname once, handle errors better
- * Added accept as a system call needing resource increases
- * Rewrote blktrace to have a single thread per CPU
- * Fix btt to handle large numbers of output files
- * Increased limits to allow for large system runs
- * A couple of min-counters weren't initialised correctly (thrput_r,
- thrput_w). We have got a perfectly working init function for this
- purpose. Removing partially duplicated code.
- * The git commit 11914a53d2ec2974a565311af327b8983d8c820d added
- __BLK_TA_ABORT to blktrace_api.h. A corresponding addition to the blktrace
- tools repository has been missing, breaking the API. Blkparse complained:
- "Bad fs action 40010011"
- * Added no messages option to blkparse.c
- * gcc 4.3.2 has started to warn about:
- * Added -P to create a data file w/ Q, D and C per line
- * Fixed 'M' displays on per-io output and added in I/O separator
- * Fixed segfault in aqd.c : need to check for NULL (not requested)
- * Added in -z to provide running waiting-for-issue latencies
- * Moved btrecord/btreplay to version 1.0.0
-
-- Build with docs by default.
-
brotli
+- Fix CVE-2020-8927, decoder: integer overflow when input chunk
+ is larger than 2GiB. (CVE-2020-8927, bsc#1175825)
+ * fix-cve-2020-8927.patch
+
cracklib
+- %check: really test the package [bsc#1191736]
+
desktop-data-openSUSE
+- Move call-browser and desktop-launch symlink to xdg-utils.
+
+- Update to version 15.2.20200107:
+ * Fix csh (boo#1158422)
+
+- Update to version 15.1.20191124:
+ * Remove remaining wallpapers
+ * Remove unused icon directory
+ * Don't set cursor on empty input
+- No longer requires DMZ Cursors, as the fillup no longer contains
+ the theme by default
+
+- Remove obsolete Groups tag (fate#326485)
+
+- Update to version 15.1.20181213:
+ * Replace old menus and set wallpapers for Gnome
+ * Remove all irrelevant stuff from KDE4, Novell and duplicated icons
+ * Fix up cursors not working by default, DMZ theme doesn't exist
+
-- Add /etc/skel/Templates directory with templates for commonly
- used files: plain text, ODF text, ODF presentation and ODF
- drawing. This provides the user with a choice of new document
- templates to choose from when, e.g., using the "New Document"
- item in right-click menu from file-browsers such as Nautilus;
- fixes bnc#897716.
-
dnsmasq
+- bsc#1192529, dnsmasq-resolv-conf.patch:
+ Fix a segfault when re-reading an empty resolv.conf
+- Remove "nogroup" membership from the dnsmasq user.
+
+- Use systemd-sysusers from 15.3 onwards
+
dracut
+- Update to version 055+suse.183.g7d569585:
+ * fix(dracut.spec): update usrmerged mkinitrd dir
+ * fix(url-lib): improve ca-bundle detection (bsc#1175892)
+
+- Update to version 055+suse.179.g3cf989c2:
+ * fix(cpio): write zeros instead of seek for padding and alignment
+ * fix(dracut.sh): check kernel zstd support early
+ * fix(dracut.sh): check availability of configured compression
+ * fix(dracut.sh): inform user about auto-selected compression method
+ * fix(dracut.sh): drop pointless check for module compression method
+ * chore(suse): add dracut-cpio archiver
+ * ci(TEST-63-DRACUT-CPIO): kernel extraction tests for dracut-cpio
+ * feat(dracut.sh): add "--enhanced-cpio" option for calling dracut-cpio
+ * feat(Makefile): cargo wrapper for dracut-cpio build
+ * feat(cpio): add newc archive creation utility
+ * feat(cpio): add rust argument parsing library from crosvm
+ * ci(TEST-62-SKIPCPIO): add simple skipcpio test
+ * ci(test): export basedir and testdir as absolute paths
+ * ci(TEST-60-BONDBRIDGEVLANIFCFG): use toplevel Makefile
+ * fix(dracut.spec): check for non-usrmerged environments
+ * fix(zfcp_rules): add quotes around rule installation argument
+ * fix(zipl): correct argument for uuid to device conversion
+ * fix(fips): missing value of _vmname variable (bsc#1193267)
+ * chore(suse): add fido2 module
+ * feat(crypt): check if fido2 module is needed in hostonly mode
+ * feat(fido2): introducing the fido2 module
+ * feat(crypt): check if tpm2-tss module is needed in hostonly mode
+ * fix(dracut-functions.sh): get block device driver if in a virtual subsystem
+ * fix(mdraid): allow UUID comparison for more than one UUID (bsc#1192665)
+
edict
+- Update to snapshot 20210529
+ * Approximately 600 entries were updated.
+
+- Update to snapshot 20210429
+ * No changelog recorded.
+
+- Update to snapshot 20201102
+ * No changelog recorded.
+
+- Update to snapshot 20200825
+ * No changelog recorded.
+
-- Remove redundant/obsolete tags/sections from specfile
- (cf. packaging guidelines)
-
-- update to latest versions. Updated dictionaries are
- edict, enamdict, kanjdic, kanjd212, and compdic.
-
gcc7
+- Adjust some ambiguous SPDX license specifications to prevent
+ spec-cleaner from messing up.
+
+- Add gcc7-pr55917.patch to do not handle exceptions in std::thread
+ (jsc#CAR-1182)
+
+- - Add gcc7-pfe-0001-Backport-Add-entry-for-patchable_function_entry.patch
+ gcc7-pfe-0002-Backport-Skip-fpatchable-function-entry-tests-for-nv.patch
+ gcc7-pfe-0003-Backport-Error-out-on-nvptx-for-fpatchable-function-.patch
+ gcc7-pfe-0004-Backport-Adapt-scan-assembler-times-for-alpha.patch
+ gcc7-pfe-0005-Backport-patchable_function_entry-decl.c-Use-3-NOPs-.patch
+ gcc7-pfe-0006-Backport-IBM-Z-Use-the-dedicated-NOP-instructions-fo.patch
+ gcc7-pfe-0007-Backport-Add-regex-to-search-for-uppercase-NOP-instr.patch
+ gcc7-pfe-0008-Backport-ICE-segmentation-fault-with-patchable_funct.patch
+ gcc7-pfe-0009-Backport-patchable_function_entry-decl.c-Pass-mcpu-g.patch
+ gcc7-pfe-0010-Backport-patchable_function_entry-decl.c-Do-not-run-.patch
+ gcc7-pfe-0011-Backport-patchable_function_entry-decl.c-Add-fno-pie.patch
+ gcc7-pfe-0012-Backport-PR-c-89946-ICE-in-assemble_start_function-a.patch
+ gcc7-pfe-0013-Backport-targhooks.c-default_print_patchable_functio.patch
+ gcc7-pfe-0014-Backport-Align-__patchable_function_entries-to-POINT.patch
+ gcc7-pfe-0015-Backport-Fix-PR-93242-patchable-function-entry-broke.patch
+ gcc7-pfe-0016-Backport-AArch64-PR92424-Fix-fpatchable-function-ent.patch
+ gcc7-pfe-0017-Backport-Fix-patchable-function-entry-on-arc.patch
+ gcc7-pfe-0018-Backport-Add-patch_area_size-and-patch_area_entry-to.patch
+ gcc7-pfe-0019-Backport-testsuite-Adjust-patchable_function-tests-f.patch
+ gcc7-pfe-0020-Backport-Use-the-section-flag-o-for-__patchable_func.patch
+ gcc7-pfe-0021-Backport-varasm-Fix-up-__patchable_function_entries-.patch
+ gcc7-pfe-0022-Backport-rs6000-Avoid-fpatchable-function-entry-regr.patch
+ gcc7-pfe-0023-Fix-unwinding-issues-when-pfe-is-enabled.patch
+ to add -fpatchable-function-entry feature to gcc-7.
+
+- Add gcc7-ada-MINSTKSZ.patch to fix build with glibc 2.34.
+- Add bits/unistd_ext.h to the list of removed fixed includes.
+
+- Add gcc7-sanitizer-cyclades.patch to remove cyclades.h use from
+ libsanitizer fixing builds with recent kernels.
+
glibc
+- 0001-s390x-Align-child-stack-while-clone.-BZ-27968.patch,
+ 0002-S390-Optimize-__memcpy_z196.patch,
+ 0003-S390-Optimize-__memset_z196.patch,
+ 0004-S390-Sync-HWCAP-names-with-kernel-by-adding-aliases-.patch,
+ 0005-S390-Add-new-hwcap-values.patch,
+ 0006-S390-Add-PCI_MIO-and-SIE-HWCAPs.patch: [15sp4 FEAT] GNU2007 -
+ GLIBC: Support for new IBM Z Hardware (bsc#1191592, jsc#IBM-869)
+
gmp
+- Add gmp-6.2.1-CVE-2021-43618.patch to fix buffer overflow on
+ malformed input to mpz_inp_raw. [bsc#1192717, CVE-2021-43618]
+
graphviz
-- Added graphviz-2.40.1-fix-dot-segfault.patch to fix a segfault in dot
- bsc#1151207
+- Changelog Update for SLES:
+ The following patch has been backported to SLES and is therefore
+ missing from the Factory changelog:
+ * graphviz-malformed_input.patch (boo#1132091)
-- Added graphviz-out-of-bounds-write.patch to fix CVE-2020-18032
- (bsc#1185833)
+- Changelog Update for SLES:
+ The Following patches have been backported to SLES and are therefore
+ missing from the Factory changelog:
+ * graphviz-2.40.1-fix-dot-segfault.patch (bsc#1151207)
+ * graphviz-out-of-bounds-write.patch (bsc#1185833)
+ * graphviz-null_dereference.patch (bsc#1185833)
-- Added graphviz-null_dereference.patch to fix CVE-2018-10196
- (boo#1093447)
+- Dropped python2 subpackages as the bindings are removed in 2.48
+- Update to version 2.48.0 (changes since 2.47.1)
+ * marginally more accurate computations in Smyrna sphere projection
+ * Perl is no longer required to build Graphviz #2067
+ * nop more reliably returns success and failure exit statuses
+ * implicit 63 character limit on plugin names is removed in GVC
+ * remove Python 2 bindings #1992
+ * improved thread-safety in Graphviz bindings Makefile
+ * the CMake build system now enables -Wextra when building C++
+ * some Cgraph functions that take char* arguments that they do not modify have
+ been updated to take const char* arguments #634
+ * incorrectly using the layout attribute on anything other than a graph now
+ results in a warning about this being invalid #2078
+ * edgepaint accepts more standard -- prefixed command line arguments and
+ rejects invalid options #1971
+ * improved detection of Lefty dependencies in the Autotools build system
+ * Fix: out of bounds read when attempting to load a plugin whose name is ≥63 characters
+ * Fix: out of bounds read when examining a registered plugin whose name is ≥63 characters
+ * Fix: do not fclose(NULL) in gvmap
+ * Fix: Uninitialized variable read in delaunay_tri
+ potentially mismatched format string in tclpkg
+ * Fix: ortho's eqEndSeg incorrectly modifies its arguments #2047
+ * Fix: Autotools enables -Wtrampolines and -Wlogical-op for Clang #2066
+ * Fix: node_distinct_coloring failure due to out-of-memory now reported correctly
+ instead of referring to a failure to open lab_gamut
+ * Fix: a typo GD_LIBS to GDLIB_LIBS in tclpkg/tcldot/Makefile.am !2022
+ * Fix: Autotools build system sets libgd variables now instead of incorrectly setting
+ GTK variables
+ * Fix: HTML strings used as labels are distinguishable in GXL output by kind="HTML-like string"
+ * Fix: a Bashism removed from the Autotools build system
+ * Fix: when Criterion is available, the command_line test binary is no longer built
+ and installed by default, but rather during make check
+ * Fix: round-tripping a file through gv2gxl and then gxl2gv no longer causes
+ HTML-like labels to become non-HTML like labels #517
+ * Fix: fix ODR violation by including the ortho object files in the gvc lib also for
+ CMake and MSbuild #2096
-- Added graphivz-malformed_input.patch from commit 839085f8
- to fix CVE-2019-11023 (boo#1132091)
+- Update graphviz-2.20.2-interpreter_names.patch so the Python demo
+ uses Python 3.
+
+- Install epl-v10.txt instead of COPYING.
+ The COPYING file is a symlink to epl-v10.txt.
+
+- Update to version 2.47.1
+ * More detailed error messages when opening input file fails
+ * The edges in JSON output are ordered now
+ * Fixed xdot man page does not document some functions
+ * Fixed PIC renderer
+ * Fixed dot conversion to dia format
+ * Fixed memory leak of reference-counted HTML strings
+ * Fix for TBbalance attribute code
+ * Fixed HTML parser error with single closing square bracket in
+ table row
+ * Fixed reference counted strings put the HTML bit in the middle
+ of the reference count
+ * Fixed & escape disappearing
+ * Fixed gvpr -? to actually print usage and exit non-zero
+ * Fixed memory leak in libmingle
+ * Fixed memory leak in ANN bridge
+ * Fixed buffer overflow in unflatten
+ * Fixed agxbputc macro does not bracket its arguments
+- Drop upstream fixed graphviz-2.46-fix-shebang.patch
+ * Using POSIX shell, no need for ksh
+
+- Remove obsolete pre_checkin.sh
+
+- Buildrequire full ghostscript in the addons package
+ to avoid a conflict betwen ghostcript-mini and ghostscript-devel
+
+- Replace ghostscript-mini dependency with ghostscript_any
+
+- Add graphviz-webp package to for webp image support
+
+- Reenable ghostscript, but require just ghostscript-mini
+
+- Update to new release 2.46.1 (changes since 2.44.1)
+ * Support for building against Guile 2.2
+ * Portable source is now also offered as a .tar.xz
+ * CentOS/RHEL 6 is no longer supported
+ * Vestiges of Qt4 support have been removed
+ * C++11 support is now required of the C++ compiler used to build Graphviz
+ * C99 support is now required of the C compiler used to build Graphviz
+ * Question about userout() function in agerror.c #1924
+ * The minimum version of Python required to run the test suite is 3.6
+ * memory leak in label construction
+ * gvedit compilation errors out, but works if manually compiled with qt5 #1862
+ * incorrect HTML BR attribute parsing code #1913
+ * broken overflow checks in RectArea #1906
+ * various memory leaks !1699
+ * Fix bad free in lefty !1709
+ * typo in pathcross #1926
+ * Out-of-bounds write caused by incorrect error handling of malloc in genUserdata #1928
+ * Offer .tar.xz files too #454
+ * Header file graphviz_version.h has no include guards #1929
+ * regression: newlines embedded in quoted labels / node names are not preserved in 2.46.0 #1931
+ * Properly fill graphviz_version.h !1706
+ * Cgraph's agxbuf API gained a new function agxbdisown(), for dissociating
+ * backing memory from the managed buffer
+ * Build system support for the Elbrus 2000 CPU, thanks to Michael Shigorin
+ * Cgraph's agheap() API has been removed
+ * Autotools build system support for eFence has been removed
+ * Building Graphviz with ICC defaults to -O2 instead of -O0
+ * Build system work arounds for GCC 3 have been removed
+ * Incomplete support for running the test suite under CMake has been removed
+ * Portable source tarballs now use the “ustar†POSIX format
+ * Minimum version of Flex required to build Graphviz is now 2.5.2
+ * Minimum version of Bison required to build Graphviz is now 3.0
+ * Minimum version of CMake required to build Graphviz using CMake is now 3.1
+ * gvpr: line numbers in gvpr errors/warnings are incorrect #1594
+ * URL typo in patchwork man page
+ * Escaped backslashes are not correctly handled when producing xdot with dot #165
+ * heap-over-flow(off-by-null) in lib/common/shapes.c #1700
+ * Windows MSBuild executables have the wrong version #1745
+ * Cast Overflow at pango_textlayout #1314
+ * x11 back end segfaults if display is unavailable #1776
+ * typo in cmd/gvpr/lib/clustg #1781
+ * Segfault in dot #1783
+ * Incorrect 'Arrow type "s" unknown' error #1444
+ * segfault on reading 0x10 #1724
+ * Null-dereference READ (144736912) #1676
+ * "Warning! PATH too long installer unable to modify PATH!" using CMake Windows installer and PATH length > 1024 #1770
+ * gvedit -? gives "option - unrecognized - ignored" instead of showing usage #1813
+ * lefty is not built for Windows (fixed for MSBuild builds only) #1818
+ * a failure to detect OpenGL glGenTextures() errors has been corrected
+ * sfio does compile time benchmarknig #1422
+ * iffe "lib" check always succeeds when compiler optimises #1521
+ * syntax error near text who is not present #1411
+ * Explicitly links with libstdc++; should allow libc++ if appropriate #163
+ * A macOS file that was erroneously excluded from portable source tarballs has
+ * been restored
+ * Add option -? for usage to diffimg
+ * Add option -? for usage to dotty
+ * Add option -? for usage to lneato
+ * Add option -? for usage to vimdot
+ * Fix smyrna -? to actually print usage instead of error
+ * Fix edgepaint -? to actually print usage instead of error
+ * Remove '"' from usage text in non-Windows version of dotty
+ * Correct misspelled 'smyrna' in usage
+ * Fix edgepaint -o option
+ * Correct shebang of gvmap.sh to use ksh
+ * Fix gvmap.sh -? option to exit with zero exit status
+ * Graphviz doesn't build on MacOS with the latest libc++ #1785
+ * make fails if ps2pdf is not installed (using autotools) #1763
+ * multiple graphs to file output causes a segfault #1845
+ * lefty PTY functionality relies on file descriptor implementation details #1823
+ * buffer overflow in fdpgen
+ * Crashes by VRML output when current directory is not writable #793
+ * Segmentation fault when newrank=true #1221
+ * sfdp craches #236
+ * fdp segmentation fault with GK=0 #1290
+ * fdp crash #1865
+ * Graphviz always crash with this simple dot file #167
+ * Seg fault in dot #1771
+ * gml2gv doesn't handle some attributes correctly #1869
+ * Add missing circo, fdp, neato, osage, patchwork, sfdp & twopi tools to Windows builds (copies of dot)
+ * Add gv2gml tool to CMake (copy of gml2gv on Windows, symlink to gml2gv otherwise)
+ * Regression: fdp generates internal names in the output #1876
+ * Regression: fdp assertion error on cluster in edge #1877
+ * Regression in id / <title> in svg for twopi #1907
+- graphviz-2.46-fix-shebang.patch added to make rpmlint happy
+- graphviz-no_strict_aliasing.patch changed to be applicable to current files
+- configure without ghostscript to break new build cycle
+- Update source URLs
+
+- Use _multibuild to build graphviz and graphviz-addons in a single
+ development project
+ - graphviz-addons.changes
+ - graphviz-addons.spec
+
+- Update to new release 2.44.1 (changes since 2.42.3)
+ * applied RH patches (from graphviz-2.42.2-8.fc32.src.rpm)
+ * some allocation failures that could previously allow memory
+ corruption now exit
+ * lab_gamut.3.pdf is no longer included in release archives
+ * Fixed Neato's hier mode is broken since v2.44.0
+ * Fixed segmentation fault (core dumped)
+ * New SGD mode in neato
+ * Add pkg-config files
+ * tred: add feature to output removed edges to stderr upon request
+ * Workaround: avoid creating a virtual edge loop.
+ * Add riscv64 to host_cpu configure.ac
+ * lib/cgraph: include empty malloc.h from subdir include
+ * lib/gvpr: compile mkdefs with $(HOSTCC) rather than $(CC)
+ * lib/vpsc: rename bcopy->b_copy
+ * Fixed the NativeCodeAnalysis task failed unexpectedly.
+ * Include all test files in distro
+ * host_cpu add mips64 platform
+ * Correct description of 'port' syntax in manual
+ * svg output displays TITLE of %3 if graph had no name
+ * XML errors in generated SVG when URL attribute contains
+ ampersand (&)
+ * Test files missing from source distributions
+ * SVG error for "g.transform.scale " in graphviz version 2.43
+- BuildRequires for ghostscript and groff (generate cdt documentation)
+- Extension graphviz-php changes:
+ * Require php(api) and php(zend-abi) to guarantee ABI compatibility
+ * Don't pull in extra libraries from PHP
+ + graphviz-no_php_extra_libs.patch
+ * Remove argon2-devel from list of dependencies
+ * Automatically enable extension when installed by providing
+ /etc/php{5,7}/conf.d/gv.ini
+
+- Rename python*-graphviz to python*-gv, there is also normal
+ pypi graphviz package and we clash otherwise and override
+ each other
+
+- Add also configure option to not build py2 if the python2
+ build is disabled
+
+- Add python2/python3 split subpkgs in order to allow building
+ without python2 available
+
+- Auto-identify the correct ruby-version using pkg-config.
+
+- Update to new release 2.42.3
+ - tidy gvedit about dialog strings
+ - check for mmap failure in plugin code
+ - fix broken symlinks to _gv.so with Python
+ - fix out of source build with LIBGD
+ - some minor bugfixes
+- Fix changelog of last update:
+ - Accidentally had both CVE entries mashed together.
+
+- Switch from github master to new release 2.42.1
+ - Fixes CVE-2019-11023 (bsc#1132091)
+ - Fixes CVE-2018-10196 (bsc#1093447)
+ - Fixes quite a few bugs
+- Removed graphviz-fix-ruby-version.patch (fixed in upstream)
+
+- Tweak runtime Requires(post): graphviz to same or newer version.
+ Needed after change to git checkout instead of released tarballs.
+
+- Disabled Visio plugin
+
+- Use %%python3_sitearch macro to package python3 modules.
+- use correct ruby version (2.5) for openSUSE 15.1 and earlier.
+
+- Now using master branch of upstream, as there have been no releases for
+ over two years
+ * this should fix CVE-2019-11023 (boo#1132091)
+- Removed graphviz-qt5.patch (now in upstream)
+- Removed reproducible.patch (now in upstream)
+- graphviz-smyrna-link_against_glu.patch changed to be applicable to current files
+- graphviz-no_strict_aliasing.patch changed to be applicable to current files
+- Added graphviz-fix-ruby-version.patch to remove hardcoded dependency on ruby 1.9
+- graphviz.spec updated for new version
+- created _service file
+
+- use pkg-config with correct parameter, reported by Werner Fink
+
+- Support dynamic move to Guile 2.2, part of boo#1117121:
+ - Replace conditional pkgconfig(guile-2.[02]) BuildRequires with
+ guile-devel: The package name is unchanged, which allows the
+ distro projects to move wihout step-locking changes.
+ - Patch configure.ac to look for guile-2.2 if guile 2.2 is being
+ used.
+- order inputs alphabetically
+
+- Fixed double file declaration in graphviz and graphviz-addons (x11)
+- Mark license files with %license instead of %doc
+
+- Build with gts support (bsc#1108978, bsc#1108976)
+ SLE12 flavors do not provide gts, so explicitly exclude
+ gts support there.
+
+- Extend reproducible.patch to make build reproducible (boo#1041534)
+
+- Build with PHP5 for Leap 42.x and earlier, PHP7 requires swig 3.0.11
+ Drop graphviz-plugins-fix_install_dirs.patch, use sed script to
+ fix directories, same as for Lua
+
+- Do not delete dotty/lefty/lneato man pages which are part of
+ the x11 subpackage, built from the addons package/spec.
+ (No changelog entry).
+
+- Drop harmful modification of tclpkg/gv/gv_doc_langs.tcl, which
+ changes the timestamp, although the file does not contain LIB_DIR.
+ Graphviz ships prebuilt manpages in man and PDF format. Modifying
+ the tcl script rebuilt the documentation, and replaced the PDFs
+ with empty documents (due to missing groff). This also made the
+ doc subpackage nonreproducible, causing rebuilds in all dependent
+ packages.
+
+- Disable guile 2.2 modifications temporarily
+- Move lefty/dotty/lneato graph editor tools to x11 subpackage and
+ build as part of addons package. Removes any X11 dependency from
+ core package, both build and runtime.
+- Drop unused libXaw6 build dependency
+- move libpng, libjpeg, freetype and fontconfig build dependencies
+ to addons, unused for core
+
+- Move to pkgconfig(guile-2.2) BuildRequires on suse_version >=
+ 1500.
groff
+- Remove /usr/share/groff/current from groff-full. It creates file
+ conflicts during version upgrade (bsc#1192195#c8).
+
groff:full
+- Remove /usr/share/groff/current from groff-full. It creates file
+ conflicts during version upgrade (bsc#1192195#c8).
+
gtk2
+- Add gtk2-rpmlintrc (boo#1191758):
+ + Filter wrong split request for libgdk-x11-2.0.so.0: the
+ library shares the version info with gtk2 and is allowed to be
+ in the same library package.
+ + Filter libgail.so.18 split request: the error is actually
+ correct, but gtk2 being a legacy package does not justify the
+ extra efort. The libgtk-2_0-0 package is the only consumer.
+
haveged
+- revert last change, e.g. for VMs where we are not being fed entropy
+ from the host or similar setups.
+
+- Improvements on the linux kernel random subsystem have made
+ the haveged service/daemon obsolete, remove the service files,
+ initrd modules and udev rules, the other components
+ are still useful.
+
+- Update to 1.9.14:
+ * made enttest configurable
+ * havegecmd.c - new command added to close the communication socket
+- Drop haveged-conditional-enttest.patch
+
+- Update to 1.9.13:
+ * added support for --version [Jirka Hladky]
+ * updated systemd service file [Jirka Hladky]
+ * fix a memory leak in havege_destroy [Anakin Zhang]
+ * updated version reported by program [Jirka Hladky]
+ * fix ordering cycle with private tmp [Christian Hesse]
+ * Updated systemd service file [Nicolas Braud-Santoni]
+ * Bump soname [Nicolas Braud-Santoni]
+ * Fix crash on shutdown in threaded mode [Sergei Trofimovich]
+ * Fix compilation with --enable-threads [Lars Wendler]
+
+- Update to version 1.9.8:
+ * Fix for Unresolved symbol error_exit in libhavege #20 by pld-gitsync [Jirka Hladky]
+ * order after systemd-tmpfiles-setup-dev.service (origin/pr/21) [Christian Hesse]
+ * use systemd security features [Christian Hesse]
+ * do not run in container [Christian Hesse]
+ * do not use carriage return in line break [Christian Hesse]
+ * Fixed invalid UTF-8 codes in ChangeLog [Jirka Hladky]
+- Changes for version 1.9.5:
+ * Added test for /dev/random symlink [Jirka Hladky]
+ * Update to automake 1.16 [Jirka Hladky]
+ * Fix segv at start [Andrew]
+ * Fixed built issue on Cygwin [jbaker6953]
+ * Fix segfault on arm machines (origin/pr/7) [Natanael Copa]
+ * init.d/Makefile.am - add missing dependency [Jackie Huang]
+ * service.redhat - update PIDFile [Pierre-Jean Texier]
+ * Fix type mismatch in get_poolsize [Andreas Schwab]
+ * Fixup upstream changelog [Nicolas Braud-Santoni]
+ * Remove support for CPUID on ia64 (origin/pr/19) [Jeremy Bobbio]
+ * Output some progress during CUSUM and RANDOM EXCURSION test [Sven Hartge]
+ * Diagnostics capture mode now works correctly [Ethan Rahn]
+- Drop upstream patches:
+ * f2193587.patch
+ * get-poolsize.patch
+
+- get-poolsize.patch: Fix type mismatch in get_poolsize that breaks error
+ checking (bsc#1111047)
+
+- Refresh patches
+
+- Use noun phrase for summary. Grammar fixes to description.
+
+- Update to version 1.9.4:
+ * Avoid misleading message if cmd socket is in use
+ * Implements a command mode and use it for chroot
+- Drop upstreamed patches:
+ * change-sysroot.patch
+- Update project and download url's
+
+- Add patch change-sysroot.patch to
+ move forward to socket communication within private network
+- Add haveged-switch-root.service which send the new root location
+ to running haveged process
+
+- Make haveged survive switch root within initrd (boo#1075359)
+ added change-sysroot.patch
+ haveged-switch-root.service
hwdata
+- Update to version 0.353 (bsc#1192587):
+ + Updated pci, usb and vendor ids.
+
+- Update to version 0.352 (bsc#1191375):
+ + Updated pci, usb and vendor ids.
+
inotify-tools
+- update to 3.21.9.6 (jsc#SLE-21025):
+ * update path for includes in stats.h
+ * Fix spellings in manpages
+
+- update to 3.21.9.5:
+ * Fix Wrong pointer passed to realloc
+ * Fix offset compiler warning
+ * various static code analyse annotations and fixes
+
+- update to 3.20.11.0:
+ * Added --no-dereference to watch a symlink
+ * bugfixes
+
+- update to 3.20.2:
+ * New maintainer
+ * Fix potential buffer overflow
+ * gcc 9 support
+- remove inotify-tools-no-timestamp-in-doc.patch
+ inotify-return.patch (merged upstream)
+
+- Update inotify-tools-no-timestamp-in-doc.patch
+ because doxygen footers are no more an issue and man page
+ date needs to be normalized (boo#1047218)
+
+- adjust source to the github download url
+
+- update to version 3.20.1
+ * no changelog
+ * drop upstreamed patch reserved-identifier.patch
+
-- removed %clean section
-- enabled doxygen in configure and split up doc package
-- added fdupes call for doc (doxygen) files
-- added %check section with simple "make check"
-- moved .so files to the main package
-- added --disable-static to configure and remove .la file
-- replaced RPM_BUILD_ROOT with %buildroot
-
-- some spec file clean up:
- - explicitly list file names
- - removed unneeded BuildRequires and %changelog for the -devel
- sub-package
- - removed pointless %lang_package tag
- - specified upstream download URI in the URL tag
-- inotify-return.patch:
- specifies a return value for a function to fix a build error
- (no-return-in-nonvoid-function)
-
-- initial package
-
inxi
+- update to 3.3.07:
+ * /usr/share/doc/packages/inxi/inxi.changelog.
+
+- Updated to version 3.3.03:
+ * See /usr/share/doc/packages/inxi/inxi.changelog.
+
kernel-default
+- x86/sev: Fix SEV-ES INS/OUTS instructions for word, dword,
+ and qword (bsc#1190497).
+- commit 8e47d62
+
+- tty: hvc: replace BUG_ON() with negative return value
+ (git-fixes).
+- commit 64a2763
+
+- xen/netfront: don't trust the backend response data blindly
+ (git-fixes).
+- commit 3d79f0a
+
+- xen/netfront: disentangle tx_skb_freelist (git-fixes).
+- commit 843455b
+
+- xen/netfront: don't read data from request on the ring page
+ (git-fixes).
+- commit a7d9222
+
+- xen/netfront: read response from backend only once (git-fixes).
+- commit 7ac98d9
+
+- xen/blkfront: don't trust the backend response data blindly
+ (git-fixes).
+- commit 8fa0a17
+
+- xen/blkfront: don't take local copy of a request from the ring
+ page (git-fixes).
+- commit ff5aa10
+
+- xen/blkfront: read response from backend only once (git-fixes).
+- commit 160dbd1
+
+- usb: core: config: using bit mask instead of individual bits
+ (git-fixes).
+- USB: gadget: zero allocate endpoint 0 buffers (git-fixes).
+- USB: gadget: detect too-big endpoint 0 requests (git-fixes).
+- libata: add horkage for ASMedia 1092 (git-fixes).
+- platform/x86: amd-pmc: Fix s2idle failures on certain AMD
+ laptops (git-fixes).
+- mmc: spi: Add device-tree SPI IDs (git-fixes).
+- usb: gadget: uvc: fix multiple opens (git-fixes).
+- commit e549085
+
+- HID: Ignore battery for Elan touchscreen on Asus UX550VE
+ (git-fixes).
+- HID: google: add eel USB id (git-fixes).
+- HID: add USB_HID dependancy to hid-prodikeys (git-fixes).
+- HID: add USB_HID dependancy to hid-chicony (git-fixes).
+- HID: bigbenff: prevent null pointer dereference (git-fixes).
+- HID: sony: fix error path in probe (git-fixes).
+- HID: add USB_HID dependancy on some USB HID drivers (git-fixes).
+- HID: check for valid USB device for many HID drivers
+ (git-fixes).
+- HID: wacom: fix problems when device is not a valid USB device
+ (git-fixes).
+- HID: add hid_is_usb() function to make it simpler for USB
+ detection (git-fixes).
+- HID: quirks: Add quirk for the Microsoft Surface 3 type-cover
+ (git-fixes).
+- HID: Ignore battery for Elan touchscreen on HP Envy X360
+ 15-eu0xxx (git-fixes).
+- HID: sony: support for the ghlive ps4 dongles (git-fixes).
+- HID: sony: Fix more ShanWan clone gamepads to not rumble when
+ plugged in (git-fixes).
+- commit 66fc3e6
+
+- sched/fair: Document the slow path and fast path in
+ select_task_rq_fair (bsc#1189999 (Scheduler functional and
+ performance backports)).
+- sched/fair: Fix per-CPU kthread and wakee stacking for asym
+ CPU capacity (bsc#1189999 (Scheduler functional and performance
+ backports)).
+- sched/fair: Fix detection of per-CPU kthreads waking a task
+ (bsc#1189999 (Scheduler functional and performance backports)).
+- commit d543e74
+
+- Refresh
+ patches.suse/sched-fair-Adjust-the-allowed-NUMA-imbalance-when-SD_NUMA-spans-multiple-LLCs.patch.
+- Refresh
+ patches.suse/sched-fair-Use-weight-of-SD_NUMA-domain-in-find_busiest_group.patch.
+- commit 24ff0a3
+
+- xhci: avoid race between disable slot command and host runtime
+ suspend (git-fixes).
+- commit 7ac82ba
+
+- xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from
+ runtime suspending (git-fixes).
+- commit 47ed1f0
+
+- Update patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch (bsc#1189158)
+- commit 5a1da74
+
+- vdpa: Consider device id larger than 31 (git-fixes).
+- virtio/vsock: fix the transport to work with VMADDR_CID_ANY
+ (git-fixes).
+- virtio_ring: Fix querying of maximum DMA mapping size for
+ virtio device (git-fixes).
+- virtio: always enter drivers/virtio/ (git-fixes).
+- vdpa: check that offsets are within bounds (git-fixes).
+- commit a40ec17
+
+- scsi: qla2xxx: Format log strings only if needed (git-fixes).
+- scsi: scsi_debug: Fix buffer size of REPORT ZONES command
+ (git-fixes).
+- scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
+ (git-fixes).
+- scsi: scsi_debug: Zero clear zones at reset write pointer
+ (git-fixes).
+- scsi: mpt3sas: Fix incorrect system timestamp (git-fixes).
+- scsi: mpt3sas: Fix system going into read-only mode (git-fixes).
+- scsi: mpt3sas: Fix kernel panic during drive powercycle test
+ (git-fixes).
+- commit 590254f
+
+- RDMA/irdma: Don't arm the CQ more than two times if no CE for
+ this CQ (jsc#SLE-18383).
+- RDMA/irdma: Report correct WC errors (jsc#SLE-18383).
+- RDMA/irdma: Fix a potential memory allocation issue in
+ 'irdma_prm_add_pble_mem()' (jsc#SLE-18383).
+- RDMA/irdma: Fix a user-after-free in add_pble_prm
+ (jsc#SLE-18383).
+- IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (jsc#SLE-19242).
+- IB/hfi1: Fix early init panic (jsc#SLE-19242).
+- IB/hfi1: Insure use of smp_processor_id() is preempt disabled
+ (jsc#SLE-19242).
+- IB/hfi1: Correct guard on eager buffer deallocation
+ (jsc#SLE-19242).
+- RDMA/rtrs: Call {get,put}_cpu_ptr to silence a debug kernel
+ warning (jsc#SLE-19249).
+- RDMA/hns: Do not destroy QP resources in the hw resetting phase
+ (bsc#1190336).
+- RDMA/hns: Do not halt commands during reset until later
+ (bsc#1190336).
+- RDMA/mlx5: Fix releasing unallocated memory in dereg MR flow
+ (jsc#SLE-19253).
+- RDMA: Fix use-after-free in rxe_queue_cleanup (jsc#SLE-19249).
+- vmxnet3: fix minimum vectors alloc issue (bsc#1190406).
+- ice: safer stats processing (jsc#SLE-18375).
+- ice: fix adding different tunnels (jsc#SLE-18375).
+- ice: fix choosing UDP header type (jsc#SLE-18375).
+- ice: ignore dropped packets during init (jsc#SLE-18375).
+- ice: Fix problems with DSCP QoS implementation (jsc#SLE-18375).
+- ice: rearm other interrupt cause register after enabling VFs
+ (jsc#SLE-18375).
+- ice: fix FDIR init missing when reset VF (jsc#SLE-18375).
+- i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc
+ (jsc#SLE-18378).
+- i40e: Fix pre-set max number of queues for VF (jsc#SLE-18378).
+- i40e: Fix failed opcode appearing if handling messages from VF
+ (jsc#SLE-18378).
+- iavf: Fix reporting when setting descriptor count
+ (jsc#SLE-18385).
+- iavf: restore MSI state on reset (jsc#SLE-18385).
+- devlink: fix netns refcount leak in devlink_nl_cmd_reload()
+ (git-fixes).
+- bonding: make tx_rebalance_counter an atomic (git-fixes).
+- net/tls: Fix authentication failure in CCM mode (git-fixes).
+- tcp: fix page frag corruption on page fault (git-fixes).
+- commit ed7a8c9
+
+- config: INPUT_EVBUG=n (bsc#1192974).
+ Debug driver unsuitable for production, only enabled on ppc64.
+- commit e6448a3
+
+- ima: Fix undefined arch_ima_get_secureboot() and co
+ (bsc#1193674).
+- commit acf34be
+
+- net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero
+ (git-fixes).
+- commit 6e691fe
+
+- Move upstreamed rtw89 patch into sorted section
+- commit 0950df1
+
+- net: mana: Fix memory leak in mana_hwc_create_wq (git-fixes).
+- commit 1fcab05
+
+- usb: core: config: fix validation of wMaxPacketValue entries
+ (git-fixes).
+- bus: mhi: core: Add support for forced PM resume (git-fixes).
+- iio: trigger: stm32-timer: fix MODULE_ALIAS (git-fixes).
+- iio: at91-sama5d2: Fix incorrect sign extension (git-fixes).
+- iio: adc: axp20x_adc: fix charging current reporting on AXP22x
+ (git-fixes).
+- iio: gyro: adxrs290: fix data signedness (git-fixes).
+- iio: ad7768-1: Call iio_trigger_notify_done() on error
+ (git-fixes).
+- iio: itg3200: Call iio_trigger_notify_done() on error
+ (git-fixes).
+- iio: dln2: Check return value of devm_iio_trigger_register()
+ (git-fixes).
+- iio: trigger: Fix reference counting (git-fixes).
+- iio: dln2-adc: Fix lockdep complaint (git-fixes).
+- iio: adc: stm32: fix a current leak by resetting pcsel before
+ disabling vdda (git-fixes).
+- iio: mma8452: Fix trigger reference couting (git-fixes).
+- iio: stk3310: Don't return error code in interrupt handler
+ (git-fixes).
+- iio: kxsd9: Don't return error code in trigger handler
+ (git-fixes).
+- iio: ltr501: Don't return error code in trigger handler
+ (git-fixes).
+- iio: accel: kxcjk-1013: Fix possible memory leak in probe and
+ remove (git-fixes).
+- misc: rtsx: Avoid mangling IRQ during runtime PM (git-fixes).
+- misc: fastrpc: fix improper packet size calculation (git-fixes).
+- bus: mhi: pci_generic: Fix device recovery failed issue
+ (git-fixes).
+- clocksource/drivers/dw_apb_timer_of: Fix probe failure
+ (git-fixes).
+- irqchip/irq-gic-v3-its.c: Force synchronisation when issuing
+ INVALL (git-fixes).
+- irqchip: nvic: Fix offset for Interrupt Priority Offsets
+ (git-fixes).
+- irqchip/aspeed-scu: Replace update_bits with write_bits
+ (git-fixes).
+- irqchip/armada-370-xp: Fix support for Multi-MSI interrupts
+ (git-fixes).
+- irqchip/armada-370-xp: Fix return value of
+ armada_370_xp_msi_alloc() (git-fixes).
+- clocksource/drivers/arc_timer: Eliminate redefined macro error
+ (git-fixes).
+- commit 458f7dd
+
+- Bbluetooth: btusb: Add another Bluetooth part for Realtek 8852AE
+ (bsc#1193655).
+- Bluetooth: btusb: Add gpio reset way for qca btsoc in
+ cmd_timeout (bsc#1193655).
+- Bluetooth: btusb: Add support for IMC Networks Mediatek
+ Chip(MT7921) (bsc#1193655).
+- Bluetooth: btusb: Add the new support ID for Realtek RTL8852A
+ (bsc#1193655).
+- Bluetooth: btusb: Add protocol for MediaTek bluetooth
+ devices(MT7922) (bsc#1193655).
+- Bluetooth: btusb: Support public address configuration for
+ MediaTek Chip (bsc#1193655).
+- commit aa63c80
+
+- i2c: mpc: Use atomic read and fix break condition (git-fixes).
+- clk: qcom: sm6125-gcc: Swap ops of ice and apps on sdcc1
+ (git-fixes).
+- clk: imx: use module_platform_driver (git-fixes).
+- clk: qcom: clk-alpha-pll: Don't reconfigure running Trion
+ (git-fixes).
+- clk: qcom: regmap-mux: fix parent clock lookup (git-fixes).
+- commit 3747790
+
+- ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897
+ platform (git-fixes).
+- ALSA: ctl: Fix copy of updated id with element read/write
+ (git-fixes).
+- ALSA: pcm: oss: Handle missing errors in
+ snd_pcm_oss_change_params*() (git-fixes).
+- ALSA: pcm: oss: Limit the period size to 16MB (git-fixes).
+- ALSA: pcm: oss: Fix negative period/buffer sizes (git-fixes).
+- commit 70606b1
+
+- thermal: int340x: Fix VCoRefLow MMIO bit offset for TGL
+ (git-fixes).
+- PM: runtime: Fix pm_runtime_active() kerneldoc comment
+ (git-fixes).
+- hwmon: (pwm-fan) Ensure the fan going on in .probe()
+ (git-fixes).
+- hwmon: (dell-smm) Fix warning on /proc/i8k creation error
+ (git-fixes).
+- hwmon: (corsair-psu) fix plain integer used as NULL pointer
+ (git-fixes).
+- Revert "PCI: aardvark: Fix support for PCI_ROM_ADDRESS1 on
+ emulated bridge" (git-fixes).
