SUSE-IU-2024:1463-1: Security update of suse-sles-15-sp6-chost-byos-v20241004-x86_64-gen2
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Mon Oct 7 07:01:27 UTC 2024
SUSE Image Update Advisory: suse-sles-15-sp6-chost-byos-v20241004-x86_64-gen2
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2024:1463-1
Image Tags : suse-sles-15-sp6-chost-byos-v20241004-x86_64-gen2:20241004
Image Release :
Severity : important
Type : security
References : 1012628 1081596 1193454 1194869 1200528 1205462 1208783 1213123
1214285 1215199 1217070 1220066 1220252 1220877 1221326 1221630
1221645 1221652 1221714 1221857 1222254 1222335 1222350 1222364
1222372 1222387 1222433 1222434 1222463 1222625 1222633 1222634
1222808 1222967 1222973 1223053 1223074 1223094 1223191 1223395
1223635 1223720 1223731 1223742 1223763 1223767 1223777 1223803
1224105 1224415 1224485 1224496 1224510 1224535 1224631 1224636
1224690 1224694 1224700 1224711 1224771 1225267 1225475 1225582
1225607 1225717 1225718 1225744 1225745 1225751 1225814 1225832
1225838 1225903 1226014 1226030 1226031 1226127 1226183 1226414
1226493 1226497 1226502 1226530 1226588 1226604 1226743 1226751
1226765 1226798 1226801 1226834 1226874 1226885 1226920 1227149
1227182 1227205 1227216 1227233 1227378 1227383 1227437 1227492
1227493 1227494 1227618 1227620 1227623 1227625 1227627 1227634
1227706 1227722 1227724 1227725 1227728 1227729 1227732 1227733
1227734 1227747 1227750 1227754 1227758 1227760 1227761 1227764
1227766 1227770 1227771 1227772 1227774 1227781 1227784 1227785
1227787 1227790 1227791 1227792 1227793 1227796 1227798 1227799
1227802 1227808 1227810 1227811 1227812 1227815 1227816 1227818
1227820 1227823 1227824 1227826 1227828 1227829 1227830 1227832
1227833 1227834 1227839 1227840 1227846 1227849 1227851 1227853
1227863 1227864 1227865 1227867 1227869 1227870 1227883 1227884
1227891 1227893 1227929 1227950 1227957 1227981 1227999 1228020
1228021 1228042 1228091 1228114 1228138 1228192 1228195 1228202
1228206 1228208 1228223 1228235 1228236 1228237 1228247 1228321
1228409 1228410 1228420 1228426 1228427 1228429 1228446 1228447
1228449 1228450 1228452 1228456 1228457 1228458 1228459 1228460
1228462 1228463 1228466 1228467 1228468 1228469 1228470 1228472
1228479 1228480 1228481 1228482 1228483 1228484 1228485 1228486
1228487 1228489 1228491 1228492 1228493 1228494 1228495 1228496
1228499 1228500 1228501 1228502 1228503 1228505 1228508 1228509
1228510 1228511 1228513 1228515 1228516 1228518 1228520 1228525
1228527 1228530 1228531 1228539 1228553 1228561 1228563 1228564
1228565 1228567 1228568 1228572 1228576 1228579 1228580 1228581
1228582 1228584 1228586 1228588 1228590 1228591 1228599 1228615
1228616 1228617 1228625 1228626 1228633 1228635 1228636 1228640
1228643 1228644 1228646 1228647 1228649 1228650 1228654 1228655
1228656 1228658 1228660 1228662 1228665 1228666 1228667 1228672
1228673 1228674 1228677 1228680 1228687 1228705 1228706 1228707
1228708 1228709 1228710 1228718 1228720 1228721 1228722 1228723
1228724 1228726 1228727 1228733 1228737 1228743 1228748 1228754
1228756 1228757 1228758 1228764 1228766 1228779 1228780 1228787
1228801 1228809 1228849 1228850 1228857 1228959 1228964 1228966
1228967 1228973 1228977 1228978 1228979 1228986 1228988 1228989
1228991 1228992 1229005 1229014 1229024 1229028 1229042 1229045
1229046 1229054 1229056 1229086 1229134 1229136 1229154 1229156
1229160 1229167 1229168 1229169 1229170 1229171 1229172 1229173
1229174 1229239 1229240 1229241 1229243 1229244 1229245 1229246
1229247 1229248 1229249 1229250 1229251 1229252 1229253 1229254
1229255 1229256 1229287 1229290 1229291 1229292 1229294 1229296
1229297 1229298 1229299 1229301 1229303 1229304 1229305 1229307
1229309 1229312 1229313 1229314 1229315 1229316 1229317 1229318
1229319 1229320 1229327 1229341 1229342 1229344 1229345 1229346
1229347 1229349 1229350 1229351 1229353 1229354 1229355 1229356
1229357 1229358 1229359 1229360 1229365 1229366 1229369 1229370
1229373 1229374 1229379 1229381 1229382 1229383 1229386 1229388
1229390 1229391 1229392 1229395 1229398 1229399 1229400 1229402
1229403 1229404 1229407 1229409 1229410 1229411 1229413 1229414
1229417 1229444 1229451 1229452 1229455 1229456 1229476 1229480
1229481 1229482 1229484 1229485 1229486 1229487 1229488 1229489
1229490 1229493 1229495 1229496 1229497 1229500 1229503 1229518
1229596 1229707 1229739 1229743 1229746 1229747 1229752 1229754
1229755 1229756 1229759 1229761 1229767 1229781 1229784 1229785
1229787 1229788 1229789 1229792 1229820 1229827 1229830 1229837
1229930 1229931 1229932 1229940 1230020 1230034 1230056 1230070
1230092 1230093 1230110 1230145 1230227 1230229 1230267 1230330
1230350 1230366 1230413 1230468 1230516 1230638 1230639 1230698
1230894 1230984 222971 CVE-2022-1996 CVE-2023-45142 CVE-2023-47108
CVE-2023-52489 CVE-2023-52581 CVE-2023-52668 CVE-2023-52688 CVE-2023-52735
CVE-2023-52859 CVE-2023-52885 CVE-2023-52886 CVE-2023-52887 CVE-2023-52889
CVE-2023-7256 CVE-2024-26590 CVE-2024-26631 CVE-2024-26637 CVE-2024-26668
CVE-2024-26669 CVE-2024-26677 CVE-2024-26682 CVE-2024-26683 CVE-2024-26691
CVE-2024-26735 CVE-2024-26808 CVE-2024-26809 CVE-2024-26812 CVE-2024-26835
CVE-2024-26837 CVE-2024-26849 CVE-2024-26851 CVE-2024-26889 CVE-2024-26920
CVE-2024-26944 CVE-2024-26976 CVE-2024-27010 CVE-2024-27011 CVE-2024-27024
CVE-2024-27049 CVE-2024-27050 CVE-2024-27079 CVE-2024-27403 CVE-2024-27433
CVE-2024-27437 CVE-2024-31076 CVE-2024-35854 CVE-2024-35855 CVE-2024-35897
CVE-2024-35902 CVE-2024-35913 CVE-2024-35939 CVE-2024-35949 CVE-2024-36270
CVE-2024-36286 CVE-2024-36288 CVE-2024-36489 CVE-2024-36881 CVE-2024-36907
CVE-2024-36909 CVE-2024-36910 CVE-2024-36911 CVE-2024-36929 CVE-2024-36933
CVE-2024-36939 CVE-2024-36970 CVE-2024-36979 CVE-2024-38548 CVE-2024-38563
CVE-2024-38609 CVE-2024-38662 CVE-2024-39476 CVE-2024-39483 CVE-2024-39484
CVE-2024-39486 CVE-2024-39488 CVE-2024-39489 CVE-2024-39491 CVE-2024-39493
CVE-2024-39497 CVE-2024-39499 CVE-2024-39500 CVE-2024-39501 CVE-2024-39505
CVE-2024-39506 CVE-2024-39508 CVE-2024-39509 CVE-2024-39510 CVE-2024-40899
CVE-2024-40900 CVE-2024-40902 CVE-2024-40903 CVE-2024-40904 CVE-2024-40905
CVE-2024-40909 CVE-2024-40910 CVE-2024-40911 CVE-2024-40912 CVE-2024-40913
CVE-2024-40916 CVE-2024-40920 CVE-2024-40921 CVE-2024-40922 CVE-2024-40924
CVE-2024-40926 CVE-2024-40927 CVE-2024-40929 CVE-2024-40930 CVE-2024-40932
CVE-2024-40934 CVE-2024-40936 CVE-2024-40938 CVE-2024-40939 CVE-2024-40941
CVE-2024-40942 CVE-2024-40943 CVE-2024-40944 CVE-2024-40945 CVE-2024-40954
CVE-2024-40956 CVE-2024-40957 CVE-2024-40958 CVE-2024-40959 CVE-2024-40962
CVE-2024-40964 CVE-2024-40967 CVE-2024-40976 CVE-2024-40977 CVE-2024-40978
CVE-2024-40981 CVE-2024-40982 CVE-2024-40984 CVE-2024-40987 CVE-2024-40988
CVE-2024-40989 CVE-2024-40990 CVE-2024-40992 CVE-2024-40994 CVE-2024-40995
CVE-2024-40997 CVE-2024-41000 CVE-2024-41001 CVE-2024-41002 CVE-2024-41004
CVE-2024-41007 CVE-2024-41009 CVE-2024-41010 CVE-2024-41011 CVE-2024-41012
CVE-2024-41015 CVE-2024-41016 CVE-2024-41020 CVE-2024-41022 CVE-2024-41024
CVE-2024-41025 CVE-2024-41028 CVE-2024-41032 CVE-2024-41035 CVE-2024-41036
CVE-2024-41037 CVE-2024-41038 CVE-2024-41039 CVE-2024-41040 CVE-2024-41041
CVE-2024-41044 CVE-2024-41045 CVE-2024-41048 CVE-2024-41049 CVE-2024-41050
CVE-2024-41051 CVE-2024-41056 CVE-2024-41057 CVE-2024-41058 CVE-2024-41059
CVE-2024-41060 CVE-2024-41061 CVE-2024-41062 CVE-2024-41063 CVE-2024-41064
CVE-2024-41065 CVE-2024-41066 CVE-2024-41068 CVE-2024-41069 CVE-2024-41070
CVE-2024-41071 CVE-2024-41072 CVE-2024-41073 CVE-2024-41074 CVE-2024-41075
CVE-2024-41076 CVE-2024-41078 CVE-2024-41079 CVE-2024-41080 CVE-2024-41081
CVE-2024-41084 CVE-2024-41087 CVE-2024-41088 CVE-2024-41089 CVE-2024-41092
CVE-2024-41093 CVE-2024-41094 CVE-2024-41095 CVE-2024-41096 CVE-2024-41097
CVE-2024-41098 CVE-2024-41996 CVE-2024-42064 CVE-2024-42069 CVE-2024-42070
CVE-2024-42073 CVE-2024-42074 CVE-2024-42076 CVE-2024-42077 CVE-2024-42079
CVE-2024-42080 CVE-2024-42082 CVE-2024-42085 CVE-2024-42086 CVE-2024-42087
CVE-2024-42089 CVE-2024-42090 CVE-2024-42092 CVE-2024-42093 CVE-2024-42095
CVE-2024-42096 CVE-2024-42097 CVE-2024-42098 CVE-2024-42101 CVE-2024-42104
CVE-2024-42105 CVE-2024-42106 CVE-2024-42107 CVE-2024-42109 CVE-2024-42110
CVE-2024-42113 CVE-2024-42114 CVE-2024-42115 CVE-2024-42117 CVE-2024-42119
CVE-2024-42120 CVE-2024-42121 CVE-2024-42122 CVE-2024-42124 CVE-2024-42125
CVE-2024-42126 CVE-2024-42127 CVE-2024-42130 CVE-2024-42131 CVE-2024-42132
CVE-2024-42133 CVE-2024-42136 CVE-2024-42137 CVE-2024-42138 CVE-2024-42139
CVE-2024-42141 CVE-2024-42142 CVE-2024-42143 CVE-2024-42144 CVE-2024-42145
CVE-2024-42147 CVE-2024-42148 CVE-2024-42152 CVE-2024-42153 CVE-2024-42155
CVE-2024-42156 CVE-2024-42157 CVE-2024-42158 CVE-2024-42159 CVE-2024-42161
CVE-2024-42162 CVE-2024-42223 CVE-2024-42224 CVE-2024-42225 CVE-2024-42226
CVE-2024-42227 CVE-2024-42228 CVE-2024-42229 CVE-2024-42230 CVE-2024-42232
CVE-2024-42236 CVE-2024-42237 CVE-2024-42238 CVE-2024-42239 CVE-2024-42240
CVE-2024-42241 CVE-2024-42244 CVE-2024-42245 CVE-2024-42246 CVE-2024-42247
CVE-2024-42250 CVE-2024-42253 CVE-2024-42259 CVE-2024-42268 CVE-2024-42269
CVE-2024-42270 CVE-2024-42271 CVE-2024-42274 CVE-2024-42276 CVE-2024-42277
