Removed rpms ============ - PackageKit - PackageKit-backend-zypp - PackageKit-branding-openSUSE - PackageKit-gstreamer-plugin - PackageKit-gtk3-module - PackageKit-lang - gnu-unifont-bitmap-fonts - ibus-sunpinyin - ibus-table-zhuyin - libdcerpc-binding0 - libdcerpc0 - libicu69 - libicu69-bedata - libmng2 - libndr-krb5pac0 - libndr-nbt0 - libndr-standard0 - libndr2 - libnetapi0 - libpackagekit-glib2-18 - libpoppler89 - libqt5-qtimageformats - libsamba-credentials1 - libsamba-errors0 - libsamba-hostconfig0 - libsamba-passdb0 - libsamba-util0 - libsamdb0 - libsmbclient0 - libsmbconf0 - libsmbldap2 - libtevent-util0 - libwbclient0 - plymouth-plugin-label-ft - poppler-data - python-rpm-generators - python-rpm-macros - yast2-schema Added rpms ========== - libbd_lvm2 - libimobiledevice-glue-1_0-0 - libkmipclient1 - liblvm2cmd2_03 - libnvme1 - libotr5 - libpoppler117 - libyui-ncurses-pkg16 - libyui-ncurses16 - libyui-qt-graph16 - libyui-qt-pkg16 - libyui-qt16 - libyui16 - lvm2 - nvme-cli-bash-completion - plymouth-lang - samba-ad-dc-libs - samba-client-libs - system-user-games - yast2-schema-default Package Source Changes ====================== ImageMagick +- security update +- added patches + fix CVE-2022-0284 [bsc#1195563], Heap buffer overread in GetPixelAlpha() + in MagickCore/pixel-accessor.h + + ImageMagick-CVE-2022-0284.patch + +- fix https://github.com/ImageMagick/ImageMagick/issues/4790 [bsc#1195321] +- added patches + https://github.com/ImageMagick/ImageMagick/commit/b51707c08f3dee192d464d38fc507c86051e62e6 + + ImageMagick-gradient-black-white.patch + MozillaFirefox +- Firefox Extended Support Release 91.5.0 ESR + * Fixed: Various stability, functionality, and security fixes + MFSA 2022-03 (bsc#1194547) + * CVE-2022-22746 (bmo#1735071) + Calling into reportValidity could have lead to fullscreen + window spoof + * CVE-2022-22743 (bmo#1739220) + Browser window spoof using fullscreen mode + * CVE-2022-22742 (bmo#1739923) + Out-of-bounds memory access when inserting text in edit mode + * CVE-2022-22741 (bmo#1740389) + Browser window spoof using fullscreen mode + * CVE-2022-22740 (bmo#1742334) + Use-after-free of ChannelEventQueue::mOwner + * CVE-2022-22738 (bmo#1742382) + Heap-buffer-overflow in blendGaussianBlur + * CVE-2022-22737 (bmo#1745874) + Race condition when playing audio files + * CVE-2021-4140 (bmo#1746720) + Iframe sandbox bypass with XSLT + * CVE-2022-22748 (bmo#1705211) + Spoofed origin on external protocol launch dialog + * CVE-2022-22745 (bmo#1735856) + Leaking cross-origin URLs through securitypolicyviolation + event + * CVE-2022-22744 (bmo#1737252) + The 'Copy as curl' feature in DevTools did not fully escape + website-controlled data, potentially leading to command + injection + * CVE-2022-22747 (bmo#1735028) + Crash when handling empty pkcs7 sequence + * CVE-2022-22739 (bmo#1744158) + Missing throttling on external protocol launch dialog + * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366, + bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869, + bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011) + Memory safety bugs fixed in Thunderbird 91.5 + +- Firefox Extended Support Release 91.4.1 ESR (bsc#1193845) + * Fixed frequent MOZILLA_PKIX_ERROR_OCSP_RESPONSE_FOR_CERT_MISSING + error messages when trying to connect to various microsoft.com + domains (bmo#1745600) + +- Firefox Extended Support Release 91.4.0 ESR + * Fixed: Various security fixes +- Mozilla Firefox ESR 91.4.0 + MFSA 2021-53 (bsc#1193485) + * CVE-2021-43536 (bmo#1730120) + URL leakage when navigating while executing asynchronous + function + * CVE-2021-43537 (bmo#1738237) + Heap buffer overflow when using structured clone + * CVE-2021-43538 (bmo#1739091) + Missing fullscreen and pointer lock notification when + requesting both + * CVE-2021-43539 (bmo#1739683) + GC rooting failure when calling wasm instance methods + * CVE-2021-43541 (bmo#1696685) + External protocol handler parameters were unescaped + * CVE-2021-43542 (bmo#1723281) + XMLHttpRequest error codes could have leaked the existence of + an external protocol handler + * CVE-2021-43543 (bmo#1738418) + Bypass of CSP sandbox directive when embedding + * CVE-2021-43545 (bmo#1720926) + Denial of Service when using the Location API in a loop + * CVE-2021-43546 (bmo#1737751) + Cursor spoofing could overlay user interface when native + cursor is zoomed + * MOZ-2021-0009 (bmo#1393362, bmo#1736046, bmo#1736751, + bmo#1737009, bmo#1739372, bmo#1739421) + Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 + +- remove x-scheme-handler/ftp from MozillaFirefox.desktop boo#1193321 + MozillaThunderbird +- Mozilla Thunderbird 91.5 + * fixed: RSS keyword labels without a configured color were + illegible + * fixed: Thunderbird "about:" dialog did not identify third- + party repackaged distributions such as Flatpaks + * fixed: Various security fixes + MFSA 2022-03 (bsc#1194547) + * CVE-2022-22746 (bmo#1735071) + Calling into reportValidity could have lead to fullscreen + window spoof + * CVE-2022-22743 (bmo#1739220) + Browser window spoof using fullscreen mode + * CVE-2022-22742 (bmo#1739923) + Out-of-bounds memory access when inserting text in edit mode + * CVE-2022-22741 (bmo#1740389) + Browser window spoof using fullscreen mode + * CVE-2022-22740 (bmo#1742334) + Use-after-free of ChannelEventQueue::mOwner + * CVE-2022-22738 (bmo#1742382) + Heap-buffer-overflow in blendGaussianBlur + * CVE-2022-22737 (bmo#1745874) + Race condition when playing audio files + * CVE-2021-4140 (bmo#1746720) + Iframe sandbox bypass with XSLT + * CVE-2022-22748 (bmo#1705211) + Spoofed origin on external protocol launch dialog + * CVE-2022-22745 (bmo#1735856) + Leaking cross-origin URLs through securitypolicyviolation + event + * CVE-2022-22744 (bmo#1737252) + The 'Copy as curl' feature in DevTools did not fully escape + website-controlled data, potentially leading to command + injection + * CVE-2022-22747 (bmo#1735028) + Crash when handling empty pkcs7 sequence + * CVE-2022-22739 (bmo#1744158) + Missing throttling on external protocol launch dialog + * CVE-2022-22751 (bmo#1664149, bmo#1737816, bmo#1739366, + bmo#1740274, bmo#1740797, bmo#1741201, bmo#1741869, + bmo#1743221, bmo#1743515, bmo#1745373, bmo#1746011) + Memory safety bugs fixed in Thunderbird 91.5 + +- Mozilla Thunderbird 91.4.1 + * fixed: Attachments that should open in Thunderbird, such as + ICS attachments, offered to save the file instead + * fixed: Saving attachments from IMAP accounts where usernames + contained special characters failed + * fixed: Temporary files created for forwarded attachments + sometimes had the wrong extension + * fixed: S/MIME signatures were shown as invalid by Outlook + * fixed: URL input boxes on content tabs erroneously displayed + a search glass icon on macOS + * fixed: Message bars (such as content blocking) did not use + high contrast theme colors + * fixed: Some messages with autocrypt headers loaded slowly, + causing Thunderbird to hang + * fixed: Server hostnames were cut-off in the account manager + * fixed: Account Setup did not support non-ASCII characters in + passwords + * fixed: Account Setup did not always retain set values + * fixed: Virtual folders did not retain folder selection when a + folder name contained non-ASCII characters + * fixed: Messages saved as "html" or "eml" did not include + message headers + * fixed: "Private web page" field was not included when + exporting a contact to a vCard + * fixed: Addons were still active after restarting Thunderbird + in troubleshooting mode with "disable all addons" checked + * fixed: FileLink attachments did not always display the + FileLink provider's icon + * fixed: FileLink privacy notifications persisted in the + compose window after removing all FileLink attachments + * fixed: "Loading" icon remained after a FileLink upload failed + * fixed: Lengthy event names for multiday events did not wrap + * fixed: Various theme and UX improvements + * fixed: Various security fixes + MFSA 2021-55 (bsc#1194215) + * CVE-2021-4126 (bmo#1732310) + OpenPGP signature status doesn't consider additional message + content + * CVE-2021-44538 (bmo#1744056) + Matrix chat library libolm bundled with Thunderbird + vulnerable to a buffer overflow + +- Mozilla Thunderbird 91.4.0 + * fixed: IMAP startup performance improved for accounts with a + multitude of folders + * fixed: Thunderbird failed to send messages when configured to + use an IPv6 SMTP server by IP address (instead of a hostname) + * fixed: Forwarding messages with attachments sometimes failed + * fixed: Printing multiple messages at once was not possible + * fixed: Non-utf8 news groups were not supported + * fixed: Thunderbird stalled after sending a message with NNTP + and SMTP recipients + * fixed: Using Thunderbird with multiple language packs caused + high RAM and CPU use and sluggish performance + * fixed: Clicking a "mailto:" started the composer with the + default sending identity instead of a configured alternate + * fixed: Drag and dropped text into a plain text message in the + compose window was handled inconsistently + * fixed: FileLink messages did not display correctly when + viewed in Outlook + * fixed: In account setup, after selecting an extension + provided protocol, it was not possible to create an IMAP/POP + account + * fixed: Multiday selections were not cleared when changing + week viewed + * fixed: When creating a new event by clicking and dragging the + mouse to create a box, the view did not auto-scroll after + reaching the bottom + * fixed: Calendar Invitation Panel did not scroll when multiple + invitations were pending + * fixed: Calendar print dialog did not have a cancel button + * fixed: Various security fixes + MFSA 2021-54 (bsc#1193485) + * CVE-2021-43536 (bmo#1730120) + URL leakage when navigating while executing asynchronous + function + * CVE-2021-43537 (bmo#1738237) + Heap buffer overflow when using structured clone + * CVE-2021-43538 (bmo#1739091) + Missing fullscreen and pointer lock notification when + requesting both + * CVE-2021-43539 (bmo#1739683) + GC rooting failure when calling wasm instance methods + * CVE-2021-43541 (bmo#1696685) + External protocol handler parameters were unescaped + * CVE-2021-43542 (bmo#1723281) + XMLHttpRequest error codes could have leaked the existence of + an external protocol handler + * CVE-2021-43543 (bmo#1738418) + Bypass of CSP sandbox directive when embedding + * CVE-2021-43545 (bmo#1720926) + Denial of Service when using the Location API in a loop + * CVE-2021-43546 (bmo#1737751) + Cursor spoofing could overlay user interface when native + cursor is zoomed + * CVE-2021-43528 (bmo#1742579) + JavaScript unexpectedly enabled for the composition area + * MOZ-2021-0009 (bmo#1393362, bmo#1736046, bmo#1736751, + bmo#1737009, bmo#1739372, bmo#1739421) + Memory safety bugs fixed in Thunderbird 91.4.0 + +- Mozilla Thunderbird 91.3.2 + * changed: Date selection in Calendar print settings widget + changed to use mini calendar widget + * changed: OpenPGP: Botan updated to 2.18.2; addresses + CVE-2021-40529 + * fixed: "Repair Text Encoding" menu item did not work + * fixed: Troubleshoot Mode menu item did not always indicate + whether troubleshooting mode was enabled + * fixed: Message content could be unintentionally hidden due to + CSS class names conflicting + * fixed: SMTP server port was reset to "0" after clicking the + "Re-Test" button in the Account Setup wizard + * fixed: No "Paste" option was available in the config editor + (about:config) context menu + * fixed: Saving a PDF attachment opened in a separate tab saved + the email message instead + * fixed: Opening a PDF attachment from a message in a + standalone or compose window did move the focus to opened + attachment + * fixed: After restart, Thunderbird was not able to restore + opened message tabs when the message was in a folder with + non-ASCII characters in its name + * fixed: The "pill" indicator was incorrectly shown when + sending a message to newsgroup + * fixed: When printing from Calendar, after leaving the + "Calendar" settings, there was no way to go back + * fixed: Month pickers in the Calendar print UI lacked + scrollbars when the content overflowed + * fixed: Account Manager and Addons Manager were unreadable + when using the Dark theme +- Mozilla Thunderbird 91.3.1 + * changed: OpenPGP public keys will no longer count as an + attachment in the message list + * changed: Adding a search engine via URL now supported + * changed: FileLink messages' template updated; Thunderbird + advertisement removed + * changed: After an update, Thunderbird will now check + installed addons for updates + * fixed: New mail popups were displayed while running full + screen applications + * fixed: Messages received with non-standard "koi8r" encoding + were not supported + * fixed: Various macOS stability improvements + * fixed: PDF attachments opened in Firefox while composing an + email + * fixed: Addons were disabled when "Offline Settings" were set + to "Ask me for online state (on startup)" + * fixed: Clicking '"addons://" links in the Addons Manager + prompted for an application to open it, rather than opening + internally + * fixed: The Contacts sidebar "Address Book" drop down was + unreadable on Windows + * fixed: vCard attachments were not shown when using "inline" + view for attachments + * fixed: Importing an ICS file with TODO items failed + +- Mozilla Thunderbird 91.3 + * fixed: Default mail headers were set incorrectly when the + value contained a colon (:) + * fixed: Thunderbird did not send the QUIT command when closing + an SMTP connection + * fixed: Mail tabs could not be closed using the context menu + * fixed: "Print" context menu was still shown when no message + pane was displayed + * fixed: Windows tray icon did not reappear after restarting + Windows Explorer + * fixed: Compose window attachment drag and drop fixes + * fixed: Various macOS stability improvements + * fixed: Drag and Drop area for file attachments on Windows was + incorrect + * fixed: CardDAV address books without a name did not work + * fixed: Thunderbird tried to refresh disabled and manual-only + calendars when the network state changed from offline to + online + * fixed: Various Calendar event dialog fixes + * fixed: Various security fixes + MFSA 2021-50 (bsc#1192250) + * CVE-2021-38503 (bmo#1729517) + iframe sandbox rules did not apply to XSLT stylesheets + * CVE-2021-38504 (bmo#1730156) + Use-after-free in file picker dialog + * CVE-2021-38505 (bmo#1730194) + Windows 10 Cloud Clipboard may have recorded sensitive user + data + * CVE-2021-38506 (bmo#1730750) + Thunderbird could be coaxed into going into fullscreen mode + without notification or warning + * CVE-2021-38507 (bmo#1730935) + Opportunistic Encryption in HTTP2 could be used to bypass the + Same-Origin-Policy on services hosted on other ports + * MOZ-2021-0008 (bmo#1667102) + Use-after-free in HTTP2 Session object + * CVE-2021-38508 (bmo#1366818) + Permission Prompt could be overlaid, resulting in user + confusion and potential spoofing + * CVE-2021-38509 (bmo#1718571) + Javascript alert box could have been spoofed onto an + arbitrary domain + * CVE-2021-38510 (bmo#1731779) + Download Protections were bypassed by .inetloc files on Mac + OS + * MOZ-2021-0007 (bmo#1606864, bmo#1712671, bmo#1730048, + bmo#1735152) + Memory safety bugs fixed in Thunderbird ESR 91.3 +- Drop unused pkgconfig(gdk-x11-2.0) BuildRequires +- Drop mozilla-neqo-fix-fips-crash.patch which is now upstream +- add mozilla-bmo1724679.patch (bmo#1724679, boo#1182863) + fix some env variables which are enabled for any value + +- Mozilla Thunderbird 91.2 + * changed: Saving a single message as .eml now uses a unique + filename + * fixed: New mail notifications did not properly take + subfolders into account + * fixed: Decrypting binary attachments when using an external + GnuPG configuration failed + * fixed: Account name fields in the account manager were not + big enough for long names + * fixed: LDAP searches using an extensibleMatch filter returned + no results + * fixed: Read-only CalDAV calendars and CardDAV address books + were not detected + * fixed: Multipart messages containing a calendar invite did + not display any of the human-readable alternatives + * fixed: Some calendar days were displayed incorrectly or + duplicated (eg. two "29th" days of a particular month) + * fixed: Phantom event was shown at the end of each day in + Calendar week view + * fixed: Various security fixes + MFSA 2021-47 (bsc#1191332) + * CVE-2021-38502 (bmo#1733366) + Downgrade attack on SMTP STARTTLS connections + * CVE-2021-38496 (bmo#1725335) + Use-after-free in MessageTask + * CVE-2021-38497 (bmo#1726621) + Validation message could have been overlaid on another origin + * CVE-2021-38498 (bmo#1729642) + Use-after-free of nsLanguageAtomService object + * CVE-2021-32810 (bmo#1729813, + bmo#https://github.com/crossbeam- + rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw) + Data race in crossbeam-deque + * CVE-2021-38500 (bmo#1725854, bmo#1728321) + Memory safety bugs fixed in Thunderbird 91.2 + * CVE-2021-38501 (bmo#1685354, bmo#1715755, bmo#1723176) + Memory safety bugs fixed in Thunderbird 91.2 + +- Mozilla Thunderbird 91.1.2 + * Thunderbird will now warn if an S/MIME encrypted message includes + BCC recipients + * fixed: Message Security popup did not display all recipients + due a missing scrollbar + * fixed: Delivery Status Notifications were only shown for the + first recipient + * fixed: Composing a message from a template with attachments + failed due to a temporary file being removed + * fixed: Attachment sizes were no longer included on printed + emails + * fixed: A message sent with multiple attachments sometimes + only sent one + * fixed: Thunderbird sometimes attached the wrong messages when + forwarding multiple messages by attachment + * fixed: Thunderbird did not re-prompt for an SMTP username if + one was not provided + * fixed: Messages with BCC recipients that were held in the + Outbox did not retain the BCC header when moved to the Sent + folder + * fixed: Thunderbird displayed reminders for events that were + cancelled or declined + * fixed: New Feed Account dialog did not honor dark mode +- Mozilla Thunderbird 91.1.1 + * Menu item for disabling subject encryption for a single message added + * Printing messages that are not currently displayed is no longer + supported, including printing multiple messages at once + * fixed: Buttons on compose window dialogs did not have a + visual indication of focus + * fixed: Dropdown fields in message compose window were + unreadable on Windows 7 with a dark theme + * fixed: Multiple bulk mail notification warnings were + displayed + * fixed: Enabled/Disabled state of message filters did not + persist as expected + * fixed: Printing a message did not print a list of its + attachments + * fixed: Images attached from a web page were not sent as + expected + * fixed: OpenPGP public key was attached multiple times when + forwading a message + * fixed: Windows tray icon disappeared if Thunderbird was + started by a shortcut with "Run" set to "Minimized" + * fixed: Windows tray message count badge displayed the + "unread" count instead of the "new" message count + * fixed: Some downstream Thunderbird builds were incorrectly + checking addons for a signature, causing all addons to be + disabled + * fixed: Addressbooks set up with autoconfig showed no search + results + * fixed: Various CardDAV setup and auto-detection fixes + * fixed: Dates (such as birthday) stored in contacts may + display the wrong date; a one-time manual fix may be needed + for dates that are incorrect. + * fixed: Attached VCards displayed as plain text when an email + was HTML formatted + * fixed: Mailing list names with non-ASCII characters + incorrectly displayed with an error + * fixed: LDAP directories were not searched for matches when + adding recipients to an email + * fixed: Clicking "Connect to an LDAP address book" in account + setup opened CardDAV setup dialog + * fixed: LDAP address books using Kerberos/GSS-API + authentication did not authenticate + * fixed: LDAP search queries containing non-ASCII characters + produced no results + * fixed: IRC server connections did not automatically retry + after a timeout + * fixed: Calendar event editor did not honor + `mail.spellcheck.inline` +- MOZ_ENABLE_WAYLAND env variable now overrides automatic detection + if already set before startup +- Mozilla Thunderbird 91.1.0 + * Thunderbird registered Accessibility Handlers using same GUIDs + as Firefox, causing performance issues for NVDA users + * Focus lost when reordering accounts by keyboard in the Account Manager + * Account setup did not use provider display name for setting up + calendars + * Various theme and UX fixes + MFSA 2021-41 (bsc#1190269) + * CVE-2021-38492 (bmo#1721107) + Navigating to `mk:` URL scheme could load Internet Explorer + * CVE-2021-38495 (bmo#1723391, bmo#1723920, bmo#1724101, + bmo#1724107) + Memory safety bugs fixed in Thunderbird 91.1 +- add mozilla-bmo531915.patch to fix build for i586 +- Remove obsolete patch mozilla-disable-wasm-emulate-arm-unaligned-fp-access.patch + +- Mozilla Thunderbird 91.0.3: + * fixed: Folder icons could be overridden by linked favicons in + HTML messages + * fixed: Unified folders showed no messages when underlying + folders were removed + * fixed: Folder pane toolbar did not always persist after + restarting Thunderbird + * fixed: Compose window attachment pane did not close when + disabling signing of an OpenPGP message + * fixed: Using "Reply to List" with some list emails + incorrectly opened a "no-reply" warning + * fixed: Account setup UX issues with Exchange autodiscover + * fixed: Account settings did not display non-UTF-8 server + descriptions correctly + * fixed: Thunderbird sometimes sent an unnecessary "SMTPUTF8", + causing some servers to reject mail + * fixed: No mouseover pop was displayed with event details for + non-all-day events in the Today Pane + * fixed: Filtering tasks in the Today Pane did not work + * fixed: Email based event scheduling displayed the date and + time in a format unreadable by humans +- Mozilla Thunderbird 91.0.2: + * new: Tags are now colored in mail filter editor + * changed: Context menu items related to OpenPGP and + attachments are now hidden when not applicable + * fixed: Creating a new account with manual setup failed + * fixed: Recipient autocomplete always preferred the primary + email address for a contact + * fixed: LDAP performance improvements + * fixed: Extensions listed on the Recommended Addons did not + have a clear way to view details in a browser + * fixed: Status checkmark on View > Calendar > Calendar Pane > + Show Calendar Pane was reversed + * fixed: mid: URLs in calendar invites did not open the linked + mail message + * fixed: Various theme and UX fixes +- Mozilla Thunderbird 91.0.1 + MFSA 2021-37 (bsc#1189547) + * CVE-2021-29991 (bmo#1724896) + Header Splitting possible with HTTP/3 Responses +- appdate screenshot URL updated (by mailaender@opensuse.org) +- Mozilla Thunderbird 91.0 + * based on Mozilla's 91 ESR codebase + * many new and changed features + https://www.thunderbird.net/en-US/thunderbird/91.0/releasenotes/#whatsnew + * Renamed "Add-ons" to "Add-ons and Themes" and "Options" to "Preferences" + * Thunderbird now operates in multi-process (e10s) mode by default + * New user interface for adding attachments + * Enable redirect of messages + * CardDAV address book support +- Removed obsolete patches: + * mozilla-bmo1463035.patch + * mozilla-ppc-altivec_static_inline.patch + * mozilla-pipewire-0-3.patch + * mozilla-bmo1554971.patch +- add mozilla-libavcodec58_91.patch +- removed obsolete BigEndian ICU build workaround +- updated build requirements +- Readd mozilla-silence-no-return-type.patch + alsa +- Update to version 1.2.6.1: + a minor fix release: + * conf: fix the device parsing when arguments has no defaults + * conf: accept '_' character in the variable name + +- Update to version 1.2.6: + lots of changes, including UCM and config updates and rawmidi + framing mode support: for details, see below + https://www.alsa-project.org/wiki/Changes_v1.2.5.1_v1.2.6#alsa-lib +- Add *.sig file for the source tarball + alsa-plugins +- Update to version 1.2.6: + Fixes for a52 plugin, jack, rate-lav. For details, see URL: + https://alsa-project.org/wiki/Changes_v1.2.5.1_v1.2.6#alsa-plugins +- Add *.sig file for the source tarball + alsa-ucm-conf +- Fix regression for AMD ACP LED control: + 0002-HDA-acp-avoid-to-create-Mic-ACP-LED-control-for-the-.patch + +- Fix a regression in HDA-DualCodecs: + 0001-HDA-DualCodecs-fix-typo-in-Speaker-condition.patch + +- Update to version 1.2.6.3: + * ucm2/Qualcomm/apq8096: Change plughw to hw to access card + * ucm2/Qualcomm/apq8016-sbc: Change plughw to hw to access card + * ucm2: Add support for RT5650 on MediaTek SoCs + * sof-soundwire: use absolute path in SectionUseCase + +- Update to version 1.2.6.2: + a minor fix release, just includnig ther previous fixes +- Drop obsoleted patches + 0001-sof-hda-dsp-fix-path-to-Hdmi.conf.patch + 0002-bytcht-es8316-fix-Include-paths-in-HiFi.conf.patch + +- Update to version 1.2.6.1: + a minor fix release: + * acp: fix linked configuration + * ucm2: Add support for SC7180 Trogdor Lazor Chromebooks + * USB-Audio: fix the wrong condition type for If.realtek-alc1220-vb +- More a couple of upstream fixes for forgotten conversions: + 0001-sof-hda-dsp-fix-path-to-Hdmi.conf.patch + 0002-bytcht-es8316-fix-Include-paths-in-HiFi.conf.patch + +- Update to version 1.2.6: + various profile updates. See URL below for details: + https://alsa-project.org/wiki/Changes_v1.2.5.1_v1.2.6#alsa-ucm-conf +- Add *.sig file for the tarball +- Explicit Requires for the libasound2 with the same or newer + version + alsa-utils +- Fix alsamixer color config regression: + 0001-alsamixer-Fix-regression-in-color-setup.patch + +- Update to alsa-utils 1.2.6: + various updates / fixes for alsactl, amidi, alsaloop, alsamixer, + alsatplg, amixer, aplay and aseqnet. Details are found in + https://alsa-project.org/wiki/Changes_v1.2.5.1_v1.2.6#alsa-utils +- Update the download URL +- Add *.sig file for the tarball + +- Drop ProtectClock hardening, can cause issues if other device acceess is needed + apache2 +- ssl-global.conf: set SSLCipherSuite to PROFILE=SYSTEM instead of + DEFAULT_SUSE [jsc#SLE-22561] +- set also SSLProxyCipherSuite to PROFILE=SYSTEM +- modified sources + % apache2-ssl-global.conf + apparmor +- update to AppArmor 3.0.4 + - various fixes in profiles, abstractions, apparmor_parser and utils + (some of them were already included as patches) + - add support for mctp address family + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.4 + for the full upstream changelog +- remove upstream(ed) patches: + - aa-notify-more-arch-mr809.diff + - ruby-3.1-build-fix.diff + - add-samba-bgqd.diff + - openssl-engdef-mr818.diff + - profiles-python-3.10-mr783.diff + - update-samba-abstractions-ldb2.diff +- refresh patches: + - apparmor-samba-include-permissions-for-shares.diff + - ruby-2_0-mkmf-destdir.patch + +- add ruby-3.1-build-fix.diff: fix build with ruby 3.1 (boo#1194221, + MR 827) + +- add update-samba-abstractions-ldb2.diff: Cater for changes to ldb + packaging to allow parallel installation with libldb (bsc#1192684). + - operation="file_mmap" violation in SLE15-SP4; (bsc#1192336). + operation="file_mmap" violation in SLE15-SP4; (bsc#1192336). + +- add openssl-engdef-mr818.diff: Allow reading /etc/ssl/engdef.d/ and + /etc/ssl/engines.d/ in abstractions/openssl which were introduced + with the latest openssl update at-spi2-core +- Configure to use dbus-broker when available. +- Add libsystemd to BuildRequires: needed for dbus-broker support. + audit +- Update to version 3.0.6: + * fixes a segfault on some SELINUX_ERR records + * makes IPX packet interpretation dependent on the ipx header + file existing + * adds b32/b64 support to ausyscall + * adds support for armv8l + * fixes auditctl list of syscalls on PPC + * auditd.service now restarts auditd under some conditions + +- Update to version 3.0.5: + * In auditd, flush uid/gid caches when user/group added/deleted/modified + * Fixed various issues when dealing with corrupted logs + * In auditd, check if log_file is valid before closing handle +- Include fixed from 3.0.4: + * Apply performance speedups to auparse library + * Optimize rule loading in auditctl + * Fix an auparse memory leak caused by glibc-2.33 by replacing realpath + * Update syscall table to the 5.14 kernel + * Fixed various issues when dealing with corrupted logs + +- Update to version 3.0.3: + * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined + * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids + * Change auparse_feed_has_data in auparse to include incomplete events + * Auditd, stop linking against -lrt + * Add ProtectHome and RestrictRealtime to auditd.service + * In auditd, read up to 3 netlink packets in a row + * In auditd, do not validate path to plugin unless active + * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists +- use https source urls + +- Adjust audit.spec and audit-secondary.spec to support new version +- Include fix for libev + * add libev-werror.patch +- Update to version 3.0.2 +- In audispd-statsd pluging, use struct sockaddr_storage (Ville Heikkinen) +- Optionally interpret auid in auditctl -l +- Update some syscall argument interpretations +- In auditd, do not allow spaces in the hostname name format +- Big documentation cleanup (MIZUTA Takeshi) +- Update syscall table to the 5.12 kernel +- Update the auparse normalizer for new event types +- Fix compiler warnings in ids subsystem +- Block a couple signals from flush & reconfigure threads +- In auditd, don't wait on flush thread when exiting +- Output error message if the path of input files are too long ausearch/report + Included fixes from 3.0.1 +- Update syscall table to the 5.11 kernel +- Add new --eoe-timeout option to ausearch and aureport (Burn Alting) +- Only enable periodic timers when listening on the network +- Upgrade libev to 4.33 +- Add auparse_new_buffer function to auparse library +- Use the select libev backend unless aggregating events +- Add sudoers to some base audit rules +- Update the auparse normalizer for some new syscalls and event types + Included fixes from 3.0 +- Generate checkpoint file even when no results are returned (Burn Alting) +- Fix log file creation when file logging is disabled entirely (Vlad Glagolev) +- Convert auparse_test to run with python3 (Tomáš Chvátal) +- Drop support for prelude +- Adjust backlog_wait_time in rules to the kernel default (#1482848) +- Remove ids key syntax checking of rules in auditctl +- Use SIGCONT to dump auditd internal state (#1504251) +- Fix parsing of virtual timestamp fields in ausearch_expression (#1515903) +- Fix parsing of uid & success for ausearch +- Add support for not equal operator in audit by executable (Ondrej Mosnacek) +- Hide lru symbols in auparse +- Add systemd process protections +- Fix aureport summary time range reporting +- Allow unlimited retries on startup for remote logging +- Add queue_depth to remote logging stats and increase default queue_depth size +- Fix segfault on shutdown +- Merge auditd and audispd code +- Close on execute init_pipe fd (#1587995) +- Breakout audisp syslog plugin to be standalone program +- Create a common internal library to reduce code +- Move all audispd config files under /etc/audit/ +- Move audispd.conf settings into auditd.conf +- Add queue depth statistics to internal state dump report +- Add network statistics to internal state dump report +- SIGUSR now also restarts queue processing if its suspended +- Update lookup tables for the 4.18 kernel +- Add auparse_normalizer support for SOFTWARE_UPDATE event +- Add 30-ospp-v42.rules to meet new Common Criteria requirements +- Deprecate enable_krb and replace with transport config opt for remote logging +- Mark netlabel events as simple events so that get processed quicker +- When auditd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) +- In aureport, fix segfault in file report +- Add auparse_normalizer support for labeled networking events +- Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) +- In ausearch/auparse, event aging is off by a second +- In ausearch/auparse, correct event ordering to process oldest first +- Migrate auparse python test to python3 +- auparse_reset was not clearing everything it should +- Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events +- In ausearch/report, lightly parse selinux portion of USER_AVC events +- Add bpf syscall command argument interpretation to auparse +- In ausearch/report, limit record size when malformed +- Port af_unix plugin to libev +- In auditd, fix extract_type function for network originating events +- In auditd, calculate right size and location for network originating events +- Make legacy script wait for auditd to terminate (#1643567) +- Treat all network originating events as VER2 so dispatcher doesn't format it +- If an event has a node name make it VER2 so dispatcher doesnt format it +- In audisp-remote do an initial connection attempt (#1625156) +- In auditd, allow expression of space left as a percentage (#1650670) +- On PPC64LE systems, only allow 64 bit rules (#1462178) +- Make some parts of auditd state report optional based on config +- Update to libev-4.25 +- Fix ausearch when checkpointing a single file (Burn Alting) +- Fix scripting in 31-privileged.rules wrt filecap (#1662516) +- In ausearch, do not checkpt if stdin is input source +- In libev, remove __cold__ attribute for functions to allow proper hardening +- Add tests to configure.ac for openldap support +- Make systemd support files use /run rather than /var/run (Christian Hesse) +- Fix minor memory leak in auditd kerberos credentials code +- Allow exclude and user filter by executable name (Ondrej Mosnacek) +- Fix auditd regression where keep_logs is limited by rotate_logs 2 file test +- In ausearch/report fix --end to use midnight time instead of now (#1671338) +- Add substitue functions for strndupa & rawmemchr +- Fix memleak in auparse caused by corrected event ordering +- Fix legacy reload script to reload audit rules when daemon is reloaded +- Support for unescaping in trusted messages (Dmitry Voronin) +- In auditd, use standard template for DEAMON events (Richard Guy Briggs) +- In aureport, fix segfault for malformed USER_CMD events +- Add exe field to audit_log_user_command in libaudit +- In auditctl support filter on socket address families (Richard Guy Briggs) +- Deprecate support for Alpha & IA64 processors +- If space_left_action is rotate, allow it every time (#1718444) +- In auparse, drop standalone EOE events +- Add milliseconds column for ausearch extra time csv format +- Fix aureport first event reporting when no start given +- In audisp-remote, add new config item for startup connection errors +- Remove dependency on chkconfig +- Install rules to /usr/share/audit/sample-rules/ +- Split up ospp rules to make SCAP scanning easier (#1746018) +- In audisp-syslog, support interpreting records (#1497279) +- Audit USER events now sends msg as name value pair +- Add support for AUDIT_BPF event +- Auditd should not process AUDIT_REPLACE events +- Update syscall tables to the 5.5 kernel +- Improve personality interpretation by using PERS_MASK +- Speedup ausearch/report parsing RAW logging format by caching uid/name lookup +- Change auparse python bindings to shared object (Issue #121) +- Add error messages for watch permissions +- If audit rules file doesn't exist log error message instead of info message +- Revise error message for unmatched options in auditctl +- In audisp-remote, fixup remote endpoint disappearin in ascii format +- Add backlog_wait_time_actual reporting / resetting to auditctl (Max Englander) +- In auditctl, add support for sending a signal to auditd +- Remove audit-fno-common.patch: fixed in upstream +- Remove audit-python3.patch: fixed in upstream + -- Update to version 2.6.5: +- Update to version 2.8.5: audit-secondary +- Use %autosetup +- Don't include sample rules as %doc, they're already installed + as normal files +- Fix create-augenrules-service.patch: + * auditd.service needs to require augenrules.service, + not the other way around +- Fix documentation for enable-stop-rules.patch + +- Update to version 3.0.6: + * fixes a segfault on some SELINUX_ERR records + * makes IPX packet interpretation dependent on the ipx header + file existing + * adds b32/b64 support to ausyscall + * adds support for armv8l + * fixes auditctl list of syscalls on PPC + * auditd.service now restarts auditd under some conditions + +- Add CONFIG parameter to %sysusers_generate_pre + +- Create separate service for augenrules (bsc#1191614, bsc#1181400) + * add create-augenrules-service.patch + Remove ReadWritePaths=/etc/audit from auditd.service, also removes + augenrules call from ExecStartPost. + Create augenrules.service with the ReadWritePaths directive above. + This makes /etc/audit only accessible by augenrules.service and + let auditd.service (and daemon) to be sandboxed again. +- Update audit-secondary.spec to accomodate the new service file. + +- Fix hardened auditd.service (bsc#1181400) + * add fix-hardened-service.patch + Make /etc/audit read-write from the service. + Remove PrivateDevices=true to expose /dev/* to auditd.service. +- Enable stop rules for audit.service (cf. bsc#1190227) + * add enable-stop-rules.patch + +- Change default log_format from ENRICHED to RAW (bsc#1190500): + * add change-default-log_format.patch (SUSE-specific patch) +- Update to version 3.0.5: + * In auditd, flush uid/gid caches when user/group added/deleted/modified + * Fixed various issues when dealing with corrupted logs + * In auditd, check if log_file is valid before closing handle +- Include fixed from 3.0.4: + * Apply performance speedups to auparse library + * Optimize rule loading in auditctl + * Fix an auparse memory leak caused by glibc-2.33 by replacing realpath + * Update syscall table to the 5.14 kernel + * Fixed various issues when dealing with corrupted logs + +- harden_auditd.service.patch: automatic hardening applied to systemd + services + +- Update to version 3.0.3: + * Dont interpret audit netlink groups unless AUDIT_NLGRP_MAX is defined + * Add support for AUDIT_RESP_ORIGIN_UNBLOCK_TIMED to ids + * Change auparse_feed_has_data in auparse to include incomplete events + * Auditd, stop linking against -lrt + * Add ProtectHome and RestrictRealtime to auditd.service + * In auditd, read up to 3 netlink packets in a row + * In auditd, do not validate path to plugin unless active + * In auparse, only emit config errors when AUPARSE_DEBUG env variable exists +- use https source urls + +- Adjust audit.spec and audit-secondary.spec to support new version +- Include fix for libev + * add libev-werror.patch +- Update to version 3.0.2 +- In audispd-statsd pluging, use struct sockaddr_storage (Ville Heikkinen) +- Optionally interpret auid in auditctl -l +- Update some syscall argument interpretations +- In auditd, do not allow spaces in the hostname name format +- Big documentation cleanup (MIZUTA Takeshi) +- Update syscall table to the 5.12 kernel +- Update the auparse normalizer for new event types +- Fix compiler warnings in ids subsystem +- Block a couple signals from flush & reconfigure threads +- In auditd, don't wait on flush thread when exiting +- Output error message if the path of input files are too long ausearch/report + Included fixes from 3.0.1 +- Update syscall table to the 5.11 kernel +- Add new --eoe-timeout option to ausearch and aureport (Burn Alting) +- Only enable periodic timers when listening on the network +- Upgrade libev to 4.33 +- Add auparse_new_buffer function to auparse library +- Use the select libev backend unless aggregating events +- Add sudoers to some base audit rules +- Update the auparse normalizer for some new syscalls and event types + Included fixes from 3.0 +- Generate checkpoint file even when no results are returned (Burn Alting) +- Fix log file creation when file logging is disabled entirely (Vlad Glagolev) +- Convert auparse_test to run with python3 (Tomáš Chvátal) +- Drop support for prelude +- Adjust backlog_wait_time in rules to the kernel default (#1482848) +- Remove ids key syntax checking of rules in auditctl +- Use SIGCONT to dump auditd internal state (#1504251) +- Fix parsing of virtual timestamp fields in ausearch_expression (#1515903) +- Fix parsing of uid & success for ausearch +- Add support for not equal operator in audit by executable (Ondrej Mosnacek) +- Hide lru symbols in auparse +- Add systemd process protections +- Fix aureport summary time range reporting +- Allow unlimited retries on startup for remote logging +- Add queue_depth to remote logging stats and increase default queue_depth size +- Fix segfault on shutdown +- Merge auditd and audispd code +- Close on execute init_pipe fd (#1587995) +- Breakout audisp syslog plugin to be standalone program +- Create a common internal library to reduce code +- Move all audispd config files under /etc/audit/ +- Move audispd.conf settings into auditd.conf +- Add queue depth statistics to internal state dump report +- Add network statistics to internal state dump report +- SIGUSR now also restarts queue processing if its suspended +- Update lookup tables for the 4.18 kernel +- Add auparse_normalizer support for SOFTWARE_UPDATE event +- Add 30-ospp-v42.rules to meet new Common Criteria requirements +- Deprecate enable_krb and replace with transport config opt for remote logging +- Mark netlabel events as simple events so that get processed quicker +- When auditd is reconfiguring, only SIGHUP plugins with valid pid (#1614833) +- In aureport, fix segfault in file report +- Add auparse_normalizer support for labeled networking events +- Fix memory leak in audisp-remote plugin when using krb5 transport. (#1622194) +- In ausearch/auparse, event aging is off by a second +- In ausearch/auparse, correct event ordering to process oldest first +- Migrate auparse python test to python3 +- auparse_reset was not clearing everything it should +- Add support for AUDIT_MAC_CALIPSO_ADD, AUDIT_MAC_CALIPSO_DEL events +- In ausearch/report, lightly parse selinux portion of USER_AVC events +- Add bpf syscall command argument interpretation to auparse +- In ausearch/report, limit record size when malformed +- Port af_unix plugin to libev +- In auditd, fix extract_type function for network originating events +- In auditd, calculate right size and location for network originating events +- Make legacy script wait for auditd to terminate (#1643567) +- Treat all network originating events as VER2 so dispatcher doesn't format it +- If an event has a node name make it VER2 so dispatcher doesnt format it +- In audisp-remote do an initial connection attempt (#1625156) +- In auditd, allow expression of space left as a percentage (#1650670) +- On PPC64LE systems, only allow 64 bit rules (#1462178) +- Make some parts of auditd state report optional based on config +- Update to libev-4.25 +- Fix ausearch when checkpointing a single file (Burn Alting) +- Fix scripting in 31-privileged.rules wrt filecap (#1662516) +- In ausearch, do not checkpt if stdin is input source +- In libev, remove __cold__ attribute for functions to allow proper hardening +- Add tests to configure.ac for openldap support +- Make systemd support files use /run rather than /var/run (Christian Hesse) +- Fix minor memory leak in auditd kerberos credentials code +- Allow exclude and user filter by executable name (Ondrej Mosnacek) +- Fix auditd regression where keep_logs is limited by rotate_logs 2 file test +- In ausearch/report fix --end to use midnight time instead of now (#1671338) +- Add substitue functions for strndupa & rawmemchr +- Fix memleak in auparse caused by corrected event ordering +- Fix legacy reload script to reload audit rules when daemon is reloaded +- Support for unescaping in trusted messages (Dmitry Voronin) +- In auditd, use standard template for DEAMON events (Richard Guy Briggs) +- In aureport, fix segfault for malformed USER_CMD events +- Add exe field to audit_log_user_command in libaudit +- In auditctl support filter on socket address families (Richard Guy Briggs) +- Deprecate support for Alpha & IA64 processors +- If space_left_action is rotate, allow it every time (#1718444) +- In auparse, drop standalone EOE events +- Add milliseconds column for ausearch extra time csv format +- Fix aureport first event reporting when no start given +- In audisp-remote, add new config item for startup connection errors +- Remove dependency on chkconfig +- Install rules to /usr/share/audit/sample-rules/ +- Split up ospp rules to make SCAP scanning easier (#1746018) +- In audisp-syslog, support interpreting records (#1497279) +- Audit USER events now sends msg as name value pair +- Add support for AUDIT_BPF event +- Auditd should not process AUDIT_REPLACE events +- Update syscall tables to the 5.5 kernel +- Improve personality interpretation by using PERS_MASK +- Speedup ausearch/report parsing RAW logging format by caching uid/name lookup +- Change auparse python bindings to shared object (Issue #121) +- Add error messages for watch permissions +- If audit rules file doesn't exist log error message instead of info message +- Revise error message for unmatched options in auditctl +- In audisp-remote, fixup remote endpoint disappearin in ascii format +- Add backlog_wait_time_actual reporting / resetting to auditctl (Max Englander) +- In auditctl, add support for sending a signal to auditd +- Removes audit-fno-common.patch: fixed in upstream +- Removes audit-python3.patch: fixed in upstream + -- Update to version 2.6.5: +- Update to version 2.8.5: autoyast2 +- The ayast_setup client imports the general settings + (bsc#1195631). +- 4.4.30 + +- Fix the profile update when using an element + (boo#1195630). +- Run the network client when listed in the semi-automatic section. +- 4.4.29 + +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.28 + +- Replace references to PackageAI module with proper calls to + Package methods (bsc#1194886). +- 4.4.27 + +- Fix handling of add-on signature settings, introduced when fixing + bsc#1192437 (bsc#1194881). +- 4.4.26 + +- Properly merge the autoupgrade workflow when using the online + medium (bsc#1192437, bsc#1194440). +- 4.4.25 + bcm43xx-firmware +- Introduce firmware files for Raspberry Pi Zero 2 W support (jsc#SLE-23064). +- Change source file links from branch master to branch buster. + -- Update BCM4345C0.hcd +- Update