SUSE-IU-2024:367-1: Security update of suse-sles-15-sp5-chost-byos-v20240502-hvm-ssd-x86_64
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Sun May 5 07:01:16 UTC 2024
SUSE Image Update Advisory: suse-sles-15-sp5-chost-byos-v20240502-hvm-ssd-x86_64
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:367-1
Image Tags : suse-sles-15-sp5-chost-byos-v20240502-hvm-ssd-x86_64:20240502
Image Release :
Severity : important
Type : security
References : 1027519 1133277 1175678 1182659 1188500 1190495 1194869 1198101
1200465 1203378 1205316 1205588 1205855 1207948 1207987 1208794
1209635 1209657 1210382 1210959 1211721 1212180 1212182 1212514
1213418 1213456 1213945 1214148 1214852 1214934 1215005 1215098
1215099 1215100 1215101 1215102 1215103 1215221 1215322 1215334
1216474 1217316 1217320 1217321 1217324 1217326 1217329 1217330
1217339 1217432 1217450 1217667 1217829 1217959 1217987 1217988
1217989 1218171 1218321 1218336 1218431 1218479 1218492 1218562
1218643 1218777 1218871 1219031 1219169 1219170 1219264 1219443
1219460 1219520 1219559 1219581 1219834 1219901 1219937 1220061
1220114 1220132 1220176 1220237 1220251 1220279 1220320 1220325
1220328 1220337 1220340 1220365 1220366 1220393 1220398 1220411
1220413 1220433 1220439 1220441 1220443 1220445 1220466 1220469
1220478 1220482 1220484 1220486 1220487 1220492 1220703 1220724
1220735 1220736 1220763 1220775 1220790 1220797 1220831 1220833
1220836 1220839 1220840 1220843 1220845 1220848 1220870 1220871
1220872 1220878 1220879 1220883 1220885 1220887 1220898 1220917
1220918 1220920 1220921 1220926 1220927 1220929 1220930 1220931
1220932 1220933 1220937 1220938 1220940 1220954 1220955 1220959
1220960 1220961 1220965 1220969 1220978 1220979 1220981 1220982
1220983 1220985 1220986 1220987 1220989 1220990 1220996 1221009
1221012 1221015 1221022 1221039 1221040 1221044 1221045 1221046
1221048 1221055 1221056 1221058 1221060 1221061 1221062 1221066
1221067 1221068 1221069 1221070 1221071 1221077 1221082 1221090
1221097 1221123 1221132 1221156 1221184 1221194 1221239 1221242
1221252 1221273 1221274 1221276 1221277 1221289 1221291 1221293
1221298 1221337 1221338 1221358 1221361 1221375 1221379 1221399
1221407 1221525 1221551 1221553 1221613 1221614 1221616 1221618
1221631 1221633 1221665 1221667 1221713 1221725 1221726 1221746
1221747 1221777 1221814 1221816 1221830 1221831 1221866 1221951
1221984 1222033 1222056 1222060 1222070 1222073 1222086 1222105
1222109 1222113 1222117 1222259 1222274 1222291 1222300 1222302
1222304 1222317 1222331 1222355 1222356 1222360 1222366 1222373
1222453 1222547 1222619 1222831 1222842 1222952 1222992 1223094
CVE-2021-46925 CVE-2021-46926 CVE-2021-46927 CVE-2021-46929 CVE-2021-46930
CVE-2021-46931 CVE-2021-46933 CVE-2021-46934 CVE-2021-46936 CVE-2021-47082
CVE-2021-47083 CVE-2021-47087 CVE-2021-47091 CVE-2021-47093 CVE-2021-47094
CVE-2021-47095 CVE-2021-47096 CVE-2021-47097 CVE-2021-47098 CVE-2021-47099
CVE-2021-47100 CVE-2021-47101 CVE-2021-47102 CVE-2021-47104 CVE-2021-47105
CVE-2021-47107 CVE-2021-47108 CVE-2022-28737 CVE-2022-4744 CVE-2022-48624
CVE-2022-48626 CVE-2022-48627 CVE-2022-48628 CVE-2022-48629 CVE-2022-48630
CVE-2023-0160 CVE-2023-28746 CVE-2023-32731 CVE-2023-32732 CVE-2023-33953
CVE-2023-35827 CVE-2023-40546 CVE-2023-40547 CVE-2023-40548 CVE-2023-40549
CVE-2023-40550 CVE-2023-40551 CVE-2023-44487 CVE-2023-45918 CVE-2023-46842
CVE-2023-4750 CVE-2023-4785 CVE-2023-48231 CVE-2023-48232 CVE-2023-48233
CVE-2023-48234 CVE-2023-48235 CVE-2023-48236 CVE-2023-48237 CVE-2023-48706
CVE-2023-4881 CVE-2023-52425 CVE-2023-52447 CVE-2023-52450 CVE-2023-52453
CVE-2023-52454 CVE-2023-52462 CVE-2023-52463 CVE-2023-52467 CVE-2023-52469
CVE-2023-52470 CVE-2023-52474 CVE-2023-52476 CVE-2023-52477 CVE-2023-52481
CVE-2023-52482 CVE-2023-52484 CVE-2023-52486 CVE-2023-52492 CVE-2023-52493
CVE-2023-52494 CVE-2023-52497 CVE-2023-52500 CVE-2023-52501 CVE-2023-52502
CVE-2023-52504 CVE-2023-52507 CVE-2023-52508 CVE-2023-52509 CVE-2023-52510
CVE-2023-52511 CVE-2023-52513 CVE-2023-52515 CVE-2023-52517 CVE-2023-52518
CVE-2023-52519 CVE-2023-52520 CVE-2023-52523 CVE-2023-52524 CVE-2023-52525
CVE-2023-52528 CVE-2023-52529 CVE-2023-52530 CVE-2023-52531 CVE-2023-52532
CVE-2023-52559 CVE-2023-52563 CVE-2023-52564 CVE-2023-52566 CVE-2023-52567
CVE-2023-52569 CVE-2023-52574 CVE-2023-52575 CVE-2023-52576 CVE-2023-52582
CVE-2023-52583 CVE-2023-52587 CVE-2023-52591 CVE-2023-52594 CVE-2023-52595
CVE-2023-52597 CVE-2023-52598 CVE-2023-52599 CVE-2023-52600 CVE-2023-52601
CVE-2023-52602 CVE-2023-52603 CVE-2023-52604 CVE-2023-52605 CVE-2023-52606
CVE-2023-52607 CVE-2023-52608 CVE-2023-52612 CVE-2023-52615 CVE-2023-52617
CVE-2023-52619 CVE-2023-52621 CVE-2023-52623 CVE-2023-52628 CVE-2023-52632
CVE-2023-52637 CVE-2023-52639 CVE-2023-6270 CVE-2023-6356 CVE-2023-6535
CVE-2023-6536 CVE-2023-7042 CVE-2023-7192 CVE-2024-0841 CVE-2024-2004
CVE-2024-2201 CVE-2024-2201 CVE-2024-22099 CVE-2024-22667 CVE-2024-23307
CVE-2024-2398 CVE-2024-25629 CVE-2024-25739 CVE-2024-25742 CVE-2024-25743
CVE-2024-26599 CVE-2024-26600 CVE-2024-26602 CVE-2024-26607 CVE-2024-26612
CVE-2024-26614 CVE-2024-26620 CVE-2024-26627 CVE-2024-26629 CVE-2024-26642
CVE-2024-26645 CVE-2024-26646 CVE-2024-26651 CVE-2024-26654 CVE-2024-26659
CVE-2024-26664 CVE-2024-26667 CVE-2024-26670 CVE-2024-26695 CVE-2024-26717
CVE-2024-28085 CVE-2024-28182 CVE-2024-28757 CVE-2024-28834 CVE-2024-28835
CVE-2024-2961 CVE-2024-31142 CVE-2024-3651
-----------------------------------------------------------------
The container suse-sles-15-sp5-chost-byos-v20240502-hvm-ssd-x86_64 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:573-1
Released: Wed Feb 21 09:36:59 2024
Summary: Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2
Type: security
Severity: moderate
References: 1133277,1182659,1203378,1208794,1212180,1212182,1214148,1215334,CVE-2023-32731,CVE-2023-32732,CVE-2023-33953,CVE-2023-44487,CVE-2023-4785
This update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2 fixes the following issues:
abseil-cpp was updated to:
Update to 20230802.1:
* Add StdcppWaiter to the end of the list of waiter implementations
Update to 20230802.0
What's New:
* Added the nullability library for designating the expected
nullability of pointers. Currently these serve as annotations
only, but it is expected that compilers will one day be able
to use these annotations for diagnostic purposes.
* Added the prefetch library as a portable layer for moving data
into caches before it is read.
* Abseil's hash tables now detect many more programming errors
in debug and sanitizer builds.
* Abseil's synchronization objects now differentiate absolute
waits (when passed an absl::Time) from relative waits (when
passed an absl::Duration) when the underlying platform supports
differentiating these cases. This only makes a difference when
system clocks are adjusted.
* Abseil's flag parsing library includes additional methods that
make it easier to use when another library also expects to be
able to parse flags.
* absl::string_view is now available as a smaller target,
@com_google_absl//absl/strings:string_view, so that users may
use this library without depending on the much larger
@com_google_absl//absl/strings target.
Update to 20230125.3
Details can be found on:
https://github.com/abseil/abseil-cpp/releases/tag/20230125.3
Update to 20230125.2
What's New:
The Abseil logging library has been released. This library
provides facilities for writing short text messages about the
status of a program to stderr, disk files, or other sinks
(via an extension API). See the logging library documentation
for more information.
An extension point, AbslStringify(), allows user-defined types
to seamlessly work with Abseil's string formatting functions
like absl::StrCat() and absl::StrFormat().
A library for computing CRC32C checksums has been added.
Floating-point parsing now uses the Eisel-Lemire algorithm,
which provides a significant speed improvement.
The flags library now provides suggestions for the closest
flag(s) in the case of misspelled flags.
Using CMake to install Abseil now makes the installed artifacts
(in particular absl/base/options.h) reflect the compiled ABI.
Breaking Changes:
Abseil now requires at least C++14 and follows Google's Foundational
C++ Support Policy. See this table for a list of currently supported
versions compilers, platforms, and build tools.
The legacy spellings of the thread annotation macros/functions
(e.g. GUARDED_BY()) have been removed by default in favor of the
ABSL_ prefixed versions (e.g. ABSL_GUARDED_BY()) due to clashes with
other libraries. The compatibility macro ABSL_LEGACY_THREAD_ANNOTATIONS
can be defined on the compile command-line to temporarily restore these
spellings, but this compatibility macro will be removed in the future.
Known Issues
The Abseil logging library in this release is not a feature-complete
replacement for glog yet. VLOG and DFATAL are examples of features
that have not yet been released.
Update to version 20220623.0
What's New:
* Added absl::AnyInvocable, a move-only function type.
* Added absl::CordBuffer, a type for buffering data for eventual inclusion an
absl::Cord, which is useful for writing zero-copy code.
* Added support for command-line flags of type absl::optional<T>.
Breaking Changes:
* CMake builds now use the flag ABSL_BUILD_TESTING (default: OFF) to control
whether or not unit tests are built.
* The ABSL_DEPRECATED macro now works with the GCC compiler. GCC users that
are experiencing new warnings can use -Wno-deprecated-declatations silence
the warnings or use -Wno-error=deprecated-declarations to see warnings but
not fail the build.
* ABSL_CONST_INIT uses the C++20 keyword constinit when available. Some
compilers are more strict about where this keyword must appear compared to
the pre-C++20 implementation.
* Bazel builds now depend on the bazelbuild/bazel-skylib repository.
See Abseil's WORKSPACE file for an example of how to add this dependency.
Other:
* This will be the last release to support C++11. Future releases will require at least C++14.
grpc was updated to 1.60:
Update to release 1.60
* Implemented dualstack IPv4 and IPv6 backend support, as per
draft gRFC A61. xDS support currently guarded by
GRPC_EXPERIMENTAL_XDS_DUALSTACK_ENDPOINTS env var.
* Support for setting proxy for addresses.
* Add v1 reflection.
update to 1.59.3:
* Security - Revocation: Crl backport to 1.59. (#34926)
Update to release 1.59.2
* Fixes for CVE-2023-44487
Update to version 1.59.1:
* C++: Fix MakeCordFromSlice memory bug (gh#grpc/grpc#34552).
Update to version 1.59.0:
* xds ssa: Remove environment variable protection for stateful
affinity (gh#grpc/grpc#34435).
* c-ares: fix spin loop bug when c-ares gives up on a socket
that still has data left in its read buffer
(gh#grpc/grpc#34185).
* Deps: Adding upb as a submodule (gh#grpc/grpc#34199).
* EventEngine: Update Cancel contract on closure deletion
timeline (gh#grpc/grpc#34167).
* csharp codegen: Handle empty base_namespace option value to
fix gh#grpc/grpc#34113 (gh#grpc/grpc#34137).
* Ruby:
- replace strdup with gpr_strdup (gh#grpc/grpc#34177).
- drop ruby 2.6 support (gh#grpc/grpc#34198).
Update to release 1.58.1
* Reintroduced c-ares 1.14 or later support
Update to release 1.58
* ruby extension: remove unnecessary background thread startup
wait logic that interferes with forking
Update to release 1.57 (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)
* EventEngine: Change GetDNSResolver to return
absl::StatusOr<std::unique_ptr<DNSResolver>>.
* Improve server handling of file descriptor exhaustion.
* Add a channel argument to set DSCP on streams.
Update to release 1.56.2
* Improve server handling of file descriptor exhaustion
Update to release 1.56.0 (CVE-2023-32731, bsc#1212180)
* core: Add support for vsock transport.
* EventEngine: Change TXT lookup result type to
std::vector<std::string>.
* C++/Authz: support customizable audit functionality for
authorization policy.
Update to release 1.54.1
* Bring declarations and definitions to be in sync
Update to release 1.54 (CVE-2023-32732, bsc#1212182)
* XDS: enable XDS federation by default
* TlsCreds: Support revocation of intermediate in chain
Update to release 1.51.1
* Only a macOS/aarch64-related change
Update to release 1.51
* c-ares DNS resolver: fix logical race between resolution
timeout/cancellation and fd readability.
* Remove support for pthread TLS
Update to release 1.50.0
* Core
- Derive EventEngine from std::enable_shared_from_this. (#31060)
- Revert 'Revert '[chttp2] fix stream leak with queued flow control
update and absence of writes (#30907)' (#30991)'. (#30992)
- [chttp2] fix stream leak with queued flow control update and absence of writes. (#30907)
- Remove gpr_codegen. (#30899)
- client_channel: allow LB policy to communicate update errors to resolver. (#30809)
- FaultInjection: Fix random number generation. (#30623)
* C++
- OpenCensus Plugin: Add measure and views for started RPCs. (#31034)
* C#
- Grpc.Tools: Parse warnings from libprotobuf (fix #27502). (#30371)
- Grpc.Tools add support for env variable GRPC_PROTOC_PLUGIN (fix #27099). (#30411)
- Grpc.Tools document AdditionalImportDirs. (#30405)
- Fix OutputOptions and GrpcOutputOptions (issue #25950). (#30410)
Update to release 1.49.1
* All
- Update protobuf to v21.6 on 1.49.x. (#31028)
* Ruby
- Backport 'Fix ruby windows ucrt build #31051' to 1.49.x. (#31053)
Update to release 1.49.0
* Core
- Backport: 'stabilize the C2P resolver URI scheme' to v1.49.x. (#30654)
- Bump core version. (#30588)
- Update OpenCensus to HEAD. (#30567)
- Update protobuf submodule to 3.21.5. (#30548)
- Update third_party/protobuf to 3.21.4. (#30377)
- [core] Remove GRPC_INITIAL_METADATA_CORKED flag. (#30443)
- HTTP2: Fix keepalive time throttling. (#30164)
- Use AnyInvocable in EventEngine APIs. (#30220)
* Python
- Add type stub generation support to grpcio-tools. (#30498)
Update to release 1.48.1
* Backport EventEngine Forkables
Update to release 1.48.0
* C++14 is now required
* xDS: Workaround to get gRPC clients working with istio
Update to release 1.46.3
* backport: xds: use federation env var to guard new-style
resource name parsing (#29725) #29727
Update to release 1.46
* Added HTTP/1.1 support in httpcli
* HTTP2: Add graceful goaway
Update to release 1.45.2
* Various fixes related to XDS
* HTTP2: Should not run cancelling logic on servers when
receiving GOAWAY
Update to release 1.45.1
* Switched to epoll1 as a default polling engine for Linux
Update to version 1.45.0:
* Core:
- Backport 'Include ADS stream error in XDS error updates
(#29014)' to 1.45.x [gh#grpc/grpc#29121].
- Bump core version to 23.0.0 for upcoming release
[gh#grpc/grpc#29026].
- Fix memory leak in HTTP request security handshake
cancellation [gh#grpc/grpc#28971].
- CompositeChannelCredentials: Comparator implementation
[gh#grpc/grpc#28902].
- Delete custom iomgr [gh#grpc/grpc#28816].
- Implement transparent retries [gh#grpc/grpc#28548].
- Uniquify channel args keys [gh#grpc/grpc#28799].
- Set trailing_metadata_available for recv_initial_metadata
ops when generating a fake status [gh#grpc/grpc#28827].
- Eliminate gRPC insecure build [gh#grpc/grpc#25586].
- Fix for a racy WorkSerializer shutdown [gh#grpc/grpc#28769].
- InsecureCredentials: singleton object [gh#grpc/grpc#28777].
- Add http cancel api [gh#grpc/grpc#28354].
- Memory leak fix on windows in grpc_tcp_create()
[gh#grpc/grpc#27457].
- xDS: Rbac filter updates [gh#grpc/grpc#28568].
* C++
- Bump the minimum gcc to 5 [gh#grpc/grpc#28786].
- Add experimental API for CRL checking support to gRPC C++
TlsCredentials [gh#grpc/grpc#28407].
Update to release 1.44.0
* Add a trace to list which filters are contained in a
channel stack.
* Remove grpc_httpcli_context.
* xDS: Add support for RBAC HTTP filter.
* API to cancel grpc_resolve_address.
Update to version 1.43.2:
* Fix google-c2p-experimental issue (gh#grpc/grpc#28692).
Changes from version 1.43.0:
* Core:
- Remove redundant work serializer usage in c-ares windows
code (gh#grpc/grpc#28016).
- Support RDS updates on the server (gh#grpc/grpc#27851).
- Use WorkSerializer in XdsClient to propagate updates in a
synchronized manner (gh#grpc/grpc#27975).
- Support Custom Post-handshake Verification in TlsCredentials
(gh#grpc/grpc#25631).
- Reintroduce the EventEngine default factory
(gh#grpc/grpc#27920).
- Assert Android API >= v21 (gh#grpc/grpc#27943).
- Add support for abstract unix domain sockets
(gh#grpc/grpc#27906).
* C++:
- OpenCensus: Move metadata storage to arena
(gh#grpc/grpc#27948).
* [C#] Add nullable type attributes to Grpc.Core.Api
(gh#grpc/grpc#27887).
- Update package name libgrpc++1 to libgrpc++1_43 in keeping with
updated so number.
Update to release 1.41.0
* xDS: Remove environmental variable guard for security.
* xDS Security: Use new way to fetch certificate provider
plugin instance config.
* xDS server serving status: Use a struct to allow more fields
to be added in the future.
Update to release 1.39.1
* Fix C# protoc plugin argument parsing on 1.39.x
Update to version 1.39.0:
* Core
- Initialize tcp_posix for CFStream when needed
(gh#grpc/grpc#26530).
- Update boringssl submodule (gh#grpc/grpc#26520).
- Fix backup poller races (gh#grpc/grpc#26446).
- Use default port 443 in HTTP CONNECT request
(gh#grpc/grpc#26331).
* C++
- New iomgr implementation backed by the EventEngine API
(gh#grpc/grpc#26026).