CVE-2024-42278 CVE-2024-42279 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283
CVE-2024-42284 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288
CVE-2024-42289 CVE-2024-42290 CVE-2024-42291 CVE-2024-42292 CVE-2024-42295
CVE-2024-42298 CVE-2024-42301 CVE-2024-42302 CVE-2024-42303 CVE-2024-42308
CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42312 CVE-2024-42313
CVE-2024-42314 CVE-2024-42315 CVE-2024-42316 CVE-2024-42318 CVE-2024-42319
CVE-2024-42320 CVE-2024-42322 CVE-2024-43816 CVE-2024-43817 CVE-2024-43818
CVE-2024-43819 CVE-2024-43821 CVE-2024-43823 CVE-2024-43824 CVE-2024-43825
CVE-2024-43826 CVE-2024-43829 CVE-2024-43830 CVE-2024-43831 CVE-2024-43833
CVE-2024-43834 CVE-2024-43837 CVE-2024-43839 CVE-2024-43840 CVE-2024-43841
CVE-2024-43842 CVE-2024-43846 CVE-2024-43847 CVE-2024-43849 CVE-2024-43850
CVE-2024-43851 CVE-2024-43853 CVE-2024-43854 CVE-2024-43855 CVE-2024-43856
CVE-2024-43858 CVE-2024-43860 CVE-2024-43861 CVE-2024-43863 CVE-2024-43864
CVE-2024-43866 CVE-2024-43867 CVE-2024-43871 CVE-2024-43872 CVE-2024-43873
CVE-2024-43874 CVE-2024-43875 CVE-2024-43876 CVE-2024-43877 CVE-2024-43879
CVE-2024-43880 CVE-2024-43881 CVE-2024-43882 CVE-2024-43883 CVE-2024-43884
CVE-2024-43885 CVE-2024-43889 CVE-2024-43892 CVE-2024-43893 CVE-2024-43894
CVE-2024-43895 CVE-2024-43897 CVE-2024-43899 CVE-2024-43900 CVE-2024-43902
CVE-2024-43903 CVE-2024-43905 CVE-2024-43906 CVE-2024-43907 CVE-2024-43908
CVE-2024-43909 CVE-2024-43911 CVE-2024-43912 CVE-2024-44931 CVE-2024-44938
CVE-2024-44939 CVE-2024-45310 CVE-2024-45490 CVE-2024-45491 CVE-2024-45492
CVE-2024-45817 CVE-2024-5642 CVE-2024-6232 CVE-2024-6923 CVE-2024-7592
CVE-2024-8006 CVE-2024-8096
-----------------------------------------------------------------
The container suse-sles-15-sp6-chost-byos-v20241004-x86_64-gen2 was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3166-1
Released: Mon Sep 9 12:25:30 2024
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1228042
This update for glibc fixes the following issue:
- s390x-wcsncmp patch for s390x: Fix segfault in wcsncmp (bsc#1228042).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3178-1
Released: Mon Sep 9 14:39:12 2024
Summary: Recommended update for libzypp, zypper, libsolv, zypp-plugin, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings
Type: recommended
Severity: important
References: 1081596,1223094,1224771,1225267,1226014,1226030,1226493,1227205,1227625,1227793,1228138,1228206,1228208,1228420,1228787,222971
This update for libzypp, zypper, libsolv, zypp-plugin, PackageKit-branding-SLE, PackageKit, libyui, yast2-pkg-bindings fixes the following issues:
- Make sure not to statically linked installed tools (bsc#1228787)
- MediaPluginType must be resolved to a valid MediaHandler (bsc#1228208)
- Export asSolvable for YAST (bsc#1228420)
- Export CredentialManager for legacy YAST versions (bsc#1228420)
- Fix 4 typos in zypp.conf
- Fix typo in the geoip update pipeline (bsc#1228206)
- Export RepoVariablesStringReplacer for yast2 (bsc#1228138)
- Removed dependency on external find program in the repo2solv tool
- Fix return value of repodata.add_solv()
- New SOLVER_FLAG_FOCUS_NEW flag
- Fix return value of repodata.add_solv() in the bindings
- Fix SHA-224 oid in solv_pgpvrfy
- Translation: updated .pot file.
- Conflict with python zypp-plugin < 0.6.4 (bsc#1227793)
- Fix int overflow in Provider
- Fix error reporting on repoindex.xml parse error (bsc#1227625)
- Keep UrlResolverPlugin API public
- Blacklist /snap executables for 'zypper ps' (bsc#1226014)
- Fix handling of buddies when applying locks (bsc#1225267)
- Fix readline setup to handle Ctrl-C and Ctrl-D correctly (bsc#1227205)
- Show rpm install size before installing (bsc#1224771)
- Install zypp/APIConfig.h legacy include
- Update soname due to RepoManager refactoring and cleanup
- Workaround broken libsolv-tools-base requirements
- Strip ssl_clientkey from repo urls (bsc#1226030)
- Remove protobuf build dependency
- Lazily attach medium during refresh workflows (bsc#1223094)
- Refactor RepoManager and add Service workflows
- Let_readline_abort_on_Ctrl-C (bsc#1226493)
- packages: add '--system' to show @System packages (bsc#222971)
- Provide python3-zypp-plugin down to SLE12 (bsc#1081596)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3204-1
Released: Wed Sep 11 10:55:22 2024
Summary: Security update for curl
Type: security
Severity: moderate
References: 1230093,CVE-2024-8096
This update for curl fixes the following issues:
- CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3216-1
Released: Thu Sep 12 13:05:20 2024
Summary: Security update for expat
Type: security
Severity: moderate
References: 1229930,1229931,1229932,CVE-2024-45490,CVE-2024-45491,CVE-2024-45492
This update for expat fixes the following issues:
- CVE-2024-45492: integer overflow in function nextScaffoldPart. (bsc#1229932)
- CVE-2024-45491: integer overflow in dtdCopy. (bsc#1229931)
- CVE-2024-45490: negative length for XML_ParseBuffer not rejected. (bsc#1229930)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3217-1
Released: Thu Sep 12 13:06:07 2024
Summary: Security update for libpcap
Type: security
Severity: moderate
References: 1230020,1230034,CVE-2023-7256,CVE-2024-8006
This update for libpcap fixes the following issues:
- CVE-2024-8006: NULL pointer dereference in function pcap_findalldevs_ex(). (bsc#1230034)
- CVE-2023-7256: double free via struct addrinfo in function sock_initaddress(). (bsc#1230020)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3221-1
Released: Thu Sep 12 13:18:18 2024
Summary: Security update for containerd
Type: security
Severity: important
References: 1200528,1217070,1228553,CVE-2022-1996,CVE-2023-45142,CVE-2023-47108
This update for containerd fixes the following issues:
- Update to containerd v1.7.21
- CVE-2023-47108: Fixed DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics. (bsc#1217070)
- CVE-2023-45142: Fixed DoS vulnerability in otelhttp. (bsc#1228553)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3222-1
Released: Thu Sep 12 13:20:47 2024
Summary: Security update for runc
Type: security
Severity: low
References: 1230092,CVE-2024-45310
This update for runc fixes the following issues:
- Update to runc v1.1.14
- CVE-2024-45310: Fixed an issue where runc can be tricked into creating empty files/directories on host. (bsc#1230092)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3235-1
Released: Fri Sep 13 08:50:24 2024
Summary: Recommended update for grub2
Type: recommended
Severity: moderate
References: 1226497
This update for grub2 fixes the following issues:
- Fix failure in bli module (bsc#1226497)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3239-1
Released: Fri Sep 13 12:00:58 2024
Summary: Recommended update for util-linux
Type: recommended
Severity: moderate
References: 1229476
This update for util-linux fixes the following issue:
- Skip aarch64 decode path for rest of the architectures (bsc#1229476).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3300-1
Released: Wed Sep 18 14:27:53 2024
Summary: Recommended update for ncurses
Type: recommended
Severity: moderate
References: 1229028
This update for ncurses fixes the following issues:
- Allow the terminal description based on static fallback entries to be freed (bsc#1229028)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3317-1
Released: Wed Sep 18 16:38:50 2024
Summary: Recommended update for fipscheck
Type: recommended
Severity: moderate
References: 1221714
This update for fipscheck fixes the following issue:
- Backport upstream patches to fix C99 violations which are errors
by default with GCC 14 (bsc#1221714).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3326-1
Released: Thu Sep 19 09:36:47 2024
Summary: Recommended update for suseconnect-ng
Type: recommended
Severity: important
References: 1229014,1230229
This update for suseconnect-ng fixes the following issue:
- Set the filesystem root on zypper when given (bsc#1230229,bsc#1229014)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3346-1
Released: Thu Sep 19 17:20:06 2024
Summary: Recommended update for libzypp, zypper
Type: recommended
Severity: moderate
References: 1228647,1230267
This update for libzypp, zypper fixes the following issues:
- API refactoring. Prevent zypper from using now private libzypp symbols (bsc#1230267)
- single_rpmtrans: fix installation of .src.rpms (bsc#1228647)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3383-1
Released: Mon Sep 23 10:29:54 2024
Summary: Security update for the Linux Kernel
Type: security
Severity: important
References: 1012628,1193454,1194869,1205462,1208783,1213123,1214285,1215199,1220066,1220252,1220877,1221326,1221630,1221645,1221652,1221857,1222254,1222335,1222350,1222364,1222372,1222387,1222433,1222434,1222463,1222625,1222633,1222634,1222808,1222967,1222973,1223053,1223074,1223191,1223395,1223635,1223720,1223731,1223742,1223763,1223767,1223777,1223803,1224105,1224415,1224485,1224496,1224510,1224535,1224631,1224636,1224690,1224694,1224700,1224711,1225475,1225582,1225607,1225717,1225718,1225744,1225745,1225751,1225814,1225832,1225838,1225903,1226031,1226127,1226502,1226530,1226588,1226604,1226743,1226751,1226765,1226798,1226801,1226834,1226874,1226885,1226920,1227149,1227182,1227383,1227437,1227492,1227493,1227494,1227618,1227620,1227623,1227627,1227634,1227706,1227722,1227724,1227725,1227728,1227729,1227732,1227733,1227734,1227747,1227750,1227754,1227758,1227760,1227761,1227764,1227766,1227770,1227771,1227772,1227774,1227781,1227784,1227785,1227787,1227790,1227791,1227792,1227796,1