BCM4345C0.hcd to fix Spectra for CYW43455 (CVE-2020-10370) bind +- Added /var/log to the ReadWritePaths as some log files are + written there: + * dump-file "/var/log/named_dump.db" + * statistics-file "/var/log/named.stats" + [bsc#1194721, vendor-files.tar.bz2] + +- Added "BuildRequires: python-rpm-macros". This was pulled in by + python3 by mistake in the past and had been removed via Maintenance + Update. + [bind.spec, bsc#1194746] + btrfsprogs +- add python-rpm-macros (bsc#1194748) + cantarell-fonts +- Update to version 0.303.1: + + Add missing font. +- Changes from version 0.303: + + Actually update the version number in the fonts. +- Changes from version 0.302: + + Maintenance release: Make the variable font the default, only + build statics on demand. Also build two packages with variable + and static fonts. Packagers can chose the statics package if + they run into problems with the variable font, but you should + probably not install both at the same time. + + Amended OS/2 super- and subscript values so that new Pango can + use them properly. + + Update production names for Jacute, bulletoperator, + commercialMinusSign, divisionslash, notidentical, + ringcomb_acutecomb and ringcomb_acutecomb.case. + + Updated appstream translations. + cifs-utils -- Make cifs-idmap plugin (idmapwb.so) use update-alternatives - mechanism to be able to switch between cifs-utils and sssd; - (bsc#1182682). +- Update cifs-utils.spec: + * Remove unused + !BuildIgnore: samba-client + BuildRequires: libwbclient-devel + +- Update to cifs-utils 6.14 + * smbinfo is enhanced with capability to display alternate data streams + * setcifsacl is improved to optionally reorder ACEs in preferred order + * cifs.upcall regression in kerberos mount is fixed + * remove cifs-utils-6.13.tar.bz2 + * remove cifs-utils-6.13.tar.bz2.asc + * add cifs-utils-6.14.tar.bz2 + * add cifs-utils-6.14.tar.bz2.asc +- Drop upstream fixed patches: + * 0015-cifs.upcall-fix-regression-in-kerberos-mount.patch + +- Update to cifs-utils 6.13 + * Fixes CVE-2021-20208, cifs.upcall kerberos auth leak in container + * remove cifs-utils-6.12.tar.bz2 + * remove cifs-utils-6.12.tar.bz2.asc + * add cifs-utils-6.13.tar.bz2 + * add cifs-utils-6.13.tar.bz2.asc +- Drop upstream fixed patches: + * 0014-cifs.upcall-try-to-use-container-ipc-uts-net-pid-mnt.patch + * add 0014-cifs.upcall-try-to-use-container-ipc-uts-net-pid-mnt.patch + +- Update to cifs-utils 6.12 + * remove cifs-utils-6.11.tar.bz2 + * remove cifs-utils-6.11.tar.bz2.asc + * add cifs-utils-6.12.tar.bz2 + * add cifs-utils-6.12.tar.bz2.asc +- Remove backports already in 6.12 + * remove 0001-cifs-utils-Respect-DESTDIR-when-installing-smb3-stuf.patch + * remove 0002-cifs-utils-fix-probabilistic-compiling-error.patch +- Refresh Makefile.am install fix + * modify fix-sbin-install-error.patch +- Hardcode python3 interpreter in shebang of smbinfo instead of + /usr/bin/env to let rpm runtime dependency detect it. + +- use new %_pamdir macro to avoid hardcoding pam module path + +- Update to cifs-utils 6.11 + * remove cifs-utils-6.9.tar.bz2 + * remove cifs-utils-6.9.tar.bz2.asc + * add cifs-utils-6.11.tar.bz2 + * add cifs-utils-6.11.tar.bz2.asc +- Remove backports already in 6.11 + * remove 0001-smbinfo-Improve-help-usage-and-add-h-option.patch + * remove 0002-smbinfo-Add-bash-completion-support-for-smbinfo.patch + * remove 0003-getcifsacl-Add-support-to-accept-more-paths.patch + * remove 0004-getcifsacl-Fix-usage-message-to-include-multiple-fil.patch + * remove 0005-smbinfo-add-GETCOMPRESSION-support.patch + * remove 0006-getcifsacl-Add-support-for-R-recursive-option.patch + * remove 0007-smbinfo-add-bash-completion-support-for-getcompressi.patch + * remove 0008-mount.cifs.c-fix-memory-leaks-in-main-func.patch + * remove 0009-Zero-fill-the-allocated-memory-for-new-struct-cifs_n.patch + * remove 0010-Zero-fill-the-allocated-memory-for-a-new-ACE.patch + * remove 0011-fix-doublefree.patch + * remove 0012-mount.cifs-Fix-invalid-free.patch + * remove 0013-CVE-2020-14342-mount.cifs-fix-shell-command-injectio.patch +- Add fixes for autoconf and make install issues + * add fix-sbin-install-error.patch + * add 0001-cifs-utils-Respect-DESTDIR-when-installing-smb3-stuf.patch + * add 0002-cifs-utils-fix-probabilistic-compiling-error.patch +- Hardcode python3 interpreter in shebang of smb2-quota instead of + /usr/bin/env to let rpm runtime dependency detect it. + +- prepare usrmerge (boo#1029961) + +- Make cifs-idmap plugin (idmapwb.so) use update-alternatives + mechanism to be able to switch between cifs-utils and sssd; + (bsc#1182682). +- rst2man has been moved to python3-docutils in SLE12+, update + BuildRequires check to reflect that + colord +- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): + * harden_colord.service.patch + +- Change to systemd-sysusers + coreutils +- coreutils-df-fuse-portal-dummy.patch: + df: Add "fuse.portal" as a dummy file system (used in flatpak + implementations). (bsc#1189152) + cyrus-sasl +- postfix: sasl authentication with password fails (bsc#1194265) + Add config parameter --with-dblib=gdbm +- Avoid converting of /etc/sasldb2 by every update. Convert + /etc/sasldb2 only if it is a Berkeley DB + dbus-1 +- Remove pointless %%post scriptlet leveraging non-existent systemd env + variables + FIRST_ARG has been used in our systemd macros, but this has now been gone for + years. Thus the true branch of the if has never been executed for years and is + only causing warnings when installing dbus. + dosfstools +- To be able to create filesystems compatible with previous + version, add -g command line option to mkfs (boo#1188401, + dosfstools-add-g.patch). +- BREAKING CHANGES: + After fixing of bsc#1172863 in the last update, mkfs started to + create different images than before. Applications that depend on + exact FAT file format (e. g. embedded systems) may be broken in + two ways: + * The introduction of the alignment may create smaller images + than before, with a different positions of important image + elements. It can break existing software that expect images in + doststools <= 4.1 style. + To work around these problems, use "-a" command line argument. + * The new image may contain a different geometry values. Geometry + sensitive applications expecting doststools <= 4.1 style images + can fails to accept different geometry values. + There is no direct work around for this problem. But you can + take the old image, use "file -s $IMAGE", check its + "sectors/track" and "heads", and use them in the newly + introduced "-g" command line argument. + -- updated to 3.0.25: - * Prevent corruption of FAT during fsck on 64 bit platforms. - unsigned long is 64 bit on x86-64, which means set_fat was writing two - entries, which corrupts the next entry. This can cause loss of data in - another file. - * Fixed remaining 64 bit build warnings. - dracut +- Update to version 055+suse.238.gacab0df5: + * fix(cpio): correct dev_t -> rmajor/rminor mapping (bsc#1195808) + * ci(cpio): add test_archive_dev_maj_min (bsc#1195808) + * ci(cpio): add TempWorkDir.create_tmp_mknod helper (bsc#1195808) + +- Update to version 055+suse.234.gbdaf66ff: + * fix(tpm2-tss): install SUSE specific files (bsc#1195984) + * fix(systemd-sysusers): override systemd-sysusers.service (bsc#1195983) + +- Update to version 055+suse.230.g3fdde49a: + * fix(dasd_rules): correct udev dasd rules parsing (bsc#1195309) + * revert(lvm): remove 69-dm-lvm-metad.rules (bsc#1195604) + +- Update to version 055+suse.226.g44139dde: + * fix(zfcp_rules): remove collect based udev rule creators + * fix(dasd_rules): remove collect based udev rule creators + * fix(kernel-modules-extra): handle zstd module extension + * fix(ifcfg): add SUSE specific write-ifcfg file (bsc#1193518) + * fix(dracut-functions): skip iSCSI sessions without initiatorname (bsc#1195011) + * fix(dracut-functions.sh): ip route parsing (bsc#1195011) + * fix(fips): missing sourcing of dracut-lib + * fix(fips): wrong error message + * fix(network-legacy): install only existing SUSE specific files (bsc#1194879) + * fix(network-legacy): set dhclient as optional (bsc#1194879) + * fix(40network): consistent use of "$gw" for gateway (bsc#1192685) + * fix(multipathd-configure.service): drop unneeded dependencies + * fix(multipath): check if mpathconf is available + * fix(multipathd.service): drop dependencies on iscsi and iscsid + * fix(multipathd.service): adapt to upstream multipath-tools unit file + * fix(multipathd.service): remove dependency on systemd-udev-settle + * fix(fips): avoid shellcheck warnings + * fix(fips): get _vmname value only if it is needed + * fix(fips.sh): respect rd.fips.skipkernel + * fix(fips): alignment with the upstream format + +- Update to version 055+suse.194.gdd41932a: + * fix(network-legacy): add wicked as an alternative to arping (bsc#1193670) + * fix(network): add wicked as an alternative to arping (bsc#1193670) + +- Update to version 055+suse.191.g67eb4ea8: + * fix(dracut-initramfs-restore.sh): add test for SUSE initrd name (bsc#1194570) + * fix(dracut.spec): require util-linux-systemd (bsc#1194162) + * fix(network-wicked): multiple path corrections + * fix(drm): add privacy screen modules to the initrd (bsc#1193590) + - * fix(cpio): write zeros instead of seek for padding and alignment + * fix(cpio): write zeros instead of seek for padding and alignment (bsc#1190982) - * chore(suse): add dracut-cpio archiver + * chore(suse): add dracut-cpio archiver (jsc#SLE-16157) - * chore(suse): add fido2 module - * feat(crypt): check if fido2 module is needed in hostonly mode - * feat(fido2): introducing the fido2 module - * feat(crypt): check if tpm2-tss module is needed in hostonly mode - * fix(dracut-functions.sh): get block device driver if in a virtual subsystem + * chore(suse): add fido2 module (jsc#SLE-21070) + * feat(crypt): check if fido2 module is needed in hostonly mode (jsc#SLE-21070) + * feat(fido2): introducing the fido2 module (jsc#SLE-21070) + * feat(crypt): check if tpm2-tss module is needed in hostonly mode (jsc#SLE-21070) + * fix(dracut-functions.sh): get block device driver if in a virtual subsystem (bsc#1189776) emacs +- Skip patch boo1180353-6d8144a2.patch for emacs 25.3 as already + part of emacs 27.2: Was fix for boo#1180353 that was a possible + segmentation fault in case of stack overflow of etags + +- Use %make_build macro. + +- Get rid of the old dbus shell code in the emacs shell script + nowadays this should be not needed anymore + +- Make dbus code in emacs shell script failsafe + +- Enable the NO_AT_BRIDGE code + +- Again disable workaround with XLIB_SKIP_ARGB_VISUALS set (boo#1191517) +- Correct quoting of anonymous function calls + -- Add patch boo1180353-6d8144a2.patch to fix boo#1180353 that is a - possible segmentation fault in case of stack overflow of etags +- Work for boo#1183497: make sure that if ibus is the input method + that there exists a working gtk immodule for ibus as well as the + ibus daemon is up and running + +- sigsegv-stack.patch: Port alternate signal stack to upcoming glibc 2.34 + +- Enable workaround with XLIB_SKIP_ARGB_VISUALS set (boo#1186341) + +- For terminal 24bit support, fall back to xterm+direct + (semicolon version) if requested by the COLORTERM environment variable. + Upstream commit 50f489b5dc. + Allows 24bit color on gnome-terminal out of the box. + * emacs-27.2-COLORTERM-24bit.patch + +- Disable workaround with XLIB_SKIP_ARGB_VISUALS set (boo#1186341) + +- Update emacs.keyring + +- Update to GNU Emacs version 27.2 + * Changes in Emacs 27.2 + This is a bug-fix release with no new features. + * Lisp Changes in Emacs 27.2 + The behavior of the user option 'resize-mini-frames' has changed. + If set to a non-nil value which isn't a function, resize the mini + frame using the new function 'fit-mini-frame-to-buffer' which won't + skip leading or trailing empty lines of the buffer. + * Changes in Specialized Modes and Packages in Emacs 27.2 + Tramp: The user option 'tramp-completion-reread-directory-timeout' + is now obsolete. +- Remove patches now upstream + * emacs-27.1-gif.patch + * emacs-27.1-home.patch +- Port patches + * emacs-24.3-iconic.patch + * emacs-24.4-ps-bdf.patch + * emacs-25.2-ImageMagick7.patch + * pdump.patch + +- Add patch emacs-27.1-Xauthority4server.patch + * Allow GNU Emacs server to open X Display even if the Xauthority + file is not the default expected by XCloseDisplay() + * Hopefully fix boo#1174534 and boo#1179854 + +- Replace system-user-games with user(games): be resilient to + package name changes. + +- Add patch emacs-27.1-gif.patch from upstream mailing list to fix + crash on broken gif files +- Correct group of el package as well as provide it as devel packages + +- Be sure that /usr/share/emacs/site-lisp/site-start.d/ is in + the load path as otherwise we might catch some not seen errors + +- Correct paths for emacs manual page on the fly + +- Add patch pdump.patch from Andreas Schwab as it allows to + rename the executable name in emacs.sh + +- Correct manual page of emacs, that is remove ``local/`` +- Make sure that the emacs spawned by the emacs script does use + its default pdumper image file +- Avoid warning about permissions on /var/lib/games + +- Disable patch emacs-24.4-glibc.patch to see if this fix boo#1175487 +- Require git at build time as used by rebuilding byte compiled lisp files +- Load pcase and easy-mmode at dump time from emacs-lisp path + +- Switch Emacs.FontBackend setting off (boo#1175372) + +- Some specfile cleanup: remove checks obsoleted by the portable dumper + +- Add upstream patch emacs-27.1-home.patch from mailing list + to add missing slashes on finding ~/Emacs + +- Provide for all three emacs layouts, that are emacs-nox, emacs-x11, + and emacs-gtk their own pdumper file (boo#1175233) + +- Update to GNU Emacs version 27.1 + * Emacs is now compliant with the latest version 13.0 of the Unicode Standard. + * Emacs can now use the XDG convention for init files. + The 'XDG_CONFIG_HOME' environment variable (which defaults to + "~/.config") specifies the XDG configuration parent directory. + Emacs checks for "init.el" and other configuration files inside + the "emacs" subdirectory of 'XDG_CONFIG_HOME', i.e. + "$XDG_CONFIG_HOME/emacs/init.el" + However, Emacs will still initially look for init files in their + traditional locations if "~/.emacs.d" or "~/.emacs" exist, even if + "$XDG_CONFIG_HOME/emacs" also exists. This means that you must delete + or rename any existing "~/.emacs.d" and "~/.emacs" to enable use of + the XDG directory. + * The varius changes can be read in detail at /usr/share/emacs/27.1/etc/NEWS +- Port and rename patch emacs-26.2.dif to emacs-27.1.dif +- Modify/port patches + * emacs-24.1-ps-mule.patch + * emacs-24.3-asian-print.patch + * emacs-24.3-iconic.patch + * emacs-24.3-x11r7.patch + * emacs-24.4-flyspell.patch + * emacs-24.4-glibc.patch + * emacs-24.4-nonvoid.patch + * emacs-24.4-ps-bdf.patch + * emacs-24.4-xim.patch + * emacs-25.1-custom-fonts.patch + * emacs-25.2-ImageMagick7.patch + * emacs-26.1-xft4x11.patch +- Remove patches now upstream solved + * xwidget.patch + * emacs-libX11-boo1175028.patch +- Add patch emacs-27.1-pdftex.patch to generate pdf files +- Add emacs-27.1-pdf.tar.xz as result of this to use texlive only once +- Use emacs.keyring to verify source tar ball +- Fixup the fix for boo#1152105: don't hard require(preun/post) + /sbin/install-info, but relay again on %install_info_prereq + macro. But limit this and the info packages preun/post script + to suse_version <= 1500. Later versions use file triggers for + info pages. + +- Let it build even with the fix for boo#1152105 + +- BuildRequire pkgconfig(libudev) instead of libudev-devel: allow + OBS to shortcut through the -mini flavors. + +- Update to emacs version 26.3 + * New option 'help-enable-completion-auto-load'. + This allows disabling the new feature introduced in Emacs 26.1 which + loads files during completion of 'C-h f' and 'C-h v' according to + 'definition-prefixes'. + * Emacs now supports the new Japanese Era name. + The newly assigned codepoint U+32FF was added to the Unicode Character + Database compiled into Emacs. + +- Use %_userunitdir macro to avoid trouble with %_libdir (boo#1132939) + +- Update to emacs version 26.2 + * Emacs is now compliant with the latest version 11.0 of the Unicode Standard. + * New variable 'xft-ignore-color-fonts'. + * Changes in Specialized Modes and Packages in Emacs 26.2 + Dired: The 'Z' command on a directory name compresses all of its files. + * Ibuffer: New toggle 'ibuffer-do-toggle-lock', bound to 'L'. + * Imenu: The value for 'imenu-auto-rescan-maxout' has been increased to 600000. + * Gnus: Mailutils movemail will now be used if found at runtime. + * Shadowfile: shadowfile.el has been rewritten to support Tramp file names. + * Shell mode: Shell mode buffers now have 'scroll-conservatively' set to 101. + * VC: VC support for Mercurial was improved. + * Incompatible Lisp Changes in Emacs 26.2 + shadowfile config files have changed their syntax. + 'thread-alive-p' has been renamed to 'thread-live-p'. + 'while-no-input' does not return due to input from subprocesses. + * Lisp Changes in Emacs 26.2 + The new function 'read-answer' accepts either long or short answers + depending on the new customizable variable 'read-answer-short'. + New function 'assoc-delete-all'. Like 'assq-delete-all', but uses + 'equal' for comparison. + The function 'thing-at-point' behaves as before Emacs 26.1. + The behavior of 'thing-at-point' when called with argument 'list' has + changed in Emacs 26.1, in that it didn't consider text inside comments + and strings as a potential list. This change is now reverted, and + 'thing-at-point' behaves like it did before Emacs 26.1. + To cater to use cases where comments and strings are to be ignored + when looking for a list, the function 'list-at-point' now takes an + optional argument to do so. +- Port and rename patch emacs-26.1.dif to emacs-26.2.dif +- Modify/port patches + * emacs-24.1-ps-mule.patch + * emacs-24.3-iconic.patch + * emacs-24.4-flyspell.patch + * emacs-24.4-glibc.patch + * emacs-24.4-nonvoid.patch + * emacs-24.4-ps-bdf.patch + * emacs-25.2-ImageMagick7.patch + +- Let ispell.el perform even on older systems without default + hunspell dictionary as otherwise this leades to wrong type + error as nil is not a pointer to a string + +- Let site-start.el also seek for hunspell to load the ispell + lisp library (boo#1110387) + +- Help ispell(.el) to find and provide the usable dictionaries + even for hunspell (boo#1110387) + +- Avoid error message on info.info(.info) as this file should not be + installed due it is part of the system package info (boo#1101652) + +- xwidget.patch: Make xwidget-webkit-execute-script safe against GC +- Re-enable Xwidgets on 32bit architectures + -- Add patch emacs-25.3-xft4x11.patch to allow emacs-x11 to use +- Add patch emacs-26.1-xft4x11.patch to allow emacs-x11 to use +- Drop pkgconfig(gconf-2.0) BuildRequires: No longer needed, nor + used. Emacs-x11 uses gsettings on openSUSE. + +- Use -fPIE/-pie for helper binaries +- Use Groups tag Productivity/Text/Editors + +- Add configure option for mailutils as recommended by GNU Emacs upstream +- Re-enable games with GNU Emacs which requires system-user-games + +- Cleanup the spec file by removing old suse_versions + and reordering configure options +- Add some missed packages for configure +- Avoid Xwidgets on 32bit architectures as this does not build + +- Update to emacs version 26.1 + * Startup Changes in Emacs 26.1 + - New option '--fg-daemon' + - New option '--module-assertions' + - Emacs now supports 24-bit colors on capable text terminals + - Emacs now obeys the X resource "scrollBar" at startup + * Various Changes in Emacs 26.1, see NEWS + * Various Editing Changes in Emacs 26.1, see NEWS + * Various Changes in Specialized Modes and Packages in Emacs 26.1, see NEWS + * Some Incompatible Lisp Changes in Emacs 26.1, see NEWS + * Various Lisp Changes in Emacs 26.1, see NEWS +- Removed patch now upstream + * emacs-24.4-decl.dif + * emacs-25.2-bsc1058425.patch + * emacs-25.2-xwidget.patch + * gnulib.git-94e01571.patch +- Remove patch emacs-24.1-bnc628268.patch as spell.el is gone for ever +- Modify/port patches + * emacs-24.1-ps-mule.patch + * emacs-24.3-iconic.patch + * emacs-24.3-x11r7.patch + * emacs-24.4-flyspell.patch + * emacs-24.4-glibc.patch + * emacs-24.4-nonvoid.patch + * emacs-24.4-ps-bdf.patch + * emacs-24.4-xim.patch + * emacs-25.2-ImageMagick7.patch +- Port and rename patch emacs-25.3.dif to emacs-26.1.dif + +- Explicitly call autoreconf, unless without autoconf is specified. + In this case, there is spec-file logic to touch timestampes of + relevant files. Move this logic to build instead of prep phase. + +- Remove xorg-x11-devel from buildrequires, replace + by an extense list of pkgconfig()-style dependencies. + expat +- Update to latest version 2.4.4 in SLE-15-SP4 [jsc#SLE-21253] + +- update to 2.4.4 (bsc#1195217, bsc#1195054): + * Security fixes: + - CVE-2022-23852 -- Fix signed integer overflow + (undefined behavior) in function XML_GetBuffer + that is also called by function XML_Parse internally) + for when XML_CONTEXT_BYTES is defined to >0 (which is both + common and default). + Impact is denial of service or more. + - CVE-2022-23990 -- Fix unsigned integer overflow in function + doProlog triggered by large content in element type + declarations when there is an element declaration handler + present (from a prior call to XML_SetElementDeclHandler). + Impact is denial of service or more. + * Bug fixes: + - xmlwf: Fix a memory leak on output file opening error + * Other changes: + - Version info bumped from 9:3:8 to 9:4:8; + see https://verbump.de/ for what these numbers do + * Drop unused file valid-xhtml10.png + +- update to 2.4.3 (bsc#1194251, bsc#1194362, bsc#1194474, + bsc#1194476, bsc#1194477, bsc#1194478, bsc#1194479, bsc#1194480): + * CVE-2021-45960 -- Fix issues with left shifts by >=29 places + resulting in + a) realloc acting as free + b) realloc allocating too few bytes + c) undefined behavior + depending on architecture and precise value + for XML documents with >=2^27+1 prefixed attributes + on a single XML tag a la + "" + where XML_ParserCreateNS is used to create the parser + (which needs argument "-n" when running xmlwf). + Impact is denial of service, or more. + * CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow + on variable m_groupSize in function doProlog leading + to realloc acting as free. + Impact is denial of service or more. + * CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows + near memory allocation at multiple places. Mitre assigned + a dedicated CVE for each involved internal C function: + - CVE-2022-22822 for function addBinding + - CVE-2022-22823 for function build_model + - CVE-2022-22824 for function defineAttribute + - CVE-2022-22825 for function lookup + - CVE-2022-22826 for function nextScaffoldPart + - CVE-2022-22827 for function storeAtts + Impact is denial of service or more. + +- update to 2.4.2: + * Link againgst libm for function "isnan" + * Include expat_config.h as early as possible + * Autotools: Include files with release archives: + - buildconf.sh + - fuzz/*.c + * Autotools: Sync CMake templates + * docs: Document that function XML_GetBuffer may return NULL + when asking for a buffer of 0 (zero) bytes size + * docs: Fix return value docs for both + XML_SetBillionLaughsAttackProtection* functions + * Version info bumped from 9:1:8 to 9:2:8 + ghostscript +- CVE-2021-45944.patch fixes CVE-2021-45944 + use-after-free in sampled_data_sample + cf. https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2021-237.yaml + (bsc#1194303) +- CVE-2021-45949.patch fixes CVE-2021-45949 + heap-based buffer overflow in sampled_data_finish + cf. https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ghostscript/OSV-2021-803.yaml + (bsc#1194304) + +- Use update-alternatives to get the real ghostscript binary from + /usr/bin/gs to /usr/bin/gs.bin and allow the gswrap package to + use this with its wrapper script (jira#PM-3037) + glib-networking +- Increase testsuite timeout + +- Update to version 2.70.1: + + Fix crashes when handshake is cancelled + + OpenSSL: fix spurious certificate expired verification errors + + GnuTLS: + - Fix tests on 32-bit systems + - Fix crash when invalid priority string is forced +- Add check section and run meson_test macro during build. + glib2 +- Update to version 2.70.2: + + Fix use of the default log writer with journald namespaces + + Fix hang in `dbus-daemon` under `GTestDBus` when + `G_MESSAGES_DEBUG=all` is set + + Speed up `g_canonicalize_filename()` to avoid pathogenic cases + with `..