- async_unary_call: add a Destroy method, called by
std::default_delete (gh#grpc/grpc#26389).
- De-experimentalize C++ callback API (gh#grpc/grpc#25728).
* PHP: stop reading composer.json file just to read the version
string (gh#grpc/grpc#26156).
* Ruby: Set XDS user agent in ruby via macros
(gh#grpc/grpc#26268).
Update to release 1.38.0
* Invalidate ExecCtx now before computing timeouts in all
repeating timer events using a WorkSerializer or combiner.
* Fix use-after-unref bug in fault_injection_filter
* New gRPC EventEngine Interface
* Allow the AWS_DEFAULT_REGION environment variable
* s/OnServingStatusChange/OnServingStatusUpdate/
Update to release 1.37.1
* Use URI form of address for channelz listen node
* Implementation CSDS (xDS Config Dump)
* xDS status notifier
* Remove CAS loops in global subchannel pool and simplify
subchannel refcounting
Update to release 1.36.4
* A fix for DNS SRV lookups on Windows
Update to 1.36.1:
* Core:
* Remove unnecessary internal pollset set in c-ares DNS resolver
* Support Default Root Certs in Tls Credentials
* back-port: add env var protection for google-c2p resolver
* C++:
* Move third party identity C++ api out of experimental namespace
* refactor!: change error_details functions to templates
* Support ServerContext for callback API
* PHP:
* support for PSM security
* fixed segfault on reused call object
* fixed phpunit 8 warnings
* Python:
* Implement Python Client and Server xDS Creds
Update to version 1.34.1:
* Backport 'Lazily import grpc_tools when using runtime
stub/message generation' to 1.34.x (gh#grpc/grpc#25011).
* Backport 'do not use <PublicSign>true</PublicSign> on
non-windows' to 1.34.x (gh#grpc/grpc#24995).
Update to version 1.34.0:
* Core:
- Protect xds security code with the environment variable
'GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT'
(gh#grpc/grpc#24782).
- Add support for 'unix-abstract:' URIs to support abstract
unix domain sockets (gh#grpc/grpc#24500).
- Increment Index when parsing not plumbed SAN fields
(gh#grpc/grpc#24601).
- Revert 'Revert 'Deprecate
GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS''
(gh#grpc/grpc#24518).
- xds: Set status code to INVALID_ARGUMENT when NACKing
(gh#grpc/grpc#24516).
- Include stddef.h in address_sorting.h (gh#grpc/grpc#24514).
- xds: Add support for case_sensitive option in RouteMatch
(gh#grpc/grpc#24381).
* C++:
- Fix --define=grpc_no_xds=true builds (gh#grpc/grpc#24503).
- Experimental support and tests for
CreateCustomInsecureChannelWithInterceptorsFromFd
(gh#grpc/grpc#24362).
Update to release 1.33.2
* Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS.
* Expose Cronet error message to the application layer.
* Remove grpc_channel_ping from surface API.
* Do not send BDP pings if there is no receive side activity.
Update to version 1.33.1
* Core
- Deprecate
GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS
(gh#grpc/grpc#24063).
- Expose Cronet error message to the application layer
(gh#grpc/grpc#24083).
- Remove grpc_channel_ping from surface API
(gh#grpc/grpc#23894).
- Do not send BDP pings if there is no receive side activity
(gh#grpc/grpc#22997).
* C++
- Makefile: only support building deps from submodule
(gh#grpc/grpc#23957).
- Add new subpackages - libupb and upb-devel. Currently, grpc
sources include also upb sources. Before this change, libupb and
upb-devel used to be included in a separate package - upb.
Update to version 1.32.0:
* Core
- Remove stream from stalled lists on remove_stream
(gh#grpc/grpc#23984).
- Do not cancel RPC if send metadata size if larger than
peer's limit (gh#grpc/grpc#23806).
- Don't consider receiving non-OK status as an error for HTTP2
(gh#grpc/grpc#19545).
- Keepalive throttling (gh#grpc/grpc#23313).
- Include the target_uri in 'target uri is not valid' error
messages (gh#grpc/grpc#23782).
- Fix 'cannot send compressed message large than 1024B' in
cronet_transport (gh#grpc/grpc#23219).
- Receive SETTINGS frame on clients before declaring
subchannel READY (gh#grpc/grpc#23636).
- Enabled GPR_ABSEIL_SYNC (gh#grpc/grpc#23372).
- Experimental xDS v3 support (gh#grpc/grpc#23281).
* C++
- Upgrade bazel used for all tests to 2.2.0
(gh#grpc/grpc#23902).
- Remove test targets and test helper libraries from Makefile
(gh#grpc/grpc#23813).
- Fix repeated builds broken by re2's cmake
(gh#grpc/grpc#23587).
- Log the peer address of grpc_cli CallMethod RPCs to stderr
(gh#grpc/grpc#23557).
opencensus-proto was updated to 0.3.0+git.20200721:
- Update to version 0.3.0+git.20200721:
* Bump version to 0.3.0
* Generate Go types using protocolbuffers/protobuf-go (#218)
* Load proto_library() rule. (#216)
- Update to version 0.2.1+git.20190826:
* Remove grpc_java dependency and java_proto rules. (#214)
* Add C++ targets, especially for gRPC services. (#212)
* Upgrade bazel and dependencies to latest. (#211)
* Bring back bazel cache to make CI faster. (#210)
* Travis: don't require sudo for bazel installation. (#209)
- Update to version 0.2.1:
* Add grpc-gateway for metrics service. (#205)
* Pin bazel version in travis builds (#207)
* Update gen-go files (#199)
* Add Web JS as a LibraryInfo.Language option (#198)
* Set up Python packaging for PyPI release. (#197)
* Add tracestate to links. (#191)
* Python proto file generator and generated proto files (#196)
* Ruby proto file generator and generated proto files (#192)
* Add py_proto_library() rules for envoy/api. (#194)
* Gradle: Upgrade dependency versions. (#193)
* Update release versions for readme. (#189)
* Start 0.3.0 development cycle
* Update gen-go files. (#187)
* Revert 'Start 0.3.0 development cycle (#167)' (#183)
* Revert optimization for metric descriptor and bucket options for now. (#184)
* Constant sampler: add option to always follow the parent's decision. (#182)
* Document that all maximum values must be specified. (#181)
* Fix typo in bucket bounds. (#178)
* Restrict people who can approve reviews. This is to ensure code quality. (#177)
* Use bazel cache to make CI faster. (#176)
* Add grpc generated files to the idea plugin. (#175)
* Add Resource to Span (#174)
* time is required (#170)
* Upgrade protobuf dependency to v3.6.1.3. (#173)
* assume Ok Status when not set (#171)
* Minor comments fixes (#160)
* Start 0.3.0 development cycle (#167)
* Update gen-go files. (#162)
* Update releasing instruction. (#163)
* Fix Travis build. (#165)
* Add OpenApi doc for trace agent grpc-gateway (#157)
* Add command to generate OpenApi/Swagger doc for grpc-gateway (#156)
* Update gen-go files (#155)
* Add trace export grpc-gateway config (#77)
* Fix bazel build after bazel upgrade (#154)
* README: Add gitter, javadoc and godoc badge. (#151)
* Update release versions for README. (#150)
* Start 0.2.0 development cycle
* Add resource and metrics_service proto to mkgogen. Re-generate gen-go files. (#147)
* Add resource to protocol (#137)
* Fix generating the javadoc. (#144)
* Metrics/TimeSeries: start time should not be included while end time should. (#142)
* README: Add instructions on using opencensus_proto with Bazel. (#140)
* agent/README: update package info. (#138)
* Agent: Add metrics service. (#136)
* Tracing: Add default limits to TraceConfig. (#133)
* Remove a stale TODO. (#134)
* README: Add a note about go_proto_library rules. (#135)
* add golang bazel build support (#132)
* Remove exporter protos from mkgogen. (#128)
* Update README and RELEASING. (#130)
* Change histogram buckets definition to be OpenMetrics compatible. (#121)
* Remove exporter/v1 protos. (#124)
* Clean up the README for Agent proto. (#126)
* Change Quantiles to ValuesAtPercentile. (#122)
* Extend the TraceService service to support export/config for multiple Applications. (#119)
* Add specifications on Agent implementation details. (#112)
* Update gitignore (#118)
* Remove maven support. Not used. (#116)
* Add gauge distribution. (#117)
* Add support for Summary type and value. (#110)
* Add Maven status and instructions on adding dependencies. (#115)
* Bump version to 0.0.3-SNAPSHOT
* Bump version to 0.0.2
* Update gen-go files. (#114)
* Gradle: Add missing source and javadoc rules. (#113)
* Add support for float attributes. (#98)
* Change from mean to sum in distribution. (#109)
* Bump version to v0.0.2-SNAPSHOT
* Bump version to v0.0.1
* Add releasing instructions in RELEASING.md. (#106)
* Add Gradle build rules for generating gRPC service and releasing to Maven. (#102)
* Re-organize proto directory structure. (#103)
* Update gen-go files. (#101)
* Add a note about interceptors of other libraries. (#94)
* agent/common/v1: use exporter_version, core_library_version in LibraryInfo (#100)
* opencensus/proto: add default Agent port to README (#97)
* Update the message names for Config RPC. (#93)
* Add details about agent protocol in the README. (#88)
* Update gen-go files. (#92)
* agent/trace/v1: fix signature for Config and comments too (#91)
* Update gen-go files. (#86)
* Make tracestate a list instead of a map to preserve ordering. (#84)
* Allow MetricDescriptor to be sent only the first time. (#78)
* Update mkgogen.sh. (#85)
* Add agent trace service proto definitions. (#79)
* Update proto and gen-go package names. (#83)
* Add agent/common proto and BUILD. (#81)
* Add trace_config.proto. (#80)
* Build exporters with maven. (#76)
* Make clear that cumulative int/float can go only up. (#75)
* Add tracestate field to the Span proto. (#74)
* gradle wrapper --gradle-version 4.9 (#72)
* Change from multiple types of timeseries to have one. (#71)
* Move exemplars in the Bucket. (#70)
* Update gen-go files. (#69)
* Move metrics in the top level directory. (#68)
* Remove Range from Distribution. No backend supports this. (#67)
* Remove unused MetricSet message. (#66)
* Metrics: Add Exemplar to DistributionValue. (#62)
* Gauge vs Cumulative. (#65)
* Clarifying comment about bucket boundaries. (#64)
* Make MetricDescriptor.Type capture the type of the value as well. (#63)
* Regenerate the Go artifacts (#61)
* Add export service proto (#60)
- Initial version 20180523
protobuf was updated to 25.1:
update to 25.1:
* Raise warnings for deprecated python syntax usages
* Add support for extensions in CRuby, JRuby, and FFI Ruby
* Add support for options in CRuby, JRuby and FFI (#14594)
update to 25.0:
* Implement proto2/proto3 with editions
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Editions: Introduce functionality to protoc for generating
edition feature set defaults.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Editions: Refactor feature resolution to use an intermediate
message.
* Publish extension declarations with declaration
verifications.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Protoc: parser rejects explicit use of map_entry option
* Protoc: validate that reserved range start is before end
* Protoc: support identifiers as reserved names in addition to
string literals (only in editions)
* Drop support for Bazel 5.
* Allow code generators to specify whether or not they support
editions.
C++:
* Set `PROTOBUF_EXPORT` on
`InternalOutOfLineDeleteMessageLite()`
* Update stale checked-in files
* Apply PROTOBUF_NOINLINE to declarations of some functions
that want it.
* Implement proto2/proto3 with editions
* Make JSON UTF-8 boundary check inclusive of the largest
possible UTF-8 character.
* Reduce `Map::size_type` to 32-bits. Protobuf containers can't
have more than that
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Fix bug in reflection based Swap of map fields.
* Add utf8_validation feature back to the global feature set.
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Add prefetching to arena allocations.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
repeated and map field accessors.
* Editions: Migrate edition strings to enum in C++ code.
* Create a reflection helper for ExtensionIdentifier.
* Editions: Provide an API for C++ generators to specify their
features.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
string field accessors.
* Editions: Refactor feature resolution to use an intermediate
message.
* Fixes for 32-bit MSVC.
* Publish extension declarations with declaration
verifications.
* Export the constants in protobuf's any.h to support DLL
builds.
* Implement AbslStringify for the Descriptor family of types.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
message field accessors.
* Editions: Stop propagating partially resolved feature sets to
plugins.
* Editions: Migrate string_field_validation to a C++ feature
* Editions: Include defaults for any features in the generated
pool.
* Introduce C++ feature for UTF8 validation.
* Protoc: validate that reserved range start is before end
* Remove option to disable the table-driven parser in protoc.
* Lock down ctype=CORD in proto file.
* Support split repeated fields.
* In OSS mode omit some extern template specializations.
* Allow code generators to specify whether or not they support
editions.
Java:
* Implement proto2/proto3 with editions
* Remove synthetic oneofs from Java gencode field accessor
tables.
* Timestamps.parse: Add error handling for invalid
hours/minutes in the timezone offset.
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Add missing debugging version info to Protobuf Java gencode
when multiple files are generated.
* Fix a bad cast in putBuilderIfAbsent when already present due
to using the result of put() directly (which is null if it
currently has no value)
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Fix a NPE in putBuilderIfAbsent due to using the result of
put() directly (which is null if it currently has no value)
* Update Kotlin compiler to escape package names
* Add MapFieldBuilder and change codegen to generate it and the
put{field}BuilderIfAbsent method.
* Introduce recursion limit in Java text format parsing
* Consider the protobuf.Any invalid if typeUrl.split('/')
returns an empty array.
* Mark `FieldDescriptor.hasOptionalKeyword()` as deprecated.
* Fixed Python memory leak in map lookup.
* Loosen upb for json name conflict check in proto2 between
json name and field
* Defines Protobuf compiler version strings as macros and
separates out suffix string definition.
* Add `ABSL_ATTRIBUTE_LIFETIME_BOUND` attribute on generated
oneof accessors.
* Ensure Timestamp.ToDatetime(tz) has correct offset
* Do not check required field for upb python MergeFrom
* Setting up version updater to prepare for poison pills and
embedding version info into C++, Python and Java gencode.
* Merge the protobuf and upb Bazel repos
* Comparing a proto message with an object of unknown returns
NotImplemented
* Emit __slots__ in pyi output as a tuple rather than a list
for --pyi_out.
* Fix a bug that strips options from descriptor.proto in
Python.
* Raise warings for message.UnknownFields() usages and navigate
to the new add
* Add protobuf python keyword support in path for stub
generator.
* Add tuple support to set Struct
* ### Python C-Extension (Default)
* Comparing a proto message with an object of unknown returns
NotImplemented
* Check that ffi-compiler loads before using it to define
tasks.
UPB (Python/PHP/Ruby C-Extension):
* Include .inc files directly instead of through a filegroup
* Loosen upb for json name conflict check in proto2 between
json name and field
* Add utf8_validation feature back to the global feature set.
* Do not check required field for upb python MergeFrom
* Merge the protobuf and upb Bazel repos
* Added malloc_trim() calls to Python allocator so RSS will
decrease when memory is freed
* Upb: fix a Python memory leak in ByteSize()
* Support ASAN detection on clang
* Upb: bugfix for importing a proto3 enum from within a proto2
file
* Expose methods needed by Ruby FFI using UPB_API
* Fix `PyUpb_Message_MergeInternal` segfault
- Build with source and target levels 8
* fixes build with JDK21
- Install the pom file with the new %%mvn_install_pom macro
- Do not install the pom-only artifacts, since the %%mvn_install_pom
macro resolves the variables at the install time
update to 23.4:
* Add dllexport_decl for generated default instance.
* Deps: Update Guava to 32.0.1
update to 23.3:
C++:
* Regenerate stale files
* Use the same ABI for static and shared libraries on non-
Windows platforms
* Add a workaround for GCC constexpr bug
Objective-C:
* Regenerate stale files
UPB (Python/PHP/Ruby C-Extension)
* Fixed a bug in `upb_Map_Delete()` that caused crashes in
map.delete(k) for Ruby when string-keyed maps were in use.
Compiler:
* Add missing header to Objective-c generator
* Add a workaround for GCC constexpr bug
Java:
* Rollback of: Simplify protobuf Java message builder by
removing methods that calls the super class only.
Csharp:
* [C#] Replace regex that validates descriptor names
update to 22.5:
C++:
* Add missing cstdint header
* Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700)
* Avoid using string(JOIN..., which requires cmake 3.12
* Explicitly include GTest package in examples
* Bump Abseil submodule to 20230125.3 (#12660)
update to 22.4:
C++:
* Fix libprotoc: export useful symbols from .so
Python:
* Fix bug in _internal_copy_files where the rule would fail in
downstream repositories.
Other:
* Bump utf8_range to version with working pkg-config (#12584)
* Fix declared dependencies for pkg-config
* Update abseil dependency and reorder dependencies to ensure
we use the version specified in protobuf_deps.
* Turn off clang::musttail on i386
update to v22.3
UPB (Python/PHP/Ruby C-Extension):
* Remove src prefix from proto import
* Fix .gitmodules to use the correct absl branch
* Remove erroneous dependency on googletest
update to 22.2:
Java:
* Add version to intra proto dependencies and add kotlin stdlib
dependency
* Add $ back for osgi header
* Remove $ in pom files
update to 22.1:
* Add visibility of plugin.proto to python directory
* Strip 'src' from file name of plugin.proto
* Add OSGi headers to pom files.
* Remove errorprone dependency from kotlin protos.
* Version protoc according to the compiler version number.
- update to 22.0:
* This version includes breaking changes to: Cpp.
Please refer to the migration guide for information:
https://protobuf.dev/support/migration/#compiler-22
* [Cpp] Migrate to Abseil's logging library.
* [Cpp] `proto2::Map::value_type` changes to `std::pair`.
* [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream,
and DefaultFieldComparator classes.
* [Cpp] Add a dependency on Abseil (#10416)
* [Cpp] Remove all autotools usage (#10132)
* [Cpp] Add C++20 reserved keywords
* [Cpp] Dropped C++11 Support
* [Cpp] Delete Arena::Init
* [Cpp] Replace JSON parser with new implementation
* [Cpp] Make RepeatedField::GetArena non-const in order to
support split RepeatedFields.
* long list of bindings specific fixes see
https://github.com/protocolbuffers/protobuf/releases/tag/v22.0
update to v21.12:
* Python:
* Fix broken enum ranges (#11171)
* Stop requiring extension fields to have a sythetic oneof (#11091)
* Python runtime 4.21.10 not works generated code can not load valid
proto.
update to 21.11:
* Python:
* Add license file to pypi wheels (#10936)
* Fix round-trip bug (#10158)
update to 21.10::
* Java:
* Use bit-field int values in buildPartial to skip work on unset groups of
fields. (#10960)
* Mark nested builder as clean after clear is called (#10984)
update to 21.9:
* Ruby:
* Replace libc strdup usage with internal impl to restore musl compat (#10818)
* Auto capitalize enums name in Ruby (#10454) (#10763)
* Other:
* Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721)
* C++:
* 21.x No longer define no_threadlocal on OpenBSD (#10743)
* Java:
* Mark default instance as immutable first to avoid race during static initialization of default instances (#10771)
* Refactoring java full runtime to reuse sub-message builders and prepare to
migrate parsing logic from parse constructor to builder.
* Move proto wireformat parsing functionality from the private 'parsing
constructor' to the Builder class.
* Change the Lite runtime to prefer merging from the wireformat into mutable
messages rather than building up a new immutable object before merging. This
way results in fewer allocations and copy operations.
* Make message-type extensions merge from wire-format instead of building up
instances and merging afterwards. This has much better performance.
* Fix TextFormat parser to build up recurring (but supposedly not repeated)
sub-messages directly from text rather than building a new sub-message and
merging the fully formed message into the existing field.
update to 21.6:
C++:
* Reduce memory consumption of MessageSet parsing
update to 21.5:
PHP:
* Added getContainingOneof and getRealContainingOneof to descriptor.