227798,1227799,1227802,1227808,1227810,1227811,1227812,1227815,1227816,1227818,1227820,1227823,1227824,1227826,1227828,1227829,1227830,1227832,1227833,1227834,1227839,1227840,1227846,1227849,1227851,1227853,1227863,1227864,1227865,1227867,1227869,1227870,1227883,1227884,1227891,1227893,1227929,1227950,1227957,1227981,1228020,1228021,1228114,1228192,1228195,1228202,1228235,1228236,1228237,1228247,1228321,1228409,1228410,1228426,1228427,1228429,1228446,1228447,1228449,1228450,1228452,1228456,1228457,1228458,1228459,1228460,1228462,1228463,1228466,1228467,1228468,1228469,1228470,1228472,1228479,1228480,1228481,1228482,1228483,1228484,1228485,1228486,1228487,1228489,1228491,1228492,1228493,1228494,1228495,1228496,1228499,1228500,1228501,1228502,1228503,1228505,1228508,1228509,1228510,1228511,1228513,1228515,1228516,1228518,1228520,1228525,1228527,1228530,1228531,1228539,1228561,1228563,1228564,1228565,1228567,1228568,1228572,1228576,1228579,1228580,1228581,1228582,1228584,1228586,122858
8,1228590,1228591,1228599,1228615,1228616,1228617,1228625,1228626,1228633,1228635,1228636,1228640,1228643,1228644,1228646,1228649,1228650,1228654,1228655,1228656,1228658,1228660,1228662,1228665,1228666,1228667,1228672,1228673,1228674,1228677,1228680,1228687,1228705,1228706,1228707,1228708,1228709,1228710,1228718,1228720,1228721,1228722,1228723,1228724,1228726,1228727,1228733,1228737,1228743,1228748,1228754,1228756,1228757,1228758,1228764,1228766,1228779,1228801,1228849,1228850,1228857,1228959,1228964,1228966,1228967,1228973,1228977,1228978,1228979,1228986,1228988,1228989,1228991,1228992,1229005,1229024,1229042,1229045,1229046,1229054,1229056,1229086,1229134,1229136,1229154,1229156,1229160,1229167,1229168,1229169,1229170,1229171,1229172,1229173,1229174,1229239,1229240,1229241,1229243,1229244,1229245,1229246,1229247,1229248,1229249,1229250,1229251,1229252,1229253,1229254,1229255,1229256,1229287,1229290,1229291,1229292,1229294,1229296,1229297,1229298,1229299,1229301,1229303,1229304,122
9305,1229307,1229309,1229312,1229313,1229314,1229315,1229316,1229317,1229318,1229319,1229320,1229327,1229341,1229342,1229344,1229345,1229346,1229347,1229349,1229350,1229351,1229353,1229354,1229355,1229356,1229357,1229358,1229359,1229360,1229365,1229366,1229369,1229370,1229373,1229374,1229379,1229381,1229382,1229383,1229386,1229388,1229390,1229391,1229392,1229395,1229398,1229399,1229400,1229402,1229403,1229404,1229407,1229409,1229410,1229411,1229413,1229414,1229417,1229444,1229451,1229452,1229455,1229456,1229480,1229481,1229482,1229484,1229485,1229486,1229487,1229488,1229489,1229490,1229493,1229495,1229496,1229497,1229500,1229503,1229707,1229739,1229743,1229746,1229747,1229752,1229754,1229755,1229756,1229759,1229761,1229767,1229781,1229784,1229785,1229787,1229788,1229789,1229792,1229820,1229827,1229830,1229837,1229940,1230056,1230350,1230413,CVE-2023-52489,CVE-2023-52581,CVE-2023-52668,CVE-2023-52688,CVE-2023-52735,CVE-2023-52859,CVE-2023-52885,CVE-2023-52886,CVE-2023-52887,CVE-2023-
52889,CVE-2024-26590,CVE-2024-26631,CVE-2024-26637,CVE-2024-26668,CVE-2024-26669,CVE-2024-26677,CVE-2024-26682,CVE-2024-26683,CVE-2024-26691,CVE-2024-26735,CVE-2024-26808,CVE-2024-26809,CVE-2024-26812,CVE-2024-26835,CVE-2024-26837,CVE-2024-26849,CVE-2024-26851,CVE-2024-26889,CVE-2024-26920,CVE-2024-26944,CVE-2024-26976,CVE-2024-27010,CVE-2024-27011,CVE-2024-27024,CVE-2024-27049,CVE-2024-27050,CVE-2024-27079,CVE-2024-27403,CVE-2024-27433,CVE-2024-27437,CVE-2024-31076,CVE-2024-35854,CVE-2024-35855,CVE-2024-35897,CVE-2024-35902,CVE-2024-35913,CVE-2024-35939,CVE-2024-35949,CVE-2024-36270,CVE-2024-36286,CVE-2024-36288,CVE-2024-36489,CVE-2024-36881,CVE-2024-36907,CVE-2024-36909,CVE-2024-36910,CVE-2024-36911,CVE-2024-36929,CVE-2024-36933,CVE-2024-36939,CVE-2024-36970,CVE-2024-36979,CVE-2024-38548,CVE-2024-38563,CVE-2024-38609,CVE-2024-38662,CVE-2024-39476,CVE-2024-39483,CVE-2024-39484,CVE-2024-39486,CVE-2024-39488,CVE-2024-39489,CVE-2024-39491,CVE-2024-39493,CVE-2024-39497,CVE-2024-39499,C
VE-2024-39500,CVE-2024-39501,CVE-2024-39505,CVE-2024-39506,CVE-2024-39508,CVE-2024-39509,CVE-2024-39510,CVE-2024-40899,CVE-2024-40900,CVE-2024-40902,CVE-2024-40903,CVE-2024-40904,CVE-2024-40905,CVE-2024-40909,CVE-2024-40910,CVE-2024-40911,CVE-2024-40912,CVE-2024-40913,CVE-2024-40916,CVE-2024-40920,CVE-2024-40921,CVE-2024-40922,CVE-2024-40924,CVE-2024-40926,CVE-2024-40927,CVE-2024-40929,CVE-2024-40930,CVE-2024-40932,CVE-2024-40934,CVE-2024-40936,CVE-2024-40938,CVE-2024-40939,CVE-2024-40941,CVE-2024-40942,CVE-2024-40943,CVE-2024-40944,CVE-2024-40945,CVE-2024-40954,CVE-2024-40956,CVE-2024-40957,CVE-2024-40958,CVE-2024-40959,CVE-2024-40962,CVE-2024-40964,CVE-2024-40967,CVE-2024-40976,CVE-2024-40977,CVE-2024-40978,CVE-2024-40981,CVE-2024-40982,CVE-2024-40984,CVE-2024-40987,CVE-2024-40988,CVE-2024-40989,CVE-2024-40990,CVE-2024-40992,CVE-2024-40994,CVE-2024-40995,CVE-2024-40997,CVE-2024-41000,CVE-2024-41001,CVE-2024-41002,CVE-2024-41004,CVE-2024-41007,CVE-2024-41009,CVE-2024-41010,CVE-2024
-41011,CVE-2024-41012,CVE-2024-41015,CVE-2024-41016,CVE-2024-41020,CVE-2024-41022,CVE-2024-41024,CVE-2024-41025,CVE-2024-41028,CVE-2024-41032,CVE-2024-41035,CVE-2024-41036,CVE-2024-41037,CVE-2024-41038,CVE-2024-41039,CVE-2024-41040,CVE-2024-41041,CVE-2024-41044,CVE-2024-41045,CVE-2024-41048,CVE-2024-41049,CVE-2024-41050,CVE-2024-41051,CVE-2024-41056,CVE-2024-41057,CVE-2024-41058,CVE-2024-41059,CVE-2024-41060,CVE-2024-41061,CVE-2024-41062,CVE-2024-41063,CVE-2024-41064,CVE-2024-41065,CVE-2024-41066,CVE-2024-41068,CVE-2024-41069,CVE-2024-41070,CVE-2024-41071,CVE-2024-41072,CVE-2024-41073,CVE-2024-41074,CVE-2024-41075,CVE-2024-41076,CVE-2024-41078,CVE-2024-41079,CVE-2024-41080,CVE-2024-41081,CVE-2024-41084,CVE-2024-41087,CVE-2024-41088,CVE-2024-41089,CVE-2024-41092,CVE-2024-41093,CVE-2024-41094,CVE-2024-41095,CVE-2024-41096,CVE-2024-41097,CVE-2024-41098,CVE-2024-42064,CVE-2024-42069,CVE-2024-42070,CVE-2024-42073,CVE-2024-42074,CVE-2024-42076,CVE-2024-42077,CVE-2024-42079,CVE-2024-42080,
CVE-2024-42082,CVE-2024-42085,CVE-2024-42086,CVE-2024-42087,CVE-2024-42089,CVE-2024-42090,CVE-2024-42092,CVE-2024-42093,CVE-2024-42095,CVE-2024-42096,CVE-2024-42097,CVE-2024-42098,CVE-2024-42101,CVE-2024-42104,CVE-2024-42105,CVE-2024-42106,CVE-2024-42107,CVE-2024-42109,CVE-2024-42110,CVE-2024-42113,CVE-2024-42114,CVE-2024-42115,CVE-2024-42117,CVE-2024-42119,CVE-2024-42120,CVE-2024-42121,CVE-2024-42122,CVE-2024-42124,CVE-2024-42125,CVE-2024-42126,CVE-2024-42127,CVE-2024-42130,CVE-2024-42131,CVE-2024-42132,CVE-2024-42133,CVE-2024-42136,CVE-2024-42137,CVE-2024-42138,CVE-2024-42139,CVE-2024-42141,CVE-2024-42142,CVE-2024-42143,CVE-2024-42144,CVE-2024-42145,CVE-2024-42147,CVE-2024-42148,CVE-2024-42152,CVE-2024-42153,CVE-2024-42155,CVE-2024-42156,CVE-2024-42157,CVE-2024-42158,CVE-2024-42159,CVE-2024-42161,CVE-2024-42162,CVE-2024-42223,CVE-2024-42224,CVE-2024-42225,CVE-2024-42226,CVE-2024-42227,CVE-2024-42228,CVE-2024-42229,CVE-2024-42230,CVE-2024-42232,CVE-2024-42236,CVE-2024-42237,CVE-202
4-42238,CVE-2024-42239,CVE-2024-42240,CVE-2024-42241,CVE-2024-42244,CVE-2024-42245,CVE-2024-42246,CVE-2024-42247,CVE-2024-42250,CVE-2024-42253,CVE-2024-42259,CVE-2024-42268,CVE-2024-42269,CVE-2024-42270,CVE-2024-42271,CVE-2024-42274,CVE-2024-42276,CVE-2024-42277,CVE-2024-42278,CVE-2024-42279,CVE-2024-42280,CVE-2024-42281,CVE-2024-42283,CVE-2024-42284,CVE-2024-42285,CVE-2024-42286,CVE-2024-42287,CVE-2024-42288,CVE-2024-42289,CVE-2024-42290,CVE-2024-42291,CVE-2024-42292,CVE-2024-42295,CVE-2024-42298,CVE-2024-42301,CVE-2024-42302,CVE-2024-42303,CVE-2024-42308,CVE-2024-42309,CVE-2024-42310,CVE-2024-42311,CVE-2024-42312,CVE-2024-42313,CVE-2024-42314,CVE-2024-42315,CVE-2024-42316,CVE-2024-42318,CVE-2024-42319,CVE-2024-42320,CVE-2024-42322,CVE-2024-43816,CVE-2024-43817,CVE-2024-43818,CVE-2024-43819,CVE-2024-43821,CVE-2024-43823,CVE-2024-43824,CVE-2024-43825,CVE-2024-43826,CVE-2024-43829,CVE-2024-43830,CVE-2024-43831,CVE-2024-43833,CVE-2024-43834,CVE-2024-43837,CVE-2024-43839,CVE-2024-43840
,CVE-2024-43841,CVE-2024-43842,CVE-2024-43846,CVE-2024-43847,CVE-2024-43849,CVE-2024-43850,CVE-2024-43851,CVE-2024-43853,CVE-2024-43854,CVE-2024-43855,CVE-2024-43856,CVE-2024-43858,CVE-2024-43860,CVE-2024-43861,CVE-2024-43863,CVE-2024-43864,CVE-2024-43866,CVE-2024-43867,CVE-2024-43871,CVE-2024-43872,CVE-2024-43873,CVE-2024-43874,CVE-2024-43875,CVE-2024-43876,CVE-2024-43877,CVE-2024-43879,CVE-2024-43880,CVE-2024-43881,CVE-2024-43882,CVE-2024-43883,CVE-2024-43884,CVE-2024-43885,CVE-2024-43889,CVE-2024-43892,CVE-2024-43893,CVE-2024-43894,CVE-2024-43895,CVE-2024-43897,CVE-2024-43899,CVE-2024-43900,CVE-2024-43902,CVE-2024-43903,CVE-2024-43905,CVE-2024-43906,CVE-2024-43907,CVE-2024-43908,CVE-2024-43909,CVE-2024-43911,CVE-2024-43912,CVE-2024-44931,CVE-2024-44938,CVE-2024-44939
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-43911: wifi: mac80211: fix NULL dereference at band check in starting tx ba session (bsc#1229827).