+- mmc: renesas_sdhi: initialize variable properly when tuning
+ (git-fixes).
+- ASoC: codecs: wsa881x: fix return values from kcontrol put
+ (git-fixes).
+- ASoC: codecs: wcd934x: return correct value from mixer put
+ (git-fixes).
+- ASoC: codecs: wcd934x: handle channel mappping list correctly
+ (git-fixes).
+- ASoC: qdsp6: q6routing: Fix return value from
+ msm_routing_put_audio_mixer (git-fixes).
+- ASoC: tegra: Use normal system sleep for ADX (git-fixes).
+- ASoC: tegra: Use normal system sleep for AMX (git-fixes).
+- ASoC: tegra: Use normal system sleep for Mixer (git-fixes).
+- ASoC: tegra: Use normal system sleep for MVC (git-fixes).
+- ASoC: tegra: Use normal system sleep for SFC (git-fixes).
+- ASoC: tegra: Balance runtime PM count (git-fixes).
+- ASoC: rt5682: Fix crash due to out of scope stack vars
+ (git-fixes).
+- ALSA: usb-audio: Reorder snd_djm_devices[] entries (git-fixes).
+- ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1 (git-fixes).
+- drm/amd/display: Fix DPIA outbox timeout after S3/S4/reset
+ (git-fixes).
+- drm/syncobj: Deal with signalled fences in
+ drm_syncobj_find_fence (git-fixes).
+- commit 847c219
+
+- can: m_can: make custom bittiming fields const (git-fixes).
+- commit 5d86bd5
+
+- Update BT fix patch for regression with 8087:0026 device (bsc#1193124)
+ Also corrected the references and patch description
+- commit 4cf2593
+
+- scsi: lpfc: Fix non-recovery of remote ports following an
+ unsolicited LOGO (bsc#1189126).
+- commit 2b31676
+
+- sched/fair: Adjust the allowed NUMA imbalance when SD_NUMA
+ spans multiple LLCs (bsc#1192120).
+- sched/fair: Use weight of SD_NUMA domain in find_busiest_group
+ (bsc#1192120).
+- commit 818b2ce
+
+- nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done
+ (git-fixes).
+- can: kvaser_usb: get CAN clock frequency from device
+ (git-fixes).
+- can: kvaser_pciefd: kvaser_pciefd_rx_error_frame(): increase
+ correct stats->{rx,tx}_errors counter (git-fixes).
+- can: m_can: pci: use custom bit timings for Elkhart Lake
+ (git-fixes).
+- can: m_can: pci: fix incorrect reference clock rate (git-fixes).
+- can: m_can: Disable and ignore ELO interrupt (git-fixes).
+- can: sja1000: fix use after free in ems_pcmcia_add_card()
+ (git-fixes).
+- can: pch_can: pch_can_rx_normal: fix use after free (git-fixes).
+- mtd: dataflash: Add device-tree SPI IDs (git-fixes).
+- mtd: rawnand: fsmc: Fix timing computation (git-fixes).
+- mtd: rawnand: fsmc: Take instruction delay into account
+ (git-fixes).
+- mtd: rawnand: Fix nand_choose_best_timings() on unsupported
+ interface (git-fixes).
+- mtd: rawnand: Fix nand_erase_op delay (git-fixes).
+- HID: intel-ish-hid: ipc: only enable IRQ wakeup when requested
+ (git-fixes).
+- soc: fsl: dpio: Unsigned compared against 0 in
+ qbman_swp_set_irq_coalescing() (git-fixes).
+- commit 3db25ff
+
+- Refresh
+ patches.suse/0011-PM-hibernate-require-hibernate-snapshot-image-to-be-.patch.
+- commit 90d6396
+
+- Refresh
+ patches.suse/0010-PM-hibernate-a-option-to-request-that-snapshot-image.patch.
+ Update config files. CONFIG_HIBERNATE_VERIFICATION_FORCE is not set
+- commit c101ebd
+
+- unmark
+ patches.suse/0009-PM-hibernate-prevent-EFI-secret-key-to-be-regenerate.patch
+- commit 3684c18
+
+- Refresh
+ patches.suse/0008-PM-hibernate-Generate-and-verify-signature-for-snaps.patch.
+ Update config files. CONFIG_HIBERNATE_VERIFICATION=y
+- commit 402ebf2
+
+- Refresh
+ patches.suse/0007-PM-hibernate-encrypt-hidden-area.patch.
+- commit fbd4629
+
+- Refresh
+ patches.suse/0006-efi-allow-user-to-regenerate-secret-key.patch.
+- commit a86713d
+
+- Refresh
+ patches.suse/0005-efi-generate-secret-key-in-EFI-boot-environment.patch.
+ Update config files. CONFIG_EFI_SECRET_KEY=y
+- commit 6e77a16
+
+- unmark
+ patches.suse/0002-hibernate-avoid-the-data-in-hidden-area-to-be-snapsh.patch
+- commit f20ffd1
+
+- Refresh
+ patches.suse/0001-security-create-hidden-area-to-keep-sensitive-data.patch.
+ Update config files. CONFIG_HIDDEN_AREA
+- commit f4223b3
+
+- drm/i915/dp: Perform 30ms delay after source OUI write
+ (git-fixes).
+- commit ffbcf49
+
+- usb: cdns3: gadget: fix new urb never complete if ep cancel
+ previous requests (git-fixes).
+- USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub (git-fixes).
+- serial: pl011: Add ACPI SBSA UART match id (git-fixes).
+- drm/amd/display: Allow DSC on supported MST branch devices
+ (git-fixes).
+- iwlwifi: mvm: retry init flow if failed (git-fixes).
+- ata: libahci: Adjust behavior when StorageD3Enable _DSD is set
+ (git-fixes).
+- ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile
+ (git-fixes).
+- drm/amd/amdgpu: fix potential memleak (git-fixes).
+- drm/amd/amdkfd: Fix kernel panic when reset failed and been
+ triggered again (git-fixes).
+- drm/sun4i: fix unmet dependency on RESET_CONTROLLER for
+ PHY_SUN6I_MIPI_DPHY (git-fixes).
+- thermal: core: Reset previous low and high trip during thermal
+ zone init (git-fixes).
+- platform/x86: thinkpad_acpi: Fix WWAN device disabled issue
+ after S3 deep (git-fixes).
+- platform/x86: thinkpad_acpi: Add support for dual fan control
+ (git-fixes).
+- platform/x86: dell-wmi-descriptor: disable by default
+ (git-fixes).
+- net: usb: r8152: Add MAC passthrough support for more Lenovo
+ Docks (git-fixes).
+- mac80211: fix throughput LED trigger (git-fixes).
+- mac80211: do not access the IV when it was stripped (git-fixes).
+- drm/connector: fix all kernel-doc warnings (git-fixes).
+- commit 9be7e24
+
+- tty: serial: fsl_lpuart: add timeout for
+ wait_event_interruptible in .shutdown() (jsc#SLE-19033).
+- crypto: caam - save caam memory to support crypto engine retry
+ mechanism (jsc#SLE-19033).
+- crypto: caam - replace this_cpu_ptr with raw_cpu_ptr
+ (jsc#SLE-19033).
+- tty: serial: imx: disable UCR4_OREN in .stop_rx() instead of
+ .shutdown() (jsc#SLE-19033).
+- tty: serial: imx: clear the RTSD status before enable the RTSD
+ irq (jsc#SLE-19033).
+- memory: fsl_ifc: populate child devices without relying on
+ simple-bus (jsc#SLE-19033).
+- soc: fsl: dpio: fix qbman alignment error in the virtualization
+ context (jsc#SLE-19033).
+- net: stmmac: Disable Tx queues when reconfiguring the interface
+ (jsc#SLE-19033).
+- dmaengine: fsl-edma: support edma memcpy (jsc#SLE-19033).
+- vfio/fsl-mc: Add per device reset support (jsc#SLE-19033).
+- bus/fsl-mc: Add generic implementation for open/reset/close
+ commands (jsc#SLE-19033).
+- ASoC: fsl_spdif: implement bypass mode from in to out
+ (jsc#SLE-19033).
+- ASoC: fsl_rpmsg: add soc specific data structure
+ (jsc#SLE-19033).
+- net: dpaa2: add adaptive interrupt coalescing (jsc#SLE-19033).
+- soc: fsl: dpio: add Net DIM integration (jsc#SLE-19033).
+- net: dpaa2: add support for manual setup of IRQ coalesing
+ (jsc#SLE-19033).
+- soc: fsl: dpio: add support for irq coalescing per software
+ portal (jsc#SLE-19033).
+- soc: fsl: dpio: extract the QBMAN clock frequency from the
+ attributes (jsc#SLE-19033).
+- spi: Convert NXP flexspi to json schema (jsc#SLE-19033).
+- vfio/fsl: Move to the device set infrastructure (jsc#SLE-19033).
+- tty: serial: fsl_lpuart: do software reset for imx7ulp and
+ imx8qxp (jsc#SLE-19033).
+- tty: serial: fsl_lpuart: enable two stop bits for lpuart32
+ (jsc#SLE-19033).
+- tty: serial: fsl_lpuart: check dma_tx_in_progress in tx dma
+ callback (jsc#SLE-19033).
+- net: phy: at803x: finish the phy id checking simplification
+ (jsc#SLE-19033).
+- mmc: sdhci: Correct the tuning command handle for PIO mode
+ (jsc#SLE-19033).
+- commit bad7a12
+
+- Refresh
+ patches.suse/mm-vmscan-Reduce-throttling-due-to-a-failure-to-make-progress.patch.
+ Mmotm fix for a report stating there was a NULL pointer exception for a
+ THP-intensive workload.
+- commit de8b975
+
+- Refresh patches.suse/ipmi-ssif-initialize-ssif_info-client-early.patch.
+- commit c1e3bcb
+
+- bus: fsl-mc: rescan devices if endpoint not found
+ (jsc#SLE-19033).
+- bus: fsl-mc: pause the MC firmware when unloading
+ (jsc#SLE-19033).
+- bus: fsl-mc: pause the MC firmware before IOMMU setup
+ (jsc#SLE-19033).
+- bus: fsl-mc: add .shutdown() op for the bus driver
+ (jsc#SLE-19033).
+- bus: fsl-mc: fully resume the firmware (jsc#SLE-19033).
+- bus: fsl-mc: handle DMA config deferral in ACPI case
+ (jsc#SLE-19033).
+- bus: fsl-mc: extend fsl_mc_get_endpoint() to pass interface ID
+ (jsc#SLE-19033).
+- commit 5b2ac90
+
+- Revert "drm/i915: Implement Wa_1508744258" (git-fixes).
+- commit 78bf6ea
+
+- blacklist.conf: 1cbf731ef3a1 drm/i915: Fix missing docbook chapters for i915 uapi.
+- commit 6777126
+
+- xen: remove stray preempt_disable() from PV AP startup code
+ (bsc#1193524).
+- commit 39c2dee
+
+- xen/pvh: add missing prototype to header (git-fixes).
+- commit e49e355
+
+- x86/pvh: add prototype for xen_pvh_init() (git-fixes).
+- commit 4f8d143
+
+- ipmi: ssif: initialize ssif_info->client early (bsc#1193490).
+- commit e8af4dd
+
+- Delete
+ patches.suse/sched-fair-Adjust-the-allowed-NUMA-imbalance-when-SD_NUMA-spans-multiple-LLCs.patch.
+- Delete
+ patches.suse/sched-fair-Use-weight-of-SD_NUMA-domain-in-find_busiest_group.patch.
+ New revision pending upstream.
+- commit dd182d0
+
+- nvme-multipath: Skip not ready namespaces when revalidating paths (bsc#1191793 bsc#1192507 bsc#1192969).
+- commit 10dc5b5
+
+- blacklist.conf: went in through stable
+- commit c751562
+
+- drm/connector: Give connector sysfs devices there own
+ device_type (jsc#SLE-19356).
+- commit 5b7ab45
+
+- drm/connector: Add a fwnode pointer to drm_connector and
+ register with ACPI (v2) (jsc#SLE-19356).
+- commit f0b908e
+
+- drm/connector: Add support for out-of-band hotplug notification
+ (v3) (jsc#SLE19356).
+- commit 6fa8d3d
+
+- drm/connector: Add drm_connector_find_by_fwnode() function (v3)
+ (jsc#SLE-19356).
+- commit f8f4127
+
+- usb: typec: ucsi: Don't stop alt mode registration on busy
+ condition (jsc#SLE-19356).
+- commit d1dd3c7
+
+- usb: typec: ucsi: Always cancel the command if PPM reports
+ BUSY condition (jsc#SLE-19356).
+- commit 7d740d2
+
+- usb: typec: altmodes/displayport: Notify drm subsys of hotplug
+ events (git-fixes).
+- commit 5f1a962
+
+- Remove patches.suse/nvme-add-sibling-to-list-after-full-initialization.patch
+ As it turns out this fix is not correct.
+- commit bb77a4c
+
+- lpfc: Reintroduce old IRQ probe logic (bsc#1183897).
+- commit 00a7ff5
+
+- Update
+ patches.suse/powerpc-security-Use-a-mutex-for-interrupt-exit-code.patch
+ (stable-5.14.19 bsc#1193470 ltc#195599).
+- commit a8808ca
+
+- Refresh
+ patches.suse/0004-MODSIGN-checking-the-blacklisted-hash-before-loading.patch.
+- commit 4f48964
+
+- net/mlx4_en: Fix an use-after-free bug in
+ mlx4_en_try_alloc_resources() (jsc#SLE-19256).
+- net: qlogic: qlcnic: Fix a NULL pointer dereference in
+ qlcnic_83xx_add_rings() (git-fixes).
+- net/mlx5e: SHAMPO, Fix constant expression result
+ (jsc#SLE-19253).
+- net/mlx5: Fix access to a non-supported register
+ (jsc#SLE-19253).
+- net/mlx5: Fix too early queueing of log timestamp work
+ (jsc#SLE-19253).
+- net/mlx5: Fix use after free in mlx5_health_wait_pci_up
+ (jsc#SLE-19253).
+- net/mlx5: E-Switch, Use indirect table only if all destinations
+ support it (jsc#SLE-19253).
+- net/mlx5: E-Switch, Check group pointer before reading bw_share
+ value (jsc#SLE-19253).
+- net/mlx5: E-Switch, fix single FDB creation on BlueField
+ (jsc#SLE-19253).
+- net/mlx5: E-switch, Respect BW share of the new group
+ (jsc#SLE-19253).
+- net/mlx5: Lag, Fix recreation of VF LAG (jsc#SLE-19253).
+- net/mlx5: Move MODIFY_RQT command to ignore list in internal
+ error state (jsc#SLE-19253).
+- net/mlx5e: Sync TIR params updates against concurrent
+ create/modify (jsc#SLE-19253).
+- net/mlx5e: Fix missing IPsec statistics on uplink representor
+ (jsc#SLE-19253).
+- net/mlx5e: IPsec: Fix Software parser inner l3 type setting
+ in case of encapsulation (jsc#SLE-19253).
+- ice: xsk: clear status_error0 for each allocated desc
+ (jsc#SLE-18375).
+- net/mlx4_en: Update reported link modes for 1/10G
+ (jsc#SLE-19256).
+- net: qed: fix the array may be out of bound (jsc#SLE-19001).
+- igb: fix netpoll exit with traffic (jsc#SLE-18379).
+- net: chelsio: cxgb4vf: Fix an error code in cxgb4vf_pci_probe()
+ (jsc#SLE-18992).
+- ice: avoid bpf_prog refcount underflow (jsc#SLE-18375).
+- ice: fix vsi->txq_map sizing (jsc#SLE-18375).
+- iavf: Fix VLAN feature flags after VFR (jsc#SLE-18385).
+- iavf: Fix refreshing iavf adapter stats on ethtool request
+ (jsc#SLE-18385).
+- iavf: Fix deadlock occurrence during resetting VF interface
+ (jsc#SLE-18385).
+- iavf: Prevent changing static ITR values if adaptive moderation
+ is on (jsc#SLE-18385).
+- igb: unbreak I2C bit-banging on i350 (jsc#SLE-18379).
+- commit 24091ea
+
+- Delete patches.suse/0003-MODSIGN-load-blacklist-from-MOKx.patch.
+ The ebd9c2ae369a45 patch introduced mokx support since v5.13 on
+ upstream. Let's remove this downstream patch. (fate#316531, bnc#854875)
+- commit cd4e1c6
+
+- Delete
+ patches.suse/0001-efi-add-a-function-to-convert-the-status-code-to-a-s.patch.
+ Delete
+ patches.suse/0002-efi-show-error-messages-only-when-loading-certificat.patch
+ Because upstream patch ebd9c2ae369a "efi: Only print errors about failing to
+ get certs if EFI vars are found" already introduced new behavior of log. So
+ those two SUSE downstream patches can be removed. (fate#316531, bnc#854875)
+- commit f98e665
+
+- Refresh
+ patches.suse/0001-MODSIGN-do-not-load-mok-when-secure-boot-disabled.patch.
+- Refresh patches.suse/0001-MODSIGN-do-not-load-mok-when-secure-boot-disabled.patch
+ merge with patches.suse/0001-integrity-use-arch_ima_get_secureboot-instead-of-che.patch.
+ (bsc#1188366)
+- Delete
+ patches.suse/0001-integrity-use-arch_ima_get_secureboot-instead-of-che.patch.
+- commit f00ef99
+
+- blacklist.conf: Add git-fixes patches checked into perf userspace
+- commit 032d842
+
+- perf: Ignore sigtrap for tracepoints destined for other tasks
+ (git-fixes).
+- perf/x86/intel/uncore: Fix IIO event constraints for Snowridge
+ (git-fixes).
+- perf/x86/intel/uncore: Fix IIO event constraints for Skylake
+ Server (git-fixes).
+- perf/x86/intel/uncore: Fix filter_tid mask for CHA events on
+ Skylake Server (git-fixes).
+- perf/x86/vlbr: Add c->flags to vlbr event constraints
+ (git-fixes).
+- perf/x86/intel/uncore: Fix Intel SPR M3UPI event constraints
+ (git-fixes).
+- perf/x86/intel/uncore: Fix Intel SPR M2PCIE event constraints
+ (git-fixes).
+- perf/x86/intel/uncore: Fix Intel SPR IIO event constraints
+ (git-fixes).
+- perf/x86/intel/uncore: Fix Intel SPR CHA event constraints
+ (git-fixes).
+- commit 1cfbe90
+
+- x86/xen: Add xenpv_restore_regs_and_return_to_usermode()
+ (bsc#1190497).
+- commit 00aee08
+
+- tracing/histograms: String compares should not care about
+ signed values (git-fixes).
+- commit fa5ea58
+
+- tracing: Fix pid filtering when triggers are attached
+ (git-fixes).
+- commit 3c359a7
+
+- blacklist.conf: 27ff768fa21c ("tracing: Test the 'Do not trace this pid' case in create event")
+ Not needed. The backported "broken" commit is already fixed.
+- commit 2c0434d
+
+- tracing: Check pid filtering when creating events (git-fixes).
+- commit 90d7fd0
+
+- arm64: cpufeature: Export this_cpu_has_cap helper
+ (jsc#SLE-19046).
+- commit fd033df
+
+- coresight: Use devm_bitmap_zalloc when applicable (jsc#SLE-19046).
+- arm64: errata: Enable TRBE workaround for write to out-of-range address (jsc#SLE-19046).
+- arm64: errata: Enable workaround for TRBE overwrite in FILL mode (jsc#SLE-19046).
+- coresight: trbe: Work around write to out of range (jsc#SLE-19046).
+- coresight: trbe: Make sure we have enough space (jsc#SLE-19046).
+- coresight: trbe: Add a helper to determine the minimum buffer size (jsc#SLE-19046).
+- coresight: trbe: Workaround TRBE errata overwrite in FILL mode (jsc#SLE-19046).
+- coresight: trbe: Add infrastructure for Errata handling (jsc#SLE-19046).
+- coresight: trbe: Allow driver to choose a different alignment (jsc#SLE-19046).
+- coresight: trbe: Decouple buffer base from the hardware base (jsc#SLE-19046).
+- coresight: trbe: Add a helper to pad a given buffer area (jsc#SLE-19046).
+- coresight: trbe: Add a helper to calculate the trace generated (jsc#SLE-19046).
+- coresight: trbe: Prohibit trace before disabling TRBE (jsc#SLE-19046).
+- coresight: trbe: End the AUX handle on truncation (jsc#SLE-19046).
+- coresight: trbe: Do not truncate buffer on IRQ (jsc#SLE-19046).
+- coresight: trbe: Fix handling of spurious interrupts (jsc#SLE-19046).
+- coresight: trbe: irq handler: Do not disable TRBE if no action is needed (jsc#SLE-19046).
+- coresight: trbe: Unify the enabling sequence (jsc#SLE-19046).
+- coresight: trbe: Drop duplicate TRUNCATE flags (jsc#SLE-19046).
+- coresight: trbe: Ensure the format flag is always set (jsc#SLE-19046).
+- coresight: etm-pmu: Ensure the AUX handle is valid (jsc#SLE-19046).
+- coresight: etm4x: Use Trace Filtering controls dynamically (jsc#SLE-19046).
+- coresight: etm4x: Save restore TRFCR_EL1 (jsc#SLE-19046).
+- coresight: Don't immediately close events that are run on invalid CPU/sink combos (jsc#SLE-19046).
+- coresight: tmc-etr: Speed up for bounce buffer in flat mode (jsc#SLE-19046).
+- coresight: Update comments for removing cs_etm_find_snapshot() (jsc#SLE-19046).
+- coresight: tmc-etr: Use perf_output_handle::head for AUX ring buffer (jsc#SLE-19046).
+- coresight: tmc-etf: Add comment for store ordering (jsc#SLE-19046).
+- coresight: tmc-etr: Add barrier after updating AUX ring buffer (jsc#SLE-19046).
+- coresight: tmc: Configure AXI write burst size (jsc#SLE-19046).
+- arm64: errata: Add detection for TRBE write to out-of-range (jsc#SLE-19046).
+- arm64: errata: Add workaround for TSB flush failures (jsc#SLE-19046).
+- arm64: errata: Add detection for TRBE overwrite in FILL mode (jsc#SLE-19046).
+- arm64: Add Neoverse-N2, Cortex-A710 CPU part definition (jsc#SLE-19046).
+- commit d3c2191
+
+- Update
+ patches.suse/RDMA-cma-Do-not-change-route.addr.src_addr.ss_family.patch
+ (stable-5.14.10 bsc#1192845 CVE-2021-43975).
+ Added CVE reference
+- commit 8142e42
+
+- atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
+ (bsc#1192845 CVE-2021-43975).
+- commit 283c0a0
+
+- perf: qcom_l2_pmu: ACPI: Use ACPI_COMPANION() directly
+ (git-fixes).
+- drivers/perf: thunderx2_pmu: Change data in size
+ tx2_uncore_event_update() (git-fixes).
+- drivers/perf: hisi: Fix PA PMU counter offset (git-fixes).
+- KVM: arm64: Fix PMU probe ordering (git-fixes).
+- KVM: arm64: perf: Replace '0xf' instances with
+ ID_AA64DFR0_PMUVER_IMP_DEF (git-fixes).
+- commit 91fb475
+
+- usb: typec: altmodes/displayport: Make dp_altmode_notify()
+ more generic (git-fixes).
+- commit 5136280
+
+- x86/entry: Use the correct fence macro after swapgs in kernel
+ CR3 (bsc#1190497).
+- commit e1ed0c4
+
+- Refresh
+ patches.suse/s390-lock-down-kernel-in-secure-boot-mode.patch.
+- commit 2d12b8e
+
+- x86/entry: Add a fence for kernel entry SWAPGS in
+ paranoid_entry() (bsc#1190497).
+- commit 69d2c59
+
+- unmark patches.suse/arm64-lock-down-kernel-in-secure-boot-mode.patch
+- commit 36647a7
+
+- Refresh
+ patches.suse/powerpc-lock-down-kernel-in-secure-boot-mode.patch.
+- commit e4b09e3
+
+- unmark
+ patches.suse/0004-efi-Lock-down-the-kernel-at-the-integrity-level-if-b.patch
+- commit 0cf1770
+
+- Refresh
+ patches.suse/0003-efi-Lock-down-the-kernel-if-booted-in-secure-boot-mode.patch.
+- Update config files. x86_64, arm64, ppc64le, s390x
+ - Add CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT=y
+- commit 6189d45
+
+- Refresh
+ patches.suse/0002-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-boot-mode.patch.
+- commit f2a5454
+
+- Refresh
+ patches.suse/0001-security-lockdown-expose-a-hook-to-lock-the-kernel-down.patch.
+- commit f2c3a99
+
+- usb: cdnsp: Fix a NULL pointer dereference in
+ cdnsp_endpoint_init() (git-fixes).
+- usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect
+ (git-fixes).
+- serial: 8250_bcm7271: UART errors after resuming from S2
+ (git-fixes).
+- serial: 8250_pci: rewrite pericom_do_set_divisor() (git-fixes).
+- serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
+ (git-fixes).
+- serial: 8250: Fix RTS modem control while in rs485 mode
+ (git-fixes).
+- serial: tegra: Change lower tolerance baud rate limit for
+ tegra20 and tegra30 (git-fixes).
+- serial: liteuart: fix minor-number leak on probe errors
+ (git-fixes).
+- serial: liteuart: fix use-after-free and memleak on unbind
+ (git-fixes).
+- serial: liteuart: Fix NULL pointer dereference in ->remove()
+ (git-fixes).
+- vgacon: Propagate console boot parameters before calling
+ `vc_resize' (git-fixes).
+- tty: serial: msm_serial: Deactivate RX DMA for polling support
+ (git-fixes).
+- serial: core: fix transmit-buffer reset and memleak (git-fixes).
+- commit 3fabb98
+
+- Move upstreamed USB fix into sorted section
+- commit e02363b
+
+- ALSA: hda/cs8409: Set PMSG_ON earlier inside cs8409 driver
+ (git-fixes).
+- commit e3352ca
+
+- ipmi: msghandler: Make symbol 'remove_work_wq' static
+ (git-fixes).
+- commit 992fab0
+
+- drm/vc4: kms: Fix previous HVS commit wait (git-fixes).
+- drm/vc4: kms: Don't duplicate pending commit (git-fixes).
+- drm/vc4: kms: Clear the HVS FIFO commit pointer once done
+ (git-fixes).
+- drm/vc4: kms: Add missing drm_crtc_commit_put (git-fixes).
+- drm/vc4: kms: Fix return code check (git-fixes).
+- drm/vc4: kms: Wait for the commit before increasing our clock
+ rate (git-fixes).
+- drm/msm: Do hw_init() before capturing GPU state (git-fixes).
+- drm/msm/a6xx: Allocate enough space for GMU registers
+ (git-fixes).
+- rt2x00: do not mark device gone on EPROTO errors during start
+ (git-fixes).
+- mt76: mt7915: fix NULL pointer dereference in
+ mt7915_get_phy_mode (git-fixes).
+- iwlwifi: Fix memory leaks in error handling path (git-fixes).
+- iwlwifi: fix warnings produced by kernel debug options
+ (git-fixes).
+- net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of
+ "0" if no IRQ is available (git-fixes).
+- ipmi: Move remove_work to dedicated workqueue (git-fixes).
+- commit 7d5a7f0
+
+- i2c: stm32f7: stop dma transfer in case of NACK (git-fixes).
+- i2c: stm32f7: recover the bus on access timeout (git-fixes).
+- i2c: stm32f7: flush TX FIFO upon transfer errors (git-fixes).
+- i2c: cbus-gpio: set atomic transfer callback (git-fixes).
+- dma-buf: system_heap: Use 'for_each_sgtable_sg' in pages free
+ flow (git-fixes).
+- atlantic: Remove warn trace message (git-fixes).
+- atlantic: Fix statistics logic for production hardware
+ (git-fixes).
+- atlantic: Add missing DIDs and fix 115c (git-fixes).
+- atlantic: Fix to display FW bundle version instead of FW mac
+ version (git-fixes).
+- atlatnic: enable Nbase-t speeds with base-t (git-fixes).
+- atlantic: Increase delay for fw transactions (git-fixes).
+- ASoC: rk817: Add module alias for rk817-codec (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in Mixer (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in ADX (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in AMX (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in SFC (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in MVC (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in AHUB (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in DSPK (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in DMIC (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in I2S (git-fixes).
+- ASoC: tegra: Fix kcontrol put callback in ADMAIF (git-fixes).
+- ASoC: tegra: Fix wrong value type in MVC (git-fixes).
+- ASoC: tegra: Fix wrong value type in SFC (git-fixes).
+- ASoC: tegra: Fix wrong value type in DSPK (git-fixes).
+- ASoC: tegra: Fix wrong value type in DMIC (git-fixes).
+- ASoC: tegra: Fix wrong value type in I2S (git-fixes).
+- ASoC: tegra: Fix wrong value type in ADMAIF (git-fixes).
+- ALSA: intel-dsp-config: add quirk for CML devices based on
+ ES8336 codec (git-fixes).
+- commit d6b0e1d
+
+- scsi: core: sysfs: Fix setting device state to SDEV_RUNNING
+ (git-fixes).
+- commit 713d069
+
+- xhci: Fix commad ring abort, write all 64 bits to CRCR register
+ (bsc#1192569).
+- commit e4fbc61
+
+- ibmvnic: drop bad optimization in reuse_tx_pools() (bsc#1193349
+ ltc#195568).
+- ibmvnic: drop bad optimization in reuse_rx_pools() (bsc#1193349
+ ltc#195568).
+- commit 667806f
+
+- Bluetooth: Apply initial command workaround for more Intel chips
+ (bsc#83f2dafe2a62).
+- commit e1329be
+
+- drm/i915/hdmi: Turn DP++ TMDS output buffers back on in
+ encoder->shutdown() (git-fixes).
+- commit 905574f
+
+- Refresh
+ patches.suse/drm-i915-Extend-the-async-flip-VT-d-w-a-to-skl-bxt.patch.
+ Alt-commit
+- commit afad9d5
+
+- Refresh
+ patches.suse/drm-i915-gvt-fix-the-usage-of-ww-lock-in-gvt-schedul.patch.
+ Alt-commit
+- commit 0475b7e
+
+- Refresh
+ patches.suse/drm-amdgpu-Fix-even-more-out-of-bound-writes-from-de.patch.
+ Alt-commit. Also updated the patch-mainline tag.
+- commit ce4a8c2
+
+- Refresh
+ patches.suse/drm-amd-display-Fix-deadlock-when-falling-back-to-v2.patch.
+ Alt-commit
+- commit fadf24f
+
+- drm/amdgpu/display: add quirk handling for stutter mode
+ (git-fixes).
+- commit 9ae484d
+
+- fuse: release pipe buf after last use (bsc#1193318).
+- commit fad20a3
+
+- drm/msm/dsi: fix wrong type in msm_dsi_host (git-fixes).
+- commit 9d4cd6e
+
+- drm/msm/dsi: do not enable irq handler before powering up the
+ host (git-fixes).
+- commit 21c53a3
+
+- mm: vmscan: Reduce throttling due to a failure to make progress
+ (bsc#1190208 (MM functional and performance backports)).
+- commit c9d43e5
+
+- sched,x86: Fix L2 cache mask (bsc#1193302).
+- commit 512a2f3
+
+- sched/fair: Adjust the allowed NUMA imbalance when SD_NUMA
+ spans multiple LLCs (bsc#1192120).
+- sched/fair: Use weight of SD_NUMA domain in find_busiest_group
+ (bsc#1192120).
+- commit 67de029
+
+- Delete
+ patches.suse/sched-fair-Adjust-the-allowed-NUMA-imbalance-when-SD_NUMA-spans-multiple-LLCS.patch.
+- commit 79c1d08
+
+- drm/msm/dsi: rename dual DSI to bonded DSI (git-fixes).
+- commit 383555c
+
+- drm/amd/pm: Fix incorrect power limit readback in smu11 if
+ POWER_SOURCE_DC (git-fixes).
+- commit c04f48c
+
+- drm/i915: Replace the unconditional clflush with
+ drm_clflush_virt_range() (git-fixes).
+- commit bf0c1da
+
+- Refresh
+ patches.suse/drm-i915-Remove-memory-frequency-calculation.patch.
+ Alt-commit
+- commit 2650497
+
+- Refresh
+ patches.suse/0001-drm-i915-guc-drop-guc_communication_enabled.patch.
+ Alt-commit
+- commit 01f68ee
+
+- blacklist.conf: faf890985e30 drm/i915: Fix syncmap memory leak
+- commit 62955ef
+
+- Refresh
+ patches.suse/drm-amdgpu-handle-the-case-of-pci_channel_io_frozen-.patch.
+ Alt-commit
+- commit 3b7e322
+
+- staging: rtl8723bs: remove a second possible deadlock
+ (git-fixes).
+- commit e15a622
+
+- USB: serial: option: add Fibocom FM101-GL variants (git-fixes).
+- USB: serial: option: add Telit LE910S1 0x9200 composition
+ (git-fixes).
+- mmc: sdhci: Fix ADMA for PAGE_SIZE >= 64KiB (git-fixes).
+- drm/nouveau: recognise GA106 (git-fixes).
+- drm/amdgpu: IH process reset count when restart (git-fixes).
+- PCI: aardvark: Simplify initialization of rootcap on virtual
+ bridge (git-fixes).
+- PCI: aardvark: Implement re-issuing config requests on CRS
+ response (git-fixes).
+- staging: rtl8723bs: remove a third possible deadlock
+ (git-fixes).
+- staging: rtl8723bs: remove possible deadlock when disconnect
+ (v2) (git-fixes).
+- commit cbbc2ed
+
+- rpm/kernel-binary.spec.in: don't strip vmlinux again (bsc#1193306)
+ After usrmerge, vmlinux file is not named vmlinux-<version>, but simply
+ vmlinux. And this is not reflected in STRIP_KEEP_SYMTAB we set.
+ So fix this by removing the dash...
+- commit 83af88d
+
+- Refresh
+ patches.suse/drm-amdkfd-fix-a-potential-ttm-sg-memory-leak.patch.
+ Alt-commit
+- commit 18c0378
+
+- Refresh
+ patches.suse/drm-amdkfd-fix-dma-mapping-leaking-warning.patch.
+ Alt-commit
+- commit d513741
+
+- Refresh
+ patches.suse/0001-drm-amd-display-Fix-white-screen-page-fault-for-gpuv.patch.
+ Alt-commit
+- commit d8362fa
+
+- Refresh
+ patches.suse/0001-drm-amdgpu-fix-use-after-free-during-BO-move.patch.
+ Alt-commit
+- commit 6231070
+
+- Refresh
+ patches.suse/drm-i915-tc-Fix-TypeC-port-init-resume-time-sanitiza.patch.
+ Alt-commit
+- commit 75478ec
+
+- Refresh
+ patches.suse/0425-drm-i915-Update-memory-bandwidth-parameters.patch.
+ Alt-commit
+- commit 20108dd
+
+- blacklist.conf: b6dfa4161729 drm/i915/dp: Drop redundant debug print
+- commit c59ba00
+
+- Refresh
+ patches.suse/0001-drm-i915-dp-return-proper-DPRX-link-training-result.patch.
+ Alt-commit
+- commit 70fb6b8
+
+- blacklist.conf: d8959fb33890 drm/i915/dp: remove superfluous EXPORT_SYMBOL()
+- commit 83d3fca
+
+- blacklist.conf: f6864b27d6d3 drm/i915/edp: fix eDP MSO pipe sanity checks for ADL-P
+- commit fc8a263
+
+- blacklist.conf: 8b46cc6577f4 drm/i915: Tweaked Wa_14010685332 for all PCHs
+- commit 8d282e0
+
+- blacklist.conf: c5589bb5dccb drm/i915: Only access SFC_DONE when media domain is not fused off
+- commit e46b9ce
+
+- blacklist.conf: 70418a68713c drm/i915/display: Fix the 12 BPC bits for PIPE_MISC reg
+- commit 0ee0cf4
+
+- rtw89: add AXIDMA and TX FIFO dump in mac_mem_dump
+ (bsc#1188303).
+- rtw89: fix potentially access out of range of RF register array
+ (bsc#1188303).
+- rtw89: remove unneeded variable (bsc#1188303).
+- rtw89: remove unnecessary conditional operators (bsc#1188303).
+- rtw89: update tx power limit/limit_ru tables to R54
+ (bsc#1188303).
+- rtw89: update rtw89 regulation definition to R58-R31
+ (bsc#1188303).
+- rtw89: fill regd field of limit/limit_ru tables by enum
+ (bsc#1188303).
+- commit bdba716
+
+- Update rtw89 fix with the upstream patch from wireless-drivers tree
+- commit 70a5c33
+
+- mwifiex: Fix skb_over_panic in mwifiex_usb_recv()
+ (CVE-2021-43976 bsc#1192847).
+- commit 4829170
+
+- nvme-pci: add NO APST quirk for Kioxia device (git-fixes).
+- commit 86d3c56
+
+- crypto: dh - call dh_init() after drbg_init() and jent_mod_init()
+ (jsc#SLE-21132,bsc#1191256).
+- commit 61dfd91
+
+- crypto: dh - implement FIPS PCT (jsc#SLE-21132,bsc#1191256).
+- commit 9f91254
+
+- crypto: dh - accept only approved safe-prime groups in FIPS mode
+ (jsc#SLE-21132,bsc#1191256).
+- commit 2d1a8e9
+
+- crypto: dh - try to match domain parameters to a known
+ safe-prime group (jsc#SLE-21132,bsc#1191256).
+- commit 26a335b
+
+- crypto: dh - calculate Q from P for the full public key
+ verification (jsc#SLE-21132,bsc#1191256).
+- commit b4037c4
+
+- crypto: dh - store group id in dh-generic's dh_ctx
+ (jsc#SLE-21132,bsc#1191256).
+- commit f0486a1
+
+- lib/mpi: export mpi_rshift (jsc#SLE-21132,bsc#1191256).
+- commit 4310d0e
+
+- crypto: testmgr - add DH test vectors for key generation
+ (jsc#SLE-21132,bsc#1191256).
+- commit 54bd083
+
+- crypto: dh - introduce support for ephemeral key generation
+ to qat driver (jsc#SLE-21132,bsc#1191256).
+- commit 7368cee
+
+- crypto: dh - introduce support for ephemeral key generation
+ to hpre driver (jsc#SLE-21132,bsc#1191256).
+- commit 2b8dc8a
+
+- crypto: dh - introduce support for ephemeral key generation
+ to dh-generic (jsc#SLE-21132,bsc#1191256).
+- commit 3773460
+
+- crypto: dh - implement private key generation primitive
+ (jsc#SLE-21132,bsc#1191256).
+- commit 6465374
+
+- crypto: testmgr - run only subset of DH vectors based on config
+ (jsc#SLE-21132,bsc#1191256).
+- commit ac8f2bb
+
+- crypto: testmgr - add DH RFC 3526 modp2048 test vector
+ (jsc#SLE-21132,bsc#1191256).
+- commit d59cad5
+
+- crypto: dh - introduce RFC 3526 safe-prime groups
+ (jsc#SLE-21132,bsc#1191256).
+- Update config files.
+- commit 7ce8fbd
+
+- crypto: testmgr - add DH RFC 7919 ffdhe3072 test vector
+ (jsc#SLE-21132,bsc#1191256).
+- commit 66277b9
+
+- crypto: dh - introduce RFC 7919 safe-prime groups
+ (jsc#SLE-21132,bsc#1191256).
+- Update config files.
+- commit ffde948
+
+- hwmon: (dell-smm-hwmon) Fix fan mutliplier detection for 3rd
+ fan (git-fixes).
+- commit fc58f7c
+
+- hwmon: (dell-smm-hwmon) Convert to
+ devm_hwmon_device_register_with_info() (git-fixes).
+- commit 8eb28b7
+
+- crypto: dh - optimize domain parameter serialization for
+ well-known groups (jsc#SLE-21132,bsc#1191256).
+- commit 0e9a462
+
+- crypto: dh - constify struct dh's pointer members
+ (jsc#SLE-21132,bsc#1191256).
+- commit cd58585
+
+- crypto: dh - remove struct dh's ->q member
+ (jsc#SLE-21132,bsc#1191256).
+- commit ca28b3e
+
+- hwmon: (dell-smm-hwmon) Move variables into a driver private
+ data structure (git-fixes).
+- commit a97cfe2
+
+- hwmon: (dell-smm-hwmon) Use devm_add_action_or_reset()
+ (git-fixes).
+- commit 12a377a
+
+- hwmon: (dell-smm-hwmon) Mark functions as __init (git-fixes).
+- commit a95801d
+
+- ptp: ocp: add COMMON_CLK dependency (git-fixes).
+- commit c11a32b
+
+- hwmon: (dell-smm-hwmon) Use platform device (git-fixes).
+- commit f051ae7
+
+- mm: Add kvrealloc() (git-fixes).
+- commit ef97709
+
+- crypto: jitter - quit sample collection loop upon RCT failure
+ (jsc#SLE-21132,bsc#1191259).
+- commit 990cfda
+
+- crypto: jitter - don't limit ->health_failure check to FIPS mode
+ (jsc#SLE-21132,bsc#1191259).
+- commit 583d284
+
+- crypto: drbg - ignore jitterentropy errors if not in FIPS mode
+ (jsc#SLE-21132,bsc#1191259).
+- commit a216735
+
+- mt76: drop MCU header size from buffer size in
+ __mt76_mcu_send_firmware (git-fixes).
+- commit 3d10da9
+
+- mt76: introduce __mt76_mcu_send_firmware routine (git-fixes).
+- commit a54556a
+
+- x86/hyperv: Move required MSRs check to initial platform probing
+ (git-fixes).
+- x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V
+ setup fails (git-fixes).
+- Drivers: hv: balloon: Use VMBUS_RING_SIZE() wrapper for
+ dm_ring_size (git-fixes).
+- net: mana: Fix spelling mistake "calledd" -> "called"
+ (jsc#SLE-18779, bsc#1185726).
+- PCI: hv: Remove unnecessary use of %hx (git-fixes).
+- Drivers: hv : vmbus: Adding NULL pointer check (git-fixes).
+- x86/hyperv: Remove duplicate include (git-fixes).
+- x86/hyperv: Remove duplicated include in hv_init (git-fixes).
+- Drivers: hv: vmbus: Remove unused code to check for subchannels
+ (git-fixes).
+- net: mana: Support hibernation and kexec (jsc#SLE-18779,
+ bsc#1185726).