` + + Fix URI for pcre subproject as it’s moved upstream + + Fix storing GSettings dictionaries on macOS + + Speed up ‘remove dot segments’ algorithm in `GUri` to avoid + pathogenic cases with `..` + + Fix infinite loops in D-Bus message parsing for truncated + inputs + + Improve correctness of version information returned by + `g_get_os_info()` for Windows 10/Server 2019+ + + Bugs fixed: glgo#GNOME/GLib#2400, glgo#GNOME/GLib#2426, + glgo#GNOME/GLib#2528, glgo#GNOME/GLib#2530, + glgo#GNOME/GLib#2537, glgo#GNOME/GLib#2541, + glgo#GNOME/GLib!2312, glgo#GNOME/GLib!2313, + glgo#GNOME/GLib!2314, glgo#GNOME/GLib!2316, + glgo#GNOME/GLib!2320, glgo#GNOME/GLib!2335, + glgo#GNOME/GLib!2337, glgo#GNOME/GLib!2340, + glgo#GNOME/GLib!2344, glgo#GNOME/GLib!2356, + glgo#GNOME/GLib!2359, glgo#GNOME/GLib!2361, + glgo#GNOME/GLib!2363, glgo#GNOME/GLib!2366, + glgo#GNOME/GLib!2375, glgo#GNOME/GLib!2383. + + Updated translations. + +- Stop passing fam=true to meson and drop gamin-devel + BuildRequires, following upstream default. Following this, drop + libgio-fam sub-package. + glib2-branding:openSUSE +- Drop gnome-documents from favorite-apps for both openSUSE and + SLED, package is archived upstream. + glibc +- getcwd-erange.patch: getcwd: Set errno to ERANGE for size == 1 + (CVE-2021-3999, bsc#1194640, BZ #28769) + +- 0001-powerpc-Optimized-strcpy-for-POWER9.patch, + 0002-powerpc-Optimized-stpcpy-for-POWER9.patch, + 0003-powerpc-Optimized-rawmemchr-for-POWER9.patch, + 0004-powerpc64le-add-optimized-strlen-for-P9.patch, + 0005-powerpc-fix-ifunc-implementation-list-for-POWER9-str.patch, + 0006-powerpc-Add-optimized-strncpy-for-POWER9.patch, + 0007-powerpc-Add-optimized-stpncpy-for-POWER9.patch, + 0008-powerpc-Add-optimized-ilogb-for-POWER9.patch, + 0009-powerpc-Add-optimized-llogb-for-POWER9.patch, + 0010-powerpc-Add-optimized-strlen-for-POWER10.patch, + 0011-powerpc64le-Optimized-memmove-for-POWER10.patch, + 0012-powerpc64le-Optimize-memcpy-for-POWER10.patch, + 0013-powerpc64le-Optimize-memset-for-POWER10.patch, + 0014-powerpc64le-Fix-ifunc-selection-for-memset-memmove-b.patch, + 0015-powerpc-Add-optimized-rawmemchr-for-POWER10.patch: ppc64le ifunc + improvements (bsc#1194785, jsc#SLE-18195) + +- clnt-create-unix-overflow.patch: Buffer overflow in sunrpc clnt_create + for "unix" (CVE-2022-23219, bsc#1194768, BZ #22542) +- svcunix-create-overflow.patch: Buffer overflow in sunrpc svcunix_create + (CVE-2022-23218, bsc#1194770, BZ #28768) + +- Add support for livepatches (jsc#SLE-20049). +- Enable livepatching on x86_64. +- Generate ipa-clones tarball artifact when livepatching is enabled. + gnutls +- Update to 3.7.3: [bsc#1190698, bsc#1190796] + * libgnutls: The allowlisting configuration mode has been added + to the system-wide settings. In this mode, all the algorithms + are initially marked as insecure or disabled, while the + applications can re-enable them either through the [overrides] + section of the configuration file or the new API (#1172). + * The build infrastructure no longer depends on GNU AutoGen for + generating command-line option handling, template file parsing + in certtool, and documentation generation (#773, #774). This + change also removes run-time or bundled dependency on the + libopts library, and requires Python 3.6 or later to regenerate + the distribution tarball. Note that this brings in known backward + incompatibility in command-line tools, such as long options are + now case sensitive, while previously they were treated in a case + insensitive manner: for example --RSA is no longer a valid option + of certtool. The existing scripts using GnuTLS tools may need + adjustment for this change. + * libgnutls: The tpm2-tss-engine compatible private blobs can be loaded + and used as a gnutls_privkey_t (#594). The code was originally written + for the OpenConnect VPN project by David Woodhouse. To generate such + blobs, use the tpm2tss-genkey tool from tpm2-tss-engine: + https://github.com/tpm2-software/tpm2-tss-engine/#rsa-operations + or the tpm2_encodeobject tool from unreleased tpm2-tools. + * libgnutls: The library now transparently enables Linux KTLS (kernel + TLS) when the feature is compiled in with --enable-ktls configuration + option (#1113). If the KTLS initialization fails it automatically falls + back to the user space implementation. + * certtool: The certtool command can now read the Certificate Transparency + (RFC 6962) SCT extension (#232). New API functions are also provided to + access and manipulate the extension values. + * certtool: The certtool command can now generate, manipulate, and evaluate + x25519 and x448 public keys, private keys, and certificates. + * libgnutls: Disabling a hashing algorithm through "insecure-hash" + configuration directive now also disables TLS ciphersuites that use it + as a PRF algorithm. + * libgnutls: PKCS#12 files are now created with modern algorithms by default + (!1499). Previously certtool used PKCS12-3DES-SHA1 for key derivation and + HMAC-SHA1 as an integity measure in PKCS#12. Now it uses AES-128-CBC with + PBKDF2 and SHA-256 for both key derivation and MAC algorithms, and the + default PBKDF2 iteration count has been increased to 600000. + * libgnutls: PKCS#12 keys derived using GOST algorithm now uses + HMAC_GOSTR3411_2012_512 instead of HMAC_GOSTR3411_2012_256 for integrity, + to conform with the latest TC-26 requirements (#1225). + * libgnutls: The library now provides a means to report the status + of approved cryptographic operations (!1465). To adhere to the + FIPS140-3 IG 2.4.C., this complements the existing mechanism to + prohibit the use of unapproved algorithms by making the library + unusable state. + * gnutls-cli: The gnutls-cli command now provides a --list-config + option to print the library configuration (!1508). + * libgnutls: Fixed possible race condition in + gnutls_x509_trust_list_verify_crt2 when a single trust list object + is shared among multiple threads (#1277). [GNUTLS-SA-2022-01-17, + CVSS: low] + * API and ABI modifications: + GNUTLS_PRIVKEY_FLAG_RSA_PSS_FIXED_SALT_LENGTH: new flag in + gnutls_privkey_flags_t + GNUTLS_VERIFY_RSA_PSS_FIXED_SALT_LENGTH: new flag in + gnutls_certificate_verify_flags + gnutls_ecc_curve_set_enabled: Added. + gnutls_sign_set_secure: Added. + gnutls_sign_set_secure_for_certs: Added. + gnutls_digest_set_secure: Added. + gnutls_protocol_set_enabled: Added. + gnutls_fips140_context_init: New function + gnutls_fips140_context_deinit: New function + gnutls_fips140_push_context: New function + gnutls_fips140_pop_context: New function + gnutls_fips140_get_operation_state: New function + gnutls_fips140_operation_state_t: New enum + gnutls_transport_is_ktls_enabled: New function + gnutls_get_library_configuration: New function + * Remove patches fixed in the update: + - gnutls-FIPS-module-version.patch + - gnutls-FIPS-service-indicator.patch + - gnutls-FIPS-service-indicator-public-key.patch + - gnutls-FIPS-service-indicator-symmetric-key.patch + - gnutls-FIPS-RSA-PSS-flags.patch + - gnutls-FIPS-RSA-mod-sizes.patch + +- FIPS: Fix regression tests in fips and non-fips mode [bsc#1194468] + * Add gnutls-FIPS-disable-failing-tests.patch + * Remove patches: + - gnutls-temporarily_disable_broken_guile_reauth_test.patch + - gnutls-3.6.0-disable-flaky-dtls_resume-test.patch + - disable-psk-file-test.patch + +- FIPS: Provide module identifier and version [bsc#1190796] + * Add configurable options to output the module name/identifier + (--with-fips140-module-name) and the module version + (--with-fips140-module-version). + * Add the CLI option list-config that reports the configuration + of the library. + * Add gnutls-FIPS-module-version.patch + +- FIPS: Provide a service-level indicator [bsc#1190698] + * Add support for a "service indicator" as required in + the FIPS140-3 Implementation Guidance in section 2.4.C + * Add patches: + - gnutls-FIPS-service-indicator.patch + - gnutls-FIPS-service-indicator-public-key.patch + - gnutls-FIPS-service-indicator-symmetric-key.patch + - gnutls-FIPS-RSA-PSS-flags.patch + +- FIPS: RSA KeyGen/SigGen fail with 4096 bit key sizes [bsc#1192008] + * fips: allow more RSA modulus sizes + * Add gnutls-FIPS-RSA-mod-sizes.patch + * Delete gnutls-3.6.7-fips-rsa-4096.patch + +- Drop bogus condition "> 1550": that would mean 'more recent than + Tumbleweed' which is technically impossible, as Tumbleweed is the + leading project (and the condition causes issues as Tumbleweed + needs to move away from 1550 due to CODE 15 SP5 plans). + google-droid-fonts +- Add sources DroidSansFallback.ttf DroidSansFallbackFull.ttf + DroidSansMono.ttf: Merge the latest modification from Android + project (bsc#1190886). + groff +- Do not fail with rpm --excludedocs (bsc#1192195). + groff:full +- Do not fail with rpm --excludedocs (bsc#1192195). + gstreamer -- Update to version 1.16.3 (bsc#1181255): - - delay creation of threadpools - - bin: Fix `deep-element-removed` log message - - buffer: fix meta sequence number fallback on rpi - - bufferlist: foreach: always remove as parent if buffer is changed - - bus: Make setting/replacing/clearing the sync handler thread-safe - - elementfactory: Fix missing features in case a feature moves to another filename - - element: When removing a ghost pad also unset its target - - meta: intern registered impl string - - registry: Use a toolchain-specific registry file on Windows - - systemclock: Invalid internal time calculation causes non-increasing clock time on Windows - - value: don't write to `const char *` - - value: Fix segfault comparing empty GValueArrays - - Revert floating enforcing - - aggregator: fix iteration direction in skip_buffers - - sparsefile: fix possible crash when seeking - - baseparse: cache fix - - baseparse: fix memory leak when subclass skips whole input buffer - - baseparse: Set the private duration before posting a duration-changed message - - basetransform: allow not passthrough if generate_output is implemented - - identity: Fix a minor leak using meta_str - - queue: protect against lost wakeups for iterm_del condition - - queue2: Avoid races when posting buffering messages - - queue2: Fix missing/dropped buffering messages at startup - - identity: Unblock condition variable on FLUSH_START - - check: Use `g_thread_yield()` instead of `g_usleep(1)` - - tests: use cpu_family for arch checks - - gst-launch: Follow up to missing `s/g_print/gst_print/g` - - gst-inspect: Add define guard for `g_log_writer_supports_color()` - - gst-launch: go back down to `GST_STATE_NULL` in one step. - - device-monitor: list hidden providers before listing devices - - autotools build fixes for GNU make 4.3 +- Update to version 1.18.6: + + gstplugin: Fix for UWP build + + gst-ptp-helper: Do not disable multicast loopback + + concat: fix qos event handling + + pluginfeature: Fix object leak + + baseparse: fix invalid avg_bitrate after reset + + multiqueue: Fix query unref race on flush + + gst: Initialize optional event/message fields when parsing + + bitwriter: Fix the trailing bits lost when getting its data + + multiqueue: never consider a queue that is not waiting + + input-selector: Use proper segments when cleaning cached + buffers + +- Stop building doc sub-package, we will in the future use + upstreams own standalone doc package. Following this: Drop + fdupes, gtk-doc and hotdoc BuildRequires, and fdupes call, no + longer needed nor usefull. +- Refresh patches with quilt. + +- Remove obsolete translation-update-upstream and + gnome-patch-translation support (jsc#SLE-21105). + +- Update to version 1.18.5: + + aggregator: + - Release the SRC lock while querying latency + - Release pads' peeked buffer when removing the pad or + finalizing it + + basesink: Don't swap rstart/rstop when stepping + + basesrc: Print segments with GST_SEGMENT_FORMAT and not + GST_PTR_FORMAT + + childproxy: init value in gst_child_proxy_get_property() if + needed + + clocksync: Fix providing system clock by default + + concat: + - Properly propagate seqnum of segment events + - adjust running time offsets on downstream events + - fix locking in SEGMENT event handler + + downloadbuffer/sparsefile: several fixes for win32 + + element: NULL the lists of contexts in dispose() + + multiqueue: + - Use running time of gap events for wakeups. + - Ensure peer pad exists when iterating internal links + + pad: + - Keep IDLE probe hook alive during immediate callback + - Ensure last flow return is set on sink pads in push mode + - Don't spam the debug log at INFO level when default-chaining + a buffer list + - clear probes holding mutex + + parse-launch: + - Fix a critical when using the : operator. + + Don't do delayed property setting for top-level properties. + + plugin: load plugins with unknown license strings + + ptpclock: Don't leak the GList + + queue2: Refuse all serialized queries when posting buffering + messages + + systemclock: Update monotonic reference time when re-scheduling + + High CPU usage in 1.18 (but not master) when pausing playback + in gnome-music + + Don't use volatile to mean atomic (fixes compiler warnings with + gcc 11) + +- update to 1.18.4: + important security fixes for ID3 tag reading, matroska and realmedia + parsing, and gst-libav audio decoding + Details: + * audiomixer, audioaggregator: input buffer handling fixes + * decodebin3: improve stream-selection message handling + * uridecodebin3: make “caps” property work + * wavenc: fix writing of INFO chunks in some cases + * v4l2: bt601 colorimetry, allow encoder resolution changes, fix + decoder frame rate negotiation + * decklinkvideosink: fix auto format detection, and fixes for 29.97fps + framerate output + * mpeg-2 video handling fixes when seeking + * avviddec: fix bufferpool negotiation and possible memory corruption + when changing resolution + * various stability, performance and reliability improvements + * memory leak fixes + * build fixes: rpicamsrc, qt overlay example, d3d11videosink on UWP + * info: Don’t leak log function user_data if the debug system is + compiled out + * task: Use SetThreadDescription() Win32 API for setting thread names, + which preserves thread names in dump files. + * buffer, memory: Mark info in map functions as caller-allocates and + pass allocation params as const pointers where possible + * clock: define AUTO_CLEANUP_FREE_FUNC for GstClockID + * tag: id3v2: fix frame size check and potential invalid reads + * audio: Fix gst_audio_buffer_truncate() meta handling for + non-interleaved audio + * audioresample: respect buffer layout when draining + * audioaggregator: fix input_buffer ownership + * decodebin3: change stream selection message owner, so that the app + sends the stream-selection event to the right element + * rtspconnection: correct data_size when tunneled mode + * uridecodebin3: make caps property work + * video-converter: Don’t upsample invalid lines + * videodecoder: Fix racy critical when pool negotiation occurs during + flush + * video: Convert gst_video_info_to_caps() to take self as const ptr + * examples: added qt core dependency for qt overlay example + * matroskademux: header parsing fixes + * rpicamsrc: depend on posix threads and vchiq_arm to fix build on + raspios again + * wavenc: Fixed INFO chunk corruption, caused by odd sized data not + being padded + * wavpackdec: Add floating point format support to fix distortions in + some cases + * v4l2: recognize V4L2 bt601 colorimetry again + * v4l2videoenc: support resolution change stream encode + * v4l2h265codec: fix HEVC profile string issue + * v4l2object: Need keep same transfer as input caps + * v4l2videodec: Fix vp8 and vp9 streams can’t play on board with + vendor bsp + * v4l2videodec: fix src side frame rate negotiation + * avwait: Don’t post messages with the mutex locked + * d3d11h264dec: Reconfigure decoder object on DPB size change and keep + track of actually configured DPB size + * dashsink: fix double unref of sinkpad caps + * decklinkvideosink: Use correct numerator for 29.97fps + * decklinkvideosink: fix auto format detection + * decklinksrc: Use a more accurate capture time + * d3d11videosink: Fix build error on UWP + * interlace: negotiation and buffer leak fixes + * mpegvideoparse: do not clip, so decoder receives data from keyframe + even if it’s before the segment start + * mpegtsparse: Fix switched DTS/PTS when set-timestamps=false + * nvh264sldec: Reopen decoder object if larger DPB size is required + * sdpsrc: fix double free if sdp is provided as string via the + property + * vulkan: Fix elements long name. + +- Update to version 1.18.3: + + Highlighted bugfixes: + - Fix ogg playback regression for ogg files that also have ID3 + or APE tags + - compositor: fix artefacts and invalid memory access when + blending subsampled formats + - Exported mini object ref/unref/copy functions for use in + bindings such as gstreamer-sharp + - Add support for Apple silicon (M1) to cerbero package builder + - Ship RIST plugin in binary packages + - Various stability, performance and reliability improvements + - Memory leak fixes + - Build fixes + + gstreamer: + - gst: Add non-inline ref/unref/copy/replace methods for + various mini objects (buffer, bufferlist, caps, context, + event, memory, message, promise, query, sample, taglist, uri) + for use in bindings such as gstreamer-sharp. + - harness: don't use GST_DEBUG_OBJECT with GstHarness which is + not a GObject. + +- Move gst-plugins-doc-cache-generator to devel subpackage + (remove python3 dependency on main gstreamer package). + +- Update to version 1.18.2: + + Highlighted bugfixes: + - Fix MPEG-TS timestamping regression when playing DVB streams + - compositor: fix artefacts in certain input scaling/conversion + situations and make sure that the output format is actually + supported, plus renegotiation fixes + - Fix sftp:// URI playback in decodebin/playbin via giosrc + - adaptivedemux/dashdemux/hlsdemux fixes + - rtsp-server fixes + - android media: fix crash when encoding AVC + - fix races in various unit tests + - lots of other bug fixes and memory leak fixes + - various stability, performance and reliability improvements + - g-i annotation fixes + - build fixes + + gstreamer changes: + - bin: When removing a sink, check if the EOS status changed + - info: colorize PIDs in log messages + - aggregator: Include min-upstream-latency in buffering time, + helps especially with performance issues on single core + systems where there are a lot of threads running + - typefind: copy seqnum to new segment event, fixing issues + with oggdemux operating in push mode with typefind operating + in pull mode + - identity, clocksync: Also provide system clock if sync=false + - queue2: Fix modes in scheduling query handling + - harness: Handle element not being set cleanly + - g-i: Add some missing nullable annotations, and fix some + nullable annotations: + - gst_test_clock_process_next_clock_id() returns nullable + - gst_stream_type_get_name() is not nullable + - build: fix build issue when compiling for 32-bit + architectures with 64-bit time_t (e.g. riscv32) by increasing + padding in GstClockEntryImpl in gst_private.h +- Fix the _service file and spec to really use the tarball + generated by service. + +- Update to 1.18.1: + + Highlighted bugfixes in 1.18.1 + - important security fixes (bsc#1181255, CVE-2021-3185) + - bug fixes and memory leak fixes + - various stability and reliability improvements + + gstreamer changes: + - aggregator: make peek() has() pop() drop() buffer API + threadsafe + - gstvalue: don't write to const char * + - meson: Disallow DbgHelp for UWP build + - info: Fix build on Windows ARM64 device + - build: use cpu_family for arch checks + - basetransform: Fix in/outbuf confusion of + _default_transform_meta + - Fix documentation + - info: Load DbgHelp.dll using g_module_open() + - padtemplate: mark documentation caps as may be leaked + - gstmeta: intern registered impl string + - aggregator: Hold SRC_LOCK while unblocking via + SRC_BROADCAST() + - ptp_helper_post_install.sh: deal with none + - skip elements/leak.c if tracer is not available + - aggregator: Wake up source pad in PAUSED<->PLAYING + transitions + - input-selector: Wake up blocking pads when releasing them + - ptp: Also handle gnu/kfreebsd + +- Do not manually install gst-tester-%{gst_branch}: meson_install + takes care of this already. + +- Update to 1.18.0: + + Highlights: + - GstTranscoder: new high level API for applications to + transcode media files from one format to another + - High Dynamic Range (HDR) video information representation + and signalling enhancements + - Instant playback rate change support + - Active Format Description (AFD) and Bar Data support + - RTSP server and client implementations gained ONVIF trick + modes support + - Hardware-accelerated video decoding on Windows via + DXVA2/Direct3D11 + - Microsoft Media Foundation plugin for video capture and + hardware-accelerated video encoding on Windows + - qmlgloverlay: New overlay element that renders a QtQuick + scene over the top of an input video stream + - imagesequencesrc: New element to easily create a video + stream from a sequence of jpeg or png images + - dashsink: New sink to produce DASH content + - dvbsubenc: New DVB Subtitle encoder element + - MPEG-TS muxing now also supports TV broadcast compliant + muxing with constant bitrate muxing and SCTE-35 support + - rtmp2: New RTMP client source and sink element from-scratch + implementation + - svthevcenc: New SVT-HEVC-based H.265 video encoder + - vaapioverlay: New compositor element using VA-API + - rtpmanager gained support for Google's Transport-Wide + Congestion Control (twcc) RTP extension + - splitmuxsink and splitmuxsrc gained support for auxiliary + video streams + - webrtcbin now contains some initial support for + renegotiation involving stream addition and removal + - RTP support was enhanced with new RTP source and sink + elements to easily set up RTP streaming via rtp:// URIs + - avtp: New Audio Video Transport Protocol (AVTP) plugin for + Time-Sensitive Applications + - Support for the