- CVE-2024-43899: drm/amd/display: Fix null pointer deref in dcn20_resource.c (bsc#1229754).
- CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503)
- CVE-2024-43880: kabi: lib: objagg: Put back removed metod in struct objagg_ops (bsc#1229481).
- CVE-2024-43866: net/mlx5: Always drain health in shutdown callback (bsc#1229495).
- CVE-2024-43864: net/mlx5e: Fix CT entry update leaks of modify header context (bsc#1229496).
- CVE-2024-43855: md: fix deadlock between mddev_suspend and flush bio (bsc#1229342).
- CVE-2024-43854: block: initialize integrity buffer to zero before writing it to media (bsc#1229345)
- CVE-2024-43850: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove (bsc#1229316).
- CVE-2024-43839: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301).
- CVE-2024-43837: bpf: Fix updating attached freplace prog in prog_array map (bsc#1229297).
- CVE-2024-43834: xdp: fix invalid wait context of page_pool_destroy() (bsc#1229314)
- CVE-2024-43831: media: mediatek: vcodec: Handle invalid decoder vsi (bsc#1229309).
- CVE-2024-43821: scsi: lpfc: Fix a possible null pointer dereference (bsc#1229315).
- CVE-2024-42322: ipvs: properly dereference pe in ip_vs_add_service (bsc#1229347)
- CVE-2024-42318: landlock: Do not lose track of restrictions on cred_transfer (bsc#1229351).
- CVE-2024-42316: mm/mglru: fix div-by-zero in vmpressure_calc_level() (bsc#1229353).
- CVE-2024-42312: sysctl: always initialize i_uid/i_gid (bsc#1229357)
- CVE-2024-42308: Update DRM patch reference (bsc#1229411)
- CVE-2024-42301: dev/parport: fix the array out-of-bounds risk (bsc#1229407).
- CVE-2024-42295: nilfs2: handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370).
- CVE-2024-42291: ice: Add a per-VF limit on number of FDIR filters (bsc#1229374).
- CVE-2024-42290: irqchip/imx-irqsteer: Handle runtime power management correctly (bsc#1229379).
- CVE-2024-42284: tipc: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382)
- CVE-2024-42283: net: nexthop: Initialize all fields in dumped nexthops (bsc#1229383)
- CVE-2024-42281: bpf: Fix a segment issue when downgrading gso_size (bsc#1229386).
- CVE-2024-42277: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409).
- CVE-2024-42270: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init() (bsc#1229404).
- CVE-2024-42269: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init() (bsc#1229402).
- CVE-2024-42268: net/mlx5: Fix missing lock on sync reset reload (bsc#1229391).
- CVE-2024-42247: wireguard: allowedips: avoid unaligned 64-bit memory accesses (bsc#1228988).
- CVE-2024-42246: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989).
- CVE-2024-42245: Revert 'sched/fair: Make sure to try to detach at least one movable task' (bsc#1228978).
- CVE-2024-42241: mm/shmem: disable PMD-sized page cache if needed (bsc#1228986).
- CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723).
- CVE-2024-42162: gve: Account for stopped queues when reading NIC stats (bsc#1228706).
- CVE-2024-42161: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756).
- CVE-2024-42159: scsi: mpi3mr: fix sanitise num_phys (bsc#1228754).
- CVE-2024-42158: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720).
- CVE-2024-42157: s390/pkey: Wipe sensitive data on failure (bsc#1228727).
- CVE-2024-42156: s390/pkey: Wipe copies of clear-key structures on failure (bsc#1228722).
- CVE-2024-42155: s390/pkey: Wipe copies of protected- and secure-keys (bsc#1228733).
- CVE-2024-42148: bnx2x: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487).
- CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743).
- CVE-2024-42142: net/mlx5: E-switch, Create ingress ACL when needed (bsc#1228491).
- CVE-2024-42139: ice: Fix improper extts handling (bsc#1228503).
- CVE-2024-42138: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file (bsc#1228500).
- CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705).
- CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591).
- CVE-2024-42113: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568).
- CVE-2024-42110: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501).
- CVE-2024-42109: netfilter: nf_tables: unconditionally flush pending work before notifier (bsc#1228505).
- CVE-2024-42107: ice: Do not process extts if PTP is disabled (bsc#1228494).
- CVE-2024-42106: inet_diag: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493).
- CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633).
- CVE-2024-42095: serial: 8250_omap: Fix Errata i2310 with RX FIFO level check (bsc#1228446).
- CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680).
- CVE-2024-42082: xdp: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482).
- CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672).
- CVE-2024-42073: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems (bsc#1228457).
- CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470).
- CVE-2024-41084: cxl/region: Avoid null pointer dereference in region lookup (bsc#1228472).
- CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617).
- CVE-2024-41080: io_uring: fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616).
- CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655).
- CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649).
- CVE-2024-41075: cachefiles: add consistency check for copen/cread (bsc#1228646).
- CVE-2024-41074: cachefiles: Set object to close if ondemand_id < 0 in copen (bsc#1228643).
- CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581).
- CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644).
- CVE-2024-41068: s390/sclp: Fix sclp_init() cleanup on failure (bsc#1228579).
- CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640).
- CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599).
- CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576).
- CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459).
- CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462).
- CVE-2024-41051: cachefiles: wait for ondemand_object_worker to finish when dropping object (bsc#1228468).
- CVE-2024-41050: cachefiles: cyclic allocation of msg_id to avoid reuse (bsc#1228499).
- CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565).
- CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530).
- CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520).
- CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518).
- CVE-2024-41036: net: ks8851: Fix deadlock with the SPI chip variant (bsc#1228496).
- CVE-2024-41032: mm: vmalloc: check if a hash-index is in cpu_possible_mask (bsc#1228460).
- CVE-2024-41020: filelock: Fix fcntl/close race recovery compat path (bsc#1228427).
- CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409).
- CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247).
- CVE-2024-41010: bpf: Fix too early release of tcx_entry (bsc#1228021).
- CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020).
- CVE-2024-41007: tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863).
- CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867).
- CVE-2024-40995: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830).
- CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829).
- CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823).
- CVE-2024-40978: scsi: qedi: Fix crash while reading debugfs attribute (bsc#1227929).
- CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884).
- CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812).
- CVE-2024-40957: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (bsc#1227811).
- CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810).
- CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808)
- CVE-2024-40939: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (bsc#1227799).
- CVE-2024-40938: landlock: fix d_parent walk (bsc#1227840).
- CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784).
- CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781).
- CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798).
- CVE-2024-40905: ipv6: fix possible race in __fib6_drop_pcpu_from() (bsc#1227761)
- CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729).
- CVE-2024-39489: ipv6: sr: fix memleak in seg6_hmac_init_algo (bsc#1227623)
- CVE-2024-38662: selftests/bpf: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885).
- CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1226604).
- CVE-2024-36933: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832).
- CVE-2024-36929: net: core: reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814).
- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
- CVE-2024-36881: mm/userfaultfd: Fix reset ptes when close() for wr-protected (bsc#1225718).
- CVE-2024-36489: tls: fix missing memory barrier in tls_init (bsc#1226874)
- CVE-2024-36286: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801)
- CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if-IP-has-been-disabled-on.patch (bsc#1226798)
- CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700).
- CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535).
- CVE-2024-35897: netfilter: nf_tables: discard table flag update with pending basechain deletion (bsc#1224510).
- CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625).
- CVE-2024-27433: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711).
- CVE-2024-27403: kabi: restore const specifier in flow_offload_route_init() (bsc#1224415).
- CVE-2024-27079: iommu/vt-d: Fix NULL domain on device release (bsc#1223742).
- CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777).
- CVE-2024-27011: netfilter: nf_tables: fix memleak in map from abort path (bsc#1223803).
- CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720).
- CVE-2024-26851: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (bsc#1223074)
- CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973).
- CVE-2024-26835: netfilter: nf_tables: set dormant flag on hook register failure (bsc#1222967).
- CVE-2024-26812: kABI: vfio: struct virqfd kABI workaround (bsc#1222808).
- CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1222633).
- CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634).
- CVE-2024-26735: ipv6: sr: fix possible use-after-free and null-ptr-deref (bsc#1222372).
- CVE-2024-26677: blacklist.conf: Add e7870cf13d20 ('rxrpc: Fix delayed ACKs to not set the reference serial number') (bsc#1222387)
- CVE-2024-26669: kABI fix for net/sched: flower: Fix chain template offload (bsc#1222350).
- CVE-2024-26668: netfilter: nft_limit: reject configurations that cause integer overflow (bsc#1222335).
- CVE-2024-26631: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630).
- CVE-2024-26590: erofs: fix inconsistent per-file compression format (bsc#1220252).
- CVE-2023-52889: apparmor: Fix null pointer deref when receiving skb during sock creation (bsc#1229287).
- CVE-2023-52859: perf: hisi: Fix use-after-free when register pmu fails (bsc#1225582).
- CVE-2023-52581: netfilter: nf_tables: fix memleak when more than 255 elements expired (bsc#1220877).
- CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326).
The following non-security bugs were fixed:
- ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window (git-fixes).
- ACPI: SBS: manage alarm sysfs attribute through psy core (stable-fixes).
- ACPI: battery: create alarm sysfs attribute atomically (stable-fixes).
- ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() (git-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes).
- ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes).
- ALSA: hda/realtek - Fixed ALC285 headphone no sound (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes).
- ALSA: hda/realtek: Add quirk for Acer Aspire E5-574G (stable-fixes).
- ALSA: hda/realtek: Add support for new HP G12 laptops (stable-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (stable-fixes).
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book3 Ultra (stable-fixes).
- ALSA: hda/realtek: Implement sound init sequence for Samsung Galaxy Book3 Pro 360 (stable-fixes).
- ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (stable-fixes).
- ALSA: hda/tas2781: Use correct endian conversion (git-fixes).
- ALSA: hda/tas2781: fix wrong calibrated data order (git-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes).
- ALSA: hda: Conditionally use snooping for AMD HDMI (git-fixes).
- ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: line6: Fix racy access to midibuf (stable-fixes).
- ALSA: seq: Skip event type filtering for UMP events (git-fixes).
- ALSA: seq: ump: Explicitly reset RPN with Null RPN (stable-fixes).
- ALSA: seq: ump: Optimize conversions from SysEx to UMP (git-fixes).
- ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes).
- ALSA: seq: ump: Use the common RPN/bank conversion context (stable-fixes).
- ALSA: timer: Relax start tick time check for slave timer elements (git-fixes).
- ALSA: ump: Explicitly reset RPN with Null RPN (stable-fixes).
- ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes).
- ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes).
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes).
- ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes).
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes).
- ASoC: SOF: Intel: hda-dsp: Make sure that no irq handler is pending before suspend (stable-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: SOF: Remove libraries from topology lookups (git-fixes).
- ASoC: SOF: amd: Fix for acp init sequence (git-fixes).
- ASoC: SOF: ipc4: check return value of snd_sof_ipc_msg_data (stable-fixes).
- ASoC: SOF: mediatek: Add missing board compatible (stable-fixes).
- ASoC: allow module autoloading for table board_ids (stable-fixes).
- ASoC: allow module autoloading for table db1200_pids (stable-fixes).
- ASoC: amd: acp: fix module autoloading (git-fixes).
- ASoC: amd: yc: Add quirk entry for OMEN by HP Gaming Laptop 16-n0xxx (bsc#1227182).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes).
- ASoC: cs35l45: Checks index of cs35l45_irqs[] (stable-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes).
- ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile (stable-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- ASoC: nau8822: Lower debug print priority (stable-fixes).
- Bluetooth: Add device 13d3:3572 IMC Networks Bluetooth Radio (stable-fixes).
- Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes).
- Bluetooth: L2CAP: Fix deadlock (git-fixes).
- Bluetooth: MGMT: Add error handling to pair_device() (git-fixes).
- Bluetooth: SMP: Fix assumption of Central always being Initiator (git-fixes).
- Bluetooth: bnep: Fix out-of-bound access (stable-fixes).
- Bluetooth: btintel: Fail setup on error (git-fixes).
- Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading (stable-fixes).
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (stable-fixes).
- Bluetooth: hci_conn: Check non NULL function before calling for HFP offload (stable-fixes).
- Bluetooth: hci_core: Fix LE quote calculation (git-fixes).
- Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes).
- Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes).
- Bluetooth: hci_sync: avoid dup filtering when passive scanning with adv monitor (git-fixes).
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git-fixes).
- Drop libata patch that caused a regression (bsc#1229054)
- HID: wacom: Defer calculation of resolution until resolution_code is known (git-fixes).
- Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (bsc#1229056).
- Input: i8042 - add forcenorestore quirk to leave controller untouched even on s3 (stable-fixes).
- Input: i8042 - use new forcenorestore quirk to replace old buggy quirk combination (stable-fixes).
- KVM: Always flush async #PF workqueue when vCPU is being destroyed (git-fixes).
- KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY (git-fixes).
- KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869).
- KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE (bsc#1215199).
- KVM: Protect vcpu->pid dereference via debugfs with RCU (git-fixes).
- KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes).
- KVM: Stop processing *all* memslots when 'null' mmu_notifier handler is found (git-fixes).
- KVM: VMX: Move posted interrupt descriptor out of VMX code (git-fixes).
- KVM: VMX: Split out the non-virtualization part of vmx_interrupt_blocked() (git-fixes).
- KVM: VMX: Switch __vmx_exit() and kvm_x86_vendor_exit() in vmx_exit() (git-fixes).
- KVM: arm64: AArch32: Fix spurious trapping of conditional instructions (git-fixes).
- KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes).
- KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git-fixes).
- KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes).
- KVM: arm64: Fix __pkvm_init_switch_pgd call ABI (git-fixes).
- KVM: arm64: Fix clobbered ELR in sync abort/SError (git-fixes)
- KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes).
- KVM: arm64: timers: Correctly handle TGE flip with CNTPOFF_EL2 (git-fixes).
- KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes).
- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes).
- KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes).
- KVM: arm64: vgic-v4: Restore pending state on host userspace write (git-fixes).
- KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() (git-fixes).
- KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (git-fixes).
- KVM: arm64: vgic: Simplify kvm_vgic_destroy() (git-fixes).
- KVM: fix kvm_mmu_memory_cache allocation warning (git-fixes).
- KVM: nVMX: Add a helper to get highest pending from Posted Interrupt vector (git-fixes).
- KVM: nVMX: Check for pending posted interrupts when looking for nested events (git-fixes).
- KVM: nVMX: Request immediate exit iff pending nested event needs injection (git-fixes).
- KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes).
- KVM: s390: fix validity interception issue when gisa is switched off (git-fixes bsc#1229167).
- KVM: x86/mmu: Bug the VM if KVM tries to split a !hugepage SPTE (git-fixes).
- KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID (git-fixes).
- Move upstreamed powerpc patches into sorted section
- Move upstreamed sound patches into sorted section
- Moved upstreamed ASoC patch into sorted section
- NFSD: Support write delegations in LAYOUTGET (git-fixes).
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes).
- PCI: Add Edimax Vendor ID to pci_ids.h (stable-fixes).
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git-fixes).
- PCI: loongson: Enable MSI in LS7A Root Complex (stable-fixes).
- RDMA/cache: Release GID table even if leak is detected (git-fixes)
- RDMA/device: Return error earlier if port in not valid (git-fixes)
- RDMA/hns: Check atomic wr length (git-fixes)
- RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes)
- RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes)
- RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes)
- RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes)
- RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes)
- RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes)
- RDMA/hns: Fix unmatch exception handling when init eq table fails (git-fixes)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes)
- RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes).
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes)
- RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes)
- RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes)
- RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes)
- RDMA: Fix netdev tracker in ib_device_set_netdev (git-fixes)
- Revert 'ALSA: firewire-lib: obsolete workqueue for period update' (bsc#1208783).
- Revert 'ALSA: firewire-lib: operate for period elapse event in process context' (bsc#1208783).
- Revert 'KVM: Prevent module exit until all VMs are freed' (git-fixes).
- Revert 'Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d'' (git-fixes).
- Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d' (git-fixes).
- Revert 'misc: fastrpc: Restrict untrusted app to attach to privileged PD' (git-fixes).
- Revert 'mm: prevent derefencing NULL ptr in pfn_section_valid()' (bsc#1230413).
- Revert 'mm, kmsan: fix infinite recursion due to RCU critical section' (bsc#1230413).
- Revert 'mm/sparsemem: fix race in accessing memory_section->usage' (bsc#1230413).
- Revert 'usb: gadget: uvc: cleanup request when not in correct state' (stable-fixes).
- Revert 'usb: typec: tcpm: clear pd_event queue in PORT_RESET' (git-fixes).
- SUNRPC: Fix a race to wake a sync task (git-fixes).
- SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes).
- Squashfs: fix variable overflow triggered by sysbot (git-fixes).
- USB: serial: debug: do not echo input by default (stable-fixes).
- Update config files. Disable CONFIG_KFENCE on ppc64le (bsc#1226920)
- Update config files. Disable vdpa drivers for Alibaba ENI and SolidNET (jsc#PED-8954, bsc#1227834)
- Update patch references for ASoC regression fixes (bsc#1229045, bsc#1229046)
- afs: fix __afs_break_callback() / afs_drop_open_mmap() race (git-fixes).
- apparmor: unpack transition table if dfa is not present (bsc#1226031).
- arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git-fixes)
- arm64: Add Neoverse-V2 part (git-fixes)
- arm64: Fix KASAN random tag seed initialization (git-fixes)
- arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git-fixes)
- arm64: barrier: Restore spec_bar() macro (git-fixes)
- arm64: cputype: Add Cortex-A720 definitions (git-fixes)
- arm64: cputype: Add Cortex-A725 definitions (git-fixes)
- arm64: cputype: Add Cortex-X1C definitions (git-fixes)
- arm64: cputype: Add Cortex-X3 definitions (git-fixes)
- arm64: cputype: Add Cortex-X4 definitions (git-fixes)
- arm64: cputype: Add Cortex-X925 definitions (git-fixes)
- arm64: cputype: Add Neoverse-V3 definitions (git-fixes)
- arm64: dts: imx8mp: Add NPU Node (git-fixes)
- arm64: dts: imx8mp: Fix pgc vpu locations (git-fixes)
- arm64: dts: imx8mp: Fix pgc_mlmix location (git-fixes)
- arm64: dts: imx8mp: add HDMI power-domains (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (again) (git-fixes)
- arm64: errata: Expand speculative SSBS workaround (git-fixes)
- arm64: errata: Unify speculative SSBS errata logic (git-fixes). Update config files.
- arm64: jump_label: Ensure patched jump_labels are visible to all CPUs (git-fixes)
- ata: libata-scsi: Do not overwrite valid sense data when CK_COND=1 (stable-fixes).
- ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error (stable-fixes).
- blacklist.conf: Add libata upstream revert entry (bsc#1229054)
- bnxt_re: Fix imm_data endianness (git-fixes)
- bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG (git-fixes)
- bpf, lpm: Fix check prefixlen before walking trie (git-fixes).
- bpf/tests: Remove duplicate JSGT tests (git-fixes).
- bpf: Add crosstask check to __bpf_get_stack (git-fixes).
- bpf: Detect IP == ksym.end as part of BPF program (git-fixes).
- bpf: Ensure proper register state printing for cond jumps (git-fixes).
- bpf: Fix a few selftest failures due to llvm18 change (git-fixes).
- bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903).
- bpf: Fix check_stack_write_fixed_off() to correctly spill imm (git-fixes).
- bpf: Fix kfunc callback register type handling (git-fixes).
- bpf: Fix prog_array_map_poke_run map poke update (git-fixes).
- bpf: Fix unnecessary -EBUSY from htab_lock_bucket (git-fixes).
- bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (git-fixes).
- bpf: Remove unnecessary wait from bpf_map_copy_value() (git-fixes).
- bpf: Set uattr->batch.count as zero before batched update or deletion (git-fixes).
- bpf: do not infer PTR_TO_CTX for programs with unnamed context type (git-fixes).
- bpf: enforce precision of R0 on callback return (git-fixes).
- bpf: extract bpf_ctx_convert_map logic and make it more reusable (git-fixes).
- bpf: fix control-flow graph checking in privileged mode (git-fixes).
- bpf: handle bpf_user_pt_regs_t typedef explicitly for PTR_TO_CTX global arg (git-fixes).
- bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() (git-fixes).
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes).
- bpf: simplify btf_get_prog_ctx_type() into btf_is_prog_ctx_type() (git-fixes).
- bpftool: Align output skeleton ELF code (git-fixes).
- bpftool: Fix -Wcast-qual warning (git-fixes).
- bpftool: Silence build warning about calloc() (git-fixes).
- bpftool: mark orphaned programs during prog show (git-fixes).
- btrfs: add a btrfs_finish_ordered_extent helper (git-fixes).
- btrfs: add a is_data_bbio helper (git-fixes).
- btrfs: add an ordered_extent pointer to struct btrfs_bio (git-fixes).
- btrfs: copy dir permission and time when creating a stub subvolume (bsc#1228321).
- btrfs: ensure fast fsync waits for ordered extents after a write failure (git-fixes).
- btrfs: factor out a btrfs_queue_ordered_fn helper (git-fixes).
- btrfs: factor out a can_finish_ordered_extent helper (git-fixes).
- btrfs: fix corruption after buffer fault in during direct IO append write (git-fixes).
- btrfs: fix double inode unlock for direct IO sync writes (git-fixes).
- btrfs: fix extent map use-after-free when adding pages to compressed bio (git-fixes).
- btrfs: fix leak of qgroup extent records after transaction abort (git-fixes).
- btrfs: fix ordered extent split error handling in btrfs_dio_submit_io (git-fixes).
- btrfs: limit write bios to a single ordered extent (git-fixes).
- btrfs: make btrfs_finish_ordered_extent() return void (git-fixes).
- btrfs: merge the two calls to btrfs_add_ordered_extent in run_delalloc_nocow (git-fixes).
- btrfs: open code btrfs_bio_end_io in btrfs_dio_submit_io (git-fixes).
- btrfs: open code end_extent_writepage in end_bio_extent_writepage (git-fixes).
- btrfs: pass a btrfs_inode to btrfs_fdatawrite_range() (git-fixes).
- btrfs: pass a btrfs_inode to btrfs_wait_ordered_range() (git-fixes).
- btrfs: pass an ordered_extent to btrfs_reloc_clone_csums (git-fixes).
- btrfs: pass an ordered_extent to btrfs_submit_compressed_write (git-fixes).
- btrfs: remove btrfs_add_ordered_extent (git-fixes).
- btrfs: rename err to ret in btrfs_direct_write() (git-fixes).
- btrfs: uninline some static inline helpers from tree-log.h (git-fixes).
- btrfs: use a btrfs_inode in the log context (struct btrfs_log_ctx) (git-fixes).
- btrfs: use a btrfs_inode local variable at btrfs_sync_file() (git-fixes).
- btrfs: use bbio->ordered in btrfs_csum_one_bio (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete buffered writes (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete compressed writes (git-fixes).
- btrfs: use btrfs_finish_ordered_extent to complete direct writes (git-fixes).
- btrfs: use irq safe locking when running and adding delayed iputs (git-fixes).
- cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode (bsc#1229245).
- cachefiles: add missing lock protection when polling (bsc#1229256).
- cachefiles: add restore command to recover inflight ondemand read requests (bsc#1229244).