+- net: mana: Improve the HWC error handling (jsc#SLE-18779,
+ bsc#1185726).
+- net: mana: Report OS info to the PF driver (jsc#SLE-18779,
+ bsc#1185726).
+- net: mana: Fix the netdev_err()'s vPort argument in
+ mana_init_port() (jsc#SLE-18779, bsc#1185726).
+- net: mana: Allow setting the number of queues while the NIC
+ is down (jsc#SLE-18779, bsc#1185726).
+- hv_netvsc: Add comment of netvsc_xdp_xmit() (git-fixes).
+- hv_netvsc: use netif_is_bond_master() instead of open code
+ (git-fixes).
+- net: mana: Use kcalloc() instead of kzalloc() (jsc#SLE-18779,
+ bsc#1185726).
+- net: use eth_hw_addr_set() (jsc#SLE-19256).
+- commit 64933c8
+
+- Revert "drm/i915: Fix missing docbook chapters for i915 uapi"
+ This reverts commit d33eb4b2a0b7422c9dc94bcd23d0d9ef458f2f77.
+- commit 6e0d735
+
+- bpf: Stop caching subprog index in the bpf_pseudo_func insn
+ (git-fixes).
+- commit 76c87a6
+
+- usb: ohci: disable start-of-frame interrupt in ohci_rh_suspend
+ (git-fixes).
+- commit 474865f
+
+- Refresh
+ patches.suse/0410-drm-i915-adl_p-Also-disable-underrun-recovery-with-M.patch.
+ Add alt-commit tag for duplicate
+- commit b076848
+
+- drm/i915/guc: Reset LRC descriptor if register returns -ENODEV
+ (git-fixes).
+- commit 65e549a
+
+- drm/i915/guc: Take context ref when cancelling request
+ (git-fixes).
+- commit 506a6d9
+
+- drm/i915/guc: Copy whole golden context, set engine state size
+ of subset (git-fixes).
+- commit b1fdf4a
+
+- drm/i915/guc: Don't enable scheduling on a banned context,
+ guc_id invalid, not registered (git-fixes).
+- commit c06d135
+
+- drm/i915/guc: Kick tasklet after queuing a request (git-fixes).
+- commit 35e2726
+
+- drm/i915/guc: Workaround reset G2H is received after schedule
+ done G2H (git-fixes).
+- commit e25f4c3
+
+- drm/i915/guc: Don't drop ce->guc_active.lock when unwinding
+ context (git-fixes).
+- commit 380814a
+
+- drm/i915/guc: Unwind context requests in reverse order
+ (git-fixes).
+- commit b4b0087
+
+- drm/i915/guc: Fix outstanding G2H accounting (git-fixes).
+- commit bd00cfe
+
+- drm/i915/guc: Fix blocked context accounting (git-fixes).
+- commit 5787530
+
+- drm/i915: Fix missing docbook chapters for i915 uapi
+ (git-fixes).
+- commit d33eb4b
+
+- config: set the default cpufreq governor on x86 to "ondemand" (bsc#1190923)
+ "Ondemand" has been the default cpufreq governor in previous SLES
+ releases. Upstream has now set the default to be "schedutil" on all x86_64
+ systems except for the most recent Intel CPUs (see a00ec3874e7d3 ("cpufreq:
+ intel_pstate: Select schedutil as the default governor")). We estimate this
+ choice carries a notable performance regression.
+ The direct effect of this patch is to restore "ondemand" as default
+ governor on AMD systems.
+ Setting CPU_FREQ_DEFAULT_GOV_CONSERVATIVE=n explicitely is necessary otherwise
+ "make syncconfig" thinks that option is new and stops the build, if no silent
+ config updates are permitted.
+- commit 5f12495
+
+- Revert "cpufreq: Avoid configuring old governors as default
+ with intel_pstate" (bsc#1190923).
+- commit a145265
+
+- net: hns3: fix incorrect components info of ethtool --reset
+ command (bsc#1190336).
+- net: hns3: fix one incorrect value of page pool info when
+ queried by debugfs (bsc#1190336).
+- net: hns3: add check NULL address for page pool (bsc#1190336).
+- net: hns3: fix VF RSS failed problem after PF enable multi-TCs
+ (bsc#1190336).
+- ethtool: ioctl: fix potential NULL deref in
+ ethtool_set_coalesce() (jsc#SLE-19253).
+- nixge: fix mac address error handling again (jsc#SLE-19253).
+- ptp: ocp: Fix a couple NULL vs IS_ERR() checks (jsc#SLE-19253).
+- RDMA/core: Set sgtable nents when using ib_dma_virt_map_sg()
+ (jsc#SLE-19249).
+- ethernet: fix up ps3_gelic_net.c for "ethernet: use
+ eth_hw_addr_set()" (jsc#SLE-19256).
+- ethernet: ehea: add missing cast (jsc#SLE-19256).
+- dma-mapping: fix the kerneldoc for dma_map_sgtable()
+ (jsc#SLE-19249).
+- dma-mapping: fix the kerneldoc for dma_map_sg_attrs
+ (jsc#SLE-19249).
+- ptp: ocp: Have Kconfig select NET_DEVLINK (jsc#SLE-19253).
+- commit 5d25d7c
+
+- iommu/vt-d: Fix unmap_pages support (git-fixes).
+- commit 7a9b51b
+
+- rpm/modules.fips: remove des3 and des (jsc#SLE-21132,bsc#1191261).
+ DES3 has been marked as not approved for FIPS now, remove it
+ from modules.fips.
+- commit e1ec547
+
+- iommu/rockchip: Fix PAGE_DESC_HI_MASKs for RK3568 (git-fixes).
+- iommu/dma: Account for min_align_mask w/swiotlb (git-fixes).
+- swiotlb: Support aligned swiotlb buffers (git-fixes).
+- iommu/dma: Check CONFIG_SWIOTLB more broadly (git-fixes).
+- iommu/dma: Fold _swiotlb helpers into callers (git-fixes).
+- iommu/dma: Skip extra sync during unmap w/swiotlb (git-fixes).
+- iommu/dma: Fix sync_sg with swiotlb (git-fixes).
+- iommu/vt-d: Drop "0x" prefix from PCI bus & device addresses
+ (git-fixes).
+- iommu/amd: Remove iommu_init_ga() (git-fixes).
+- commit 27f96b2
+
+- crypto: ecdh - implement FIPS PCT (jsc#SLE-21132,bsc#1191256).
+- commit 4be783b
+
+- crypto: populate downstream list of drivers unapproved for
+ FIPS mode usage (jsc#SLE-21132,bsc#1191270).
+- commit cf79007
+
+- crypto: implement downstream solution for disabling drivers
+ in FIPS mode (jsc#SLE-21132,bsc#1191270).
+- commit 267194d
+
+- hugetlbfs: flush TLBs correctly after huge_pmd_unshare
+ (bsc#1192946 CVE-2021-4002).
+- commit 9a6f8ea
+
+- locking/rwsem: Optimize down_read_trylock() under highly
+ contended case (bsc#1190137).
+- locking/rwsem: Make handoff bit handling more consistent
+ (bsc#1190137).
+- shm: extend forced shm destroy to support objects from several
+ IPC nses (git-fixes).
+- net: stats: Read the statistics in ___gnet_stats_copy_basic()
+ instead of adding (bsc#1189998).
+- lib/logic_iomem: fix sparse warnings (git-fixes).
+- net/sched: cls_api, reset flags on replay (bsc#1189998).
+- commit 2753e49
+
+- Move upstreamed xhci patch into sorted section
+- commit e524866
+
+- crypto: dh - limit key size to 2048 in FIPS mode
+ (jsc#SLE-21132,bsc#1193136).
+- commit 5ff1146
+
+- crypto: rsa - limit key size to 2048 in FIPS mode
+ (jsc#SLE-21132,bsc#1193136).
+- commit e13c64c
+
+- crypto: des - disallow des3 in FIPS mode
+ (jsc#SLE-21132,bsc#1191261).
+- commit 5cba32d
+
+- crypto: jitter - consider 32 LSB for APT
+ (jsc#SLE-21132,bsc#1191259).
+- commit e52f765
+
+- crypto: drbg - reseed 'nopr' drbgs periodically from
+ get_random_bytes() (jsc#SLE-21132,bsc#1191259).
+- commit 9772beb
+
+- crypto: drbg - make drbg_prepare_hrng() handle jent
+ instantiation errors (jsc#SLE-21132,bsc#1191259).
+- commit 5d82af9
+
+- crypto: drbg - make reseeding from get_random_bytes()
+ synchronous (jsc#SLE-21132,bsc#1191259).
+- commit c503088
+
+- crypto: drbg - move dynamic ->reseed_threshold adjustments to
+ __drbg_seed() (jsc#SLE-21132,bsc#1191259).
+- commit fe4673f
+
+- crypto: drbg - track whether DRBG was seeded with
+ !rng_is_initialized() (jsc#SLE-21132,bsc#1191259).
+- commit 832d7de
+
+- crypto: drbg - prepare for more fine-grained tracking of
+ seeding state (jsc#SLE-21132,bsc#1191259).
+- commit 832ea10
+
+- crypto: drbg - Fix unused value warning in
+ drbg_healthcheck_sanity() (jsc#SLE-21132,bsc#1191259).
+- commit 585265f
+
+- bpf: Fix toctou on read-only map's constant scalar tracking
+ (bsc#1192990,CVE-2021-4001).
+- commit a65db58
+
+- bpf: Use kvmalloc for map keys in syscalls
+ (bsc#1192990,CVE-2021-4001).
+- Refresh
+ patches.suse/bpf-Fix-error-usage-of-map_fd-and-fdget-in-generic_m.patch.
+- commit 8529db1
+
+- usb: hub: Fix locking issues with address0_mutex (git-fixes).
+- commit 6e122fb
+
+- mdio: aspeed: Fix "Link is Down" issue (git-fixes).
+- lan743x: fix deadlock in lan743x_phy_link_status_change()
+ (git-fixes).
+- ACPI: Get acpi_device's parent from the parent field
+ (git-fixes).
+- ACPI: CPPC: Add NULL pointer check to cppc_get_perf()
+ (git-fixes).
+- PM: hibernate: use correct mode for swsusp_close() (git-fixes).
+- staging/fbtft: Fix backlight (git-fixes).
+- USB: serial: pl2303: fix GC type detection (git-fixes).
+- usb: chipidea: ci_hdrc_imx: fix potential error pointer
+ dereference in probe (git-fixes).
+- usb: hub: Fix usb enumeration issue due to address0 race
+ (git-fixes).
+- usb: typec: fusb302: Fix masking of comparator and bc_lvl
+ interrupts (git-fixes).
+- usb: dwc3: leave default DMA for PCI devices (git-fixes).
+- usb: dwc2: hcd_queue: Fix use of floating point literal
+ (git-fixes).
+- usb: dwc3: gadget: Fix null pointer exception (git-fixes).
+- usb: dwc2: gadget: Fix ISOC flow for elapsed frames (git-fixes).
+- usb: dwc3: gadget: Check for L1/L2/U3 for Start Transfer
+ (git-fixes).
+- usb: dwc3: gadget: Ignore NoStream after End Transfer
+ (git-fixes).
+- usb: dwc3: core: Revise GHWPARAMS9 offset (git-fixes).
+- mmc: sdhci-esdhc-imx: disable CMDQ support (git-fixes).
+- commit 41fc655
+
+- drm/dp: Don't zero PWMGEN_BIT_COUNT when driver_pwm_freq_hz not specified (git-fixes).
+- commit c054b5e
+
+- Alt-commit updates for duplicates
+- Refresh
+ patches.suse/0409-drm-i915-Use-designated-initializers-for-init-exit-t.patch.
+- Refresh
+ patches.suse/0411-drm-i915-gt-Potential-error-pointer-dereference-in-p.patch.
+- Refresh
+ patches.suse/0412-drm-i915-selftest-Fix-use-of-err-in-igt_reset_-fail-.patch.
+- Refresh
+ patches.suse/0419-drm-i915-gem-Fix-the-mman-selftest.patch.
+- Refresh
+ patches.suse/0420-drm-i915-Release-ctx-syncobj-on-final-put-not-on-ctx.patch.
+- Refresh
+ patches.suse/0421-drm-i915-Get-PM-ref-before-accessing-HW-register.patch.
+- Refresh
+ patches.suse/0422-drm-i915-selftests-Do-not-use-import_obj-uninitializ.patch.
+- Refresh
+ patches.suse/0423-drm-i915-selftests-Always-initialize-err-in-igt_dmab.patch.
+- Refresh
+ patches.suse/0426-drm-i915-Move-__i915_gem_free_object-to-ttm_bo_destr.patch.
+- Refresh patches.suse/0427-drm-i915-Free-all-DMC-payloads.patch.
+- Refresh
+ patches.suse/0429-drm-i915-guc-docs-Fix-pdfdocs-build-error-by-removin.patch.
+- Refresh
+ patches.suse/0432-drm-i915-fix-blank-screen-booting-crashes.patch.
+- Refresh
+ patches.suse/0439-drm-i915-Fix-bug-in-user-proto-context-creation-that.patch.
+- Refresh
+ patches.suse/0440-drm-i915-Free-the-returned-object-of-acpi_evaluate_d.patch.
+- Refresh
+ patches.suse/0445-drm-i915-Revert-guc_id-from-i915_request-tracepoint.patch.
+- commit 6fe956e
+
+- constraints: Build aarch64 on recent ARMv8.1 builders.
+ Request asimdrdm feature which is available only on recent ARMv8.1 CPUs.
+ This should prevent scheduling the kernel on an older slower builder.
+- commit 60fc53f
+
+- iio: imu: adis16400: Fix buffer alignment requirements
+ (git-fixes).
+- iio: gyro: mpu3050: Fix alignment and size issues with buffers
+ (git-fixes).
+- iio: adc: ti-adc108s102: Fix alignment of buffer pushed to
+ iio buffers (git-fixes).
+- staging: wfx: ensure IRQ is ready before enabling it
+ (git-fixes).
+- commit 594abf0
+
+- firmware: smccc: Fix check for ARCH_SOC_ID not implemented
+ (git-fixes).
+- firmware: arm_scmi: Fix type error assignment in voltage
+ protocol (git-fixes).
+- HID: multitouch: disable sticky fingers for UPERFECT Y
+ (git-fixes).
+- tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc
+ (git-fixes).
+- iio: imu: st_lsm6dsx: Avoid potential array overflow in
+ st_lsm6dsx_set_odr() (git-fixes).
+- iio: core: Introduce iio_push_to_buffers_with_ts_unaligned()
+ (git-fixes).
+- usb: host: ohci-tmio: check return value after calling
+ platform_get_resource() (git-fixes).
+- usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
+ (git-fixes).
+- usb: musb: tusb6010: check return value after calling
+ platform_get_resource() (git-fixes).
+- memory: tegra20-emc: Add runtime dependency on devfreq governor
+ module (git-fixes).
+- commit 872c3f8
+
+- drm/hyperv: Fix device removal on Gen1 VMs (git-fixes).
+- drm/aspeed: Fix vga_pw sysfs output (git-fixes).
+- drm/vc4: fix error code in vc4_create_object() (git-fixes).
+- drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks
+ (git-fixes).
+- drm/amd/display: Set plane update flags for all planes in reset
+ (git-fixes).
+- drm/amd/display: Fix DPIA outbox timeout after GPU reset
+ (git-fixes).
+- firmware: arm_scmi: Fix type error in sensor protocol
+ (git-fixes).
+- firmware: arm_scmi: pm: Propagate return value to caller
+ (git-fixes).
+- firmware: arm_scmi: Fix base agent discover response
+ (git-fixes).
+- drm/amdgpu: fix set scaling mode Full/Full aspect/Center not
+ works on vga and dvi connectors (git-fixes).
+- commit 90685db
+
+- drm/amd/pm: avoid duplicate powergate/ungate setting
+ (git-fixes).
+- drm/nouveau: clean up all clients on device removal
+ (CVE-2020-27820 bsc#1179599 git-fixes).
+- drm/nouveau: Add a dedicated mutex for the clients list
+ (CVE-2020-27820 bsc#1179599 git-fixes).
+- drm/nouveau: use drm_dev_unplug() during device removal
+ (CVE-2020-27820 bsc#1179599 git-fixes).
+- clk: sunxi-ng: Unregister clocks/resets when unbinding
+ (git-fixes).
+- clk: imx: imx6ul: Move csi_sel mux to correct base register
+ (git-fixes).
+- bus: ti-sysc: Use context lost quirk for otg (git-fixes).
+- bus: ti-sysc: Add quirk handling for reinit on context lost
+ (git-fixes).
+- ASoC: rt5682: fix a little pop while playback (git-fixes).
+- ASoC: Intel: sof_sdw: add missing quirk for Dell SKU 0A45
+ (git-fixes).
+- ASoC: Intel: soc-acpi: add missing quirk for TGL SDCA single
+ amp (git-fixes).
+- ASoC: nau8824: Add DMI quirk mechanism for active-high
+ jack-detect (git-fixes).
+- ASoC: rt5651: Use IRQF_NO_AUTOEN when requesting the IRQ
+ (git-fixes).
+- ASoC: es8316: Use IRQF_NO_AUTOEN when requesting the IRQ
+ (git-fixes).
+- ALSA: gus: fix null pointer dereference on pointer block
+ (git-fixes).
+- ASoC: SOF: Intel: hda-dai: fix potential locking issue
+ (git-fixes).
+- drm/amd/display: Update swizzle mode enums (git-fixes).
+- drm/amd/display: Limit max DSC target bpp for specific monitors
+ (git-fixes).
+- commit acb861b
+
+- Move upstreamed media and ARM patches into sorted section
+ Dropped a corresponding blacklist entry, too
+- commit c1e7317
+
+- powerpc/kexec_file: Add KEXEC_SIG support (jsc#SLE-18145
+ bsc#1192295).
+ Update config files.
+- commit b9bad9a
+
+- powerpc/watchdog: Fix wd_smp_last_reset_tb reporting
+ (bsc#1187541 ltc#192129).
+- powerpc/watchdog: read TB close to where it is used (bsc#1187541
+ ltc#192129).
+- powerpc/watchdog: Avoid holding wd_smp_lock over printk and
+ smp_send_nmi_ipi (bsc#1187541 ltc#192129).
+- powerpc/watchdog: tighten non-atomic read-modify-write access
+ (bsc#1187541 ltc#192129).
+- powerpc/watchdog: Fix missed watchdog reset due to memory
+ ordering race (bsc#1187541 ltc#192129).
+- commit 823022d
+
+- x86/sev: Fix noinstr for vc_ghcb_invalidate() (bsc#1169514).
+- commit 794a8a0
+
+- x86: Always inline ip_within_syscall_gap() (bsc#1169514).
+- commit cfc10d5
+
+- x86/kvm: Always inline evmcs_write64() (bsc#1169514).
+- commit 22c39a2
+
+- x86/kvm: Always inline to_svm() (bsc#1169514).
+- commit 5a2d299
+
+- x86: Always inline context_tracking_guest_enter() (bsc#1169514).
+- commit 57c3b6f
+
+- x86/kvm: Always inline vmload() / vmsave() (bsc#1169514).
+- commit bd03ad7
+
+- x86/kvm: Always inline sev_*guest() (bsc#1169514).
+- commit cc1d87a
+
+- objtool: Introduce CFI hash (bsc#1169514).
+- Refresh
+ patches.suse/objtool-Handle-__sanitize_cov-tail-calls.patch.
+- commit 4b4d3bb
+
+- HID: input: set usage type to key on keycode remap (git-fixes).
+- HID: input: Fix parsing of HID_CP_CONSUMER_CONTROL fields
+ (git-fixes).
+- HID: wacom: Use "Confidence" flag to prevent reporting invalid
+ contacts (git-fixes).
+- commit 00be7f6
+
+- Refresh
+ patches.suse/lib-scatterlist-Provide-a-dedicated-function-to-supp.patch.
+ Fixes warning:
+ ../drivers/gpu/drm/i915/gem/i915_gem_ttm.c:382:22: warning: unused variable 'sg' [-Wunused-variable]
+- commit 883a20a
+
+- ASoC: cs42l42: Assume 24-bit samples are in 32-bit slots
+ (bsc#1192354).
+- commit 41fb147
+
+- ASoC: rt1015: remove possible unused variable `bclk_ms'
+ (bsc#1192354).
+- ASoC: rt1015p: add new acpi id and comapatible id (bsc#1192354).
+- ASoC: max98390: Add support change dsm param name (bsc#1192354).
+- ASoC: cs42l42: Update module authors (bsc#1192354).
+- ASoC: cs42l42: Validate dai_set_sysclk() frequency
+ (bsc#1192354).
+- ASoC: cs42l42: Add PLL configuration for 44.1kHz/16-bit
+ (bsc#1192354).
+- ASoC: max98090: remove duplicate status reads and useless
+ assignmment (bsc#1192354).
+- ASoC: tlv320aic32x4: make array clocks static, makes object
+ smaller (bsc#1192354).
+- ASoC: rt1015: Remove unnecessary flush work on rt1015 driver
+ (bsc#1192354).
+- commit 79753e1
+
+- ASoC: Intel: bytcht_es8316: Utilize dev_err_probe() to avoid
+ log saturation (bsc#1192354).
+- ASoC: Intel: bytcht_es8316: Switch to use gpiod_get_optional()
+ (bsc#1192354).
+- ASoC: Intel: bytcht_es8316: Use temporary variable for struct
+ device (bsc#1192354).
+- ASoC: Intel: bytcht_es8316: Get platform data via
+ dev_get_platdata() (bsc#1192354).
+- ASoC: SOF: trace: Omit error print when waking up trace sleepers
+ (bsc#1192354).
+- ASoC: SOF: loader: Re-phrase the missing firmware error to
+ avoid duplication (bsc#1192354).
+- ASoC: Intel: boards: Fix CONFIG_SND_SOC_SDW_MOCKUP select
+ (bsc#1192354).
+- commit f37efd9
+
+- ASoC: rt5682: fix headset background noise when S3 state
+ (bsc#1192354).
+- ASoC: rt5682: Fix the vol+ button detection issue (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Make
+ rt5640_jack_gpio/rt5640_jack2_gpio static (bsc#1192354).
+- ASoC: SOF: intel: remove duplicate include (bsc#1192354).
+- ASoC: Intel: Skylake: Select first entry for singular pipe
+ config arrays (bsc#1192354).
+- ASoC: Intel: Skylake: Properly configure modules with generic
+ extension (bsc#1192354).
+- ASoC: Intel: Skylake: Support modules with generic extension
+ (bsc#1192354).
+- ASoC: Intel: Skylake: Support multiple format configs
+ (bsc#1192354).
+- ASoC: Intel: Skylake: Simplify m_state for loadable modules
+ (bsc#1192354).
+- ASoC: Intel: Skylake: Select proper format for NHLT blob
+ (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Mark hp_elitepad_1000g2_jack?_check
+ functions static (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Add support for HP Elite Pad 1000G2
+ jack-detect (bsc#1192354).
+- ASoC: rt5640: Add rt5640_set_ovcd_params() helper (bsc#1192354).
+- ASoC: rt5640: Add optional hp_det_gpio parameter to
+ rt5640_detect_headset() (bsc#1192354).
+- ASoC: rt5640: Delay requesting IRQ until the machine-drv calls
+ set_jack (bsc#1192354).
+- ASoC: rt5640: Move rt5640_disable_jack_detect() up in the
+ rt5640.c file (bsc#1192354).
+- ASoC: rt5514: make array div static const, makes object smaller
+ (bsc#1192354).
+- ASoC: rt5682: enable SAR ADC power saving mode during suspend
+ (bsc#1192354).
+- commit 048b9dc
+
+- ASoC: Intel: sof_sdw: pass card information to init/exit
+ functions (bsc#1192354).
+- Refresh
+ patches.suse/ASoC-Intel-sof_sdw-tag-SoundWire-BEs-as-non-atomic.patch.
+- commit 1e10617
+
+- ASoC: Intel: bytct_rt5640: Add a separate "Headset Mic 2"
+ DAPM pin for the mic on the 2nd jack (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Use cfg-lineout:2 in the components
+ string (bsc#1192354).
+- ASoC: Intel: boards: use software node API in Atom boards
+ (bsc#1192354).
+- ASoC: Intel: remove device_properties for Atom boards
+ (bsc#1192354).
+- ASoC: Intel: use software node API in SoundWire machines
+ (bsc#1192354).
+- ASoC: Intel: sof_sdw_rt711*: keep codec device reference until
+ remove (bsc#1192354).
+- ASoC: Intel: boards: get codec device with ACPI instead of
+ bus search (bsc#1192354).
+- ASoC: Intel: boards: handle errors with
+ acpi_dev_get_first_match_dev() (bsc#1192354).
+- ASoC: Intel: boards: harden codec property handling
+ (bsc#1192354).
+- ASoC: SOF: Intel: make DMI L1 selection more robust
+ (bsc#1192354).
+- commit 5cbe7a7
+
+- ASoC: SOF: Intel: simplify logic for DMI_L1 handling
+ (bsc#1192354).
+- ASoC: SOF: Intel: hda-stream: remove always true condition
+ (bsc#1192354).
+- ASoC: SOF: Intel: Kconfig: clarify DMI L1 option description
+ (bsc#1192354).
+- ASoC: amd: vangogh: Drop superfluous mmap callback
+ (bsc#1192354).
+- ASoC: Intel: sof_sdw_max98373: remove useless inits
+ (bsc#1192354).
+- ASoC: SOF: Intel: Use DMI string to search for
+ adl_mx98373_rt5682 variant (bsc#1192354).
+- ASoC: Intel: sof_sdw: add quirk for Dell XPS 9710 (bsc#1192354).
+- soundwire: intel: introduce shim and alh base (bsc#1192354).
+- ASoC: SOF: intel: add snd_sof_dsp_check_sdw_irq ops
+ (bsc#1192354).
+- commit e73d522
+
+- ASoC: SOF: intel: move sof_intel_dsp_desc() forward
+ (bsc#1192354).
+- Refresh
+ patches.suse/ASoC-SOF-Intel-hda-fix-hotplug-when-only-codec-is-su.patch.
+- commit 6f291a3
+
+- ASoC: SOF: intel: hda: remove HDA_DSP_REG_SNDW_WAKE_STS
+ definition (bsc#1192354).
+- ASoC: SOF: intel: add sdw_shim/alh_base to sof_intel_dsp_desc
+ (bsc#1192354).
+- soundwire: move intel sdw register definitions to sdw_intel.h
+ (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Fix HP ElitePad 1000 G2 quirk
+ (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Add support for a second headset
+ mic input (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Add support for a second headphones
+ output (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Add a byt_rt5640_get_codec_dai()
+ helper (bsc#1192354).
+- ASoC: Intel: bytcr_rt5640: Add line-out support (bsc#1192354).
+- ASoC: intel: skylake: Drop superfluous mmap callback
+ (bsc#1192354).
+- commit d756b8c
+
+- ASoC: amd: enable vangogh acp5x driver build (bsc#1192354).
+- Update config files.
+- commit 1e2e7cc
+
+- ASoC: amd: Drop superfluous mmap callbacks (bsc#1192354).
+- ASoC: Intel: Fix spelling contraction "cant" -> "can't"
+ (bsc#1192354).
+- ASoC: amd: fix an IS_ERR() vs NULL bug in probe (bsc#1192354).
+- ASoC: amd: Use dev_probe_err helper (bsc#1192354).
+- ASoC: amd: Don't show messages about deferred probing by default
+ (bsc#1192354).
+- ASoC: amd: add vangogh i2s dma driver pm ops (bsc#1192354).
+- ASoC: amd: add vangogh pci driver pm ops (bsc#1192354).
+- ASoC: amd: add vangogh i2s dai driver ops (bsc#1192354).
+- ASoC: amd: add vangogh i2s controller driver (bsc#1192354).
+- commit 97bb2cd
+
+- ASoC: amd: add ACP5x pcm dma driver ops (bsc#1192354).
+- ASoC: amd: irq handler changes for ACP5x PCM dma driver
+ (bsc#1192354).
+- ASoC: amd: add ACP5x PCM platform driver (bsc#1192354).
+- ASoC: amd: create acp5x platform devices (bsc#1192354).
+- ASoc: amd: add acp5x init/de-init functions (bsc#1192354).
+- ASoC: amd: add Vangogh ACP PCI driver (bsc#1192354).
+- ASoC: amd: add Vangogh ACP5x IP register header (bsc#1192354).
+- ASOC: Intel: sof_sdw: add quirk for Intel 'Bishop County'
+ NUC M15 (bsc#1192354).
+- ASoC: Intel: sof_sdw: update quirk for jack detection in ADL
+ RVP (bsc#1192354).
+- ASoC: Intel: sof_sdw: include rt711.h for RT711 JD mode
+ (bsc#1192354).
+- commit 725b1cd
+
+- ASoC: Intel: sof_sdw: extends SOF_RT711_JDSRC to 4 bits
+ (bsc#1192354).
+- ASoC: Intel: sof_rt5682: code refactor for max98360a
+ (bsc#1192354).
+- ASoC: Intel: sof_cs42l42: add support for jsl_cs4242_mx98360a
+ (bsc#1192354).
+- ASoC: Intel: maxim-common: support max98360a (bsc#1192354).
+- ASoC: Intel: sof_cs42l42: support arbitrary DAI link sequence
+ (bsc#1192354).
+- ASoC: Intel: sof_cs42l42: use helper function to get bclk
+ frequency (bsc#1192354).
+- ASoC: SOF: add a helper to get topology configured bclk
+ (bsc#1192354).
+- ASoC: Intel: soc-acpi: add support for SoundWire of TGL-H-RVP
+ (bsc#1192354).
+- ASoC: amd: fix spelling mistakes (bsc#1192354).
+- ASoC: intel: atom: Revert PCM buffer address setup workaround
+ again (bsc#1192354).
+- soundwire: cadence: do not extend reset delay (bsc#1192354).
+- soundwire: intel: conditionally exit clock stop mode on system
+ suspend (bsc#1192354).
+- soundwire: intel: skip suspend/resume/wake when link was not
+ started (bsc#1192354).
+- soundwire: cadence: override PDI configurations to create
+ loopback (bsc#1192354).
+- soundwire: cadence: add debugfs interface for PDI loopbacks
+ (bsc#1192354).
+- soundwire: stream: don't program mockup device ports
+ (bsc#1192354).
+- soundwire: bus: squelch error returned by mockup devices
+ (bsc#1192354).
+- soundwire: add flag to ignore all command/control for mockup
+ devices (bsc#1192354).
+- soundwire: stream: don't abort bank switch on
+ Command_Ignored/-ENODATA (bsc#1192354).
+- ASoC: Intel: boards: sof_sdw: add SoundWire mockup codecs for
+ tests (bsc#1192354).
+- commit 01f384c
+
+- ASoC: codecs: add SoundWire mockup device support (bsc#1192354).
+- Update config files.
+- commit cb6d378
+
+- ASoC: soc-acpi: tgl: add table for SoundWire mockup devices
+ (bsc#1192354).
+- ASoC: soc-acpi: cnl: add table for SoundWire mockup devices
+ (bsc#1192354).
+- soundwire: cadence: add paranoid check on self-clearing bits
+ (bsc#1192354).
+- soundwire: dmi-quirks: add quirk for Intel 'Bishop County'
+ NUC M15 (bsc#1192354).
+- soundwire: bus: update Slave status in sdw_clear_slave_status
+ (bsc#1192354).
+- soundwire: cadence: Remove ret variable from sdw_cdns_irq()
+ (bsc#1192354).
+- soundwire: bus: filter out more -EDATA errors on clock stop
+ (bsc#1192354).
+- soundwire: dmi-quirks: add ull suffix for SoundWire _ADR values
+ (bsc#1192354).
+- commit 96de317
+
+- Revert "ALSA: hda: Drop workaround for a hang at shutdown again"
+ (bsc#1192354).
+- Refresh
+ patches.suse/ALSA-hda-Use-position-buffer-for-SKL-again.patch.
+- commit 14d0e54
+
+- ALSA: hda: Drop workaround for a hang at shutdown again
+ (bsc#1192354).
+- Refresh
+ patches.suse/ALSA-hda-Use-position-buffer-for-SKL-again.patch.
+- commit 0b88e07
+
+- ALSA: hda/cirrus: Move CS8409 HDA bridge to separate module
+ (bsc#1192354).
+- Update config files.
+- commit af1e7cf
+
+- ALSA: hda: fix general protection fault in azx_runtime_idle
+ (bsc#1192354).
+- ALSA: hda/cs8409: Setup Dolphin Headset Mic as Phantom Jack
+ (bsc#1192354).
+- ALSA: hda/cs8409: Initialize Codec only in init fixup
+ (bsc#1192354).
+- ALSA: hda/cs8409: Ensure Type Detection is only run on startup
+ when necessary (bsc#1192354).
+- ALSA: hda: Disable runtime resume at shutdown (bsc#1192354).
+- ALSA: hda: Allow model option to specify PCI SSID alias
+ (bsc#1192354).
+- ALSA: hda: Code refactoring snd_hda_pick_fixup() (bsc#1192354).
+- ALSA: hda/analog - Sink ad198x_shutup() and shuffle CONFIG_PM
+ guards (bsc#1192354).
+- ALSA: hda/sigmatel - Sink stac_shutup() into stac_suspend()
+ (bsc#1192354).
+- ALSA: hda: Nuke unused reboot_notify callback (bsc#1192354).
+- ALSA: hda: Suspend codec at shutdown (bsc#1192354).
+- ALSA: hda: conexant: Turn off EAPD at suspend, too
+ (bsc#1192354).
+- ALSA: hda/cs8409: Prevent pops and clicks during suspend
+ (bsc#1192354).
+- ALSA: hda/cs8409: Unmute/Mute codec when stream starts/stops
+ (bsc#1192354).
+- ALSA: hda/cs8409: Follow correct CS42L42 power down sequence
+ for suspend (bsc#1192354).
+- ALSA: hda/cs8409: Remove unnecessary delays (bsc#1192354).
+- ALSA: hda/cs8409: Use timeout rather than retries for I2C
+ transaction waits (bsc#1192354).
+- ALSA: hda/cs8409: Set fixed sample rate of 48kHz for CS42L42
+ (bsc#1192354).
+- ALSA: hda/cs8409: Enable Full Scale Volume for Line Out Codec
+ on Dolphin (bsc#1192354).
+- ALSA: hda/cs8409: Add support for dolphin (bsc#1192354).
+- ALSA: hda/cs8409: Add Support to disable jack type detection
+ for CS42L42 (bsc#1192354).
+- ALSA: hda/cs8409: Support multiple sub_codecs for
+ Suspend/Resume/Unsol events (bsc#1192354).
+- ALSA: hda/cs8409: Move codec properties to its own struct
+ (bsc#1192354).
+- ALSA: hda/cs8409: Separate CS8409, CS42L42 and project functions
+ (bsc#1192354).
+- ALSA: hda/cs8409: Support i2c bulk read/write functions
+ (bsc#1192354).
+- ALSA: hda/cs8409: Avoid re-setting the same page as the last
+ access (bsc#1192354).
+- ALSA: hda/cs8409: Avoid setting the same I2C address for every
+ access (bsc#1192354).
+- ALSA: hda/cs8409: Dont disable I2C clock between consecutive
+ accesses (bsc#1192354).
+- ALSA: hda/cs8409: Generalize volume controls (bsc#1192354).
+- ALSA: hda/cs8409: Prevent I2C access during suspend time
+ (bsc#1192354).
+- ALSA: hda/cs8409: Simplify CS42L42 jack detect (bsc#1192354).
+- ALSA: hda/cs8409: Mask CS42L42 wake events (bsc#1192354).
+- ALSA: hda/cs8409: Disable unsolicited response for the first
+ boot (bsc#1192354).
+- ALSA: hda/cs8409: Disable unsolicited responses during suspend
+ (bsc#1192354).
+- ALSA: hda/cs8409: Disable unnecessary Ring Sense for
+ Cyborg/Warlock/Bullseye (bsc#1192354).
+- ALSA: hda/cs8409: Reduce HS pops/clicks for Cyborg
+ (bsc#1192354).
+- ALSA: hda/cs8409: Mask all CS42L42 interrupts on initialization
+ (bsc#1192354).
+- ALSA: hda/cs8409: Use enums for register names and coefficients
+ (bsc#1192354).
+- ALSA: hda/cs8409: Move arrays of configuration to a new file
+ (bsc#1192354).
+- ALSA: hda: Allocate resources with device-managed APIs
+ (bsc#1192354).
+- ALSA: hda/hdmi: Add option to enable all pins forcibly
+ (bsc#1192354).
+- ALSA: hda/ca0132: remove redundant initialization of variable
+ status (bsc#1192354).
+- commit bdfccf7
+
+- ALSA: intel-dsp-config: add quirk for JSL devices based on
+ ES8336 codec (bsc#1192354).
+- ALSA: intel-dsp-config: add quirk for APL/GLK/TGL devices
+ based on ES8336 codec (bsc#1192354).
+- ALSA: hda: hdac_ext_stream: fix potential locking issues
+ (bsc#1192354).
+- ALSA: hda: hdac_stream: fix potential locking issue in
+ snd_hdac_stream_assign() (bsc#1192354).
+- commit 7c0aa55
+
+- ALSA: doc: Fix indentation warning (bsc#1192354).
+- ALSA: memalloc: Drop superfluous snd_dma_buffer_sync()
+ declaration (bsc#1192354).
+- commit 856f153
+
+- ALSA: usb-audio: Don't start stream for capture at prepare
+ (bsc#1192354).
+- ALSA: usb-audio: Switch back to non-latency mode at a later
+ point (bsc#1192354).
+- ALSA: usb-audio: fix null pointer dereference on pointer cs_desc
+ (bsc#1192354).
+- ALSA: usb-audio: Initialize every feature unit once at probe
+ time (bsc#1192354).
+- ALSA: usb-audio: Drop superfluous error message after
+ disconnection (bsc#1192354).
+- ALSA: usb-audio: Downgrade error message in get_ctl_value_v2()
+ (bsc#1192354).
+- ALSA: usb-audio: Less restriction for low-latency playback mode
+ (bsc#1192354).
+- ALSA: usb-audio: Pass JOINT_DUPLEX info flag for implicit fb
+ streams (bsc#1192354).
+- ALSA: usb-audio: Fix packet size calculation regression
+ (bsc#1192354).
+- ALSA: usb-audio: disable implicit feedback sync for Behringer
+ UFX1204 and UFX1604 (bsc#1192354).
+- ALSA: usb-audio: Avoid killing in-flight URBs during draining
+ (bsc#1192354).
+- ALSA: usb-audio: Improved lowlatency playback support
+ (bsc#1192354).
+- ALSA: usb-audio: Add spinlock to stop_urbs() (bsc#1192354).
+- ALSA: usb-audio: Check available frames for the next packet size
+ (bsc#1192354).
+- ALSA: usb-audio: Disable low-latency mode for implicit feedback
+ sync (bsc#1192354).
+- ALSA: usb-audio: Disable low-latency playback for free-wheel
+ mode (bsc#1192354).
+- ALSA: usb-audio: Rename early_playback_start flag with
+ lowlatency_playback (bsc#1192354).
+- ALSA: usb-audio: fix comment reference in
+ __uac_clock_find_source (bsc#1192354).
+- commit 9d7667d
+
+- ALSA: usb-audio: Move ignore_ctl_error check into quirk_flags
+ (bsc#1192354).
+- Refresh
+ patches.suse/ALSA-usb-audio-Add-Audient-iD14-to-mixer-map-quirk-t.patch.
+- Refresh
+ patches.suse/ALSA-usb-audio-Add-Schiit-Hel-device-to-mixer-map-qu.patch.
+- Refresh
+ patches.suse/Revive-usb-audio-Keep-Interface-mixer.patch.
+- commit 823344c
+
+- ALSA: usx2y: Prefer struct_size over open coded arithmetic
+ (bsc#1192354).
+- ALSA: usb-audio: Fix microphone sound on Jieli webcam
+ (bsc#1192354).
+- ALSA: usb-audio: Enable rate validation for Scarlett devices
+ (bsc#1192354).
+- ALSA: usb-audio: Move set-interface-first workaround into
+ common quirk (bsc#1192354).
+- ALSA: usb-audio: make array static const, makes object smaller
+ (bsc#1192354).
+- ALSA: doc: Add the description of quirk_flags option for
+ snd-usb-audio (bsc#1192354).
+- ALSA: usb-audio: Add quirk_flags module option (bsc#1192354).
+- ALSA: usb-audio: Move generic DSD raw detection into quirk_flags
+ (bsc#1192354).
+- ALSA: usb-audio: Move autosuspend quirk into quirk_flags
+ (bsc#1192354).
+- ALSA: usb-audio: Move rate validation quirk into quirk_flags
+ (bsc#1192354).
+- commit d167cc1
+
+- ALSA: usb-audio: Move interface setup delay into quirk_flags
+ (bsc#1192354).
+- ALSA: usb-audio: Move control message delay quirk into
+ quirk_flags (bsc#1192354).
+- ALSA: usb-audio: Move ITF-USB DSD quirk handling into
+ quirk_flags (bsc#1192354).
+- ALSA: usb-audio: Move clock setup quirk into quirk_flags
+ (bsc#1192354).
+- ALSA: usb-audio: Move playback_first flag into quirk_flags
+ (bsc#1192354).
+- ALSA: usb-audio: Move tx_length quirk handling to quirk_flags
+ (bsc#1192354).
+- ALSA: usb-audio: Move txfr_quirk handling to quirk_flags
+ (bsc#1192354).
+- ALSA: usb-audio: Move media-controller API quirk into
+ quirk_flags (bsc#1192354).
+- ALSA: usb-audio: Introduce quirk_flags field (bsc#1192354).
+- commit 6630f4e
+
+- ALSA: memalloc: Remove a stale comment (bsc#1192354).
+- ALSA: memalloc: Use proper SG helpers for noncontig allocations
+ (bsc#1192354).
+- ALSA: memalloc: Fix a typo in snd_dma_buffer_sync() description
+ (bsc#1192354).
+- ALSA: memalloc: Support for non-coherent page allocation
+ (bsc#1192354).
+- ALSA: memalloc: Support for non-contiguous page allocation
+ (bsc#1192354).
+- ALSA: ISA: not for M68K (bsc#1192354).
+- ALSA: pcm: Unify snd_pcm_delay() and snd_pcm_hwsync()
+ (bsc#1192354).
