SUSE-IU-2024:272-1: Security update of suse-sles-15-sp5-chost-byos-v20240307-hvm-ssd-x86_64
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Mar 11 08:01:08 UTC 2024
SUSE Image Update Advisory: suse-sles-15-sp5-chost-byos-v20240307-hvm-ssd-x86_64
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:272-1
Image Tags : suse-sles-15-sp5-chost-byos-v20240307-hvm-ssd-x86_64:20240307
Image Release :
Severity : important
Type : security
References : 1065729 1108281 1141539 1174649 1181674 1193285 1194869 1209834
1210443 1210638 1211515 1211886 1212091 1214377 1215275 1215698
1215885 1216441 1216559 1216702 1216752 1217102 1217895 1217987
1217988 1217989 1218005 1218215 1218447 1218494 1218527 1218659
1218689 1218713 1218723 1218730 1218752 1218757 1218762 1218763
1218768 1218778 1218779 1218782 1218804 1218831 1218832 1218836
1218862 1218865 1218894 1218916 1218948 1218958 1218968 1218997
1219006 1219012 1219013 1219014 1219026 1219053 1219067 1219120
1219123 1219128 1219136 1219189 1219243 1219267 1219268 1219285
1219349 1219412 1219425 1219429 1219434 1219438 1219442 1219490
1219512 1219568 1219576 1219582 1219608 1219823 1219826 1219851
1219852 1219853 1219854 1220385 1220389 CVE-2021-33631 CVE-2023-27043
CVE-2023-42465 CVE-2023-4408 CVE-2023-46838 CVE-2023-47233 CVE-2023-4921
CVE-2023-50387 CVE-2023-50868 CVE-2023-51042 CVE-2023-51043 CVE-2023-51385
CVE-2023-51780 CVE-2023-51782 CVE-2023-5517 CVE-2023-5679 CVE-2023-6040
CVE-2023-6356 CVE-2023-6516 CVE-2023-6531 CVE-2023-6535 CVE-2023-6536
CVE-2023-6915 CVE-2024-0340 CVE-2024-0553 CVE-2024-0565 CVE-2024-0567
CVE-2024-0641 CVE-2024-0727 CVE-2024-0775 CVE-2024-1085 CVE-2024-1086
CVE-2024-21626 CVE-2024-23651 CVE-2024-23652 CVE-2024-23653 CVE-2024-24860
CVE-2024-25062
-----------------------------------------------------------------
The container suse-sles-15-sp5-chost-byos-v20240307-hvm-ssd-x86_64 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:456-1
Released: Tue Feb 13 11:03:03 2024
Summary: Recommended update for grub2
Type: recommended
Severity: moderate
References:
This update for grub2 fixes the following issues:
- Fix missing grub2 exporters on Leap
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:458-1
Released: Tue Feb 13 14:34:14 2024
Summary: Recommended update for hwdata
Type: recommended
Severity: moderate
References:
This update for hwdata fixes the following issues:
- Update to version 0.378
- Update pci, usb and vendor ids
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:459-1
Released: Tue Feb 13 15:28:56 2024
Summary: Security update for runc
Type: security
Severity: important
References: 1218894,CVE-2024-21626
This update for runc fixes the following issues:
- Update to runc v1.1.12 (bsc#1218894)
The following CVE was already fixed with the previous release.
- CVE-2024-21626: Fixed container breakout.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:480-1
Released: Thu Feb 15 12:35:51 2024
Summary: Recommended update for libsolv
Type: recommended
Severity: important
References: 1215698,1218782,1218831,1219442
This update for libsolv, libzypp fixes the following issues:
- build for multiple python versions [jsc#PED-6218]
- applydeltaprm: Create target directory if it does not exist (bsc#1219442)
- Fix problems with EINTR in ExternalDataSource::getline (bsc#1215698)
- CheckAccessDeleted: fix running_in_container detection (bsc#1218782)
- Detect CURLOPT_REDIR_PROTOCOLS_STR availability at runtime (bsc#1218831)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:516-1
Released: Thu Feb 15 16:04:34 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1065729,1108281,1141539,1174649,1181674,1193285,1194869,1209834,1210443,1211515,1212091,1214377,1215275,1215885,1216441,1216559,1216702,1217895,1217987,1217988,1217989,1218005,1218447,1218527,1218659,1218689,1218713,1218723,1218730,1218752,1218757,1218768,1218778,1218779,1218804,1218832,1218836,1218916,1218948,1218958,1218968,1218997,1219006,1219012,1219013,1219014,1219053,1219067,1219120,1219128,1219136,1219285,1219349,1219412,1219429,1219434,1219490,1219512,1219568,1219582,1219608,CVE-2021-33631,CVE-2023-46838,CVE-2023-47233,CVE-2023-4921,CVE-2023-51042,CVE-2023-51043,CVE-2023-51780,CVE-2023-51782,CVE-2023-6040,CVE-2023-6356,CVE-2023-6531,CVE-2023-6535,CVE-2023-6536,CVE-2023-6915,CVE-2024-0340,CVE-2024-0565,CVE-2024-0641,CVE-2024-0775,CVE-2024-1085,CVE-2024-1086,CVE-2024-24860
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the nft_setelem_catchall_deactivate() function (bsc#1219429).
- CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables component that could have been exploited to achieve local privilege escalation (bsc#1219434).
- CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128).
- CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c, because of a vcc_recvmsg race condition (bsc#1218730).
- CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length transmit fragment (bsc#1218836).
- CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end() (bsc#1219412).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
- CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network scheduler which could be exploited to achieve local privilege escalation (bsc#1215275).
- CVE-2023-51043: Fixed use-after-free during a race condition between a nonblocking atomic commit and a driver unload in drivers/gpu/drm/drm_atomic.c (bsc#1219120).
- CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c that could allow a local user to cause an information leak problem while freeing the old quota file names before a potential failure (bsc#1219053).
- CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function (bsc#1218752).
- CVE-2024-0641: Fixed a denial of service vulnerability in tipc_crypto_key_revoke in net/tipc/crypto.c (bsc#1218916).
- CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832).
- CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in lib/idr.c (bsc#1218804).
- CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c because of a rose_accept race condition (bsc#1218757).
- CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218447).
- CVE-2024-0340: Fixed information disclosure in vhost/vhost.c:vhost_new_msg() (bsc#1218689).
- CVE-2024-24860: Fixed a denial of service caused by a race condition in {min,max}_key_size_set() (bsc#1219608).
The following non-security bugs were fixed:
- Documentation: RAS: Add index and address translation section (jsc#PED-7618).
- ACPI: LPIT: Avoid u32 multiplication overflow (git-fixes).
- ACPI: LPSS: Fix the fractional clock divider flags (git-fixes).
- ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (bsc#1214377)
- ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error (git-fixes).
- ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (bsc#1214377)
- ACPI: property: Allow _DSD buffer data only for byte accessors (git-fixes).
- ACPI: resource: Add another DMI match for the TongFang GMxXGxx (git-fixes).
- ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (bsc#1214377)
- ACPI: video: check for error while searching for backlight device parent (git-fixes).
- ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 (git-fixes).
- ALSA: hda/cs8409: Suppress vmaster control for Dolphin models (git-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Zenbook 2022 Models (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5 (git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook (git-fixes).
- ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx (git-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx (git-fixes).
- ALSA: hda: Refer to correct stream index at loops (git-fixes).
- ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32 bps format (git-fixes).
- ALSA: oxygen: Fix right channel of capture volume mixer (git-fixes).
- ASoC: Intel: Skylake: Fix mem leak in few functions (git-fixes).
- ASoC: Intel: Skylake: mem leak in skl register function (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346 (git-fixes).
- ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch (git-fixes).
- ASoC: amd: Add Dell G15 5525 to quirks list (bsc#1219136).