* fix PHP readonly legacy files for nested messages
Python:
* Fixed comparison of maps in Python.
- update to 21.4:
* Reduce the required alignment of ArenaString from 8 to 4
- update to 21.3:
* C++:
* Add header search paths to Protobuf-C++.podspec (#10024)
* Fixed Visual Studio constinit errors (#10232)
* Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
* UPB:
* Allow empty package names (fixes behavior regression in 4.21.0)
* Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
* Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
* for x in mapping now yields keys rather than values, to match Python
conventions and the behavior of the old library.
* Lookup operations now correctly reject unhashable types as map keys.
* We implement repr() to use the same format as dict.
* Fix maps to use the ScalarMapContainer class when appropriate
* Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
* PHP:
* Add 'readonly' as a keyword for PHP and add previous classnames to descriptor pool (#10041)
* Python:
* Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
* Bazel:
* Add back a filegroup for :well_known_protos (#10061)
Update to 21.2:
- C++:
- cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614)
- Escape GetObject macro inside protoc-generated code (#9739)
- Update CMake configuration to add a dependency on Abseil (#9793)
- Fix cmake install targets (#9822)
- Use __constinit only in GCC 12.2 and up (#9936)
- Java:
- Update protobuf_version.bzl to separate protoc and per-language java … (#9900)
- Python:
- Increment python major version to 4 in version.json for python upb (#9926)
- The C extension module for Python has been rewritten to use the upb library.
- This is expected to deliver significant performance benefits, especially when
parsing large payloads. There are some minor breaking changes, but these
should not impact most users. For more information see:
https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates
- PHP:
- [PHP] fix PHP build system (#9571)
- Fix building packaged PHP extension (#9727)
- fix: reserve 'ReadOnly' keyword for PHP 8.1 and add compatibility (#9633)
- fix: phpdoc syntax for repeatedfield parameters (#9784)
- fix: phpdoc for repeatedfield (#9783)
- Change enum string name for reserved words (#9780)
- chore: [PHP] fix phpdoc for MapField keys (#9536)
- Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996)
- Ruby:
- Allow pre-compiled binaries for ruby 3.1.0 (#9566)
- Implement respond_to? in RubyMessage (#9677)
- [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722)
- Do not use range based UTF-8 validation in truffleruby (#9769)
- Improve range handling logic of RepeatedField (#9799)
- Other:
- Fix invalid dependency manifest when using descriptor_set_out (#9647)
- Remove duplicate java generated code (#9909)
- Update to 3.20.1:
- PHP:
- Fix building packaged PHP extension (#9727)
- Fixed composer.json to only advertise compatibility with
PHP 7.0+. (#9819)
- Ruby:
- Disable the aarch64 build on macOS until it can be fixed. (#9816)
- Other:
- Fix versioning issues in 3.20.0
- Update to 3.20.1:
- Ruby:
- Dropped Ruby 2.3 and 2.4 support for CI and releases.
(#9311)
- Added Ruby 3.1 support for CI and releases (#9566).
- Message.decode/encode: Add recursion_limit option
(#9218/#9486)
- Allocate with xrealloc()/xfree() so message allocation is
visible to the
- Ruby GC. In certain tests this leads to much lower memory
usage due to more
- frequent GC runs (#9586).
- Fix conversion of singleton classes in Ruby (#9342)
- Suppress warning for intentional circular require (#9556)
- JSON will now output shorter strings for double and float
fields when possible
- without losing precision.
- Encoding and decoding of binary format will now work
properly on big-endian
- systems.
- UTF-8 verification was fixed to properly reject surrogate
code points.
- Unknown enums for proto2 protos now properly implement
proto2's behavior of
- putting such values in unknown fields.
- Java:
- Revert 'Standardize on Array copyOf' (#9400)
- Resolve more java field accessor name conflicts (#8198)
- Fix parseFrom to only throw InvalidProtocolBufferException
- InvalidProtocolBufferException now allows arbitrary wrapped
Exception types.
- Fix bug in FieldSet.Builder.mergeFrom
- Flush CodedOutputStream also flushes underlying
OutputStream
- When oneof case is the same and the field type is Message,
merge the
- subfield. (previously it was replaced.)’
- Add @CheckReturnValue to some protobuf types
- Report original exceptions when parsing JSON
- Add more info to @deprecated javadoc for set/get/has
methods
- Fix initialization bug in doc comment line numbers
- Fix comments for message set wire format.
- Kotlin:
- Add test scope to kotlin-test for protobuf-kotlin-lite
(#9518)
- Add orNull extensions for optional message fields.
- Add orNull extensions to all proto3 message fields.
- Python:
- Dropped support for Python < 3.7 (#9480)
- Protoc is now able to generate python stubs (.pyi) with
--pyi_out
- Pin multibuild scripts to get manylinux1 wheels back
(#9216)
- Fix type annotations of some Duration and Timestamp
methods.
- Repeated field containers are now generic in field types
and could be used in type annotations.
- Protobuf python generated codes are simplified. Descriptors
and message classes' definitions are now dynamic created in
internal/builder.py.
- Insertion Points for messages classes are discarded.
- has_presence is added for FieldDescriptor in python
- Loosen indexing type requirements to allow valid index()
implementations rather than only PyLongObjects.
- Fix the deepcopy bug caused by not copying
message_listener.
- Added python JSON parse recursion limit (default 100)
- Path info is added for python JSON parse errors
- Pure python repeated scalar fields will not able to pickle.
Convert to list first.
- Timestamp.ToDatetime() now accepts an optional tzinfo
parameter. If specified, the function returns
a timezone-aware datetime in the given time zone. If
omitted or None, the function returns a timezone-naive UTC
datetime (as previously).
- Adds client_streaming and server_streaming fields to
MethodDescriptor.
- Add 'ensure_ascii' parameter to json_format.MessageToJson.
This allows smaller JSON serializations with UTF-8 or other
non-ASCII encodings.
- Added experimental support for directly assigning numpy
scalars and array.
- Improve the calculation of public_dependencies in
DescriptorPool.
- [Breaking Change] Disallow setting fields to numpy
singleton arrays or repeated fields to numpy
multi-dimensional arrays. Numpy arrays should be indexed or
flattened explicitly before assignment.
- Compiler:
- Migrate IsDefault(const std::string*) and
UnsafeSetDefault(const std::string*)
- Implement strong qualified tags for TaggedPtr
- Rework allocations to power-of-two byte sizes.
- Migrate IsDefault(const std::string*) and
UnsafeSetDefault(const std::string*)
- Implement strong qualified tags for TaggedPtr
- Make TaggedPtr Set...() calls explicitly spell out the
content type.
- Check for parsing error before verifying UTF8.
- Enforce a maximum message nesting limit of 32 in the
descriptor builder to
- guard against stack overflows
- Fixed bugs in operators for RepeatedPtrIterator
- Assert a maximum map alignment for allocated values
- Fix proto1 group extension protodb parsing error
- Do not log/report the same descriptor symbol multiple
times if it contains
- more than one invalid character.
- Add UnknownFieldSet::SerializeToString and
SerializeToCodedStream.
- Remove explicit default pointers and deprecated API from
protocol compiler
- Arenas:
- Change Repeated*Field to reuse memory when using arenas.
- Implements pbarenaz for profiling proto arenas
- Introduce CreateString() and CreateArenaString() for
cleaner semantics
- Fix unreferenced parameter for MSVC builds
- Add UnsafeSetAllocated to be used for one-of string
fields.
- Make Arena::AllocateAligned() a public function.
- Determine if ArenaDtor related code generation is
necessary in one place.
- Implement on demand register ArenaDtor for
InlinedStringField
- C++:
- Enable testing via CTest (#8737)
- Add option to use external GTest in CMake (#8736)
- CMake: Set correct sonames for libprotobuf-lite.so and
libprotoc.so (#8635) (#9529)
- Add cmake option protobuf_INSTALL to not install files
(#7123)
- CMake: Allow custom plugin options e.g. to generate mocks
(#9105)
- CMake: Use linker version scripts (#9545)
- Manually *struct Cord fields to work better with arenas.
- Manually destruct map fields.
- Generate narrower code
- Fix #9378 by removing
- shadowed cached_size field
- Remove GetPointer() and explicit nullptr defaults.
- Add proto_h flag for speeding up large builds
- Add missing overload for reference wrapped fields.
- Add MergedDescriptorDatabase::FindAllFileNames()
- RepeatedField now defines an iterator type instead of
using a pointer.
- Remove obsolete macros GOOGLE_PROTOBUF_HAS_ONEOF and
GOOGLE_PROTOBUF_HAS_ARENAS.
- PHP:
- Fix: add missing reserved classnames (#9458)
- PHP 8.1 compatibility (#9370)
- C#:
- Fix trim warnings (#9182)
- Fixes NullReferenceException when accessing
FieldDescriptor.IsPacked (#9430)
- Add ToProto() method to all descriptor classes (#9426)
- Add an option to preserve proto names in JsonFormatter
(#6307)
- Objective-C:
- Add prefix_to_proto_package_mappings_path option. (#9498)
- Rename proto_package_to_prefix_mappings_path to
package_to_prefix_mappings_path. (#9552)
- Add a generation option to control use of forward
declarations in headers. (#9568)
- update to 3.19.4:
Python:
* Make libprotobuf symbols local on OSX to fix issue #9395 (#9435)
Ruby:
* Fixed a data loss bug that could occur when the number of optional fields
in a message is an exact multiple of 32
PHP:
* Fixed a data loss bug that could occur when the number of optional fields
in a message is an exact multiple of 32.
- Update to 3.19.3:
C++:
* Make proto2::Message::DiscardUnknownFields() non-virtual
* Separate RepeatedPtrField into its own header file
* For default floating point values of 0, consider all bits significant
* Fix shadowing warnings
* Fix for issue #8484, constant initialization doesn't compile in msvc clang-cl environment
Java:
* Improve performance characteristics of UnknownFieldSet parsing
* For default floating point values of 0, consider all bits significant
* Annotate //java/com/google/protobuf/util/... with nullness annotations
* Use ArrayList copy constructor
Bazel:
* Ensure that release archives contain everything needed for Bazel
* Align dependency handling with Bazel best practices
Javascript:
* Fix ReferenceError: window is not defined when getting the global object
Ruby:
* Fix memory leak in MessageClass.encode
* Override Map.clone to use Map's dup method
* Ruby: build extensions for arm64-darwin
* Add class method Timestamp.from_time to ruby well known types
* Adopt pure ruby DSL implementation for JRuby
* Add size to Map class
* Fix for descriptor_pb.rb: google/protobuf should be required first
Python:
* Proto2 DecodeError now includes message name in error message
* Make MessageToDict convert map keys to strings
* Add python-requires in setup.py
* Add python 3.10
- Update to 3.17.3:
C++
* Introduce FieldAccessListener.
* Stop emitting boilerplate {Copy/Merge}From in each ProtoBuf class
* Provide stable versions of SortAndUnique().
* Make sure to cache proto3 optional message fields when they are cleared.
* Expose UnsafeArena methods to Reflection.
* Use std::string::empty() rather than std::string::size() > 0.
* [Protoc] C++ Resolved an issue where NO_DESTROY and CONSTINIT are in incorrect order (#8296)
* Fix PROTOBUF_CONSTINIT macro redefinition (#8323)
* Delete StringPiecePod (#8353)
* Create a CMake option to control whether or not RTTI is enabled (#8347)
* Make util::Status more similar to absl::Status (#8405)
* The ::pb namespace is no longer exposed due to conflicts.
* Allow MessageDifferencer::TreatAsSet() (and friends) to override previous
calls instead of crashing.
* Reduce the size of generated proto headers for protos with string or
bytes fields.
* Move arena() operation on uncommon path to out-of-line routine
* For iterator-pair function parameter types, take both iterators by value.
* Code-space savings and perhaps some modest performance improvements in
* RepeatedPtrField.
* Eliminate nullptr check from every tag parse.
* Remove unused _$name$cached_byte_size fields.
* Serialize extension ranges together when not broken by a proto field in the
middle.
* Do out-of-line allocation and deallocation of string object in ArenaString.
* Streamline ParseContext::ParseMessage to avoid code bloat and improve
performance.
* New member functions RepeatedField::Assign, RepeatedPtrField::{Add, Assign}.
on an error path.
* util::DefaultFieldComparator will be final in a future version of protobuf.
* Subclasses should inherit from SimpleFieldComparator instead.
Kotlin
* Introduce support for Kotlin protos (#8272)
* Restrict extension setter and getter operators to non-nullable T.
Java
* Fixed parser to check that we are at a proper limit when a sub-message has
finished parsing.
* updating GSON and Guava to more recent versions (#8524)
* Reduce the time spent evaluating isExtensionNumber by storing the extension
ranges in a TreeMap for faster queries. This is particularly relevant for
protos which define a large number of extension ranges, for example when
each tag is defined as an extension.
* Fix java bytecode estimation logic for optional fields.
* Optimize Descriptor.isExtensionNumber.
* deps: update JUnit and Truth (#8319)
* Detect invalid overflow of byteLimit and return InvalidProtocolBufferException as documented.
* Exceptions thrown while reading from an InputStream in parseFrom are now
included as causes.
* Support potentially more efficient proto parsing from RopeByteStrings.
* Clarify runtime of ByteString.Output.toStringBuffer().
* Added UnsafeByteOperations to protobuf-lite (#8426)
Python:
* Add MethodDescriptor.CopyToProto() (#8327)
* Remove unused python_protobuf.{cc,h} (#8513)
* Start publishing python aarch64 manylinux wheels normally (#8530)
* Fix constness issue detected by MSVC standard conforming mode (#8568)
* Make JSON parsing match C++ and Java when multiple fields from the same
oneof are present and all but one is null.
* Fix some constness / char literal issues being found by MSVC standard conforming mode (#8344)
* Switch on 'new' buffer API (#8339)
* Enable crosscompiling aarch64 python wheels under dockcross manylinux docker image (#8280)
* Fixed a bug in text format where a trailing colon was printed for repeated field.
* When TextFormat encounters a duplicate message map key, replace the current
one instead of merging.
Ruby:
* Add support for proto3 json_name in compiler and field definitions (#8356)
* Fixed memory leak of Ruby arena objects. (#8461)
* Fix source gem compilation (#8471)
* Fix various exceptions in Ruby on 64-bit Windows (#8563)
* Fix crash when calculating Message hash values on 64-bit Windows (#8565)
General:
* Support M1 (#8557)
Update to 3.15.8:
- Fixed memory leak of Ruby arena objects (#8461)
Update to 3.15.7:
C++:
* Remove the ::pb namespace (alias) (#8423)
Ruby:
* Fix unbounded memory growth for Ruby <2.7 (#8429)
* Fixed message equality in cases where the message type is different (#8434)
update to 3.15.6:
Ruby:
* Fixed bug in string comparison logic (#8386)
* Fixed quadratic memory use in array append (#8379)
* Fixed SEGV when users pass nil messages (#8363)
* Fixed quadratic memory usage when appending to arrays (#8364)
* Ruby <2.7 now uses WeakMap too, which prevents memory leaks. (#8341)
* Fix for FieldDescriptor.get(msg) (#8330)
* Bugfix for Message.[] for repeated or map fields (#8313)
PHP:
* read_property() handler is not supposed to return NULL (#8362)
Protocol Compiler
* Optional fields for proto3 are enabled by default, and no longer require
the --experimental_allow_proto3_optional flag.
C++:
* Do not disable RTTI by default in the CMake build (#8377)
* Create a CMake option to control whether or not RTTI is enabled (#8361)
* Fix PROTOBUF_CONSTINIT macro redefinition (#8323)
* MessageDifferencer: fixed bug when using custom ignore with multiple
unknown fields
* Use init_seg in MSVC to push initialization to an earlier phase.
* Runtime no longer triggers -Wsign-compare warnings.
* Fixed -Wtautological-constant-out-of-range-compare warning.
* DynamicCastToGenerated works for nullptr input for even if RTTI is disabled
* Arena is refactored and optimized.
* Clarified/specified that the exact value of Arena::SpaceAllocated() is an
implementation detail users must not rely on. It should not be used in
unit tests.
* Change the signature of Any::PackFrom() to return false on error.
* Add fast reflection getter API for strings.
* Constant initialize the global message instances
* Avoid potential for missed wakeup in UnknownFieldSet
* Now Proto3 Oneof fields have 'has' methods for checking their presence in
C++.
* Bugfix for NVCC
* Return early in _InternalSerialize for empty maps.
* Adding functionality for outputting map key values in proto path logging
output (does not affect comparison logic) and stop printing 'value' in the
path. The modified print functionality is in the
MessageDifferencer::StreamReporter.
* Fixed https://github.com/protocolbuffers/protobuf/issues/8129
* Ensure that null char symbol, package and file names do not result in a
crash.
* Constant initialize the global message instances
* Pretty print 'max' instead of numeric values in reserved ranges.
* Removed remaining instances of std::is_pod, which is deprecated in C++20.
* Changes to reduce code size for unknown field handling by making uncommon
cases out of line.
* Fix std::is_pod deprecated in C++20 (#7180)
* Fix some -Wunused-parameter warnings (#8053)
* Fix detecting file as directory on zOS issue #8051 (#8052)
* Don't include sys/param.h for _BYTE_ORDER (#8106)
* remove CMAKE_THREAD_LIBS_INIT from pkgconfig CFLAGS (#8154)
* Fix TextFormatMapTest.DynamicMessage issue#5136 (#8159)
* Fix for compiler warning issue#8145 (#8160)
* fix: support deprecated enums for GCC < 6 (#8164)
* Fix some warning when compiling with Visual Studio 2019 on x64 target (#8125)
Python:
* Provided an override for the reverse() method that will reverse the internal
collection directly instead of using the other methods of the BaseContainer.
* MessageFactory.CreateProtoype can be overridden to customize class creation.
* Fix PyUnknownFields memory leak (#7928)
* Add macOS big sur compatibility (#8126)
JavaScript
* Generate `getDescriptor` methods with `*` as their `this` type.
* Enforce `let/const` for generated messages.
* js/binary/utils.js: Fix jspb.utils.joinUnsignedDecimalString to work with
negative bitsLow and low but non-zero bitsHigh parameter. (#8170)
PHP:
* Added support for PHP 8. (#8105)
* unregister INI entries and fix invalid read on shutdown (#8042)
* Fix PhpDoc comments for message accessors to include '|null'. (#8136)
* fix: convert native PHP floats to single precision (#8187)
* Fixed PHP to support field numbers >=2**28. (#8235)
* feat: add support for deprecated fields to PHP compiler (#8223)
* Protect against stack overflow if the user derives from Message. (#8248)
* Fixed clone for Message, RepeatedField, and MapField. (#8245)
* Updated upb to allow nonzero offset minutes in JSON timestamps. (#8258)
Ruby:
* Added support for Ruby 3. (#8184)
* Rewrote the data storage layer to be based on upb_msg objects from the
upb library. This should lead to much better parsing performance,
particularly for large messages. (#8184).
* Fill out JRuby support (#7923)
* [Ruby] Fix: (SIGSEGV) gRPC-Ruby issue on Windows. memory alloc infinite
recursion/run out of memory (#8195)
* Fix jruby support to handle messages nested more than 1 level deep (#8194)
Java:
* Avoid possible UnsupportedOperationException when using CodedInputSteam
with a direct ByteBuffer.
* Make Durations.comparator() and Timestamps.comparator() Serializable.
* Add more detailed error information for dynamic message field type
validation failure
* Removed declarations of functions declared in java_names.h from
java_helpers.h.
* Now Proto3 Oneof fields have 'has' methods for checking their presence in
Java.
* Annotates Java proto generated *_FIELD_NUMBER constants.
* Add -assumevalues to remove JvmMemoryAccessor on Android.