+- ALSA: pcm: Add more disconnection checks at file ops
+ (bsc#1192354).
+- ALSA: pcm: Add SNDRV_PCM_INFO_EXPLICIT_SYNC flag (bsc#1192354).
+- ALSA: memalloc: Count continuous pages in vmalloc buffer handler
+ (bsc#1192354).
+- ALSA: core: control_led: use strscpy instead of strlcpy
+ (bsc#1192354).
+- ALSA: memalloc: Fix mmap of SG-buffer with WC pages
+ (bsc#1192354).
+- ALSA: memalloc: Store snd_dma_buffer.addr for continuous pages,
+ too (bsc#1192354).
+- ALSA: memalloc: Fix pgprot for WC mmap on x86 (bsc#1192354).
+- ALSA: memalloc: Support WC allocation on all architectures
+ (bsc#1192354).
+- ALSA: pcm: Allow exact buffer preallocation (bsc#1192354).
+- ALSA: memalloc: Correctly name as WC (bsc#1192354).
+- ALSA: memalloc: Minor refactoring (bsc#1192354).
+- ALSA: core: Fix double calls of snd_card_free() via devres
+ (bsc#1192354).
+- ALSA: seq: Fix comments of wrong client number for MIDI
+ Passthrough (bsc#1192354).
+- ALSA: core: Add device-managed request_dma() (bsc#1192354).
+- ALSA: core: Add managed card creation (bsc#1192354).
+- ALSA: core: Add device-managed page allocator helper
+ (bsc#1192354).
+- ALSA: compress: Initialize mutex in snd_compress_new()
+ (bsc#1192354).
+- ALSA: compress: Drop unused functions (bsc#1192354).
+- commit f0eac26
+
+- drm/i915/adl_s: Remove require_force_probe protection
+ (jsc#SLE-22724).
+- commit 276c538
+
+- drm/i915/dp: fix for ADL_P/S dp/edp max source rates
+ (jsc#SLE-22724).
+- commit f8dd603
+
+- drm/i915/dp: fix DG1 and RKL max source rates (jsc#SLE-22724).
+- commit ef43dd0
+
+- drm/i915/dp: fix EHL/JSL max source rates calculation
+ (jsc#SLE-22724).
+- commit 0821357
+
+- drm/i915/dp: fix TGL and ICL max source rates (jsc#SLE-22724).
+- commit 61199d4
+
+- drm/i915/dp: Fix eDP max rate for display 11+ (jsc#SLE-22724).
+- commit 468b330
+
+- drm/i915/adl_s: Update ADL-S PCI IDs (jsc#SLE-22724).
+- commit d125195
+
+- drm/i915: Disable bonding on gen12+ platforms (jsc#SLE-22724).
+- commit 5d84d6d
+
+- ALSA: ctxfi: Fix out-of-range access (git-fixes).
+- ALSA: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes).
+- ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100
+ (git-fixes).
+- commit aee8b91
+
+- selinux: fix NULL-pointer dereference when hashtab allocation
+ fails (git-fixes).
+- ASoC: stm32: i2s: fix 32 bits channel length without mclk
+ (git-fixes).
+- ASoC: codecs: lpass-rx-macro: fix HPHR setting CLSH mask
+ (git-fixes).
+- ASoC: codecs: wcd934x: return error code correctly from
+ hw_params (git-fixes).
+- ASoC: codecs: wcd938x: fix volatile register range (git-fixes).
+- ASoC: topology: Add missing rwsem around snd_ctl_remove()
+ calls (git-fixes).
+- ASoC: qdsp6: q6asm: fix q6asm_dai_prepare error handling
+ (git-fixes).
+- ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer
+ (git-fixes).
+- ASoC: DAPM: Cover regression by kctl change notification fix
+ (git-fixes).
+- ASoC: SOF: Intel: hda: fix hotplug when only codec is suspended
+ (git-fixes).
+- media: cec: copy sequence field for the reply (git-fixes).
+- media: v4l2-core: fix VIDIOC_DQEVENT handling on non-x86
+ (git-fixes).
+- pinctrl: tegra194: remove duplicate initializer again
+ (git-fixes).
+- memory: tegra186-emc: Fix error return code in
+ tegra186_emc_probe() (git-fixes).
+- commit 40b2336
+
+- Delete patches.suse/Fix-breakage-of-swap-over-NFS.patch.
+ A recent patch
+ patches.suse/NFS-move-generic_write_checks-call-from-nfs_file_dir.patch
+ provides a better solution.
+- commit ab6f39b
+
+- SUNRPC/xprt: async tasks mustn't block waiting for memory
+ (bsc#1191876).
+- SUNRPC: remove scheduling boost for "SWAPPER" tasks
+ (bsc#1191876).
+- SUNRPC: improve 'swap' handling: scheduling and PF_MEMALLOC
+ (bsc#1191876).
+- SUNRPC/call_alloc: async tasks mustn't block waiting for memory
+ (bsc#1191876).
+- SUNRPC/auth: async tasks mustn't block waiting for memory
+ (bsc#1191876).
+- NFS: move generic_write_checks() call from
+ nfs_file_direct_write() to nfs_file_write() (bsc#1191876).
+- NFS: do not take i_rwsem for swap IO (bsc#1191876).
+- MM: reclaim mustn't enter FS for swap-over-NFS (bsc#1191876).
+- commit 11279f5
+
+- scsi: qla2xxx: Fix mailbox direction flags in
+ qla2xxx_get_adapter_id() (git-fixes).
+- scsi: core: sysfs: Fix hang when device state is set via sysfs
+ (git-fixes).
+- scsi: ufs: core: Improve SCSI abort handling (git-fixes).
+- commit 13e7c01
+
+- drm/i915: Revert 'guc_id' from i915_request tracepoint
+ (jsc#SLE-22601).
+- drm/i915: Free the returned object of acpi_evaluate_dsm()
+ (jsc#SLE-22601).
+- drm/i915: Fix bug in user proto-context creation that leaked
+ contexts (jsc#SLE-22601).
+- drm/i915: remember to call i915_sw_fence_fini (jsc#SLE-22601).
+- drm/i915: fix blank screen booting crashes (jsc#SLE-22601).
+- drm/i915/guc, docs: Fix pdfdocs build error by removing nested
+ grid (jsc#SLE-22601).
+- drm/i915: Free all DMC payloads (jsc#SLE-22601).
+- drm/i915: Move __i915_gem_free_object to ttm_bo_destroy
+ (jsc#SLE-22601).
+- drm/i915: Update memory bandwidth parameters (jsc#SLE-22601).
+- drm/i915: Enable -Wsometimes-uninitialized (jsc#SLE-22601).
+- drm/i915/selftests: Always initialize err in
+ igt_dmabuf_import_same_driver_lmem() (jsc#SLE-22601).
+- drm/i915/selftests: Do not use import_obj uninitialized
+ (jsc#SLE-22601).
+- drm/i915: Get PM ref before accessing HW register
+ (jsc#SLE-22601).
+- drm/i915: Release ctx->syncobj on final put, not on ctx close
+ (jsc#SLE-22601).
+- drm/i915/gem: Fix the mman selftest (jsc#SLE-22601).
+- tools headers UAPI: Sync drm/i915_drm.h with the kernel sources
+ (jsc#SLE-22601).
+- drm/i915: use linux/stddef.h due to "isystem: trim/fixup
+ stdarg.h and other headers" (jsc#SLE-22601).
+- vfio/gvt: Fix open/close when multiple device FDs are open
+ (jsc#SLE-22601).
+- vfio: Provide better generic support for open/release
+ vfio_device_ops (jsc#SLE-22601).
+- drm/i915/selftest: Fix use of err in igt_reset_{fail,
+ nop}_engine() (jsc#SLE-22601).
+- drm/i915/gt: Potential error pointer dereference in
+ pinned_context() (jsc#SLE-22601).
+- drm/i915/adl_p: Also disable underrun recovery with MSO
+ (jsc#SLE-22601).
+- drm/i915: Use designated initializers for init/exit table
+ (jsc#SLE-22601).
+- drm/i915/dg2: Add support for new DG2-G11 revid 0x5
+ (jsc#SLE-22601).
+- drm/i915/display/adl_p: Correctly program MBUS DBOX A credits
+ (jsc#SLE-22601).
+- drm/i915: Apply CMTG clock disabling WA while DPLL0 is enabled
+ (jsc#SLE-22601).
+- drm/i915/dg1: Adjust the AUDIO power domain (jsc#SLE-22601).
+- drm/i915: finish removal of CNL (jsc#SLE-22601).
+- drm/i915: rename/remove CNL registers (jsc#SLE-22601).
+- drm/i915: remove GRAPHICS_VER == 10 (jsc#SLE-22601).
+- drm/i915: switch num_scalers/num_sprites to consider DISPLAY_VER
+ (jsc#SLE-22601).
+- drm/i915: replace random CNL comments (jsc#SLE-22601).
+- drm/i915: rename CNL references in intel_dram.c (jsc#SLE-22601).
+- drm/i915: remove explicit CNL handling from intel_wopcm.c
+ (jsc#SLE-22601).
+- drm/i915: remove explicit CNL handling from intel_pch.c
+ (jsc#SLE-22601).
+- drm/i915: remove explicit CNL handling from intel_pm.c
+ (jsc#SLE-22601).
+- drm/i915: remove explicit CNL handling from i915_irq.c
+ (jsc#SLE-22601).
+- drm/i915/display: rename CNL references in skl_scaler.c
+ (jsc#SLE-22601).
+- drm/i915/display: remove CNL ddi buf translation tables
+ (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from
+ intel_display_power.c (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from
+ skl_universal_plane.c (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from intel_vdsc.c
+ (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from
+ intel_dpll_mgr.c (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from intel_dp.c
+ (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from intel_dmc.c
+ (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from
+ intel_display_debugfs.c (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from intel_ddi.c
+ (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from intel_crtc.c
+ (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from
+ intel_combo_phy.c (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from
+ intel_color.c (jsc#SLE-22601).
+- drm/i915/display: remove explicit CNL handling from
+ intel_cdclk.c (jsc#SLE-22601).
+- drm/i915/display: remove PORT_F workaround for CNL
+ (jsc#SLE-22601).
+- drm/i915/dp: DPTX writes Swing/Pre-emphs(DPCD 0x103-0x106)
+ requested during PHY Layer testing (jsc#SLE-22601).
+- drm/i915/dg2: Update to bigjoiner path (jsc#SLE-22601).
+- drm/i915/dg2: Update lane disable power state during PSR
+ (jsc#SLE-22601).
+- drm/i915/dg2: Wait for SNPS PHY calibration during display init
+ (jsc#SLE-22601).
+- drm/i915/dg2: Update modeset sequences (jsc#SLE-22601).
+- drm/i915/dg2: Add vswing programming for SNPS phys
+ (jsc#SLE-22601).
+- drm/i915/dg2: Add MPLLB programming for HDMI (jsc#SLE-22601).
+- drm/i915/dg2: Add MPLLB programming for SNPS PHY
+ (jsc#SLE-22601).
+- drm/i915/adl_p: Add ddi buf translation tables for combo PHY
+ (jsc#SLE-22601).
+- drm/i915/adl_s: Update ddi buf translation tables
+ (jsc#SLE-22601).
+- drm/i915: dgfx cards need to wait on pcode's uncore init done
+ (jsc#SLE-22601).
+- drm/i915/adlp: Add workaround to disable CMTG clock gating
+ (jsc#SLE-22601).
+- drm/i915/adl_p: Allow underrun recovery when possible
+ (jsc#SLE-22601).
+- drm/i915/display: Disable audio, DRRS and PSR before planes
+ (jsc#SLE-22601).
+- drm/i915: Implement PSF GV point support (jsc#SLE-22601).
+- drm/i915: Extend QGV point restrict mask to 0x3 (jsc#SLE-22601).
+- drm/i915/display/psr2: Fix cursor updates using legacy apis
+ (jsc#SLE-22601).
+- drm/i915/display/psr2: Mark as updated all planes that intersect
+ with pipe_clip (jsc#SLE-22601).
+- drm/i915: Program chicken bit during DP MST sequence on TGL+
+ (jsc#SLE-22601).
+- drm/i915/dg2: Add DG2 to the PSR2 defeature list
+ (jsc#SLE-22601).
+- drm/i915/dg2: Classify DG2 PHY types (jsc#SLE-22601).
+- drm/i915/firmware: Update to DMC v2.03 on RKL (jsc#SLE-22601).
+- drm/i915/firmware: Update to DMC v2.12 on TGL (jsc#SLE-22601).
+- drm/i915/dmc: Change intel_get_stepping_info() (jsc#SLE-22601).
+- drm/i915/step: Add macro magic for handling steps
+ (jsc#SLE-22601).
+- drm/i915/dg2: DG2 has fixed memory bandwidth (jsc#SLE-22601).
+- drm/i915/dg2: Don't read DRAM info (jsc#SLE-22601).
+- drm/i915/dg2: Don't program BW_BUDDY registers (jsc#SLE-22601).
+- drm/i915/dg2: Add dbuf programming (jsc#SLE-22601).
+- drm/i915/dg2: Setup display outputs (jsc#SLE-22601).
+- drm/i915/dg2: Don't wait for AUX power well enable ACKs
+ (jsc#SLE-22601).
+- drm/i915/dg2: Skip shared DPLL handling (jsc#SLE-22601).
+- drm/i915/dg2: Add cdclk table and reference clock
+ (jsc#SLE-22601).
+- drm/i915/dg2: Add fake PCH (jsc#SLE-22601).
+- drm/i915: Fork DG1 interrupt handler (jsc#SLE-22601).
+- drm/i915: Make display workaround upper bounds exclusive
+ (jsc#SLE-22601).
+- drm/i915/rkl: Wa_1408330847 no longer applies to RKL
+ (jsc#SLE-22601).
+- drm/i915/rkl: Wa_1409767108 also applies to RKL (jsc#SLE-22601).
+- drm/i915/adl_s: Wa_14011765242 is also needed on A1 display
+ stepping (jsc#SLE-22601).
+- drm/i915/display: Fix shared dpll mismatch for bigjoiner slave
+ (jsc#SLE-22601).
+- drm/i915/display: Disable FBC when PSR2 is enabled display 12
+ and newer (jsc#SLE-22601).
+- drm/i915/display/adl_p: Implement PSR changes (jsc#SLE-22601).
+- drm/i915/display/dsc: Force dsc BPP (jsc#SLE-22601).
+- drm/i915/display/dsc: Add Per connector debugfs node for DSC
+ BPP enable (jsc#SLE-22601).
+- drm/i915/display: Add write permissions for fec support
+ (jsc#SLE-22601).
+- drm/i915/debugfs: DISPLAY_VER 13 lpsp capability
+ (jsc#SLE-22601).
+- drm/i915/display/xelpd: Extend Wa_14011508470 (jsc#SLE-22601).
+- drm/i915: Limit Wa_22010178259 to affected platforms
+ (jsc#SLE-22601).
+- drm/i915/display: Settle on "adl-x" in WA comments
+ (jsc#SLE-22601).
+- drm/i915: Invoke another _DSM to enable MUX on HP Workstation
+ laptops (jsc#SLE-22601).
+- drm/i915/dg1: Compute MEM Bandwidth using MCHBAR
+ (jsc#SLE-22601).
+ Refresh
+ patches.suse/drm-i915-Remove-memory-frequency-calculation.patch.
+- drm/i915/display/xelpd: Fix incorrect color capability reporting
+ (jsc#SLE-22601).
+- drm/i915: Handle cdclk crawling flag in standard manner
+ (jsc#SLE-22601).
+- drm/i915/plane: add intel_plane_helper_add() helper
+ (jsc#SLE-22601).
+- drm/i915/dg2: Add SQIDI steering (jsc#SLE-22601).
+- drm/i915/dg2: Update steering tables (jsc#SLE-22601).
+- drm/i915/xehpsdv: Define steering tables (jsc#SLE-22601).
+- drm/i915/xehp: handle new steering options (jsc#SLE-22601).
+- drm/i915/userptr: Probe existence of backing struct pages upon
+ creation (jsc#SLE-22601).
+- drm/i915: delete gpu reloc code (jsc#SLE-22601).
+- drm/i915: Disable gpu relocations (jsc#SLE-22601).
+- drm/i915/dg2: DG2 uses the same sseu limits as XeHP SDV
+ (jsc#SLE-22601).
+- drm/i915/xehpsdv: Add maximum sseu limits (jsc#SLE-22601).
+- drm/i915/xehp: Changes to ss/eu definitions (jsc#SLE-22601).
+- drm/i915/dg2: Add forcewake table (jsc#SLE-22601).
+- drm/i915/guc/rc: Setup and enable GuCRC feature (jsc#SLE-22601).
+- drm/i915/guc/slpc: Add SLPC selftest (jsc#SLE-22601).
+- drm/i915/guc/slpc: Sysfs hooks for SLPC (jsc#SLE-22601).
+- drm/i915/guc/slpc: Cache platform frequency limits
+ (jsc#SLE-22601).
+- drm/i915/guc/slpc: Enable ARAT timer interrupt (jsc#SLE-22601).
+- drm/i915/guc/slpc: Add debugfs for SLPC info (jsc#SLE-22601).
+- drm/i915/guc/slpc: Add get max/min freq hooks (jsc#SLE-22601).
+- drm/i915/guc/slpc: Add methods to set min/max frequency
+ (jsc#SLE-22601).
+- drm/i915/guc/slpc: Remove BUG_ON in guc_submission_disable
+ (jsc#SLE-22601).
+- drm/i915/guc/slpc: Enable SLPC and add related H2G events
+ (jsc#SLE-22601).
+- drm/i915/guc/slpc: Allocate, initialize and release SLPC
+ (jsc#SLE-22601).
+- drm/i915/guc/slpc: Adding SLPC communication interfaces
+ (jsc#SLE-22601).
+- drm/i915/guc/slpc: Gate Host RPS when SLPC is enabled
+ (jsc#SLE-22601).
+ Refresh
+ patches.suse/drm-i915-Remove-warning-from-the-rps-worker.patch.
+- drm/i915/guc/slpc: Initial definitions for SLPC (jsc#SLE-22601).
+- drm/i915/xehp: Fix missing sentinel on mcr_ranges_xehp
+ (jsc#SLE-22601).
+- drm/i915/selftests: prefer the create_user helper
+ (jsc#SLE-22601).
+- drm/i915/gt: remove GRAPHICS_VER == 10 (jsc#SLE-22601).
+- drm/i915/gt: rename CNL references in intel_engine.h
+ (jsc#SLE-22601).
+- drm/i915/gt: remove explicit CNL handling from intel_sseu.c
+ (jsc#SLE-22601).
+- drm/i915/gt: remove explicit CNL handling from intel_mocs.c
+ (jsc#SLE-22601).
+- drm/i915: Extract i915_module.c (jsc#SLE-22601).
+- drm/i915: Remove i915_globals (jsc#SLE-22601).
+- drm/i915: move vma slab to direct module init/exit
+ (jsc#SLE-22601).
+- drm/i915: move scheduler slabs to direct module init/exit
+ (jsc#SLE-22601).
+- drm/i915: move request slabs to direct module init/exit
+ (jsc#SLE-22601).
+- drm/i915: move gem_objects slab to direct module init/exit
+ (jsc#SLE-22601).
+- drm/i915: move gem_context slab to direct module init/exit
+ (jsc#SLE-22601).
+- drm/i915: move intel_context slab to direct module init/exit
+ (jsc#SLE-22601).
+- drm/i915: move i915_buddy slab to direct module init/exit
+ (jsc#SLE-22601).
+- drm/i915: move i915_active slab to direct module init/exit
+ (jsc#SLE-22601).
+- drm/i915: Check for nomodeset in i915_init() first
+ (jsc#SLE-22601).
+- drm/i915/xehpsdv: Correct parameters for IS_XEHPSDV_GT_STEP()
+ (jsc#SLE-22601).
+- drm/i915/guc: Unblock GuC submission on Gen11+ (jsc#SLE-22601).
+- drm/i915/guc: Implement GuC priority management (jsc#SLE-22601).
+- drm/i915/selftest: Bump selftest timeouts for hangcheck
+ (jsc#SLE-22601).
+- drm/i915/selftest: Fix hangcheck self test for GuC submission
+ (jsc#SLE-22601).
+- drm/i915/selftest: Increase some timeouts in live_requests
+ (jsc#SLE-22601).
+- drm/i915/selftest: Fix MOCS selftest for GuC submission
+ (jsc#SLE-22601).
+- drm/i915/selftest: Fix workarounds selftest for GuC submission
+ (jsc#SLE-22601).
+- drm/i915/selftest: Better error reporting from hangcheck
+ selftest (jsc#SLE-22601).
+- drm/i915/guc: Support request cancellation (jsc#SLE-22601).
+- drm/i915/guc: Implement banned contexts for GuC submission
+ (jsc#SLE-22601).
+- drm/i915/guc: Add golden context to GuC ADS (jsc#SLE-22601).
+- drm/i915/guc: Include scheduling policies in the debugfs state
+ dump (jsc#SLE-22601).
+- drm/i915/guc: Connect reset modparam updates to GuC policy flags
+ (jsc#SLE-22601).
+- drm/i915/guc: Hook GuC scheduling policies up (jsc#SLE-22601).
+- drm/i915/guc: Fix for error capture after full GPU reset with
+ GuC (jsc#SLE-22601).
+- drm/i915/guc: Capture error state on context reset
+ (jsc#SLE-22601).
+- drm/i915/guc: Enable GuC engine reset (jsc#SLE-22601).
+- drm/i915/guc: Don't complain about reset races (jsc#SLE-22601).
+- drm/i915/guc: Provide mmio list to be saved/restored on engine
+ reset (jsc#SLE-22601).
+- drm/i915/guc: Enable the timer expired interrupt for GuC
+ (jsc#SLE-22601).
+- drm/i915/guc: Handle engine reset failure notification
+ (jsc#SLE-22601).
+- drm/i915/guc: Handle context reset notification (jsc#SLE-22601).
+- drm/i915/guc: Suspend/resume implementation for new interface
+ (jsc#SLE-22601).
+- drm/i915/guc: Add disable interrupts to guc sanitize
+ (jsc#SLE-22601).
+- drm/i915: Reset GPU immediately if submission is disabled
+ (jsc#SLE-22601).
+- drm/i915/guc: Reset implementation for new GuC interface
+ (jsc#SLE-22601).
+- drm/i915: Move active request tracking to a vfunc
+ (jsc#SLE-22601).
+- drm/i915: Add i915_sched_engine destroy vfunc (jsc#SLE-22601).
+- drm/i915/guc: Direct all breadcrumbs for a class to single
+ breadcrumbs (jsc#SLE-22601).
+- drm/i915/guc: Disable bonding extension with GuC submission
+ (jsc#SLE-22601).
+- drm/i915: Hold reference to intel_context over life of
+ i915_request (jsc#SLE-22601).
+- drm/i915/guc: Make hangcheck work with GuC virtual engines
+ (jsc#SLE-22601).
+- drm/i915/guc: GuC virtual engines (jsc#SLE-22601).
+- drm/i915/ehl: unconditionally flush the pages on acquire
+ (jsc#SLE-22601).
+- drm/i915: document caching related bits (jsc#SLE-22601).
+- drm/i915/gem: Migrate to system at dma-buf attach time (v7)
+ (jsc#SLE-22601).
+- drm/i915/gem: Correct the locking and pin pattern for dma-buf
+ (v8) (jsc#SLE-22601).
+- drm/i915/gem: Always call obj->ops->migrate unless can_migrate
+ fails (jsc#SLE-22601).
+- drm/i915/gem/ttm: Only call __i915_gem_object_set_pages if
+ needed (jsc#SLE-22601).
+- drm/i915/gem: Unify user object creation (v3) (jsc#SLE-22601).
+- drm/i915/gem: Call i915_gem_flush_free_objects() in
+ i915_gem_dumb_create() (jsc#SLE-22601).
+- drm/i915/gem: Refactor placement setup for
+ i915_gem_object_create* (v2) (jsc#SLE-22601).
+- drm/i915/gem: Check object_can_migrate from object_migrate
+ (jsc#SLE-22601).
+- drm/i915/gt: nuke gen6_hw_id (jsc#SLE-22601).
+- drm/i915/xehp: Xe_HP forcewake support (jsc#SLE-22601).
+- drm/i915/xehp: Extra media engines - Part 3 (reset)
+ (jsc#SLE-22601).
+- drm/i915/xehp: Extra media engines - Part 2 (interrupts)
+ (jsc#SLE-22601).
+- drm/i915/xehp: Extra media engines - Part 1 (engine definitions)
+ (jsc#SLE-22601).
+- drm/i915/xehp: Define multicast register ranges (jsc#SLE-22601).
+- drm/i915: Extend Wa_1406941453 to adl-p (jsc#SLE-22601).
+- drm/i915/uapi: reject set_domain for discrete (jsc#SLE-22601).
+- drm/i915/xehp: VDBOX/VEBOX fusing registers are enable-based
+ (jsc#SLE-22601).
+- drm/i915/gt: rename legacy engine->hw_id to engine->gen6_hw_id
+ (jsc#SLE-22601).
+- drm/i915/gt: nuke unused legacy engine hw_id (jsc#SLE-22601).
+- drm/i915/gt: fix platform prefix (jsc#SLE-22601).
+- drm/i915: Add intel_context tracing (jsc#SLE-22601).
+- drm/i915/guc: Add trace point for GuC submit (jsc#SLE-22601).
+- drm/i915/guc: Update GuC debugfs to support new GuC
+ (jsc#SLE-22601).
+- drm/i915/guc: Update intel_gt_wait_for_idle to work with GuC
+ (jsc#SLE-22601).
+- drm/i915/guc: Ensure G2H response has space in buffer
+ (jsc#SLE-22601).
+- drm/i915/guc: Disable semaphores when using GuC scheduling
+ (jsc#SLE-22601).
+- drm/i915/guc: Ensure request ordering via completion fences
+ (jsc#SLE-22601).
+- drm/i915: Disable preempt busywait when using GuC scheduling
+ (jsc#SLE-22601).
+- drm/i915/guc: Extend deregistration fence to schedule disable
+ (jsc#SLE-22601).
+- drm/i915/guc: Disable engine barriers with GuC during unpin
+ (jsc#SLE-22601).
+- drm/i915/guc: Defer context unpin until scheduling is disabled
+ (jsc#SLE-22601).
+- drm/i915/guc: Insert fence on context when deregistering
+ (jsc#SLE-22601).
+- drm/i915/guc: Implement GuC context operations for new inteface
+ (jsc#SLE-22601).
+- drm/i915/guc: Add bypass tasklet submission path to GuC
+ (jsc#SLE-22601).
+- drm/i915/guc: Implement GuC submission tasklet (jsc#SLE-22601).
+- drm/i915/guc: Add LRC descriptor context lookup array
+ (jsc#SLE-22601).
+- drm/i915/guc: Remove GuC stage descriptor, add LRC descriptor
+ (jsc#SLE-22601).
+- drm/i915/guc: Add new GuC interface defines and structures
+ (jsc#SLE-22601).
+- drm/i915/xehp: New engine context offsets (jsc#SLE-22601).
+- drm/i915/xehp: Handle new device context ID format
+ (jsc#SLE-22601).
+- drm/i915/selftests: Allow for larger engine counts
+ (jsc#SLE-22601).
+- drm/i915/gen12: Use fuse info to enable SFC (jsc#SLE-22601).
+- drm/i915/dg2: add DG2 platform info (jsc#SLE-22601).
+- drm/i915/xehpsdv: add initial XeHP SDV definitions
+ (jsc#SLE-22601).
+- drm/i915: Add XE_HP initial definitions (jsc#SLE-22601).
+- drm/i915: Add release id version (jsc#SLE-22601).
+- drm/i915: do not abbreviate version in debugfs (jsc#SLE-22601).
+- drm/i915: Make the kmem slab for i915_buddy_block a global
+ (jsc#SLE-22601).
+- drm/i915: Use a table for i915_init/exit (v2) (jsc#SLE-22601).
+- drm/i915: Call i915_globals_exit() after i915_pmu_exit()
+ (jsc#SLE-22601).
+- drm/i915: Ditch i915 globals shrink infrastructure
+ (jsc#SLE-22601).
+- drm/i915: Make GT workaround upper bounds exclusive
+ (jsc#SLE-22601).
+- drm/i915: Program DFR enable/disable as a GT workaround
+ (jsc#SLE-22601).
+- drm/i915/icl: Drop a couple unnecessary workarounds
+ (jsc#SLE-22601).
+- drm/i915: Fix application of WaInPlaceDecompressionHang
+ (jsc#SLE-22601).
+- drm/i915: Add TTM offset argument to mmap (jsc#SLE-22601).
+- drm/i915/uapi: convert drm_i915_gem_userptr to kernel doc
+ (jsc#SLE-22601).
+- drm/i915/uapi: reject caching ioctls for discrete
+ (jsc#SLE-22601).
+- Revert "drm/i915: Skip over MI_NOOP when parsing"
+ (jsc#SLE-22601).
+- drm/i915: Drop error handling from dma_fence_work
+ (jsc#SLE-22601).
+- drm/i915: Remove allow_alloc from i915_gem_object_get_sg*
+ (jsc#SLE-22601).
+- drm/i915/icl: Drop workarounds that only apply to pre-production
+ steppings (jsc#SLE-22601).
+- drm/i915/cnl: Drop all workarounds (jsc#SLE-22601).
+- drm/i915/dg1: Use revid->stepping tables (jsc#SLE-22601).
+- drm/i915/rkl: Use revid->stepping tables (jsc#SLE-22601).
+- drm/i915/jsl_ehl: Use revid->stepping tables (jsc#SLE-22601).
+- drm/i915/icl: Use revid->stepping tables (jsc#SLE-22601).
+- drm/i915/glk: Use revid->stepping tables (jsc#SLE-22601).
+- drm/i915/bxt: Use revid->stepping tables (jsc#SLE-22601).
+- drm/i915/kbl: Drop pre-production revision from stepping table
+ (jsc#SLE-22601).
+- drm/i915/skl: Use revid->stepping tables (jsc#SLE-22601).
+- drm/i915: Make pre-production detection use direct revid
+ comparison (jsc#SLE-22601).
+- drm/i915/step: s/<platform>_revid_tbl/<platform>_revids
+ (jsc#SLE-22601).
+- drm/i915/uapi: convert drm_i915_gem_set_domain to kernel doc
+ (jsc#SLE-22601).
+- drm/i915/uapi: convert drm_i915_gem_caching to kernel doc
+ (jsc#SLE-22601).
+- drm/i915/guc: Module load failure test for CT buffer creation
+ (jsc#SLE-22601).
+- drm/i915/guc: Optimize CTB writes and reads (jsc#SLE-22601).
+- drm/i915/guc: Add stall timer to non blocking CTB send function
+ (jsc#SLE-22601).
+- drm/i915/guc: Add non blocking CTB send function
+ (jsc#SLE-22601).
+- drm/i915/guc: Increase size of CTB buffers (jsc#SLE-22601).
+- drm/i915/guc: Improve error message for unsolicited CT response
+ (jsc#SLE-22601).
+- drm/i915/guc: Relax CTB response timeout (jsc#SLE-22601).
+- drm/i915/adl_s: Extend Wa_1406941453 (jsc#SLE-22601).
+- drm/i915: Implement Wa_1508744258 (jsc#SLE-22601).
+- drm/i915: Settle on "adl-x" in WA comments (jsc#SLE-22601).
+- drm/i915: use consistent CPU mappings for pin_map users
+ (jsc#SLE-22601).
+- drm/i915: Finalize contexts in GEM_CONTEXT_CREATE on version 13+
+ (jsc#SLE-22601).
+- drm/i915/gem: Roll all of context creation together
+ (jsc#SLE-22601).
+- i915/gem/selftests: Assign the VM at context creation in
+ igt_shared_ctx_exec (jsc#SLE-22601).
+- drm/i915/selftests: Take a VM in kernel_context()
+ (jsc#SLE-22601).
+- drm/i915/gem: Don't allow changing the engine set on running
+ contexts (v3) (jsc#SLE-22601).
+- drm/i915/gem: Don't allow changing the VM on running contexts
+ (v4) (jsc#SLE-22601).
+- drm/i915/gem: Delay context creation (v3) (jsc#SLE-22601).
+- drm/i915/gt: Drop i915_address_space::file (v2) (jsc#SLE-22601).
+- drm/i915/gem: Return an error ptr from context_lookup
+ (jsc#SLE-22601).
+- drm/i915/gem: Use the proto-context to handle create parameters
+ (v5) (jsc#SLE-22601).
+- drm/i915/gem: Make an alignment check more sensible
+ (jsc#SLE-22601).
+- drm/i915: Add an i915_gem_vm_lookup helper (jsc#SLE-22601).
+- drm/i915/gem: Optionally set SSEU in intel_context_set_gem
+ (jsc#SLE-22601).
+- drm/i915/gem: Rework error handling in default_engines
+ (jsc#SLE-22601).
+- drm/i915/gem: Add an intermediate proto_context struct (v5)
+ (jsc#SLE-22601).
+- drm/i915: Add gem/i915_gem_context.h to the docs
+ (jsc#SLE-22601).
+- drm/i915/gem: Add a separate validate_priority helper
+ (jsc#SLE-22601).
+- drm/i915: Stop manually RCU banging in reset_stats_ioctl (v2)
+ (jsc#SLE-22601).
+- drm/i915/gem: Disallow creating contexts with too many engines
+ (jsc#SLE-22601).
+- drm/i915/request: Remove the hook from await_execution
+ (jsc#SLE-22601).
+- drm/i915/gem: Remove engine auto-magic with FENCE_SUBMIT (v2)
+ (jsc#SLE-22601).
+- drm/i915/gem: Disallow bonding of virtual engines (v3)
+ (jsc#SLE-22601).
+- drm/i915: Drop getparam support for I915_CONTEXT_PARAM_ENGINES
+ (jsc#SLE-22601).
+- drm/i915: Implement SINGLE_TIMELINE with a syncobj (v4)
+ (jsc#SLE-22601).
+- drm/i915: Drop the CONTEXT_CLONE API (v2) (jsc#SLE-22601).
+- drm/i915/gem: Return void from context_apply_all
+ (jsc#SLE-22601).
+- drm/i915/gem: Set the watchdog timeout directly in
+ intel_context_set_gem (v2) (jsc#SLE-22601).
+- drm/i915: Drop I915_CONTEXT_PARAM_NO_ZEROMAP (jsc#SLE-22601).
+- drm/i915: Stop storing the ring size in the ring pointer (v3)
+ (jsc#SLE-22601).
+- drm/i915: Drop I915_CONTEXT_PARAM_RINGSIZE (jsc#SLE-22601).
+- drm/i915/adlp: Add ADL-P GuC/HuC firmware files (jsc#SLE-22601).
+- drm/i915/huc: Update TGL and friends to HuC 7.9.3
+ (jsc#SLE-22601).
+- drm/i915/adl_s: Fix dma_mask_size to 39 bit (jsc#SLE-22601).
+- drm/i915/gt: finish INTEL_GEN and friends conversion
+ (jsc#SLE-22601).
+- drm/i915/selftests: fix smatch warning in mock_reserve
+ (jsc#SLE-22601).
+- drm/i915/selftests: fix smatch warning in igt_check_blocks
+ (jsc#SLE-22601).
+- drm/i915: Improve debug Kconfig texts a bit (jsc#SLE-22601).
+- drm/i915/gtt: ignore min_page_size for paging structures
+ (jsc#SLE-22601).
+- drm/i915: support forcing the page size with lmem
+ (jsc#SLE-22601).
+- drm/i915/display: Migrate objects to LMEM if possible for
+ display (jsc#SLE-22601).
+- drm/i915/gem: Introduce a selftest for the gem object migrate
+ functionality (jsc#SLE-22601).
+- drm/i915/gem: Implement object migration (jsc#SLE-22601).
+- drm/i915/selftest: Extend ctx_timestamp ICL workaround to GEN11
+ (jsc#SLE-22601).
+- drm/i915/ttm: Use TTM for system memory (jsc#SLE-22601).
+- drm/i915/ttm: Adjust gem flags and caching settings after a move
+ (jsc#SLE-22601).
+- drm/i915: Update object placement flags to be mutable
+ (jsc#SLE-22601).
+- drm/i915/ttm: fix static warning (jsc#SLE-22601).
+- drm/i915/eb: Fix pagefault disabling in the first slowpath
+ (jsc#SLE-22601).
+- drm/i915: Document the Virtual Engine uAPI (jsc#SLE-22601).
+- drm/i915/guc: Update firmware to v62.0.0 (jsc#SLE-22601).
+- drm/i915/guc: Introduce unified HXG messages (jsc#SLE-22601).
+- drm/i915: Move submission tasklet to i915_sched_engine
+ (jsc#SLE-22601).
+- drm/i915: Update i915_scheduler to operate on i915_sched_engine
+ (jsc#SLE-22601).
+- drm/i915: Add kick_backend function to i915_sched_engine
+ (jsc#SLE-22601).
+- drm/i915: Move engine->schedule to i915_sched_engine
+ (jsc#SLE-22601).
+- drm/i915: Move active tracking to i915_sched_engine
+ (jsc#SLE-22601).
+- drm/i915: Reset sched_engine.no_priolist immediately after
+ dequeue (jsc#SLE-22601).
+- drm/i915: Add i915_sched_engine_is_empty function
+ (jsc#SLE-22601).
+- drm/i915: Move priolist to new i915_sched_engine object
+ (jsc#SLE-22601).
+- drm/i915/selftests: add back the selftest() hook for the buddy
+ (jsc#SLE-22601).
+- drm/i915/ttm: Fix incorrect assumptions about ttm_bo_validate()
+ semantics (jsc#SLE-22601).
+- drm/i915: Add support for explicit L3BANK steering
+ (jsc#SLE-22601).
+- drm/i915: Add GT support for multiple types of multicast
+ steering (jsc#SLE-22601).
+- drm/i915: extract steered reg access to common function
+ (jsc#SLE-22601).
+- drm/i915: Remove duplicate include of intel_region_lmem.h
+ (jsc#SLE-22601).
+- drm/i915: Perform execbuffer object locking as a separate step
+ (jsc#SLE-22601).
+- drm/i915/gem: Zap the i915_gem_object_blt code (jsc#SLE-22601).
+- drm/i915/gem: Zap the client blt code (jsc#SLE-22601).
+- drm/i915/ttm: accelerated move implementation (jsc#SLE-22601).
+- drm/i915/gt: Setup a default migration context on the GT
+ (jsc#SLE-22601).
+- drm/i915/gt: Pipelined clear (jsc#SLE-22601).
+- drm/i915/gt: Pipelined page migration (jsc#SLE-22601).
+- drm/i915/gt: Export the pinned context constructor and
+ destructor (jsc#SLE-22601).
+- drm/i915/gt: Add a routine to iterate over the pagetables of
+ a GTT (jsc#SLE-22601).
+- drm/i915/gt: Add an insert_entry for gen8_ppgtt (jsc#SLE-22601).
+- drm/i915: Introduce a ww transaction helper (jsc#SLE-22601).
+- drm/i915: Break out dma_resv ww locking utilities to separate
+ files (jsc#SLE-22601).
+- drm/i915: Reference objects on the ww object list
+ (jsc#SLE-22601).
+- drm/i915/ttm: remove unused function (jsc#SLE-22601).
+- drm/i915/gem: Remove duplicated call to ops->pread
+ (jsc#SLE-22601).
+- drm/i915/ttm: restore min_page_size behaviour (jsc#SLE-22601).
+- drm/i915/ttm: switch over to ttm_buddy_man (jsc#SLE-22601).
+- drm/i915/ttm: remove node usage in our naming (jsc#SLE-22601).
+- drm/i915/ttm: pass along the I915_BO_ALLOC_CONTIGUOUS
+ (jsc#SLE-22601).
+- drm/i915/ttm: Calculate the object placement at get_pages time
+ (jsc#SLE-22601).
+- drm/i915/ttm: add i915_sg_from_buddy_resource (jsc#SLE-22601).
+- drm/i915/ttm: add ttm_buddy_man (jsc#SLE-22601).
+- drm/i915/ttm: Fix memory leaks (jsc#SLE-22601).
+- drm/i915/adl_p: Add initial ADL_P Workarounds (jsc#SLE-22601).
+- drm/i915: Simplify userptr locking (jsc#SLE-22601).
+ Refresh
+ patches.suse/lib-scatterlist-Provide-a-dedicated-function-to-supp.patch.
+- drm/i915: Fix busy ioctl commentary (jsc#SLE-22601).
+- drm/aperture: Pass DRM driver structure instead of driver name
+ (jsc#SLE-22601).
+- drm/i915: Track IRQ state in local device state (jsc#SLE-22601).
+- dma-buf: add dma_fence_chain_alloc/free v3 (jsc#SLE-22601).
+- drm/i915: Use ttm mmap handling for ttm bo's (jsc#SLE-22601).
+- drm/vma: Add a driver_private member to vma_node
+ (jsc#SLE-22601).
+- drm/i915/lmem: Verify checks for lmem residency (jsc#SLE-22601).
+- drm/i915/ttm: Introduce a TTM i915 gem object backend
+ (jsc#SLE-22601).
+ Refresh
+ patches.suse/lib-scatterlist-Provide-a-dedicated-function-to-supp.patch.
+- drm/dp: Extract i915's eDP backlight code into DRM helpers
+ (jsc#SLE-22601).
+- drm/i915/dpcd_bl: Print return codes for VESA backlight failures
+ (jsc#SLE-22601).
+- drm/i915/dpcd_bl: Return early in vesa_calc_max_backlight if
+ we can't read PWMGEN_BIT_COUNT (jsc#SLE-22601).
+- drm/i915/dpcd_bl: Move VESA backlight enabling code closer
+ together (jsc#SLE-22601).
+- drm/i915/dpcd_bl: Cache some backlight capabilities in
+ intel_panel.backlight (jsc#SLE-22601).
+- drm/i915/dpcd_bl: Cleanup intel_dp_aux_vesa_enable_backlight()
+ a bit (jsc#SLE-22601).
+- drm/i915/dpcd_bl: Handle drm_dpcd_read/write() return values
+ correctly (jsc#SLE-22601).
+- drm/i915/dpcd_bl: Remove redundant AUX backlight frequency
+ calculations (jsc#SLE-22601).
+- gpu/drm/i915: nuke old GEN macros (jsc#SLE-22601).
+- drm/i915: finish INTEL_GEN and friends conversion
+ (jsc#SLE-22601).