- ASoC: amd: Add check for acp config flags (bsc#1219136).
- ASoC: amd: Add new dmi entries to config entry (bsc#1219136).
- ASoC: amd: Drop da7219_aad_jack_det() usage (bsc#1219136).
- ASoC: amd: Drop empty platform remove function (bsc#1219136).
- ASoC: amd: Update Pink Sardine platform ACP register header (bsc#1219136).
- ASoC: amd: acp-config: Add missing MODULE_DESCRIPTION (git-fixes).
- ASoC: amd: acp-da7219-max98357a: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp-rt5645: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp3x-rt5682-max9836: Configure jack as not detecting Line Out (bsc#1219136).
- ASoC: amd: acp3x-rt5682-max9836: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp: Add TDM slots setting support for ACP I2S controller (bsc#1219136).
- ASoC: amd: acp: Add TDM support for acp i2s stream (bsc#1219136).
- ASoC: amd: acp: Add i2s tdm support in machine driver (bsc#1219136).
- ASoC: amd: acp: Add kcontrols and widgets per-codec in common code (bsc#1219136).
- ASoC: amd: acp: Add missing MODULE_DESCRIPTION in mach-common (git-fixes).
- ASoC: amd: acp: Add new cpu dai's in machine driver (bsc#1219136).
- ASoC: amd: acp: Add setbias level for rt5682s codec in machine driver (bsc#1219136).
- ASoC: amd: acp: Enable i2s tdm support for skyrim platforms (bsc#1219136).
- ASoC: amd: acp: Fix possible UAF in acp_dma_open (bsc#1219136).
- ASoC: amd: acp: Initialize list to store acp_stream during pcm_open (bsc#1219136).
- ASoC: amd: acp: Map missing jack kcontrols (bsc#1219136).
- ASoC: amd: acp: Modify dai_id macros to be more generic (bsc#1219136).
- ASoC: amd: acp: Refactor bit width calculation (bsc#1219136).
- ASoC: amd: acp: Refactor dai format implementation (bsc#1219136).
- ASoC: amd: acp: Refactor i2s clocks programming sequence (bsc#1219136).
- ASoC: amd: acp: add a label to make error path more clean (bsc#1219136).
- ASoC: amd: acp: add acp i2s master clock generation for rembrandt platform (bsc#1219136).
- ASoC: amd: acp: add pm ops support for acp pci driver (bsc#1219136).
- ASoC: amd: acp: add pm ops support for rembrandt platform (bsc#1219136).
- ASoC: amd: acp: clean up some inconsistent indentings (bsc#1219136).
- ASoC: amd: acp: clear pdm dma interrupt mask (bsc#1219136).
- ASoC: amd: acp: delete unnecessary NULL check (bsc#1219136).
- ASoC: amd: acp: export config_acp_dma() and config_pte_for_stream() symbols (bsc#1219136).
- ASoC: amd: acp: fix SND_SOC_AMD_ACP_PCI depdenencies (bsc#1219136).
- ASoC: amd: acp: move pdm macros to common header file (bsc#1219136).
- ASoC: amd: acp: refactor the acp init and de-init sequence (bsc#1219136).
- ASoC: amd: acp: rembrandt: Drop if blocks with always false condition (bsc#1219136).
- ASoC: amd: acp: remove acp poweroff function (bsc#1219136).
- ASoC: amd: acp: remove the redundant acp enable/disable interrupts functions (bsc#1219136).
- ASoC: amd: acp: remove unnecessary NULL checks (bsc#1219136).
- ASoC: amd: acp: store platform device reference created in pci probe call (bsc#1219136).
- ASoC: amd: acp: store the pdm stream channel mask (bsc#1219136).
- ASoC: amd: acp: store xfer_resolution of the stream (bsc#1219136).
- ASoC: amd: acp: switch to use dev_err_probe() (bsc#1219136).
- ASoC: amd: acp: use devm_kcalloc() instead of devm_kzalloc() (bsc#1219136).
- ASoC: amd: acp: use function devm_kcalloc() instead of devm_kzalloc() (bsc#1219136).
- ASoC: amd: add Pink Sardine ACP PCI driver (bsc#1219136).
- ASoC: amd: add Pink Sardine machine driver using dmic (bsc#1219136).
- ASoC: amd: add Pink Sardine platform ACP IP register header (bsc#1219136).
- ASoC: amd: add acp6.2 init/de-init functions (bsc#1219136).
- ASoC: amd: add acp6.2 irq handler (bsc#1219136).
- ASoC: amd: add acp6.2 pci driver pm ops (bsc#1219136).
- ASoC: amd: add acp6.2 pdm driver dma ops (bsc#1219136).
- ASoC: amd: add acp6.2 pdm driver pm ops (bsc#1219136).
- ASoC: amd: add acp6.2 pdm platform driver (bsc#1219136).
- ASoC: amd: add platform devices for acp6.2 pdm driver and dmic driver (bsc#1219136).
- ASoC: amd: create platform device for acp6.2 machine driver (bsc#1219136).
- ASoC: amd: enable Pink Sardine acp6.2 drivers build (bsc#1219136).
- ASoC: amd: enable Pink sardine platform machine driver build (bsc#1219136).
- ASoC: amd: fix ACP version typo mistake (bsc#1219136).
- ASoC: amd: fix spelling mistake: 'i.e' -> 'i.e.' (bsc#1219136).
- ASoC: amd: ps: Add a module parameter to influence pdm_gain (bsc#1219136).
- ASoC: amd: ps: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: ps: Fix uninitialized ret in create_acp64_platform_devs() (bsc#1219136).
- ASoC: amd: ps: Move acp63_dev_data strcture from PCI driver (bsc#1219136).
- ASoC: amd: ps: Update copyright notice (bsc#1219136).
- ASoC: amd: ps: add mutex lock for accessing common registers (bsc#1219136).
- ASoC: amd: ps: fix for acp_lock access in pdm driver (bsc#1219136).
- ASoC: amd: ps: implement api to retrieve acp device config (bsc#1219136).
- ASoC: amd: ps: move irq handler registration (bsc#1219136).
- ASoC: amd: ps: refactor acp power on and reset functions (bsc#1219136).
- ASoC: amd: ps: refactor platform device creation logic (bsc#1219136).
- ASoC: amd: ps: remove the register read and write wrappers (bsc#1219136).
- ASoC: amd: ps: remove unused variable (bsc#1219136).
- ASoC: amd: ps: update dev index value in irq handler (bsc#1219136).
- ASoC: amd: ps: update macros with ps platform naming convention (bsc#1219136).
- ASoC: amd: ps: update the acp clock source (bsc#1219136).
- ASoC: amd: ps: use acp_lock to protect common registers in pdm driver (bsc#1219136).
- ASoC: amd: ps: use static function (bsc#1219136).
- ASoC: amd: renoir: Add a module parameter to influence pdm_gain (bsc#1219136).
- ASoC: amd: renoir: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: update pm_runtime enable sequence (bsc#1219136).
- ASoC: amd: vangogh: Add check for acp config flags in vangogh platform (bsc#1219136).
- ASoC: amd: vangogh: Make use of DRV_NAME (bsc#1219136).
- ASoC: amd: vangogh: Remove unnecessary init function (bsc#1219136).
- ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG (bsc#1219136).
- ASoC: amd: yc: Add ASUS M3402RA into DMI table (bsc#1219136).
- ASoC: amd: yc: Add ASUS M5402RA into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Asus VivoBook Pro 14 OLED M6400RC to the quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A42) (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A43) (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support Victus by HP Gaming Laptop 15-fb0xxx (8A3E) (bsc#1219136).
- ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx (8A22) (bsc#1219136).
- ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12 (bsc#1219136).
- ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13 (bsc#1219136).