C#:
* Fix parsing negative Int32Value that crosses segment boundary (#8035)
* Change ByteString to use memory and support unsafe create without copy (#7645)
* Optimize MapField serialization by removing MessageAdapter (#8143)
* Allow FileDescriptors to be parsed with extension registries (#8220)
* Optimize writing small strings (#8149)
- Updated URL to https://github.com/protocolbuffers/protobuf
Update to v3.14.0
Protocol Compiler:
* The proto compiler no longer requires a .proto filename when it is not
generating code.
* Added flag `--deterministic_output` to `protoc --encode=...`.
* Fixed deadlock when using google.protobuf.Any embedded in aggregate options.
C++:
* Arenas are now unconditionally enabled. cc_enable_arenas no longer has
any effect.
* Removed inlined string support, which is incompatible with arenas.
* Fix a memory corruption bug in reflection when mixing optional and
non-optional fields.
* Make SpaceUsed() calculation more thorough for map fields.
* Add stack overflow protection for text format with unknown field values.
* FieldPath::FollowAll() now returns a bool to signal if an out-of-bounds
error was encountered.
* Performance improvements for Map.
* Minor formatting fix when dumping a descriptor to .proto format with
DebugString.
* UBSAN fix in RepeatedField
* When running under ASAN, skip a test that makes huge allocations.
* Fixed a crash that could happen when creating more than 256 extensions in
a single message.
* Fix a crash in BuildFile when passing in invalid descriptor proto.
* Parser security fix when operating with CodedInputStream.
* Warn against the use of AllowUnknownExtension.
* Migrated to C++11 for-range loops instead of index-based loops where
possible. This fixes a lot of warnings when compiling with -Wsign-compare.
* Fix segment fault for proto3 optional
* Adds a CMake option to build `libprotoc` separately
Java
* Bugfix in mergeFrom() when a oneof has multiple message fields.
* Fix RopeByteString.RopeInputStream.read() returning -1 when told to read
0 bytes when not at EOF.
* Redefine remove(Object) on primitive repeated field Lists to avoid
autoboxing.
* Support '\u' escapes in textformat string literals.
* Trailing empty spaces are no longer ignored for FieldMask.
* Fix FieldMaskUtil.subtract to recursively remove mask.
* Mark enums with `@java.lang.Deprecated` if the proto enum has option
`deprecated = true;`.
* Adding forgotten duration.proto to the lite library
Python:
* Print google.protobuf.NullValue as null instead of 'NULL_VALUE' when it is
used outside WKT Value/Struct.
* Fix bug occurring when attempting to deep copy an enum type in python 3.
* Add a setuptools extension for generating Python protobufs
* Remove uses of pkg_resources in non-namespace packages
* [bazel/py] Omit google/__init__.py from the Protobuf runtime
* Removed the unnecessary setuptools package dependency for Python package
* Fix PyUnknownFields memory leak
PHP:
* Added support for '==' to the PHP C extension
* Added `==` operators for Map and Array
* Native C well-known types
* Optimized away hex2bin() call in generated code
* New version of upb, and a new hash function wyhash in third_party
* add missing hasOneof method to check presence of oneof fields
Go:
* Update go_package options to reference google.golang.org/protobuf module.
C#:
* annotate ByteString.CopyFrom(ReadOnlySpan<byte>) as SecuritySafeCritical
* Fix C# optional field reflection when there are regular fields too
* Fix parsing negative Int32Value that crosses segment boundary
Javascript:
* JS: parse (un)packed fields conditionally
Update to version 3.13.0
PHP:
* The C extension is completely rewritten. The new C extension has significantly
better parsing performance and fixes a handful of conformance issues. It will
also make it easier to add support for more features like proto2 and proto3 presence.
* The new C extension does not support PHP 5.x. PHP 5.x users can still use pure-PHP.
C++:
* Removed deprecated unsafe arena string accessors
* Enabled heterogeneous lookup for std::string keys in maps.
* Removed implicit conversion from StringPiece to std::string
* Fix use-after-destroy bug when the Map is allocated in the arena.
* Improved the randomness of map ordering
* Added stack overflow protection for text format with unknown fields
* Use std::hash for proto maps to help with portability.
* Added more Windows macros to proto whitelist.
* Arena constructors for map entry messages are now marked 'explicit'
(for regular messages they were already explicit).
* Fix subtle aliasing bug in RepeatedField::Add
* Fix mismatch between MapEntry ByteSize and Serialize with respect to unset
fields.
Python:
* JSON format conformance fixes:
* Reject lowercase t for Timestamp json format.
* Print full_name directly for extensions (no camelCase).
* Reject boolean values for integer fields.
* Reject NaN, Infinity, -Infinity that is not quoted.
* Base64 fixes for bytes fields: accept URL-safe base64 and missing padding.
* Bugfix for fields/files named 'async' or 'await'.
* Improved the error message when AttributeError is returned from __getattr__
in EnumTypeWrapper.
Java:
* Fixed a bug where setting optional proto3 enums with setFooValue() would
not mark the value as present.
* Add Subtract function to FieldMaskUtil.
C#:
* Dropped support for netstandard1.0 (replaced by support for netstandard1.1).
This was required to modernize the parsing stack to use the `Span<byte>`
type internally
* Add `ParseFrom(ReadOnlySequence<byte>)` method to enable GC friendly
parsing with reduced allocations and buffer copies
* Add support for serialization directly to a `IBufferWriter<byte>` or
to a `Span<byte>` to enable GC friendly serialization.
The new API is available as extension methods on the `IMessage` type
* Add `GOOGLE_PROTOBUF_REFSTRUCT_COMPATIBILITY_MODE` define to make
generated code compatible with old C# compilers (pre-roslyn compilers
from .NET framework and old versions of mono) that do not support
ref structs. Users that are still on a legacy stack that does
not support C# 7.2 compiler might need to use the new define
in their projects to be able to build the newly generated code
* Due to the major overhaul of parsing and serialization internals,
it is recommended to regenerate your generated code to achieve the best
performance (the legacy generated code will still work, but might incur
a slight performance penalty).
Update to version 3.12.3; notable changes since 3.11.4:
Protocol Compiler:
* [experimental] Singular, non-message typed fields in proto3 now support
presence tracking. This is enabled by adding the 'optional' field label and
passing the --experimental_allow_proto3_optional flag to protoc.
* For usage info, see docs/field_presence.md.
* During this experimental phase, code generators should update to support
proto3 presence, see docs/implementing_proto3_presence.md for instructions.
* Allow duplicate symbol names when multiple descriptor sets are passed on
the command-line, to match the behavior when multiple .proto files are passed.
* Deterministic `protoc --descriptor_set_out` (#7175)
Objective-C:
* Tweak the union used for Extensions to support old generated code. #7573
* Fix for the :protobuf_objc target in the Bazel BUILD file. (#7538)
* [experimental] ObjC Proto3 optional support (#7421)
* Block subclassing of generated classes (#7124)
* Use references to Obj C classes instead of names in descriptors. (#7026)
* Revisit how the WKTs are bundled with ObjC. (#7173)
C++:
* Simplified the template export macros to fix the build for mingw32. (#7539)
* [experimental] Added proto3 presence support.
* New descriptor APIs to support proto3 presence.
* Enable Arenas by default on all .proto files.
* Documented that users are not allowed to subclass Message or MessageLite.
* Mark generated classes as final; inheriting from protos is strongly discouraged.
* Add stack overflow protection for text format with unknown fields.
* Add accessors for map key and value FieldDescriptors.
* Add FieldMaskUtil::FromFieldNumbers().
* MessageDifferencer: use ParsePartial() on Any fields so the diff does not
fail when there are missing required fields.
* ReflectionOps::Merge(): lookup messages in the right factory, if it can.
* Added Descriptor::WellKnownTypes enum and Descriptor::well_known_type()
accessor as an easier way of determining if a message is a Well-Known Type.
* Optimized RepeatedField::Add() when it is used in a loop.
* Made proto move/swap more efficient.
* De-virtualize the GetArena() method in MessageLite.
* Improves performance of json_stream_parser.cc by factor 1000 (#7230)
* bug: #7076 undefine Windows OUT and OPTIONAL macros (#7087)
* Fixed a bug in FieldDescriptor::DebugString() that would erroneously print
an 'optional' label for a field in a oneof.
* Fix bug in parsing bool extensions that assumed they are always 1 byte.
* Fix off-by-one error in FieldOptions::ByteSize() when extensions are present.
* Clarified the comments to show an example of the difference between
Descriptor::extension and DescriptorPool::FindAllExtensions.
* Add a compiler option 'code_size' to force optimize_for=code_size on all
protos where this is possible.
Ruby:
* Re-add binary gems for Ruby 2.3 and 2.4. These are EOL upstream, however
many people still use them and dropping support will require more
coordination.
* [experimental] Implemented proto3 presence for Ruby. (#7406)
* Stop building binary gems for ruby <2.5 (#7453)
* Fix for wrappers with a zero value (#7195)
* Fix for JSON serialization of 0/empty-valued wrapper types (#7198)
* Call 'Class#new' over rb_class_new_instance in decoding (#7352)
* Build extensions for Ruby 2.7 (#7027)
* assigning 'nil' to submessage should clear the field. (#7397)
Java:
* [experimental] Added proto3 presence support.
* Mark java enum _VALUE constants as @Deprecated if the enum field is deprecated
* reduce <clinit> size for enums with allow_alias set to true.
* Sort map fields alphabetically by the field's key when printing textproto.
* Fixed a bug in map sorting that appeared in -rc1 and -rc2 (#7508).
* TextFormat.merge() handles Any as top level type.
* Throw a descriptive IllegalArgumentException when calling
getValueDescriptor() on enum special value UNRECOGNIZED instead of
ArrayIndexOutOfBoundsException.
* Fixed an issue with JsonFormat.printer() where setting printingEnumsAsInts()
would override the configuration passed into includingDefaultValueFields().
* Implement overrides of indexOf() and contains() on primitive lists returned
for repeated fields to avoid autoboxing the list contents.
* Add overload to FieldMaskUtil.fromStringList that accepts a descriptor.
* [bazel] Move Java runtime/toolchains into //java (#7190)
Python:
* [experimental] Added proto3 presence support.
* [experimental] fast import protobuf module, only works with cpp generated code linked in.
* Truncate 'float' fields to 4 bytes of precision in setters for pure-Python
implementation (C++ extension was already doing this).
* Fixed a memory leak in C++ bindings.
* Added a deprecation warning when code tries to create Descriptor objects
directly.
* Fix unintended comparison between bytes and string in descriptor.py.
* Avoid printing excess digits for float fields in TextFormat.
* Remove Python 2.5 syntax compatibility from the proto compiler generated _pb2.py module code.
* Drop 3.3, 3.4 and use single version docker images for all python tests (#7396)
JavaScript:
* Fix js message pivot selection (#6813)
PHP:
* Persistent Descriptor Pool (#6899)
* Implement lazy loading of php class for proto messages (#6911)
* Correct @return in Any.unpack docblock (#7089)
* Ignore unknown enum value when ignore_unknown specified (#7455)
C#:
* [experimental] Add support for proto3 presence fields in C# (#7382)
* Mark GetOption API as obsolete and expose the 'GetOptions()' method on descriptors instead (#7491)
* Remove Has/Clear members for C# message fields in proto2 (#7429)
* Enforce recursion depth checking for unknown fields (#7132)
* Fix conformance test failures for Google.Protobuf (#6910)
* Cleanup various bits of Google.Protobuf (#6674)
* Fix latest ArgumentException for C# extensions (#6938)
* Remove unnecessary branch from ReadTag (#7289)
Other:
* Add a proto_lang_toolchain for javalite (#6882)
* [bazel] Update gtest and deprecate //external:{gtest,gtest_main} (#7237)
* Add application note for explicit presence tracking. (#7390)
* Howto doc for implementing proto3 presence in a code generator. (#7407)
Update to version 3.11.4; notable changes since 3.9.2:
* C++: Make serialization method naming consistent
* C++: Moved ShutdownProtobufLibrary() to message_lite.h. For
backward compatibility a declaration is still available
in stubs/common.h, but users should prefer message_lite.h
* C++: Removed non-namespace macro EXPECT_OK()
* C++: Removed mathlimits.h from stubs in favor of using
std::numeric_limits from C++11
* C++: Support direct pickling of nested messages
* C++: Disable extension code gen for C#
* C++: Switch the proto parser to the faster MOMI parser
* C++: Unused imports of files defining descriptor extensions
will now be reported
* C++: Add proto2::util::RemoveSubranges to remove multiple
subranges in linear time
* C++: Support 32 bit values for ProtoStreamObjectWriter to Struct
* C++: Removed the internal-only header coded_stream_inl.h and
the internal-only methods defined there
* C++: Enforced no SWIG wrapping of descriptor_database.h
(other headers already had this restriction)
* C++: Implementation of the equivalent of the MOMI parser for
serialization. This removes one of the two serialization
routines, by making the fast array serialization routine
completely general. SerializeToCodedStream can now be
implemented in terms of the much much faster array
serialization. The array serialization regresses slightly,
but when array serialization is not possible this wins big
* C++: Add move constructor for Reflection's SetString
* Java: Remove the usage of MethodHandle, so that Android users
prior to API version 26 can use protobuf-java
* Java: Publish ProGuard config for javalite
* Java: Include unknown fields when merging proto3 messages in
Java lite builders
* Java: Have oneof enums implement a separate interface (other
than EnumLite) for clarity
* Java: Opensource Android Memory Accessors
* Java: Change ProtobufArrayList to use Object[] instead of
ArrayList for 5-10% faster parsing
* Java: Make a copy of JsonFormat.TypeRegistry at the protobuf
top level package. This will eventually replace
JsonFormat.TypeRegistry
* Java: Add Automatic-Module-Name entries to the Manifest
* Python: Add float_precision option in json format printer
* Python: Optionally print bytes fields as messages in unknown
fields, if possible
* Python: Experimental code gen (fast import protobuf module)
which only work with cpp generated code linked in
* Python: Add descriptor methods in descriptor_pool are deprecated
* Python: Added delitem for Python extension dict
* JavaScript: Remove guard for Symbol iterator for jspb.Map
* JavaScript: Remove deprecated boolean option to getResultBase64String()
* JavaScript: Change the parameter types of binaryReaderFn in
ExtensionFieldBinaryInfo to (number, ?, ?)
* JavaScript: Create dates.ts and time_of_days.ts to mirror Java
versions. This is a near-identical conversion of
c.g.type.util.{Dates,TimeOfDays} respectively
* JavaScript: Migrate moneys to TypeScript
* PHP: Increase php7.4 compatibility
* PHP: Implement lazy loading of php class for proto messages
* Ruby: Support hashes for struct initializers
* C#: Experimental proto2 support is now officially available
* C#: Change _Extensions property to normal body rather than expression
* Objective C: Remove OSReadLittle* due to alignment requirements
* Other: Override CocoaPods module to lowercase
* further bugfixes and optimisations
- Install LICENSE
- Drop protobuf-libs as it is just workaround for rpmlint issue
* python bindings now require recent python-google-apputils
* Released memory allocated by InitializeDefaultRepeatedFields()
and GetEmptyString(). Some memory sanitizers reported them
* Updated DynamicMessage.setField() to handle repeated enum
* Fixed a bug that caused NullPointerException to be thrown when
converting manually constructed FileDescriptorProto to
* Added oneofs(unions) feature. Fields in the same oneof will
* Files, services, enums, messages, methods and enum values
* Added Support for list values, including lists of mesaages,
* Added SwapFields() in reflection API to swap a subset of
* Repeated primitive extensions are now packable. The
it is possible to switch a repeated extension field to
* writeTo() method in ByteString can now write a substring to
* java_generate_equals_and_hash can now be used with the
* A new C++-backed extension module (aka 'cpp api v2') that
replaces the old ('cpp api v1') one. Much faster than the
pure Python code. This one resolves many bugs and is
mosh reqires it
python-abseil was udpated:
version update to 1.4.0
New:
(testing) Added @flagsaver.as_parsed: this allows saving/restoring flags
using string values as if parsed from the command line and will also reflect
other flag states after command line parsing, e.g. .present is set.
Changed:
(logging) If no log dir is specified logging.find_log_dir() now falls back
to tempfile.gettempdir() instead of /tmp/.
Fixed:
(flags) Additional kwargs (e.g. short_name=) to DEFINE_multi_enum_class
are now correctly passed to the underlying Flag object.
version update to 1.2.0
* Fixed a crash in Python 3.11 when `TempFileCleanup.SUCCESS` is used.
* `Flag` instances now raise an error if used in a bool context. This prevents
the occasional mistake of testing an instance for truthiness rather than
testing `flag.value`.
* `absl-py` no longer depends on `six`.
Update to version 1.0.0
* absl-py no longer supports Python 2.7, 3.4, 3.5. All versions
have reached end-of-life for more than a year now.
* New releases will be tagged as vX.Y.Z instead of pypi-vX.Y.Z in
the git repo going forward.
- Release notes for 0.15.0
* (testing) #128: When running bazel with its --test_filter=
flag, it now treats the filters as unittest's -k flag in Python
3.7+.
- Release notes for 0.14.1
* Top-level LICENSE file is now exported in bazel.
- Release notes for 0.14.0
* #171: Creating argparse_flags.ArgumentParser with
argument_default= no longer raises an exception when other
absl.flags flags are defined.
* #173: absltest now correctly sets up test filtering and fail
fast flags when an explicit argv= parameter is passed to
absltest.main.
- Release notes for 0.13.0
* (app) Type annotations for public app interfaces.
* (testing) Added new decorator @absltest.skipThisClass to
indicate a class contains shared functionality to be used as a
base class for other TestCases, and therefore should be
skipped.
* (app) Annotated the flag_parser paramteter of run as
keyword-only. This keyword-only constraint will be enforced at
runtime in a future release.
* (app, flags) Flag validations now include all errors from
disjoint flag sets, instead of fail fast upon first error from
all validators. Multiple validators on the same flag still
fails fast.
- Release notes for 0.12.0
* (flags) Made EnumClassSerializer and EnumClassListSerializer
public.
* (flags) Added a required: Optional[bool] = False parameter to
DEFINE_* functions.
* (testing) flagsaver overrides can now be specified in terms of
FlagHolder.
* (testing) parameterized.product: Allows testing a method over
cartesian product of parameters values, specified as a
sequences of values for each parameter or as kwargs-like dicts
of parameter values.
* (testing) Added public flag holders for --test_srcdir and
--test_tmpdir. Users should use absltest.TEST_SRCDIR.value and
absltest.TEST_TMPDIR.value instead of FLAGS.test_srcdir and
FLAGS.test_tmpdir.
* (flags) Made CsvListSerializer respect its delimiter argument.
- Add Provides python-absl-py
python-grpcuio was updated:
- Update to version 1.60.0:
* No python specfic changes.
- Update to version 1.59.2:
* No python specific changes.
- Update to version 1.59.0:
* [Python 3.12] Support Python 3.12 (gh#grpc/grpc#34398).
* [Python 3.12] Deprecate distutil (gh#grpc/grpc#34186).
- Update to version 1.58.0:
* [Bazel] Enable grpcio-reflection to be used via Bazel
(gh#grpc/grpc#31013).
* [packaging] Publish xds-protos as part of the standard package
pipeline (gh#grpc/grpc#33797).
- Update to version 1.57.0: (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)
* [posix] Enable systemd sockets for libsystemd>=233
(gh#grpc/grpc#32671).
* [python O11Y] Initial Implementation (gh#grpc/grpc#32974).
- Build with LTO (don't set _lto_cflags to %nil).
- No need to pass '-std=c++17' to build CFLAGS.
- Update to version 1.56.2:
* [WRR] backport (gh#grpc/grpc#33694) to 1.56
(gh#grpc/grpc#33698)
* [backport][iomgr][EventEngine] Improve server handling of
file descriptor exhaustion (gh#grpc/grpc#33667)
- Switch build to pip/wheel.