+- drm/i915/hdcp: Nuke Platform check for mst hdcp init
+ (jsc#SLE-22601).
+- drm/i915/display: check if compressed_llb was allocated
+ (jsc#SLE-22601).
+- drm/i915/display: Fix state mismatch in drm infoframe
+ (jsc#SLE-22601).
+- drm/i915/ehl: Remove require_force_probe protection
+ (jsc#SLE-22601).
+- drm/i915/jsl: Remove require_force_probe protection
+ (jsc#SLE-22601).
+- drm/i915/display: use max_level to control loop (jsc#SLE-22601).
+- drm/i915/display: fix level 0 adjustement on display ver >=
+ 12 (jsc#SLE-22601).
+- drm/i915/display/adl_p: Implement Wa_16011303918
+ (jsc#SLE-22601).
+- drm/i915/xelpd: Handle PSR2 SDP indication in the prior scanline
+ (jsc#SLE-22601).
+- drm/i915/display/adl_p: Implement Wa_16011168373
+ (jsc#SLE-22601).
+- drm/i915/display/adl_p: Implement Wa_22012278275
+ (jsc#SLE-22601).
+- drm/i915/display/psr: Handle SU Y granularity (jsc#SLE-22601).
+- drm/i915: s/intel_crtc/crtc/ (jsc#SLE-22601).
+- drm/i915: Clean up intel_fbdev_init_bios() a bit
+ (jsc#SLE-22601).
+- drm/i915: Clean up pre-skl wm calling convention
+ (jsc#SLE-22601).
+- drm/i915: Clean up intel_find_initial_plane_obj() a bit
+ (jsc#SLE-22601).
+- drm/i915: Clean up intel_get_load_detect_pipe() a bit
+ (jsc#SLE-22601).
+- drm/i915: Stop hand rolling drm_crtc_mask() (jsc#SLE-22601).
+- drm/i915/fbc: Allocate llb before cfb (jsc#SLE-22601).
+- drm/i915/fbc: Make the cfb allocation loop a bit more legible
+ (jsc#SLE-22601).
+- drm/i915/fbc: Extract intel_fbc_stolen_end() (jsc#SLE-22601).
+- drm/i915/fbc: Introduce g4x_dpfc_ctl_limit() (jsc#SLE-22601).
+- drm/i915/fbc: Handle 16bpp compression limit better
+ (jsc#SLE-22601).
+- drm/i915/fbc: Don't pass around the mm node (jsc#SLE-22601).
+- drm/i915/fbc: Embed the compressed_llb node (jsc#SLE-22601).
+- drm/i915/fbc: Extract intel_fbc_program_cfb() (jsc#SLE-22601).
+- drm/i915/fbc: s/threshold/limit/ (jsc#SLE-22601).
+- drm/i915: Add the missing adls vswing tables (jsc#SLE-22601).
+- drm/i915: Nuke buf_trans hdmi functions (jsc#SLE-22601).
+- drm/i915: Clean up jsl/ehl buf trans functions (jsc#SLE-22601).
+- drm/i915: Fix ehl edp hbr2 vswing table (jsc#SLE-22601).
+- drm/i915: keep backlight_enable on until turn eDP display off
+ (jsc#SLE-22601).
+- drm/i915: Deduplicate icl DP HBR2 vs. eDP HBR3 table
+ (jsc#SLE-22601).
+- drm/i915: Fix dg1 buf trans tables (jsc#SLE-22601).
+- drm/i915: Introduce rkl_get_combo_buf_trans() (jsc#SLE-22601).
+- drm/i915: Clean up hsw/bdw/skl/kbl buf trans funcs
+ (jsc#SLE-22601).
+- drm/i915: Introduce encoder->get_buf_trans() (jsc#SLE-22601).
+- drm/i915: Store the HDMI default entry in the bug trans struct
+ (jsc#SLE-22601).
+- drm/i915; Return the whole buf_trans struct from get_buf_trans()
+ (jsc#SLE-22601).
+- drm/i915: Introduce intel_get_buf_trans() (jsc#SLE-22601).
+- drm/i915: Wrap the buf trans tables into a struct
+ (jsc#SLE-22601).
+- drm/i915: Rename dkl phy buf trans tables (jsc#SLE-22601).
+- drm/i915: Wrap the platform specific buf trans structs into
+ a union (jsc#SLE-22601).
+- drm/i915: Introduce hsw_get_buf_trans() (jsc#SLE-22601).
+- drm/i915: s/intel/hsw/ for hsw/bdw/skl buf trans
+ (jsc#SLE-22601).
+- drm/i915/adl_p: Load DMC (jsc#SLE-22601).
+- drm/i915/adl_p: Pipe B DMC Support (jsc#SLE-22601).
+- drm/i915/xelpd: Pipe A DMC plugging (jsc#SLE-22601).
+- drm/i915/dmc: Introduce DMC_FW_MAIN (jsc#SLE-22601).
+- drm/i915: Force a TypeC PHY disconnect during suspend/shutdown
+ (jsc#SLE-22601).
+- drm/i915/xelpd: break feature inheritance (jsc#SLE-22601).
+- drm/i915: apply WaEnableVGAAccessThroughIOPort as needed
+ (jsc#SLE-22601).
+- commit a14349b
+
+- block: Hold invalidate_lock in BLKZEROOUT ioctl (bsc#1183392).
+ This patch series fixes the block/009 test which can fail with a low failure
+ rate of about 1/1400. I've tested this series with kernel-ci against the
+ baseline and found no regressions.
+- block: Hold invalidate_lock in BLKDISCARD ioctl (bsc#1183392).
+- mm: Add functions to lock invalidate_lock for two mappings
+ (bsc#1183392).
+- mm: Protect operations adding pages to page cache with
+ invalidate_lock (bsc#1183392).
+- commit 2ea6207
+
+- printk: restore flushing of NMI buffers on remote CPUs after
+ NMI backtraces (bsc#1192988).
+- commit 21c31a1
+
+- printk: Remove printk.h inclusion in percpu.h (bsc#1192987).
+- commit b339baf
+
+- ethernet: chelsio: use eth_hw_addr_set() (jsc#SLE-18992).
+- net: chelsio: cxgb4vf: Make use of the helper function
+ dev_err_probe() (jsc#SLE-18992).
+- cxgb4: Search VPD with pci_vpd_find_ro_info_keyword()
+ (jsc#SLE-18992).
+- cxgb4: Remove unused vpd_param member ec (jsc#SLE-18992).
+- cxgb4: Validate VPD checksum with pci_vpd_check_csum()
+ (jsc#SLE-18992).
+- cxgb4: Properly revert VPD changes (jsc#SLE-18992).
+- cxgb4: improve printing NIC information (jsc#SLE-18992).
+- net: chelsio: switch from 'pci_' to 'dma_' API (jsc#SLE-18992).
+- Revert "cxgb4: Validate VPD checksum with pci_vpd_check_csum()"
+ (jsc#SLE-18992).
+- Revert "Revert "cxgb4: Search VPD with
+ pci_vpd_find_ro_info_keyword()"" (jsc#SLE-18992).
+- Revert "cxgb4: Search VPD with pci_vpd_find_ro_info_keyword()"
+ (jsc#SLE-18992).
+- cxgb4: Search VPD with pci_vpd_find_ro_info_keyword()
+ (jsc#SLE-18992).
+- cxgb4: Remove unused vpd_param member ec (jsc#SLE-18992).
+- cxgb4: Validate VPD checksum with pci_vpd_check_csum()
+ (jsc#SLE-18992).
+- cxgb4: make the array match_all_mac static, makes object smaller
+ (jsc#SLE-18992).
+- commit e59b97c
+
+- RDMA/nldev: Check stat attribute before accessing it
+ (jsc#SLE-19249).
+- RDMA/mlx4: Do not fail the registration on port stats
+ (jsc#SLE-19255).
+- IB/hfi1: Properly allocate rdma counter desc memory
+ (jsc#SLE-19242).
+- RDMA/core: Set send and receive CQ before forwarding to the
+ driver (jsc#SLE-19249).
+- i40e: Fix display error code in dmesg (jsc#SLE-18378).
+- i40e: Fix creation of first queue by omitting it if is not
+ power of two (jsc#SLE-18378).
+- i40e: Fix warning message and call stack during rmmod i40e
+ driver (jsc#SLE-18378).
+- i40e: Fix ping is lost after configuring ADq on VF
+ (jsc#SLE-18378).
+- i40e: Fix changing previously set num_queue_pairs for PFs
+ (jsc#SLE-18378).
+- i40e: Fix NULL ptr dereference on VSI filter sync
+ (jsc#SLE-18378).
+- i40e: Fix correct max_pkt_size on VF RX queue (jsc#SLE-18378).
+- devlink: Don't throw an error if flash notification sent before
+ devlink visible (jsc#SLE-19253).
+- net/mlx5: E-Switch, return error if encap isn't supported
+ (jsc#SLE-19253).
+- net/mlx5: Lag, update tracker when state change event received
+ (jsc#SLE-19253).
+- net/mlx5e: CT, Fix multiple allocations and memleak of mod acts
+ (jsc#SLE-19253).
+- net/mlx5: Fix flow counters SF bulk query len (jsc#SLE-19253).
+- net/mlx5: E-Switch, rebuild lag only when needed
+ (jsc#SLE-19253).
+- net/mlx5: Update error handler for UCTX and UMEM
+ (jsc#SLE-19253).
+- net/mlx5: DR, Fix check for unsupported fields in match param
+ (jsc#SLE-19253).
+- net/mlx5: DR, Handle eswitch manager and uplink vports
+ separately (jsc#SLE-19253).
+- net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove()
+ (jsc#SLE-19253).
+- net/mlx5: E-Switch, Fix resetting of encap mode when entering
+ switchdev (jsc#SLE-19253).
+- net/mlx5e: Wait for concurrent flow deletion during neigh/fib
+ events (jsc#SLE-19253).
+- net/mlx5e: kTLS, Fix crash in RX resync flow (jsc#SLE-19253).
+- net: sched: act_mirred: drop dst for the direction from egress
+ to ingress (git-fixes).
+- bnxt_en: Fix compile error regression when CONFIG_BNXT_SRIOV
+ is not set (jsc#SLE-18978).
+- udp: Validate checksum in udp_read_sock() (git-fixes).
+- xsk: Fix crash on double free in buffer pool (jsc#SLE-18375).
+- iavf: Restore VLAN filters after link down (jsc#SLE-18385).
+- iavf: Fix for setting queues to 0 (jsc#SLE-18385).
+- iavf: Fix for the false positive ASQ/ARQ errors while issuing
+ VF reset (jsc#SLE-18385).
+- iavf: validate pointers (jsc#SLE-18385).
+- iavf: prevent accidental free of filter structure
+ (jsc#SLE-18385).
+- iavf: Fix failure to exit out from last all-multicast mode
+ (jsc#SLE-18385).
+- iavf: don't clear a lock we don't hold (jsc#SLE-18385).
+- iavf: free q_vectors before queues in iavf_disable_vf
+ (jsc#SLE-18385).
+- iavf: check for null in iavf_fix_features (jsc#SLE-18385).
+- iavf: Fix return of set the new channel count (jsc#SLE-18385).
+- bnxt_en: reject indirect blk offload when hw-tc-offload is off
+ (jsc#SLE-18978).
+- bnxt_en: fix format specifier in live patch error message
+ (jsc#SLE-18978).
+- bnxt_en: extend RTNL to VF check in devlink driver_reinit
+ (jsc#SLE-18978).
+- net: bnx2x: fix variable dereferenced before check
+ (jsc#SLE-18274).
+- ethernet: bnx2x: use eth_hw_addr_set() (jsc#SLE-18274).
+- bnx2x: Search VPD with pci_vpd_find_ro_info_keyword()
+ (jsc#SLE-18274).
+- bnx2x: Read VPD with pci_vpd_alloc() (jsc#SLE-18274).
+- bnx2x: remove unused variable 'cur_data_offset' (jsc#SLE-18274).
+- commit 4626034
+
+- kernel-source.spec: install-kernel-tools also required on 15.4
+- commit 6cefb55
+
+- dmanegine: idxd: fix resource free ordering on driver removal
+ (git-fixes).
+- ALSA: usb-audio: Fix possible race at sync of urb completions
+ (git-fixes).
+- Bluetooth: call sock_hold earlier in sco_conn_del (git-fixes).
+- commit c31b8d8
+
+- blacklist.conf: 70a9ac36ffd8 ("f2fs: fix up f2fs_lookup tracepoints")
+ CONFIG_F2FS_FS is not set anywhere.
+- commit 192a1c3
+
+- tracing/histogram: Do not copy the fixed-size char array field
+ over the field size (git-fixes).
+- commit c8df0a0
+
+- blacklist.conf: 172f7ba9772c ("ftrace: Make ftrace_profile_pages_init static")
+ A cosmetic fix.
+- commit 99f4114
+
+- tracing: use %ps format string to print symbols (git-fixes).
+- commit 11044ff
+
+- Drivers: hv: vmbus: Initialize VMbus ring buffer for Isolation VM (bsc#1183682).
+- Update config files.
+- commit a524613
+
+- config: disable unprivileged BPF by default (jsc#SLE-22573)
+ Backport of mainline commit 8a03e56b253e ("bpf: Disallow unprivileged bpf
+ by default") only changes kconfig default, used e.g. for "make oldconfig"
+ when the config option is missing, but does not update our kernel configs
+ used for build. Update also these to make sure unprivileged BPF is really
+ disabled by default.
+- commit 4a1e78c
+
+- Drivers: hv: vmbus: Add SNP support for VMbus channel initiate
+ message (bsc#1183682).
+- x86/hyperv: Add ghcb hvcall support for SNP VM (bsc#1183682).
+- x86/hyperv: Add Write/Read MSR registers via ghcb page
+ (bsc#1183682).
+- Drivers: hv: vmbus: Mark vmbus ring buffer visible to host in
+ Isolation VM (bsc#1183682).
+- x86/hyperv: Add new hvcall guest address host visibility support
+ (bsc#1183682).
+- x86/hyperv: Initialize shared memory boundary in the Isolation
+ VM (bsc#1183682).
+- x86/hyperv: Initialize GHCB page in Isolation VM (bsc#1183682).
+- x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV
+ (bsc#1183682).
+- commit 7b9b378
+
+- x86/sev: Allow #VC exceptions on the VC2 stack (git-fixes).
+- commit a295ccf
+
+- pstore/blk: Use "%lu" to format unsigned long (git-fixes).
+- commit 4c246a2
+
+- Linux 5.14.21 (stable-5.14.21).
+- commit ccb8dac
+
+- Revert "ACPI: scan: Release PM resources blocked by unused
+ objects" (stable-5.14.21).
+- KVM: Fix steal time asm constraints (stable-5.14.21).
+- parisc/entry: fix trace test in syscall exit path
+ (stable-5.14.21).
+- PCI/MSI: Destroy sysfs before freeing entries (stable-5.14.21).
+- PCI: Add MSI masking quirk for Nvidia ION AHCI (stable-5.14.21).
+- PCI/MSI: Deal with devices lying about their MSI mask capability
+ (stable-5.14.21).
+- perf/core: Avoid put_page() when GUP fails (stable-5.14.21).
+- thermal: Fix NULL pointer dereferences in of_thermal_ functions
+ (stable-5.14.21).
+- Bluetooth: btusb: Add support for TP-Link UB500 Adapter
+ (stable-5.14.21).
+- fortify: Explicitly disable Clang support (stable-5.14.21).
+- loop: Use blk_validate_block_size() to validate block size
+ (stable-5.14.21).
+- block: Add a helper to validate the block size (stable-5.14.21).
+- bootconfig: init: Fix memblock leak in xbc_make_cmdline()
+ (stable-5.14.21).
+- commit 5099a2b
+
+- Update patch references for stable-5.14.21
+- commit b78e4e4
+
+- Revert "mark pstore-blk as broken" (git-fixes).
+- Update config files.
+- supported.conf: adjust for pstore_blk and co
+- commit 79eccc2
+
+- pinctrl: qcom: sm8350: Correct UFS and SDC offsets (git-fixes).
+- pinctrl: qcom: sdm845: Enable dual edge errata (git-fixes).
+- pinctrl: ralink: include 'ralink_regs.h' in 'pinctrl-mt7620.c'
+ (git-fixes).
+- ACPI: Add stubs for wakeup handler functions (git-fixes).
+- commit 7d34774
+
+- blacklist.conf: add media patch entry that was already picked up
+- commit 262559d
+
+- ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE
+ (bsc#1192473).
+- commit a604fd5
+
+- NFC: reorder the logic in nfc_{un,}register_device (git-fixes).
+- Refresh
+ patches.suse/NFC-SUSE-specific-brutal-fix-for-runtime-PM.patch.
+- commit 58d673a
+
+- Revert "drm/i915/tgl/dsi: Gate the ddi clocks after pll mapping"
+ (git-fixes).
+- fbdev: Prevent probing generic drivers if a FB is already
+ registered (git-fixes).
+- drm/cma-helper: Release non-coherent memory with
+ dma_free_noncoherent() (git-fixes).
+- drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
+ (git-fixes).
+- thermal: int340x: Limit Kconfig to 64-bit (git-fixes).
+- platform/x86: think-lmi: Abort probe on analyze failure
+ (git-fixes).
+- platform/x86: hp_accel: Fix an error handling path in
+ 'lis3lv02d_probe()' (git-fixes).
+- spi: fix use-after-free of the add_lock mutex (git-fixes).
+- e100: fix device suspend/resume (git-fixes).
+- NFC: add NCI_UNREG flag to eliminate the race (git-fixes).
+- NFC: reorganize the functions in nci_request (git-fixes).
+- mac80211: fix monitor_sdata RCU/locking assertions (git-fixes).
+- mac80211: drop check for DONT_REORDER in
+ __ieee80211_select_queue (git-fixes).
+- nl80211: fix radio statistics in survey dump (git-fixes).
+- cfg80211: call cfg80211_stop_ap when switch from P2P_GO type
+ (git-fixes).
+- docs: accounting: update delay-accounting.rst reference
+ (git-fixes).
+- commit 195d274
+
+- powerpc/pseries/svm: Add a powerpc version of cc_platform_has() (jsc#SLE-19924).
+- Update config files.
+- commit d22f826
+
+- btrfs: update comments for chunk allocation -ENOSPC cases
+ (bsc#1192896).
+- btrfs: fix deadlock between chunk allocation and chunk btree
+ modifications (bsc#1192896).
+- commit 09c9eb3
+
+- blacklist.conf: Add b94f9ac79a73 cgroup/cpuset: Change references of cpuset_mutex to cpuset_rwsem
+- commit b3581c2
+
+- x86/sme: Use #define USE_EARLY_PGTABLE_L5 in
+ mem_encrypt_identity.c (bsc#1192547).
+- treewide: Replace the use of mem_encrypt_active() with
+ cc_platform_has() (jsc#SLE-19924).
+- x86/sev: Replace occurrences of sev_es_active() with
+ cc_platform_has() (jsc#SLE-19924).
+- x86/sev: Replace occurrences of sev_active() with
+ cc_platform_has() (jsc#SLE-19924).
+- x86/sme: Replace occurrences of sme_active() with
+ cc_platform_has() (jsc#SLE-19924).
+- x86/ioremap: Selectively build arch override encryption
+ functions (jsc#SLE-19924).
+- powerpc/svm: Don't issue ultracalls if !mem_encrypt_active()
+ (jsc#SLE-19924).
+- commit c6b9314
+
+- memcg: replace in_interrupt() by !in_task() in active_memcg()
+ (bsc#1192894).
+- commit 8c447eb
+
+- Update metadata
+ patches.suse/bpf-cgroup-Assign-cgroup-in-cgroup_sk_alloc-when-cal.patch
+ (stable-5.14.19 bsc#1191279).
+- Update metadata
+ patches.suse/bpf-cgroups-Fix-cgroup-v2-fallback-on-v1-v2-mixed-mo.patch
+ (stable-5.14.19 bsc#1191279).
+- commit 590ab5b
+
+- btrfs: fix memory ordering between normal and ordered work functions (git-fixes).
+- commit 0b78f1b
+
+- Eradicate Patch-mainline: No
+ The pre-commit check can reject this deprecated tag then.
+- Refresh patches.suse/acpi_thinkpad_introduce_acpi_root_table_boot_param.patch.
+- Refresh patches.suse/btrfs-provide-super_operations-get_inode_dev.
+- Refresh patches.suse/intel_idle-Disable-ACPI-_CST-on-Haswell.patch
+- commit 50b72c3
+
+- pinctrl: tegra: Return const pointer from
+ tegra_pinctrl_get_group() (jsc#SLE-20498).
+- usb: xhci: tegra: Check padctrl interrupt presence in device
+ tree (git-fixes).
+- dmaengine: tegra210-adma: Override ADMA FIFO size
+ (jsc#SLE-20498).
+- dmaengine: tegra210-adma: Add description for
+ 'adma_get_burst_config' (jsc#SLE-20498).
+- dmaengine: tegra210-adma: Re-order 'has_outstanding_reqs'
+ member (jsc#SLE-20498).
+- gpio: tegra186: Support multiple interrupts per bank
+ (jsc#SLE-20498).
+- gpio: tegra186: Force one interrupt per bank (jsc#SLE-20498).
+- i2c: tegra: Ensure that device is suspended before driver is
+ removed (git-fixes).
+- pinctrl: tegra: Fix warnings and error (jsc#SLE-20498).
+- pinctrl: tegra: Use correct offset for pin group
+ (jsc#SLE-20498).
+- pinctrl: tegra: Add pinmux support for Tegra194 (jsc#SLE-20498).
+- pinctrl: tegra: include lpdr pin properties (jsc#SLE-20498).
+- usb: phy: tegra: Support OTG mode programming (git-fixes).
+- memory: tegra186-emc: Handle errors in BPMP response
+ (jsc#SLE-20498).
+- soc/tegra: Add Tegra186 ARI driver (jsc#SLE-20498).
+- cpufreq: tegra186/tegra194: Handle errors in BPMP response
+ (jsc#SLE-20498).
+- spi: tegra210-quad: Put device into suspend on driver removal
+ (git-fixes).
+- regulator: Don't error out fixed regulator in
+ regulator_sync_voltage() (git-fixes).
+- thermal/drivers/tegra-soctherm: Silence message about clamped
+ temperature (git-fixes).
+- PCI: tegra194: Cleanup unused code (jsc#SLE-20498).
+- PCI: tegra194: Don't allow suspend when Tegra PCIe is in EP mode
+ (jsc#SLE-20498).
+- PCI: tegra194: Disable interrupts before entering L2
+ (jsc#SLE-20498).
+- gpio: tegra186: Add ACPI support (jsc#SLE-20498).
+- clk: tegra: Remove CLK_IS_CRITICAL flag from fuse clock
+ (git-fixes).
+- soc/tegra: fuse: Enable fuse clock on suspend for Tegra124
+ (git-fixes).
+- soc/tegra: fuse: Add runtime PM support (git-fixes).
+- soc/tegra: fuse: Clear fuse->clk on driver probe failure
+ (git-fixes).
+- soc/tegra: pmc: Prevent racing with cpuilde driver (git-fixes).
+- ASoC: rt5640: Silence warning message about missing interrupt
+ (git-fixes).
+- commit 1fc03e4
+
+- Update config files: bump to 5.14.20
+- commit c08e20b
+
+- Linux 5.14.20 (stable-5.14.20).
+- commit 1a4044c
+
+- Drop x86 patch to follow a stable-5.14.20 revert
+ Other two (sched and x86 fixes) were reverted in 5.14.20 but we keep them
+ Delete patches.suse/x86-Fix-__get_wchan-for-STACKTRACE.patch
+ Update blacklist.conf
+- commit 6440d2c
+
+- x86/setup: Explicitly include acpi.h (bsc#1192825).
+- commit 915b5b4
+
+- iscsi_ibft: fix warning in reserve_ibft_region() (bsc#1191540).
+- commit 4ad3fae
+
+- e1000e: Add support for the next LOM generation (jsc#SLE-18382).
+- Refresh
+ patches.suse/e1000e-Separate-TGP-board-type-from-SPT.patch.
+- commit 92196b6
+
+- e1000e: Add support for Lunar Lake (jsc#SLE-18382).
+- Refresh
+ patches.suse/e1000e-Separate-TGP-board-type-from-SPT.patch.
+- commit d86918a
+
+- e1000e: Remove redundant statement (jsc#SLE-18382).
+- ionic: no devlink_unregister if not registered (jsc#SLE-19282).
+- ionic: tame the filter no space message (jsc#SLE-19282).
+- ionic: allow adminq requests to override default error message
+ (jsc#SLE-19282).
+- ionic: handle vlan id overflow (jsc#SLE-19282).
+- ionic: generic filter delete (jsc#SLE-19282).
+- ionic: generic filter add (jsc#SLE-19282).
+- ionic: add generic filter search (jsc#SLE-19282).
+- ionic: remove mac overflow flags (jsc#SLE-19282).
+- ionic: move lif mac address functions (jsc#SLE-19282).
+- ionic: add filterlist to debugfs (jsc#SLE-19282).
+- ionic: add lif param to ionic_qcq_disable (jsc#SLE-19282).
+- ionic: have ionic_qcq_disable decide on sending to hardware
+ (jsc#SLE-19282).
+- ionic: add polling to adminq wait (jsc#SLE-19282).
+- ionic: widen queue_lock use around lif init and deinit
+ (jsc#SLE-19282).
+- ionic: move lif mutex setup and delete (jsc#SLE-19282).
+- ionic: check for binary values in FW ver string (jsc#SLE-19282).
+- ionic: remove debug stats (jsc#SLE-19282).
+- ionic: Move devlink registration to be last devlink command
+ (jsc#SLE-19282).
+- net: e1000e: solve insmod 'Unknown symbol mutex_lock' error
+ (jsc#SLE-18382).
+- net/e1000e: Fix spelling mistake "The" -> "This"
+ (jsc#SLE-18382).
+- e1000e: Add space to the debug print (jsc#SLE-18382).
+- e1000e: Additional PHY power saving in S0ix (jsc#SLE-18382).
+- e1000e: Add polling mechanism to indicate CSME DPG exit
+ (jsc#SLE-18382).
+- e1000e: Add handshake with the CSME to support S0ix
+ (jsc#SLE-18382).
+- commit 405902c
+
+- PCI: PM: Do not call platform_pci_power_manageable()
+ unnecessarily (jsc#SLE-19359).
+- commit 18069d0
+
+- PCI: PM: Make pci_choose_state() call pci_target_state()
+ (jsc#SLE-19359).
+- commit 397bfa6
+
+- PCI: PM: Rearrange pci_target_state() (jsc#SLE-19359).
+- commit 6bb9c14
+
+- PCI: endpoint: Use sysfs_emit() in "show" functions
+ (jsc#SLE-19359).
+- commit 9243675
+
+- PCI: ACPI: PM: Do not use pci_platform_pm_ops for ACPI
+ (jsc#SLE-19359).
+- commit 96c7dd9
+
+- PCI: PM: Do not use pci_platform_pm_ops for Intel MID PM
+ (jsc#SLE-19359).
+- commit 7e981c8
+
+- PCI: Tidy comments (git-fixes).
+- commit 125067a
+
+- iscsi_ibft: Fix isa_bus_to_virt not working under ARM
+ (bsc#1191540).
+- iscsi_ibft: fix crash due to KASLR physical memory remapping
+ (bsc#1191540).
+- commit 64cab0a
+
+- kernel-*-subpackage: Add dependency on kernel scriptlets (bsc#1192740).
+- commit a133bf4
+
+- Fix problem with missing installkernel on Tumbleweed.
+- commit 2ed6686
+
+- char/random: reinstantiate DRBGs once optimized sha512 becomes
+ available (jsc#SLE-21132,bsc#1191259).
+- commit f4f5829
+
+- char/random: wire up userspace interface to SP800-90B compliant
+ drbg (jsc#SLE-21132,bsc#1191259).
+- commit 08f937f
+
kernel-firmware
+- Update to version 20211123:
+ * linux-firmware: Update firmware file for Intel Bluetooth 9462
+ * linux-firmware: Update firmware file for Intel Bluetooth 9462
+ * linux-firmware: Update firmware file for Intel Bluetooth 9560
+ * linux-firmware: Update firmware file for Intel Bluetooth 9560
+ * linux-firmware: Update firmware file for Intel Bluetooth AX201
+ * linux-firmware: Update firmware file for Intel Bluetooth AX201
+ * linux-firmware: Update firmware file for Intel Bluetooth AX211
+ * linux-firmware: Update firmware file for Intel Bluetooth AX211
+ * linux-firmware: Update firmware file for Intel Bluetooth AX210
+ * linux-firmware: Update firmware file for Intel Bluetooth 9560
+ * linux-firmware: Update firmware file for Intel Bluetooth 9260
+ * linux-firmware: Update firmware file for Intel Bluetooth AX200
+ * linux-firmware: Update firmware file for Intel Bluetooth AX201
+ * amdgpu: update yellow carp dmcub firmware
+ * amdgpu: update vangogh DMCUB firmware
+ * Update ath10k/QCA6174/hw3.0/board-2.bin
+ * mrvl: prestera: Update Marvell Prestera Switchdev v4.0
+ * QCA: Add Bluetooth firmware for WCN685x
+- Fix the script to adapt ZSTD compressed modules (jsc#SLE-21256)
+- Update _service to follow branch main instead
+- Update aliases
+
kernel-firmware:compressed
+- Update to version 20211123:
+ * linux-firmware: Update firmware file for Intel Bluetooth 9462
+ * linux-firmware: Update firmware file for Intel Bluetooth 9462
+ * linux-firmware: Update firmware file for Intel Bluetooth 9560
+ * linux-firmware: Update firmware file for Intel Bluetooth 9560
+ * linux-firmware: Update firmware file for Intel Bluetooth AX201
+ * linux-firmware: Update firmware file for Intel Bluetooth AX201
+ * linux-firmware: Update firmware file for Intel Bluetooth AX211
+ * linux-firmware: Update firmware file for Intel Bluetooth AX211
+ * linux-firmware: Update firmware file for Intel Bluetooth AX210
+ * linux-firmware: Update firmware file for Intel Bluetooth 9560
+ * linux-firmware: Update firmware file for Intel Bluetooth 9260
+ * linux-firmware: Update firmware file for Intel Bluetooth AX200
+ * linux-firmware: Update firmware file for Intel Bluetooth AX201
+ * amdgpu: update yellow carp dmcub firmware
+ * amdgpu: update vangogh DMCUB firmware
+ * Update ath10k/QCA6174/hw3.0/board-2.bin
+ * mrvl: prestera: Update Marvell Prestera Switchdev v4.0
+ * QCA: Add Bluetooth firmware for WCN685x
+- Fix the script to adapt ZSTD compressed modules (jsc#SLE-21256)
+- Update _service to follow branch main instead
+- Update aliases
+
kmod
+- Enable ZSTD on 15.3 as well (boo#1192104).
+- Only test ZSTD in testsuite on releases where it is available.
+
ldb
+- Update to version 2.4.1
+ + Corrected python behaviour for 'in' for LDAP attributes
+ contained as part of ldb.Message; (bso#14845);
+ + Fix memory handling in ldb.msg_diff; (bso#14836);
+ + Corrected python docstrings
+
libapparmor
-- update to AppArmor 2.13.6
- - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.6
+- Modify add-samba-bgqd.diff: Add new rule to fix new "DENIED
+ operation="file_mmap" violation in SLE15-SP4; (bsc#1192336).
+
+- add aa-notify-more-arch-mr809.diff: Add support for reading s390x
+ and aarch64 wtmp files (boo#1181155)
+
+- add add-samba-bgqd.diff: add profile for samba-bgqd (boo#1191532)
+
+- lessopen.sh profile: allow reading files that live on NFS over UDP
+ (added to apparmor-lessopen-nfs-workaround.diff) (boo#1190552)
+
+- add profiles-python-3.10-mr783.diff: update abstractions/python and
+ profiles for python 3.10
+
+- update to AppArmor 3.0.3
+ - fix a failure in the parser tests
+ - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.3
+ for the detailed upstream changelog
+
+- update to AppArmor 3.0.2
+ - add missing permissions to several profiles and abstractions
+ (including boo#1188296)
+ - bugfixes in utils and parser (including boo#1180766 and boo#1184779)
+ - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.2
+ for the detailed upstream changelog
+- remove upstreamed patches:
+ - apparmor-dovecot-stats-metrics.diff
+ - abstractions-php8.diff
+ - crypto-policies-mr720.diff
+
+- added apparmor-dovecot-stats-metrics.diff to allow Prometheus metrics end-point
+
+- move Requires: python3 back to the python3-apparmor subpackage -
+ readline usage is in the python modules, not in apparmor-utils
+
+- Remove python symbols (python means currently python2), work
+ only with python3 ones (fallout from bsc#1185588).
+
+- add abstractions-php8.diff to support PHP8 in abstractions/php (boo#1186267)
+
+- add crypto-policies-mr720.diff to allow reading crypto policies
+ in abstractions/ssl_certs (boo#1183597)
+
+- replace %{?systemd_requires} with %{?systemd_ordering} to avoid dragging in
+ systemd into containers just because apparmor-parser ships a *.service file
+
+- merge libapparmor.changes into apparmor.changes
+
+- avoid file listed twice error
+
+- define %_pamdir for <= 15.x to fix the build on those releases
+
+- add apache-extra-profile-include-if-exists.diff: make <apache2.d>
+ include in apache extra profile optional to avoid problems with empty
+ profile directory (boo#1178527)
+
+- prepare usrmerge (boo#1029961)
+ * use %_pamdir
+
+- update to AppArmor 3.0.1
+ - minor additions to profiles and abstractions
+ - some bugfixes in libapparmor, apparmor_parser and the aa-* utils
+ - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
+ for the detailed upstream changelog
+- removed upstream(ed) patches:
+ - changes-since-3.0.0.diff
+ - extra-profiles-fix-Pux.diff
+ - utils-fix-hotkey-conflict.diff
+
+- Use apache provided variables for the module_directry:
+ + Use %apache_libexecdir
+ + Add apache-rpm-macros BuildRequires
+
+- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in
+ de, id and sv translations (and fix the test) (MR 675)
+- add extra-profiles-fix-Pux.diff to fix an inactive profile -
+ prevents a crash in aa-logprof and aa-genprof when creating a new
+ profile (MR 676)
+
+- update to AppArmor 3.0.0
+ - introduce feature abi declaration in profiles to enable use of
+ new rule types (for openSUSE: dbus and unix rules)
+ - support xattr attachment conditionals
+ - experimental support for kill and unconfined profile modes
+ - rewritten aa-status (in C), including support for new profile modes
+ - rewritten aa-notify (in python), finally dropping the perl
+ requirement at runtime
+ - new tool aa-features-abi for extracting feature abis from the kernel
+ - update profiles to have profile names and to use 3.0 feature abi
+ - introduce @{etc_ro} and @{etc_rw} profile variables
+ - new profile for php-fpm
+ - several updates to profiles and abstractions (including boo#1166007)
+ - fully support 'include if exists' in the aa-* tools
+ - rewrite handling of alias, include, link and variable rules in
+ the aa-* tools
+ - rewrite and simplify log handling in the aa-logprof and aa-genprof
+ - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
-- drop upstreamed patch libapparmor-so-number.diff
+- patches:
+ - add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
+ release up to 3e18c0785abc03ee42a022a67a27a085516a7921
+ - drop upstreamed usr-etc-abstractions-base-nameservice.diff
+ - drop 2.13-only libapparmor-so-number.diff
+ - refresh apparmor-enable-profile-cache.diff - partially upstreamed
+ - update apparmor-samba-include-permissions-for-shares.diff and
+ apparmor-lessopen-profile.patch - switch to "include if exists"
+ - apparmor-lessopen-profile.patch: add abi rule to lessopen profile
+ - refresh apparmor-lessopen-nfs-workaround.diff
+- move away very loose apache profile that doesn't even match the
+ apache2 binary path in openSUSE to avoid confusion (boo#872984)
+- move rewritten aa-status from utils to parser subpackage
+- add aa-features-abi to parser subpackage
+- replace perl and libnotify-tools requires with requiring
+ python3-notify2 and python3-psutil (needed by the rewritten
+ aa-notify)
+- drop ancient cleanup for /etc/init.d/subdomain from parser %pre
+- drop (never enabled) conditionals to build with python2 and to
+ build the python-apparmor subpackage (upstream dropped python2
+ support)
+- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed
+- set PYFLAKES path for utils check
+- add precompiled_cache build conditional to allow faster local
+ builds without using kvm
+- remove duplicated BuildRequires: swig
- - fix two potential build failures
+ - add missing permissions to several profiles and abstractions
+ - bugfixes in parser and tools
+ - fix two potential build failures in libapparmor
+- remove upstream(ed) patches
+ - changes-since-2.13.4.diff
+ - abstractions-X-xauth-mr582.diff
+ - sevdb-caps-mr589.diff
+ - libvirt-leaseshelper.patch
+ - cap_checkpoint_restore.diff
+- add CAP_CHECKPOINT_RESTORE to severity.db (MR 656,
+ cap_checkpoint_restore.diff)
+
+- %service_del_postun_without_restart only works for Tumbleweed,
+ keep using DISABLE_RESTART_ON_UPDATE for Leap 15.x
+
+- Make use of %service_del_postun_without_restart
+ And stop using DISABLE_RESTART_ON_UPDATE as this interface is
+ obsolete.
+
+- libvirt-leaseshelper.patch: add /usr/libexec as a path to the
+ libvirt leaseshelper script (jsc#SLE-14253)
+
+- sevdb-caps-mr589.diff: add new capabilities CAP_BPF and CAP_PERFMON
+ to severity.db (lp#1890547)
+
+- add abstractions-X-xauth-mr582.diff to allow reading the xauth file
+ from its new sddm location (boo#1174290, boo#1174293)
+
+- add changes-since-2.13.4.diff with upstream changes and fixes
+ since 2.13.4 up to 5f61bd4c:
+ - add several abstractions related to xdg-open:
+ dbus-network-manager-strict, exo-open, gio-open, gvfs-open,
+ kde-open5, xdg-open
+ - introduce @{run} variable
+ - update dnsmasq and winbindd profile
+ - update mdns, mesa and nameservice abstraction
+ - some bugfixes in the aa-* tools, including a remote bugfix in the
+ YaST AppArmor module (boo#1171315)
+- drop upstream(ed) patches (now part of changes-since-2.13.4.diff):
+ - make-4.3-capabilities.diff
+ - make-4.3-capabilities-vim.diff
+ - make-4.3-fix-utils-network-test.diff
+ - make-4.3-network.diff
+ - abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch
+- apply usr-etc-abstractions-base-nameservice.diff only for
+ Tumbleweed, but not for Leap 15.x where it's not needed
+- refresh usr-etc-abstractions-base-nameservice.diff
+
+- Add abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch
+ (bsc#1168306)
+
+- fix build with make 4.3 by backporting some commits from upstream
+ master (boo#1167953):
+ - make-4.3-capabilities.diff
+ - make-4.3-capabilities-vim.diff
+ - make-4.3-network.diff
+ - make-4.3-fix-utils-network-test.diff
+
+ - several abstraction updates (including boo#1153162)
+ - disallow writing to fontconfig cache in abstractions/fonts
+ - some bugfixes in the aa-* tools
-
-- update to AppArmor 2.13.1
+- drop upstreamed patches:
+ - abstractions-ssl-certbot-paths.diff
+ - apparmor-krb5-conf-d.diff
+ - libapparmor-python3.8.diff
+ - usr-etc-abstractions-authentification.diff
+- refresh usr-etc-abstractions-base-nameservice.diff
+
+- add usr-etc-abstractions-base-nameservice.diff to adjust
+ abstractions/base and nameservice for /usr/etc/ (boo#1161756)
+
+- Properly pull in full python3 interpreter
+
+- add libapparmor-python3.8.diff to fix building the libapparmor python
+ bindings (deb#943657)
+
+- add usr-etc-abstractions-authentification.diff to allow reading
+ /usr/etc/pam.d/* and some other authentification-related files (boo#1153162)
+
+- add abstractions-ssl-certbot-paths.diff - add certbot paths to
+ abstractions/ssl_certs and abstractions/ssl_keys
+
+- add apparmor-krb5-conf-d.diff for kerberos client
+
+- update to 2.13.3
+ - profile updates for dnsmasq, dovecot, identd, syslog-ng
+ - new "lsb_release" profile (only used when using "Px -> lsb_release")
+ - fix buggy syntax in tunables/share
+ - several abstraction updates
+ - parser: fix "Px -> foo-bar" (the "-" was rejected before)
+ - several bugfixes in aa-genprof and aa-logprof
+- drop upstream(ed) patches:
+ - apparmor-nameservice-resolv-conf-link.patch
+ - profile_filename_cornercase.diff
+ - dnsmasq-libvirtd.diff
+ - dnsmasq-revert-alternation.diff
+ - usrmerge-fixes.diff
+ - libapparmor-swig-4.diff
+- re-number remaining patches
+
+- add upstream libapparmor-swig-4.diff: fix libapparmor tests with swig
+ 4.0 (boo#1135751)
+- update lessopen.sh profile for usrMerge (bash and tar) (boo#1132350)
+
+- add usrmerge-fixes.diff: fix test failures when /bin/sh is handled by
+ update-alternatives (boo#1127877)
+
+- add dnsmasq-revert-alternation.diff: revert path alternation in
+ dnsmasq profile and re-add peer=/usr/sbin/libvirtd rules to avoid
+ breaking libvirtd (boo#1127073)
+
+- add dnsmasq-libvirtd.diff: allow peer=libvirtd in the dnsmasq profile
+ to match the newly added libvirtd profile name (boo#1118952#c3)
+
+- Use %license instead of %doc [bsc#1082318]
+
+- add apparmor-lessopen-nfs-workaround.diff: allow network access in
+ lessopen.sh for reading files on NFS (workaround for boo#1119937 /
+ lp#1784499)
+
+- add profile_filename_cornercase.diff: drop check that lets aa-logprof
+ error out in a corner-case (log event for a non-existing profile while
+ a profile file with the default filename for that non-existing profile
+ exists) (boo#1120472)
+
+- netconfig: write resolv.conf to /run with link to /etc (fate#325872,
+ boo#1097370) [patch apparmor-nameservice-resolv-conf-link.patch]
+
- - no changes in libapparmor
+ - add profile names to most profiles
+ - update dnsmasq profile (pid file and logfile path) (boo#1111342)
+ - add vulkan abstraction
+ - add letsencrypt certificate path to abstractions/ssl_*
+ - ignore *.orig and *.rej files when loading profiles
+ - fix aa-complain etc. to handle named profiles
+ - several bugfixes and small profile improvements
+- remove upstreamed fix-syntax-error-in-rc.apparmor.functions.patch
-- update to AppArmor 2.13.1
- - several bug fixes
+- update to 2.13.1
+ - add qt5 and qt5-compose-cache-write abstractions
+ - add @{uid} and @{uids} kernel var placeholders
+ - several profile and abstraction updates
+ - ignore "abi" rules in parser and tools (instead of erroring out)
+ - utils: fix overwriting of child profile flags if they differ from
+ the main profile
+ - several bugfixes (including boo#1100779)
+- remove upstream(ed) patches:
+ - aa-teardown-path.diff
+ - fix-apparmor-systemd-perms.diff
+ - logprof-skip-cache-d.diff
+ - fix-samba-profiles.patch
+ - make-pyflakes-happy.diff
+ - dnsmasq-Add-permission-to-open-log-files.patch
+- refresh apparmor-samba-include-permissions-for-shares.diff
+- add fix-syntax-error-in-rc.apparmor.functions.patch
+
+- update rpmlintrc:
+ - whitelist .features file which is part of the pre-compiled cache
+ - comment out filters for the disabled tomcat_apparmor subpackage
+
+- Backport dnsmasq fix:
+ 025c7dc6 - dnsmasq-Add-permission-to-open-log-files.patch
+ (boo#1111342)
+
+- add make-pyflakes-happy.diff to fix an unused variable (SR 629206)
+
+- add fix-samba-profiles.patch - smbd loads new shared libraries.