- ASoC: amd: yc: Add DMI support for new acer/emdoor platforms (bsc#1219136).
- ASoC: amd: yc: Add HP 255 G10 into quirk table (bsc#1219136).
- ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks table (bsc#1219136).
- ASoC: amd: yc: Add MECHREVO Jiaolong Series MRID6 into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table (bsc#1219136).
- ASoC: amd: yc: Add ThinkBook 14 G5+ ARP to quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x (bsc#1219136).
- ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table (bsc#1219136).
- ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table (bsc#1219136).
- ASoC: amd: yc: Add a module parameter to influence pdm_gain (bsc#1219136).
- ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo ThinkBook 16 Gen 4+ ARA to the Quirks List (bsc#1219136).
- ASoC: amd: yc: Adjust the gain for PDM DMIC (bsc#1219136).
- ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL (bsc#1219136).
- ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA (bsc#1219136).
- ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks (bsc#1219136).
- ASoC: codecs: lpass-wsa-macro: fix compander volume hack (git-fixes).
- ASoC: codecs: wcd938x: fix headphones volume controls (git-fixes).
- ASoC: codecs: wcd938x: handle deferred probe (git-fixes).
- ASoC: cs35l33: Fix GPIO name and drop legacy include (git-fixes).
- ASoC: cs43130: Fix incorrect frame delay configuration (git-fixes).
- ASoC: cs43130: Fix the position of const qualifier (git-fixes).
- ASoC: da7219: Support low DC impedance headset (git-fixes).
- ASoC: nau8822: Fix incorrect type in assignment and cast to restricted __be16 (git-fixes).
- ASoC: ops: add correct range check for limiting volume (git-fixes).
- ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] (git-fixes).
- ASoC: rt5650: add mutex to avoid the jack detection failure (git-fixes).
- ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes).
- ASoC: wm8974: Correct boost mixer inputs (git-fixes).
- Add DMI ID for MSI Bravo 15 B7ED (bsc#1219136).
- Bluetooth: Fix atomicity violation in {min,max}_key_size_set (git-fixes).
- Bluetooth: btmtkuart: fix recv_buf() return value (git-fixes).
- Documentation: Begin a RAS section (jsc#PED-7622).
- EDAC/amd64: Add MI300 row retirement support (jsc#PED-7618).
- EDAC/amd64: Add context struct (jsc#PED-7615).
- EDAC/amd64: Add get_err_info() to pvt->ops (jsc#PED-7615).
- EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh (jsc#PED-7616).
- EDAC/amd64: Add support for ECC on family 19h model 60h-7Fh (jsc#PED-7615).
- EDAC/amd64: Add support for family 0x19, models 0x90-9f devices (jsc#PED-7622).
- EDAC/amd64: Allow for DF Indirect Broadcast reads (jsc#PED-7615).
- EDAC/amd64: Cache and use GPU node map (jsc#PED-7616).
- EDAC/amd64: Do not discover ECC symbol size for Family 17h and later (jsc#PED-7615).
- EDAC/amd64: Do not set up EDAC PCI control on Family 17h+ (jsc#PED-7615).
- EDAC/amd64: Document heterogeneous system enumeration (jsc#PED-7616).
- EDAC/amd64: Drop dbam_to_cs() for Family 17h and later (jsc#PED-7615).
- EDAC/amd64: Fix indentation in umc_determine_edac_cap() (jsc#PED-7615).
- EDAC/amd64: Merge struct amd64_family_type into struct amd64_pvt (jsc#PED-7615).
- EDAC/amd64: Remove PCI Function 0 (jsc#PED-7615).
- EDAC/amd64: Remove PCI Function 6 (jsc#PED-7615).
- EDAC/amd64: Remove early_channel_count() (jsc#PED-7615).
- EDAC/amd64: Remove module version string (jsc#PED-7615).
- EDAC/amd64: Remove scrub rate control for Family 17h and later (jsc#PED-7615).
- EDAC/amd64: Rename debug_display_dimm_sizes() (jsc#PED-7615).
- EDAC/amd64: Rename f17h_determine_edac_ctl_cap() (jsc#PED-7615).
- EDAC/amd64: Rework hw_info_{get,put} (jsc#PED-7615).
- EDAC/amd64: Shut up an -Werror,-Wsometimes-uninitialized clang false positive (jsc#PED-7615).
- EDAC/amd64: Split determine_edac_cap() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split determine_memory_type() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split dump_misc_regs() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split ecc_enabled() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split get_csrow_nr_pages() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split init_csrows() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split prep_chip_selects() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split read_base_mask() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split read_mc_regs() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Split setup_mci_misc_attrs() into dct/umc functions (jsc#PED-7615).
- EDAC/amd64: Use new AMD Address Translation Library (jsc#PED-7618).
- EDAC/mc: Add new HBM2 memory type (jsc#PED-7616).
- EDAC/mc: Add support for HBM3 memory type (jsc#PED-7622).
- EDAC/mce_amd: Remove SMCA Extended Error code descriptions (jsc#PED-7622).
- EDAC/thunderx: Fix possible out-of-bounds string access (git-fixes).
- HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes).
- HID: wacom: Correct behavior when processing some confidence == false touches (git-fixes).
- IB/iser: Prevent invalidating wrong MR (git-fixes)
- Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID (git-fixes).
- Input: atkbd - skip ATKBD_CMD_GETID in translated mode (git-fixes).
- Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID (git-fixes).
- Input: atkbd - use ab83 as id when skipping the getid command (git-fixes).
- Input: bcm5974 - check endpoint type before starting traffic (git-fixes).
- Input: i8042 - add nomux quirk for Acer P459-G2-M (git-fixes).
- Input: xpad - add Razer Wolverine V2 support (git-fixes).
- KVM: SVM: Update EFER software model on CR0 trap for SEV-ES (git-fixes).
- KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes bsc#1218997).
- KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
- Limit kernel-source build to architectures for which the kernel binary is built (bsc#1108281).
- PCI/AER: Configure ECRC only if AER is native (bsc#1218778)
- PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() (git-fixes).
- PCI: Add ACS quirk for more Zhaoxin Root Ports (git-fixes).
- PCI: keystone: Fix race condition when initializing PHYs (git-fixes).
- PM: hibernate: Enforce ordering during image compression/decompression (git-fixes).
- RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (jsc#PED-7618).
- RAS/AMD/ATL: Add MI300 support (jsc#PED-7618).
- RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (jsc#PED-7618).
- RAS: Introduce AMD Address Translation Library (jsc#PED-7618).
- RDMA/hns: Fix inappropriate err code for unsupported operations (git-fixes)
- RDMA/hns: Fix unnecessary err return when using invalid congest control algorithm (git-fixes)
- RDMA/hns: Remove unnecessary checks for NULL in mtr_alloc_bufs() (git-fixes)
- RDMA/irdma: Add wait for suspend on SQD (git-fixes)
- RDMA/irdma: Avoid free the non-cqp_request scratch (git-fixes)
- RDMA/irdma: Do not modify to SQD on error (git-fixes)
- RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() (git-fixes)
- RDMA/irdma: Refactor error handling in create CQP (git-fixes)
- RDMA/rtrs-clt: Fix the max_send_wr setting (git-fixes)
- RDMA/rtrs-clt: Remove the warnings for req in_use check (git-fixes)
- RDMA/rtrs-clt: Start hb after path_up (git-fixes)
- RDMA/rtrs-srv: Check return values while processing info request (git-fixes)
- RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (git-fixes)
- RDMA/rtrs-srv: Do not unconditionally enable irq (git-fixes)
- RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (git-fixes)
- RDMA/usnic: Silence uninitialized symbol smatch warnings (git-fixes)
- USB: xhci: workaround for grace period (git-fixes).