Video Services Forum's Reliable Internet + Stream Transport (RIST) TR-06-1 Simple Profile + - Universal Windows Platform (UWP) support + - rpicamsrc: New element for capturing from the Raspberry Pi + camera + - RTSP Server TCP interleaved backpressure handling + improvements as well as support for Scale/Speed headers + - GStreamer Editing Services gained support for nested + timelines, per-clip speed rate control and the OpenTimelineIO + format. + - Autotools build system has been removed in favour of Meson +- Remove patches from upstream: + * gstreamer-revert-encforce-elements.patch +- Rebase gstreamer-rpm-prov.patch. +- Don't disable tests when configuring the build so gst-tester-1.0 + is built and installed, since it's required by + gstreamer-plugins-base. + +- adjust / ship more 32bit stuff for Wine usage (bsc#1172304) + +- Fix file-list, needed due to libexecdir move, and our previously + wrong usage of libexecdir. + +- No longer recommend -lang: supplements are in use. + +- Add gstreamer-revert-encforce-elements.patch: Revert enforce + elements, patches from upstream stable branch. gstreamer-plugins-base -- Update to version 1.16.3 (bsc#1181255): - - audioaggregator: Check all downstream allowed caps structures if they support the upstream rate - - audioaggregator: Fix negotiation with downstream if there is no peer yet - - audioencoder: fix segment event leak - - discoverer: Fix caps handling in `pad-added` signal handler - - discoverer: Start discovering next URI from right thread - - fft: Update our kiss fft version, fixes thread-safety and concurrency issues and misc other things - - gl: numerous memory fixes (use-after-free, leaks, missing NULL-ify) - - gl/display/egl: ensure debug category is initialized - - gstglwindow_x11: fix resize - - pbutils: Add latest H.264 level values - - rtpbuffer: fix header extension length validation - - video: Fix NV12_64Z32 number of component - - video-format: RGB16/15 are not 16 bit per component but only 5.333 and 5 - - video: fix top/bottom field flags +- Update to version 1.18.6: + + tagdemux: Fix crash when presented with malformed files + (security fix) + + videoencoder: make sure the buffer is writable before modifying + metadata + + video-converter: Fix for broken gamma remap with high bitdepth + YUV output + + sdpmessage: fix mapping single char fmtp params + + oggdemux: fix a race in push mode when performing the duration + seek + + uridecodebin: Fix critical warnings + + audio-converter: Fix resampling when there's nothing to output + + tcp: fix build on Solaris + + uridecodebin3: Nullify current item after all play items are + freed. + + audio-resampler: Fix segfault when we can't output any frames + + urisourcebin: Handle sources with dynamic pads and pads already + present + + playbin2/3: autoplug/caps: don't expand caps to ANY + + uridecodebin3/urisourcebin: Reusability fixes + + rtspconnection: Only reset timeout when socket is unused + + gstvideoaggregator.c: fix build with gcc 4.8 +- Drop service, use source url, upstream changes in git. + +- Stop building doc sub-package, we will in the future use + upstreams own standalone doc package. Following this: Drop + fdupes, gtk-doc and hotdoc BuildRequires, and fdupes call, no + longer needed nor usefull. + +- Remove obsolete translation-update-upstream support + (jsc#SLE-21105). + +- Update to version 1.18.5: + + appsrc: Don't leak buffer list while wrongly unreffing buffer + on EOS/flushing + + audioaggregator: + - Don't overwrite already written samples + - Resync on the next buffer when dropping a buffer on discont + resyncing + + audiobasesink: Fix of double lock release + + audiobasesrc: Fix divide by zero assertion + + clockoverlay: Fix broken string formatting by strftime() on + Windows + + compositor: Fix NV12 blend operation + + giosrc: Don't leak scheme string in gst_gio_src_query() + + giobasesink: Handle incomplete writes in + gst_gio_base_sink_render() + + gl/wayland: + - Use consistent wl_display when creating work queue for proxy + wrapper + - Provide a dummy global_remove function + + gl: Fix build when Meson >= 0.58.0rc1 + + playbin2: fix base_time selection when flush seeking live (such + as with RTSP) + + rtspconnection: + - Add IPv6 support for tunneled mode + - Consistently translate GIOError to GstRTSPResult (for + rtspsrc) + + rawbaseparse: check destination format correctly + + uridecodebin: Don't force floating reference for future + reusable decodebin + + parsebin: Put stream flags in GstStream + + splitmuxsink: always use factory property when set + + video-converter: Set up matrix tables only once. + + videoscale: Performance degradation from 1.16.2 -> 1.18.4 + + videotestsrc: Fix a leak when computing alpha caps + + audio/video-converter: Plug some minor leaks + + audio,video-format: Make generate_raw_formats idempotent for + assertions + + Don't use volatile to mean atomic (fixes compiler warnings with + gcc 11) + + Fix build issue on MinGW64 +- Drop 90903917.patch: Fixed upstream. + +- Add 90903917.patch: Fix build with meson >= 0.58.0rc1 + +- don't own appdata dir - comes from filesystem rpm + +- Update to version 1.18.4: + + tag: id3v2: fix frame size check and potential invalid reads + + audio: Fix gst_audio_buffer_truncate() meta handling for non-interleaved audio + + audioresample: respect buffer layout when draining + + audioaggregator: fix input_buffer ownership + + decodebin3: change stream selection message owner, so that the app sends the stream-selection event to the right element + + rtspconnection: correct data_size when tunneled mode + + uridecodebin3: make caps property work + + video-converter: Don't upsample invalid lines + + videodecoder: Fix racy critical when pool negotiation occurs during flush + + video: Convert gst_video_info_to_caps() to take self as const ptr + + examples: added qt core dependency for qt overlay example + +- Update to version 1.18.3: + + audiorate: Make buffer writable before changing its metadata + + compositor: fix blending of subsampled components + + decodebin3: + - When reconfiguring a slot make sure that the ghostpad is + unlinked + - Release selection lock when pushing EOS + + encodebasebin: Ensure that parsers are compatible with selected + encoders + + tagdemux: resize and trim buffer in place to fix interaction + with oggdemux + + videoaggregator: Pop out old buffers on timeout + + video-blend: fix blending 8-bit and 16-bit frames together + + appsrc: fix signal documentation + + gl: document some GL caps specifics + + libvisual: workaround clang compiler warning + +- Update to version 1.18.2: + + gl/eagl: internal view resize fixes for glimagesink + + video-converter: increase the number of cache lines for + resampling, fixes significant color issues and artefacts with + "special" resizing parameters in compositor + + compositor: Don't crash in prepare_frame() if the pad was just + removed + + decodebin3: Properly handle caps query with no filter + + videoaggregator: + - Guarantee that the output format is supported + - Fix locking around vagg->info + - Fix renegotiation when using convert pad + - document and fix locking in convert pad + + gluploadelement: + - Avoid race condition of base class' context + - Avoid race condition of inside upload creation + + gl: Fix prototype of glGetSynciv() + + tcpserversink: Don't assume g_socket_get_remote_address() + succeeds + + audiodecoder, videodecoder: Don't reset max-errors property + value in reset() + + audioencoder: Fix incorrect GST_LOG_OBJECT usage + + pbutils: Fix segfault when using invalid encoding profile + + g-i: videometa: gir annotate the size of plane array in new API + + examples/gl/gtk: Add missing dependency on gstgl + + video: fix doc warning. +- Fix the _service file and spec to really use the tarball + generated by service. + +- Update to 1.18.1: + + Highlighted bugfixes in 1.18.1 + - important security fixes (bsc#1181255, CVE-2021-3185) + - bug fixes and memory leak fixes + - various stability and reliability improvements + + gst-plugins-base changes: + - theoradec: Set telemetry options only if they are nonzero + - glslstage: delete shader on finalize of stage + - urisourcebin: Fix crash caused by use after free + - decodebin3: Store stream-start event on output pad before + exposing it + - Add some missing nullable annotations + - typefind/xdgmime: Validate mimetypes to be valid + GstStructure names before using them + - uridecodebin3: Forward upstream events to decodebin3 directly + - video-converter: Add fast paths from v210 to I420/YV12, Y42B, + UYVY and YUY2 + - videoaggregator: Limit accepted caps by template caps + - gstrtpbuffer: fix header extension length validation + - decodebin3: only force streams-selected seqnum after a + select-streams - - appsrc/appsink: Make setting/replacing callbacks thread-safe - - compositor: Fix checkerboard filling for BGRx/RGBx and UYVY/YUY2/YVYU - - decodebin3: only force streams-selected seqnum after a select-streams - - glupload: Fix fallback from direct dmabuf to dmabuf upload method - - glvideomixer: perform `_get_highest_precision()` on the GL thread - - libvisual: use `gst_element_class_set_metadata()` when passing dynamic strings - - oggstream: Workaround for broken PAR in VP8 BOS - - subparse: accept WebVTT timestamps without an hour component - - playbin: Handle error message with redirection indication - - textrender: Fix AYUV output. - - typefind: Consider MPEG-PS PSM to be a PES type - - uridecodebin3: default to non-0 buffer-size and buffer-duration, otherwise it could potentially cause big memory allocations over time - - videoaggregator: Don't configure NULL chroma-site/colorimetry - - videorate/videoscale/audioresample: Ensure that the caps returned from... - - build: Replace bashisms in configure for Wayland and GLES3 -- Drop upstream fixed patches: - gst-base-playbin-handle-error.patch - gst-base-audioencoder-fix-leak.patch - gst-base-fft-update-kiss-version.patch + - enable abi checks + - multihandlesink: Don't pass NULL caps to gst_caps_is_equal + - audio: video: Fix in/outbuf confusion of transform_meta + - meson: Always wrap "prefix" option with join_paths() to make + Windows happy + - videoaggregator: ensure peek_next_sample() uses the correct + caps + - meson: Actually build gstgl without implicit include dirs + - videoaggregator: Don't require any pads to be configured for + negotiating source pad caps + - gst-libs: gl: Fix documentation typo and clarify + gl_memory_texsubimage + - audioaggregator: Reset offset if the output rate is + renegotiated + - video-anc: Implement transform functions for AFD/Bar metas + - appsrc: Wake up the create() function on caps changes + - rtpbasepayload: do not forget delayed segment when forwarding + gaps + +- Add patch from gl#gstreamer/gst-plugins-base#221 to support two + new CEA 608 caption formats: + * MR-221-video-anc-add-two-new-CEA-608-caption-formats.patch + +- Update to 1.18.0: + + Highlights: + - GstTranscoder: new high level API for applications to + transcode media files from one format to another + - High Dynamic Range (HDR) video information representation + and signalling enhancements + - Instant playback rate change support + - Active Format Description (AFD) and Bar Data support + - RTSP server and client implementations gained ONVIF trick + modes support + - Hardware-accelerated video decoding on Windows via + DXVA2/Direct3D11 + - Microsoft Media Foundation plugin for video capture and + hardware-accelerated video encoding on Windows + - qmlgloverlay: New overlay element that renders a QtQuick + scene over the top of an input video stream + - imagesequencesrc: New element to easily create a video + stream from a sequence of jpeg or png images + - dashsink: New sink to produce DASH content + - dvbsubenc: New DVB Subtitle encoder element + - MPEG-TS muxing now also supports TV broadcast compliant + muxing with constant bitrate muxing and SCTE-35 support + - rtmp2: New RTMP client source and sink element from-scratch + implementation + - svthevcenc: New SVT-HEVC-based H.265 video encoder + - vaapioverlay: New compositor element using VA-API + - rtpmanager gained support for Google's Transport-Wide + Congestion Control (twcc) RTP extension + - splitmuxsink and splitmuxsrc gained support for auxiliary + video streams + - webrtcbin now contains some initial support for + renegotiation involving stream addition and removal + - RTP support was enhanced with new RTP source and sink + elements to easily set up RTP streaming via rtp:// URIs + - avtp: New Audio Video Transport Protocol (AVTP) plugin for + Time-Sensitive Applications + - Support for the Video Services Forum's Reliable Internet + Stream Transport (RIST) TR-06-1 Simple Profile + - Universal Windows Platform (UWP) support + - rpicamsrc: New element for capturing from the Raspberry Pi + camera + - RTSP Server TCP interleaved backpressure handling + improvements as well as support for Scale/Speed headers + - GStreamer Editing Services gained support for nested + timelines, per-clip speed rate control and the OpenTimelineIO + format. + - Autotools build system has been removed in favour of Meson +- Drop patches already included in upstream: + * gst-base-audioencoder-fix-leak.patch + * gst-base-fft-update-kiss-version.patch + * gst-base-playbin-handle-error.patch +- Add patch to add wayland dependencies to tests to fix build: + * add_wayland_dep_to_tests.patch + +- Do not recommend PackageKit-gstreamer-plugin: that package + already supplements the combination of gstreamer-plugins-base + and packagekit. gtk3 +- Update to version 3.24.31: + + input: Fix a crash with touch on GtkScale. + + clipboard: Avoid a double-free. + + css: Avoid a crash with radial gradients. + + GtkFileChooser: Don't leak search results. + + GtkTextView: Support css letterspacing. + + Wayland: + - Reset position when hiding popups. + - Ignore globals we did not bind ourselves. + - Avoid infinite loops when hiding surfaces. + - Avoid clipboard-related lockups. + + X11: + - Trap errors while doing XRANDR calls. + - Support touchpad gestures with XI 2.4. + + Updated translations. + harfbuzz +- Update to 3.2.0: + + Fixed shaping of Apple Color Emoji flags in right-to-left context + + Fixed positioning of CFF fonts in HB_TINY profile + + OpenType 1.9 language tags update + + Add HB_NO_VERTICAL config option + + Add HB_CONFIG_OVERRIDE_H for easier configuration + + Improved packing of cmap, loca, and Ligature tables + + Significantly improved overflow-resolution strategy in the repacker + +- Update to 3.1.2: + + hb-shape / hb-view: revert treating text on the commandline as + single paragraph (was introduced in 3.0.0); add new + - -single-par to do that + + Subsetter bug fixes + hunspell +- suggests english directory [bsc#1193627] + hwdata +- Update to version 0.355 (bsc#1194338): + + Updated pci, usb and vendor ids. + +- Update to version 0.354: + + Updated pci, usb and vendor ids. + ibus -- Fix boo#1187202: Qt5 IBus IM module cannot connect to IBus - daemon under GNOME Wayland session - * Add ibus-socket-name-compatibility.patch - dropped in the previous commit by mistake +- Refresh ibus-socket-name-compatibility.patch +- Add ibus-missing-include.patch to fix build on Leap +- Add ibus-fix-wrong-cursor-location.patch + (based on https://github.com/ibus/ibus/commit/936a0e76df79d92a8bdc03e9205330fb84a2083e.patch) + (gh#ibus/ibus#2337) +- Drop ibus-python-install-dir.patch + Two reasons: it's for, disabled in .spec, python2, and patch forces + the re-generation of configure, which requires aclocal-1.16, + unavailable on Leap-15.3, and that breaks the build. + +- Update version to 1.5.25 + * src/tests: Run gnome-session with no-overview mode + * client/gtk2: Implement ibus_im_context_set_surrounding_with_selection + * src/ibuscomposetable: Do not include the same compose file + * src/ibusenginesimple: Multi_key to 0xB7 + * src/ibusenginesimple: Make Compose preedit less intrusive + * Change default Emoji shortcut key + * setup: Enhance engine search function + * client/gtk2/ibusimcontext: Enable sync process in GTK4 + * engine: Update simple.xml with xkeyboard-config 2.33 + * src/ibuscomposetable: Add support for the include directive (lf-) + * src/ibuscomposetable: Fix a buffer overflow in compose handling (lf-) + * client/x11: Add support for XFixes ClientDisconnectMode (Olivier Fourdan) + * setup: Start ibus-daemon with the --daemonize option (Gunnar Hjalmarsson) + * src: Fix a typo in ibusenginesimple.h (user202729) + * Update translations + +- Own /usr/share/GConf and /usr/share/GConf/gsettings: the time + has come where the migration code is drying out and we can't + expect the deps to just be in the buildroot (but it still works). + +- Rollback ibus-socket-name-compatibility.patch for Leap 15. Qt5 does + not be updated to the new version or patch for ibus on Leap 15. + It still needs this patch on leap 15 (boo#1187202). + +- Upstream update to 1.5.24 + * Add GTK4 IM module (currently disabled for openSUSE) + * Search engine name directly + * Update IBusInputPurpose and IBusInputHints in ibustypes.h + * Warn deprecated IBus XKB engines /w dialog + - Workaround for boo#1177545 + * Update simple.xml + * Fix arguments in GLib.DBusSignalCallback for Vala 0.50 + * Fix to build emoji-*.dict in CLDR 38 + * Fix build environments + * Hide IBus Preferences from AppStream +- Drop vala-0.50.patch, merged by upstream +- Remove old "Obsoletes" for ibus-gnome-shell and libibus-1_0-0 + +- Fix the invalid desktop file for auto start (boo#1178447) +- Fix xim.d/ibus so that a Plasma session can use XDG auto start + +- Do not build in parallel for reproducible build results (boo#1102408) + +- Add vala-0.50.patch: Fix build with vala 0.50 (gh#ibus/ibus#2265) ibus-hangul +- add Requires: ibus(boo#1174103) + +- Update to version 1.5.4 + * Fix issue #93 + * Merge Pull Request #99, #96 + -- update to 1.4.2 - * Use Gobject Introspection - * GNOME Control Center integration - * Miscellaneous bug fixes - ibus-libpinyin +- Update version to 1.12.1 + * support compatibility display style + * remember cloud input + * bug fixes + +- Update version to 1.12.0 + * bug fixes + +- Update version to 1.11.94 + * support cloud input + * bug fixes + ibus-libzhuyin +- update version 1.10.0 + * use database_format and model13.text.tar.gz + ibus-m17n +- Update version to 1.4.6 + * Make inscript2 engines rank higher than inscript engines + +- Update to version 1.4.5 + * Use ibus_engine_update_preedit_with_mode() always with + IBUS_ENGINE_PREEDIT_COMMIT mode + * Translation update from Weblate, bn new and 100% complete, + pt_BR now 100% complete + +- Update version to 1.4.4 + * Update translations + +- Update version to 1.4.3 + * New translation: es (Spanish) 100% + -- Fixed typo in ibus-m17n.spec - -- Add locale-specific provides tag (bnc#707712) - -- Update to 1.3.2; - including fixes for new ibus 1.3.x - -- fix file list - ibus-table +- Update version to 1.13.3 + * Fix bug in Unihan_Variants.txt, 只 U+53EA is both simplified and traditional + Chinese (Resolves: #74) + * Update Chinese variant detection by Unihan_Variants.txt to the version + “2021-05-18 Unicode 14.0.0” (draft version of Unicode 14) + * Update translations from Weblate (updates for es (100%), pt_BR (100%)) + * Fix a few more bugs in Unihan_Variants.txt, the characters 着枱云裡復采吓尸揾 are + used both in simplified and traditional Chinese (some of them in traditional + Chinese in Hong Kong only). (Resolves: ibus/ibus#2323) + +- Update to version 1.13.1 + * Fix reading the source file for the suggestions phrase.txt.bz2 + * Update translations from Weblate (updates for ca, fr) + +- Update to version 1.13.0 + * Make switch to pinyin mode also happen immediately even when + the preedit is not empty + * Make rolling the mouse wheel in the candidate area of the lookup + table work + * Commit English input and then switch into direct mode + * Apply a couple modes immediately when changed + * Show all the tabkeys when using wildcards + * In main.py “import factory” only when the --xml option + is not used + * Make the keybindings treeview sortable by clicking the column + headers + * Return False in _execute_command_commit_candidate_number(self, number) + if number out of range + * Add a dark theme option + * Remove Python2 compatibility + * Update translations, update for: + cs, de, es, fa, ja, tr, uk, zh_CN , pt_BR, zh_CN + * zh_CN and pt_BR are 100% complete now + * Sinhala (si) started + +- Drop ibus-table_fix_other_tables_compile_error.patch, fixed in the + upstream version 1.9.23 +- Update version to 1.12.3 + * Pass the key for the command 'cancel' (default Esc) through if the preedit + is empty (Resolves: #64) +- Update version to 1.12.2 + * Update translations from Weblate (updated ca, cs, es, fa, ja, pt_BR, pt_PT, + tr, zh_CN, zh_HK, zh_TW) +- Update version to 1.12.1 + * Enable compose support. + * Add buttons to move key bindings for a command up or down. + * Make translations of 'Edit key bindings for command “%s”' work + * Added it_util.py to POTFILES, it had translatable strings for the “About” + dialog and the key settings dialog. + * Update translations from Weblate (updated ca, de, fr, tr, uk) +- Update version to 1.12.0 + * New setup tool, now keybindings can be configured with a GUI. + * Resolves: #57 + * Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1133127 + * Put exact (except tone) pinyin matches next after exact + * matches in the candidate list. + * Resolves: #63 + * Allow lookup table orientation “System Default” in the setup + * Remove “spacekeybehavior” option, it became useless as all + * keybindings are configurable now. + * Added a “debuglevel” option. + * Update translations from Weblate (updated ca, cs, de, es, fa, fr, ja, pt_BR, + pt_PT, uk, zh_TW, zh_HK, zh_CN) +- Update version to 1.11.0 + * Make key bindings configurable (Only via the command line for the moment, + not yet easy to do for normal users. I have to rewrite the setup tool + eventually to make that possible) + * Resolves: ibus/ibus#2241 + * Resolves: mike-fabian#41 +- Update version to 1.10.1 + * Add GUI test + * Make output of ibus-table-createdb deterministic + * Update translations from Weblate (updated fr, tr, zh_CN) +- Update version to 1.10.0 + * Add suggestion mode feature (Resolves: mike-fabian#9 and rhbz#835376) + * Add test cases for suggestion mode feature + * Fix problems with the behaviour of the property menus + * Use python logging module with log file rotation instead of writing to + stdout/stderr + * Update translations from Weblate (updated de, es, fr, pt_BR, pt_PT, tr, uk) +- Update version to 1.9.25 + * Fix crash when changing some options using the menu or the floating + panel (Resolves: mike-fabian#26) + * Translation updates (pt_PT) +- Update version to 1.9.24 + * Fixed two typos in message ids (Thanks to Rafael Fontenelle) + * Translation updates (tr, fr, fa, pt, uk) + * New test cases for ibus-table-others +- Update version to 1.9.23 + * Add exist_ok=True in os.makedirs(path, exist_ok=True) to avoid + failure due to race condition. + Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1786652 + * Move MockEngine classes into a separate file and make test_itb.py + runnable standalone + * Translation updates for several languages (French at 100% now, Brazilian + Portuguese at 100% now, Porguguese (Portugal) new and now at 31.5%) +- Update version to 1.9.22 + * Add