- Use system abseil with '-std=c++17' to prevent undefined symbol
eg. with python-grpcio-tools (_ZN3re23RE213GlobalReplaceEPNSt7__
cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKS0_N4absl12lts_
2023012511string_viewE)
- Upstream only supports python >= 3.7, so adjust BuildRequires
accordingly.
- Add %{?sle15_python_module_pythons}
- Update to version 1.56.0: (CVE-2023-32731, bsc#1212180)
* [aio types] Fix some grpc.aio python types
(gh#grpc/grpc#32475).
- Update to version 1.55.0:
* [EventEngine] Disable EventEngine polling in gRPC Python
(gh#grpc/grpc#33279) (gh#grpc/grpc#33320).
* [Bazel Python3.11] Update Bazel dependencies for Python 3.11
(gh#grpc/grpc#33318) (gh#grpc/grpc#33319).
- Drop Requires: python-six; not required any more.
- Switch Suggests to Recommends.
- Update to version 1.54.0: (CVE-2023-32732, bsc#1212182)
* Fix DeprecationWarning when calling asyncio.get_event_loop()
(gh#grpc/grpc#32533).
* Remove references to deprecated syntax field
(gh#grpc/grpc#32497).
- Update to version 1.51.1:
* No Linux specific changes.
- Changes from version 1.51.0:
* Fix lack of cooldown between poll attempts
(gh#grpc/grpc#31550).
* Remove enum and future (gh#grpc/grpc#31381).
* [Remove Six] Remove dependency on six (gh#grpc/grpc#31340).
* Update xds-protos package to pull in protobuf 4.X
(gh#grpc/grpc#31113).
- Update to version 1.50.0:
* Support Python 3.11. [gh#grpc/grpc#30818].
- Update to version 1.49.1
* Support Python 3.11. (#30818)
* Add type stub generation support to grpcio-tools. (#30498)
- Update to version 1.48.0:
* [Aio] Ensure Core channel closes when deallocated
[gh#grpc/grpc#29797].
* [Aio] Fix the wait_for_termination return value
[gh#grpc/grpc#29795].
- update to 1.46.3:
* backport: xds: use federation env var to guard new-style resource name parsing
* This release contains refinements, improvements, and bug fixes.
- Update to version 1.46.0:
* Add Python GCF Distribtest [gh#grpc/grpc#29303].
* Add Python Reflection Client [gh#grpc/grpc#29085].
* Revert 'Fix prefork handler register's default behavior'
[gh#grpc/grpc#29229].
* Fix prefork handler register's default behavior
[gh#grpc/grpc#29103].
* Fix fetching CXX variable in setup.py [gh#grpc/grpc#28873].
- Update to version 1.45.0:
* Reimplement Gevent Integration [gh#grpc/grpc#28276].
* Support musllinux binary wheels on x64 and x86
[gh#grpc/grpc#28092].
* Increase the Python protobuf requirement to >=3.12.0
[gh#grpc/grpc#28604].
- Build with system re2; add BuildRequires: pkgconfig(re2).
- Update to version 1.44.0:
* Add python async example for hellostreamingworld using
generator (gh#grpc/grpc#27343).
* Disable __wrap_memcpy hack for Python builds
(gh#grpc/grpc#28410).
* Bump Bazel Python Cython dependency to 0.29.26
(gh#grpc/grpc#28398).
* Fix libatomic linking on Raspberry Pi OS Bullseye
(gh#grpc/grpc#28041).
* Allow generated proto sources in remote repositories for
py_proto_library (gh#grpc/grpc#28103).
- Update to version 1.43.0:
* [Aio] Validate the input type for set_trailing_metadata and
abort (gh#grpc/grpc#27958).
- update to 1.41.1:
* This is release 1.41.0 (goat) of gRPC Core.
- Update to version 1.41.0:
* Add Python 3.10 support and drop 3.5 (gh#grpc/grpc#26074).
* [Aio] Remove custom IO manager support (gh#grpc/grpc#27090).
- Update to version 1.39.0:
* Python AIO: Match continuation typing on Interceptors
(gh#grpc/grpc#26500).
* Workaround #26279 by publishing manylinux_2_24 wheels instead
of manylinux2014 on aarch64 (gh#grpc/grpc#26430).
* Fix zlib unistd.h import problem (gh#grpc/grpc#26374).
* Handle gevent exception in gevent poller (gh#grpc/grpc#26058).
- Update to version 1.38.1:
* Backport gh#grpc/grpc#26430 and gh#grpc/grpc#26435 to v1.38.x
(gh#grpc/grpc#26436).
- Update to version 1.38.0:
* Add grpcio-admin Python package (gh#grpc/grpc#26166).
* Add CSDS API to Python (gh#grpc/grpc#26114).
* Expose code and details from context on the server side
(gh#grpc/grpc#25457).
* Explicitly import importlib.abc; required on Python 3.10.
Fixes #26062 (gh#grpc/grpc#26083).
* Fix potential deadlock on the GIL in AuthMetdataPlugin
(gh#grpc/grpc#26009).
* Introduce new Python package 'xds_protos'
(gh#grpc/grpc#25975).
* Remove async mark for set_trailing_metadata interface
(gh#grpc/grpc#25814).
- Update to version 1.37.1:
* No user visible changes.
- Changes from version 1.37.0:
* Clarify Guarantees about grpc.Future Interface
(gh#grpc/grpc#25383).
* [Aio] Add time_remaining method to ServicerContext
(gh#grpc/grpc#25719).
* Standardize all environment variable boolean configuration in
python's setup.py (gh#grpc/grpc#25444).
* Fix Signal Safety Issue (gh#grpc/grpc#25394).
- Update to version 1.36.1:
* Core: back-port: add env var protection for google-c2p
resolver (gh#grpc/grpc#25569).
- Update to version 1.35.0:
* Implement Python Client and Server xDS Creds.
(gh#grpc/grpc#25365)
* Add %define _lto_cflags %{nil} (bsc#1182659) (rh#1893533)
* Link roots.pem to ca-bundle.pem from ca-certificates package
- Update to version 1.34.1:
* Backport 'Lazily import grpc_tools when using runtime
stub/message generation' to 1.34.x (gh#grpc/grpc#25011).
- Update to version 1.34.0:
* Incur setuptools as an dependency for grpcio_tools
(gh#grpc/grpc#24752).
* Stop the spamming log generated by ctrl-c for AsyncIO server
(gh#grpc/grpc#24718).
* [gRPC Easy] Make Well-Known Types Available to Runtime Protos
(gh#grpc/grpc#24478).
* Bump MACOSX_DEPLOYMENT_TARGET to 10.10 for Python
(gh#grpc/grpc#24480).
* Make Python 2 an optional dependency for Bazel build
(gh#grpc/grpc#24407).
* [Linux] [macOS] Support pre-compiled Python 3.9 wheels
(gh#grpc/grpc#24356).
- Update to version 1.33.2:
* [Backport] Implement grpc.Future interface in
SingleThreadedRendezvous (gh#grpc/grpc#24574).
- Update to version 1.33.1:
* [Backport] Make Python 2 an optional dependency for Bazel
build (gh#grpc/grpc#24452).
* Allow asyncio API to be imported as grpc.aio.
(gh#grpc/grpc#24289).
* [gRPC Easy] Fix import errors on Windows (gh#grpc/grpc#24124).
* Make version check for importlib.abc in grpcio-tools more
stringent (gh#grpc/grpc#24098).
Added re2 package in version 2024-02-01.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1127-1
Released: Mon Apr 8 07:07:09 2024
Summary: Recommended update for wicked
Type: recommended
Severity: important
References: 1220996,1221194,1221358
This update for wicked fixes the following issues:
- Fix fallback-lease drop in addrconf (bsc#1220996)
- Use upstream `nvme nbft show` (bsc#1221358)
- Hide secrets in debug log (bsc#1221194)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1129-1
Released: Mon Apr 8 09:12:08 2024
Summary: Security update for expat
Type: security
Severity: important
References: 1219559,1221289,CVE-2023-52425,CVE-2024-28757
This update for expat fixes the following issues:
- CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559)
- CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1133-1
Released: Mon Apr 8 11:29:02 2024
Summary: Security update for ncurses
Type: security
Severity: moderate
References: 1220061,CVE-2023-45918
This update for ncurses fixes the following issues:
- CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color file (bsc#1220061).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1136-1
Released: Mon Apr 8 11:30:15 2024
Summary: Security update for c-ares
Type: security
Severity: moderate
References: 1220279,CVE-2024-25629
This update for c-ares fixes the following issues:
- CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1151-1
Released: Mon Apr 8 11:36:23 2024
Summary: Security update for curl
Type: security
Severity: moderate
References: 1221665,1221667,CVE-2024-2004,CVE-2024-2398
This update for curl fixes the following issues:
- CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665)
- CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1167-1
Released: Mon Apr 8 15:11:11 2024
Summary: Security update for nghttp2
Type: security
Severity: important
References: 1221399,CVE-2024-28182
This update for nghttp2 fixes the following issues:
- CVE-2024-28182: Fixed denial of service via http/2 continuation frames (bsc#1221399)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1172-1
Released: Tue Apr 9 09:52:32 2024
Summary: Security update for util-linux
Type: security
Severity: important
References: 1207987,1221831,CVE-2024-28085
This update for util-linux fixes the following issues:
- CVE-2024-28085: Properly neutralize escape sequences in wall. (bsc#1221831)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1176-1
Released: Tue Apr 9 10:43:33 2024
Summary: Recommended update for hwdata
Type: recommended
Severity: moderate
References:
This update for hwdata fixes the following issues:
- Update to 0.380
- Update pci, usb and vendor ids
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1192-1
Released: Wed Apr 10 09:14:37 2024
Summary: Security update for less
Type: security
Severity: important
References: 1219901,CVE-2022-48624
This update for less fixes the following issues:
- CVE-2022-48624: Fixed LESSCLOSE handling in less that does not quote shell metacharacters (bsc#1219901).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1201-1
Released: Thu Apr 11 10:47:58 2024
Summary: Recommended update for xfsprogs-scrub and jctools
Type: recommended
Severity: low
References: 1190495,1213418
This update for xfsprogs-scrub fixes the following issues:
- Added missing xfsprogs-scrub to Package Hub for SLE-15-SP5 (bsc#1190495)
- Added missing jctools to Package Hub for SLE-15-SP5 (bsc#1213418)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1206-1
Released: Thu Apr 11 12:56:24 2024
Summary: Recommended update for rpm
Type: recommended
Severity: moderate
References: 1222259
This update for rpm fixes the following issues:
- remove imaevmsign plugin from rpm-ndb [bsc#1222259]
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1231-1
Released: Thu Apr 11 15:20:40 2024
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1220441
This update for glibc fixes the following issues:
- duplocale: protect use of global locale (bsc#1220441, BZ #23970)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1253-1
Released: Fri Apr 12 08:15:18 2024
Summary: Recommended update for gcc13
Type: recommended
Severity: moderate
References: 1210959,1214934,1217450,1217667,1218492,1219031,1219520,1220724,1221239
This update for gcc13 fixes the following issues:
- Fix unwinding for JIT code. [bsc#1221239]
- Revert libgccjit dependency change. [bsc#1220724]
- Remove crypt and crypt_r interceptors. The crypt API change in SLE15 SP3
breaks them. [bsc#1219520]
- Add support for -fmin-function-alignment. [bsc#1214934]
- Use %{_target_cpu} to determine host and build.
- Fix for building TVM. [bsc#1218492]
- Add cross-X-newlib-devel requires to newlib cross compilers.
[bsc#1219031]
- Package m2rte.so plugin in the gcc13-m2 sub-package rather than in gcc13-devel. [bsc#1210959]
- Require libstdc++6-devel-gcc13 from gcc13-m2 as m2 programs are linked against libstdc++6.
- Fixed building mariadb on i686. [bsc#1217667]
- Avoid update-alternatives dependency for accelerator crosses.
- Package tool links to llvm in cross-amdgcn-gcc13 rather than in
cross-amdgcn-newlib13-devel since that also has the dependence.
- Depend on llvmVER instead of llvm with VER equal to
%product_libs_llvm_ver where available and adjust tool discovery
accordingly. This should also properly trigger re-builds when
the patchlevel version of llvmVER changes, possibly changing
the binary names we link to. [bsc#1217450]
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1271-1
Released: Fri Apr 12 15:35:55 2024
Summary: Security update for gnutls
Type: security
Severity: moderate
References: 1221242,1221746,1221747,CVE-2024-28834,CVE-2024-28835
This update for gnutls fixes the following issues:
- CVE-2024-28834: Fixed side-channel in the deterministic ECDSA (bsc#1221746)
- CVE-2024-28835: Fixed denial of service during certificate chain verification (bsc#1221747)
Other fixes:
- jitterentropy: Release the memory of the entropy collector when
using jitterentropy with phtreads as there is also a
pre-intitization done in the main thread (bsc#1221242)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1279-1
Released: Fri Apr 12 21:35:09 2024
Summary: Recommended update for python3
Type: recommended
Severity: moderate
References: 1222109
This update for python3 fixes the following issue:
- Fix syslog making default 'ident' from sys.argv (bsc#1222109)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1287-1
Released: Mon Apr 15 15:03:40 2024
Summary: Security update for vim
Type: security
Severity: important
References: 1215005,1217316,1217320,1217321,1217324,1217326,1217329,1217330,1217432,1219581,CVE-2023-4750,CVE-2023-48231,CVE-2023-48232,CVE-2023-48233,CVE-2023-48234,CVE-2023-48235,CVE-2023-48236,CVE-2023-48237,CVE-2023-48706,CVE-2024-22667
This update for vim fixes the following issues:
Updated to version 9.1.0111, fixes the following security problems
- CVE-2023-48231: Use-After-Free in win_close() (bsc#1217316).
- CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320).
- CVE-2023-48233: overflow with count for :s command (bsc#1217321).
- CVE-2023-48234: overflow in nv_z_get_count (bsc#1217324).
- CVE-2023-48235: overflow in ex address parsing (CVE-2023-48235).
- CVE-2023-48236: overflow in get_number (bsc#1217329).
- CVE-2023-48237: overflow in shift_line (bsc#1217330).
- CVE-2023-48706: heap-use-after-free in ex_substitute (bsc#1217432).
- CVE-2024-22667: stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581).
- CVE-2023-4750: Heap use-after-free in function bt_quickfix (bsc#1215005).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1295-1
Released: Mon Apr 15 18:37:21 2024
Summary: Security update for xen
Type: security
Severity: moderate
References: 1027519,1221984,1222302,1222453,CVE-2023-46842,CVE-2024-2201,CVE-2024-31142
This update for xen fixes the following issues:
- CVE-2023-46842: Fixed denial of service due to Xen bug check triggered by HVM hypercalls (XSA-454) in xen x86 (bsc#1221984)
- CVE-2024-31142: Fixed incorrect logic for BTC/SRSO mitigations (XSA-455) in xen x86 (bsc#1222302)
- CVE-2024-2201: Fixed memory disclosure via Native Branch History Injection (XSA-456) in xen x86 (bsc#1222453)
Other fixes:
- Update to Xen 4.17.4 (bsc#1027519)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1331-1
Released: Wed Apr 17 19:39:59 2024
Summary: Recommended update for grub2
Type: recommended
Severity: moderate
References: 1221866
This update for grub2 fixes the following issues:
- Fix LPAR falls into grub shell after installation with lvm (bsc#1221866)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1333-1
Released: Thu Apr 18 13:30:04 2024
Summary: Recommended update for samba
Type: recommended
Severity: moderate
References: 1218431,1219937
This update for samba fixes the following issues:
- fd_handle_destructor() panics within an smbd_smb2_close() if vfs_stat_fsp() fails in fd_close() (bsc#1219937).
- Remove -x from bash shebang update-apparmor-samba-profile; (bsc#1218431).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1336-1
Released: Thu Apr 18 14:44:43 2024
Summary: Recommended update for wicked
Type: recommended
Severity: moderate
References: 1222105
This update for wicked fixes the following issues:
- Do not convert sec to msec twice (bsc#1222105)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1344-1
Released: Thu Apr 18 18:50:37 2024
Summary: Recommended update for libzypp, zypper
Type: recommended
Severity: moderate
References: 1175678,1218171,1221525,1222086
This update for libzypp, zypper fixes the following issues:
- Fix creation of sibling cache dirs with too restrictive mode (bsc#1222398)
- Update RepoStatus fromCookieFile according to the files mtime (bsc#1222086)
- TmpFile: Don't call chmod if makeSibling failed
- Fixup New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- Add resolver option 'removeOrphaned' for distupgrade (bsc#1221525)
- New VendorSupportOption flag VendorSupportSuperseded (jsc#OBS-301, jsc#PED-8014)
- Add default stripe minimum
- Don't expose std::optional where YAST/PK explicitly use c++11.
- Digest: Avoid using the deprecated OPENSSL_config
- version 17.32.0
- ProblemSolution::skipsPatchesOnly overload to handout the patches
- Show active dry-run/download-only at the commit propmpt
- Add --skip-not-applicable-patches option
- Fix printing detailed solver problem description
- Fix bash-completion to work with right adjusted numbers in the 1st column too
- Set libzypp shutdown request signal on Ctrl+C
- In the detailed view show all baseurls not just the first one (bsc#1218171)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1352-1
Released: Fri Apr 19 15:28:38 2024
Summary: Recommended update for cloud-init
Type: recommended
Severity: important
References: 1220132,1221132,1221726,1222113
This update for cloud-init contains the following fixes:
- Add cloud-init-no-nmcfg-needed.patch (bsc#1221726)
+ Do not require a NetworkManager config file in order to detect
NetworkManager as the renderer
- Add cloud-init-no-openstack-guess.patch (bsc#1222113)
+ Do not guess if we are running on OpenStack or not. Only recognize
the known markers and enable cloud-init if we know for sure.
- Do not guess a data source when checking for a CloudStack
environment. (bsc#1221132)
- Hardcode distribution to suse for proper cloud.cfg generation
(bsc#1220132).
- Prepare for RPM 4.20 switch patch syntax
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1366-1
Released: Mon Apr 22 11:04:32 2024
Summary: Recommended update for openssh
Type: recommended
Severity: moderate
References: 1216474,1218871,1221123,1222831
This update for openssh fixes the following issues:
- Fix hostbased ssh login failing occasionally with 'signature
unverified: incorrect signature' by fixing a typo in patch (bsc#1221123)
- Avoid closing IBM Z crypto devices nodes. (bsc#1218871)
- Allow usage of IBM Z crypto adapter cards in seccomp filters (bsc#1216474)
- Change the default value of UpdateHostKeys to Yes (unless
VerifyHostKeyDNS is enabled).
This makes ssh update the known_hosts stored keys with all published
versions by the server (after it's authenticated with an existing
key), which will allow to identify the server with a different key if
the existing key is considered insecure at some point in the future
(bsc#1222831).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1368-1
Released: Mon Apr 22 11:06:29 2024
Summary: Security update for shim
Type: security
Severity: important
References: 1198101,1205588,1205855,1210382,1213945,1215098,1215099,1215100,1215101,1215102,1215103,1219460,CVE-2022-28737,CVE-2023-40546,CVE-2023-40547,CVE-2023-40548,CVE-2023-40549,CVE-2023-40550,CVE-2023-40551
This update for shim fixes the following issues:
- Update shim-install to set the TPM2 SRK algorithm (bsc#1213945)
- Limit the requirement of fde-tpm-helper-macros to the distro with
suse_version 1600 and above (bsc#1219460)
Update to version 15.8:
Security issues fixed:
- mok: fix LogError() invocation (bsc#1215099,CVE-2023-40546)
- avoid incorrectly trusting HTTP headers (bsc#1215098,CVE-2023-40547)
- Fix integer overflow on SBAT section size on 32-bit system (bsc#1215100,CVE-2023-40548)
- Authenticode: verify that the signature header is in bounds (bsc#1215101,CVE-2023-40549)
- pe: Fix an out-of-bound read in verify_buffer_sbat() (bsc#1215102,CVE-2023-40550)
- pe-relocate: Fix bounds check for MZ binaries (bsc#1215103,CVE-2023-40551)
The NX flag is disable which is same as the default value of shim-15.8, hence, not need to enable it by this patch now.