- cachefiles: add spin_lock for cachefiles_ondemand_info (bsc#1229249).
- cachefiles: cancel all requests for the object that is being dropped (bsc#1229255).
- cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (bsc#1229251).
- cachefiles: extract ondemand info field from cachefiles_object (bsc#1229240).
- cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() (bsc#1229247).
- cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() (bsc#1229246).
- cachefiles: introduce object ondemand state (bsc#1229239).
- cachefiles: make on-demand read killable (bsc#1229252).
- cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode (bsc#1229243).
- cachefiles: never get a new anonymous fd if ondemand_id is valid (bsc#1229250).
- cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229253).
- cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() (bsc#1229248).
- cachefiles: resend an open request if the read request's object is closed (bsc#1229241).
- cachefiles: stop sending new request when dropping object (bsc#1229254).
- can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum (stable-fixes).
- can: mcp251xfd: tef: update workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes).
- ceph: periodically flush the cap releases (bsc#1230056).
- cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801).
- cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254).
- cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254).
- cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254).
- cgroup: Remove unnecessary list_empty() (bsc#1222254).
- cgroup: preserve KABI of cgroup_root (bsc#1222254).
- char: xillybus: Check USB endpoints when probing device (git-fixes).
- char: xillybus: Do not destroy workqueue from work item running on it (stable-fixes).
- char: xillybus: Refine workqueue handling (git-fixes).
- clk: en7523: fix rate divider for slic and spi clocks (git-fixes).
- clk: qcom: Park shared RCGs upon registration (git-fixes).
- clk: qcom: camcc-sc7280: Add parent dependency to all camera GDSCs (git-fixes).
- clk: qcom: gcc-sa8775p: Update the GDSC wait_val fields and flags (git-fixes).
- clk: qcom: gcc-sc7280: Update force mem core bit for UFS ICE clock (git-fixes).
- clk: qcom: gpucc-sa8775p: Park RCG's clk source at XO during disable (git-fixes).
- clk: qcom: gpucc-sa8775p: Remove the CLK_IS_CRITICAL and ALWAYS_ON flags (git-fixes).
- clk: qcom: gpucc-sa8775p: Update wait_val fields for GPU GDSC's (git-fixes).
- clk: qcom: gpucc-sm8350: Park RCG's clk source at XO during disable (git-fixes).
- clk: qcom: kpss-xcc: Return of_clk_add_hw_provider to transfer the error (git-fixes).
- clk: visconti: Add bounds-checking coverage for struct visconti_pll_provider (stable-fixes).
- clocksource/drivers/sh_cmt: Address race condition for clock events (stable-fixes).
- cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- dev/parport: fix the array out-of-bounds risk (stable-fixes).
- device property: Add cleanup.h based fwnode_handle_put() scope based cleanup (stable-fixes).
- dmaengine: dw: Add memory bus width verification (git-fixes).
- dmaengine: dw: Add peripheral bus width verification (git-fixes).
- docs: KVM: Fix register ID of SPSR_FIQ (git-fixes).
- driver core: Fix uevent_show() vs driver detach race (git-fixes).
- drm/admgpu: fix dereferencing null pointer context (stable-fixes).
- drm/amd/display: Add delay to improve LTTPR UHBR interop (stable-fixes).
- drm/amd/display: Add null checker before passing variables (stable-fixes).
- drm/amd/display: Adjust cursor position (git-fixes).
- drm/amd/display: Check for NULL pointer (stable-fixes).
- drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable-fixes).
- drm/amd/display: avoid using null object of framebuffer (git-fixes).
- drm/amd/display: fix cursor offset on rotation 180 (git-fixes).
- drm/amd/display: fix s2idle entry for DCN3.5+ (stable-fixes).
- drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable-fixes).
- drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/jpeg4: properly set atomics vmid field (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes).
- drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes).
- drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes).
- drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable-fixes).
- drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 (git-fixes).
- drm/amdgpu: Actually check flags for all context ops (stable-fixes).
- drm/amdgpu: Add lock around VF RLCG interface (stable-fixes).
- drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes).
- drm/amdgpu: Forward soft recovery errors to userspace (stable-fixes).
- drm/amdgpu: Validate TA binary size (stable-fixes).
- drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes).
- drm/amdgpu: fix potential resource leak warning (stable-fixes).
- drm/amdgpu: reset vm state machine after gpu reset(vram lost) (stable-fixes).
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes).
- drm/client: fix null pointer dereference in drm_client_modeset_probe (git-fixes).
- drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes).
- drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes).
- drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (git-fixes).
- drm/i915/gem: Adjust vma offset for framebuffer mmap offset (stable-fixes).
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (git-fixes).
- drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro (git-fixes).
- drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() (git-fixes).
- drm/lima: set gp bus_stop bit before hard reset (stable-fixes).
- drm/mediatek/dp: Fix spurious kfree() (git-fixes).
- drm/msm/dp: fix the max supported bpp logic (git-fixes).
- drm/msm/dp: reset the link phy params before link training (git-fixes).
- drm/msm/dpu: capture snapshot on the first commit_done timeout (stable-fixes).
- drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes).
- drm/msm/dpu: do not play tricks with debug macros (git-fixes).
- drm/msm/dpu: drop MSM_ENC_VBLANK support (stable-fixes).
- drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() (git-fixes).
- drm/msm/dpu: split dpu_encoder_wait_for_event into two functions (stable-fixes).
- drm/msm/dpu: take plane rotation into account for wide planes (git-fixes).
- drm/msm/dpu: try multirect based on mdp clock limits (stable-fixes).
- drm/msm/dpu: use drmm-managed allocation for dpu_encoder_phys (stable-fixes).
- drm/msm/mdss: Rename path references to mdp_path (stable-fixes).
- drm/msm/mdss: switch mdss to use devm_of_icc_get() (stable-fixes).
- drm/msm: Reduce fallout of fence signaling vs reclaim hangs (stable-fixes).
- drm/nouveau: prime: fix refcount underflow (git-fixes).
- drm/panel: nt36523: Set 120Hz fps for xiaomi,elish panels (stable-fixes).
- drm/radeon/evergreen_cs: Clean up errors in evergreen_cs.c (bsc#1229024).
- drm/radeon: Remove __counted_by from StateArray.states[] (git-fixes).
- drm/rockchip: vop2: clear afbc en and transform bit for cluster window at linear mode (stable-fixes).
- drm/virtio: Fix type of dma-fence context variable (git-fixes).
- drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes).
- drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes).
- drm/vmwgfx: Fix prime with external buffers (git-fixes).
- efi/libstub: Zero initialize heap allocated struct screen_info (git-fixes).
- evm: do not copy up 'security.evm' xattr (git-fixes).
- firmware: cirrus: cs_dsp: Initialize debugfs_root to invalid (stable-fixes).
- fs/netfs/fscache_cookie: add missing 'n_accesses' check (bsc#1229455).
- fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229456).
- genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git-fixes).
- genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git-fixes).
- genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git-fixes).
- gfs2: setattr_chown: Add missing initialization (git-fixes).
- gpio: mlxbf3: Support shutdown() function (git-fixes).
- gpio: prevent potential speculation leaks in gpio_device_get_desc() (stable-fixes).
- gpio: sysfs: extend the critical section for unregistering sysfs devices (stable-fixes).
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git-fixes).
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes).
- hwmon: (ltc2992) Avoid division by zero (stable-fixes).
- hwmon: (ltc2992) Fix memory leak in ltc2992_parse_dt() (git-fixes).
- hwmon: (pc87360) Bounds check data->innr usage (stable-fixes).
- i2c: Fix conditional for substituting empty ACPI functions (stable-fixes).
- i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes).
- i2c: qcom-geni: Add missing clk_disable_unprepare in geni_i2c_runtime_resume (git-fixes).
- i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes).
- i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes).
- i2c: riic: avoid potential division by zero (stable-fixes).
- i2c: smbus: Improve handling of stuck alerts (git-fixes).
- i2c: smbus: Send alert notifications to all devices if source not found (git-fixes).
- i2c: stm32f7: Add atomic_xfer method to driver (stable-fixes).
- i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer (stable-fixes).
- i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out (stable-fixes).
- i915/perf: Remove code to update PWR_CLK_STATE for gen12 (git-fixes).
- ice: Fix NULL pointer access, if PF does not support SRIOV_LAG (bsc#1228737).
- io_uring/advise: support 64-bit lengths (git-fixes).
- io_uring: Drop per-ctx dummy_ubuf (git-fixes).
- io_uring: Fix probe of disabled operations (git-fixes).
- io_uring: fix io_match_task must_hold (git-fixes).
- io_uring: tighten task exit cancellations (git-fixes).
- iommu/amd: Convert comma to semicolon (git-fixes).
- iommu/vt-d: Fix identity map bounds in si_domain_init() (git-fixes).
- iommufd/device: Fix hwpt at err_unresv in iommufd_device_do_replace() (git-fixes).
- ip6_tunnel: Fix broken GRO (bsc#1229444).
- ipv6: sr: fix incorrect unregister order (git-fixes).
- irqdomain: Fixed unbalanced fwnode get and put (git-fixes).
- jfs: Fix shift-out-of-bounds in dbDiscardAG (git-fixes).
- jfs: define xtree root and page independently (git-fixes).
- jfs: fix null ptr deref in dtInsertEntry (git-fixes).
- jump_label: Clarify condition in static_key_fast_inc_not_disabled() (git-fixes).
- jump_label: Fix concurrency issues in static_key_slow_dec() (git-fixes).
- jump_label: Fix the fix, brown paper bags galore (git-fixes).
- jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() (git-fixes).
- kABI fix of: virtio-crypto: handle config changed by work queue (git-fixes).
- kABI workaround for sound core UMP conversion (stable-fixes).
- kabi fix for KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes).
- kabi fix for SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes).
- kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783)
- kabi: more build fix without patches.kabi (bsc#1226502)
- kcov: properly check for softirq context (git-fixes).
- kernel-binary.spec.in: Enable klp_symbols on openSUSE Tumbleweed (boo#1229042).
- kernel-binary: generate and install compile_commands.json (bsc#1228971).
- kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() (bsc#1229134).
- kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files (git-fixes).
- kprobes: Fix to check symbol prefixes correctly (git-fixes).
- kprobes: Prohibit probing on CFI preamble symbol (git-fixes).
- kvm: s390: Reject memory region operations for ucontrol VMs (git-fixes bsc#1229168).
- libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API (git-fixes).
- libbpf: Apply map_set_def_max_entries() for inner_maps on creation (git-fixes).
- libbpf: Fix faccessat() usage on Android (git-fixes).
- libbpf: Use OPTS_SET() macro in bpf_xdp_query() (git-fixes).
- md-cluster: fix hanging issue while a new disk adding (bsc#1223395).
- md-cluster: fix hanging issue while a new disk adding (bsc#1223395).
- md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395).
- md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395).
- md-cluster: keeping kabi compatibility for upstream commit 35a0a409fa26 (bsc#1223395).
- md/md-bitmap: fix writing non bitmap pages (git-fixes).
- md/raid1: set max_sectors during early return from choose_slow_rdev() (git-fixes).
- md/raid1: support read error check (git-fixes).
- md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (git-fixes).
- md/raid5: fix spares errors about rcu usage (git-fixes).
- md/raid5: recheck if reshape has finished with device_lock held (git-fixes).
- md: Do not wait for MD_RECOVERY_NEEDED for HOT_REMOVE_DISK ioctl (git-fixes).
- md: add a mddev_add_trace_msg helper (git-fixes).
- md: add check for sleepers in md_wakeup_thread() (git-fixes).
- md: change the return value type of md_write_start to void (git-fixes).
- md: do not account sync_io if iostats of the disk is disabled (git-fixes).
- md: do not delete safemode_timer in mddev_suspend (git-fixes).
- md: factor out a helper exceed_read_errors() to check read_errors (git-fixes).
- md: fix a suspicious RCU usage warning (git-fixes).
- media: Revert 'media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()' (git-fixes).