+ Allow winbindd to access new kerberos credential cache location
+ (boo#1092099)
+
+- exclude the /etc/apparmor.d/cache.d/ directory from aa-logprof parsing
+ (logprof-skip-cache-d.diff)
+
+- add fix-apparmor-systemd-perms.diff - fix permissions of
+ /lib/apparmor/apparmor.systemd (boo#1090545)
+
+- create and package precompiled cache (/usr/share/apparmor/cache,
+ read-only) (boo#1069906, boo#1074429)
+- change (writeable) cache directory to /var/cache/apparmor/ - with the
+ new btrfs layout, the only reason for using /var/lib/apparmor/cache/
+ (which was "it's part of the / subvolume") is gone, and /var/cache
+ makes more sense for the cache
+- adjust parser.conf (via apparmor-enable-profile-cache.diff) to use both
+ cache locations
+- clear cache also in %post of abstractions package
+ - add support for conditional includes in policy
+ - remove group restrictions from aa-notify (boo#1058787)
+ - aa-complain etc.: set flags for profiles represented by a glob
+ - aa-status: split profile from exec name
+ - several profile and abstraction updates
+- drop upstreamed patches and files:
+ - aa-teardown
+ - apparmor.service
+ - apparmor.systemd
+ - 32-bit-no-uid.diff
+ - disable-cache-on-ro-fs.diff
+ - dovecot-stats.diff
+ - parser-write-cache-warn-only.diff
+ - set-flags-for-profiles-represented-by-glob.patch
+ - fix-regression-in-set-flags.patch
+- drop spec code that handled installing aa-teardown, apparmor.service
+ and apparmor.systemd (now part of upstream Makefile)
+- simplify "make -C profiles parser-check" call (upstream Makefile bug
+ that required to call "cd" was fixed)
+- add aa-teardown-path.diff - install aa-teardown in /usr/sbin/
+- move 'exec' symlink to parser package (belongs to aa-exec)
+
+- Set flags for profiles represented by glob (bsc#1086154)
+ set-flags-for-profiles-represented-by-glob.patch
+ fix-regression-in-set-flags.patch
+
+- add dovecot-stats.diff:
+ - add dovecot/stats profile and allow dovecot to run it (boo#1088161)
+ - allow dovecot/auth to write /run/dovecot/old-stats-user (part of boo#1087753)
+- update 32-bit-no-uid.diff with upstream fix
+
+- Change of path of rpm in lessopen.sh (boo#1082956)
+
+- add disable-cache-on-ro-fs.diff - disable write cache if filesystem is
+ read-only and don't bail out (bsc#1069906, bsc#1074429)
+
+- add parser-write-cache-warn-only.diff to make cache write failures a
+ warning instead of an error (boo#1069906, boo#1074429)
+- reduce dependeny on libnotify-tools (used by aa-notify -p) to "Suggests"
+ to avoid pulling in several Gnome packages on servers (boo#1067477)
+ - add support for 'owner' rules in aa-logprof and aa-genprof
+ - add support for includes with absolute path in aa-logprof etc. (lp#1733700)
+ - update aa-decode to also decode PROCTITLE (lp#1736841)
+ - several profile and abstraction updates, including boo#1069470
+- drop upstreamed patches:
+ - read_inactive_profile-exactly-once.patch
+ - utils-fix-sorted-save_profiles-regression.diff
+- lessopen profile: change all 'rix' rules to 'mrix'
+- add 32-bit-no-uid.diff to fix handling of log events without ouid on
+ 32 bit systems
- - no changes in libapparmor
+ - add JSON interface to aa-logprof and aa-genprof (used by YaST)
+ - drop old YaST interface code
+ - update audio, base and nameservice abstractions
+ - allow @{pid} to match 7-digit pids
+- drop upstreamed patches
+ - apparmor-yast-cleanup.patch
+ - apparmor-json-support.patch
+ - nameservice-libtirpc.diff
+- drop obsolete perl modules (YaST no longer needs them)
+- drop patches that were only needed by the obsolete perl modules:
+ - apparmor-utils-string-split
+ - apparmor-abstractions-no-multiline.diff
+- drop profiles-sockets-temporary-fix.patch - obsoleted by a fix in
+ apparmor_parser
+- refresh utils-fix-sorted-save_profiles-regression.diff
+- add aa-teardown (new script to unload all profiles)
+- make ExecStop in apparmor.service a no-op (workaround for a systemd
+ restriction, see boo#996520 and boo#853019 for details)
+- lessopen profile: allow capability dac_read_search and dac_override,
+ allow groff to execute several helpers (boo#1065388)
+
+- read_inactive_profile-exactly-once.patch (bsc#1069346)
+ Perform reading of inactive profiles exactly once.
- - mostly test-related changes in libapparmor
+ - add permissions to several profiles and abstractions (including
+ lp#1650827 and boo#1057900)
+ - several fixes in the aa-* tools (including lp#1689667, lp#1628286,
+ lp#1661766 and boo#1062667)
+ - fix downgrading/converting of 'unix' rules (will be supported in
+ kernel 4.15) to 'network unix' rules in apparmor_parser (boo#1061195)
+- remove upstream(ed) patches
+ - upstream-changes-r3616..3628.diff
+ - upstream-changes-r3629..3648.diff
+ - parser-tests-dbus-duplicated-conditionals.diff
+ - apparmor-fix-podsyntax.patch
+ - sshd-profile-drop-local-include-r3615.diff
+- refresh apparmor-yast-cleanup.patch
+- add utils-fix-sorted-save_profiles-regression.diff to fix a regression
+ in displaying the "changed profiles" list in aa-logprof
+
+- add nameservice-libtirpc.diff to fix NIS/YP logins (boo#1062244)
+
+- profiles-sockets-temporary-fix.patch to cater to nameservices with the
+ new sockets mediation, until unix rules are upstreamed (boo#1061195)
+
+- add apparmor-fix-podsyntax.patch from mailing list to fix
+ compilation with perl 5.26
+
+- do not require exact X.Y version of "python3"
+- require also matching python(abi) which is arguably more important
+
+- don't rely on implementation details for reload in %post
+
+- add JSON support. Required for FATE#323380.
+ (apparmor-yast-cleanup.patch, apparmor-json-support.patch)
+
+- add upstream-changes-r3629..3648.diff:
+ - preserve unknown profiles when reloading apparmor.service
+ (CVE-2017-6507, lp#1668892, boo#1029696)
+ - add aa-remove-unknown utility to unload unknown profiles (lp#1668892)
+ - update nvidia abstraction for newer nvidia drivers
+ - don't enforce ordering of dbus rule attributes in utils (lp#1628286)
+ - add --parser, --base and --Include option to aa-easyprof to allow
+ non-standard paths (useful for tests) (lp#1521031)
+ - move initialization code in apparmor.aa to init_aa(). This allows to
+ run all utils tests even if /etc/apparmor.d/ or /sbin/apparmor_parser
+ don't exist.
+ - several improvements in the utils tests
+- drop upstreamed python3-drop-re-locale.patch
+- no longer delete/skip some of the utils tests (to allow this, add
+ parser-tests-dbus-duplicated-conditionals.diff)
+- add var.mount dependeny to apparmor.service (boo#1016259#c34)
+
+- Cleanup spec file:
+ - don't use insserv if we afterwards call systemd, this can
+ have bad side effects
+ - remove dead code
+ - remove now obsolete 'distro' checks
+- Replace init.d script with new wrapper working with systemd
+
+- add python3-drop-re-locale.patch: remove deprecated re.LOCALE
+ flag in Python UI as it was dropped from Python 3.6 (lp#1661766)
+- add upstream-changes-r3616..3628.diff:
+ - update abstractions/base, abstractions/apache2-common and dovecot profiles
+ - merge ask_the_questions() of aa-logprof and aa-mergeprof
+ - pass LDFLAGS when building parser, libapparmor perl bindings and pam_apparmor
+- adjust deleting the cache in profiles %post to the new cache location
+- silence errors when deleting the cache (boo#976914)
+
+- update to AppArmor 2.11.0
+ - apparmor_parser now supports parallel compiles and loads
+ - add full support for dbus, ptrace and signal rules and events to the
+ utils
+ - full rewrite of the file rule handling in the utils
+ - lots of improvements and fixes
+ - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11 for the
+ detailed changelog
+- patches:
+ - add sshd-profile-drop-local-include-r3615.diff to fix 'make check'
+ - drop aa-unconfined-fix-netstat-call-2.10r3380.diff, no longer needed
+ - refresh apparmor-abstractions-no-multiline.diff
+ - refresh apparmor-samba-include-permissions-for-shares.diff
+- spec changes:
+ - aa-unconfined switched to using ss (from iproute2), adjust Recommends:
+ - move libapparmor to /usr/lib*/
+ - drop %if %suse_version checks for 12.x
+ - change several Obsoletes from %version to < 2.9. Those package names
+ weren't used since years, and 2.9 is still a careful choice
+ - include apparmor.service independent of %suse_version
+ - techdoc.pdf is now shipped in upstream tarball to reduce BuildRequires
+ - drop latex2html, texlive-* and w3m BuildRequires
+ - techdoc.txt and techdoc.html not included, drop them from the package
+ - run most of utils/ make check (some tests expect /etc/apparmor.d/ and
+ /sbin/apparmor_parser to exist, skip them)
+ - BuildRequires python3-pyflakes (utils tests) and dejagnu (libapparmor tests)
+ - drop sed'ing python3 into aa-* shebang (upstreamed)
+ - build binutils
+ - aa-exec is now written in C and lives in /usr/bin/, move it to the
+ apparmor_parser package and create a compability symlink in /usr/sbin/
+ - aa-exec manpage moved to section 1
+ - aa-enabled is a small new tool to find out if AppArmor is enabled
+ - package new aa_stack_profile(2) manpage
+
+- change /etc/apparmor.d/cache symlink to /var/lib/apparmor/cache/.
+ This is part of the root partition (at least with default partitioning)
+ and should be available earlier than /var/cache/apparmor/
+ (boo#1015249, boo#980081, bsc#1016259)
+- add dependency on var-lib.mount to apparmor.service as safety net
+
+- update to AppArmor 2.10.2 maintenance release
+ - lots of bugfixes and profile updates (including boo#1000201,
+ boo#1009964, boo#1014463)
+ - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_2 for details
+- add aa-unconfined-fix-netstat-call-2.10r3380.diff to fix a regression
+ in aa-unconfined
+- drop upstream(ed) patches:
+ - changes-since-2.10.1--r3326..3346.diff
+ - changes-since-2.10.1--r3347..3353.diff
+ - libapparmor-fix-import-path.diff (upstream fix is slightly different)
+ - nscd-var-lib.diff
+- refresh apparmor-abstractions-no-multiline.diff
+
+- add nscd-var-lib.diff to allow /var/lib/nscd/ in the nscd profile and
+ abstractions/nameservice (path changed in latest nscd in Tumbleweed)
+
+- add changes-since-2.10.1--r3347..3353.diff with upstream changes and
+ fixes in the 2.10 branch, including
+ - allow writing *.qf files (for disk-based buffering) in syslog-ng profile
+ - add several permissions to the dovecot profiles (deb#835826)
+ - add a missing path in the traceroute profile
+
+- add changes-since-2.10.1--r3326..3346.diff with upstream changes and
+ fixes since the 2.10.1 release, including
+ - allow dac_override in winbindd profile (boo#990006#c5)
+ - allow mr for /usr/lib*/ldb/*.so in samba abstractions (needed since
+ Samba 4.4.x, boo#990006)
+ - abstractions/nameservice: also support ConnMan-managed resolv.conf
+ - let aa-genprof ask about profiles in extra dir (again)
+ - fix aa-logprof "add hat" endless loop (lp#1538306)
+ - honor 'chown' file events in logparser.py
+ - ignore log file events with a request mask of 'send' or 'receive'
+ because they are actually network events (lp#1577051, lp#1582374)
+ - accept hostname with dots when parsing logs (lp#1453300 comments #1 and #2)
+- fix python LibAppArmor import failures with swig > 3.0.8 (boo#987607)
+ (libapparmor-fix-import-path.diff)
+- refresh apparmor-abstractions-no-multiline.diff
+- drop upstreamed profiles-ping-inet6-r3449.diff
+- add %check section - runs libapparmor (including swig bindings),
+ parser and profiles tests
+- add BuildRequires: perl(Locale::gettext) - needed for parser tests
+
+- add profiles-ping-inet6-r3449.diff - latest ping also does IPv6 (boo#980596)
+
+- update to AppArmor 2.10.1 (2.10 branch r3326):
+ - fix incorrect output of child profile names (apparmor_parser -N) which
+ caused 'rcapparmor reload' to remove child profiles and hats (lp#1551950)
+ - fix a crash in aa-logprof / logparser.py for change_hat log events
+ (lp#1523297) and log events that look like file events, but aren't
+ (lp#1540562, lp#1525119, lp#1466812)
+ - write unix rules when saving a profile (lp#1522938, boo#954104#c3)
+ - several fixes for variable handling in aa-logprof
+ - map c (create) log events to w instead of a
+ - add python to the "no Px rule" list in logprof.conf
+ - let aa-logprof check for duplicate profiles
+ - let aa-status work without the apparmor.fail python module (boo#971917,
+ lp#1480492)
+ - add permissions in several profiles (including boo#948584, boo#948753,
+ boo#954959, boo#954958, boo#971790, boo#964971, boo#921098, boo#923201 and
+ boo#921098#c15).
+ - and many more fixes, see the full changelog at
+ http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_1
+- drop upstream(ed) patches:
+ - fix-initscript-aa_log_end_msg.diff
+ - syslog-ng-profile-boo948584.diff
+ - upstream-profile-updates-r3205-3241.diff
+- refresh patches:
+ - apparmor-abstractions-no-multiline.diff
+ - apparmor-samba-include-permissions-for-shares.diff
+- drop libapparmor autogen.sh call (broke the build) and remove libtool BR
+
+- add syslog-ng-profile-boo948584.diff - add several permissions needed
+ by latest syslog-ng (boo#948584, boo#948753)
+- add upstream-profile-updates-r3205-3241.diff with several profile updates:
+ - add /usr/share/locale-bundle/** to abstractions/base
+ - allow dnsmask to use /bin/sh (boo#940749) and /bin/dash
+ - allow dovecot imap to read /run/dovecot/mounts
+ - allow avahi-daemon to write to /run/systemd/notify
+ - allow ntpd to read $PATH directory listings (boo#945592, boo#948752)
+ - update dhclient profile
+ - allow skype to read @{PROC}/@{pid}/net/dev (boo#939568)
+ - and some other small updates
+- drop upstreamed apparmor-winbindd-r3213.diff (included in the
+ upstream-profile-updates patch)
+
+- netstat moved to net-tools-deprecated in Tumbleweed (boo#944904)
+
+- add apparmor-winbindd-r3213.diff - add missing k permissions for
+ /etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)
+
+- add fix-initscript-aa_log_end_msg.diff - fixes ugly initscript
+ output (boo#862170)
+
+- update to AppArmor 2.10 (trunk r3205)
+ - profile names can now contain variables
+ - improved profile compile time in apparmor_parser
+ - lots of improvements, refactoring and bugfixes in the aa-* tools
+ - new apis for managing and loading profile caches into the kernel in
+ libapparmor
+ - lots of profile updates
+ - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10 for the
+ complete changelog with more details
+- add new apparmor_private.h and the aa_query_label(2), aa_features(3),
+ aa_kernel_interface(3), aa_policy_cache(3), aa_splitcon(3) manpages
+ to libapparmor-devel
+- drop apparmor-2.5.1-edirectory-profile patch - it's most probably
+ no longer needed (see boo#621394 for details)
+- drop upstreamed samba-4.2-profiles.diff
+- refresh apparmor-samba-include-permissions-for-shares.diff
+
+- systemd-rpm-macros and %systemd_requires were at the wrong place,
+ move them to the parser package (boo#931792)
+
+- update to AppArmor 2.9.2 (2.9 branch r2911)
+ - lots of bugfixes in the parser and the aa-* tools (including
+ boo#918787)
+ - update dovecot and dnsmasq profiles and several abstractions
+ (including boo#911001)
+ - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_2 for the
+ full changelog
+- remove upstream(ed) patches apparmor-changes-since-2.9.1.diff and
+ apparmor-fix-stl-ostream.diff
+- replace GPG key with new AppArmor GPG signing key, see
+ https://launchpad.net/apparmor/+announcement/13404
+
+- make sure %service_del_postun doesn't call systemctl try-restart
+ (boo#853019, bare systemd edition)
+- add samba-4.2-profiles.diff: update samba (winbindd and nmb)
+ profiles for samba 4.2 (boo#921098, boo#923201)
+
+- only install apparmor.service for openSUSE > 13.2
+
+- Add a native systemd unit which *at the moment* only
+ wraps/masks the early boot script.
+
+- add apparmor-fix-stl-ostream.diff which fixes odd uses of
+ std::ostream which are not valid. Fixes build with GCC 5
+
+- allow lessopen.sh to run /usr/bin/unzip-plain (boo#906858)
+
+- add Requires: python3 to python3-apparmor package - readline isn't
+ part of python3-base (boo#917577)
+
+- add apparmor-changes-since-2.9.1.diff with upstream fixes since the
+ 2.9.1 release
+ - update logparser.py to support changed syslog format (lp#1399027)
+ - update usr.sbin.dovecot and usr.lib.dovecot.imap{, -login} profiles
+ (lp#1296667)
+ - update the mysqld profile
+ - fix network rule description in apparmor.d(5) manpage
+- drop upstreamed dnsmasq-profile-fixes.patch
+- update expired GPG key
+
+- update to AppArmor 2.9.1 (2.9 branch r2831)
+ - fix log parsing for 3.16 kernels and syslog-style logs (boo#905368)
+ - several fixes and performance improvements in the aa-* utils
+ - profile updates for dnsmasq (boo#907870), nscd (boo#904620#c14 and
+ bnc#908856), useradd, sendmail, man and passwd
+ - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_1
+ for full release notes
+- refresh dnsmasq-profile-fixes.patch
+
+- Fix dnsmasq profile to allow executing bash to run the --dhcp-script
+ argument. Also fixed /usr/lib -> /usr/{lib,lib64} to get libvirt
+ leasehealper script to run even on x86_64.
+ dnsmasq-profile-fixes.patch. boo#911001
+
+- rename lessopen.sh profile file to usr.bin.lessopen.sh to match the
+ script filename
+
+- add apparmor-lessopen-profile.patch: /usr/bin/lessopen.sh needs
+ confinement. bnc#906858
+
+- delete cache in apparmor-profiles %post (workaround for
+ bnc#904620#c8 / lp#1392042)
+
+- No longer perform gpg validation; osc source_validator does it
+ implicit:
+ + Drop gpg-offline BuildRequires.
+ + No longer execute gpg_verify.
+
+- fix bashism in post script
+
+- update to AppArmor 2.9.0 (r2759)
+ - change aa-mergeprof to the final commandline syntax
+ - lots of bugfixes in the aa-* tools (bnc#900163, lp#1328707 and several
+ bugs without a formal bugreport)
+ - small additions to gnome, freedesktop.org, ubuntu-browsers.d/java
+ and user-mail abstractions
+ - fix mod_apparmor to not break basic auth
+ - update perl modules to support signal, unix and ptrace rules (bnc#900013)
+ - don't warn about rules not supported by the kernel
+ - fix logging of "audit capability" (lp#1378091)
+ - add support for the "hat" keyword in apparmor.vim
+ - build html version of apparmor.vim manpage again (lp#1366572)
+ - see also http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_0
+- update apparmor-abstractions-no-multiline.diff
+- remove upstreamed apparmor-profiles-ntpd-pid-location.diff
+
libchewing
+- Update to version 0.5.1+git20200627.452f622:
+ * chewing.py supports platforms with 64bit pointer
+ * Change ︰ to :
+ * Don't run tests in parallel
+ * Try Ubuntu 16.04 Xenial
+ * autotools: Build with -fPIC like the CMake-based one does
+ * Show compilation commands if the build system is autotools
+ * Tolerate unused const warnings
+ * Fix LSan
+ * Use internal-sqlite instead of static-sqlite, following 570ab6be
+
+- Remove unneeded BuildRequires on python-devel, and the conflicting
+ old py_* macros.
+- Remove references to "Python 2", the module supports Python 3.
+- Mark COPYING as license.
+
+- Remove pointless ldconfig call from chewing-utils subpackage.
+- Specfile update: remove implicit BuildRoot and defattrs.
+- Properly fulfill SLPP requirement that only the library file
+ is in the library subpackage.
+
-- retrack upstream source. previous source is from unknown origin.
- * it couldn't be found at the link in specfile.
- * it didn't have the same content and build result
- as upstream source.
- * it missed entire python and data sub directories,
- so almost useless.
-- remove ambiguous libchewing package. fix bnc#808338
- * libchewing is always taken as an old version by users.
- * libchewing contained the runtime libraries but it was
- not required by libchewing3. important orphan package.
- so ibus-chewing and fcitx-chewing can't work.
-- enable ncurses wide-char and thread-safe (w6)
-- enable python.
-- new sub-packages: chewing-data python-chewing chewing-utils
-
-- fix baselibs.conf - there is no libchewing-32bit
-
-- Parallel build with %_smp_mflags
-- Remove redundant %clean, authors sections
-- Avoid requires on library, the other way is preferred
- (library requires data package)
-
-- Split libchewing.so.* into subpackage libchewing3
-
-- Update to libchewing 0.3.4
-- Remove libchewing-gcc-fix.diff (upstream rewrite this part)
-- Improve the description of libchewing API
- Simplified examples to illustrate the usage are added
-- Revise libchewing API. Check the documentation for details
-- Support THL (Taiwan Huayu Luomapinyin) and MPS2 Pinyin keyboard layout
-- Reimplementation of unit test framework. No external 'check' package is required
-- Fix several phrase errors
- Add exceptional phrase as well
-- Improved developer and user guide
-- Introduce CMake based build system, which is convenient to MS-Windows based environments.
-- Add --enable-gcov to enable gcov coverage
-- Fix possible strncat() overflow
-- Consistent checks for bopomofo sequence internally
-- Handle incomplete bopomofo with space key properly
-- Internal structure refactoring
-- Read hash path from CHEWING_PATH environment variable
-- Make libchewing thread-safe
-- Fix IM crash by changing default candidate per page to 10
-- Fix the detection of ncursesw
-- Fix the usage of autotools
-- Update and tune symbols
-- Fix valgrind warning
-- Fix several compilation warnings
-- Fix GCC visibility availability for Darwin specific PIC code
-- Fix hash table initialization and its memory leakage
-- Support building with mingw32 toolchain
-- Fix GNU Hurd build
-- Fix Microsoft VC build
-- Fix Windows 64-bit build
-- Fix mingw32/64 + WINE build
-
-- add libtool as explicit buildrequire to avoid implicit dependency from prjconf
-
-- Update to libchewing 0.3.3:
- Fix setfault, improved python-binding, build fixes, etc;
- see http://chewing.csie.net/news.html for details
-
-- fix buffer overflow
-
-- updated patches to apply with fuzz=0
-
-- fix to apply the previous patch properly
-
-- fix missing call to fclose in sort_word.c (bnc#535452)
-
-- updated to version 0.3.2, including previous fix patches,
- fix memory leaks, doxygen updates, etc.
- See ChangeLog for details.
-- build with -fno-strict-aliasing to avoid type punning problems
- in src/hash.c
-
libevdev
+- It is actually not necessary to use python2, python3 works as
+ well.
+
+- update to 1.11.0:
+ * One new API, libevdev_disable_property()
+ * Kernel 5.8 changed the SW_MAX define from 0x0f to 0x10. In some niche cases
+ this causes issues if libevdev and the software build against
+ different headers and thus end up with different values
+ * include: sync event codes with kernel 5.10
+ * Fix included license to the "always intended" MIT license
+
+- update to 1.9.1
+ * no changelog available
+- remove n_buildfix_for_opensuse_12_2.patch: obsolete
+
+- Update to 1.9.0 (no changelog)
+
+- Update to 1.8.0
+ * Bug fixes
+ * Docs update
+ * Improve tests
+ * Sync with latest kernels
+
-- Update to 1.3:
- * m4: fix CC_CHECK_WERROR and CC_FLAG_VISIBILITY macros
- * Add per-device log handlers
- * include: update to Linux 3.15 header
- * uinput: use the UI_GET_SYSNAME ioctl if available
- * uinput: change strcpy/strcat usage for snprintf
- * include: add uinput.h header as well
- * include: update to Linux 3.16 header
- * uinput: check errno against the positive value
- * uinput: preserve the errno before cleaning up
- * configure: move the python check down to re-unite the
- gcov check outputs
- * Add libevdev_property_from_name()
- * Rename symbols leaking from static library to
- avoid name clashes
- * uinput: close the managed fd on error
- * tools: pass -rc to strerror, not rc
- * uinput: explicitly ignore the UI_DEV_DESTROY return value
- * Hook up nm to check for leaking symbols in the static library
- * Add some minimal documentation about static linking
-
-- Add git repository metadata
-
-- Update to 1.2 (recommended for xf86-input-synaptics 1.8.0)
-
-- add baselibs.conf since libevdev2-32bit is required by libinput-32bit
-
-- Update to 1.0.99.1 (1.1~rc1)
- * Send an extra ABS_MT_SLOT event to sync the client up with
- the current slot
- * Fix the include directives when building in tools/
- * tools: Fix compiler warning
- * Replace hardcoded 0 with the enum for it
- * tools: add a tool to print the actual range provided by
- a touchpad
- * Document that the return value of get_name|uniq|phys is
- not permanent
- * Plug a memory leak for name, uniq, phys
- * Fix memory leaks when failing to create a uinput device
- * Document the FORCE_SYNC behavior a bit better
- * Fix a wrong reference in the libevdev_next_event
- documentation
- * Add unlikely() macro
- * Don't sync past MAX_SLOTS slots
- * Dynamically allocate the slot values
- * Reduce memory requirement for MT syncing
- * Increase MAX_SLOTS to 60
- * Cap slot values to the announced maximum
- * Move some functions/macros between libevdev-int.h
- and libevdev-util.h
- * Don't sync the MT state for fake MT devices
- * If the tracking ID changes during SYN_DROPPED, terminate
- the touch first
- * Add a documentation note to update the slot after syncing
-- New tools subpackage
-
-- Update to 1.0, for more details, please see:
- http://lists.freedesktop.org/archives/input-tools/2014-January/000763.html
- and http://lists.freedesktop.org/archives/input-tools/2014-February/000766.html
-- SO version bumped to 2
-- Explicitly remove la files, instead of excluding them
-
-- fixed license to MIT in specfile
-
-- n_buildfix_for_opensuse_12_2.patch
- * buildfix for openSUSE 12.2 (Linux kernel headers too old)
-
-- Initialize libevdev pckage
-
libgudev
+- Update to version 237:
+ + Fix reading double precision floats from sysfs attributes in
+ locales that use comma as a separator
+ + Fix compilation warning
+ + Fix headers to help with build reproducibility
+ + Clarify licensing information
+- Changes from version 236:
+ + Fix meson project name to match autotools.
+- Changes from version 235:
+ + Port build system to meson and remove autotools
+ + Fix conversion of sysfs attributes to boolean.
+- Add meson BuildRequires and macros following upstreams port.
+- Enable pkgconfig(umockdev-1.0) BuildRequires and test macro.
+- Update Licence tag to LGPL-2.1-or-later.
+
+- update to 234:
+ * Clarify that _get_sysfs_attr() functions are cached
+ * Add functions to get uncached sysfs attributes
+
+- Update to version 233:
+ + Require glib 2.38.
+ + Small documentation updates.
+ + Remove gnome-common build dependency.
+- Use modern macros.
+
+- Modernize spec-file by calling spec-cleaner
+
libinput
+- Update to release 1.19.2:
+ * quirks: add quirk for GPD Win Max
+ * evdev: disable button scroll timeout for extra mouse buttons
+ * evdev: avoid usage of bogus BTN_FORWARD name
+ * gestures: avoid processing the last hold and
+ motion event twice
+ * quirks: Add quirk for StarLabs clickpads with two
+ phyisical buttons
+ * quirks: Update dmi for StarBook Mk V
+ * quirks: relax DMI modalias match for Purism Librem 14v1
+
+- Update to release 1.19.1
+ * New: Detects (and works around) buggy devices that claim to
+ have a high-resolution scroll wheel but which do not actually
+ send events.
+ * New assumption that any non-bluetooth touchpad is internal.
+ * Jumping cursor warning has been reduced once again.
+
+- Update to release 1.19
+ * Hold gestures are a new type of gestures that are triggered
+ by holding one or more fingers on a touchpad without
+ significant movement. They add to the existing pinch and
+ swipe gestures and allow for the implementation of
+ hold-to-click.
+ * High-resolution wheel scrolling has been long in the making
+ and the solution ends up replacing the existing pointer axis
+ API. Three new events are available:
+ LIBINPUT_EVENT_POINTER_SCROLL_WHEEL,
+ LIBINPUT_EVENT_POINTER_SCROLL_FINGER, and
+ LIBINPUT_EVENT_POINTER_SCROLL_CONTINUOUS. These events
+ replace the existing LIBINPUT_EVENT_POINTER_AXIS events, i.e.
+ if you are processing the new events simply discard the old
+ events.
+
+- Update to release 1.18.1
+ * This release only adds device-specific quirks.
+
libseccomp
+- reenable python bindings at least for the distro default python3
+ package:
+ - adds make-python-build.patch
+
+- Update to release 2.5.3
+ * Update the syscall table for Linux v5.15
+ * Fix issues with multiplexed syscalls on mipsel introduced in v2.5.2
+ * Document that seccomp_rule_add() may return -EACCES
+
+- Skip 11-basic-basic_errors test on qemu linux-user emulation
+
+- Update to release 2.5.2
+ * Update the syscall table for Linux v5.14-rc7
+ * Add a function, get_notify_fd(), to the Python bindings to
+ get the nofication file descriptor.
+ * Consolidate multiplexed syscall handling for all
+ architectures into one location.
+ * Add multiplexed syscall support to PPC and MIPS
+ * The meaning of SECCOMP_IOCTL_NOTIF_ID_VALID changed within
+ the kernel. libseccomp's fd notification logic was modified
+ to support the kernel's previous and new usage of
+ SECCOMP_IOCTL_NOTIF_ID_VALID.
+
+- update to 2.5.1:
+ * Fix a bug where seccomp_load() could only be called once
+ * Change the notification fd handling to only request a notification fd if
+ * the filter has a _NOTIFY action
+ * Add documentation about SCMP_ACT_NOTIFY to the seccomp_add_rule(3) manpage
+ * Clarify the maintainers' GPG keys
+- remove testsuite-riscv64-missing-syscalls.patch
+
+- Do not rely on gperf: pass GPERF=/bin/true to configure and
+ remove gperf BuildRequires. The syscalls.perf file it would
+ generate is part of the tarball already.
+
+- testsuite-riscv64-missing-syscalls.patch: Fix testsuite failure on
+ riscv64
+- Ignore failure of tests/52-basic-load on qemu linux-user emulation
+
+- Update to release 2.5.0
+ * Add support for the seccomp user notifications, see the
+ seccomp_notify_alloc(3), seccomp_notify_receive(3),
+ seccomp_notify_respond(3) manpages for more information
+ * Add support for new filter optimization approaches, including a balanced
+ tree optimization, see the SCMP_FLTATR_CTL_OPTIMIZE filter attribute for
+ more information
+ * Add support for the 64-bit RISC-V architecture
+ * Performance improvements when adding new rules to a filter thanks to the
+ use of internal shadow transactions and improved syscall lookup tables
+ * Properly document the libseccomp API return values and include them in the
+ stable API promise
+ * Improvements to the s390 and s390x multiplexed syscall handling
+ * Multiple fixes and improvements to the libseccomp manpages
+ * Moved from manually maintained syscall tables to an automatically generated
+ syscall table in CSV format
+ * Update the syscall tables to Linux v5.8.0-rc5
+ * Python bindings and build now default to Python 3.x
+ * Improvements to the tests have boosted code coverage to over 93%
+- libseccomp.keyring: replaced by Paul Moore <pmoore@redhat.com> key.
+
+- Update to release 2.4.3
+ * Add list of authorized release signatures to README.md
+ * Fix multiplexing issue with s390/s390x shm* syscalls
+ * Remove the static flag from libseccomp tools compilation
+ * Add define for __SNR_ppoll
+ * Fix potential memory leak identified by clang in the
+ scmp_bpf_sim tool
+- Drop no-static.diff, libseccomp-fix_aarch64-test.patch,
+ SNR_ppoll.patch (merged)
+
+- Add patch to fix ntpsec and others build (accidental drop of symbols):
+ * SNR_ppoll.patch
+
+- Tests are passing on all architectures
+
+- Backport patch to fix test on aarch64:
+ * libseccomp-fix_aarch64-test.patch
+
+- Update to release 2.4.2
+ * Add support for io-uring related system calls
+
libssh
-- Fix possible Denial of Service attack when using AES-CTR
- ciphers; (bsc#1168699)
- * Add 0001-CVE-2020-1730-Fix-a-possible-segfault-when-zeroing-A.patch
+- Update to version 0.9.6 (bsc#1189608, CVE-2021-3634)
+ * https://git.libssh.org/projects/libssh.git/tag/?h=libssh-0.9.6
-- Update to latest version of patch for CVE-2019-14889; (bsc#1158095)
- * Update CVE-2019-14889.patch
+- Add missing BR for openssh needed for tests
-- Fix CVE-2019-14889: arbitrary command execution; (bsc#1158095)
- * Add CVE-2019-14889.patch
+- update to 0.9.5 (bsc#1174713, CVE-2020-16135):
+ * CVE-2020-16135: Avoid null pointer dereference in sftpserver (T232)
+ * Improve handling of library initialization (T222)
+ * Fix parsing of subsecond times in SFTP (T219)
+ * Make the documentation reproducible
+ * Remove deprecated API usage in OpenSSL
+ * Fix regression of ssh_channel_poll_timeout() returning SSH_AGAIN
+ * Define version in one place (T226)
+ * Prevent invalid free when using different C runtimes than OpenSSL (T229)
+ * Compatibility improvements to testsuite
+
+- Update to version 0.9.4
+ * https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
+ * Fix possible Denial of Service attack when using AES-CTR-ciphers
+ CVE-2020-1730 (bsc#1168699)
+
+- Drop the hack to pull curl-mini: we moved the split a bit higher
+ up and now have a non-curl linked variant of cmake in
+ openSUSE:Factory.
+
+- Update to version 0.9.3
+ * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution (bsc#1158095)
+ * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
+ * SSH-01-006 General: Various unchecked Null-derefs cause DOS
+ * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys
+ * SSH-01-010 SSH: Deprecated hash function in fingerprinting
+ * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS
+ * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access
+ * SSH-01-001 State Machine: Initial machine states should be set explicitly
+ * SSH-01-002 Kex: Differently bound macros used to iterate same array
+ * SSH-01-005 Code-Quality: Integer sign confusion during assignments
+ * SSH-01-008 SCP: Protocol Injection via unescaped File Names
+ * SSH-01-009 SSH: Update documentation which RFCs are implemented
+ * SSH-01-012 PKI: Information leak via uninitialized stack buffer
+
+- Rename suffix define to pkg_suffix: rpm 4.15 has suffix reserved
+ for internal use.
+
+- Update to version 0.9.2
+ * Fixed libssh-config.cmake
+ * Fixed issues with rsa algorithm negotiation (T191)
+ * Fixed detection of OpenSSL ed25519 support (T197)
+
+- Update to version 0.9.1
+ * Added support for Ed25519 via OpenSSL
+ * Added support for X25519 via OpenSSL
+ * Added support for localuser in Match keyword
+ * Fixed Match keyword to be case sensitive
+ * Fixed compilation with LibreSSL
+ * Fixed error report of channel open (T75)
+ * Fixed sftp documentation (T137)
+ * Fixed known_hosts parsing (T156)
+ * Fixed build issue with MinGW (T157)
+ * Fixed build with gcc 9 (T164)
+ * Fixed deprecation issues (T165)
+ * Fixed known_hosts directory creation (T166)
+
+- Split out configuration to separate package to not mess up the
+ library packaging and coinstallation
+
+- Update to verion 0.9.0
+ * Added support for AES-GCM
+ * Added improved rekeying support
+ * Added performance improvements
+ * Disabled blowfish support by default
+ * Fixed several ssh config parsing issues
+ * Added support for DH Group Exchange KEX
+ * Added support for Encrypt-then-MAC mode
+ * Added support for parsing server side configuration file
+ * Added support for ECDSA/Ed25519 certificates
+ * Added FIPS 140-2 compatibility
+ * Improved known_hosts parsing
+ * Improved documentation
+ * Improved OpenSSL API usage for KEX, DH, and signatures
+- Removed 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
+- Removed 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch
+- Removed 0001-tests-Add-aes-gcm-ciphers-tests.patch
+- Add libssh client and server config files
libstorage-ng
+- merge gh#openSUSE/libstorage-ng#848
+- properly quote partition label
+- coding style
+- 4.4.63
+
+- merge gh#openSUSE/libstorage-ng#847
+- support to set partition label
+- updated pot and po files
+- extended documentation
+- 4.4.62
+
+- merge gh#openSUSE/libstorage-ng#846
+- make function is_efibootmgr() public (for bsc#937067)
+- 4.4.61
+
+- merge gh#openSUSE/libstorage-ng#845
+- prefer file system over empty MS-DOS partition table (bsc#1186823)
+- fixed testcase
+- 4.4.60
+
+- merge gh#openSUSE/libstorage-ng#844
+- extended Holder::set_source for multipath devices
+- documentation and coding style
+- 4.4.59
+
+- Translated using Weblate (Catalan) (bsc#1149754)
+- 4.4.58
+
+- merge gh#openSUSE/libstorage-ng#843
+- added convenience function get_blk_devices() for Multipath and
+ DmRaid
+- added macro LIBSTORAGE_NG_VERSION_AT_LEAST
+- 4.4.57
+
libwacom
+- Add python requires to tools subpackage (bsc#1192852)
+
+- update to 1.12:
+ - New devices:
+ - ELAN 2513
+ - HP Probook x360, 435 G7
+ - Waltop Slim Tablet 12.1
+ - XP-PEN Star 3
+ - Lenovo ThinkPad L390 Yoga, Yoga C940, Yoga 460, Yoga 720
+ - ThinkVision M14t, IdeaPad Flex5
+ - HP EliteBook x360 1030 G3
+ - Dell XPS 13 9310 2-in-1
+ - HUION Kamvas Pro 13
+ - ELAN 2514 variant 2718
+ - libwacom's hwdb no longer tags devices with "Keyboard" in
+ their name as ID_INPUT_TABLET
+
+- update to 1.10:
+ - Duplicate matches in /etc no longer cause conflicts with the
+ system-provided .tablet files
+ - libwacom-list-local-devices now prints YAML by default
+ - New tools:
+ - libwacom-list-devices lists all supported devices
+ - libwacom-update-db to update the db after adding tablet files
+ - New devices:
+ - Elan 2514 variant 25BF
+ - Huion H640P
+ - Lenovo X1 Yoga Gen 6
+ - Samsung CHromebook Pro
+ - libwacom can now read tablet and stylus files from /etc/libwacom
+ - New tool: libwacom-show-stylus to interactively show stylus IDs and serial
+ numbers
+ - New devices:
+ - HP Envy x360, Pro Tablet 508
+ - Lenovo X1 Yoga Gen5, Yoga6, Ideapad Flex 5, Yoga 7, Yoga C650, L13 Yoga
+ - Microsoft Surface Go
+ - New devices:
+ - Dell XPS 15 7590
+ - HP EliteBook x360 (830 and 1030), Spectre x360
+ - Lenovo Thinkpad P15 Gen1, Yoga, Yoga 3, Yoga 11e, X13 Yoga
+ - New devices:
+ - Dell XPS 13 2-in-1 9310
+ - Lenovo IdeaPad Flex 14API, Flex 5
+ - HP Envy x360, EliteBook x360
+ - Huawei MateBook HZ-W19
+ - XP Pen Star G640
+
+- update to 1.6:
+ * add XP Pen G640
+ * add XP Pen G430
+ * build fixes
+
+- Use official %%meson_test macro for the %check section.
+- Do not crrate empty %check section when not using meson.
+
+- Fix Leap build.