- Generate dbx during build so we don't include binary files in sources
- Don't require grub so shim can still be used with systemd-boot
- Update shim-install to fix boot failure of ext4 root file system
on RAID10 (bsc#1205855)
- Adopt the macros from fde-tpm-helper-macros to update the
signature in the sealed key after a bootloader upgrade
- Update shim-install to amend full disk encryption support
- Adopt TPM 2.0 Key File for grub2 TPM 2.0 protector
- Use the long name to specify the grub2 key protector
- cryptodisk: support TPM authorized policies
- Do not use tpm_record_pcrs unless the command is in command.lst
- Removed POST_PROCESS_PE_FLAGS=-N from the build command in shim.spec to
enable the NX compatibility flag when using post-process-pe after
discussed with grub2 experts in mail. It's useful for further development
and testing. (bsc#1205588)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1375-1
Released: Mon Apr 22 14:56:13 2024
Summary: Security update for glibc
Type: security
Severity: important
References: 1222992,CVE-2024-2961
This update for glibc fixes the following issues:
- iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961, bsc#1222992)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1398-1
Released: Tue Apr 23 13:58:22 2024
Summary: Recommended update for systemd-default-settings
Type: recommended
Severity: moderate
References:
This update for systemd-default-settings fixes the following issues:
- Disable pids controller limit under user instances (jsc#SLE-10123)
- Disable controllers by default (jsc#PED-2276)
- The usage of drop-ins is now the official way for configuring systemd and its various daemons on Factory/ALP,
hence the early drop-ins SUSE specific 'feature' has been abandoned.
- User priority '26' for SLE-Micro
- Convert more drop-ins into early ones
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1429-1
Released: Wed Apr 24 15:13:10 2024
Summary: Recommended update for ca-certificates
Type: recommended
Severity: moderate
References: 1188500,1221184
This update for ca-certificates fixes the following issue:
- Update version (bsc#1221184)
* Use flock to serialize calls (bsc#1188500)
* Make certbundle.run container friendly
* Create /var/lib/ca-certificates if needed
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1439-1
Released: Thu Apr 25 23:41:12 2024
Summary: Security update for python-idna
Type: security
Severity: moderate
References: 1222842,CVE-2024-3651
This update for python-idna fixes the following issues:
- CVE-2024-3651: Fixed potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1458-1
Released: Mon Apr 29 07:47:34 2024
Summary: Recommended update for vim
Type: recommended
Severity: moderate
References: 1220763
This update for vim fixes the following issues:
- Fix segmentation fault after updating to version 9.1.0111-150500.20.9.1 (bsc#1220763)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1471-1
Released: Tue Apr 30 05:56:22 2024
Summary: Recommended update for libzypp
Type: recommended
Severity: moderate
References: 1223094
This update for libzypp fixes the following issues:
- Don't try to refresh volatile media as long as raw metadata are present (bsc#1223094)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1480-1
Released: Tue Apr 30 16:01:59 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1194869,1200465,1205316,1207948,1209635,1209657,1212514,1213456,1214852,1215221,1215322,1217339,1217829,1217959,1217987,1217988,1217989,1218321,1218336,1218479,1218562,1218643,1218777,1219169,1219170,1219264,1219443,1219834,1220114,1220176,1220237,1220251,1220320,1220325,1220328,1220337,1220340,1220365,1220366,1220393,1220398,1220411,1220413,1220433,1220439,1220443,1220445,1220466,1220469,1220478,1220482,1220484,1220486,1220487,1220492,1220703,1220735,1220736,1220775,1220790,1220797,1220831,1220833,1220836,1220839,1220840,1220843,1220845,1220848,1220870,1220871,1220872,1220878,1220879,1220883,1220885,1220887,1220898,1220917,1220918,1220920,1220921,1220926,1220927,1220929,1220930,1220931,1220932,1220933,1220937,1220938,1220940,1220954,1220955,1220959,1220960,1220961,1220965,1220969,1220978,1220979,1220981,1220982,1220983,1220985,1220986,1220987,1220989,1220990,1221009,1221012,1221015,1221022,1221039,1221040,1221044,1221045,1221046,1221048,1221055,1221056,1221058,1221060,1
221061,1221062,1221066,1221067,1221068,1221069,1221070,1221071,1221077,1221082,1221090,1221097,1221156,1221252,1221273,1221274,1221276,1221277,1221291,1221293,1221298,1221337,1221338,1221375,1221379,1221551,1221553,1221613,1221614,1221616,1221618,1221631,1221633,1221713,1221725,1221777,1221814,1221816,1221830,1221951,1222033,1222056,1222060,1222070,1222073,1222117,1222274,1222291,1222300,1222304,1222317,1222331,1222355,1222356,1222360,1222366,1222373,1222619,1222952,CVE-2021-46925,CVE-2021-46926,CVE-2021-46927,CVE-2021-46929,CVE-2021-46930,CVE-2021-46931,CVE-2021-46933,CVE-2021-46934,CVE-2021-46936,CVE-2021-47082,CVE-2021-47083,CVE-2021-47087,CVE-2021-47091,CVE-2021-47093,CVE-2021-47094,CVE-2021-47095,CVE-2021-47096,CVE-2021-47097,CVE-2021-47098,CVE-2021-47099,CVE-2021-47100,CVE-2021-47101,CVE-2021-47102,CVE-2021-47104,CVE-2021-47105,CVE-2021-47107,CVE-2021-47108,CVE-2022-4744,CVE-2022-48626,CVE-2022-48627,CVE-2022-48628,CVE-2022-48629,CVE-2022-48630,CVE-2023-0160,CVE-2023-28746,CVE
-2023-35827,CVE-2023-4881,CVE-2023-52447,CVE-2023-52450,CVE-2023-52453,CVE-2023-52454,CVE-2023-52462,CVE-2023-52463,CVE-2023-52467,CVE-2023-52469,CVE-2023-52470,CVE-2023-52474,CVE-2023-52476,CVE-2023-52477,CVE-2023-52481,CVE-2023-52482,CVE-2023-52484,CVE-2023-52486,CVE-2023-52492,CVE-2023-52493,CVE-2023-52494,CVE-2023-52497,CVE-2023-52500,CVE-2023-52501,CVE-2023-52502,CVE-2023-52504,CVE-2023-52507,CVE-2023-52508,CVE-2023-52509,CVE-2023-52510,CVE-2023-52511,CVE-2023-52513,CVE-2023-52515,CVE-2023-52517,CVE-2023-52518,CVE-2023-52519,CVE-2023-52520,CVE-2023-52523,CVE-2023-52524,CVE-2023-52525,CVE-2023-52528,CVE-2023-52529,CVE-2023-52530,CVE-2023-52531,CVE-2023-52532,CVE-2023-52559,CVE-2023-52563,CVE-2023-52564,CVE-2023-52566,CVE-2023-52567,CVE-2023-52569,CVE-2023-52574,CVE-2023-52575,CVE-2023-52576,CVE-2023-52582,CVE-2023-52583,CVE-2023-52587,CVE-2023-52591,CVE-2023-52594,CVE-2023-52595,CVE-2023-52597,CVE-2023-52598,CVE-2023-52599,CVE-2023-52600,CVE-2023-52601,CVE-2023-52602,CVE-2023-52
603,CVE-2023-52604,CVE-2023-52605,CVE-2023-52606,CVE-2023-52607,CVE-2023-52608,CVE-2023-52612,CVE-2023-52615,CVE-2023-52617,CVE-2023-52619,CVE-2023-52621,CVE-2023-52623,CVE-2023-52628,CVE-2023-52632,CVE-2023-52637,CVE-2023-52639,CVE-2023-6270,CVE-2023-6356,CVE-2023-6535,CVE-2023-6536,CVE-2023-7042,CVE-2023-7192,CVE-2024-0841,CVE-2024-2201,CVE-2024-22099,CVE-2024-23307,CVE-2024-25739,CVE-2024-25742,CVE-2024-25743,CVE-2024-26599,CVE-2024-26600,CVE-2024-26602,CVE-2024-26607,CVE-2024-26612,CVE-2024-26614,CVE-2024-26620,CVE-2024-26627,CVE-2024-26629,CVE-2024-26642,CVE-2024-26645,CVE-2024-26646,CVE-2024-26651,CVE-2024-26654,CVE-2024-26659,CVE-2024-26664,CVE-2024-26667,CVE-2024-26670,CVE-2024-26695,CVE-2024-26717
The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2021-46925: Fixed kernel panic caused by race of smc_sock (bsc#1220466).
- CVE-2021-46926: Fixed bug when detecting controllers in ALSA/hda/intel-sdw-acpi (bsc#1220478).
- CVE-2021-46927: Fixed assertion bug in nitro_enclaves: Use get_user_pages_unlocked() (bsc#1220443).
- CVE-2021-46929: Fixed use-after-free issue in sctp_sock_dump() (bsc#1220482).
- CVE-2021-46930: Fixed usb/mtu3 list_head check warning (bsc#1220484).
- CVE-2021-46931: Fixed wrong type casting in mlx5e_tx_reporter_dump_sq() (bsc#1220486).
- CVE-2021-46933: Fixed possible underflow in ffs_data_clear() (bsc#1220487).
- CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469).
- CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439).
- CVE-2021-47082: Fixed ouble free in tun_free_netdev() (bsc#1220969).
- CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917).
- CVE-2021-47087: Fixed incorrect page free bug in tee/optee (bsc#1220954).
- CVE-2021-47091: Fixed locking in ieee80211_start_ap()) error path (bsc#1220959).
- CVE-2021-47093: Fixed memleak on registration failure in intel_pmc_core (bsc#1220978).
- CVE-2021-47094: Fixed possible memory leak in KVM x86/mmu (bsc#1221551).
- CVE-2021-47095: Fixed missing initialization in ipmi/ssif (bsc#1220979).
- CVE-2021-47096: Fixed uninitalized user_pversion in ALSA rawmidi (bsc#1220981).
- CVE-2021-47097: Fixed stack out of bound access in elantech_change_report_id() (bsc#1220982).
- CVE-2021-47098: Fixed integer overflow/underflow in hysteresis calculations hwmon: (lm90) (bsc#1220983).
- CVE-2021-47099: Fixed BUG_ON assertion in veth when skb entering GRO are cloned (bsc#1220955).
- CVE-2021-47100: Fixed UAF when uninstall in ipmi (bsc#1220985).
- CVE-2021-47101: Fixed uninit-value in asix_mdio_read() (bsc#1220987).
- CVE-2021-47102: Fixed incorrect structure access In line: upper = info->upper_dev in net/marvell/prestera (bsc#1221009).
- CVE-2021-47104: Fixed memory leak in qib_user_sdma_queue_pkts() (bsc#1220960).
- CVE-2021-47105: Fixed potential memory leak in ice/xsk (bsc#1220961).
- CVE-2021-47107: Fixed READDIR buffer overflow in NFSD (bsc#1220965).
- CVE-2021-47108: Fixed possible NULL pointer dereference for mtk_hdmi_conf in drm/mediatek (bsc#1220986).
- CVE-2022-4744: Fixed double-free that could lead to DoS or privilege escalation in TUN/TAP device driver functionality (bsc#1209635).
- CVE-2022-48626: Fixed a potential use-after-free on remove path moxart (bsc#1220366).
- CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845).
- CVE-2022-48628: Fixed possible lock in ceph (bsc#1220848).
- CVE-2022-48629: Fixed possible memory leak in qcom-rng (bsc#1220989).
- CVE-2022-48630: Fixed infinite loop on requests not multiple of WORD_SZ in crypto: qcom-rng (bsc#1220990).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456).
- CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514).
- CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem that could lead to potential information disclosure or a denial of service (bsc#1215221).
- CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251).
- CVE-2023-52450: Fixed NULL pointer dereference issue in upi_fill_topology() (bsc#1220237).
- CVE-2023-52453: Fixed data corruption in hisi_acc_vfio_pci (bsc#1220337).
- CVE-2023-52454: Fixed a kernel panic when host sends an invalid H2C PDU length (bsc#1220320).
- CVE-2023-52462: Fixed check for attempt to corrupt spilled pointer (bsc#1220325).
- CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328).
- CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433).
- CVE-2023-52469: Fixed a use-after-free in kv_parse_power_table (bsc#1220411).
- CVE-2023-52470: Fixed null-ptr-deref in radeon_crtc_init() (bsc#1220413).
- CVE-2023-52474: Fixed a vulnerability with non-PAGE_SIZE-end multi-iovec user SDMA requests (bsc#1220445).
- CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI during vsyscall (bsc#1220703).
- CVE-2023-52477: Fixed USB Hub accesses to uninitialized BOS descriptors (bsc#1220790).
- CVE-2023-52481: Fixed speculative unprivileged load in Cortex-A520 (bsc#1220887).
- CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735).
- CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797).
- CVE-2023-52486: Fixed possible use-after-free in drm (bsc#1221277).
- CVE-2023-52492: Fixed a null-pointer-dereference in channel unregistration function __dma_async_device_channel_register() (bsc#1221276).
- CVE-2023-52493: Fixed possible soft lockup in bus/mhi/host (bsc#1221274).
- CVE-2023-52494: Fixed missing alignment check for event ring read pointer in bus/mhi/host (bsc#1221273).
- CVE-2023-52497: Fixed data corruption in erofs (bsc#1220879).
- CVE-2023-52500: Fixed information leaking when processing OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
- CVE-2023-52501: Fixed possible memory corruption in ring-buffer (bsc#1220885).
- CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831).
- CVE-2023-52504: Fixed possible out-of bounds in apply_alternatives() on a 5-level paging machine (bsc#1221553).
- CVE-2023-52507: Fixed possible shift-out-of-bounds in nfc/nci (bsc#1220833).
- CVE-2023-52508: Fixed null pointer dereference in nvme_fc_io_getuuid() (bsc#1221015).
- CVE-2023-52509: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1220836).
- CVE-2023-52510: Fixed a potential UAF in ca8210_probe() (bsc#1220898).
- CVE-2023-52511: Fixed possible memory corruption in spi/sun6i (bsc#1221012).
- CVE-2023-52513: Fixed connection failure handling in RDMA/siw (bsc#1221022).
- CVE-2023-52515: Fixed possible use-after-free in RDMA/srp (bsc#1221048).
- CVE-2023-52517: Fixed race between DMA RX transfer completion and RX FIFO drain in spi/sun6i (bsc#1221055).
- CVE-2023-52518: Fixed information leak in bluetooth/hci_codec (bsc#1221056).
- CVE-2023-52519: Fixed possible overflow in HID/intel-ish-hid/ipc (bsc#1220920).
- CVE-2023-52520: Fixed reference leak in platform/x86/think-lmi (bsc#1220921).
- CVE-2023-52523: Fixed wrong redirects to non-TCP sockets in bpf (bsc#1220926).
- CVE-2023-52524: Fixed possible corruption in nfc/llcp (bsc#1220927).
- CVE-2023-52525: Fixed out of bounds check mwifiex_process_rx_packet() (bsc#1220840).
- CVE-2023-52528: Fixed uninit-value access in __smsc75xx_read_reg() (bsc#1220843).
- CVE-2023-52529: Fixed a potential memory leak in sony_probe() (bsc#1220929).
- CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930).
- CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931).
- CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932).
- CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933).
- CVE-2023-52563: Fixed memory leak on ->hpd_notify callback() in drm/meson (bsc#1220937).
- CVE-2023-52564: Reverted invalid fix for UAF in gsm_cleanup_mux() (bsc#1220938).
- CVE-2023-52566: Fixed potential use after free in nilfs_gccache_submit_read_data() (bsc#1220940).
- CVE-2023-52567: Fixed possible Oops in serial/8250_port: when using IRQ polling (irq = 0) (bsc#1220839).
- CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918).
- CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870).
- CVE-2023-52575: Fixed SBPB enablement for spec_rstack_overflow=off (bsc#1220871).
- CVE-2023-52576: Fixed potential use after free in memblock_isolate_range() (bsc#1220872).
- CVE-2023-52582: Fixed possible oops in netfs (bsc#1220878).
- CVE-2023-52583: Fixed deadlock or deadcode of misusing dget() inside ceph (bsc#1221058).
- CVE-2023-52587: Fixed mcast list locking in IB/ipoib (bsc#1221082).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52594: Fixed potential array-index-out-of-bounds read in ath9k_htc_txstatus() (bsc#1221045).
- CVE-2023-52595: Fixed possible deadlock in wifi/rt2x00 (bsc#1221046).
- CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040).
- CVE-2023-52598: Fixed wrong setting of fpc register in s390/ptrace (bsc#1221060).
- CVE-2023-52599: Fixed array-index-out-of-bounds in diNewExt() in jfs (bsc#1221062).
- CVE-2023-52600: Fixed uaf in jfs_evict_inode() (bsc#1221071).
- CVE-2023-52601: Fixed array-index-out-of-bounds in dbAdjTree() in jfs (bsc#1221068).
- CVE-2023-52602: Fixed slab-out-of-bounds Read in dtSearch() in jfs (bsc#1221070).
- CVE-2023-52603: Fixed array-index-out-of-bounds in dtSplitRoot() (bsc#1221066).
- CVE-2023-52604: Fixed array-index-out-of-bounds in dbAdjTree() (bsc#1221067).
- CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039)
- CVE-2023-52606: Fixed possible kernel stack corruption in powerpc/lib (bsc#1221069).
- CVE-2023-52607: Fixed a null-pointer-dereference in pgtable_cache_add kasprintf() (bsc#1221061).
- CVE-2023-52608: Fixed possible race condition in firmware/arm_scmi (bsc#1221375).
- CVE-2023-52612: Fixed req->dst buffer overflow in crypto/scomp (bsc#1221616).
- CVE-2023-52615: Fixed page fault dead lock on mmap-ed hwrng (bsc#1221614).
- CVE-2023-52617: Fixed stdev_release() crash after surprise hot remove (bsc#1221613).
- CVE-2023-52619: Fixed possible crash when setting number of cpus to an odd number in pstore/ram (bsc#1221618).
- CVE-2023-52621: Fixed missing asserion in bpf (bsc#1222073).
- CVE-2023-52623: Fixed suspicious RCU usage in SUNRPC (bsc#1222060).
- CVE-2023-52628: Fixed 4-byte stack OOB write in nftables (bsc#1222117).
- CVE-2023-52632: Fixed lock dependency warning with srcu in drm/amdkfd (bsc#1222274).
- CVE-2023-52637: Fixed UAF in j1939_sk_match_filter() in can/k1939 (bsc#1222291).
- CVE-2023-52639: Fixed race during shadow creation in KVM/s390/vsie Fixed (bsc#1222300).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec (bsc#1217987).
- CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request (bsc#1217988).
- CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete (bsc#1217989).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
- CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
- CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1219169).
- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).
- CVE-2024-25742: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725).
- CVE-2024-25743: Fixed insufficient validation during #VC instruction emulation in x86/sev (bsc#1221725).
- CVE-2024-26599: Fixed out-of-bounds access in of_pwm_single_xlate() (bsc#1220365).
- CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340).
- CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398).
- CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736).
- CVE-2024-26612: Fixed Oops in fscache_put_cache() This function dereferences (bsc#1221291).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26620: Fixed possible device model violation in s390/vfio-ap (bsc#1221298).
- CVE-2024-26627: Fixed possible hard lockup in scsi (bsc#1221090).
- CVE-2024-26629: Fixed possible protocol violation via RELEASE_LOCKOWNER in nfsd (bsc#1221379).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26645: Fixed missing visibility when inserting an element into tracing_map (bsc#1222056).
- CVE-2024-26646: Fixed potential memory corruption when resuming from suspend or hibernation in thermal/intel/hfi (bsc#1222070).