- media: amphion: Remove lock in s_ctrl callback (stable-fixes).
- media: drivers/media/dvb-core: copy user arrays safely (stable-fixes).
- media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes).
- media: uvcvideo: Add quirk for invalid dev_sof in Logitech C920 (git-fixes).
- media: uvcvideo: Disable autosuspend for Insta360 Link (stable-fixes).
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (stable-fixes).
- media: uvcvideo: Ignore empty TS packets (stable-fixes).
- media: uvcvideo: Quirk for invalid dev_sof in Logitech C922 (stable-fixes).
- media: xc2028: avoid use-after-free in load_firmware_cb() (stable-fixes).
- memcg: protect concurrent access to mem_cgroup_idr (git-fixes).
- memory: stm32-fmc2-ebi: check regmap_read return value (stable-fixes).
- memory: tegra: Skip SID programming if SID registers are not set (stable-fixes).
- minmax: add a few more MIN_T/MAX_T users (bsc#1229024).
- minmax: avoid overly complicated constant expressions in VM code (bsc#1229024).
- minmax: do not use max() in situations that want a C constant expression (bsc#1229024).
- minmax: fix up min3() and max3() too (bsc#1229024).
- minmax: improve macro expansion and type checking (bsc#1229024).
- minmax: make generic MIN() and MAX() macros available everywhere (bsc#1229024).
- minmax: simplify and clarify min_t()/max_t() implementation (bsc#1229024).
- minmax: simplify min()/max()/clamp() implementation (bsc#1229024).
- mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes).
- mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes).
- mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes).
- mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes).
- mmc: mtk-sd: receive cmd8 data when hs400 tuning fail (git-fixes).
- net/iucv: fix the allocation size of iucv_path_table array (git-fixes bsc#1229451).
- net/iucv: fix use after free in iucv_sock_close() (bsc#1228973).
- net/rds: fix possible cp null dereference (git-fixes).
- net/sched: initialize noop_qdisc owner (git-fixes).
- net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes).
- net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() (git-fixes).
- net: fix sk_memory_allocated_{add|sub} vs softirqs (bsc#1228757).
- net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530).
- net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086).
- net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154).
- net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes).
- net: missing check virtio (git-fixes).
- net: phy: micrel: Fix the KSZ9131 MDI-X status issue (git-fixes).
- net: phy: realtek: add support for RTL8366S Gigabit PHY (git-fixes).
- net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes).
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git-fixes).
- netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462).
- nfc: pn533: Add poll mod list filling check (git-fixes).
- nfs: do not invalidate dentries on transient errors (git-fixes).
- nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes).
- nfs: make the rpc_stat per net namespace (git-fixes).
- nfs: pass explicit offset/count to trace events (git-fixes).
- nfs: propagate readlink errors in nfs_symlink_filler (git-fixes).
- nouveau/firmware: use dma non-coherent allocator (git-fixes).
- nvme-multipath: find NUMA path only for online numa-node (git-fixes).
- nvme-multipath: implement 'queue-depth' iopolicy (bsc#1227706).
- nvme-multipath: prepare for 'queue-depth' iopolicy (bsc#1227706).
- nvme-pci: Fix the instructions for disabling power management (git-fixes).
- nvme-pci: add missing condition check for existence of mapped data (git-fixes).
- nvme-pci: do not directly handle subsys reset fallout (bsc#1220066).
- nvme-sysfs: add 'tls_configured_key' sysfs attribute (bsc#1221857).
- nvme-sysfs: add 'tls_keyring' attribute (bsc#1221857).
- nvme-tcp: check for invalidated or revoked key (bsc#1221857).
- nvme-tcp: sanitize TLS key handling (bsc#1221857).
- nvme: add a newline to the 'tls_key' sysfs attribute (bsc#1221857).
- nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes).
- nvme: avoid double free special payload (git-fixes).
- nvme: fix NVME_NS_DEAC may incorrectly identifying the disk as EXT_LBA (git-fixes).
- nvme: fixup comment for nvme RDMA Provider Type (git-fixes).
- nvme: split off TLS sysfs attributes into a separate group (bsc#1221857).
- nvme: tcp: remove unnecessary goto statement (bsc#1221857).
- nvme_core: scan namespaces asynchronously (bsc#1224105).
- nvmet-auth: fix nvmet_auth hash error handling (git-fixes).
- nvmet: always initialize cqe.result (git-fixes).
- nvmet: do not return 'reserved' for empty TSAS values (git-fixes).
- nvmet: fix a possible leak when destroy a ctrl during qp establishment (git-fixes).
- nvmet: make 'tsas' attribute idempotent for RDMA (git-fixes).
- ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410).
- padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes).
- perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git-fixes).
- pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (git-fixes).
- pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (git-fixes).
- pinctrl: single: fix potential NULL dereference in pcs_get_function() (git-fixes).
- pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git-fixes).
- platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes).
- platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779).
- platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779).
- platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779).
- platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779).
- platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779).
- platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779).
- platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779).
- platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779).
- platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779).
- platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779).
- platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779).
- platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779).
- platform/x86/intel/ifs: Initialize union ifs_status to zero (git-fixes).
- platform/x86: lg-laptop: fix %s null argument warning (stable-fixes).
- power: supply: axp288_charger: Fix constant_charge_voltage writes (git-fixes).
- power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes).
- power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (git-fixes).
- powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869).
- powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869).
- powerpc/kexec: make the update_cpus_node() function public (bsc#1194869).
- powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869).
- powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869).
- powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869).
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869).
- powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869).
- powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes).
- powerpc/xmon: Check cpu id in commands 'c#', 'dp#' and 'dx#' (bsc#1194869).
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869).
- powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869).
- printk/panic: Allow cpu backtraces to be written into ringbuffer during panic (bsc#1225607).
- reiserfs: fix uninit-value in comp_keys (git-fixes).
- rtc: nct3018y: fix possible NULL dereference (stable-fixes).
- s390/cpum_cf: Fix endless loop in CF_DIAG event stop (git-fixes bsc#1229171).
- s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229173).
- s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229452).
- s390/pci: Add missing virt_to_phys() for directed DIBV (git-fixes bsc#1229174).
- s390/pci: Allow allocation of more than 1 MSI interrupt (git-fixes bsc#1229172).
- s390/pci: Refactor arch_setup_msi_irqs() (git-fixes bsc#1229172).
- s390/pkey: harmonize pkey s390 debug feature calls (bsc#1228720).
- s390/pkey: introduce dynamic debugging for pkey (bsc#1228720).
- s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229169).
- s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229170).
- samples/bpf: syscall_tp_user: Fix array out-of-bound access (git-fixes).
- samples/bpf: syscall_tp_user: Rename num_progs into nr_tests (git-fixes).
- sbitmap: use READ_ONCE to access map->word (stable-fixes).
- scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857).
- scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857).
- scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857).
- scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857).
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857).
- scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857).
- scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857).
- scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857).
- scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850).
- scsi: qla2xxx: Complete command early within lock (bsc#1228850).
- scsi: qla2xxx: Convert comma to semicolon (bsc#1228850).
- scsi: qla2xxx: Drop driver owner assignment (bsc#1228850).
- scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850).
- scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850).
- scsi: qla2xxx: Fix flash read failure (bsc#1228850).
- scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850).
- scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850).
- scsi: qla2xxx: Indent help text (bsc#1228850).
- scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850).
- scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850).
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850).
- scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850).
- scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850).
- scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850).
- scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850).
- selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values (git-fixes).
- selftests/bpf: Add a test to verify previous stacksafe() fix (bsc#1225903).
- selftests/bpf: Add assert for user stacks in test_task_stack (git-fixes).
- selftests/bpf: Add netkit to tc_redirect selftest (git-fixes).
- selftests/bpf: De-veth-ize the tc_redirect test case (git-fixes).
- selftests/bpf: Disable IPv6 for lwt_redirect test (git-fixes).
- selftests/bpf: Fix erroneous bitmask operation (git-fixes).
- selftests/bpf: Fix issues in setup_classid_environment() (git-fixes).
- selftests/bpf: Fix potential premature unload in bpf_testmod (git-fixes).
- selftests/bpf: Fix pyperf180 compilation failure with clang18 (git-fixes).
- selftests/bpf: Fix the flaky tc_redirect_dtime test (git-fixes).
- selftests/bpf: Fix up xdp bonding test wrt feature flags (git-fixes).
- selftests/bpf: Make linked_list failure test more robust (git-fixes).
- selftests/bpf: Relax time_tai test for equal timestamps in tai_forward (git-fixes).
- selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not available (git-fixes).
- selftests/bpf: Wait for the netstamp_needed_key static key to be turned on (git-fixes).
- selftests/bpf: fix RELEASE=1 build for tc_opts (git-fixes).
- selftests/bpf: fix bpf_loop_bench for new callback verification scheme (git-fixes).
- selftests/bpf: fix compiler warnings in RELEASE=1 mode (git-fixes).
- selftests/bpf: satisfy compiler by having explicit return in btf test (git-fixes).
- serial: core: check uartclk for zero to avoid divide by zero (stable-fixes).
- soc: qcom: cmd-db: Map shared memory as WC, not WB (git-fixes).
- soc: qcom: pmic_glink: Actually communicate when remote goes down (git-fixes).
- soundwire: stream: fix programming slave ports for non-continous port maps (git-fixes).
- spi: Add empty versions of ACPI functions (stable-fixes).
- spi: microchip-core: fix init function not setting the master and motorola modes (git-fixes).
- spi: microchip-core: switch to use modern name (stable-fixes).
- spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes).
- spi: spidev: Add missing spi_device_id for bh2228fv (git-fixes).
- squashfs: squashfs_read_data need to check if the length is 0 (git-fixes).
- ssb: Fix division by zero issue in ssb_calc_clock_rate (stable-fixes).
- staging: iio: resolver: ad2s1210: fix use before initialization (stable-fixes).
- staging: ks7010: disable bh on tx_dev_lock (stable-fixes).
- string.h: Introduce memtostr() and memtostr_pad() (bsc#1228849).
- sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes).
- swiotlb: do not set total_used to 0 in swiotlb_create_debugfs_files() (git-fixes).
- swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes).
- syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes).
- thermal/drivers/broadcom: Fix race between removal and clock disable (git-fixes).
- thermal: bcm2835: Convert to platform remove callback returning void (stable-fixes).
- thunderbolt: Mark XDomain as unplugged when router is removed (stable-fixes).
- tools/perf: Fix perf bench epoll to enable the run when some CPU's are offline (bsc#1227747).
- tools/perf: Fix perf bench futex to enable the run when some CPU's are offline (bsc#1227747).
- tools/perf: Fix timing issue with parallel threads in perf bench wake-up-parallel (bsc#1227747).
- tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids (git-fixes).
- tools/resolve_btfids: Fix cross-compilation to non-host endianness (git-fixes).
- tools/resolve_btfids: Refactor set sorting with types from btf_ids.h (git-fixes).
- tools/resolve_btfids: fix build with musl libc (git-fixes).
- trace/pid_list: Change gfp flags in pid_list_fill_irq() (git-fixes).
- tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes).
- tty: atmel_serial: use the correct RTS flag (git-fixes).
- tty: serial: fsl_lpuart: mark last busy before uart_add_one_port (git-fixes).
- usb: cdnsp: fix for Link TRB with TC (git-fixes).
- usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function (git-fixes).
- usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() (git-fixes).
- usb: dwc3: core: Skip setting event buffers for host only controllers (stable-fixes).
- usb: dwc3: omap: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: add missing depopulate in probe error path (git-fixes).
- usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes).
- usb: gadget: core: Check for unset descriptor (git-fixes).
- usb: gadget: fsl: Increase size of name buffer for endpoints (stable-fixes).
- usb: gadget: u_audio: Check return codes from usb_ep_enable and config_ep_by_speed (git-fixes).
- usb: gadget: u_serial: Set start_delayed during suspend (git-fixes).
- usb: gadget: uvc: cleanup request when not in correct state (stable-fixes).