- Update config files: enable ASoC AMD PS drivers (bsc#1219136)
- Update patch reference for ax88179 fix (bsc#1218948)
- acpi: property: Let args be NULL in __acpi_node_get_property_reference (git-fixes).
- aio: fix mremap after fork null-deref (git-fixes).
- apparmor: avoid crash when parsed profile name is empty (git-fixes).
- arm64: Add CNT{P,V}CTSS_EL0 alternatives to cnt{p,v}ct_el0 (jsc#PED-4729)
- arm64: Add a capability for FEAT_ECV (jsc#PED-4729) Use cpu_hwcaps PLACEHOLDER_4 for HAS_ECV.
- arm64: alternative: patch alternatives in the vDSO (jsc#PED-4729)
- arm64: dts: armada-3720-turris-mox: set irq type for RTC (git-fixes)
- arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (git-fixes)
- arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (git-fixes)
- arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (git-fixes)
- arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (git-fixes)
- arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (git-fixes)
- arm64: module: move find_section to header (jsc#PED-4729)
- arm64: vdso: Fix 'no previous prototype' warning (jsc#PED-4729)
- arm64: vdso: remove two .altinstructions related symbols (jsc#PED-4729)
- arm64: vdso: use SYS_CNTVCTSS_EL0 for gettimeofday (jsc#PED-4729)
- asix: Add check for usbnet_get_endpoints (git-fixes).
- attr: block mode changes of symlinks (git-fixes).
- badblocks: add helper routines for badblock ranges handling (bsc#1174649).
- badblocks: add more helper structure and routines in badblocks.h (bsc#1174649).
- badblocks: avoid checking invalid range in badblocks_check() (bsc#1174649).
- badblocks: improve badblocks_check() for multiple ranges handling (bsc#1174649).
- badblocks: improve badblocks_clear() for multiple ranges handling (bsc#1174649).
- badblocks: improve badblocks_set() for multiple ranges handling (bsc#1174649).
- badblocks: switch to the improved badblock handling code (bsc#1174649).
- bpf: Limit the number of kprobes when attaching program to multiple kprobes (git-fixes).
- bus: mhi: host: Add alignment check for event ring read pointer (git-fixes).
- bus: mhi: host: Add spinlock to protect WP access when queueing TREs (git-fixes).
- bus: mhi: host: Drop chan lock before queuing buffers (git-fixes).
- ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219568).
- clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config (git-fixes).
- clk: qcom: videocc-sm8150: Add missing PLL config property (git-fixes).
- clk: rockchip: rk3128: Fix HCLK_OTG gate register (git-fixes).
- clk: samsung: Fix kernel-doc comments (git-fixes).
- clk: si5341: fix an error code problem in si5341_output_clk_set_rate (git-fixes).
- clk: zynqmp: Add a check for NULL pointer (git-fixes).
- clk: zynqmp: make bestdiv unsigned (git-fixes).
- clocksource: Skip watchdog check for large watchdog intervals (git-fixes).
- clocksource: disable watchdog checks on TSC when TSC is watchdog (bsc#1215885).
- coresight: etm4x: Add ACPI support in platform driver (bsc#1218779)
- coresight: etm4x: Allocate and device assign 'struct etmv4_drvdata' (bsc#1218779)
- coresight: etm4x: Change etm4_platform_driver driver for MMIO devices (bsc#1218779)
- coresight: etm4x: Drop iomem 'base' argument from etm4_probe() (bsc#1218779)
- coresight: etm4x: Drop pid argument from etm4_probe() (bsc#1218779)
- coresight: etm4x: Ensure valid drvdata and clock before clk_put() (bsc#1218779)
- coresight: platform: acpi: Ignore the absence of graph (bsc#1218779)
- crypto: ccp - fix memleak in ccp_init_dm_workarea (git-fixes).
- crypto: s390/aes - Fix buffer overread in CTR mode (git-fixes).
- crypto: sa2ul - Return crypto_aead_setkey to transfer the error (git-fixes).
- crypto: sahara - do not resize req->src when doing hash operations (git-fixes).
- crypto: sahara - fix ahash reqsize (git-fixes).
- crypto: sahara - fix ahash selftest failure (git-fixes).
- crypto: sahara - fix cbc selftest failure (git-fixes).
- crypto: sahara - fix processing hash requests with req->nbytes < sg->length (git-fixes).
- crypto: sahara - fix processing requests with cryptlen < sg->length (git-fixes).
- crypto: sahara - fix wait_for_completion_timeout() error handling (git-fixes).
- crypto: sahara - handle zero-length aes requests (git-fixes).
- crypto: sahara - improve error handling in sahara_sha_process() (git-fixes).
- crypto: sahara - remove FLAGS_NEW_KEY logic (git-fixes).
- crypto: scomp - fix req->dst buffer overflow (git-fixes).
- dma-debug: fix kernel-doc warnings (git-fixes).
- dmaengine: fix NULL pointer in channel unregistration function (git-fixes).
- dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (git-fixes).
- dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (git-fixes).
- dmaengine: idxd: Protect int_handle field in hw descriptor (git-fixes).
- dmaengine: ti: k3-udma: Report short packet errors (git-fixes).
- doc/README.KSYMS: Add to repo.
- docs: Store the old kernel changelog entries in kernel-docs package (bsc#1218713).
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (git-fixes).
- drivers: clk: zynqmp: calculate closest mux rate (git-fixes).
- drivers: clk: zynqmp: update divider round rate logic (git-fixes).
- drm/amd/display: Fix tiled display misalignment (git-fixes).
- drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A (git-fixes).
- drm/amd/display: add nv12 bounding box (git-fixes).
- drm/amd/display: get dprefclk ss info from integration info table (git-fixes).
- drm/amd/display: make flip_timestamp_in_us a 64-bit variable (git-fixes).
- drm/amd/display: pbn_div need be updated for hotplug event (git-fixes).
- drm/amd/display: update dcn315 lpddr pstate latency (git-fixes).
- drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init (git-fixes).
- drm/amd/pm: fix a double-free in amdgpu_parse_extended_power_table (git-fixes).
- drm/amd/pm: fix a double-free in si_dpm_init (git-fixes).
- drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in 'get_platform_power_management_table()' (git-fixes).
- drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (git-fixes).
- drm/amdgpu/pm: Fix the power source flag error (git-fixes).
- drm/amdgpu: Add NULL checks for function pointers (git-fixes).
- drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' (git-fixes).
- drm/amdgpu: Fix '*fw' from request_firmware() not released in 'amdgpu_ucode_request()' (git-fixes).
- drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer (git-fixes).
- drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes).
- drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' (git-fixes).
- drm/amdgpu: Fix with right return code '-EIO' in 'amdgpu_gmc_vram_checking()' (git-fixes).
- drm/amdgpu: Let KFD sync with VM fences (git-fixes).
- drm/amdgpu: Release 'adev->pm.fw' before return in 'amdgpu_device_need_post()' (git-fixes).
- drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap (git-fixes).
- drm/amdgpu: skip gpu_info fw loading on navi12 (git-fixes).
- drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c (git-fixes).
- drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()' (git-fixes).
- drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' (git-fixes).
- drm/amdkfd: Fix lock dependency warning (git-fixes).
- drm/amdkfd: Fix lock dependency warning with srcu (git-fixes).
- drm/amdkfd: Use resource_size() helper function (git-fixes).
- drm/amdkfd: fixes for HMM mem allocation (git-fixes).
- drm/bridge: Fix typo in post_disable() description (git-fixes).
- drm/bridge: anx7625: Ensure bridge is suspended in disable() (git-fixes).
- drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable (git-fixes).
- drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking (git-fixes).
- drm/bridge: nxp-ptn3460: simplify some error checking (git-fixes).