- CVE-2024-26651: Fixed possible oops via malicious devices in sr9800 (bsc#1221337).
- CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
- CVE-2024-26659: Fixed wrong handling of isoc Babble and Buffer Overrun events in xhci (bsc#1222317).
- CVE-2024-26664: Fixed out-of-bounds memory access in create_core_data() in hwmon coretemp (bsc#1222355).
- CVE-2024-26667: Fixed null pointer reference in dpu_encoder_helper_phys_cleanup in drm/msm/dpu (bsc#1222331).
- CVE-2024-26670: Fixed ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD workaround in kernel arm64 (bsc#1222356).
- CVE-2024-26695: Fixed null pointer dereference in __sev_platform_shutdown_locked in crypto ccp (bsc#1222373).
- CVE-2024-26717: Fixed null pointer dereference on failed power up in HID i2c-hid-of (bsc#1222360).
The following non-security bugs were fixed:
- acpi: CPPC: enable AMD CPPC V2 support for family 17h processors (git-fixes).
- acpi: processor_idle: Fix memory leak in acpi_processor_power_exit() (git-fixes).
- acpi: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).
- acpi: resource: Add MAIBENBEN X577 to irq1_edge_low_force_override (git-fixes).
- acpi: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
- acpi: scan: Fix device check notification handling (git-fixes).
- acpica: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).
- alsa: aaci: Delete unused variable in aaci_do_suspend (git-fixes).
- alsa: aoa: avoid false-positive format truncation warning (git-fixes).
- alsa: aw2: avoid casting function pointers (git-fixes).
- alsa: ctxfi: avoid casting function pointers (git-fixes).
- alsa: hda/realtek - ALC285 reduce pop noise from Headphone port (stable-fixes).
- alsa: hda/realtek - Add Headset Mic supported Acer NB platform (stable-fixes).
- alsa: hda/realtek - Fix headset Mic no show at resume back for Lenovo ALC897 platform (git-fixes).
- alsa: hda/realtek: Enable Mute LED on HP 840 G8 (MB 8AB8) (git-fixes).
- alsa: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).
- alsa: hda/realtek: fix ALC285 issues on HP Envy x360 laptops (stable-fixes).
- alsa: hda/realtek: fix mute/micmute LED For HP mt440 (git-fixes).
- alsa: hda/realtek: fix mute/micmute LEDs for HP EliteBook (stable-fixes).
- alsa: seq: fix function cast warnings (git-fixes).
- alsa: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
- alsa: usb-audio: Stop parsing channels bits when all channels are found (git-fixes).
- arm64: dts: allwinner: h6: add rx dma channel for spdif (git-fixes)
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- arm64: dts: imx8mm-kontron: add support for ultra high speed modes on (git-fixes)
- arm64: dts: imx8mm-venice-gw71xx: fix usb otg vbus (git-fixes)
- arm64: dts: marvell: reorder crypto interrupts on armada socs (git-fixes)
- arm64: dts: rockchip: add es8316 codec for rock pi 4 (git-fixes)
- arm64: dts: rockchip: add spdif node for rock pi 4 (git-fixes)
- arm64: dts: rockchip: fix regulator name on rk3399-rock-4 (git-fixes)
- arm64: dts: rockchip: set num-cs property for spi on px30 (git-fixes)
- arm64: mm: fix va-range sanity check (git-fixes)
- arm64: set __exception_irq_entry with __irq_entry as a default (git-fixes)
- asoc: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (stable-fixes).
- asoc: amd: acp: Add missing error handling in sof-mach (git-fixes).
- asoc: amd: acp: fix for acp_init function error handling (git-fixes).
- asoc: madera: Fix typo in madera_set_fll_clks shift value (git-fixes).
- asoc: meson: Use dev_err_probe() helper (stable-fixes).
- asoc: meson: aiu: fix function pointer type mismatch (git-fixes).
- asoc: meson: axg-tdm-interface: add frame rate constraint (git-fixes).
- asoc: meson: axg-tdm-interface: fix mclk setup without mclk-fs (git-fixes).
- asoc: meson: t9015: fix function pointer type mismatch (git-fixes).
- asoc: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
- asoc: rcar: adg: correct TIMSEL setting for SSI9 (git-fixes).
- asoc: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
- asoc: rt5682-sdw: fix locking sequence (git-fixes).
- asoc: rt711-sdca: fix locking sequence (git-fixes).
- asoc: rt711-sdw: fix locking sequence (git-fixes).
- asoc: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (stable-fixes).
- asoc: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (stable-fixes).
- asoc: wm8962: Fix up incorrect error message in wm8962_set_fll (stable-fixes).
- ata: sata_mv: fix pci device id table declaration compilation warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
- backlight: da9052: fully initialize backlight_properties during probe (git-fixes).
- backlight: lm3630a: do not set bl->props.brightness in get_brightness (git-fixes).
- backlight: lm3630a: initialize backlight_properties on init (git-fixes).
- backlight: lm3639: fully initialize backlight_properties during probe (git-fixes).
- backlight: lp8788: fully initialize backlight_properties during probe (git-fixes).
- blocklayoutdriver: fix reference leak of pnfs_device_node (git-fixes).
- bluetooth: Remove HCI_POWER_OFF_TIMEOUT (git-fixes).
- bluetooth: Remove superfluous call to hci_conn_check_pending() (git-fixes).
- bluetooth: hci_core: Fix possible buffer overflow (git-fixes).
- bluetooth: mgmt: Remove leftover queuing of power_off work (git-fixes).
- bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (stable-fixes).
- bpf, scripts: correct gpl license name (git-fixes).
- bpf, sockmap: fix preempt_rt splat when using raw_spin_lock_t (git-fixes).
- can: softing: remove redundant null check (git-fixes).
- clk: zynq: prevent null pointer dereference caused by kmalloc failure (git-fixes).
- comedi: comedi_test: prevent timers rescheduling during deletion (git-fixes).
- coresight: etm4x: do not access trcidr1 for identification (bsc#1220775)
- coresight: etm4x: fix accesses to trcseqrstevr and trcseqstr (bsc#1220775)
- coresight: etm: override trcidr3.ccitmin on errata affected cpus (bsc#1220775)
- cpufreq: amd-pstate: fix min_perf assignment in amd_pstate_adjust_perf() (git-fixes).
- cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value (git-fixes).
- crypto: arm/sha - fix function cast warnings (git-fixes).
- crypto: qat - avoid division by zero (git-fixes).
- crypto: qat - fix deadlock in backlog processing (git-fixes).
- crypto: qat - fix double free during reset (git-fixes).
- crypto: qat - fix state machines cleanup paths (bsc#1218321).
- crypto: qat - fix unregistration of compression algorithms (git-fixes).
- crypto: qat - fix unregistration of crypto algorithms (git-fixes).
- crypto: qat - ignore subsequent state up commands (git-fixes).
- crypto: qat - increase size of buffers (git-fixes).
- crypto: qat - resolve race condition during aer recovery (git-fixes).
- crypto: xilinx - call finalize with bh disabled (git-fixes).
- doc-guide: kernel-doc: tell about object-like macros (git-fixes).
- doc/readme.suse: update information about module support status (jsc#ped-5759)
- drivers: hv: vmbus: Calculate ring buffer size for more efficient use of memory (git-fixes).
- drm/amd/display: add fams validation before trying to use it (git-fixes).
- drm/amd/display: add fb_damage_clips support (git-fixes).
- drm/amd/display: add function for validate and update new stream (git-fixes).
- drm/amd/display: add odm case when looking for first split pipe (git-fixes).
- drm/amd/display: always switch off odm before committing more streams (git-fixes).
- drm/amd/display: avoid abm when odm combine is enabled for edp (git-fixes).
- drm/amd/display: blocking invalid 420 modes on hdmi tmds for dcn31 (git-fixes).
- drm/amd/display: check if link state is valid (git-fixes).
- drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut (git-fixes).
- drm/amd/display: copy dc context in the commit streams (git-fixes).
- drm/amd/display: dc.h: eliminate kernel-doc warnings (git-fixes).
- drm/amd/display: disable psr-su on parade 0803 tcon again (git-fixes).
- drm/amd/display: enable fast plane updates on dcn3.2 and above (git-fixes).
- drm/amd/display: enable new commit sequence only for dcn32x (git-fixes).
- drm/amd/display: ensure async flips are only accepted for fast updates (git-fixes).
- drm/amd/display: exit idle optimizations before attempt to access phy (git-fixes).
- drm/amd/display: expand kernel doc for dc (git-fixes).
- drm/amd/display: fix a bug when searching for insert_above_mpcc (git-fixes).
- drm/amd/display: fix a null pointer dereference in amdgpu_dm_i2c_xfer() (git-fixes).
- drm/amd/display: fix a potential buffer overflow in 'dp_dsc_clock_en_read()' (git-fixes).
- drm/amd/display: fix abm disablement (git-fixes).
- drm/amd/display: fix dc/core/dc.c kernel-doc (git-fixes).
- drm/amd/display: fix hw rotated modes when psr-su is enabled (git-fixes).
- drm/amd/display: fix kernel-doc issues in dc.h (git-fixes).
- drm/amd/display: fix possible underflow for displays with large vblank (git-fixes).
- drm/amd/display: fix the delta clamping for shaper lut (git-fixes).
- drm/amd/display: fix unbounded requesting for high pixel rate modes on dcn315 (git-fixes).
- drm/amd/display: fix underflow issue on 175hz timing (git-fixes).
- drm/amd/display: for prefetch mode > 0, extend prefetch if possible (git-fixes).
- drm/amd/display: guard against invalid rptr/wptr being set (git-fixes).
- drm/amd/display: guard dcn31 phyd32clk logic against chip family (git-fixes).
- drm/amd/display: handle range offsets in vrr ranges (stable-fixes).
- drm/amd/display: handle seamless boot stream (git-fixes).
- drm/amd/display: handle virtual hardware detect (git-fixes).
- drm/amd/display: include surface of unaffected streams (git-fixes).
- drm/amd/display: include udelay when waiting for inbox0 ack (git-fixes).
- drm/amd/display: increase frame warning limit with kasan or kcsan in dml (git-fixes).
- drm/amd/display: keep phy active for dp config (git-fixes).
- drm/amd/display: perform a bounds check before filling dirty rectangles (git-fixes).
- drm/amd/display: prevent vtotal from being set to 0 (git-fixes).
- drm/amd/display: remove min_dst_y_next_start check for z8 (git-fixes).
- drm/amd/display: restore rptr/wptr for dmcub as workaround (git-fixes).
- drm/amd/display: return the correct hdcp error code (stable-fixes).
- drm/amd/display: revert vblank change that causes null pointer crash (git-fixes).
- drm/amd/display: rework comments on dc file (git-fixes).
- drm/amd/display: rework context change check (git-fixes).
- drm/amd/display: set minimum requirement for using psr-su on phoenix (git-fixes).
- drm/amd/display: set minimum requirement for using psr-su on rembrandt (git-fixes).
- drm/amd/display: set per pipe dppclk to 0 when dpp is off (git-fixes).
- drm/amd/display: update correct dcn314 register header (git-fixes).
- drm/amd/display: update extended blank for dcn314 onwards (git-fixes).
- drm/amd/display: update min z8 residency time to 2100 for dcn314 (git-fixes).
- drm/amd/display: update otg instance in the commit stream (git-fixes).
- drm/amd/display: use dram speed from validation for dummy p-state (git-fixes).
- drm/amd/display: use dtbclk as refclk instead of dprefclk (git-fixes).
- drm/amd/display: use low clocks for no plane configs (git-fixes).
- drm/amd/display: use min transition for all subvp plane add/remove (git-fixes).
- drm/amd/display: write to correct dirty_rect (git-fixes).
- drm/amd/display: wrong colorimetry workaround (git-fixes).
- drm/amd/pm: fix a memleak in aldebaran_tables_init (git-fixes).
- drm/amd/pm: fix error of maco flag setting code (git-fixes).
- drm/amd/smu: use averagegfxclkfrequency* to replace previous gfx curr clock (git-fixes).
- drm/amd: enable pcie pme from d3 (git-fixes).
- drm/amdgpu/pm: fix the error of pwm1_enable setting (stable-fixes).
- drm/amdgpu/pm: make gfxclock consistent for sienna cichlid (git-fixes).
- drm/amdgpu/pm: make mclk consistent for smu 13.0.7 (git-fixes).
- drm/amdgpu/smu13: drop compute workload workaround (git-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
- drm/amdgpu: enable gpu reset for s3 abort cases on raven series (stable-fixes).
- drm/amdgpu: fix missing break in atom_arg_imm case of atom_get_src_int() (git-fixes).
- drm/amdgpu: force order between a read and write to the same address (git-fixes).
- drm/amdgpu: lower cs errors to debug severity (git-fixes).
- drm/amdgpu: match against exact bootloader status (git-fixes).
- drm/amdgpu: unset context priority is now invalid (git-fixes).
- drm/amdgpu: update min() to min_t() in 'amdgpu_info_ioctl' (git-fixes).
- drm/amdkfd: fix tlb flush after unmap for gfx9.4.2 (stable-fixes).
- drm/bridge: tc358762: instruct dsi host to generate hse packets (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/edid: add quirk for osvr hdk 2.0 (git-fixes).
- drm/etnaviv: restore some id values (git-fixes).
- drm/exynos: do not return negative values from .get_modes() (stable-fixes).
- drm/exynos: fix a possible null-pointer dereference due to data race in exynos_drm_crtc_atomic_disable() (git-fixes).
- drm/i915/bios: tolerate devdata==null in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/i915/gt: do not generate the command streamer for all the ccs (git-fixes).
- drm/i915/gt: reset queue_priority_hint on parking (git-fixes).
- drm/i915/gt: use i915_vm_put on ppgtt_create error paths (git-fixes).
- drm/i915/selftests: fix dependency of some timeouts on hz (git-fixes).
- drm/i915: add missing ccs documentation (git-fixes).
- drm/i915: call intel_pre_plane_updates() also for pipes getting enabled (git-fixes).
- drm/i915: check before removing mm notifier (git-fixes).
- drm/lima: fix a memleak in lima_heap_alloc (git-fixes).
- drm/mediatek: dsi: fix dsi rgb666 formats and definitions (git-fixes).
- drm/mediatek: fix a null pointer crash in mtk_drm_crtc_finish_page_flip (git-fixes).
- drm/msm/dpu: add division of drm_display_mode's hskew parameter (git-fixes).
- drm/msm/dpu: fix the programming of intf_cfg2_data_hctl_en (git-fixes).
- drm/msm/dpu: improve dsc allocation (git-fixes).
- drm/msm/dpu: only enable dsc_mode_multiplex if dsc_merge is enabled (git-fixes).
- drm/panel-edp: use put_sync in unprepare (git-fixes).
- drm/panel: auo,b101uan08.3: fine tune the panel power sequence (git-fixes).
- drm/panel: boe-tv101wum-nl6: fine tune the panel power sequence (git-fixes).
- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).
- drm/panel: move aux b116xw03 out of panel-edp back to panel-simple (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- drm/probe-helper: warn about negative .get_modes() (stable-fixes).
- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).
- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).
- drm/radeon/ni: fix wrong firmware size logging in ni_init_microcode() (git-fixes).
- drm/radeon/ni_dpm: remove redundant null check (git-fixes).
- drm/radeon: remove dead code in ni_mc_load_microcode() (git-fixes).
- drm/rockchip: dsi: clean up 'usage_mode' when failing to attach (git-fixes).
- drm/rockchip: inno_hdmi: fix video timing (git-fixes).
- drm/rockchip: lvds: do not overwrite error code (git-fixes).
- drm/rockchip: lvds: do not print scary message when probing defer (git-fixes).
- drm/tegra: dpaux: fix pm disable depth imbalance in tegra_dpaux_probe (git-fixes).
- drm/tegra: dsi: add missing check for of_find_device_by_node (git-fixes).
- drm/tegra: dsi: fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (git-fixes).
- drm/tegra: dsi: fix some error handling paths in tegra_dsi_probe() (git-fixes).
- drm/tegra: dsi: make use of the helper function dev_err_probe() (stable-fixes).
- drm/tegra: hdmi: convert to devm_platform_ioremap_resource() (stable-fixes).
- drm/tegra: hdmi: fix some error handling paths in tegra_hdmi_probe() (git-fixes).
- drm/tegra: output: fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (git-fixes).
- drm/tegra: put drm_gem_object ref on error in tegra_fb_create (git-fixes).
- drm/tegra: rgb: fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() (git-fixes).
- drm/tegra: rgb: fix some error handling paths in tegra_dc_rgb_probe() (git-fixes).
- drm/tidss: fix initial plane zpos values (git-fixes).
- drm/tidss: fix sync-lost issue with two displays (git-fixes).
- drm/ttm: do not leak a resource on eviction error (git-fixes).
- drm/ttm: do not print error message if eviction was interrupted (git-fixes).
- drm/vc4: add module dependency on hdmi-codec (git-fixes).
- drm/vmwgfx: create debugfs ttm_resource_manager entry only if needed (git-fixes).
- drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (git-fixes).
- drm/vmwgfx: fix possible null pointer derefence with invalid contexts (git-fixes).
- drm: do not treat 0 as -1 in drm_fixp2int_ceil (git-fixes).
- drm: fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- drm: panel-orientation-quirks: add quirk for acer switch v 10 (sw5-017) (git-fixes).
- firewire: core: use long bus reset on gap count error (stable-fixes).
- fix 'coresight: etm4x: Change etm4_platform_driver driver for MMIO devices' (bsc#1220775)
- hid: amd_sfh: Update HPD sensor structure elements (git-fixes).
- hid: lenovo: Add middleclick_workaround sysfs knob for cptkbd (git-fixes).
- hid: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).
- hv_netvsc: calculate correct ring size when page_size is not 4 kbytes (git-fixes).
- hv_netvsc: fix race condition between netvsc_probe and netvsc_remove (git-fixes).
- hv_netvsc: register vf in netvsc_probe if net_device_register missed (git-fixes).
- i2c: aspeed: fix the dummy irq expected print (git-fixes).
- i2c: i801: avoid potential double call to gpiod_remove_lookup_table (git-fixes).
- i2c: wmt: fix an error handling path in wmt_i2c_probe() (git-fixes).
- ib/ipoib: Fix mcast list locking (git-fixes)
- iio: dummy_evgen: remove excess kernel-doc comments (git-fixes).
- iio: pressure: dlhl60d: initialize empty dlh bytes (git-fixes).
- input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).
- input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes).
- input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes).
- input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes).
- input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes).
- input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes).
- input: pm8941-pwrkey - add software key press debouncing support (git-fixes).
- input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes).
- input: synaptics-rmi4 - fix UAF of IRQ domain on driver removal (git-fixes).
- input: xpad - add Lenovo Legion Go controllers (git-fixes).
- iommu/amd: mark interrupt as managed (git-fixes).
- iommu/dma: trace bounce buffer usage when mapping buffers (git-fixes).
- iommu/mediatek-v1: fix an error handling path in mtk_iommu_v1_probe() (git-fixes).
- iommu/mediatek: fix forever loop in error handling (git-fixes).
- iommu/vt-d: allow to use flush-queue when first level is default (git-fixes).
- iommu/vt-d: do not issue ats invalidation request when device is disconnected (git-fixes).
- iommu/vt-d: fix pasid directory pointer coherency (git-fixes).
- iommu/vt-d: set no execute enable bit in pasid table entry (git-fixes).
- kabi: pci: add locking to rmw pci express capability register accessors (kabi).
- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).
- kvm: s390: only deliver the set service event bits (git-fixes bsc#1221631).
- lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-commit).
- leds: aw2013: unlock mutex before destroying it (git-fixes).
- lib/cmdline: fix an invalid format specifier in an assertion msg (git-fixes).
- make nvidiA Grace-Hopper TPM related drivers build-ins (bsc#1221156)
- md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes).
- md/raid5: release batch_last before waiting for another stripe_head (git-fixes).