- usb: typec: fsa4480: Add support to swap SBU orientation (git-fixes).
- usb: typec: fsa4480: Check if the chip is really there (git-fixes).
- usb: typec: fsa4480: Relax CHIP_ID check (git-fixes).
- usb: typec: fsa4480: add support for Audio Accessory Mode (git-fixes).
- usb: typec: fsa4480: rework mux & switch setup to handle more states (git-fixes).
- usb: vhci-hcd: Do not drop references before new references are gained (stable-fixes).
- vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes).
- vhost-scsi: Handle vhost_vq_work_queue failures for events (git-fixes).
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes).
- vhost/vsock: always initialize seqpacket_allow (git-fixes).
- vhost: Release worker mutex during flushes (git-fixes).
- vhost: Use virtqueue mutex for swapping worker (git-fixes).
- virt: guest_memfd: fix reference leak on hwpoisoned page (git-fixes).
- virtio-crypto: handle config changed by work queue (git-fixes).
- virtio: reenable config if freezing device failed (git-fixes).
- virtio_net: use u64_stats_t infra to avoid data-races (git-fixes).
- virtiofs: forbid newlines in tags (bsc#1229940).
- wifi: ath12k: fix memory leak in ath12k_dp_rx_peer_frag_setup() (stable-fixes).
- wifi: ath12k: fix soft lockup on suspend (git-fixes).
- wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion (git-fixes).
- wifi: cfg80211: fix reporting failed MLO links status with cfg80211_connect_done (git-fixes).
- wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes).
- wifi: mac80211: use monitor sdata with driver only if desired (git-fixes).
- wifi: mwifiex: duplicate static structs used in driver instances (git-fixes).
- wifi: nl80211: disallow setting special AP channel widths (stable-fixes).
- wifi: nl80211: do not give key data to userspace (stable-fixes).
- wifi: rtw88: usb: Fix disconnection after beacon loss (stable-fixes).
- wifi: wfx: repair open network AP mode (git-fixes).
- workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454).
- workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454).
- x86/asm: Use %c/%n instead of %P operand modifier in asm templates (git-fixes).
- x86/entry/64: Remove obsolete comment on tracing vs. SYSRET (git-fixes).
- x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes).
- x86/mm: Fix pti_clone_pgtable() alignment assumption (git-fixes).
- x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes).
- x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() (git-fixes).
- x86/numa: Fix the address overlap check in numa_fill_memblks() (git-fixes).
- x86/numa: Fix the sort compare func used in numa_fill_memblks() (git-fixes).
- x86/numa: Introduce numa_fill_memblks() (git-fixes).
- x86/pci: Skip early E820 check for ECAM region (git-fixes).
- x86/xen: Convert comma to semicolon (git-fixes).
- xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes).
- xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes).
- xfs: allow cross-linking special files without project quota (git-fixes).
- xfs: allow symlinks with short remote targets (bsc#1229160).
- xfs: allow unlinked symlinks and dirs with zero size (git-fixes).
- xfs: attr forks require attr, not attr2 (git-fixes).
- xfs: convert comma to semicolon (git-fixes).
- xfs: do not use current->journal_info (git-fixes).
- xfs: fix unlink vs cluster buffer instantiation race (git-fixes).
- xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (git-fixes).
- xfs: journal geometry is not properly bounds checked (git-fixes).
- xfs: match lock mode in xfs_buffered_write_iomap_begin() (git-fixes).
- xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (git-fixes).
- xfs: upgrade the extent counters in xfs_reflink_end_cow_extent later (git-fixes).
- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes).
- xfs: use consistent uid/gid when grabbing dquots for inodes (git-fixes).
- xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes).
- xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3402-1
Released: Mon Sep 23 15:37:36 2024
Summary: Recommended update for makedumpfile
Type: recommended
Severity: moderate
References: 1226183
This update for makedumpfile fixes the following issue:
- don't reserve disk space for flattened format (bsc#1226183).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3424-1
Released: Tue Sep 24 17:25:50 2024
Summary: Security update for xen
Type: security
Severity: moderate
References: 1230366,CVE-2024-45817
This update for xen fixes the following issues:
- CVE-2024-45817: Fixed a deadlock in vlapic_error. (bsc#1230366, XSA-462)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3450-1
Released: Thu Sep 26 09:09:16 2024
Summary: Recommended update for pam-config
Type: recommended
Severity: moderate
References: 1227216
This update for pam-config fixes the following issues:
- Improved check for existence of modules (bsc#1227216)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3466-1
Released: Fri Sep 27 08:18:07 2024
Summary: Recommended update for perl-Bootloader
Type: recommended
Severity: moderate
References: 1230070
This update for perl-Bootloader fixes the following issues:
- Handle missing grub_installdevice on PowerPC (bsc#1230070)
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3470-1
Released: Fri Sep 27 14:34:46 2024
Summary: Security update for python3
Type: security
Severity: important
References: 1227233,1227378,1227999,1228780,1229596,1230227,CVE-2024-5642,CVE-2024-6232,CVE-2024-6923,CVE-2024-7592
This update for python3 fixes the following issues:
- CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module (bsc#1228780).
- CVE-2024-5642: Fixed buffer overread when NPN is used and invalid values are sent to the OpenSSL API (bsc#1227233).
- CVE-2024-7592: Fixed Email header injection due to unquoted newlines (bsc#1229596).
- CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227)
Bug fixes:
- %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999).
- Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378).
- Remove %suse_update_desktop_file macro as it is not useful any more.
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3476-1
Released: Fri Sep 27 15:16:38 2024
Summary: Recommended update for curl
Type: recommended
Severity: moderate
References: 1230516
This update for curl fixes the following issue:
- Make special characters in URL work with aws-sigv4 (bsc#1230516).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3487-1
Released: Fri Sep 27 19:56:02 2024
Summary: Recommended update for logrotate
Type: recommended
Severity: moderate
References:
This update for logrotate fixes the following issues:
- Backport 'ignoreduplicates' configuration flag (jsc#PED-10366)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3496-1
Released: Mon Sep 30 09:19:26 2024
Summary: Recommended update for rsyslog
Type: recommended
Severity: moderate
References: 1230984
This update for rsyslog fixes the following issue:
- restart daemon after update at the end of the transaction
(bsc#1230984).
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:3501-1
Released: Tue Oct 1 16:03:34 2024
Summary: Security update for openssl-3
Type: security
Severity: important
References: 1230698,CVE-2024-41996
This update for openssl-3 fixes the following issues:
- CVE-2024-41996: Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers to trigger expensive server-side DHE (bsc#1230698)
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3504-1
Released: Tue Oct 1 16:22:27 2024
Summary: Recommended update for glibc
Type: recommended
Severity: moderate
References: 1230638
This update for glibc fixes the following issue:
- Use nss-systemd by default also in SLE (bsc#1230638).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3512-1
Released: Wed Oct 2 18:14:56 2024
Summary: Recommended update for systemd
Type: recommended
Severity: important
References: 1226414,1228091,1228223,1228809,1229518
This update for systemd fixes the following issues:
- Determine the effective user limits in a systemd setup (jsc#PED-5659)
- Don't try to restart the udev socket units anymore. (bsc#1228809).
- Add systemd.rules rework (bsc#1229518).
- Don't mention any rpm macros inside comments, even if escaped (bsc#1228091).
- upstream commit (bsc#1226414).
- Make the 32bit version of libudev.so available again (bsc#1228223).
- policykit-1 renamed to polkitd
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3522-1
Released: Fri Oct 4 10:02:34 2024
Summary: Recommended update for dracut
Type: recommended
Severity: moderate
References: 1230110,1230330,1230468,1230639
This update for dracut fixes the following issues:
- Version update 059+suse.541.g3c2df232:
* fix(dasd-rules): handle all possible options in `rd.dasd` (bsc#1230110).
* fix(dracut.spec): add Builddeps for initrd posttrans macros (bsc#1230639).
* fix(zfcp_rules): check for presence of legacy rules (bsc#1230330).
* Fixes for NVMeoF boot (bsc#1230468)
* fix(nvmf): install (only) required nvmf modules
* fix(nvmf): require NVMeoF modules
* fix(nvmf): move /etc/nvme/host{nqn,id} requirement to hostonly
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3528-1
Released: Fri Oct 4 15:31:43 2024
Summary: Recommended update for e2fsprogs
Type: recommended
Severity: moderate
References: 1230145
This update for e2fsprogs fixes the following issue:
- resize2fs: Check number of group descriptors only if meta_bg is disabled
(bsc#1230145).
-----------------------------------------------------------------
Advisory ID: SUSE-RU-2024:3529-1
Released: Fri Oct 4 15:37:44 2024
Summary: Recommended update for libpcap
Type: recommended
Severity: moderate
References: 1230894
This update for libpcap fixes the following issue:
- enable rdma support (bsc#1230894).
The following package changes have been done:
- containerd-ctr-1.7.21-150000.117.1 updated
- containerd-1.7.21-150000.117.1 updated
- dracut-059+suse.541.g3c2df232-150600.3.11.2 updated
- e2fsprogs-1.47.0-150600.4.6.2 updated
- fipscheck-1.7.0-150600.3.3.2 updated
- glibc-locale-base-2.38-150600.14.11.2 updated
- glibc-locale-2.38-150600.14.11.2 updated
- glibc-2.38-150600.14.11.2 updated
- grub2-i386-pc-2.12-150600.8.6.1 updated
- grub2-x86_64-efi-2.12-150600.8.6.1 updated
- grub2-2.12-150600.8.6.1 updated
- kernel-default-6.4.0-150600.23.22.1 updated
- libblkid1-2.39.3-150600.4.12.2 updated
- libcom_err2-1.47.0-150600.4.6.2 updated
- libcurl4-8.6.0-150600.4.9.2 updated
- libexpat1-2.4.4-150400.3.22.1 updated
- libext2fs2-1.47.0-150600.4.6.2 updated
- libfdisk1-2.39.3-150600.4.12.2 updated
- libfipscheck1-1.7.0-150600.3.3.2 updated
- libmount1-2.39.3-150600.4.12.2 updated
- libncurses6-6.1-150000.5.27.1 updated
- libopenssl3-3.1.4-150600.5.18.1 updated
- libpcap1-1.10.4-150600.3.6.2 updated
- libpython3_6m1_0-3.6.15-150300.10.72.1 updated
- libsmartcols1-2.39.3-150600.4.12.2 updated
- libsolv-tools-base-0.7.30-150600.8.2.1 updated
- libsystemd0-254.18-150600.4.15.10 updated
- libudev1-254.18-150600.4.15.10 updated
- libuuid1-2.39.3-150600.4.12.2 updated
- libzypp-17.35.11-150600.3.24.1 updated
- logrotate-3.18.1-150400.3.10.1 updated
- makedumpfile-1.7.4-150600.3.3.2 updated
- ncurses-utils-6.1-150000.5.27.1 updated
- openssl-3-3.1.4-150600.5.18.1 updated
- pam-config-1.1-150600.16.3.1 updated
- perl-Bootloader-1.8.2-150600.3.3.1 updated
- python3-base-3.6.15-150300.10.72.1 updated
- python3-3.6.15-150300.10.72.1 updated
- rsyslog-module-relp-8.2406.0-150600.12.6.2 updated
- rsyslog-8.2406.0-150600.12.6.2 updated
- runc-1.1.14-150000.70.1 updated
- suseconnect-ng-1.12.0-150600.3.8.2 updated
- systemd-254.18-150600.4.15.10 updated
- terminfo-base-6.1-150000.5.27.1 updated
- terminfo-6.1-150000.5.27.1 updated
- udev-254.18-150600.4.15.10 updated
- util-linux-systemd-2.39.3-150600.4.12.2 updated
- util-linux-2.39.3-150600.4.12.2 updated
- xen-libs-4.18.3_04-150600.3.9.1 updated
- zypper-1.14.77-150600.10.11.2 updated
- libabsl2401_0_0-20240116.1-150600.17.7 removed
- libprotobuf-lite25_1_0-25.1-150600.16.4.2 removed
More information about the sle-container-updates
mailing list