- drm/bridge: parade-ps8640: Ensure bridge is suspended in .post_disable() (git-fixes).
- drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in the error case (git-fixes).
- drm/bridge: parade-ps8640: Wait for HPD when doing an AUX transfer (git-fixes).
- drm/bridge: tc358767: Fix return value on error case (git-fixes).
- drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function (git-fixes).
- drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (git-fixes).
- drm/crtc: fix uninitialized variable use (git-fixes).
- drm/drv: propagate errors from drm_modeset_register_all() (git-fixes).
- drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time (git-fixes).
- drm/exynos: fix a potential error pointer dereference (git-fixes).
- drm/exynos: fix a wrong error checking (git-fixes).
- drm/exynos: fix accidental on-stack copy of exynos_drm_plane (git-fixes).
- drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume (git-fixes).
- drm/framebuffer: Fix use of uninitialized variable (git-fixes).
- drm/mediatek: Return error if MDP RDMA failed to enable the clock (git-fixes).
- drm/msm/dpu: Drop enable and frame_count parameters from dpu_hw_setup_misr() (git-fixes).
- drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes).
- drm/msm/dpu: Set input_sel bit for INTF (git-fixes).
- drm/msm/dpu: fix writeback programming for YUV cases (git-fixes).
- drm/msm/dpu: rename dpu_encoder_phys_wb_setup_cdp to match its functionality (git-fixes).
- drm/msm/dsi: Enable runtime PM (git-fixes).
- drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks (git-fixes).
- drm/msm/mdp4: flush vblank event on disable (git-fixes).
- drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer (git-fixes).
- drm/panel-edp: Add override_edid_mode quirk for generic edp (git-fixes).
- drm/panel-elida-kd35t133: hold panel in reset for unprepare (git-fixes).
- drm/panel: nt35510: fix typo (git-fixes).
- drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS irq (git-fixes).
- drm/panfrost: Really power off GPU cores in panfrost_gpu_power_off() (git-fixes).
- drm/radeon/dpm: fix a memleak in sumo_parse_power_table (git-fixes).
- drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() (git-fixes).
- drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() (git-fixes).
- drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table (git-fixes).
- drm/radeon: check return value of radeon_ring_lock() (git-fixes).
- drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (git-fixes).
- drm/tidss: Check for K2G in in dispc_softreset() (git-fixes).
- drm/tidss: Fix atomic_flush check (git-fixes).
- drm/tidss: Fix dss reset (git-fixes).
- drm/tidss: Move reset to the end of dispc_init() (git-fixes).
- drm/tidss: Return error value from from softreset (git-fixes).
- drm/tilcdc: Fix irq free on unload (git-fixes).
- drm: Do not unref the same fb many times by mistake due to deadlock handling (git-fixes).
- drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] (git-fixes).
- drm: using mul_u32_u32() requires linux/math64.h (git-fixes).
- dt-bindings: gpio: Remove FSI domain ports on Tegra234 (jsc#PED-6694)
- efi/libstub: Disable PCI DMA before grabbing the EFI memory map (git-fixes).
- eventfd: prevent underflow for eventfd semaphores (git-fixes).
- exfat: fix reporting fs error when reading dir beyond EOF (git-fixes).
- exfat: support handle zero-size directory (git-fixes).
- exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree (git-fixes).
- fbdev: Only disable sysfb on the primary device (bsc#1216441)
- fbdev: Only disable sysfb on the primary device (bsc#1216441) Update an existing patch to fix bsc#1216441.
- fbdev: flush deferred IO before closing (git-fixes).
- fbdev: flush deferred work in fb_deferred_io_fsync() (git-fixes).
- fbdev: imxfb: fix left margin setting (git-fixes).
- fbdev: mmp: Fix typo and wording in code comment (git-fixes).
- firewire: core: correct documentation of fw_csr_string() kernel API (git-fixes).
- firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and ASM108x/VT630x PCIe cards (git-fixes).
- firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() (git-fixes).
- fjes: fix memleaks in fjes_hw_setup (git-fixes).
- fs/mount_setattr: always cleanup mount_kattr (git-fixes).
- fs: Fix error checking for d_hash_and_lookup() (git-fixes).
- fs: Move notify_change permission checks into may_setattr (git-fixes).
- fs: do not audit the capability check in simple_xattr_list() (git-fixes).
- fs: drop peer group ids under namespace lock (git-fixes).
- fs: indicate request originates from old mount API (git-fixes).
- fs: sendfile handles O_NONBLOCK of out_fd (git-fixes).
- fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
- gfs2: Always check inode size of inline inodes (git-fixes).
- gfs2: Cosmetic gfs2_dinode_{in,out} cleanup (git-fixes).
- gfs2: Disable page faults during lockless buffered reads (git-fixes).
- gfs2: Eliminate ip->i_gh (git-fixes).
- gfs2: Eliminate vestigial HIF_FIRST (git-fixes).
- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (git-fixes).
- gfs2: Introduce flag for glock holder auto-demotion (git-fixes).
- gfs2: Move the inode glock locking to gfs2_file_buffered_write (git-fixes).
- gfs2: Remove redundant check from gfs2_glock_dq (git-fixes).
- gfs2: Switch to wait_event in gfs2_logd (git-fixes).
- gfs2: assign rgrp glock before compute_bitstructs (git-fixes).
- gfs2: low-memory forced flush fixes (git-fixes).
- gfs2: release iopen glock early in evict (git-fixes).
- gpio: eic-sprd: Clear interrupt after set the interrupt type (git-fixes).
- gpu/drm/radeon: fix two memleaks in radeon_vm_init (git-fixes).
- hv_netvsc: rndis_filter needs to select NLS (git-fixes).
- hwmon: (corsair-psu) Fix probe when built-in (git-fixes).
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng (git-fixes).
- i2c: rk3x: fix potential spinlock recursion on poll (git-fixes).
- i2c: s3c24xx: fix read transfers in polling mode (git-fixes).
- i2c: s3c24xx: fix transferring more than one message in polling mode (git-fixes).
- iio: adc: ad7091r: Pass iio_dev to event handler (git-fixes).
- iio: adc: ad9467: add mutex to struct ad9467_state (git-fixes).
- iio: adc: ad9467: do not ignore error codes (git-fixes).
- iio: adc: ad9467: fix reset gpio handling (git-fixes).
- ipmi: Use regspacings passed as a module parameter (git-fixes).
- kabi, vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895).
- kabi/severities: ignore ASoC AMD acp driver symbols (bsc#1219136)
- kdb: Fix a potential buffer overflow in kdb_local() (git-fixes).
- kernel-doc: handle a void function without producing a warning (git-fixes).
- kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR (git-fixes).
- leds: aw2013: Select missing dependency REGMAP_I2C (git-fixes).
- leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (git-fixes).
- libapi: Add missing linux/types.h header to get the __u64 type on io.h (git-fixes).
- md: fix bi_status reporting in md_end_clone_io (bsc#1210443).
- media: cx231xx: fix a memleak in cx231xx_init_isoc (git-fixes).
- media: dt-bindings: ov8856: decouple lanes and link frequency from driver (git-fixes).
- media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path of m88ds3103_probe() (git-fixes).
- media: imx355: Enable runtime PM before registering async sub-device (git-fixes).
- media: ov9734: Enable runtime PM before registering async sub-device (git-fixes).
- media: pvrusb2: fix use after free on context disconnection (git-fixes).
- media: rkisp1: Disable runtime PM in probe error path (git-fixes).
- media: rkisp1: Fix media device memory leak (git-fixes).
- media: rkisp1: Read the ID register at probe time instead of streamon (git-fixes).
- media: videobuf2-dma-sg: fix vmap callback (git-fixes).