+
+- update to 1.5:
+ - New devices:
+ - Acer Spin 5 / Acer Spin SP513-54N
+ - Dell Latitude 7410,
+ - GAOMON S620
+ - HP Pavilion x360 Convertible 14-dh0xxx
+ - Huawei MateBook HZ-W19
+ - Lenovo ThinkPad X1 Yoga 3rd
+ - Wacom Cintiq 16, DTK-1660E
+
+- update to 1.4.1:
+- New devices:
+ - HP ZBook Studio x360 G5
+ - Dell Latitude 7285
+ - Dell Latitude 7200 2-in-1, Dell Latitude 7400 2-in-1
+ - Elan 2415
+ - HP ENVY x360 Convertible 13,
+ - Huion 420, 1060 Plus,
+ - GAOMON S56K
+ - Wacom FT-0405
+ - Many AES stylus definitions added
+ - New API: libwacom_stylus_get_eraser_type()
+ - udev rules are now using hwdb entries
+
+- use %{_udevrulesdir}, %{_libexecdir} now expands to /usr/libexec
+
+- Update to 1.3
+- Add a dependency on doxygen
+- Remove 174.patch
+ + The changes were merged upstream
+
+- Pass b_lto option to meson, otherwise the previous patch has no
+ effect (meson does not derive the b_lto value from the FLAGS).
+
libxml2
-- Update to version 2.9.12 in SLE-15-SP4 [jsc#SLE-21255]
- * Drop patches fixed upstream:
- - libxml2-CVE-2018-14404.patch
- - libxml2-CVE-2018-14567.patch
+- Limit BuildRequires of python-rpm-macros to 20211022 (to have working
+ multi-version macros).
+
+- Rewrite package to the single-spec %python_subpackage_only style and
+ eliminate unnecessary multibuild.
-- Remove libxml2-CVE-2019-19956.patch
-
-- Fix invalid xmlns references since the fix for CVE-2019-19956 [bsc#1172021]
-- Security fix: [bsc#1161521, CVE-2019-20388]
- * Memory leak in xmlSchemaPreRun in xmlschemas.c
-- Add libxml2-CVE-2019-20388.patch
-
-- Security fix: [bsc#1161517, CVE-2020-7595]
- * xmlStringLenDecodeEntities in parser.c has an infinite loop in
- a certain end-of-file situation
-- Add libxml2-CVE-2020-7595.patch
-
-- Security fix: [bsc#1159928, CVE-2019-19956]
- * Memory leak related to newDoc->oldNs in xmlParseBalancedChunkMemoryRecover:parser.c
-- Add libxml2-CVE-2019-19956.patch
-
+- Security fix: [bsc#1159928, CVE-2019-19956]
+ * Memory leak related to newDoc->oldNs in
+ xmlParseBalancedChunkMemoryRecover:parser.c
+ Fix byl later reverted, so it is not present in the upstream
+ tree anymore.
+ + Memory leak in xmlFreeID (xmlreader.c)
-- Synchronize changelog files for libxml2 and python-libxml2-python [bsc#1123919]
-
- decompression (boo#1088279 boo#1105166).
+ decompression (boo#1088279 boo#1105166, bsc#1088279 bsc#1105166).
- (boo#1102046).
+ (boo#1102046, bsc#1102046).
-- Security fix:
- [bsc#1088279, CVE-2018-9251][bsc#1105166, CVE-2018-14567]
- * Infinite loop in LZMA decompression
- * Fixes CVE-2018-9251 introduced by CVE-2017-18258
- * Added libxml2-CVE-2018-14567.patch
-
-- Security fix [bsc#1102046, CVE-2018-14404]
- * NULL pointer dereference in xpath.c:xmlXPathCompOpEval() can
- allow attackers to cause a denial of service
- * Added libxml2-CVE-2018-14404.patch
-
man-pages-ja
-- update to 20171215
+- Remove conflicting cdparanoia manpage
+
+- update SPEC file
+
+- Update to version 20210515
-- Update to 20170515
+- version update to 20201215
-- update to 20161115
+- version update to 20201115
-- update to 20151215
+- version update to 20191215
-- update to 20150415
+- update to 20181215
-- update to 20141115
+- update to 20171215
-- Update to new upstream release 20140915
- * No upstream changelog was provided
-- Remove ancient specfile tags and sections
-- Remove unneeded dependency "deb", has no effect on filelist
+- Update to 20170515
+ * added and improved manual pages
+
+- update to 20161115
+ * added and improved manual pages
-- updated to 20140615:
+- update to 20151215
-- updated to 20140315:
+- update to 20150415
-- updated to 20131115:
+- update to 20141115
metamail
+- Add simple mimelang tool to be able to check unicode block of
+ UTF-8 MIME encoded e-mail subjects
+
+- Replace old mgrep script with new m(mime)grep written in hackweek
+
+- Remove tcsh dependency by dropping bogus mailserver and
+ sun-message.csh
+- use autosetup, refresh all 5 patches
+
-- Fix typo in mailto manual page (bnc#422090)
-
-- Avoid autobuild error
-
-- Add MIME check script usable e.g. in procmailrc filter rules
-
monapo-fonts
+- Upstream update to 20170722
+ * Update IPA P Gothic to 00303
+
mosh
+- Update to version 1.3.2+20200518:
+ * If exec()ing the remote command fails, pause briefly
+ * Move generated includes to their own directory to avoid conflicts.
+ * Use Travis Homebrew addon.
+ * "Fix" Travis OS X builds.
+ * configure: Add test for whether protoc matches protobuf
+ * configure: Fix FD_ISSET test under -Werror
+ * configure: Fix forkpty test code indentation
+ * configure: Remove unused tests
+ * configure: Set language to C++ globally
+
+- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
+ firewalld, see [1].
+ [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
+
+- Switch to git snapshots as there was no release over years.
+- Update to version 1.3.2+20190710
+ * Apply latest consecutive resize, not earliest.
+ * mosh-server: improve error logging
+ * Add syslog logging of connections
+ * Fix issue with incorrect true-color background erase colors.
+ * Add true color support.
+ * Allow non-inserting prediction.
+ * Don't do prediction on large pastes into mosh-client.
+ * and more.
+
-- Patch (mosh-1.2.4-ipv6.patch) for IPv6 support from
- https://github.com/keithw/mosh/pull/453
-
-- Make ufw files happy with rpmlint from suse (i hope).
-
mozilla-nss
+- Mozilla NSS 3.68.1
+ MFSA 2021-51 (bsc#1193170)
+ * CVE-2021-43527 (bmo#1737470)
+ Memory corruption via DER-encoded DSA and RSA-PSS signatures
+- Remove now obsolete patch nss-bsc1193170.patch
+
+- Add patch to fix CVE-2021-43527 (bsc#1193170):
+ nss-bsc1193170.patch
+
mtd-utils
+- Update to version 2.1.2:
+ * Features:
+ + flashcp: Add option -A/--erase-all
+ + mtd-utils: add optional offset parameter to flash_otp_dump
+ + ubi-utils: Implement a ubihealthd
+ + mkfs.ubifs: Add authentication support
+ * Fixes:
+ + ubifs-media: Update to Linux-5.3-rc3
+ + mtd-utils: Fix return value of ubiformat
+ + ubiupdatevol: Prevent null pointer dereference
+ + libubigen: remove unnecessary include
+ + libubi: remove private kernel header from includes
+ + mkfs.ubifs: fscrypt: bail from encrypt_block if gen_essiv_salt fails
+ + mkfs.ubifs: abort add_directory if readdir fails
+ + mkfs.ubifs: close file descriptor in add_file error path
+ + mkfs.ubifs: don't leak copied command line arguments
+ + mkfs.ubifs: free derived fscrypt context in add_directory error paths
+ + mkfs.ubifs: don't leak hastable iterators
+ + mkfs.ubifs: don't leak temporary buffers
+ + mkfs.ubifs: propperly cleanup in ALL interpret_table_entry error paths
+ + mkfs.jffs2: don't leak temporary buffer if readlink fails
+ + libmtd: don't leak temporary buffers
+ + ftl_check: don't leak temporary buffers
+ + ftl_format: don't leak temporary buffers
+ + ubiformat: don't leak file descriptors
+ + nanddump: don't leak copied command line arguments
+ + mtd_debug: cleanup error handling in flash_to_file
+ + jittertest: fix error check for open system call
+ + fs-tests: don't leak temporary buffers
+ + mtd-utils: Fix printf format specifiers with the wrong type
+ + mtd-utils: Fix potential negative arguments passed to close(2)
+ + mtd-utils: Fix various TOCTOU issues
+ + mtd-utils: Fix some simple cases of uninitialized value reads
+ + mtd-utils: Fix wrong argument to sizeof in nanddump
+ + mtd-utils: Fix "are we really at EOF" test logic in libubi read_data
+ + mtd-utils: Fix potentially unterminated strings
+ + mtd-utils: Add checks to code that copies strings into fixed sized buffers
+ + mkfs.ubifs: fix broken build if fscrtyp is disabled
+
+- Update to version 2.1.1:
+ * Features:
+ - mkfs.ubifs: Add ZSTD compression
+ * Fixes:
+ + ubiformat: Dont ignore sequence number CLI option
+ + mkfs.ubifs: fix build without openssl
+ + mkfs.ubifs: fix regression when trying to store device special files
+ + mkfs.ubifs: fix description of favor_lzo
+ + unittests/test_lib: Include proper header for _IOC_SIZE
+ + unittests/libmtd_test: Include fcntl header
+ + unittests: Define the use of _GNU_SOURCE
+ + ubinize: Exit with non-zero exit code on error.
+ + mtd-tests: nandbiterrs: Fix issue that just insert error at bit 7
+ + ubi-tests: ubi_mkvol_request: Fully initialize 'struct ubi_mkvol_request req'
+ + ubi-tests: io_read: Filter invalid offset value before 'lseek' in io_read test
+ + ubi-tests: mkvol test: Checks return value 'ENOSPC' for 'ubi_mkvol'
+ + ubi-tests: fm_param: Replace 'fm_auto' with 'fm_autoconvert'
+
+- Update to version 2.1.0:
+ * Features:
+ + mkfs.ubifs: Implement support for file system encryption
+ + mkfs.ubifs: Implement selinux labelling support
+ + ubinize: add support for skipping CRC check of a static volume when opening
+ + ubimkvol: add support for skipping CRC check of a static volume when opening
+ + Add lsmtd program
+ * Fixes:
+ - update various kernel headers
+ + Instead of doing preprocessor magic, just output off_t as long long
+ + fix verification percent display in flashcp
+ + mkfs.ubifs: fix double free
+ + mkfs.ubifs: Fix xattr nlink value
+ + ubinize: avoid to create two UBI_LAYOUT_VOLUME_ID volume
+ + common.h: fix prompt function
+ + libmtd: don't print an error message for devices without ecc support
+ + io_paral: Fix error handling of update_volume()
+ + ubimkvol: Initialize req to zero to make sure no flags are set by default
+ + libubi: add volume flags to ubi_mkvol_request
+ + mkfs.ubifs: add_xattr is not depending on host XATTR support
+ + Revert "Return correct error number in ubi_get_vol_info1" which introduced a regression.
+ + make sure pkg-config is installed in configure script
+ + ubiformat: process command line arguments before handling file arguments
+ * Cleanup:
+ + ubiformat: remove no-volume-table option
+
+- Update to version 2.0.2:
+ * libmtd: Add support to access OOB available size
+ * mkfs.ubifs: Allow root entry in device table
+ * Fix unit-test header and file paths for out of tree builds
+ * Fix unit test mockup for oobavail sysfs file
+ * misc-utils: flash_erase: Fix Jffs2 type flash erase problem
+ * libmtd_legacy: Fix some function description mismatches
+ * mtd-utils: ubifs: fix typo in without_lzo definition
+ * mtd: tests: check erase block count in page test
+ * mtd: unittests: Stop testing stat() calls
+ * mtd: unittests: Decode arg size from ioctl request
+ * mtd: unittests: Use proper unsigned long type for ioctl requests
+ * mtd: tests: Fix check on ebcnt in nandpagetest
+ * ubi-utils: ubicrc32: process command line arguments first
+ * nandbiterrs: Fix erroneous counter increment in for loop body
+ * jittertest: Use the appropriate versions of abs()
+ * Mark or fix switch cases that fall through
+ * mkfs.ubifs: ignore EOPNOTSUPP when listing extended attributes
+ * misc-utils: initialize "ip" in docfdisk to NULL
+ * mkfs.ubifs: Apply squash-uids to the root node
+
-- %debug_package no longer required
-
-- rewrote spec file
-- added libacl support
-- created in the filesystems repository
-
-- Update to version 1.2.0.
-
-- Initial build.
-
multipath-tools
+- Update to 0.8.8+38+suse.2bdd3a14.obscpio
+ * upstream version bump. Code-wise identical to 0.8.7+138+suse.7c9afe31
+
+- Drop versioned dependency on libmpath0 again (bsc#1190622)
+ * Since 0.8.6, libmultipath and libmpathpersist have got proper ABI
+ versioning, and rpmbuild auto-generates dependencies on
+ libmultipath.so.0(LIBMULTIPATH_13.0.0) etc.
+
+- Update to version 0.8.7+138+suse.7c9afe31:
+ New upstream version (pre-0.8.8)
+ * deprecate "config_dir" and "multipath_dir" config options
+ (will be removed in future version)
+ * remove dependency on systemd-udevd-settle.service (boo#1193336)
+ * fix crash in remove_map (boo#1193334)
+ * CLI: add path wildcard "%I" for init state
+ * CLI: add "reconfigure all" command
+ * allow multiple pending "reconfigure" commands (bsc#1189551)
+ * speed up "reconfigure" by avoiding unnecessary map reloads
+ (bsc#1189551)
+ * rework of CLI command handler (unix socket handler) to avoid
+ hanging CLI commands (bsc#1189551)
+ * fix multipathd startup after stop during reconfigure (boo#1193338)
+ * improve error detection and warning messages in config file parser
+ * fix exit status of multipath -T (bsc#1191900)
+ * fix defects reported by coverity (boo#1193342)
+ - avoid sleeping with locks held
+ - exit if bindings file is broken
+ - set umask before mkstemp
+ - add bounds and consistency checks in SCSI VPD parsing code
+ * add hardware table entry for DellEMC/ME4 (PowerVault ME4)
+
+- Add a versioned dependency of multipath-tools on libmpath0
+ (bsc#1190622)
+
+- Update to version 0.8.7+14+suse.5a09bfa1:
+ * Fix possible string overflows (bsc#1188148)
+- Upstream fixes / changes
+ * better string handling
+ * multipath: print warning if multipathd isn't running
+ * mpathpersist: better error msg when no usable paths exist
+ * fixes from 0.8.6+32+suse.f11c192 merged upstream
+
+- Spec file: remove compatibility code for SLE <= SLE15-SP2
+
+- Update to version 0.8.6+32+suse.f11c192:
+ * libmultipath:fix compilation with glibc 2.34 (bsc#1189099)
+ * libmultipath: avoid buffer size warning with systemd 240+
+ (bsc#1189176)
+ * libmultipath: use uint64_t for sg_id.lun (bsc#1187534)
+- Upstream bug fixes:
+ * multipath-tools: make HUAWEI/XSG1 config work with alua and multibus
+ * multipath-tools: add info about HPE Alletra 6000 and 9000
+ * multipathd: cli_getprkey(): fix return value and "aptpl" support
+ * multipathd: don't rescan_path on wwid change in uev_update_path
+ * kpartx: Don't leak memory when getblock returns NULL
+ * multipath: free vectors in configure
+ * multipathd: fix ev_remove_path return code handling
+ * multipathd: remove duplicate orphan_paths in flush_map
+ * multipathd: don't fail to remove path once the map is removed
+ * multipathd: fix compilation issue with liburcu < 0.8
+
nkf
+- Update to version 2.1.5
+ * [bugfix] reset bom flag on each checking call
+ (nkf-bug#34797)
+ * [bugfix] nkf32.dll: SetNkfOption can't correctly specify
+ options for multiple options
+ * [bugfix] add document about multiple options
+ (nkf-bug#32974)
+ * [bugfix] Split install into -main, -man, -man-ja
+ (nkf-bug#34250)
+ * [bugfix] add LDFLAGS (nkf-bug#32639)
+ * [bugfix] fix pod2man doesn't through non ASCII
+ (nkf-bug#32546)
+
-- update to 2.0.2
- * now with UTF-8 support
-- remove obsolete patch which was needed namazu, it's included
- in the new version already.
-
notification-daemon
+- Remove obsolete translation-update-upstream support
+ (jsc#SLE-21105).
+
+- No longer recommend -lang: supplements are in use
+
nvme-cli
+- Allow -1 as ctrl_loss_tmo value (bsc#1192348)
+ * add 0013-nvme-cli-ctrl-loss-tmo-should-accept-1-as-value.patch
+- Fix segfauls while discovering (bsc#1191935)
+ * add 0014-Input-expects-device-name-without-dev.patch
+ * add 0015-fabrics-fix-nvme-discover-segfault-if-sysfs-path-is-.patch
+ * add 0016-fabrics-Only-free-initialized-valued-on-exit.patch
+ * add 0017-nvme-print-add-discovery-async-event-config-field.patch
+ * add 0018-fabrics-fix-nvme-connect-segfault-if-transport-type-.patch
+- Context udpate
+ * refresh 0004-nvme-topology-no-error-message-when-openeing-of-cont.patch
+- Adding missing hunk (bsc#1182591)
+ * update 0001-fabrics-ensure-zero-kato-for-non-persistent-controllers.patch
+- Use pkg-config for libuuid dependency setup
+ * add 0103-build-use-pkg-config-for-libuuid-detection.patch
+
open-iscsi
+- Merged latest upstream. Mostly cleanup, but includes a fix for
+ iscsi-init.service when trying to write to the root volume too
+ early (bsc#1192568), as well as an upstream fix for possible
+ deadlock when dealing with sysfs.
+
+- Fix the usr-merge changes (bsc#1192013). This includes catching
+ all the places that /sbin was still used directly, as well as
+ making the SPEC file build using /usr/sbin for openSUSE but
+ still use /sbin for SLE, for now.
+
+- Fix possible systemd cycle by adding an "obsoletes" for
+ the old libopeniscsiusr for older versions.
+
+- Update to latest from upstream, fixing:
+ * Moving the executables from /sbin to /usr/sbin (bsc#1191054)
+ * Remove default dependencies from iscsi-init.service
+ (bsc#1187190)
+
+- Updated to latest upstream 2.1.5 as 2.1.5-suse, which contains
+ these changes not already present:
+ * Handle IPv6 interfaces correctly. (bsc#1187958)
+ * Handle qedi correctly in NPAR mode (bsc#1187958)
+ * Update iscsiadm man page (bsc#1187958)
+ * Update iface.example for ipv6
+ * Change iscsi IP type from defines to enum.
+ * Handle recv() returning 0 in iscsid_response()
+
+- Merged latest upstream, which includes:
+ * iscsid: set PR_SET_IO_FLUSHER (bsc#1188869)
+
openexr
+- added patches
+ fix CVE-2021-3941 [bsc#1192556], Divide-by-zero in Imf_3_1:RGBtoXYZ
+ + openexr-CVE-2021-3941.patch
+
+- security update
+- added patches
+ fix CVE-2021-3933 [bsc#1192498], Integer-overflow in Imf_3_1:bytesPerDeepLineTable
+ + openexr-CVE-2021-3933.patch
+
+- security update
openssh
+- Add openssh-bsc1190975-CVE-2021-41617-authorizedkeyscommand.patch
+ (bsc#1190975, CVE-2021-41617), backported from upstream by
+ Ali Abdallah.
+
postgresql14
-- Let genlists skip non-existing binaries to avoid lots of version
- conditionals in the file lists.
+- bsc#1192516: Upgrade to 14.1
+ * Make the server reject extraneous data after an SSL or GSS
+ encryption handshake (CVE-2021-23214).
+ * Make libpq reject extraneous data after an SSL or GSS
+ encryption handshake (CVE-2021-23222).
+ * https://www.postgresql.org/docs/14/release-14-1.html
+
+- boo#1191782: Let rpmlint ignore shlib-policy-name-error.
+
presage
+- Fix one more GCC 11 warning.
+
+- redo presage-0.9.1-gcc11.patch (boo#1181881)
+ * use noexcept(false) for "throw PresageException"
+
+- add presage-0.9.1-gcc11.patch (boo#1181881)
+ * fix ISO C++17 does not allow dynamic exception specifications
+ * fix come from github.com/AcademySoftwareFoundation/openexr/pull/280
+
+- Revert change of the source package name for the doc flavor.
+ Different flavors require distinct package names for _multibuild
+ to work properly.
+
+- Update presage-0.9.1-python3.patch: Adjust two more env python to
+ for python3.
+
+- Export the include path to fix the build under python 3.8
+
+- Add presage-0.9.1-python3.patch, port python binding and apps
+ to python3
+- Rename subpackages:
+ * dbus-1-presage -> python3-dbus-presage
+ * python-presage -> python3-presage
+ * pyprompter -> python3-pyprompter
+ * python-presagemate -> python3-presagemate
+
+- Add explicit BuildRequires for pkg-config for doc flavor, otherwise
+ configuration on Leap 15.x / SLE 15 fails.
+- Disable build and checks for tools/bindings when building API docs.
+
+- Make the package name dependent on the flavor, otherwise OBS can not track
+ the packages correctly and keeps blocking until all flavors are finished.
+- Remove unnneded Requires: presage in devel subpackge
+
+- Split out API doc generation using multibuild. graphviz-gd has
+ become quite heavy as a build dependency.
+- Cleanup specfile
+ * remove defattr, use license macro
+ * remove conditionals for EOLed distribution versions
+- Remove gpresagemate, it depends on the long deprecated XEVIE extension
+- Set she-bang for /usr/bin/presage_dbus_* to /usr/bin/python2
+
-- update version 0.9.beta20140216
- * see ChangeLog file
-- drop patch: presage-0.8.9-automake_1.12_abuild.patch
-- add patch: presage-0.9.0-automake_1.12_abuild.patch
-
pullin-bcm43xx-firmware
+- use %_firmwaredir
+
+- BuildRequire pkgconfig(systemd) instead of systemd: allow OBS to
+ shortcut through the -mini flavors.
+
python-rpm-macros
+- Update to version 20211022.38e7c70:
+ * no newline after python_install_alternative
+
+- Update to version 20211018.c7614ad:
+ * remove ghost gh#openSUSE/python-rpm-macros#118
+ * revert reset name change
+ * fix README
+ * move u-a/la switch for scriptlets to build phase
+
+- Update to version 20211001.fc6c04e:
+ * Supporting libalternatives.
+
+- Update to version 20210628.eccf3f2:
+ * fix boolean split gh#openSUSE/python-rpm-macros#111
+
+- Update to version 20210607.c22f1cc:
+ * increase default python3 update-alternative prio by 1000
+ * Update default-prjconf
+ * Support flavor rewriting of boolean runtime dependencies
+
+- Update to version 20210204.937b8d8:
+ * fixup: last PR was missing a commit for pyproject_wheel syntax errors
+
+- Update to version 20210204.90721de:
+ * mv -n does not work in SLE12
+ * Update PEP517/518 macro documentation in README
+ * Let pyproject_install search for more locations for wheels or specify explicitely
+ * Read .rpmmacros (= prjconf Macro: definitions) for default buildset
+
+- Update to version 20210203.0d8a91e:
+ * don't define skip_python2 by default
+
+- Update to version 20210131.ec7577b:
+ * remove old commented path finding section
+ * expand python_subpackage_only not earlier than in python_subpackages call
+ * make the path and var macros return a non-interrupted string even when the flavor is not installed
+
+- Update to version 20210131.1450767:
+ * only add parentheses when boolean operators are used
+ * sync buildset definitions with Factory
+ * fix typo
+
+- Update to version 20210127.3a18043:
+ * dont't rename wheel when it already has the same name
+
+- Update to version 20210126.fea1c1f:
+ * Document python_module with boolean dependecies
+ * workaround undetected abi and platform tags gh#openSUSE/python-rpm-macros#93
+
+- Update to version 20210121.ef5b8b9:
+ * Add %python pseudo-macro for %python_modules -- server and rpm version
+
+- Update to version 20210117.63cf413:
+ * improve flavor variable naming in python_expand
+
+- Update to version 20210116.2682657:
+ * remove python2 not found error
+
+- Update to version 20210112.86f4d9d:
+ * fix gh#openSUSE/python-rpm-macros#84: python_sysconfig_ macros
+
+- Update to version 20201207.2177fcf:
+ * README update after merge
+
+- Update to version 20201207.259cdda:
+ * Update python_expand description in README
+ * python_expand to basename only
+
+- Update to version 20201204.32a910e:
+ * fix print_provided_flavor again
+
+- Update to version 20201203.5331183:
+ * fix print_provided_flavor
+
+- Update to version 20201128.669edb3:
+ * fix provides (for python-numpy f2py, in gh#openSUSE/python-rpm-macros#66)
+
+- Update to version 20201123.6978323:
+ * also rewrite subpackage_only default providers
+ * pytest: ignore _build dirs for all flavors
+
+- Update to version 20201119.6bb5f69:
+ * add default provider properties
+ * don't replace %name, for subpackage_only
+ * expand parameters for subpackage_only packages
+
+- Update to version 20201112.a4c80dc:
+ * handle python_subpackage_only, fixes gh#openSUSE/python-rpm-macros#73
+ * define default providers for pythonX from pythonXY flavors: fixes #69
+
+- Update to version 20201103.cec67c2:
+ * document python_find_lang
+ * add python_find_lang and allow to specify in %python_files. Fixes #5
+
+- Update to version 20201102.31ccfc2:
+ * fix python_clone shebang replacement
+ * one less expansion for python_exec
+ * expand default %python_ macros earlier
+ * update README for multiple flavors
+ * more command delimiters for %python_expand
+
+- Update to version 20201022.7f87908:
+ * Add python36 and python38 flavours.
+
+- Update to version 20201021.adb6953:
+ * Prepare for multiple python3 flavors
+- Remove multiple_flavors.patch as it is included in the upstream
+ tarball.
+
+- Update to version 20201016.5d22545:
+ * fix whitespace after escape in compileall macro
+
+- Update to version 20201016.db09189:
+ * Delete pycache files before compilealll
+ * Update macros/010-common-defs
+ * Reword compileall
+ * mention pyproject.toml and link to PEP517 and PEP518
+ * add description for pyunittest macro
+ * add description for python_compileall macro
+ * add description for pyproject macros
+ * add python_compileall macro and use it in pyproject_install
+ * disable pip version check: no connection to pypi.org
+
+- Update multiple_flavors.patch to generate correct names of the
+ python binary.
+
+- %__#FLAVOR# should be defined as
+ /usr/bin/python%{#FLAVOR#_version} not just /usr/bin/#FLAVOR#
+
+- Add patch multiple_flavors.patch which makes compile_macros.sh
+ generate alternative flavours as well.
+
+- Update to version 20200824.8fa42a7:
+ * Drop -v from the pyunittest macros
+
+- Update to version 20200806.f44d3ac:
+ * fix unittest macros
+
+- Update to version 20200714.252de1f:
+ * Add pyunittest and pyunittest_arch macros
+
+- Update to version 20200701.9f5a2f6:
+ * add blank line between pytest and pytest_arch to fix expansion
+ failure in Leap gh#openSUSE/python-rpm-macros#53
+
+- Update to version 20200625.e862151:
+ * fix pytest_arch PYTHONPATH
+ * expand calls pyproject* macros (revert #45)
+ * let the shell expand PYTHONPATH
+
+- Update to version 20200623.3ea9b62:
+ * fix PYTHONPATH on pytest_arch macro
+
+- Update to version 20200622.1919233:
+ * Expand %buildroot first (avoid endless cycle; bsc#1162743)
+
+- Update to version 20200622.1f4c5d2:
+ * Add missing semicolon
+
+- For Factory change %system_python to python3.
+
+- Update to version 20200603.503823c:
+ * Don't add empty path to PYTHONPATH setting.
+ * Do not expand macros, just print them unexpanded (for %pytest* and %pyproject* macros)
+ * Replace py.test -> pytest
+
+- Update to version 20200529.b301e36:
+ * update-alternatives are quiet during install
+
python-setuptools
+- We cannot remove vendored packages when generating setuptools
+ wheel (bsc#1177127).
+
+- Add remove_mock.patch to remove dependency on the external mock
+ package.
+
+- Avoid duplicite wheel name in the generated package, and we actually
+ don't need a subpackage at all.
+
+- Make wheel a separate build run to avoid the setuptools/wheel build
+ cycle.
+
+- update to 44.1.0
+ * Set sys.argv[0] in setup script run by build_meta.__legacy__
+ * Fix for Python 4: replace unsafe six.PY3 with six.PY2
+ * Fixed a bug in the “setuptools.finalize_distribution_options†hook
+ that lead to ignoring the order attribute of entry points managed
+ by this hook.
+ * Avoid loading working set during Distribution.finalize_options prior
+ to invoking _install_setup_requires, broken since v42.0.0.
+
+- use local source dir for pytest imports
+ gh#openSUSE/python-rpm-macros#48
+
+- Fix License to the correct MIT
+
+- Fix build without python2
+
+- update to 44.0.0
+- last version with python2 support
+- add testdata.tar.gz -> missing data for testsuite
+ * Drop support for Python 3.4.
+ * include pyproject.toml in source distribution by default.
+ Projects relying on the previous behavior where pyproject.toml
+ * Setuptools once again declares 'setuptools' in the build-system.requires
+ and adds PEP 517 build support by declaring itself as the build-backend
+ * Fix support for easy_install's find-links option in setup.cfg
+ * Build dependencies (setup_requires and tests_require) now install transitive
+ dependencies indicated by extras.
+ * Mark the easy_install script and setuptools command as deprecated, and use
+ pip when available to fetch/build wheels for missing setup_requires/tests_require
+ requirements, with the following differences in behavior:
+ + support for python_requires
+ + better support for wheels (proper handling of priority with respect to PEP 425 tags)
+ + PEP 517/518 support
+ + eggs are not supported
+ + no support for the allow_hosts easy_install option (index_url/find_links are still honored)
+ + pip environment variables are honored (and take precedence over easy_install options)
+ * Removed the "upload" and "register" commands in favor of twine.
+ * Add support for the license_files option in setup.cfg to automatically
+ include multiple license files in a source distribution.
+ * Update handling of wheels compatibility tags: * add support for manylinux2010
+ * fix use of removed 'm' ABI flag in Python 3.8 on Windows
+ * Fix empty namespace package installation from wheel.
+ * Setuptools now exposes a new entry point hook "setuptools.finalize_distribution_options",
+ enabling plugins like setuptools_scm to configure options on the distribution
+ at finalization time.
+
+- update to 41.6.0
+- add importlib.patch
+ * Replace usage of deprecated imp module with local
+ re-implementation in setuptools._imp
+ * Fix pkg_resources.Requirement hash/equality implementation
+ * Fix tests when running under python3.10.
+ * drop 'deprecated' documentation (test command, ez_setup, EasyInstall)
+
+- Remove runtime dependency for the full python3 package, as the
+ actually required SSL module is in python3-base. For python(2),
+ SSL is in the "full" python package. Avoids build loops and
+ shortens the dependency chain for e.g. rust.
+
+- Try to use system packages rather than the vendored variants
+
+- Add patch to sort outputs for better reproducability:
+ * sort-for-reproducibility.patch
+- Add missing dep on ordered-set as it is now in the vendored
+ dir too
+
+- Update to 41.4.0
+ * In declarative config, now traps errors when invalid python_requires
+ values are supplied.
+ * When storing extras, rely on OrderedSet to retain order of extras
+ as indicated by the packager, which will also be deterministic
+ on Python 2.7 (with PYTHONHASHSEED unset) and Python 3.6+.
+ * Fixed failing integration test triggered by 'long_description_content_type' in packaging.
+
+- Define LANG in %check to fix openSUSE/SLE 15 testsuite
+
+- Switch to multibuild to enable testsuite
+
+- Update to 41.2.0:
+ * #479: Remove some usage of the deprecated imp module.
+ * #1565: Changed html_sidebars from string to list of string as per https://www.sphinx-doc.org/en/master/changes.html#id58
+ * #1697: Moved most of the constants from setup.py to setup.cfg
+ * #1756: Forse metadata-version >= 1.2. when project urls are present.
+
+- update to version 41.0.1:
+ * #1671: Fixed issue with the PEP 517 backend that prevented
+ building a wheel when the dist/ directory contained existing .whl
+ files.
+ * #1709: In test.paths_on_python_path, avoid adding unnecessary
+ duplicates to the PYTHONPATH.
+ * #1741: In package_index, now honor "current directory" during a
+ checkout of git and hg repositories under Windows
+
+- update to 41.0.0
+ * #1735: When parsing setup.cfg files, setuptools now requires the files
+ to be encoded as UTF-8. Any other encoding will lead to a UnicodeDecodeError.
+ This change removes support for specifying an encoding using a 'coding: '
+ directive in the header of the file, a feature that was introduces in 40.7.
+ Given the recent release of the aforementioned feature, it is assumed that
+ few if any projects are utilizing the feature to specify an encoding
+ other than UTF-8.
+
+- update to version 40.8.0:
+ * #1652: Added the build_meta:__legacy__ backend, a "compatibility
+ mode" PEP 517 backend that can be used as the default when
+ build-backend is left unspecified in pyproject.toml.
+ * #1635: Resource paths are passed to pkg_resources.resource_string
+ and similar no longer accept paths that traverse parents, that
+ begin with a leading /. Violations of this expectation raise
+ DeprecationWarnings and will become errors. Additionally, any
+ paths that are absolute on Windows are strictly disallowed and
+ will raise ValueErrors.
+ * #1536: setuptools will now automatically include licenses if
+ setup.cfg contains a license_file attribute, unless this file is
+ manually excluded inside MANIFEST.in.
+- changes from version 40.7.3:
+ * #1670: In package_index, revert to using a copy of splituser from
+ Python 3.8. Attempts to use urllib.parse.urlparse led to problems
+ as reported in #1663 and #1668. This change serves as an
+ alternative to #1499 and fixes #1668.
+
+- update to version 40.7.2:
+ * #1666: Restore port in URL handling in package_index.
+- changes from version 40.7.1:
+ * #1660: On Python 2, when reading config files, downcast options
+ from text to bytes to satisfy distutils expectations.
+- changes from version 40.7.0:
+ * #1551: File inputs for the license field in setup.cfg files now
+ explicitly raise an error.
+ * #1180: Add support for non-ASCII in setup.cfg (#1062). Add support
+ for native strings on some parameters (#1136).
+ * #1499: setuptools.package_index no longer relies on the deprecated
+ urllib.parse.splituser per Python #27485.
+ * #1544: Added tests for PackageIndex.download (for git URLs).
+ * #1625: In PEP 517 build_meta builder, ensure that sdists are built
+ as gztar per the spec.
+
+- BuildIgnore python[23]-pyparsing: python-packaging requires it
+ for some actions it could perform, but we don't make use of these
+ here. Ignoring this dependency allows us to break open a
+ BuildCycle.
+
+- update to 40.6.3:
+ * #1594: PEP 517 backend no longer declares setuptools as a dependency
+ as it can be assumed.
+
+- Fix fdupes call
+
+- update to version 40.6.2:
+ * #1592: Fix invalid dependency on external six module (instead of
+ vendored version).
+- changes from version 40.6.1:
+ * #1590: Fixed regression where packages without author or
+ author_email fields generated malformed package metadata.
+- changes from version 40.6.0:
+ * #1541: Officially deprecated the requires parameter in setup().
+ * #1519: In pkg_resources.normalize_path, additional path
+ normalization is now performed to ensure path values to a
+ directory is always the same, preventing false positives when
+ checking scripts have a consistent prefix to set up on Windows.
+ * #1545: Changed the warning class of all deprecation warnings;
+ deprecation warning classes are no longer derived from
+ DeprecationWarning and are thus visible by default.
+ * #1554: build_meta.build_sdist now includes setup.py in source
+ distributions by default.
+ * #1576: Started monkey-patching get_metadata_version and
+ read_pkg_file onto distutils.DistributionMetadata to retain the
+ correct version on the PKG-INFO file in the (deprecated) upload
+ command.
+ * #1533: Restricted the recursive-include setuptools/_vendor to
+ contain only .py and .txt files.
+ * #1395: Changed Pyrex references to Cython in the documentation.
+ * #1456: Documented that the rpmbuild packages is required for the
+ bdist_rpm command.
+ * #1537: Documented how to use setup.cfg for src/ layouts
+ * #1539: Added minimum version column in setup.cfg metadata table.
+ * #1552: Fixed a minor typo in the python 2/3 compatibility
+ documentation.
+ * #1553: Updated installation instructions to point to pip install
+ instead of ez_setup.py.
+ * #1560: Updated setuptools distribution documentation to remove
+ some outdated information.
+ * #1564: Documented setup.cfg minimum version for version and
+ project_urls.
+ * #1572: Added the concurrent.futures backport futures to the Python
+ 2.7 test suite requirements.
+
+- build python3 subpackage (FATE#323875)
+
+- update to 18.0.1 for fate#319032
+ * see full changelog in CHANGES.txt
+
+- fix vulnerability in non-RFC6125-compliant host name matching
+ (bsc#930189, setuptools-1.1.7-match-hostname.patch)
+
+- Add package to SLE 12 SDK (FATE#318137, bnc#913229)
+
ruby2
+Add patches to fix the following CVE's:
+ - CVE-2021-32066.patch (CVE-2021-32066): Fix StartTLS stripping
+ vulnerability in Net:IMAP (bsc#1188160)
+ - CVE-2021-31810.patch (CVE-2021-31810): Fix trusting FTP PASV
+ responses vulnerability in Net:FTP (bsc#1188161)
+ - CVE-2021-31799.patch (CVE-2021-31799): Fix Command injection
+ vulnerability in RDoc (bsc#1190375)
+
s390-tools
+- Added s390-tools-sles15sp3-dbginfo.sh-exclude-page_idle-bitmap.patch
+ Reading /sys/kernel/mm/page_idle/bitmap can cause hang up on
+ reading offline pages. (bsc#1192599)
+- Added %{version} to the Requires: libekmfweb1 for the
+ libekmfweb1-devel package.
+
samba
+- Fix dependency problem upgrading from libndr0 to libndr2 and
+ from libsamba-credentials0 to libsamba-credentials1;
+ (bsc#1192684);
+
+- Fix regression introduced by CVE-2020-25717 patches, winbindd
+ does not start when 'allow trusted domains' is off; (bso#14899);
+- Update to 4.15.2
+ * CVE-2016-2124: SMB1 client connections can be downgraded to
+ plaintext authentication; (bso#12444); (bsc#1014440);
+ * CVE-2020-25717: A user on the domain can become root on domain
+ members; (bso#14556); (bsc#1192284);
+ * CVE-2020-25718: Samba AD DC did not correctly sandbox Kerberos
+ tickets issued by an RODC; (bso#14558); (bsc#1192246);
+ * CVE-2020-25719: Samba AD DC did not always rely on the SID and
+ PAC in Kerberos tickets; (bso#14561); (bsc#1192247);
+ * CVE-2020-25721: Kerberos acceptors need easy access to stable
+ AD identifiers (eg objectSid); (bso#14557); (bsc#1192505);
+ * CVE-2020-25722: Samba AD DC did not do suffienct access and
+ conformance checking of data stored; (bso#14564);
+ (bsc#1192283);
+ * CVE-2021-3738: Use after free in Samba AD DC RPC server;
+ (bso#14468); (bsc#1192215);
+ * CVE-2021-23192: Subsequent DCE/RPC fragment injection
+ vulnerability; (bso#14875); (bsc#1192214);
+- Update to 4.15.1
+ * vfs_shadow_copy2: core dump in make_relative_path; (bso#14682);
+ * Log clutter from filename_convert_internal; (bso#14685);
+ * MacOSX compilation fixes; (bso#14862);
+ * rodc_rwdc test flaps; (bso#14868);
+ * Provide a fix for MS CVE-2020-17049 in Samba [SECURITY] 'Bronze
+ bit' S4U2Proxy Constrained Delegation bypass in Samba with
+ embedded Heimdal; (bso#14642);
+ * Python ldb.msg_diff() memory handling failure; (bso#14836);
+ * "in" operator on ldb.Message is case sensitive; (bso#14845);
+ * Release LDB 2.4.1 for Samba 4.15.1; (bso#14848);
+ * samldb_krbtgtnumber_available() looks for incorrect string;
+ (bso#14854);
+ * Fix Samba support for UF_NO_AUTH_DATA_REQUIRED; (bso#14871);
+ * Allow special chars like "@" in samAccountName when generating
+ the salt; (bso#14874);
+ * Correctly ignore comments in CTDB public addresses file;
+ (bso#14826);
+ * Fix transit path validation; (bso#12998);
+ * Fix that child winbindd logs to log.winbindd instead of
+ log.wb-<DOMAIN>; (bso#14852);
+ * SMB3 cancel requests should only include the MID together with
+ AsyncID when AES-128-GMAC is used; (bso#14855);
+ * Prepare to operate with MIT krb5 >= 1.20; (bso#14870);
+ * Heimdal prefers RC4 over AES for machine accounts; (bso#14864);
+
+- Enable samba-tool without ad dc.
+
+- Adjust spec to use pam macros; (bsc#1191046).
+
+- Adjust spec for size
+ * allow some Recommends instead Requires to be configured
+ for cifs-utils, samba-libs-python3 & samba-gpupdate;
+ (bsc#1182847).
+ * remove fam, undocumented and unneeded.
+
+- Add missing build dependency on bison when building with the
+ embedded Heimdal Kerberos
+
sg3_utils
-- Update to version 1.44~763+19.1ed0757:
- * rescan-scsi-bus.sh: use LUN wildcard in idlist (bsc#1069384)
+- Update to version 1.47:
+ * sg_rep_zones: add support for REPORT ZONE DOMAINS and
+ REPORT REALMS in this utility
+ * sg_raw: fix prints of NVMe NVM command names
+ * sg_logs: additions to Volume statistics lpage [ssc5r05c]
+ - additions to Command duration limits statistics log
+ page [spc6r06]
+ * sg_vpd: fix do_hex type on some recent pages
+ - zoned block dev char vpd: add zone alignment mode and
+ zone starting LBA granularity [zbc2r11]
+ * sg_read_buffer: fix --length= problem
+ * sg_dd, sgm_dd, sgp_dd: don't close negative file descriptors
+ * sg_dd: srand48_r() and mrand48_r() are GNU libc specific,
+ put conditional in so non-reentrant version used otherwise
+ - 'iflag=00,ff' places the 32 bit block address (big endian)
+ into each block
+ * sgp_dd: major rework, fix issue with error being ignored
+ - new: --chkaddr which checks for block address in each block
+ - add check for stdatomic.h presence in configure.ac
+ * sg_xcopy: tweak CSCD identification descriptor
+ * sg_get_elem_status: fix issue with '--maxlen=' option
+ - add 2 depopulation revocation health attributes [sbc5r01]
+ * transport error handling improved. To fix report of a
+ BAD_TARGET transport error but the utility still continued.