- md/raid6: use valid sector values to determine if an i/o should wait on the reshape (git-fixes).
- md: do not ignore suspended array in md_check_recovery() (git-fixes).
- md: do not leave 'md_recovery_frozen' in error path of md_set_readonly() (git-fixes).
- md: fix data corruption for raid456 when reshape restart while grow up (git-fixes).
- md: introduce md_ro_state (git-fixes).
- md: make sure md_do_sync() will set md_recovery_done (git-fixes).
- md: whenassemble the array, consult the superblock of the freshest device (git-fixes).
- media: dvb-frontends: avoid stack overflow warnings with clang (git-fixes).
- media: edia: dvbdev: fix a use-after-free (git-fixes).
- media: em28xx: annotate unchecked call to media_device_register() (git-fixes).
- media: go7007: add check of return value of go7007_read_addr() (git-fixes).
- media: go7007: fix a memleak in go7007_load_encoder (git-fixes).
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (git-fixes).
- media: pvrusb2: fix pvr2_stream_callback casts (git-fixes).
- media: pvrusb2: fix uaf in pvr2_context_set_notify (git-fixes).
- media: pvrusb2: remove redundant null check (git-fixes).
- media: staging: ipu3-imgu: set fields before media_entity_pads_init() (git-fixes).
- media: sun8i-di: fix chroma difference threshold (git-fixes).
- media: sun8i-di: fix coefficient writes (git-fixes).
- media: sun8i-di: fix power on/off sequences (git-fixes).
- media: tc358743: register v4l2 async device only after successful setup (git-fixes).
- media: ttpci: fix two memleaks in budget_av_attach (git-fixes).
- media: usbtv: remove useless locks in usbtv_video_free() (git-fixes).
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (git-fixes).
- media: v4l2-tpg: fix some memleaks in tpg_alloc (git-fixes).
- media: xc4000: fix atomicity violation in xc4000_get_frequency (git-fixes).
- mfd: altera-sysmgr: call of_node_put() only when of_parse_phandle() takes a ref (git-fixes).
- mfd: syscon: call of_node_put() only when of_parse_phandle() takes a ref (git-fixes).
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).
- mm,page_owner: drop unnecessary check (bsc#1222366).
- mm,page_owner: fix accounting of pages when migrating (bsc#1222366).
- mm,page_owner: fix printing of stack records (bsc#1222366).
- mm,page_owner: fix recursion (bsc#1222366).
- mm,page_owner: fix refcount imbalance (bsc#1222366).
- mm,page_owner: update metadata for tail pages (bsc#1222366).
- mm/vmalloc: huge vmalloc backing pages should be split rather than compound (bsc#1217829).
- mmc: core: avoid negative index with array access (git-fixes).
- mmc: core: fix switch on gp3 partition (git-fixes).
- mmc: core: initialize mmc_blk_ioc_data (git-fixes).
- mmc: mmci: stm32: fix dma api overlapping mappings warning (git-fixes).
- mmc: mmci: stm32: use a buffer for unaligned dma requests (git-fixes).
- mmc: tmio: avoid concurrent runs of mmc_request_done() (git-fixes).
- mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (git-fixes).
- mtd: maps: physmap-core: fix flash size larger than 32-bit (git-fixes).
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (git-fixes).
- mtd: rawnand: meson: fix scrambling mode value in command macro (git-fixes).
- net/bnx2x: prevent access to a freed page in page_pool (bsc#1215322).
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).
- net: fix features skip in for_each_netdev_feature() (git-fixes).
- net: lan78xx: fix runtime pm count underflow on link stop (git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
- net: mana: fix rx dma datasize and skb_over_panic (git-fixes).
- net: phy: fix phy_get_internal_delay accessing an empty array (git-fixes).
- net: sunrpc: fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes).
- nfc: nci: fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
- nfs: fix an off by one in root_nfs_cat() (git-fixes).
- nfs: rename nfs_client_kset to nfs_kset (git-fixes).
- nfsd: change LISTXATTRS cookie encoding to big-endian (git-fixes).
- nfsd: convert the callback workqueue to use delayed_work (git-fixes).
- nfsd: do not take fi_lock in nfsd_break_deleg_cb() (git-fixes).
- nfsd: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
- nfsd: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
- nfsd: fix file memleak on client_opens_release (git-fixes).
- nfsd: fix nfsd4_listxattr_validate_cookie (git-fixes).
- nfsd: lock_rename() needs both directories to live on the same fs (git-fixes).
- nfsd: reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).
- nfsd: reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- nfsd: retransmit callbacks after client reconnects (git-fixes).
- nfsd: use vfs setgid helper (git-fixes).
- nfsv4.1/pnfs: Ensure we handle the error NFS4ERR_RETURNCONFLICT (git-fixes).
- nfsv4.1: fix SP4_MACH_CRED protection for pnfs IO (git-fixes).
- nfsv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
- nfsv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
- nfsv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- nfsv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
- nfsv4.2: fix wrong shrinker_id (git-fixes).
- nfsv4: fix a nfs4_state_manager() race (git-fixes).
- nfsv4: fix a state manager thread deadlock regression (git-fixes).
- nilfs2: fix failure to detect dat corruption in btree and direct mappings (git-fixes).
- nilfs2: prevent kernel bug at submit_bh_wbc() (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- nouveau: reset the bo resource bus info after an eviction (git-fixes).
- ntfs: fix use-after-free in ntfs_ucsncmp() (bsc#1221713).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: defer cleanup using rcu properly (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- pci/aer: fix rootport attribute paths in ABI docs (git-fixes).
- pci/aspm: Use RMW accessors for changing LNKCTL (git-fixes).
- pci/dpc: print all TLP Prefixes, not just the first (git-fixes).
- pci/msi: prevent MSI hardware interrupt number truncation (bsc#1218777)
- pci/p2pdma: Fix a sleeping issue in a RCU read section (git-fixes).
- pci: add locking to RMW PCI Express Capability Register accessors (git-fixes).
- pci: dwc: Fix a 64bit bug in dw_pcie_ep_raise_msix_irq() (git-fixes).
- pci: dwc: endpoint: Fix advertised resizable BAR size (git-fixes).
- pci: dwc: endpoint: Fix dw_pcie_ep_raise_msix_irq() alignment support (git-fixes).
- pci: fu740: Set the number of MSI vectors (git-fixes).
- pci: lengthen reset delay for VideoPropulsion Torrent QN16e card (git-fixes).
- pci: make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- pci: mark 3ware-9650SE Root Port Extended Tags as broken (git-fixes).
- pci: mediatek-gen3: Fix translation window size calculation (git-fixes).
- pci: mediatek: Clear interrupt status before dispatching handler (git-fixes).
- pci: qcom: Enable BDF to SID translation properly (git-fixes).
- pci: qcom: Use DWC helpers for modifying the read-only DBI registers (git-fixes).
- pci: rockchip: Do not advertise MSI-X in PCIe capabilities (git-fixes).
- pci: rockchip: Fix window mapping and address translation for endpoint (git-fixes).
- pci: rockchip: Use 64-bit mask on MSI 64-bit PCI address (git-fixes).
- pci: switchtec: Fix an error handling path in switchtec_pci_probe() (git-fixes).
- pinctrl: mediatek: drop bogus slew rate register range for mt8192 (git-fixes).
- platform/mellanox: mlxreg-hotplug: Remove redundant NULL-check (git-fixes).
- pm: suspend: Set mem_sleep_current during kernel command line setup (git-fixes).
- pnfs/flexfiles: check the layout validity in ff_layout_mirror_prepare_stats (git-fixes).
- pnfs: fix a hang in nfs4_evict_inode() (git-fixes).
- pnfs: fix the pnfs block driver's calculation of layoutget size (git-fixes).
- powerpc/64s: POWER10 CPU Kconfig build option (bsc#1194869).
- powerpc/boot: Disable power10 features after BOOTAFLAGS assignment (bsc#1194869).
- powerpc/boot: Fix boot wrapper code generation with CONFIG_POWER10_CPU (bsc#1194869).
- powerpc/lib/sstep: Do not use __{get/put}_user() on kernel addresses (bsc#1194869).
- powerpc/lib/sstep: Remove unneeded #ifdef __powerpc64__ (bsc#1194869).
- powerpc/lib/sstep: Use l1_dcache_bytes() instead of opencoding (bsc#1194869).
- powerpc/lib/sstep: use truncate_if_32bit() (bsc#1194869).
- powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (bsc#1220492 ltc#205270).
- powerpc/pseries: Fix potential memleak in papr_get_attr() (bsc#1200465 ltc#197256 jsc#SLE-18130 git-fixes).
- powerpc/sstep: Use bitwise instead of arithmetic operator for flags (bsc#1194869).
- powerpc: add compile-time support for lbarx, lharx (bsc#1194869).
- pwm: mediatek: Update kernel doc for struct pwm_mediatek_of_data (git-fixes).
- qedf: Do not process stag work during unload (bsc#1214852).
- qedf: Wait for stag work during unload (bsc#1214852).
- raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1221097).
- ras/amd/fmpm: Add debugfs interface to print record entries (jsc#PED-7619).
- ras/amd/fmpm: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- ras/amd/fmpm: Fix build when debugfs is not enabled (jsc#PED-7619).
- ras/amd/fmpm: Fix off by one when unwinding on error (jsc#PED-7619).
- ras/amd/fmpm: Safely handle saved records of various sizes (jsc#PED-7619).
- ras/amd/fmpm: Save SPA values (jsc#PED-7619).
- ras: Avoid build errors when CONFIG_DEBUG_FS=n (git-fixes).
- ras: export helper to get ras_debugfs_dir (jsc#PED-7619).
- rdma/device: fix a race between mad_client and cm_client init (git-fixes)
- rdma/hns: fix mis-modifying default congestion control algorithm (git-fixes)
- rdma/ipoib: fix error code return in ipoib_mcast_join (git-fixes)
- rdma/irdma: remove duplicate assignment (git-fixes)
- rdma/mana_ib: fix bug in creation of dma regions (git-fixes).
- rdma/mlx5: fix fortify source warning while accessing eth segment (git-fixes)
- rdma/mlx5: relax devx access upon modify commands (git-fixes)
- rdma/rtrs-clt: check strnlen return len in sysfs mpath_policy_store() (git-fixes)
- rdma/srpt: do not register event handler until srpt device is fully setup (git-fixes)
- revert 'drm/amd: disable psr-su on parade 0803 tcon' (git-fixes).
- revert 'drm/amd: disable s/g for apus when 64gb or more host memory' (git-fixes).
- revert 'drm/amdgpu/display: change pipe policy for dcn 2.0' (git-fixes).
- revert 'drm/amdgpu/display: change pipe policy for dcn 2.1' (git-fixes).
- revert 'drm/vc4: hdmi: enforce the minimum rate at runtime_resume' (git-fixes).
- revert 'fbdev: flush deferred io before closing (git-fixes).' (bsc#1221814)
- revert 'pci: tegra194: enable support for 256 byte payload' (git-fixes).
- revert 'revert 'drm/amdgpu/display: change pipe policy for dcn 2.0'' (git-fixes).
- revert 'sunrpc dont update timeout value on connection reset' (git-fixes).
- ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
- s390/pai: fix attr_event_free upper limit for pai device drivers (git-fixes bsc#1221633).
- s390/vfio-ap: realize the VFIO_DEVICE_GET_IRQ_INFO ioctl (bsc#1205316).
- s390/vfio-ap: realize the VFIO_DEVICE_SET_IRQS ioctl (bsc#1205316).
- s390/vfio-ap: wire in the vfio_device_ops request callback (bsc#1205316).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221951).
- sched/rt: Disallow writing invalid values to sched_rt_period_us (bsc#1220176).
- sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (bsc#1220176).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).
- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
- scsi: qedf: Remove set but unused variable 'page' (bsc#1214852).
- scsi: qedf: Remove unused 'num_handled' variable (bsc#1214852).
- scsi: qedf: Remove unused declaration (bsc#1214852).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: storvsc: Fix ring buffer size calculation (git-fixes).
- scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252).
- selftests/bpf: add generic BPF program tester-loader (bsc#1222033).
- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
- serial: max310x: fix syntax error in IRQ error message (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
- sr9800: Add check for usbnet_get_endpoints (git-fixes).
- stackdepot: rename pool_index to pool_index_plus_1 (git-fixes).
- staging: vc04_services: fix information leak in create_component() (git-fixes).
- sunrpc: add an is_err() check back to where it was (git-fixes).
- sunrpc: econnreset might require a rebind (git-fixes).
- sunrpc: fix a memleak in gss_import_v2_context (git-fixes).
- sunrpc: fix a suspicious rcu usage warning (git-fixes).
- sunrpc: fix rpc client cleaned up the freed pipefs dentries (git-fixes).
- sunrpc: fix some memleaks in gssx_dec_option_array (git-fixes).
- svcrdma: Drop connection after an RDMA Read error (git-fixes).
- topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618).
- topology: Fix up build warning in topology_is_visible() (jsc#PED-7618).
- tracing/probes: Fix to show a parse error for bad type for $comm (git-fixes).
- tracing: Fix wasted memory in saved_cmdlines logic (git-fixes).
- tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes).
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (bsc#1222619).
- tty: serial: fsl_lpuart: avoid idle preamble pending if CTS is enabled (git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
- ubifs: Set page uptodate in the correct place (git-fixes).
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
- ubifs: fix sort function prototype (git-fixes).
- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: core: fix deadlock in usb_deauthorize_interface() (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes).
- usb: gadget: ncm: Fix handling of zero block length packets (git-fixes).
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).
- usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes).
- usb: port: Do not try to peer unused USB ports based on location (git-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
- usb: typec: ucsi: Check for notifications after init (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
- usb: usb-storage: prevent divide-by-0 error in isd200_ata_command (git-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
- vt: fix unicode buffer corruption when deleting characters (git-fixes).
- watchdog: stm32_iwdg: initialize default timeout (git-fixes).
- wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (git-fixes).
- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
- wifi: ath11k: initialize rx_mcs_80 and rx_mcs_160 before use (git-fixes).
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (git-fixes).
- wifi: b43: Disable QoS for bcm4331 (git-fixes).
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled (git-fixes).
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (git-fixes).
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (git-fixes).
- wifi: brcmfmac: fix copyright year mentioned in platform_data header (git-fixes).
- wifi: brcmsmac: avoid function pointer casts (git-fixes).
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (git-fixes).
- wifi: iwlwifi: fix EWRD table validity check (git-fixes).
- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
- wifi: iwlwifi: mvm: do not set replay counters to 0xff (git-fixes).
- wifi: iwlwifi: mvm: report beacon protection failures (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
- wifi: iwlwifi: mvm: use FW rate for non-data only on new devices (git-fixes).
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (git-fixes).
- wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (git-fixes).
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (git-fixes).
- wifi: rtw88: 8821c: Fix false alarm count (git-fixes).
- wifi: wilc1000: fix RCU usage in connect path (git-fixes).
- wifi: wilc1000: fix declarations ordering (stable-fixes).
- wifi: wilc1000: fix multi-vif management when deleting a vif (git-fixes).
- wifi: wilc1000: prevent use-after-free on vif when cleaning up all interfaces (git-fixes).
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- xhci: handle isoc Babble and Buffer Overrun events properly (git-fixes).
- xhci: process isoc TD properly when there was a transaction error mid TD (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1485-1
Released: Thu May 2 05:33:36 2024
Summary: Recommended update for python39
Type: recommended
Severity: moderate
References:
This update for python39 fixes the following issues:
- Build python package for python311 (jsc#PED-5851) and python39 (jsc#PED-7886)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:1487-1
Released: Thu May 2 10:43:53 2024
Summary: Recommended update for aaa_base
Type: recommended
Severity: moderate
References: 1211721,1221361,1221407,1222547
This update for aaa_base fixes the following issues:
- home and end button not working from ssh client (bsc#1221407)
- use autosetup in prep stage of specfile
- drop the stderr redirection for csh (bsc#1221361)
- drop sysctl.d/50-default-s390.conf (bsc#1211721)
- make sure the script does not exit with 1 if a file with content is found (bsc#1222547)
The following package changes have been done:
- aaa_base-84.87+git20180409.04c9dae-150300.10.17.3 updated
- ca-certificates-2+git20240416.98ae794-150300.4.3.3 updated
- cloud-init-config-suse-23.3-150100.8.79.2 updated
- cloud-init-23.3-150100.8.79.2 updated
- curl-8.0.1-150400.5.44.1 updated
- glibc-locale-base-2.31-150300.74.1 updated
- glibc-locale-2.31-150300.74.1 updated
- glibc-2.31-150300.74.1 updated
- grub2-i386-pc-2.06-150500.29.25.12 updated
- grub2-x86_64-efi-2.06-150500.29.25.12 updated
- grub2-x86_64-xen-2.06-150500.29.25.12 updated
- grub2-2.06-150500.29.25.12 updated
- hwdata-0.380-150000.3.68.1 updated
- kernel-default-5.14.21-150500.55.59.1 updated
- less-590-150400.3.6.2 updated
- libabsl2308_0_0-20230802.1-150400.10.4.1 added
- libblkid1-2.37.4-150500.9.6.1 updated
- libcares2-1.19.1-150000.3.26.1 updated
- libcurl4-8.0.1-150400.5.44.1 updated
- libexpat1-2.4.4-150400.3.17.1 updated
- libfdisk1-2.37.4-150500.9.6.1 updated
- libgcc_s1-13.2.1+git8285-150000.1.9.1 updated
- libgnutls30-3.7.3-150400.4.44.1 updated
- libmount1-2.37.4-150500.9.6.1 updated
- libncurses6-6.1-150000.5.24.1 updated
- libnghttp2-14-1.40.0-150200.17.1 updated
- libprotobuf-lite25_1_0-25.1-150400.9.3.1 added
- libpython3_6m1_0-3.6.15-150300.10.60.1 updated
- libsemanage1-3.1-150400.3.4.2 updated
- libsmartcols1-2.37.4-150500.9.6.1 updated
- libstdc++6-13.2.1+git8285-150000.1.9.1 updated
- libuuid1-2.37.4-150500.9.6.1 updated
- libzypp-17.32.5-150400.3.64.1 updated
- ncurses-utils-6.1-150000.5.24.1 updated
- openssh-clients-8.4p1-150300.3.37.1 updated
- openssh-common-8.4p1-150300.3.37.1 updated
- openssh-server-8.4p1-150300.3.37.1 updated
- openssh-8.4p1-150300.3.37.1 updated
- python3-base-3.6.15-150300.10.60.1 updated
- python3-idna-2.6-150000.3.3.1 updated
- python3-3.6.15-150300.10.60.1 updated
- rpm-ndb-4.14.3-150400.59.13.1 updated
- samba-client-libs-4.17.12+git.462.df636292e62-150500.3.23.7 updated
- shim-15.8-150300.4.20.2 updated
- systemd-default-settings-branding-SLE-0.10-150300.3.7.1 updated
- systemd-default-settings-0.10-150300.3.7.1 updated
- terminfo-base-6.1-150000.5.24.1 updated
- terminfo-6.1-150000.5.24.1 updated
- util-linux-systemd-2.37.4-150500.9.6.1 updated
- util-linux-2.37.4-150500.9.6.1 updated
- vim-data-common-9.1.0330-150500.20.12.1 updated
- vim-9.1.0330-150500.20.12.1 updated
- wicked-service-0.6.74-150500.3.21.1 updated
- wicked-0.6.74-150500.3.21.1 updated
- xen-libs-4.17.4_02-150500.3.30.1 updated
- xen-tools-domU-4.17.4_02-150500.3.30.1 updated
- xfsprogs-5.13.0-150400.3.7.1 updated
- zypper-1.14.71-150400.3.45.2 updated
- libimaevm3-1.4-150400.3.2.1 removed
- libprotobuf-lite20-3.9.2-150200.4.21.1 removed
More information about the sle-container-updates
mailing list