- mfd: intel-lpss: Fix the fractional clock divider flags (git-fixes).
- misc: fastrpc: Mark all sessions as invalid in cb_remove (git-fixes).
- mm: fs: initialize fsdata passed to write_begin/write_end interface (git-fixes).
- mmc: core: Cancel delayed work before releasing host (git-fixes).
- modpost: move __attribute__((format(printf, 2, 3))) to modpost.h (git-fixes).
- mtd: Fix gluebi NULL pointer dereference caused by ftl notifier (git-fixes).
- mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response (git-fixes).
- mtd: rawnand: pl353: Fix kernel doc (git-fixes).
- mtd: rawnand: rockchip: Add missing title to a kernel doc comment (git-fixes).
- mtd: rawnand: rockchip: Rename a structure (git-fixes).
- net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes).
- net: usb: ax88179_178a: Bind only to vendor-specific interface (bsc#1218948).
- net: usb: ax88179_178a: avoid two consecutive device resets (bsc#1218948).
- net: usb: ax88179_178a: move priv to driver_priv (git-fixes).
- net: usb: ax88179_178a: remove redundant init code (git-fixes).
- net: usb: ax88179_178a: restore state on resume (bsc#1218948).
- nfc: nci: free rx_data_reassembly skb on NCI device cleanup (git-fixes).
- nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968 bsc#1219349).
- nfsd: fix RELEASE_LOCKOWNER (bsc#1218968).
- nouveau/tu102: flush all pdbs on vmm flush (git-fixes).
- nouveau/vmm: do not set addr on the fail path to avoid warning (git-fixes).
- nsfs: add compat ioctl handler (git-fixes).
- nvme-loop: always quiesce and cancel commands before destroying admin q (bsc#1211515).
- nvme-pci: add BOGUS_NID for Intel 0a54 device (git-fixes).
- nvme-pci: fix sleeping function called from interrupt context (git-fixes).
- nvme-rdma: Fix transfer length when write_generate/read_verify are 0 (git-fixes).
- nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue() (bsc#1211515).
- nvme: fix max_discard_sectors calculation (git-fixes).
- nvme: introduce helper function to get ctrl state (git-fixes).
- nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515).
- nvme: start keep-alive after admin queue setup (bsc#1211515).
- nvme: trace: avoid memcpy overflow warning (git-fixes).
- nvmet: re-fix tracing strncpy() warning (git-fixes).
- of: Fix double free in of_parse_phandle_with_args_map (git-fixes).
- of: unittest: Fix of_count_phandle_with_args() expected value message (git-fixes).
- parport: parport_serial: Add Brainboxes BAR details (git-fixes).
- parport: parport_serial: Add Brainboxes device IDs and geometry (git-fixes).
- pci: Drop PCI vmd patches that caused a regression (bsc#1218005)
- perf/x86/intel/uncore: Factor out topology_gidnid_map() (bsc#1218958).
- perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (bsc#1218958).
- perf/x86/uncore: Use u64 to replace unsigned for the uncore offsets array (bsc#1219512).
- phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (git-fixes).
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (git-fixes).
- pinctrl: intel: Revert 'Unexport intel_pinctrl_probe()' (git-fixes).
- platform/x86/amd/hsmp: Fix iomem handling (jsc#PED-7620).
- platform/x86/amd/hsmp: add support for metrics tbl (jsc#PED-7620).
- platform/x86/amd/hsmp: create plat specific struct (jsc#PED-7620).
- platform/x86/amd/hsmp: improve the error log (jsc#PED-7620).
- platform/x86: ISST: Reduce noise for missing numa information in logs (bsc#1219285).
- platform/x86: use PLATFORM_DEVID_NONE instead of -1 (jsc#PED-7620).
- power: supply: bq256xx: fix some problem in bq256xx_hw_init (git-fixes).
- power: supply: cw2015: correct time_to_empty units in sysfs (git-fixes).
- powerpc/fadump: reset dump area size if fadump memory reserve fails (bsc#1194869).
- powerpc/powernv: Add a null pointer check in opal_event_init() (bsc#1065729).
- powerpc/powernv: Add a null pointer check in opal_powercap_init() (bsc#1181674 ltc#189159 git-fixes).
- powerpc/powernv: Add a null pointer check to scom_debug_init_one() (bsc#1194869).
- powerpc/pseries/iommu: enable_ddw incorrectly returns direct mapping for SR-IOV device (bsc#1212091 ltc#199106 git-fixes).
- powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729).
- powerpc/pseries: fix possible memory leak in ibmebus_bus_init() (bsc#1194869).
- powerpc/pseries: fix potential memory leak in init_cpu_associativity() (bsc#1194869).
- powerpc/xive: Fix endian conversion size (bsc#1194869).
- pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-fixes).
- pwm: Fix out-of-bounds access in of_pwm_single_xlate() (git-fixes).
- pwm: jz4740: Do not use dev_err_probe() in .request() (git-fixes).
- pwm: stm32: Fix enable count for clk in .probe() (git-fixes).
- pwm: stm32: Use hweight32 in stm32_pwm_detect_channels (git-fixes).
- pwm: stm32: Use regmap_clear_bits and regmap_set_bits where applicable (git-fixes).
- r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes).
- r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes).
- reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning (git-fixes).
- ring-buffer/Documentation: Add documentation on buffer_percent file (git-fixes).
- ring-buffer: Do not record in NMI if the arch does not support cmpxchg in NMI (git-fixes).
- s390/dasd: fix double module refcount decrement (bsc#1141539).
- s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes bsc#1219006).
- s390/vfio-ap: always filter entire AP matrix (git-fixes bsc#1219012).
- s390/vfio-ap: let on_scan_complete() callback filter matrix and update guest's APCB (git-fixes bsc#1219014).
- s390/vfio-ap: loop over the shadow APCB when filtering guest's AP configuration (git-fixes bsc#1219013).
- s390/vfio-ap: unpin pages on gisc registration failure (git-fixes bsc#1218723).
- sched/isolation: add cpu_is_isolated() API (bsc#1217895).
- scripts/kernel-doc: restore warning for Excess struct/union (git-fixes).
- scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes).
- scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
- scsi: core: Always send batch on reset or error handling command (git-fixes).
- scsi: fnic: Return error if vmalloc() failed (git-fixes).
- scsi: hisi_sas: Correct the number of global debugfs registers (git-fixes).
- scsi: hisi_sas: Fix normally completed I/O analysed as failed (git-fixes).
- scsi: hisi_sas: Fix warnings detected by sparse (git-fixes).
- scsi: hisi_sas: Modify v3 HW SATA completion error processing (git-fixes).
- scsi: hisi_sas: Modify v3 HW SSP underflow error processing (git-fixes).
- scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT (git-fixes).
- scsi: hisi_sas: Replace with standard error code return value (git-fixes).
- scsi: hisi_sas: Rollback some operations if FLR failed (git-fixes).
- scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs (git-fixes).
- scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code (git-fixes).
- scsi: ibmvfc: Implement channel queue depth and event buffer accounting (bsc#1209834 ltc#202097).
- scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (bsc#1209834 ltc#202097).
- scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param() (git-fixes).
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (git-fixes).
- scsi: lpfc: Change VMID driver load time parameters to read only (bsc#1219582).
- scsi: lpfc: Move determination of vmid_flag after VMID reinitialization completes (bsc#1219582).
- scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC (bsc#1219582).
- scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582).
- scsi: megaraid_sas: Fix deadlock on firmware crashdump (git-fixes).
- scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for selected registers (git-fixes).
- scsi: mpt3sas: Fix an outdated comment (git-fixes).
- scsi: mpt3sas: Fix in error path (git-fixes).
- scsi: mpt3sas: Fix loop logic (bsc#1219067).