+ - introduce SG_LIB_TRANSPORT_ERROR [35] exit status
+ * several utilities: override '--maxlen=LEN' when LEN
+ is < 16 (or 4), take default (or 4) instead
+ * scripts: 55-scsi-sg3_id.rules remove outdated rule (bsc#1189297)
+ * sg_lib: add sg_scsi_status_is_good(),
+ sg_scsi_status_is_bad() and sg_get_zone_type_str()
+ * pt_linux: fix verify(BytChk=0) which Linux SNTL translated
+ to write, other SNTL cleanups
+ * pt_linux_nvme: fix fua setting
+ * pt: check_pt_file_handle() add return value of 5 for
+- _service updates:
+ * re-enable service, hadn't been used for 1.46 release
+ * use upstream author's git repository, simplify versioning scheme
+ * use obscpio format
+
+- Update to version 1.46:
+ * sg_rep_pip: new utility: report provisioning initialization
+ pattern command
+ * sg_turs: estimated time-to-ready [spc6r03]
+ - add --delay=MS option
+ * sg_requests: substantial cleanup
+ * sg_vpd: add Format presets and Concurrent positioning ranges
+ - add hot-pluggable field in standard Inquiry [spc6r05]
+ - fix vendor struct opts_t alignment
+ * sg_inq: add hot-pluggable field in standard Inquiry
+ * sg_dd: --verify : separate category for miscompare errors
+ - --verify : oflag=coe continue on miscompares, counts them
+ - add cdl= operand for command duration limit indexes
+ - add oflag=nocreat and conv=nocreat : OFILE must exist
+ - add iflag=00, ff, random flags
+ - setup conditional auto rule for getrandom()
+ - add command timeout after comma in time= operand
+ * sg_get_elem_status: add ralwd bit sbc4r20a
+ * sg_write_x: add dld bits to write(32) [sbc4r19a]
+ * sg_rep_zones: print invalid write pointer LBA as -1 rather
+ than 16 "f"s
+ * sg_opcodes: improve handling of RWCDLP field
+ * sg_ses: use fan speed factor field for calculation [ses4r04]
+ - add --all (-a) option, same action as --join
+ * sg_compare_and_write: add examples section to its manpage
+ * sg_modes: document '-s' option (same as '-6')
+ * sg_sanitize + sg_format: when --verbose given once report
+ probable success; without --verbose 'no news is good news'
+ * sg_zone: add Remove element and modify zones command
+ * sg_raw: increase maximum data-in and data-out buffer size
+ from 64 KB to 1 MB
+ - fix --cmdfile= handling
+ - add --nvm option to send commands from the NVM command set
+ - add --cmdset option to bypass cdb heuristic
+ - add --scan= first_opcode,last_opcode
+ * sg_pt_freebsd: allow device names without leading /dev/
+ thus fix for regression introduced in rev 731 (ver: 1.43)
+ * sg_pt_solaris+sg_pt_osf1: fix problem with clear_scsi_pt_obj()
+ which needs to remember is_nvme and dev_fd values
+ * sg_lib: add ZBC (2020) feature set entries
+ * sg_lib: restore elements and rebuild command added
+ * sg_lib,sg_pt: add partial_clear_scsi_pt_obj(),
+ get_scsi_pt_cdb_len() and get_scsi_pt_cdb_buf()
+ - add do_nvm_pt() for the NVM (sub-)command set
+ - tweak transport error handling in Linux
+ * sg_lib: Linux NVMe SNTL: add read, write and verify;
+ synchronize cache and write same translations
+ - add dummy start stop unit and test unit ready commands
+ - wire cache mpage's WCE to nvme 'volatile write cache'
+ - fix crash in sg_f2hex_arr() when fname not found
+ * sg_lib: reprint cdb with illegal request sense key
+ - asc/ascq match asc-num.txt @t10 20200708 [spc6r02]
+ * gcc-10: suppress warnings
+ * autoconf: upgrade version 2.69 to 2.70
+ * remove space from end of source lines for git-svn
+ * testing/sg_mrq_testing: new, for blocking mrq usage
+ * testing/sgs_dd: add evfd flags and eventfd processing
+ * testing: remove master-slave terminology for sgv4
+ * examples: add nvme_read_ctl.hex and nvme_write_ctl.hex
+- Earlier SUSE fixes included in 1.46:
- (bsc#840054, bsc#1131482)
+ (bsc#840054, bsc#1131482)
-- Spec file: add fc_wwpn_id to generate by-path links for
- fibrechannel (bsc#1005063)
-- Update to version 1.44~763+17.35f525b:
- * Changed versioning scheme (svn r763, pre-release of
- upstream 1.44, plus 16 SUSE patches, SUSE git commit b2fedfa)
- * Code-identical to previous release except for the following:
+- Update to version 1.45~815+5.6aa67ed:
+- Update to svn r815:
+ * sg_opcodes: expand MLU (spc5r20)
+ * sg_inq: update version descriptors to spc5r21
+ * sg_vpd: 3pc VPD page add copy group descriptor
+ * sg_xcopy: add --fco (fast copy only) (spc5r20) and --app=1
+ * add nanosecond durations with SG3_UTILS_LINUX_NANO
+- Earlier SUSE fixes now included upstream:
+ * 58-scsi-sg3_symlink.rules: don't skip multipath members
+ (bsc#1085212) [r815]
+ * rescan-scsi-bus.sh: terminate scanning if last lun got removed
+ (bsc#1087008) [r815]
+ * Add scsi-enable-target-scan.sh (bsc#954600) [r814]
+ * shellcheck cleanups for rescan-scsi-bus.sh [r814]
+
+- Replace old $RPM_* shell vars.
+
+- Spec file:
+ * add fc_wwpn_id (bsc#1005063)
+ * add lun masking service (bsc#954600)
+ * drop BuildRequires on udev
+ * replace unversioned "Provides: scsi" with versioned
+- Update to version sg3_utils-1.45~803+31.564be3d:
+ * New versioning scheme for upstream pre-release:
+ 1.45 - upstream release target, 803 - upstream svn id,
+ +31: SUSE commits on top of svn, 564be3d - git hash
+ * rescan-scsi-bus.sh: terminate scanning if last lun got removed
+ (bsc#1087008)
+ * 58-scsi-sg3_symlink.rules: don't skip multipath members
+ (bsc#1085212)
+ * Add scsi-enable-target-scan.sh (bsc#954600)
+- Update to svn r803:
+ * sg_opcodes: expand MLU (18-102r0)
+ * sg_format: add --dcrt used twice (FOV=1 DCRT=0)
+ * rescan-scsi-bus: widen LUN 0 only scanning
+ (bsc#1069384)
+- Earlier SUSE fixes included in 1.45:
+ * rescan-scsi-bus.sh: use LUN wildcard in idlist (bsc#1069384)
+ [svn: r795]
+ * sg_ses: fixup page decoding (bsc#1077787) [svn: r795]
+ * sg_ses: allow to decode raw data instead of reading from a device
+ (bsc#1050943) [svn: r795]
+- Update to sg3_utils-1.44 [20180912] [svn: r791]
+ * rescan-scsi-bus.sh: harden code
+ - bump version to 20180615
+ - add --ignore-rev to ignore revision change
+ * introduce SG3_UTILS_DSENSE environment variable
+ * sginfo: don't open /dev/snapshot
+ * sg_timestamp: add '--no-timestamp' option
+ - add --elapsed and --hex options
+ * sg_wr_mode: add --rtd option for RTD bi
+ * sg_unmap: add --all=ST,RN[,LA] option
+ * sgm_dd, sg_dd: add --dry-run and --verbose options
+ * sg_inq+sg_vpd: update Extended inquiry data vpd page
+ * sg_ses: add 'hw_reset' and 'sw_reset' to enclosure services
+ controller electronics element type (18-047r1)
+ * sg_decode sense: add --cdb and --err=ES options
+ * sg_format: add --dry-run option
+ - extend --wait timeout for > 4TB disks
+ * sg_sanitize: add --dry-run option
+- Earlier SUSE fixes included in 1.44:
+ * sg_inq: decode standard INQUIRY for CD-ROMs correctly
+ (bsc#1065448, bsc#1070431) [svn: r742]
+ * sg_inq: export all NAA values (bsc#1050767) [svn: r715]
+ * Add fc_wwpn_id to generate by-path links for fibrechannel
+ (bsc#1005063) (svn@715)
+ * sg_vpd: struct opts_t misaligment (bsc#1050943) [svn: r707]
-- Use separate repository for SLE15
+- rescan-scsi-bus.sh: Fixes from shellcheck
speex
+- Fix zero division error in read_samples (CVE-2020-23903 bsc#1192580)
+ speex-CVE-2020-23903.patch
+
-- fix build for SLE_10
- autoreconf for suse_version >= 1100
-- spec
- o sort TAGS
- o macros
- rm > {__rm}
- version > {version} ....
-
-- split off libspeex1 and libspeexdsp1 according to library
- packaging policy
-- include actual tarball version in package version
-- don't package README's for embedded cpus
-
-- add baselibs.conf as a source
-- enable parallel building
-
suse-module-tools
+- Update to version 15.4.10:
+ * same as Factory version 16.0.17
+ * 60-io-scheduler.rules: add rules for virtual devices
+ (boo#1193759)
+ * 60-io-scheduler.rules: enforce "none" for loop devices
+ (boo#1193759)
+ * install some modprobe.d files only for relevant architectures
+ (apm_bios, sonypi, toshiba, legacy rtc) (bsc#1192974)
+
+- Update to version 15.4.9:
+ * same as Factory version 16.0.16
+ * modprobe.d: split conf files (jsc#SLE-21626, boo#1193059)
+ - Rather than shipping two large files with modprobe.d options
+ (00-system.conf and 50-blacklist.conf), ship multiple small
+ per-module files. This makes it easier for users to override
+ distribution defaults.
+ * blacklist isst_if_mbox_msr (bsc#1187196)
+ * boot-sysctl: make sure file exists (fix for containers)
+ * remove blacklist entry for snd_bt87x (bsc#1192974, bsc#51718)
+
susepaste
+- Add 0002-susepaste-add-image-paste-info.patch: Add info on
+ posting an image to susepaste in the man page, (boo#1193400).
+
-- adding http://paste.opensuse.org as another output
-- adding man page
-
terminus-bitmap-fonts
+- Add note to package description about pango not supporting
+ pcf bitmap fonts.
+
-- amend spec file to reflect new font packaging scheme
- (see openFATE#313536);
-
timezone
+- timezone update 2021e (bsc#1177460):
+ * Palestine will fall back 10-29 (not 10-30) at 01:00
+- timezone update 2021d:
+ * Fiji suspends DST for the 2021/2022 season
+ * 'zic -r' marks unspecified timestamps with "-00"
+- timezone update 2021c:
+ * Revert almost all of 2021b's changes to the 'backward' file
+ * Fix a bug in 'zic -b fat' that caused old timestamps to be
+ mishandled in 32-bit-only readers
+- timezone update 2021b:
+ * Jordan now starts DST on February's last Thursday.
+ * Samoa no longer observes DST.
+ * Move some backward-compatibility links to 'backward'.
+ * Rename Pacific/Enderbury to Pacific/Kanton.
+ * Correct many pre-1993 transitions in Malawi, Portugal, etc.
+ * zic now creates each output file or link atomically.
+ * zic -L no longer omits the POSIX TZ string in its output.
+ * zic fixes for truncation and leap second table expiration.
+ * zic now follows POSIX for TZ strings using all-year DST.
+ * Fix some localtime crashes and bugs in obscure cases.
+ * zdump -v now outputs more-useful boundary cases.
+ * tzfile.5 better matches a draft successor to RFC 8536.
+- Refresh tzdata-china.patch
+
tlp
+- Update to 1.4.0 24.09.2021
+- * Features
+ Audio:
+ - SOUND_POWER_SAVE_ON_AC: change default to enabled (Issue #495)
+ Battery:
+ - "Battery Features" renamed to "Battery Care"
+ - Introduce plugins to support Battery Care for non-ThinkPads:
+ - ASUS laptops: stop threshold
+ - Huawei MateBooks: start and stop threshold
+ - LG Gram laptops: stop threshold at 80% aka "battery care limit"
+ - Lenovo laptops: stop threshold at 60% aka "battery conservation mode"
+ - Samsung laptops: stop threshold at 80% aka "battery life extender"
+ - ThinkPads
+ - Allow deactivation of the start threshold (START_CHARGE_THRESH_BATx=0)
+ - Discharge malfunction: hint to check battery and charger
+ - Use standard sysfs attributes for charge thresholds
+ (Issue #513)
+ - Flag ThinkPad L512 as "unsupported"
+ - Validate charge threshold configuration, don't fail silently
+ - tlp-stat -b
+ - Battery Care: show plugin, supported features, driver usage and
+ related kernel module(s)
+ - Map battery state "Unknown" to "Idle" for clarity
+ Configuration:
+ - tlp-stat --cdiff: show configuration differing from defaults
+ - PARAMETER+="add values": append values to a parameter already defined
+ as intrinsic default or in a *previously* read file (Issue #457)
+ - TLP_WARN_LEVEL: warn about invalid settings, configurable for background
+ tasks and command line
+ - Rename parameters (backwards compatible to legacy config files):
+ SATA_LINKPWR_BLACKLIST -> SATA_LINKPWR_DENYLIST
+ RUNTIME_PM_BLACKLIST -> RUNTIME_PM_DENYLIST
+ RUNTIME_PM_DRIVER_BLACKLIST -> RUNTIME_PM_DRIVER_DENYLIST
+ USB_BLACKLIST -> USB_DENYLIST
+ USB_BLACKLIST_BTUSB -> USB_EXCLUDE_BTUSB
+ USB_BLACKLIST_PHONE -> USB_EXCLUDE_PHONE
+ USB_BLACKLIST_PRINTER -> USB_EXCLUDE_PRINTER
+ USB_BLACKLIST_WWAN -> USB_EXCLUDE_WWAN
+ USB_WHITELIST -> USB_ALLOWLIST
+ Disks:
+ - AHCI_RUNTIME_PM_ON_AC/BAT:
+ - Works only on disks defined in DISK_DEVICES
+ - Works on NVMe (new), SATA/ATA and plugged in USB (new) disks
+ - Works on SATA ports
+ - No longer experimental i.e. now enabled by default; the previously
+ existing risk of system freezes (and data loss) with the multiqueue
+ scheduler is now eliminated:
+ - Kernel >= 4.19 itself locks unsafe disk runtime pm
+ - TLP generally locks it for kernel < 4.19
+ - DISK_APM_CLASS_DENYLIST: exclude disk classes from APM, i.e. you may
+ now activate it for USB and IEEE1394 drives (Issue #523)
+ - DISK_APM_LEVEL_ON_AC/BAT, DISK_SPINDOWN_TIMEOUT_ON_AC, DISK_IOSCHED:
+ now also work when plugging in USB disks; provided disk is contained in
+ DISK_DEVICES and 'usb' is removed from DISK_APM_CLASS_DENYLIST
+ - tlp-stat -d
+ - Explain why AHCI_RUNTIME_PM is locked for a disk
+ - Show disks attached to SATA links/ports
+ - Show a disk's host (for SATA_LINKPWR_DENYLIST)
+ - Show ALPM state in the sysfs directory of the AHCI host
+ - Show IDs for all disks configured in DISK_DEVICES
+ - Distinguish SATA from ATA(IDE) disks
+ - Show NVMe disk temperature
+ General:
+ - power-profiles-daemon: issue error messages about conflicting service
+ - tlp-stat -s: determine OS release without the lsb_release utility
+ Graphics:
+ - Add support for amdgpu (Issue #498)
+ - Improve powerdown of unused GPUs with drivers amdgpu, nouveau,
+ nvidia and without driver (Issues #488, #495, #498)
+ - tlp-stat -g:
+ - List all GPUs with at least the driver info
+ - Show hybrid graphics switch state (switcheroo)
+ - Intel GPU:
+ - Show hardware min/max frequency instead of
+ list of available frequencies (kernel change)
+ - Show more informative RC6, FBC and PSR status where available
+ (Issue #203)
+ Operation Mode AC/BAT:
+ - Speed up system shutdown/suspend by not applying AC settings anymore
+ - TLP_PS_IGNORE: add USB; allow to ignore multiple power supply classes
+ - tlp-stat -s: speed up power source detection
+ - tlp-stat --psup/udev: check if udev rules for power source changes and
+ connecting USB devices are active
+ PCI(e) devices:
+ - RUNTIME_PM_ENABLE/DISABLE: permanently enable/disable runtime PM for
+ PCI(e) devices based on address (independent of the power source)
+ - RUNTIME_PM_DENYLIST: remove amdgpu, nvidia, pcieport from defaults
+ - tlp-stat -e -v: show device runtime_status
+ Platform:
+ - PLATFORM_PROFILE_ON_AC/BAT: select platform profile to control system
+ operating characteristics around power/performance levels, thermal
+ and fan speed
+ - tlp-stat -p: show state of ThinkPad lapmode
+ Processor:
+ - CPU_HWP_DYN_BOOST_ON_AC/BAT: Intel CPU HWP dynamic boost (Issue #468)
+ - Remove backwards compatibility of CPU_ENERGY_PERF_POLICY_ON_AC/BAT with
+ ENERGY_PERF_POLICY_ON_AC/BAT to prevent performance issues caused by the
+ value 'power' in legacy configurations
+ - PHC_CONTROLS removed (obsolete)
+ - tlp-stat -p:
+ - cpu1..cpuN omitted for clarity, use -v to show all
+ - Sort more than 10 CPU cores in proper numerical order
+ - Show intel_pstate operation mode ("status")
+ - Omit "EPB: unsupported" for AMD or non-intel_pstate CPUs
+ USB:
+ - USB_EXCLUDE_AUDIO: exclude audio devices from autosuspend (Issue #556)
+ - tlp-stat -u -v: show device runtime_status
+
+- Don't recommend bbswitch, there's no relation to tlp (boo#1190631)
+
+- tlp-sleep.service does not exist anymore
+- Make %files section a bit more precise
+
+- Recommend bbswitch for ThinkPad battery charge control instead of
+ acpi-call or tp-smapi not present in the distribution.
+
+- Use the same value for TLP_ULIB in the %build phase and the
+ %install phase (boo#1180495):
+ + BuildRequire pkgconfig(udev)
+ + Use pkg-config --variable udev_dir udev for the value of
+ TLP_ULIB.
+
tnftp
+- tnftp ssl client should validate hostnames and certificates,
+ so for example tnftp -d https://revoked.badssl.com/example
+ fails to connect. (tnftp-verify_hostname.patch), There are
+ at least two reports about this misbehaviour online but it has
+ never been fixed. Patch targets openSSL 1.1.x and later
+ so specify requirement in spec file.
+
tpm2-0-tss
-- drop 0001-esys-Fix-HMAC-generation-for-policy-sessions.patch: now contained
- in upstream tarball
-- update to upstream version 2.4.5 (jsc#SLE-17366):
- - changes in version 2.3.2:
- * Fix unit tests on S390 architectures
- * Fixed HMAC generation for policy sessions
- - changes in version 2.3.3:
+- Version 3.1.0 includes:
+ + cover update to 2.4.5 (jsc#SLE-17366)
+ + cover update to 2.3.0 (jsc#SLE-9515)
+ + fix policy session for TPM2_PolicyAuthValue (bsc#1160736)
+- Add version the configuration file tpm2-tss-fapi.conf
+
+- Remove conflicting sysusers.d file
+
+- Clean spec file
+- Add new library libtss2-tcti-pcap0
+- Update to 3.1.0:
+ * Fix FAPI PolicyPCR not instatiating correctly (CVE-2020-24455)
+ * Fixed possible access outside the array in ifapi_calculate_tree
+ * Added pcap TCTI
+ * Added GlobalSign TPM Root CA certs to FAPI cert store
+ * Changed EncryptDecrypt mode type to align with TPM2.0 spec 1.59
+ * Added two new TPM commands TPM2_CC_CertifyX509,
+ and TPM2_CC_ACT_SetTimeout
+
+- small services fixes and comments
+
+- update to 3.0.3:
+ - changes in 3.0.3:
+ * Fix Regression in Fapi_List
+ * Fix memory leak in policy calculation
+ - changes in 3.0.2:
+ * FAPI: Fix setting of the system flag of NV objects
+ * This will let NV object metadata be created system-wide always instead of
+ * locally in the user. Existing metadata will remain in the user directory.
+ * It can be moved to the corresponding systemstore manually if needed.
+ * FAPI: Fix policy searching, when a policyRef was provided
+ * FAPI: Accept EK-Certs without CRL dist point
+ * FAPI: Fix return codes of Fapi_List
+ * FAPI: Fix memleak in policy execution
+ * FAPI: Fix coverity NULL-pointer check
+ * FAPI: Set the written flag of NV objects in FAPI PolicyNV commands
+ * FAPI: Fix deleting of policy files.
+ * FAPI: Fix wrong file loading during object search.
+ * Fapi: Fix memory leak
+ * Fapi: Fix potential NULL-Dereference
+ * Fapi: Remove superfluous NULL check
+ * Fix a memory leak in async keystore load.
+
+- move the tcti-fapi tmpfiles.d config file into the libtss2-fapi1 sub-package.
+- improve the descriptions of new libraries (fapi1, cmd0, swtpm0)
+- adjust baselibs.conf to match new library versions and added libraries
+
+- Update to 3.0.1, changelog at:
+ https://github.com/tpm2-software/tpm2-tss/blob/3.0.x/CHANGELOG.md
+- Update libtss2-sys0 to libtss2-sys1
+- Add new libs:
+ * libtss2-fapi1
+ * libtss2-tcti-cmd0
+ * libtss2-tcti-swtpm0
+
+- Update to version 2.3.3
- - changes in version 2.4.0:
- * Added a new Feature API (FAPI) implementation
- * Added Esys_TRSess_GetAuthRequired() ESAPI function
- * Added Esys_TR_GetTpmHandle() SAPI function
- * Added Esys_GetSysContext() SAPI function
- * Added the with-sanitizer configure option
- * Added CI for FreeBSD
- * Changed MSSIM TCTI to be async capable
- * Removed TCTI loaders from ESYS dependencies in pkg-config
- * Changed getPollHandles to allow num_handles query
- * Improved CI builds
- * Converted builds to docker builds
- * Number of fixes and improvements in the test code
- * Changed tcti-device in non-async mode to allways block
- * Fixed hmac calculation for tpm2_clear command in ESAPI
- * Fixed mixing salted and unsalted sessions in the same ESAPI context
- * Removed use of VLAs from TPML marshal code
- * Fixed setting C++ compiler for non-fuzzing builds at configure
- * Fixed setting the name of session objects
- * Fixed page alignment errors in Sys_Get/SetAuths functions
- * Fixed potential buffer overflow in tcti_mssim_receive
- * Fixed invalid memory alloc failure in Tss2_TctiLdr_Initialize
- * Fixed list of exported symbols map for libtss2-mu
- * Fixed resource name calculation in Esys_CreateLoaded
- * Fixed keysize of ECC curve TPM2_ECC_NISTP224
- * Fixed segmentation fault in tctildr if name_conf was too big
- * Fixed memory leak in tctildr-tcti tests
- * Fixed HMAC generation for policy sessions
- * Added check for object node before calling compute_session_value function
- * Fixed auth calculation in Esys_StartAuthSession called with optional parameters
- * Fixed compute_encrypted_salt error handling in Esys_StartAuthSession
- * Fixed exported symbols map for libtss2-mu
- * Remove duplicate ESYS entries from map file
- * Removed the private implementation of strndup from tctildr
- - changes in version 2.4.1:
- * Fixed systemd-sysusers/-tmpfiles creation without systemd
- * Removed expired coverity token from travis.yaml
- * Fixed uninitialized context of FAPI command Fapi_ChangeAuth issue
- * Fixed handling of tcti pointer in Esys_Initialize
- * Fixed usages of EC routines deprecated in OSSL 1.2 and greater
- * Fixed FAPI handling of TPMs without stored certificates
- - changes in version 2.4.2:
- * Fixed duoble json_object_put call in event log processing.
- * Fixed memory leaks on error paths in FAPI
- * Fixed setting of FAPI app data.
- * Fixed size check for Fapi_Encrypt.
- * Fixed computation of PCR logs and PCR digest of PCR logs.
- * Improved comments for FAPI authentication.
- * Fixed segfault and leaks in FAPI
- * Fixed Fapi_GetCertificate for objects which are not of type key
- * Fixed hierarchy usage in Fapi_Provision
- * Fixed ESYS Shared secret calculation
- * Fixed doxygen warnings for FAPI docs
- * Fixed copying of primary template during key loading.
- * Fixed some wrong format directives in debug statements.
- * Fixed usage of hierarchy and authentication in Fapi_GetCertificate und Fapi_Delete
- * Fixed unallocated return buffers which may have lead to segfaults in tooling
- * Fixed usage of persistent handles.
- * Fixed computation of the size of a PCR selection (Fixes #1737).
- * Fixed missing hierarchy authentication for Fapi_Delete.
- * Fixed uninitialized context of FAPI command Fapi_ChangeAuth.
- * Fixed computation of random value for objects used for sealing.
- * Fixed return code for event parsing errors.
- * Fixed NV index and path handling in NV creation.
- * Fixed path checking for keys.
- * Fixed Fapi_GetInfo function.
- * Fixed path usage in Fapi_Import.
- * Fixed invalid settings of default flags for keys creation.
- * Fixed handle usage in Fapi_ChangeAuth
- * Enabled all PCR registers for SHA256 bank in the distribution profiles.
- * Added some checks to Fapi_Provisioning to avoid nasty failure states
- * Added a check to prevent overwrite or delete FAPI storage objects and directories
- * Remove obsolete test fapi-key-create-policy-password-sign.int.c
- * Checked hierarchy needed for EvictControl for deleting objects in FAPI.
- * Checked event log file before calling the TPM in Fapi_PcrExtend.
- * Adapted integration tests to SRK delete checking.
- * Improved presentation of Fapi_GetInfo.
- * Silenced expected errors from Esys_TestParams
- * Added man pages for FAPI json config files
- * Added a check that prevents deleting default directories
- * Added a check if primary keys already exist for Fapi_Provision
- * Added tests for derived persistent keys.
- * Added test policy PCR with PCR register 8.
- * Added check for deleting of the SRK.
- * Added test for sealing a random value.
- * Added content of the config file to FAPI Info.
- * Added a check for valid pathnames in keystore module.
- * Removed unecassary code from Fapi_ExportKey
- * Removed obsolete LIBDL_LDFLAGS and replace it with LIBADD_DL
- * Removed superfluous policies/pol_password.json file
- - changes in version 2.4.3:
- * Fix CVE-2020-24455 FAPI PolicyPCR not instatiating correctly
- Note that all TPM object created with a PolicyPCR with the currentPcrs
- and currentPcrsAndBank options have been created with an incorrect policy
- that ommits PCR checks. All these objects have to be recreated!
- * Fix bug in FAPI NV creation with custom index values
- * Cleanup of leftover sessions in error cases in FAPI
- * Better error messages in several FAPI errors
- * Add checks to FAPI policy paths
- * Add checks if FAPI is correctly provisioned
- * Fix execution of FAPI policies in some cases
- * Allow 0x prefixes for TPMU_HA in JSON encoding
- - changes in version 2.4.4:
- * FAPI: Fix policy searching, when a policyRef was provided
- * FAPI: Accept EK-Certs without CRL dist point
- * FAPI: Fix memleak in policy execution
- * FAPI: Fix setting of the system flag of NV objects
- This will let NV object metadata be created system-wide always instead of
- locally in the user. Existing metadata will remain in the user directory.
- It can be moved to the corresponding systemstore manually if needed.
- * FAPI: Set the written flag of NV objects in FAPI PolicyNV commands
- * FAPI: Fix deleting of policy files.
- * FAPI: Fix wrong file loading during object search.
- * Fapi: Fix memory leak
- * Fapi: Fix potential NULL-Dereference
- * Fapi: Remove superfluous NULL check
- - changes in version 2.4.5:
- * Fix Regression in Fapi_List
- * Fix memory leak in policy calculation
-- 0001-esys-Fix-HMAC-generation-for-policy-sessions.patch: fix problems with
- policy sessions that don't include an TPM2_PolicyAuthValue (bsc#1160736).
- This bug was fixed upstream in a minor release 2.3.2.
+- Use system-users for tss user creation (boo#1162360).
+
+- BuildRequire pkgconfig(udev) instead of udev: allow OBS to
+ shortcut through the -mini flavor.
+
+- update to upstream version 2.3.2:
+ - changes since version 2.3.0:
+ - Fix unit tests on S390 architectures
+ - Fixed HMAC generation for policy sessions
-- update to upstream version 2.3.0 (dependency for jsc#SLE-9515):
+- update to upstream version 2.3.0:
xclip
+- modernise spec-file (move license to licensedir)
+
xorg-x11-libX11-ccache
+- make package arch again (boo#1110020)
+
-- bumped version to 7.3
-
xorg-x11-server
+- U_xfixes-Fix-out-of-bounds-access-in-ProcXFixesCreateP.patch
+ * CVE-2021-4009/ZDI-CAN-14950 (bsc#1190487)
+ The handler for the CreatePointerBarrier request of the XFixes
+ extension does not properly validate the request length leading
+ to out of bounds memory write.
+- U_Xext-Fix-out-of-bounds-access-in-SProcScreenSaverSus.patch
+ * CVE-2021-4010/ZDI-CAN-14951 (bsc#1190488)
+ The handler for the Suspend request of the Screen Saver extension
+ does not properly validate the request length leading to out of
+ bounds memory write.
+- U_record-Fix-out-of-bounds-access-in-SwapCreateRegiste.patch
+ * CVE-2021-4011/ZDI-CAN-14952 (bsc#1190489)
+ The handlers for the RecordCreateContext and RecordRegisterClients
+ requests of the Record extension do not properly validate the request
+ length leading to out of bounds memory write.
+
+- u_Support-configuration-files-under-run-X11-xorg.conf..patch
+- u_Add-udev-scripts-for-configuration-of-platform-devic.patch
+- u_Add-udev-rule-for-HyperV-devices.patch
+ * Remove udev-based configuration again (not working)
+- U_rendercompositeglyphs.patch
+ * X.Org Server SProcRenderCompositeGlyphs Out-Of-Bounds Access
+ Privilege Escalation Vulnerability [CVE-2021-4008, ZDI-CAN-14192]
+ (boo#1193030)
+
+- u_pci-primary-Fix-up-primary-PCI-device-detection-for-the-platfrom-bus.patch
+ * Fix possible SEGFAULT when parsing busid
+
+- u_Support-configuration-files-under-run-X11-xorg.conf..patch
+ * Support configuration files under /run
+- u_Add-udev-scripts-for-configuration-of-platform-devic.patch
+ * Add udev rules for configuration of platform (e.g.,
+ simple-framebuffer) devices
+- u_Add-udev-rule-for-HyperV-devices.patch
+ * Add udev rules for configuration of HyperV graphics devices
+
xscreensaver
-- update to 5.44 (ECO-2755):
+- Do not own /usr/share/fonts. It belongs to filesystem.
+
+- Update to version 6.02:
+ * New hacks, `marbling' and `binaryhorizon'.
+ * `atlantis' behaviors are more random and lifelike.
+ * `headroom' is now Mask Headroom.
+ * `fontglide' skips fonts that can't display ASCII.
+ * Use asterisks in the password dialog if the system fonts don't
+ have bullets in them.
+ * "Disable Screen Saver" was behaving like "Blank Screen Only".
+- Fix compilation with older versions of gcc and on aarch64
+ (xscreensaver-6.02-marbling-std-c.patch).
+
+- Update to version 6.01:
+ * Major refactor of the `xscreensaver' daemon for improved
+ security, dividing it into three programs: `xscreensaver',
+ `xscreensaver-gfx' and `xscreensaver-auth'.
+ * Renamed `xscreensaver-demo' to `xscreensaver-settings'.
+ * Unlock dialog has user-selectable color schemes.
+ * Everything uses XFreeType for fonts now.
+ * Install a few custom fonts needed by some savers.
+ * Properly disable the server's built-in screen saver.
+ * The passwdTimeout option was being ignored.
+ * The display of the unlock thermometer was weird.
+ * Fixed password entry on old-school multi-screen setups (:0.1).
+ * Worked around a KDE 5 compositor bug that caused the desktop
+ to momentarily become visible when cycling.
+ * Fixed possible high CPU usage in `xscreensaver-systemd'.
+ * Fixed some spurious warnings in `xscreensaver-text'.
+ * Warn when Wayland is in use, since it makes both screen saving
+ and locking impossible.
+ * Dropped support for systems older than X11R7 (2009).
+ * Fading works on systems without gamma (e.g. Raspberry Pi).
+ * Use EGL instead of GLX when available.
+ * `xscreensaver-systemd' now detects when a video player has
+ inhibited screen blanking and then exits without uninhibiting.
+ * Improved GLSL and GLES3 support: Phong shading in `etruscanvenus',
+ `hypertorus', `klein', `projectiveplane',`romanboy' and
+ `sphereeversion'.
+ * Updates to `cubicgrid'.
+- Refresh xscreensaver-disable-upgrade-nagging-message.patch.
+- Use default libexecdir.
+
+- Update to version 5.45:
+ * New hacks, covid19, headroom, sphereeversion and beats.
+ * Shader updates to hypertorus.
+ * No more image-loading pause in glslideshow.
+ * BSOD supports GNOME.
+ * Image loaders support SVG.
+ * xscreensaver-systemd now allows video players to request that
+ the screen not blank.
+ * -log implies -verbose -no-capture-stderr.
+ * Glade -> GtkBuilder.
+ * Various bug fixes.
+
+- update to 5.44:
yast2
+- Fixed RelURL to work properly with the FTP URLs (related to
+ jsc#SLE-22669)
+- 4.4.30
+
+- Fixed RelURL unit test randomly crashing (related to
+ jsc#SLE-22669)
+- 4.4.29
+
+- Added RelURL class for working with relative URLs ("relurl://")
+ (jsc#SLE-22669)
+- 4.4.28
+
+- Drop support for subscription-tools, that package is not present
+ in SLE15 anymore - removed modules/ProductProfiles.rb file
+ (bsc#1193339)
+- 4.4.27
+
+- Popup.YesNo(): Unify the internal [No] button ID (bsc#1193326)
+- 4.4.26
+
+- Add register_target to the Y2Packager::Product class
+ (bsc#1193212).
+- 4.4.25
+
+- Do not crash when it is not possible to fetch the package
+ containing the release notes (bsc#1193148).
+- 4.4.24
+
+- Prepare code for ruby3 (bsc#1193192)
+- 4.4.23
+
yast2-add-on
+- Drop support for subscription-tools, that package is not present
+ in SLE15 anymore (bsc#1193339)
+- 4.4.5
+
+- Properly set the custom repository name (bsc#1191491)
+- 4.4.4
+
yast2-alternatives
+- 4.4.0 (bsc#1185510)
+
+- Change .desktop file so module launches with xdg-su (bsc#1180173).
+- 4.3.1
+
+- Handle properly help command for alternatives client
+ (bsc#1172340)
+- 4.3.0
+
yast2-bootloader
+- rely on yast-storage-ng to detect UEFI boot support status (bsc#937067)
+- 4.4.10
+
+- bnc#1193016
+ - fixed crash due to missing require
+- 4.4.9
+
yast2-installation
+- Self-update now supports relative URLs (relurl://), it defines
+ the self-update repository relatively to the main installation
+ repository (jsc#SLE-22669)
+- 4.4.30
+
+- Do not preselect any product during upgrade (related to
+ bsc#1192230).
+- 4.4.29
+
+- Improve the self-update process, do not read the products from
+ the installation medium (bsc#1193536)
+- Adde more /etc/os-release replacements in the self-update URL
+- 4.4.28
+
+- Display the correct title in the welcome screen depending
+ on its content (related to bsc#1193223 and bsc#1192230).
+- 4.4.27
+
+- Display the product's license when only 1 product is available
+ in the online medium (bsc#1193223).
+- Do not display the product's selector during upgrade
+ (kanderssen@suse.com, bsc#1192230).
+- 4.4.26
+
+- Drop support for subscription-tools, that package is not present
+ in SLE15 anymore (bsc#1193339)
+- 4.4.25
+
+- Do not crash when it is not possible to fetch the package
+ containing the release notes (bsc#1193148).
+- 4.4.24
+
+- Remove no longer used extra warning about destructive actions
+ before starting the installation process (related to bsc#1057437).
+- 4.4.23
+
yast2-journal
+- Prepare code for ruby3 (bsc#1193192)
+- 4.4.1
+
yast2-network
+- Prepare code for ruby3 (bsc#1193192)
+- 4.4.32
+
yast2-nfs-client
+- Adding /usr/bin/killall as a requirement (bsc#1161687)
+- 4.4.2
+
yast2-packager
+- Adapt iso handling to do properly double escaping ( fix for wrong
+ fix for bsc#954813)
+- Prepare code for ruby3 (bsc#1193192)
+- 4.4.18
+
+- Unify the Yes/No popup button IDs (bsc#1193326)
+- 4.4.17
+
+- Properly set the custom repository name (#1191491)
+- 4.4.16
+
+- Add the register_target property to ProductSpec so it is
+ available in all the derived classes (bsc#1193212).
+- 4.4.15
+
+- Use consistent names for the Full medium repositories
+ (bsc#1191652)
+- 4.4.14
+
yast2-python-bindings
+- Fix yast2-python-bindings requires Python (bsc#1190890).
+- 4.4.2
+
yast2-ruby-bindings
+- Avoid timing issue in integration tests ( bsc#1193192 )
+- 4.4.6
+
+- Avoid warning in ruby3.0 ( bsc#1193192 )
+- 4.4.5
+
yast2-storage-ng
+- Improve probing issues handling by raising exceptions.
+- Fix aborting from standalone modules when the user decides
+ to not continue (bsc#1193749).
+- 4.4.27
+
+- Partitioner: nest thin logical volumes below their thin pools (related to
+ jsc#SLE-15283)
+- 4.4.26
+
+- AutoYaST: fixes for reusing encrypted devices, RAIDs and bcache
+ devices (bsc#1193450).
+- 4.4.25
+
+- document UEFI handling (bsc#937067)
+- 4.4.24
+
+- Proposal: add support for mount options (related to fate#318196).
+- 4.4.23
+
+- use libstorage-ng to determine whether efibootmgr is available
+ (bsc#937067)
+- 4.4.22
+
+- Prepare code for ruby3 - adapt openstruct usage (bsc#1193192)
+- 4.4.21
+
+- Fix regression for unit tests: mock the generation of Bcache
+ issues to avoid setting the architecture for every test (related
+ to jsc#SLE-18430).
+- 4.4.20
+
+- Refined the criteria used to check whether a certain mount point
+ needs the _netdev mount option (jsc#SLE-20535).
+- Now _netdev is only added if needed at the end of the Guided
+ Proposal, is not longer suggested as part of the default mount
+ options for new mount points.
+- 4.4.19
+
+- Improve probing errors handling: when there are several errors,
+ only one popup is shown, and Details button shows all the errors
+ (jsc#SLE-18430).
+- Partitioner: add menu option View/System Issues.
+- 4.4.18
+
+- Unify the Yes/No popup button IDs (bsc#1193326)
+- 4.4.17
+
+- Prepare code for ruby3 (bsc#1193192)
+- 4.4.16
+
+- Changed the HWInfoReader API: now it always returns objects of
+ a new Y2Storage::HWInfoDisk class (backwards compatible with
+ OpenStruct).
+
+- Fixed typo in message about encryption (part of jsc#SLE-21308)
+- 4.4.15
+
yast2-trans
+- Update to version 84.87.20211204.c55adb9b7a:
+ * New POT for text domain 'installation'.
+ * Translated using Weblate (Japanese)
+ * Translated using Weblate (Japanese)
+ * Translated using Weblate (Ukrainian)
+ * Translated using Weblate (Ukrainian)
+ * Translated using Weblate (Slovak)
+ * Translated using Weblate (Slovak)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Slovak)
+ * New POT for text domain 'update'.
+ * New POT for text domain 'storage'.
+ * New POT for text domain 'packager'.
+ * New POT for text domain 'installation'.
+ * New POT for text domain 'base'.
+ * New POT for text domain 'add-on'.
+ * Translated using Weblate (Portuguese)
+ * Translated using Weblate (Portuguese)
+ * Translated using Weblate (Portuguese)
+ * New POT for text domain 'users'.
+ * New POT for text domain 'installation'.
+ * New POT for text domain 'autoinst'.
+ * New POT for text domain 'update'.
+ * Translated using Weblate (Japanese)
+
+- Update to version 84.87.20211126.cedf3cc035:
+ * New POT for text domain 'installation'.
+ * New POT for text domain 'bootloader'.
+ * New POT for text domain 'autoinst'.
+ * Translated using Weblate (French)
+ * Translated using Weblate (French)
+ * Translated using Weblate (Slovak)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * New POT for text domain 'storage'.
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Japanese)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * Translated using Weblate (Catalan)
+ * New POT for text domain 'xpram'.
+ * New POT for text domain 's390'.
+ * New POT for text domain 'packager'.
+ * New POT for text domain 'autoinst'.
+
yast2-tune
+- Fixed heading if component is empty or nil (bsc#1193809)
+- Fixed typo in common wizard button ID (:abort, not :bort)
+- 4.4.2
+
yast2-update
+- Do not crash after selecting the system to upgrade when using
+ the full medium (bsc#1193212).
+- 4.4.6
+
+- Remove obsolete code for treating /var differently when mounting
+ partitions, avoiding calling old storage code and crashing
+ (related to bsc#1186268).
+- 4.4.5
+
yast2-users
+- Prepare code for ruby3 (bsc#1193192)
+- 4.4.10
+
+- AutoYaST: do not warning about deprecated <group_password>
+ when it is empty, "x", "!", or "*" (related to jsc#SLE-20592).
+- 4.4.9
+
zstd
+- Update to version 1.5.0 (jsc#SLE-20392)
+ * https://github.com/facebook/zstd/releases/tag/v1.5.0
+ * Improved Middle-Level Compression Speed
+ * Improved High-Level Compression Ratio
+ * Faster Decompression Speed
+ * Dynamic Library Supports Multithreading by Default
+