- scsi: mpt3sas: Fix loop logic (git-fixes).
- scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command (git-fixes).
- scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command (git-fixes).
- scsi: qla2xxx: Fix system crash due to bad pointer access (git-fixes).
- selftests/net: fix grep checking for fib_nexthop_multiprefix (git-fixes).
- serial: 8250: omap: Do not skip resource freeing if pm_runtime_resume_and_get() failed (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
- serial: imx: Correct clock error message in function probe() (git-fixes).
- serial: imx: fix tx statemachine deadlock (git-fixes).
- serial: max310x: fail probe if clock crystal is unstable (git-fixes).
- serial: max310x: improve crystal stable clock detection (git-fixes).
- serial: max310x: set default value when reading clock ready bit (git-fixes).
- serial: sc16is7xx: add check for unsupported SPI modes during probe (git-fixes).
- serial: sc16is7xx: set safe default SPI clock frequency (git-fixes).
- serial: sccnxp: Improve error message if regulator_disable() fails (git-fixes).
- series.conf: the patch is not in git and breaks series_insert.py
- shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs (git-fixes).
- software node: Let args be NULL in software_node_get_reference_args (git-fixes).
- spi: spi-zynqmp-gqspi: fix driver kconfig dependencies (git-fixes).
- swiotlb-xen: provide the 'max_mapping_size' method (git-fixes).
- swiotlb: fix a braino in the alignment check fix (bsc#1216559).
- swiotlb: fix slot alignment checks (bsc#1216559).
- trace,smp: Add tracepoints around remotelly called functions (bsc#1217895).
- tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).
- tracing/trigger: Fix to return error if failed to alloc snapshot (git-fixes).
- tracing: Add size check when printing trace_marker output (git-fixes).
- tracing: Ensure visibility when inserting an element into tracing_map (git-fixes).
- tracing: Fix uaf issue when open the hist or hist_debug file (git-fixes).
- tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing (git-fixes).
- tracing: Increase trace array ref count on enable and filter files (bsc#1219490).
- ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under @c->lp_mutex (git-fixes).
- ubifs: ubifs_link: Fix wrong name len calculating when UBIFS is encrypted (git-fixes).
- ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path (git-fixes).
- uio: Fix use-after-free in uio_open (git-fixes).
- usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled (git-fixes).
- usb: cdns3: fix uvc failure work since sg support enabled (git-fixes).
- usb: chipidea: wait controller resume finished for wakeup irq (git-fixes).
- usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart (git-fixes).
- usb: fsl-mph-dr-of: mark fsl_usb2_mpc5121_init() static (git-fixes).
- usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes).
- usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
- usb: otg numberpad exception (bsc#1218527).
- usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host() (git-fixes).
- usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
- usb: ucsi: Add missing ppm_lock (git-fixes).
- usb: ucsi_acpi: Fix command completion handling (git-fixes).
- usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer (git-fixes).
- usr/Kconfig: fix typos of 'its' (git-fixes).
- vfs: make freeze_super abort when sync_filesystem returns error (git-fixes).
- vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE (git-fixes).
- virtio-mmio: fix memory leak of vm_dev (git-fixes).
- virtio_balloon: Fix endless deflation and inflation on arm64 (git-fixes).
- vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895).
- vsock/virtio: Fix unsigned integer wrap around in virtio_transport_has_space() (git-fixes).
- watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (git-fixes).
- watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling (git-fixes).
- watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused (git-fixes).
- watchdog: set cdev owner before adding (git-fixes).
- wifi: ath11k: Defer on rproc_get failure (git-fixes).
- wifi: cfg80211: lock wiphy mutex for rfkill poll (git-fixes).
- wifi: iwlwifi: mvm: send TX path flush in rfkill (git-fixes).
- wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request (git-fixes).
- wifi: iwlwifi: pcie: avoid a NULL pointer dereference (git-fixes).
- wifi: libertas: stop selecting wext (git-fixes).
- wifi: mt76: fix broken precal loading from MTD for mt7915 (git-fixes).
- wifi: mt76: mt7921s: fix workqueue problem causes STA association fail (git-fixes).
- wifi: mwifiex: configure BSSID consistently when starting AP (git-fixes).
- wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors (git-fixes).
- wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code (git-fixes).
- wifi: rtlwifi: add calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192c: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192de: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8192se: using calculate_bit_shift() (git-fixes).
- wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior (git-fixes).
- wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (git-fixes).
- x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (jsc#PED-7616).
- x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (jsc#PED-7622).
- x86/MCE/AMD: Split amd_mce_is_memory_error() (jsc#PED-7623).
- x86/amd_nb: Add AMD Family MI300 PCI IDs (jsc#PED-7622).
- x86/amd_nb: Add MI200 PCI IDs (jsc#PED-7616).
- x86/cpu: Merge Intel and AMD ppin_init() functions (jsc#PED-7615).
- x86/cpu: Read/save PPIN MSR during initialization (jsc#PED-7615).
- x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
- x86/hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM (git-fixes).
- x86/hyperv: Use atomic_try_cmpxchg() to micro-optimize hv_nmi_unknown() (git-fixes).
- x86/mce: Cleanup mce_usable_address() (jsc#PED-7623).
- x86/mce: Define amd_mce_usable_address() (jsc#PED-7623).
- xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled (git-fixes).
- xen/events: fix delayed eoi list handling (git-fixes).
- xhci: Add grace period after xHC start to prevent premature runtime suspend (git-fixes).
- xhci: cleanup xhci_hub_control port references (git-fixes).
- xhci: pass port pointer as parameter to xhci_set_port_power() (git-fixes).
- xhci: track port suspend state correctly in unsuccessful resume cases (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:534-1
Released: Tue Feb 20 08:48:52 2024
Summary: Recommended update for supportutils-plugin-suse-public-cloud
Type: recommended
Severity: moderate
References: 1218762,1218763
This update for supportutils-plugin-suse-public-cloud fixes the following issues:
- Update to version 1.0.9 (bsc#1218762, bsc#1218763)
- Remove duplicate data collection for the plugin itself
- Collect archive metering data when available
- Query billing flavor status
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:549-1
Released: Tue Feb 20 17:05:52 2024
Summary: Security update for openssl-1_1
Type: security
Severity: moderate
References: 1219243,CVE-2024-0727
This update for openssl-1_1 fixes the following issues:
- CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:555-1
Released: Tue Feb 20 17:22:17 2024
Summary: Security update for libxml2
Type: security
Severity: moderate
References: 1219576,CVE-2024-25062
This update for libxml2 fixes the following issues:
- CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:564-1
Released: Wed Feb 21 07:18:18 2024
Summary: Recommended update for suseconnect-ng
Type: recommended
Severity: important
References: 1219425
This update for suseconnect-ng fixes the following issues:
- Allow SUSEConnect on read write transactional systems (bsc#1219425)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:574-1
Released: Wed Feb 21 10:39:55 2024
Summary: Security update for bind
Type: security
Severity: important
References: 1219823,1219826,1219851,1219852,1219853,1219854,CVE-2023-4408,CVE-2023-50387,CVE-2023-50868,CVE-2023-5517,CVE-2023-5679,CVE-2023-6516
This update for bind fixes the following issues:
Update to release 9.16.48:
- CVE-2023-50387: Fixed a denial-of-service caused by DNS messages containing a lot of DNSSEC signatures (bsc#1219823).
- CVE-2023-50868: Fixed a denial-of-service caused by NSEC3 closest encloser proof (bsc#1219826).
- CVE-2023-4408: Fixed a denial-of-service caused by DNS messages with many different names (bsc#1219851).
- CVE-2023-5517: Fixed a possible crash when nxdomain-redirect was enabled (bsc#1219852).
- CVE-2023-5679: Fixed a possible crash when bad interaction between DNS64 and serve-stale, when both of these features are enabled (bsc#1219853).
- CVE-2023-6516: Fixed excessive memory consumption when continuously trigger the cache database maintenance (bsc#1219854).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:581-1
Released: Wed Feb 21 14:08:16 2024
Summary: Security update for python3
Type: security
Severity: moderate
References: 1210638,CVE-2023-27043
This update for python3 fixes the following issues:
- CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character (bsc#1210638).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:586-1
Released: Thu Feb 22 09:54:21 2024
Summary: Security update for docker
Type: security
Severity: important
References: 1219267,1219268,1219438,CVE-2024-23651,CVE-2024-23652,CVE-2024-23653
This update for docker fixes the following issues:
Vendor latest buildkit v0.11 including bugfixes for the following:
* CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation (bsc#1219438).
* CVE-2024-23652: Fixed arbitrary deletion of files (bsc#1219268).
* CVE-2024-23651: Fixed race condition in mount (bsc#1219267).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:588-1
Released: Thu Feb 22 10:06:31 2024
Summary: Recommended update for kdump
Type: recommended
Severity: moderate
References: 1218494
This update for kdump fixes the following issues:
- dracut: always create fstab, even if empty (bsc#1218494)
- fix NOSPLIT option
- Honor the KDUMP_VERBOSE setting in kdump-save
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:596-1
Released: Thu Feb 22 20:05:29 2024
Summary: Security update for openssh
Type: security
Severity: important
References: 1218215,CVE-2023-51385
This update for openssh fixes the following issues:
- CVE-2023-51385: Limit the use of shell metacharacters in host- and
user names to avoid command injection. (bsc#1218215)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:609-1
Released: Mon Feb 26 05:31:53 2024
Summary: Recommended update for grub2
Type: recommended
Severity: moderate
References: 1217102
This update for grub2 fixes the following issues:
- Fix PowerPC grub slow loading time (bsc#1217102)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:614-1
Released: Mon Feb 26 11:31:18 2024
Summary: Recommended update for rpm
Type: recommended
Severity: important
References: 1216752
This update for rpm fixes the following issues:
- backport lua support for rpm.execute to ease migrating from SLE Micro 5.5 to 6.0 (bsc#1216752)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:615-1
Released: Mon Feb 26 11:32:32 2024
Summary: Recommended update for netcfg
Type: recommended
Severity: moderate
References: 1211886
This update for netcfg fixes the following issues:
- Add krb-prop entry (bsc#1211886)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:638-1
Released: Tue Feb 27 10:36:11 2024
Summary: Security update for gnutls
Type: security
Severity: moderate
References: 1218862,1218865,CVE-2024-0553,CVE-2024-0567
This update for gnutls fixes the following issues:
- CVE-2024-0567: Fixed an incorrect rejection of certificate chains
with distributed trust (bsc#1218862).
- CVE-2024-0553: Fixed a timing attack against the RSA-PSK key
exchange, which could lead to the leakage of sensitive data
(bsc#1218865).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:725-1
Released: Thu Feb 29 11:03:34 2024
Summary: Recommended update for suse-build-key
Type: recommended
Severity: moderate
References: 1219123,1219189
This update for suse-build-key fixes the following issues:
- Switch container key to be default RSA 4096bit. (jsc#PED-2777)
- run import script also in %posttrans section, but only when
libzypp is not active. bsc#1219189 bsc#1219123
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:766-1
Released: Tue Mar 5 13:50:28 2024
Summary: Recommended update for libssh
Type: recommended
Severity: important
References: 1220385
This update for libssh fixes the following issues:
- Fix regression parsing IPv6 addresses provided as hostname (bsc#1220385)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:792-1
Released: Thu Mar 7 09:55:23 2024
Summary: Recommended update for timezone
Type: recommended
Severity: moderate
References:
This update for timezone fixes the following issues:
- Update to version 2024a
- Kazakhstan unifies on UTC+5
- Palestine springs forward a week later than previously predicted in 2024 and 2025
- Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00 not 00:00
- From 1947 through 1949, Toronto's transitions occurred at 02:00 not 00:00
- In 1911 Miquelon adopted standard time on June 15, not May 15
- The FROM and TO columns of Rule lines can no longer be 'minimum'
- localtime no longer mishandle some timestamps
- strftime %s now uses tm_gmtoff if available
- Ittoqqortoormiit, Greenland changes time zones on 2024-03-31
- Vostok, Antarctica changed time zones on 2023-12-18
- Casey, Antarctica changed time zones five times since 2020
- Code and data fixes for Palestine timestamps starting in 2072
- A new data file zonenow.tab for timestamps starting now
- Much of Greenland changed its standard time from -03 to -02 on 2023-03-25
- localtime.c no longer mishandles TZif files that contain a single transition into a DST regime
- tzselect no longer creates temporary files
- tzselect no longer mishandles the following:
* Spaces and most other special characters in BUGEMAIL, PACKAGE, TZDIR, and VERSION.
* TZ strings when using mawk 1.4.3, which mishandles regular expressions of the form /X{2,}/
* ISO 6709 coordinates when using an awk that lacks the GNU extension of newlines in -v option-arguments
* Non UTF-8 locales when using an iconv command that lacks the GNU //TRANSLIT extension
* zic no longer mishandles data for Palestine after the year 2075
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:794-1
Released: Thu Mar 7 10:33:17 2024
Summary: Security update for sudo
Type: security
Severity: important
References: 1219026,1220389,CVE-2023-42465
This update for sudo fixes the following issues:
- CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026).
The following package changes have been done:
- bind-utils-9.16.48-150500.8.16.1 updated
- docker-24.0.7_ce-150000.193.1 updated
- grub2-i386-pc-2.06-150500.29.16.1 updated
- grub2-x86_64-efi-2.06-150500.29.16.1 updated
- grub2-x86_64-xen-2.06-150500.29.16.1 updated
- grub2-2.06-150500.29.16.1 updated
- hwdata-0.378-150000.3.65.1 updated
- kdump-1.0.2+git45.g7e4faf4-150500.3.3.1 updated
- kernel-default-5.14.21-150500.55.49.1 updated
- libgnutls30-3.7.3-150400.4.41.3 updated
- libopenssl1_1-1.1.1l-150500.17.25.1 updated
- libpython3_6m1_0-3.6.15-150300.10.54.1 updated
- libsolv-tools-0.7.28-150400.3.16.2 updated
- libssh-config-0.9.8-150400.3.6.1 updated
- libssh4-0.9.8-150400.3.6.1 updated
- libxml2-2-2.10.3-150500.5.14.1 updated
- libzypp-17.31.31-150400.3.52.2 updated
- netcfg-11.6-150000.3.6.1 updated
- openssh-clients-8.4p1-150300.3.30.1 updated
- openssh-common-8.4p1-150300.3.30.1 updated
- openssh-server-8.4p1-150300.3.30.1 updated
- openssh-8.4p1-150300.3.30.1 updated
- openssl-1_1-1.1.1l-150500.17.25.1 updated
- python3-base-3.6.15-150300.10.54.1 updated
- python3-bind-9.16.48-150500.8.16.1 updated
- python3-3.6.15-150300.10.54.1 updated
- rpm-ndb-4.14.3-150400.59.7.1 updated
- runc-1.1.12-150000.61.2 updated
- sudo-1.9.12p1-150500.7.7.1 updated
- supportutils-plugin-suse-public-cloud-1.0.9-150000.3.20.1 updated
- suse-build-key-12.0-150000.8.43.1 updated
- suseconnect-ng-1.7.0~git0.5338270-150500.3.15.1 updated
- timezone-2024a-150000.75.28.1 updated
More information about the sle-container-updates
mailing list