Turkish translation from Weblate, 100% translated + * Minor translation fixes in some other languages (Punctuation fixes) + -- Updateto 1.8.3, ibus-table >= 1.8.x has many improvements over 1.5.x - * The database format is simplified which makes better matching - possible. But because of the changed database format, the - tables have to be rebuilt, i.e. packages like ibus-table-chinese - and ibus-table-others have to be rebuilt against ibus-table > 1.8.0. - * Wildcard support added, wildcards like ? for single characters or * - for many characters can be used. The wildcards can be configured - in the setup tool, for example one can also use 'z' as a single character - wildcard if desired. - * Setup tool improved, several new options added, works with Gnome3 now. - * Prompt characters are supported now, for example when using Cangjie, - 日, 月, 金, ... are displayed while typing instead of a, b, c, ... - * Moving around in the preëdit works correctly now. One can commit - the current candidate to preëdit with the left shift key or with - the arrow keys, commit more characters to preëdit that way, then - move around in the preëdit and see the full key sequences of the - characters in the preëdit. This way one can check the - key sequences if one used wildcards or pinyin mode to enter the - characters. - * Fix many bugs - -- Fix missing capital on devel package group. - -- Add Requires: python-curses, ibus-engine-table need this module, - but it is not installed in some system, e.g Live KDE - -- Update to 1.5.0 - * Updated PO files. - * Make page up/down keys configurable - ibus-table-chinese +- Update to official release 1.8.3 + * SUMMARY=Add Suggestion mode to wubi; fix cangjie 3 and 5; fix + description for stroke5 + * BODHI_UPDATE_TYPE=bugfix + * REDHAT_BUGZILLA=1099380 + * [Changes] + - GH Pull 13 Fix description stroke5 in project.spec.in + - GH Pull 14 Freezed cangjie 3 and 5's candidate order + - GH Pull 15 Add SUGGESTION_MODE = TRUE to the wubi tables +- Drop Source cmake-fedora, add BuildRequires cmake-fedora-modules + -- ibus-table-jyutping has been merged into ibus-table-chinese - so split a new subpackage to reflect the change. - ibus-table-others +- Update version to 1.3.12 + * Add Mongol Bichig table + * dd F10 to SELECT_KEYS for the tables which use the function keys as select + keys + * Update serial number (date) + * Update latex.txt + * Add more superscript/subscript letters and numbers, arrows, delimiters, + and others + * add some symbols + +- Update version to 1.3.11 + * Add Vietnamese input methods Telex and VNI + (Nguyễn Gia Phong vn.mcsinyx@gmail.com) + * Extend russian translit for latin slavic layouts + (Marek Nečada marek@necada.org) +- Udate version to 1.3.10 + * latex: add most of Unicode 9.0 block Mathematical Alphanumeric Symbols + * mathwriter-ibus: add superscript alphabets + * mathwriter-ibus: added Blackboard bold letters + icu -- nan-undefined-conversion.patch: ICU-21613 Fix undefined behaviour in - ComplexUnitsConverter::applyRounder - -- Update to release 69.1 - * CLDR 39 - * For Norwegian, "no" is back to being the canonical code, with - "nb" treated as equivalent. This aligns handling of Norwegian - with other macro language codes. - * Binary prefixes in measurement units (KiB, MiB, etc.) - * Time zone offsets from local time: New APIs - BasicTimeZone::getOffsetFromLocal() (C++) and - ucal_getTimeZoneOffsetFromLocal() -- Drop icu-1618.patch (merged), - icu-fix-testTemperature.patch (merged) - -- icu-drop-testTemperature.patch: Remove -- icu-fix-testTemperature.patch: Backport ICU-21366 (bsc#1182645) -- Don't disable testsuite under qemu-linux-user - -- Add icu-drop-testTemperature.patch to fix boo#1182645 - The test has been dropped in master branch - -- Added icu-1618.patch to fix 2 tests on aarch64 [boo#1182645] - -- Drop SUSE_ASNEEDED as the issue was in binutils (boo#1182252). - -- Fix pthread dependency issue (boo#1182252). - -- Update to release 68.2 - * Fix memory problem in FormattedStringBuilder - * Fix assertion when setKeywordValue w/ long value. - * Fix UBSan breakage on 8bit of rbbi - * fix int32_t overflow in listFormat - * Fix memory handling in MemoryPool::operator=() - * Fix memory leak in AliasReplacer - -- Add back icu.keyring, see https://unicode-org.atlassian.net/browse/ICU-21361 - -- Update to release 68.1 - * CLDR 38 - * Measurement unit preferences - * PluralRules selection for ranges of numbers - * Locale ID canonicalization now conforms to the CLDR spec - including edge cases - * DateIntervalFormat supports output options such as capitalization - * Measurement units are normalized in skeleton string output - * Time zone data (tzdata) version 2020d - -- Update to version 67.1 - * Unicode 13 (ICU-20893, same as in ICU 66) - + Total of 5930 new characters - + 4 new scripts - + 55 new emoji characters, plus additional new sequences - + New CJK extension, first characters in plane 3: U+30000..U+3134A - * CLDR 37 - + New language at Modern coverage: Nigerian Pidgin - + New languages at Basic coverage: Fulah (Adlam), Maithili, - Manipuri, Santali, Sindhi (Devanagari), Sundanese - + Region containment: EU no longer includes GB - + Unicode 13 root collation data and Chinese data for collation and transliteration - * DateTimePatternGenerator now obeys the "hc" preference in the locale identifier (ICU-20442) - * Various other improvements for ECMA-402 conformance - * Number skeletons have a new "concise" form that can be used in MessageFormat strings (ICU-20418) - * Currency formatting options for formal and other currency display name variants (ICU-20854) - * ListFormatter: new public API to select the style & type (ICU-12863) - * ListFormatter now selects the proper “and”/“or” form for Spanish & Hebrew (ICU-21016) - * Locale ID canonicalization upgraded to implement the complete CLDR spec (ICU-20834, ICU-20272) - * LocaleMatcher: New option to ignore one-way matches (ICU-20936), - and other tweaks to the code (ICU-20916, ICU-20917) and data (from CLDR) - * acceptLanguage() reimplemented via LocaleMatcher (ICU-20700) - * Data build tool: tzdbNames.res moved from the "zone_tree" category to the "zone_supplemental" category (ICU-21073) - * Fixed uses of u8"literals" broken by the C++20 introduction of the incompatible char8_t type (ICU-20972), - * and added a few API overloads to reduce the need for reinterpret_cast (ICU-20984). - * Support for manipulating CLDR 37 unit identifiers in MeasureUnit. - -- Drop icu-versioning.diff, icu-susevers.diff [boo#1159131] - -- Update to version 66.1 - * Unicode 13 support - * Fix uses of u8"literals" broken by C++20 introduction of - incompatible char8_t type. (ICU-20972) - -- Add locale.diff [boo#1162882] - -- Remove /usr/lib(64)/icu/current [boo#1158955]. - iputils +- temporarily reintroduce rarpd and rdisc tools to get them into + 15sp4 [jsc#SLE-23521] + +- Update to version 20211215 + https://github.com/iputils/iputils/releases/tag/20211215 +- rarpd and rdisc are going to be removed in next release + (https://github.com/iputils/iputils/issues/363) + therefore don't pack it since this release +- Drop harden_rdisc.service.patch, which was 1) merged upstream + 4bb0ace ("systemd: Add ProtectHostname, ProtectKernelLogs") + for all services + 2) we don't build rdisc since this release + +- Drop ProtectClock hardening, can cause issues if other device acceess is needed + +- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): + * harden_rdisc.service.patch + +- Update to version 20210722 + https://github.com/iputils/iputils/releases/tag/20210722 +- Use rarpd.service from upstream (removes PrivateUsers=yes, which fixes broken + start of the service, adds DynamicUser=yes for more security) +- Add BuildRequires: iproute2 (required for running tests) + +- Binaries were found to be not optimized or built + with proper %optflags. + +- Update to version 20210202 + https://github.com/iputils/iputils/releases/tag/20210202 +- Version scheme change: dropped leading 's', update that change + +- Reference meson's build subdirectory as %_vpath_builddir, to + line up with meson's structure. + +- prepare usrmerge (boo#1029961) + +- No longer invoke permissions macros for ping. It now uses ICMP_PROTO sockets + (bsc#1174504). + +- Update to version s20200821 + https://github.com/iputils/iputils/releases/tag/s20200821 +- Remove BuildRequires libopenssl-devel (added md5 implementation thus not needed) +- Remove patches from this release + (arping-revert-partially-fix-sent-vs-received-package.patch, + arping-fix-f-quit-on-first-reply-regression.patch) + -- Update iputils-remove-bogus-check-required-for-2.4.9-kernels.patch - (backport 4471ac6 to add changes in header files) -- Use git format for iputils-ping-fix-pmtu-for-ipv6.patch (required by - %autosetup -p1) +- remove unneeded libidn build dependency (boo#1174049) + +- Fix arping -w problem (https://github.com/iputils/iputils/issues/211) + * added arping-fix-f-quit-on-first-reply-regression.patch + (upstream commit 1df5350) + +- Fix arping -D problem (bsc#1146440) + * added arping-revert-partially-fix-sent-vs-received-package.patch + (upstream commit 18f14be) + +- Set caps for clockdiff (boo#1140994), based on change in permissions package + https://github.com/openSUSE/permissions/commit/5da6a81e38bb74f2090d73208b1a0101a0c5b73b +- With new permissions package both clockdiff and ping have capabilities + cap_net_raw+p instead of cap_net_raw+ep (boo#1140993), also ping6 does not + try to set permissions on links (boo#1140991) +- Pass -DNO_SETCAP_OR_SUID=true (don't run setcap via distro script + build-aux/setcap-setuid.sh, we set capabilities with rpm) + +- Update to version s20190709 +- Removed patches included in this upstream release: + ping-Fix-unwanted-bell-on-unreachable-address.patch + 0001-build-sys-doc-Fix-the-dependency-on-xsltproc.patch + meson-remove-setcap-setuid.sh.patch +- Add libcap-progs as a build dependency (setcap is needed) + +- Add patch ping-Fix-unwanted-bell-on-unreachable-address.patch (boo#1135118) + +- Update to version s20190515 (includes changes s20190324) + * s20190324: 189 commits since s20180629 that include changing build + system from autotools to meson, added rarpd and rdisc systemd service + files, many fixes + * s20190515 bugfix release (6 commits) +- User visible change: arping and clockdiff are moved from /usr/sbin + to /usr/bin (respect upstream path) +- Backport patch 0001-build-sys-doc-Fix-the-dependency-on-xsltproc.patch + (fixing build system) +- Add workaround patch meson-remove-setcap-setuid.sh.patch +- Remove 0001-tracepath-Fix-copying-input-IPv6-address.patch + (included in s20190324 release) +- Refresh old patches (iputils-ping-interrupt.diff, iputils-sec-ping-unblock.diff) +- Changes caused by upstream switching to meson build system (drop sed build dependency) +- Added locales +- Fix typos + +- Backport upstream patch fixing tracepath6 (poo#38492) + e0baf20 tracepath: Fix copying input IPv6 address + 0001-tracepath-Fix-copying-input-IPv6-address.patch + +- Update to version s20180629 + * ping: Fix signed overflow/conversion warning + * ping: Fix ping name encoded using ACE on C locale + * fix checksum always success in IPv4 ping. + * ping6: Fix device binding + * Ping: Correct rounding of timing displays + * docs: Tiny fixes in README.md + * doc/ping: Update Interface section + * doc/ping: Replace deprecated commands in "SEE ALSO" section + * Revert "correctly initialize first hop" + * tracepath: Support calling `tracepath` as `tracepath4` or `tracepath6` + * ping: remove spurious error message + * tracepath: fix heap-buffer-overflow [asan] + * arping: do not use libsysfs to read from /sys + * .travis.yml: corrected variable values in matrix + * .travis.yml: install libidn2 + * ping: use libidn2 instead of libidn + * ping: Remove workaround for bug in IP_RECVERR on raw sockets + * ping6: simplified IDNA usage + * traceroute6: use getaddrinfo IDNA conversion + * arping,tracepath: removed unused idna header + * cleanup: really old code, simplify little bit + * licenses: fill missing clockdiff.c and ping_common.c license + * LICENSE: convert BSD4 to BSD3 license + * doc: ping - document mdev behaviour + * LICENSE: add information about licenses + * ping: fix incorrect packet loss calculation + * doc: convert from converting SGML to XML + * travis-ci: cleanup and switch to Ubuntu 14.04 build + * RELNOTES: deprecated in favor of git history & github + * remove iputils.spec + * ping: fix conflicting defines + * ping: flowinfo: fixup checks for flowinfo and also add decimal numbers support + * ping: parsetos verification is enough, allow decimal values + * ping: fix typo in error tos error message + * meson: add experimental meson buildsystem support + * gitignore: prepare for Meson + * ping: read from error queue when POLLERR is set + * ping_common.c: POLLERRR is ignored in events + * ping: fix pmtu discovery for ipv6 + * traceroute6: Fix traceroute to IPv6 address + * traceroute6: Fix leaking the idn memory + * traceroute6: Fix use after free for hostname + * tracepath,doc: Added -4, -6 Parameter in doc and void usage(void) + * fix multicast setsockopt calls on big endian + * arping: exit if network disappears while running + * ping: prevent possible double free after cap_free() + * Add strict pattern matching on response when pattern was provided + * traceroute6: Fix udp packet port specification. +- Removed patches (taken from upstream, now in tree) + * iputils-add-license-info.diff + * iputils-ping-fix-pmtu-for-ipv6.patch + * iputils-remove-bogus-check-required-for-2.4.9-kernels.patch +- Rebased patches + * iputils-ping-interrupt.diff + * iputils-sec-ping-unblock.diff +- Add build dependency docbook-xsl-stylesheets (required by man pages) +- Add tracepath6 man page, updated list of unwanted man enties (ipg, pgset) +- Removed RELNOTES (upstream removed it) + json-c +- Add patch bsc1171479.patch + + fix integer overflow and out-of-bounds write (CVE-2020-12762, bsc#1171479) + -- Fix LFS support in x86. -- Do not build with -Werror -- Remove "la" files -- tune up autotools scripts as well ensure config.h is included - everywhere - -- Remove redundant/unwanted tags/section (cf. specfile guidelines) - -- add libtool as explicit buildrequire to avoid implicit dependency from prjconf - -- add baselibs.conf for pulseaudio to use -- use original sources - -- initial pkg 0.9 - kbd +- Add patch to fix random doubling of font sizes (bsc#1194698): + * 0001-libkfont-Initialize-kfont_context-options.patch + kernel-default +- Refresh + patches.suse/mm-page_alloc-Fetch-the-correct-pcp-buddy-during-bulk-free.patch. +- Refresh + patches.suse/mm-page_alloc-Free-pages-in-a-single-pass-during-bulk-free.patch. +- Refresh + patches.suse/mm-page_alloc-Limit-number-of-high-order-pages-on-PCP-during-bulk-free.patch. +- Refresh + patches.suse/mm-page_alloc-Simplify-how-many-pages-are-selected-per-pcp-list-during-bulk-free.patch. +- Refresh + patches.suse/mm-page_alloc-Track-range-of-active-PCP-lists-during-bulk-free.patch. +- commit 7ca072e + +- sched/preempt: Tell about PREEMPT_DYNAMIC on kernel headers (bsc#1194889). +- commit 1c083dc + +- mm/page_alloc: Limit number of high-order pages on PCP during + bulk free (bnc#1193239,bnc#1193199,bnc#1193329). +- mm/page_alloc: Free pages in a single pass during bulk free + (bnc#1193239,bnc#1193199,bnc#1193329). +- mm/page_alloc: Drain the requested list first during bulk free + (bnc#1193239,bnc#1193199,bnc#1193329). +- mm/page_alloc: Simplify how many pages are selected per pcp + list during bulk free (bnc#1193239,bnc#1193199,bnc#1193329). +- mm/page_alloc: Track range of active PCP lists during bulk free + (bnc#1193239,bnc#1193199,bnc#1193329). +- mm/page_alloc: Fetch the correct pcp buddy during bulk free + (bnc#1193239,bnc#1193199,bnc#1193329). +- commit a445f59 + +- mm/khugepaged: disable READ_ONLY_THP_FOR_FS (bsc#1195774). +- commit c4a885b + +- rpm/kernel-obs-build.spec.in: use default dracut modules (bsc#1195926) + Let's iron out the reduced initrd optimisation in Tumbleweed. + Build full blown dracut initrd with systemd for SLE15 SP4. +- commit beb790e + +- powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA + window for persistent memory" (bsc#1195995 ltc#196394). +- commit e2c5ef4 + +- tipc: improve size validations for received domain records + (bsc#1195254, CVE-2022-0435). +- commit 8dead82 + +- brcmfmac: firmware: Fix firmware loading (bsc#1195501) +- commit 01c98dd + +- brcmfmac: firmware: Allow per-board firmware binaries (bsc#1195501) +- commit 4c87ae7 + +- yam: fix a memory leak in yam_siocdevprivate() (CVE-2022-24959 + bsc#1195897). +- commit 5e032d3 + +- Update kabi files. +- commit f6a01f9 + +- usb: gadget: clear related members when goto fail + (CVE-2022-24958 bsc#1195905). +- usb: gadget: don't release an existing dev->buf (CVE-2022-24958 + bsc#1195905). +- commit eaa2838 + +- moxart: fix potential use-after-free on remove path (bsc#1194516 + CVE-2022-0487). +- commit 4e8eccc + +- brcmfmac: use separate firmware for 43430 revision 2 (bsc#1195501) +- commit 5b616d7 + +- memcg: do not tweak node in alloc_mem_cgroup_per_node_info + (bsc#1195752). +- mm: make free_area_init_node aware of memory less nodes + (bsc#1195752). +- mm, memory_hotplug: reorganize new pgdat initialization + (bsc#1195752). +- mm, memory_hotplug: drop arch_free_nodedata (bsc#1195752). +- mm: handle uninitialized numa nodes gracefully (bsc#1195752). +- mm, memory_hotplug: make arch_alloc_nodedata independent on + CONFIG_MEMORY_HOTPLUG (bsc#1195752). +- commit 8bbe670 + +- cpuidle: menu: Bias selection of a shallower c-state when CPU + idles for IO (bnc#1193353). +- commit 3f1a503 + +- static_call: Fix tools headers (bsc#1194975). +- commit e04353c + +- BTF: Don't break ABI when debuginfo is disabled (jsc#SLE-18805). + This makes re-enabling BTF for modules possible once fix for bsc#1194501 + is available. +- commit afc52cd + +- constraints: Also adjust disk requirement for x86 and s390. +- commit 9719db0 + +- constraints: Increase disk space for aarch64 +- commit 09c2882 + +- KVM: s390: Return error on SIDA memop on normal guest + (bsc#1195516 CVE-2022-0516). +- commit 3db2d99 + +- Update kabi files. + update for the latest scheduler changes +- commit cd3c5e1 + +- sched/fair: Adjust the allowed NUMA imbalance when SD_NUMA + spans multiple LLCs (bsc#1192120). +- sched/fair: Improve consistency of allowed NUMA balance + calculations (bsc#1192120). +- commit 6c87519 + +- NFSv4: Handle case where the lookup of a directory fails + (bsc#1195612 CVE-2022-24448). +- commit 3f047de + +- cgroup-v1: Require capabilities to set release_agent + (bsc#1195543 CVE-2022-0492). +- commit 80c2825 + +- Delete patches.suse/net-sched-disable-nolock-pfifo-fast.patch. (bsc#1187428) + This patch was a temporary workaround for bsc#1183405 race condition. + As SLE15-SP4 is based on 5.14 kernel which contains the upstream fix for + the race condition, disabling lockless implementation of pfifo_fast is not + actually needed. +- commit dd7ef49 + +- This is about really old Lenovo laptop HW/firmware issues + It's very likely that this has been fixed in firmware or in acpi + subsystem with another patch/blacklist whatsoever. + Removing for cleanup reasons: +- Delete patches.suse/acpi_thermal_passive_blacklist.patch. +- Delete + patches.suse/acpi_thinkpad_introduce_acpi_root_table_boot_param.patch. +- commit a21f3a8 + +- Update kabi files. +- Initial import from 2022-02-02 weekly submission + (commit 0d67d764121814add0f9e5468b80f3b8c8866bc7) +- The kABI Soft Freeze. +- Update kabi files. +- Initial import from 2022-02-02 weekly submission - the kABI Soft Freeze. +- commit 2ba84fd + +- fanotify: Fix stale file descriptor in copy_event_to_user() + (bsc#1195187). +- commit c598009 + +- tcp: Add a stub for sk_defer_free_flush() (bsc#1195400). +- commit 66984be + +- mm: vmscan: remove deadlock due to throttling failing to make + progress (bsc#1195357). +- commit 6096a6d + +- KVM: SEV: Prohibit migration of a VM that has mirrors + (bsc#1194526). +- KVM: SEV: Do COPY_ENC_CONTEXT_FROM with both VMs locked + (bsc#1194526). +- KVM: SEV: Fix typo in and tweak name of cmd_allowed_from_miror() + (bsc#1194526). +- KVM: SEV: Drop a redundant setting of sev->asid during + initialization (bsc#1194526). +- KVM: SEV: Set sev_info.active after initial checks in + sev_guest_init() (bsc#1194526). +- KVM: SEV: Disallow COPY_ENC_CONTEXT_FROM if target has created + vCPUs (bsc#1194526). +- commit 806c843 + +- Update patch reference for radeon regression fix (bsc#1195142) +- commit bc75946 + +- spi: mediatek: Avoid NULL pointer crash in interrupt + (git-fixes). +- spi: bcm-qspi: check for valid cs before applying chip select + (git-fixes). +- spi: uniphier: fix reference count leak in uniphier_spi_probe() + (git-fixes). +- spi: meson-spicc: add IRQ check in meson_spicc_probe + (git-fixes). +- spi: stm32-qspi: Update spi registering (git-fixes). +- irqchip/realtek-rtl: Fix off-by-one in routing (git-fixes). +- irqchip/realtek-rtl: Map control data to virq (git-fixes). +- tty: Add support for Brainboxes UC cards (git-fixes). +- usb: xhci-plat: fix crash when suspend if remote wake enable + (git-fixes). +- USB: core: Fix hang in usb_kill_urb by adding memory barriers + (git-fixes). +- usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge + (git-fixes). +- efi: runtime: avoid EFIv2 runtime services on Apple x86 machines + (git-fixes). +- efi/libstub: arm64: Fix image check alignment at entry + (git-fixes). +- drm/amd/display: Fix FP start/end for dcn30_internal_validate_bw + (git-fixes). +- drm/msm/dsi: Fix missing put_device() call in dsi_get_phy + (git-fixes). +- sch_htb: Fail on unsupported parameters when offload is + requested (git-fixes). +- can: tcan4x5x: regmap: fix max register value (git-fixes). +- phylib: fix potential use-after-free (git-fixes). +- net: phy: broadcom: hook up soft_reset for BCM54616S + (git-fixes). +- rpmsg: char: Fix race between the release of rpmsg_eptdev and + cdev (git-fixes). +- rpmsg: char: Fix race between the release of rpmsg_ctrldev + and cdev (git-fixes). +- ARM: 9180/1: Thumb2: align ALT_UP() sections in modules + sufficiently (git-fixes). +- usr/include/Makefile: add linux/nfc.h to the compile-test + coverage (git-fixes). +- gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock + (git-fixes). +- Bluetooth: refactor malicious adv data check (git-fixes). +- commit b99299d + +- tcp: add a missing sk_defer_free_flush() in tcp_splice_read() + (bsc#1195400). +- commit 90f376b + +- net: Flush deferred skb free on socket destroy (bsc#1195400). +- commit 2e63a82 + +- net/tls: Fix another skb memory leak when running kTLS traffic + (bsc#1195400). +- commit 3aa18f4 + +- net/tls: Fix skb memory leak when running kTLS traffic + (bsc#1195400). +- commit a9990a3 + +- tcp: add missing htmldocs for skb->ll_node and sk->defer_list + (bsc#1195400). +- commit 495cd25 + +- tcp: do not call tcp_cleanup_rbuf() if we have a backlog + (bsc#1195400). +- commit d5025e5 + +- tcp: defer skb freeing after socket lock is released + (bsc#1195400). +- commit 5ddbe0e + +- tcp: avoid indirect calls to sock_rfree (bsc#1195400). +- commit 6167ff6 + +- tcp: small optimization in tcp recvmsg() (bsc#1195400). +- commit 4db4a08 + +- rfkill: add kABI padding Patch-mainline: Never, kABI padding + References: bsc#1179531 (bsc#1179531). +- commit 4badc70 + +- sched/core: Forced idle accounting (bsc#1189999 (Scheduler + functional and performance backports)). +- sched: Make schedstats helpers independent of fair sched class + (bsc#1189999 (Scheduler functional and performance backports)). +- sched: Make struct sched_statistics independent of fair sched + class (bsc#1189999 (Scheduler functional and performance + backports)). +- commit 3157933 + +- List simpledrm in supported.conf (jsc#SLE-18823) + Makes the driver part of the regular kernel-default package. +- commit 7522e67 + +- continue to provide guest OS id on hyperv (bnc#814005, bsc#1189965). +- commit 69937ca + +- platform/x86: wmi: Fix driver->notify() vs ->probe() race + (git-fixes). +- commit 1957b33 + +- platform/x86: wmi: introduce helper to convert driver to WMI + driver (git-fixes). +- commit 0d205fc + +- platform/x86: wmi: Replace read_takes_no_args with a flags field + (git-fixes). +- commit 4e01e3a + +- platform/x86: wmi: make GUID block packed (git-fixes). +- commit d4f4098 + +- platform/x86: wmi: use guid_t and guid_equal() (git-fixes). +- commit ba3700f + +- platform/x86: wmi: use bool instead of int (git-fixes). +- commit fcf29d7 + +- platform/x86: wmi: use BIT() macro (git-fixes). +- commit fefbbd1 + +- platform/x86: wmi: remove unnecessary checks (git-fixes). +- commit bb591a0 + +- platform/x86: wmi: remove unnecessary casts (git-fixes). +- commit 3b81cff + +- platform/x86: wmi: remove unnecessary argument (git-fixes). +- commit 46d5bd4 + +- Delete patches.suse/bfq-tune-slice-idle.patch: BFQ logic has improved + and QA results don't indicate we need this anymore. +- commit 0ad80b2 + +- crypto: HMAC - disallow keys < 112 bits in FIPS mode + (jsc#SLE-21132,bsc#1193136). +- commit 3e251f8 + +- crypto: HMAC - add fips_skip support + (jsc#SLE-21132,bsc#1193136). +- commit d7c3015 + +- blacklist.conf: Added dups +- commit 2333475 + +- Drop superfluous x86 SME patch + The commit already present in another patch +- commit f64529e + +- Update config files: disable DEBUG_INFO_BTF_MODULES (bsc#1194501). +- commit b07bf3e + +- bpf: make module BTF toggleable (bsc#1194501). +- commit e268acf + +- kABI padding for bpf (bsc#1179531). +- commit 15e30ef + +- x86/sme: Explicitly map new EFI memmap table as encrypted + (bsc#1190497). +- commit 6282a43 + +- x86/MCE/AMD, EDAC/mce_amd: Support non-uniform MCA bank type + enumeration (jsc#SLE-19026). +- commit 3f43757 + +- x86/MCE/AMD: Export smca_get_bank_type symbol (jsc#SLE-19026). +- commit 49cf559 + +- x86/MCE/AMD, EDAC/mce_amd: Add new SMCA bank types + (jsc#SLE-19026). +- commit a089c33 + +- EDAC/amd64: Add support for AMD Family 19h Models 10h-1Fh and + A0h-AFh (jsc#SLE-19026). +- commit 804cac2 + +- EDAC: Add RDDR5 and LRDDR5 memory types (jsc#SLE-19026). +- commit 4ca03fe + +- scsi: nsp_cs: Check of ioremap return value (git-fixes). +- scsi: ufs: ufs-mediatek: Fix error checking in + ufs_mtk_init_va09_pwr_ctrl() (git-fixes). +- scsi: qedf: Fix potential dereference of NULL pointer + (git-fixes). +- scsi: Revert "scsi: hisi_sas: Filter out new PHY up events + during suspend" (git-fixes). +- scsi: ufs: Fix race conditions related to driver data + (git-fixes). +- scsi: pm8001: Fix kernel-doc warnings (git-fixes). +- scsi: core: Show SCMD_LAST in text form (git-fixes). +- scsi: pm80xx: Update WARN_ON check in pm8001_mpi_build_cmd() + (git-fixes). +- commit 5fed070 + +- Added blacklisted SCSI ufs commit +- commit 89e75cd + +- supported.conf: Mark drivers/perf/arm_dmc620_pmu as supported (jsc#SLE-19041) +- commit 48e38f8 + +- crypto: testmgr - disallow plain ghash in FIPS mode + (jsc#SLE-21132,bsc#1194777). +- commit a8532d3 + +- crypto: testmgr - disallow plain cbcmac(aes) in FIPS mode + (jsc#SLE-21132,bsc#1194774). +- commit 70677c0 + +- sched/fair: Revert update_pick_idlest() Select group with + lowest group_util when idle_cpus are equal (bnc#1193175). +- commit 5418435 + +- intel_idle: enable interrupts before C1 on Xeons (bnc#1155798 + (CPU scheduler functional and performance backports)). +- commit 78fa711 + +- filemap: Remove PageHWPoison check from next_uptodate_page() + (bnc#1190208 (MM functional and performance backports)). +- sched: Trigger warning if ->migration_disabled counter + underflows (bnc#1189998 (PREEMPT_RT prerequisite backports)). +- sched/fair: Cleanup task_util and capacity type (bnc#1189999 + (Scheduler functional and performance backports)). +- psi: Fix PSI_MEM_FULL state when tasks are in memstall + and doing reclaim (bnc#1189999 (Scheduler functional and + performance backports)). +- psi: Add a missing SPDX license header (bnc#1189999 (Scheduler + functional and performance backports)). +- psi: Remove repeated verbose comment (bnc#1189999 (Scheduler + functional and performance backports)). +- commit edff965 + +- crypto: api - Allow algs only in specific constructions in + FIPS mode (jsc#SLE-21132,bsc#1191256,bsc#1194774,bsc#1194777). +- Refresh + patches.suse/0001-crypto-implement-downstream-solution-for-disabling-d.patch. +- commit 592d0ee + +- blacklist.conf: Add a7ebf564de32 mm/memcg: relocate mod_objcg_mlstate(), get_obj_stock() and put_obj_stock() +- commit 69f3db3 + +- ALSA: hda: Remove redundant runtime PM calls (git-fixes). +- ALSA: hda: intel: More comprehensive PM runtime setup for + controller driver (git-fixes). +- commit b254574 + +- kernel-obs-build: include 9p (boo#1195353) + To be able to share files between host and the qemu vm of the build + script, the 9p and 9p_virtio kernel modules need to be included in + the initrd of kernel-obs-build. +- commit 0cfe67a + +- ALSA: hda: Fix UAF of leds class devs at unbinding + (bsc#1195349). +- commit 166e9b4 + +- gve: Add tx|rx-coalesce-usec for DQO (bsc#1195276). +- gve: Add consumed counts to ethtool stats (bsc#1195276). +- gve: Implement suspend/resume/shutdown (bsc#1195276). +- gve: Add optional metadata descriptor type GVE_TXD_MTD + (bsc#1195276). +- gve: remove memory barrier around seqno (bsc#1195276). +- gve: Update gve_free_queue_page_list signature (bsc#1195276). +- gve: Move the irq db indexes out of the ntfy block struct + (bsc#1195276). +- gve: Correct order of processing device options (bsc#1195276). +- gve: fix for null pointer dereference (bsc#1195276). +- gve: fix unmatched u64_stats_update_end() (bsc#1195276). +- gve: Add a jumbo-frame device option (bsc#1195276). +- gve: Implement packet continuation for RX (bsc#1195276). +- gve: Add RX context (bsc#1195276). +- gve: Use kvcalloc() instead of kvzalloc() (bsc#1195276). +- commit 0803caf + +- Update config files. (bsc#1195346) + Enable DMABUF_HEAPS[_SYSTEM] configuration options +- commit 3090423 + +- blacklist.conf: misattributed patch +- commit 8d2ba5e + +- blacklist.conf: misattributed patch +- commit ec33b0f + +- net: mcs7830: handle usb read errors properly (git-fixes). +- commit 48dab08 + +- ucount: Make get_ucount a safe get_user replacement + (bsc#1195306 CVE-2022-24122). +- commit b9063d5 + +- Refresh + patches.suse/kabi-arm64-reserve-space-in-cpu_hwcaps-and-cpu_hwcap.patch. +- commit 0b42051 + +- ceph: set pool_ns in new inode layout for async creates + (bsc#1195342). +- ceph: properly put ceph_string reference after async create + attempt (bsc#1195341). +- commit cade32d + +- bpf,x86: Respect X86_FEATURE_RETPOLINE* (bsc#1190497). +- commit 3017e7f + +- bpf,x86: Simplify computing label offsets (bsc#1190497). +- commit b5c6689 + +- x86,bugs: Unconditionally allow spectre_v2=retpoline,amd + (bsc#1190497). +- commit 8b8edaa + +- x86/alternative: Add debug prints to apply_retpolines() + (bsc#1190497). +- commit 76b6079 + +- x86/alternative: Try inline spectre_v2=retpoline,amd + (bsc#1190497). +- commit 4e48a24 + +- x86/alternative: Handle Jcc __x86_indirect_thunk_\reg + (bsc#1190497). +- commit 8b47d6e + +- x86/alternative: Implement .retpoline_sites support + (bsc#1190497). +- commit 758e879 + +- x86/retpoline: Create a retpoline thunk array (bsc#1190497). +- commit f1f201e + +- x86/retpoline: Move the retpoline thunk declarations to + nospec-branch.h (bsc#1190497). +- commit 6f7882c + +- x86/asm: Fixup odd GEN-for-each-reg.h usage (bsc#1190497). +- commit 0632c94 + +- x86/asm: Fix register order (bsc#1190497). +- commit f91c48e + +- x86/retpoline: Remove unused replacement symbols (bsc#1190497). +- commit 15d0b39 + +- objtool,x86: Replace alternatives with .retpoline_sites + (bsc#1190497). +- commit f215305 + +- objtool: Shrink struct instruction (bsc#1190497). +- commit 633fd59 + +- objtool: Explicitly avoid self modifying code in + .altinstr_replacement (bsc#1190497). +- commit b05fae2 + +- objtool: Classify symbols (bsc#1190497). +- commit c28da8d + +- ibmvnic: remove unused defines (bsc#1195293 ltc#196198). +- ibmvnic: Update driver return codes (bsc#1195293 ltc#196198). +- commit 7124b18 + +- kABI padding for generic crypto (bsc#1179531). +- commit 42a8077 + +- video: hyperv_fb: Fix validation of screen resolution + (git-fixes). +- Drivers: hv: balloon: account for vmbus packet header in + max_pkt_size (git-fixes). +- x86/hyperv: Properly deal with empty cpumasks in + hyperv_flush_tlb_multi() (git-fixes). +- commit 55fdcf1 + +- crypto: seqiv - flag instantiations as FIPS compliant + (jsc#SLE-21132,bsc#1194778). +- commit a0ea522 + +- kbuild: remove include/linux/cyclades.h from header file check + (git-fixes). +- commit 05fdfcd + +- PCI/sysfs: Find shadow ROM before static attribute + initialization (git-fixes). +- serial: stm32: fix software flow control transfer (git-fixes). +- tty: n_gsm: fix SW flow control encoding/handling (git-fixes). +- serial: 8250: of: Fix mapped region size when using reg-offset + property (git-fixes). +- tty: Partially revert the removal of the Cyclades public API + (git-fixes). +- usb: cdnsp: Fix segmentation fault in cdns_lost_power function + (git-fixes). +- usb: dwc3: xilinx: Fix error handling when getting USB3 PHY + (git-fixes). +- usb: dwc3: xilinx: Skip resets and USB3 register settings for + USB2.0 mode (git-fixes). +- usb: common: ulpi: Fix crash in ulpi_match() (git-fixes). +- usb: gadget: f_sourcesink: Fix isoc transfer for + USB_SPEED_SUPER_PLUS (git-fixes). +- ucsi_ccg: Check DEV_INT bit only when starting CCG4 (git-fixes). +- usb: typec: tcpm: Do not disconnect when receiving VSAFE0V + (git-fixes). +- usb: typec: tcpm: Do not disconnect while receiving VBUS off + (git-fixes). +- usb: typec: tcpci: don't touch CC line if it's Vconn source + (git-fixes). +- usb: roles: fix include/linux/usb/role.h compile issue + (git-fixes). +- drm/amd/display: reset dcn31 SMU mailbox on failures + (git-fixes). +- irqchip/gic-v4: Disable redistributors' view of the VPE table + at boot time (git-fixes). +- commit 9089800 + +- Move upstreamed patches into sorted section +- commit 44bc450 + +- kABI padding for qat (bsc#1179531). +- commit 38dc163 + +- blacklist.conf: mark git-fixes added to perf userspace package +- commit adbe3cf + +- crypto: xts - restrict key lengths to approved values in FIPS + mode (jsc#SLE-21132,bsc#1193136). +- commit 3c220f6 + +- ata: pata_platform: Fix a NULL pointer dereference in + __pata_platform_probe() (git-fixes). +- hwmon: (lm90) Fix sysfs and udev notifications (git-fixes). +- hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649 + (git-fixes). +- hwmon: (lm90) Mark alert as broken for MAX6680 (git-fixes). +- hwmon: (lm90) Mark alert as broken for MAX6654 (git-fixes). +- hwmon: (lm90) Re-enable interrupts after alert clears + (git-fixes). +- hwmon: (lm90) Reduce maximum conversion rate for G781 + (git-fixes). +- drm/amd/display/dc/calcs/dce_calcs: Fix a memleak in + calculate_bandwidth() (git-fixes). +- drm/etnaviv: relax submit size limits (git-fixes). +- drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable + (git-fixes). +- drm/msm/a6xx: Add missing suspend_count increment (git-fixes). +- drm/msm: Fix wrong size calculation (git-fixes). +- drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc + (git-fixes). +- drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy + (git-fixes). +- Revert "drm/ast: Support 1600x900 with 108MHz PCLK" (git-fixes). +- drm/atomic: Add the crtc to affected crtc only if uapi.enable = + true (git-fixes). +- commit 17cd888 + +- perf/x86/intel/uncore: Add IMC uncore support for ADL + (git-fixes). +- perf/x86/intel/uncore: Fix CAS_COUNT_WRITE issue for ICX + (git-fixes). +- perf/x86/intel: Add a quirk for the calculation of the number + of counters on Alder Lake (git-fixes). +- perf: Fix perf_event_read_local() time (git-fixes). +- perf: Protect perf_guest_cbs with RCU (git-fixes). +- commit 6b315d3 + +- bpf: Remove config check to enable bpf support for branch + records (git-fixes). +- commit f91c35f + +- blacklist.conf: blacklist a672b2e36a64 bpf: Fix ringbuf memory type confusion when passing to helpers +- commit 3132b8c + +- bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD) + (git-fixes). +- bpf: Adjust BTF log size limit (git-fixes). +- commit c6f8f64 + +- phonet: refcount leak in pep_sock_accep (bsc#1193867, + CVE-2021-45095). +- commit f4ec02a + +- Revert "xfrm: xfrm_state_mtu should return at least 1280 for + ipv6" (bsc#1185377, bsc#1194048). +- xfrm: fix MTU regression (bsc#1185377, bsc#1194048). +- commit d7a3024 + +- ext4: set csum seed in tmp inode while migrating to extents + (bsc#1195275). +- commit 8151d53 + +- Refresh patches.suse/x86-cpufeatures-add-kabi-padding.patch. +- commit 7c59b09 + +- KVM: SEV: initialize regions_list of a mirror VM (bsc#1194526). +- KVM: SEV: move mirror status to destination of + KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM (bsc#1194526). +- KVM: SEV: cleanup locking for KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM + (bsc#1194526). +- KVM: SEV: do not use list_replace_init on an empty list + (bsc#1194526). +- KVM: SEV: expose KVM_CAP_VM_MOVE_ENC_CONTEXT_FROM capability + (bsc#1194526). +- selftest: KVM: Add intra host migration tests (bsc#1194526). +- commit 77a7ab5 + +- Delete + patches.suse/0008-random-move-FIPS-continuous-test-to-output-functions.patch. + Obsoleted by Nicolai's FIPS RNG rework. +- commit 4892a02 + +- rpm/modules.fips: remove ansi_cprng (jsc#SLE-21132,bsc#1194773). +- commit d8f6d39 + +- Delete patches.suse/fips-enable-ansi_cprng-in-testmgr (jsc#SLE-21132,bsc#1194773). +- commit 9e8a9c1 + +- drm/vmwgfx: Fix stale file descriptors on failed usercopy + (CVE-2022-22942 bsc#1195065). +- commit b82dcaa + +- Delete + patches.suse/net-mvpp2-Enable-autoneg-bypass-for-1000BaseX-2500Ba.patch. + No longer needed. +- commit 7ab8bc0 + +- Delete + patches.suse/brcmfmac-Add-clm_blob-firmware-files-to-modinfo.patch. + Patch is part of v5.14 base kernel. +- commit d3c2d60 + +- Refresh patches.suse/arch-arm64-mm_context-t-placeholder.patch. + Re-enable kABI place holder for SLE15-SP4 +- commit 7bf2c52 + +- dma-buf: cma_heap: Fix mutex locking section (git-fixes). +- dma-buf: system_heap: Avoid warning on mid-order allocations + (git-fixes). +- commit 2944bf7 + +- drm/amdgpu/display: Only set vblank_disable_immediate when + PSR is not enabled (git-fixes). +- drm/amd/display: Enable PSR by default on newer DCN (git-fixes). +- commit 9be44b2 + +- x86/gpu: Reserve stolen memory for first integrated Intel GPU + (git-fixes). +- w1: Misuse of get_user()/put_user() reported by sparse + (git-fixes). +- usb: dwc2: gadget: initialize max_speed from params (git-fixes). +- commit fa8f66b + +- usb: hub: Add delay for SuperSpeed hub resume to let links + transit to U0 (git-fixes). +- usb: uhci: add aspeed ast2600 uhci support (git-fixes). +- usb: gadget: f_fs: Use stream_open() for endpoint files + (git-fixes). +- USB: ehci_brcm_hub_control: Improve port index sanitizing + (git-fixes). +- usb: dwc3: meson-g12a: fix shared reset control use (git-fixes). +- serial: core: Keep mctrl register state and cached copy in sync + (git-fixes). +- serial: pl011: Drop CR register reset on set_termios + (git-fixes). +- serial: pl010: Drop CR register reset on set_termios + (git-fixes). +- soc: imx: gpcv2: Synchronously suspend MIX domains (git-fixes). +- soc: ti: pruss: fix referenced node in error message + (git-fixes). +- commit 6ef0377 + +- rtc: cmos: take rtc_lock while reading from CMOS (git-fixes). +- phy: mediatek: Fix missing check in mtk_mipi_tx_probe + (git-fixes). +- regulator: qcom_smd: Align probe function with rpmh-regulator + (git-fixes). +- regulator: da9121: Prevent current limit change when enabled + (git-fixes). +- PM: runtime: Add safety net to supplier device release + (git-fixes). +- rtw88: 8822c: update rx settings to prevent potential hw + deadlock (git-fixes). +- rsi: Fix out-of-bounds read in rsi_read_pkt() (git-fixes). +- rsi: Fix use-after-free in rsi_rx_done_handler() (git-fixes). +- rtw88: add quirk to disable pci caps on HP 250 G7 Notebook PC + (git-fixes). +- PM: AVS: qcom-cpr: Use div64_ul instead of do_div (git-fixes). +- commit 0642d93 + +- PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA + controller (git-fixes). +- PCI: pciehp: Use down_read/write_nested(reset_lock) to fix + lockdep errors (git-fixes). +- mmc: mtk-sd: Use readl_poll_timeout instead of open-coded + polling (git-fixes). +- mtd: rawnand: gpmi: Add ERR007117 protection for + nfc_apply_timings (git-fixes). +- mtd: rawnand: gpmi: Remove explicit default gpmi clock setting + for i.MX6 (git-fixes). +- net: phy: marvell: configure RGMII delays for 88E1118 + (git-fixes). +- mt76: mt7615: improve wmm index allocation (git-fixes). +- mt76: do not pass the received frame with decryption error + (git-fixes). +- mt76: mt7615: fix possible deadlock while + mt7615_register_ext_phy() (git-fixes). +- net: phy: prefer 1000baseT over 1000baseKX (git-fixes). +- commit fe2b42c + +- mmc: sdhci-pci-gli: GL9755: Support for CD/WP inversion on OF + platforms (git-fixes). +- mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO + (git-fixes). +- mmc: tmio: reinit card irqs in reset routine (git-fixes). +- mfd: tps65910: Set PWR_OFF bit during driver probe (git-fixes). +- mfd: atmel-flexcom: Use .resume_noirq (git-fixes). +- mfd: atmel-flexcom: Remove #ifdef CONFIG_PM_SLEEP (git-fixes). +- media: saa7146: hexium_gemini: Fix a NULL pointer dereference + in hexium_attach() (git-fixes). +- media: rockchip: rkisp1: use device name for debugfs subdir name + (git-fixes). +- media: igorplugusb: receiver overflow should be reported + (git-fixes). +- media: m920x: don't use stack on USB reads (git-fixes). +- commit 3a8fd18 + +- media: atomisp: fix "variable dereferenced before check 'asd'" + (git-fixes). +- media: cec: fix a deadlock situation (git-fixes). +- media: saa7146: hexium_orion: Fix a NULL pointer dereference + in hexium_attach() (git-fixes). +- media: rcar-vin: Update format alignment constraints + (git-fixes). +- media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds + (git-fixes). +- media: venus: avoid calling core_clk_setrate() concurrently + during concurrent video sessions (git-fixes). +- media: b2c2: Add missing check in flexcop_pci_isr: (git-fixes). +- media: atomisp: handle errors at sh_css_create_isp_params() + (git-fixes). +- media: atomisp: check before deference asd variable (git-fixes). +- media: atomisp-ov2680: Fix ov2680_set_fmt() clobbering the + exposure (git-fixes). +- commit d62b853 + +- mac80211: allow non-standard VHT MCS-10/11 (bsc#1192891). +- iwlwifi: pcie: make sure prph_info is set when treating wakeup + IRQ (git-fixes). +- iwlwifi: mvm: fix AUX ROC removal (git-fixes). +- iwlwifi: mvm: Fix calculation of frame length (git-fixes). +- iwlwifi: remove module loading failure message (git-fixes). +- iwlwifi: fix leaks/bad data after failed firmware load + (git-fixes). +- iwlwifi: mvm: Increase the scan timeout guard to 30 seconds + (git-fixes). +- media: atomisp: set per-device's default mode (git-fixes). +- media: atomisp: fix enum formats logic (git-fixes). +- media: atomisp: add NULL check for asd obtained from + atomisp_video_pipe (git-fixes). +- commit 5c77fd4 + +- HID: Ignore battery for Elan touchscreen on HP Envy X360 + 15t-dr100 (git-fixes). +- i2c: designware-pci: Fix to change data types of hcnt and lcnt + parameters (git-fixes). +- i2c: mpc: Correct I2C reset procedure (git-fixes). +- i2c: i801: Don't silently correct invalid transfer size + (git-fixes). +- interconnect: qcom: rpm: Prevent integer overflow in rate + (git-fixes). +- iio: trigger: Fix a scheduling whilst atomic issue seen on + tsc2046 (git-fixes). +- HSI: core: Fix return freed object in hsi_new_client + (git-fixes). +- HID: magicmouse: Fix an error handling path in + magicmouse_probe() (git-fixes). +- iwlwifi: mvm: avoid clearing a just saved session protection id + (git-fixes). +- iwlwifi: mvm: synchronize with FW after multicast commands + (git-fixes). +- commit 6ef8153 + +- drm/i915/display/ehl: Update voltage swing table (git-fixes). +- floppy: Add max size check for user space request (git-fixes). +- gpiolib: acpi: Do not set the IRQ type if the IRQ is already + in use (git-fixes). +- HID: magicmouse: Report battery level over USB (git-fixes). +- HID: apple: Do not reset quirks when the Fn key is not found + (git-fixes). +- HID: i2c-hid-of: Expose the touchscreen-inverted properties + (git-fixes). +- HID: quirks: Allow inverting the absolute X/Y values + (git-fixes). +- drm/amdgpu: fixup bad vram size on gmc v8 (git-fixes). +- drm/etnaviv: consider completed fence seqno in hang check + (git-fixes). +- commit b98cf3a + +- drm/etnaviv: limit submit sizes (git-fixes). +- drm/amd/amdgpu: fix gmc bo pin count leak in SRIOV (git-fixes). +- drm/amd/amdgpu: fix psp tmr bo pin count leak in SRIOV + (git-fixes). +- drm/vmwgfx: Release ttm memory if probe fails (git-fixes). +- drm: rcar-du: Fix CRTC timings when CMM is used (git-fixes). +- drm/amd/display: add else to avoid double destroy clk_mgr + (git-fixes). +- drm/amdgpu/display: set vblank_disable_immediate for DC + (git-fixes). +- drm/amd/display: check top_pipe_to_program pointer (git-fixes). +- drm/bridge: megachips: Ensure both bridges are probed before + registration (git-fixes). +- drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga + Book X91F/L (git-fixes). +- commit 7ac44dd + +- crypto: qat - make pfvf send message direction agnostic + (git-fixes). +- Refresh + patches.suse/crypto-qat-fix-undetected-PFVF-timeout-in-ACK-loop.patch. +- commit 1517ba9 + +- crypto: hisilicon/hpre - fix memory leak in + hpre_curve25519_src_init() (git-fixes). +- drm/nouveau/kms/nv04: use vzalloc for nv04_display (git-fixes). +- drm/nouveau/pmu/gm200-: avoid touching PMU outside of + DEVINIT/PREOS/ACR (git-fixes). +- drm/bridge: dw-hdmi: handle ELD when + DRM_BRIDGE_ATTACH_NO_CONNECTOR (git-fixes). +- drm/ttm: Put BO in its memory manager's lru list (git-fixes). +- drm/lima: fix warning when CONFIG_DEBUG_SG=y & + CONFIG_DMA_API_DEBUG=y (git-fixes). +- drm/panel: Delete panel on mipi_dsi_attach() failure + (git-fixes). +- crypto: qat - remove unnecessary collision prevention step in + PFVF (git-fixes). +- commit 4a84546 + +- clk: meson: gxbb: Fix the SDM_EN bit for MPLL0 on GXBB + (git-fixes). +- backlight: qcom-wled: Respect enabled-strings in set_brightness + (git-fixes). +- backlight: qcom-wled: Use cpu_to_le16 macro to perform + conversion (git-fixes). +- batman-adv: allow netlink usage in unprivileged containers + (git-fixes). +- Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES (git-fixes). +- Bluetooth: btintel: Add missing quirks and msft ext for legacy + bootloader (git-fixes). +- Bluetooth: MGMT: Use hci_dev_test_and_{set,clear}_flag + (git-fixes). +- Bluetooth: Fix debugfs entry leak in hci_register_dev() + (git-fixes). +- Bluetooth: refactor set_exp_feature with a feature table + (git-fixes). +- commit 4823532 + +- ath11k: Fix napi related hang (git-fixes). +- ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream + (git-fixes). +- ath9k_htc: fix NULL pointer dereference at + ath9k_htc_tx_get_packet() (git-fixes). +- ath9k_htc: fix NULL pointer dereference at ath9k_htc_rxep() + (git-fixes). +- ath11k: Avoid false DEADLOCK warning reported by lockdep + (git-fixes). +- ath11k: avoid deadlock by change ieee80211_queue_work for + regd_update_work (git-fixes). +- ath11k: Avoid NULL ptr access during mgmt tx cleanup + (git-fixes). +- ath11k: add string type to search board data in board-2.bin + for WCN6855 (git-fixes). +- ath11k: Fix crash caused by uninitialized TX ring (git-fixes). +- commit 94ca4e3 + +- drm: Add kabi placeholders to commonly used structs + (bsc#1179531). +- commit 95ca796 + +- ASoC: mediatek: mt8183: fix device_node leak (git-fixes). +- ASoC: mediatek: mt8173: fix device_node leak (git-fixes). +- ASoC: mediatek: mt8192-mt6359: fix device_node leak (git-fixes). +- ASoC: imx-hdmi: add put_device() after of_find_device_by_node() + (git-fixes). +- ACPI: CPPC: Check present CPUs for determining _CPC is valid + (git-fixes). +- ACPI: battery: Add the ThinkPad "Not Charging" quirk + (git-fixes). +- ACPI / x86: Add not-present quirk for the PCI0.SDHB.BRC1 device + on the GPD win (git-fixes). +- ACPI / x86: Allow specifying acpi_device_override_status() + quirks by path (git-fixes). +- ACPI: Change acpi_device_always_present() into + acpi_device_override_status() (git-fixes). +- ACPI / x86: Drop PWM2 device on Lenovo Yoga Book from always + present table (git-fixes). +- ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 + (git-fixes). +- ACPICA: Fix wrong interpretation of PCC address (git-fixes). +- ACPICA: Executer: Fix the REFCLASS_REFOF case in + acpi_ex_opcode_1A_0T_1R() (git-fixes). +- ACPICA: Utilities: Avoid deleting the same object twice in a + row (git-fixes). +- ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions + (git-fixes). +- ath10k: Fix tx hanging (git-fixes). +- ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START + reply (git-fixes). +- amdgpu/pm: Make sysfs pm attributes as read-only for VFs + (git-fixes). +- ath11k: qmi: avoid error messages when dma allocation fails + (git-fixes). +- commit e0f2245 + +- Update + patches.suse/0002-char-random-reinstantiate-DRBGs-once-optimized-sha51.patch + (jsc#SLE-21132,bsc#1191259,bsc#1195160). +- commit 1ebad47 + +- net ticp:fix a kernel-infoleak in __tipc_sendmsg() (bsc#1195199 + CVE-2022-0382). +- net/packet: rx_owner_map depends on pg_vec (bsc#1195184 + CVE-2021-22600). +- commit 322fbf8 + +- powerpc/book3s64/radix: make tlb_single_page_flush_ceiling a + debugfs entry (bsc#1195183 ltc#193865). +- commit 5d7a0a2 + +- rds: Fix memory leak in __rds_conn_create() (bsc#1194090 CVE-2021-45480). +- commit 6d71aca + +- Update + patches.suse/cpufreq-ondemand-set-default-up_threshold-to-30-on-multi-core-systems.patch + (bsc#464461,bsc#981838,bsc#1064414,bsc#1144943,bsc#1193200,bsc#1193088). +- commit 1420840 + +- Revert IPMI backports (bsc#1195195) + It turned out that the recent backports of IPMI fixes cause a regression + on arm64 machine. + Deleted: + patches.suse/ipmi-Fix-UAF-when-uninstall-ipmi_si-and-ipmi_msghand.patch + patches.suse/ipmi-bail-out-if-init_srcu_struct-fails.patch + patches.suse/ipmi-fix-initialization-when-workqueue-allocation-fa.patch +- commit 435eaf7 + +- supported.conf: mark rtw88 modules as supported (jsc#SLE-22690) +- commit 37cc2d0 + +- mm: drop node from alloc_pages_vma (jsc#SLE-23098). +- commit 27520d6 + +- mm/mempolicy: wire up syscall set_mempolicy_home_node + (jsc#SLE-23098). +- mm/mempolicy: add set_mempolicy_home_node syscall + (jsc#SLE-23098). +- mm/mempolicy: use policy_node helper with MPOL_PREFERRED_MANY + (jsc#SLE-23098). +- mm/mempolicy: unify the create() func for + bind/interleave/prefer-many policies (jsc#SLE-23098). +- mm/mempolicy: advertise new MPOL_PREFERRED_MANY (jsc#SLE-23098). +- mm/hugetlb: add support for mempolicy MPOL_PREFERRED_MANY + (jsc#SLE-23098). +- mm/memplicy: add page allocation function for + MPOL_PREFERRED_MANY policy (jsc#SLE-23098). +- mm/mempolicy: add MPOL_PREFERRED_MANY for multiple preferred + nodes (jsc#SLE-23098). +- commit 41edfce + +- Update + patches.suse/USB-gadget-detect-too-big-endpoint-0-requests.patch + (bsc#1193802 CVE-2021-39685). + Updated references for CVE that became known after the fix + had been applied for other reasons +- commit 149a312 + +- Refresh patches.suse/powerpc-security-mitigation-patching.sh-Support-X-ta.patch. +- commit cc4f423 + +- ARM: 9170/1: fix panic when kasan and kprobe are enabled + (git-fixes). +- commit ae5a8de + +- net: bonding: fix bond_xmit_broadcast return value error bug + (git-fixes). +- mlx5: Don't accidentally set RTO_ONLINK before + mlx5e_route_lookup_ipv4_get() (git-fixes). +- libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() + (git-fixes). +- RDMA/cxgb4: Set queue pair state when being queried (git-fixes). +- RDMA/rxe: Fix a typo in opcode name (git-fixes). +- RDMA/cma: Let cma_resolve_ib_dev() continue search even after + empty entry (git-fixes). +- RDMA/core: Let ib_find_gid() continue search even after empty + entry (git-fixes). +- RDMA/qedr: Fix reporting max_{send/recv}_wr attrs (git-fixes). +- RDMA/rxe: Remove the unnecessary variable (git-fixes). +- RDMA/uverbs: Remove the unnecessary assignment (git-fixes). +- RDMA/hns: Modify the mapping attribute of doorbell to device + (git-fixes). +- RDMA/rtrs-clt: Fix the initial value of min_latency (git-fixes). +- RDMA/cma: Remove open coding of overflow checking for + private_data_len (git-fixes). +- RDMA/hns: Validate the pkey index (git-fixes). +- RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling + RCFW with pending cmd-bit" (git-fixes). +- Revert "net/mlx5: Add retry mechanism to the command entry + index allocation" (git-fixes). +- net/mlx5: Set command entry semaphore up once got index free + (git-fixes). +- net/mlx5e: Sync VXLAN udp ports during uplink representor + profile change (git-fixes). +- net/mlx5: Fix access to sf_dev_table on allocation failure + (git-fixes). +- net/mlx5e: Fix matching on modified inner ip_ecn bits + (git-fixes). +- Revert "net/mlx5e: Block offload of outer header csum for GRE + tunnel" (git-fixes). +- Revert "net/mlx5e: Block offload of outer header csum for UDP + tunnels" (git-fixes). +- net/mlx5e: Don't block routes with nexthop objects in SW + (git-fixes). +- net/mlx5e: Fix wrong usage of fib_info_nh when routes with + nexthop objects are used (git-fixes). +- net/mlx5e: Fix nullptr on deleting mirroring rule (git-fixes). +- net/mlx5e: Fix page DMA map/unmap attributes (git-fixes). +- bnxt_en: use firmware provided max timeout for messages + (git-fixes). +- igc: AF_XDP zero-copy metadata adjust breaks SKBs on XDP_PASS + (git-fixes). +- commit 450565e + +- Delete + patches.suse/block-genhd-use-atomic_t-for-disk_event-block.patc. + (bsc#1192913, bsc#1194850) +- commit 62f1042 + +- mm: vmscan: reduce throttling due to a failure to make progress + - fix (git fixes (mm/vmscan)). +- mm: vmscan: Reduce throttling due to a failure to make progress + (git fixes (mm/vmscan)). +- commit 985ae57 + +- Delete + patches.suse/mm-vmscan-Reduce-throttling-due-to-a-failure-to-make-progress.patch. +- commit 758b892 + +- ibmvnic: remove unused ->wait_capability (bsc#1195073 + ltc#195713). +- ibmvnic: don't spin in tasklet (bsc#1195073 ltc#195713). +- ibmvnic: init ->running_cap_crqs early (bsc#1195073 ltc#195713). +- ibmvnic: Allow extra failures before disabling (bsc#1195073 + ltc#195713). +- commit 80bb4bf + +- sched/fair: Mark tg_is_idle() an inline in the + !CONFIG_FAIR_GROUP_SCHED case (git fixes (sched/fair)). +- commit 3fda91c + +- bpf, mm: Fix lockdep warning triggered by + stack_map_get_build_id_offset() (git fixes (mm/mmap)). +- commit 7c2b587 + +- mm: shmem: don't truncate page if memory failure happens v2 + (bsc#1190208 (MM functional and performance backports)). +- commit 4233c64 + +- Revert "mm: shmem: don't truncate page if memory failure + happens" (git fixes (mm/shmem)). +- commit 91b69dc + +- nitro_enclaves: Use get_user_pages_unlocked() call to handle + mmap assert (git fixes (mm/gup)). +- commit d2119e6 + +- bpf: Fix out of bounds access for ringbuf helpers (bsc#1194111 + bsc#1194765 CVE-2021-4204 CVE-2022-23222). +- bpf: Generally fix helper register offset check (bsc#1194111 + bsc#1194765 CVE-2021-4204 CVE-2022-23222). +- bpf: Generalize check_ctx_reg for reuse with other types + (bsc#1194111 bsc#1194765 CVE-2021-4204 CVE-2022-23222). +- commit 5803ef2 + +- clocksource: Reduce the default clocksource_watchdog() retries + to 2 (bsc#1192724). +- commit ec1b82e + +- clocksource: Avoid accidental unstable marking of clocksources + (bsc#1192724). +- commit 8396e64 + +- x86/tsc: Disable clocksource watchdog for TSC on qualified + platorms (bsc#1192724). +- commit ad5e1ba + +- x86/tsc: Add a timer to make sure TSC_adjust is always checked + (bsc#1192724). +- commit c76fbc3 + +- Delete "Forgive repeated long-latency watchdog clocksource reads (bsc#1192724)" + The patch being deleted was a tentative fix that never made it into + upstream Linux. The clocksource instability issue will be addressed with + more appropriate fixes. +- scripts/git_sort/git_sort.py: Remove a dev branch of the -rcu tree +- Delete + patches.suse/clocksource-Forgive-repeated-long-latency-watchdog-c.patch. +- commit 726d4be + +- kernel-binary.spec.in: Move 20-kernel-default-extra.conf to the correctr + directory (bsc#1195051). +- commit c80b5de + +- scsi: kABI: Add suse_kabi_padding to scsi template structs + (bsc#1195056). +- commit 7342194 + +- Refresh + patches.suse/0003-kabi-Add-placeholders-to-a-couple-of-important-struc.patch. +- commit e169a7b + +- scsi: storvsc: Fix storvsc_queuecommand() memory leak + (git-fixes). +- commit a3c4175 + +- Move upstreamed IMA fix into sorted section +- commit 8970684 + +- psi: Fix uaf issue when psi trigger is destroyed while being + polled (git-fixes). +- bitops: protect find_first_{,zero}_bit properly (git-fixes). +- scripts/dtc: dtx_diff: remove broken example from help text + (git-fixes). +- Documentation: fix firewire.rst ABI file path error (git-fixes). +- commit b4b4dff + +- selftests/powerpc: Use date instead of EPOCHSECONDS in + mitigation-patching.sh (bsc#1194305 ltc#195651). +- commit d103181 + +- Refresh patches.suse/powerpc-security-mitigation-patching.sh-Support-X-ta.patch (bsc#1194305 ltc#195651). +- commit 96568cb + +- powerpc/64s: Mask SRR0 before checking against the masked NIP + (bsc#1194869). +- commit 2f4f88b + +- gpio: mpc8xxx: Fix an ignored error return from + platform_get_irq() (git-fixes). +- gpio: idt3243x: Fix an ignored error return from + platform_get_irq() (git-fixes). +- commit d403da6 + +- HID: uhid: Fix worker destroying device without any protection + (git-fixes). +- HID: vivaldi: fix handling devices not using numbered reports + (git-fixes). +- rtc: pxa: fix null pointer dereference (git-fixes). +- drm/radeon: fix error handling in radeon_driver_open_kms + (git-fixes). +- drm/amdgpu: don't do resets on APUs which don't support it + (git-fixes). +- clk: si5341: Fix clock HW provider cleanup (git-fixes). +- gpio: idt3243x: Fix IRQ check in idt_gpio_probe (git-fixes). +- gpio: mpc8xxx: Fix IRQ check in mpc8xxx_probe (git-fixes). +- commit 06c7e48 + +- ALSA: hda/cs8409: Add new Warlock SKUs to patch_cs8409 + (git-fixes). +- ALSA: core: Simplify snd_power_ref_and_wait() with the standard + macro (git-fixes). +- ALSA: core: Fix SSID quirk lookup for subvendor=0 (git-fixes). +- ALSA: usb-audio: add mapping for MSI MPG X570S Carbon Max Wifi + (git-fixes). +- ALSA: hda/realtek: fix speakers and micmute on HP 855 G8 + (git-fixes). +- commit 8124ea4 + +- HID: wacom: Avoid using stale array indicies to read contact + count (bsc#1194667). +- HID: wacom: Ignore the confidence flag when a touch is removed + (bsc#1194667). +- HID: wacom: Reset expected and received contact counts at the + same time (bsc#1194667). +- commit 19261e1 + +- drm/i915: Flush TLBs before releasing backing store + (CVE-2022-0330 bsc#1194880). +- commit d011369 + +- vfs: fs_context: fix up param length parsing in + legacy_parse_param (CVE-2022-0185 bsc#1194517). +- Rename and retag following upstream merge from: + patches.suse/vfs-Out-of-bounds-write-of-heap-buffer-in-fs_context-c.patch + to patches.suse/vfs-fs_context-fix-up-param-length-parsing-in-legacy.patch +- commit e3271e6 + +- Update + patches.suse/sctp-account-stream-padding-length-for-reconf-chunk.patch + (stable-5.14.14 bsc#1194985 CVE-2022-0322). + Added bsc/CVE reference +- commit c9b8efe + +- hwmon: (k10temp) Support up to 12 CCDs on AMD Family of + processors (bsc#1192644 jsc#SLE-17823). +- hwmon: (k10temp) Add support for AMD Family 19h Models 10h-1Fh + and A0h-AFh (bsc#1192644 jsc#SLE-17823). +- hwmon: (k10temp) Remove unused definitions (bsc#1192644 + jsc#SLE-17823). +- x86/amd_nb: Add AMD Family 19h Models (10h-1Fh) and (A0h-AFh) + PCI IDs (bsc#1192644 jsc#SLE-17823). +- commit b55859b + +- Revert "net: phy: fixed_phy: Fix NULL vs IS_ERR() checking in + __fixed_phy_register" (git-fixes). +- commit a9c90b6 + +- mt76: mt7921: fix possible resume failure (git-fixes). +- commit adeea28 + +- media: c8sectpfe: fix double free in configure_channels() + (git-fixes). +- media: c8sectpfe: remove redundant assignment to pointer tsin + (git-fixes). +- commit 4ff2399 + +- Add cherry-picked IDs for media videobuf2 fix +- commit e45c889 + +- iwlwifi: don't pass actual WGDS revision number in + table_revision (git-fixes). +- commit c270187 + +- Add cherry-picked ID to HID fix patch +- commit 57fe3df + +- bus: mhi: core: Fix reading wake_capable channel configuration + (git-fixes). +- bus: mhi: pci_generic: Graceful shutdown on freeze (git-fixes). +- commit 36e2acb + +- vfio/iommu_type1: replace kfree with kvfree (git-fixes). +- net: phy: micrel: use kszphy_suspend()/kszphy_resume for irq + aware devices (git-fixes). +- nfc: llcp: fix NULL error pointer dereference on sendmsg() + after failed bind() (git-fixes). +- net: phy: marvell: add Marvell specific PHY loopback + (git-fixes). +- lib82596: Fix IRQ check in sni_82596_probe (git-fixes). +- 9p: only copy valid iattrs in 9P2000.L setattr implementation + (git-fixes). +- drm/amd/display: explicitly set is_dsc_supported to false + before use (git-fixes). +- net: phy: fixed_phy: Fix NULL vs IS_ERR() checking in + __fixed_phy_register (git-fixes). +- commit 8409861 + +- kernel-binary.spec: Do not use the default certificate path (bsc#1194943). + Using the the default path is broken since Linux 5.17 +- commit 68b36f0 + +- fuse: Pass correct lend value to filemap_write_and_wait_range() + (bsc#1194959). +- commit ab3cc62 + +- mount: warn only once about timestamp range expiration + (bsc#1193000). +- commit d968bc1 + +- Update patches.suse/tpm-fix-potential-NULL-pointer-access-in-tpm_del_cha.patch + (git-fixes bsc#1193660 ltc#195634). +- commit 6be7501 + +- livepatch: Avoid CPU hogging with cond_resched (bsc#1071995). +- commit 17d77e0 + +- livepatch: Fix missing unlock on error in klp_enable_patch() + (bsc#1071995). +- commit 3aafada + +- livepatch: Fix kobject refcount bug on klp_init_patch_early + failure path (bsc#1071995). +- commit 14928de + +- PCI: vmd: Do not disable MSI-X remapping if interrupt remapping + is enabled by IOMMU (bsc#1194887). +- commit b96f35f + +- livepatch/kabi: refresh and reenable kABI padding for future arm64 support +- commit c5ed388 + +- Reenabling kABI placeholders for generic fpga stuff +- commit b6c6ae1 + +- Reenabling kABI placeholders for generic crypto stuff +- commit e9350d4 + +- Reenabling kABI placeholders for the QAT crypto driver +- commit 1804445 + +- Refresh patches.suse/0001-kABI-more-hooks-for-PCI-changes.patch. + Reenabling kABI placeholders for PCI stuff +- commit 6145d27 + +- Refresh patches.suse/0001-Thunderbolt-kABI-paddings-added.patch. +- Refresh + patches.suse/0002-Add-a-void-suse_kabi_padding-placeholder-to-some-USB.patch. +- Delete patches.suse/0001-USB-fix-kABI-padding.patch. + Reenabling the kABI placeholders for Type C stuff +- commit 297e89c + +- powerpc/64s: Use EMIT_WARN_ENTRY for SRR debug warnings + (bsc#1194869). +- powerpc/64s: Mask NIP before checking against SRR0 + (bsc#1194869). +- Revert "powerpc: Inline setup_kup()" (bsc#1194869). +- powerpc/modules: Don't WARN on first module allocation attempt + (bsc#1194869). +- powerpc/module_64: Fix livepatching for RO modules + (bsc#1194869). +- powerpc/xive: Change IRQ domain to a tree domain (bsc#1194869). +- commit 3b9be9e + +- net: Prevent HW-GRO and LRO features operate together + (bsc#1194628). +- commit b3b76f5 + +- powerpc/perf: Fix PMU callbacks to clear pending PMI before + resetting an overflown PMC (bsc#1156395). +- commit 178d341 + +- sched,x86: Don't use cluster topology for x86 hybrid CPUs + (jsc#SLE-18889,bnc#1194825). +- commit a3cf05e + +- Refresh + patches.suse/cpuidle-Poll-for-a-minimum-of-30ns-and-poll-for-a-tick-if-lower-c-states-are-disabled.patch. + Forward port for evaluation. +- commit 3ec28d7 + +- S390: Fix mlx5 throughput degradtion (jsc#SLE-22496). +- commit 6fe12cf + +- powerpc/prom_init: Fix improper check of prom_getprop() + (bsc#1065729). +- commit 07fce74 + +- crypto: qat - fix undetected PFVF timeout in ACK loop + (git-fixes). +- commit 008135a + +- powerpc/pseries/cpuhp: delete add/remove_by_count code + (bsc#1065729). +- powerpc/pseries/cpuhp: cache node corrections (bsc#1065729). +- commit b26d0d8 + +- Add cherry-picked IDs for qemu fw_cfg patches +- commit 550427b + +- powerpc/perf: Fix data source encodings for L2.1 and L3.1 + accesses (bsc#1065729). +- commit c39ded5 + +- dmaengine: at_xdmac: Fix at_xdmac_lld struct definition + (git-fixes). +- dmaengine: at_xdmac: Fix lld view setting (git-fixes). +- dmaengine: at_xdmac: Fix concurrency over xfers_list + (git-fixes). +- dmaengine: at_xdmac: Fix race for the tx desc callback + (git-fixes). +- dmaengine: at_xdmac: Fix concurrency over chan's + completed_cookie (git-fixes). +- dmaengine: at_xdmac: Print debug message after realeasing the + lock (git-fixes). +- dmaengine: at_xdmac: Start transfer for cyclic channels in + issue_pending (git-fixes). +- dmaengine: at_xdmac: Don't start transactions at tx_submit level + (git-fixes). +- dmaengine: idxd: fix wq settings post wq disable (git-fixes). +- dmaengine: uniphier-xdmac: Fix type of address variables + (git-fixes). +- Documentation: dmaengine: Correctly describe dmatest with + channel unset (git-fixes). +- virtio_ring: mark ring unused on error (git-fixes). +- virtio/virtio_mem: handle a possible NULL as a memcpy parameter + (git-fixes). +- remoteproc: qcom: pas: Add missing power-domain "mxc" for CDSP + (git-fixes). +- remoteproc: qcom: pil_info: Don't memcpy_toio more than is + provided (git-fixes). +- remoteproc: imx_rproc: Fix a resource leak in the remove + function (git-fixes). +- rpmsg: core: Clean up resources on announce_create failure + (git-fixes). +- ACPI: APD: Check for NULL pointer after calling devm_ioremap() + (git-fixes). +- drm/i915: Fix Memory BW formulae for ADL-P (git-fixes). +- net: usb: lan78xx: add Allied Telesis AT29M2-AF (git-fixes). +- commit ceaa6fc + +- Update config files (bsc#1194858). + CONFIG_INTEL_IDXD_COMPAT=n +- commit 86e1929 + +- Delete patches.suse/crypto-qat-fix-undetected-PFVF-timeout-in-ACK-loop.patch. + Remove empty patch +- commit a3108c7 + +- powerpc/xive: Add missing null check after calling kmalloc + (bsc#1177437 ltc#188522 jsc#SLE-13294 git-fixes). +- commit e8dfc9f + +- Refresh patches.suse/s390-mm-fix-2KB-pgtable-release-race.patch. + Correct the acked-by tag to the right position. +- commit 88fc17d + +- s390/mm: fix 2KB pgtable release race (bsc#1188896). +- commit 31e123b + +- nvme: fix visibility of dev_attr_dhchap_ctrl_secret sysfs + attribute (bsc#1194839). +- commit f70152e + +- Re-enable kABI placeholder pathces for HD-audio and ASoC +- commit c77cdff + +- ALSA: seq: virmidi: Add a drain operation (bsc#1192354). +- ALSA: hda: Add new AlderLake-P variant PCI ID (bsc#1192354). +- ALSA: hda: Add AlderLake-N PCI ID (bsc#1192354). +- ALSA: hda: use swap() to make code cleaner (bsc#1192354). +- ALSA: seq: Set upper limit of processed events (bsc#1192354). +- ALSA: usb-audio: Drop CONFIG_PM ifdefs (bsc#1192354). +- ALSA: Fix some typo (bsc#1192354). +- ALSA: hda/hdmi: Consider ELD is invalid when no SAD is present + (bsc#1192354). +- ALSA: hda: Do disconnect jacks at codec unbind (bsc#1192354). +- commit 3705026 + +- Update + patches.suse/bpf-Fix-kernel-address-leakage-in-atomic-fetch.patch + (bsc#1193883 bsc#1194826 CVE-2022-0264). +- commit b1fc140 + +- tracing/osnoise: Properly unhook events if + start_per_cpu_kthreads() fails (git-fixes). +- commit e3c4174 + +- tracing/kprobes: 'nmissed' not showed correctly for kretprobe + (git-fixes). +- commit f960845 + +- tracing: Add test for user space strings when filtering on + string pointers (git-fixes). +- commit face3d9 + +- typeC: Add kABI placeholders (bsc#1183030). +- commit 6c5f823 + +- nvme-auth: fixup crash at boot (jsc#SLE-20183). +- commit 8f1ac2e + +- xfs: fix I_DONTCACHE (git-fixes). +- commit 0f76c7a + +- libertas_tf: Add missing __packed annotations (git-fixes). +- commit 84a12f8 + +- libertas_tf: Use struct_group() for memcpy() region (git-fixes). +- commit aa4014c + +- selftests: KVM: Add test to verify KVM doesn't explode on + "bad" I/O (bsc#1194298). +- KVM: x86: Don't WARN if userspace mucks with RCX during string + I/O exit (bsc#1194298). +- commit 12e4caa + +- blacklist.conf: 3e2a56e6f639 ("tracing: Have syscall trace events use trace_event_buffer_lock_reserve()") + Optimization only. +- commit 3a0a34b + +- SUNRPC: Fix sockaddr handling in svcsock_accept_class trace + points (git-fixes). +- commit 2d4609d + +- swiotlb: Add CONFIG_HAS_IOMEM check around swiotlb_mem_remap() + (bsc#1183682). +- commit c991d0b + +- Move upstreamed hyperv patches into sorted section +- commit 12240b4 + +- Input: ti_am335x_tsc - fix STEPCONFIG setup for Z2 (git-fixes). +- Input: ti_am335x_tsc - set ADCREFM for X configuration + (git-fixes). +- i3c: master: dw: check return of dw_i3c_master_get_free_pos() + (git-fixes). +- i3c/master/mipi-i3c-hci: Fix a potentially infinite loop in + 'hci_dat_v1_get_index()' (git-fixes). +- i3c: fix incorrect address slot lookup on 64-bit (git-fixes). +- commit e6ac0a5 + +- Move upstreamed crypto and arm64 patches into sorted section +- commit a4955ac + +- SUNRPC: Fix sockaddr handling in the svc_xprt_create_error + trace point (git-fixes). +- commit c1d9cfb + +- devtmpfs regression fix: reconfigure on each mount + (bsc#1193377). +- commit 92e66c4 + +- drm/i915: Update memory bandwidth formulae (jsc#SLE-22724). +- commit 2ae01ab + +- drm/i915: Clean-up bonding debug message (jsc#SLE-22724). +- commit 26ae0ff + +- drm/i915: s/ddi_translations/trans/ (jsc#SLE-22724). +- commit f572040 + +- drm/i915/bios: get rid of vbt ddi_port_info (jsc#SLE-22724). +- commit 88e2afa + +- drm/i915/bios: use ddc pin directly from child data + (jsc#SLE-22724). +- commit 453ff21 + +- drm/i915/bios: move ddc pin mapping code next to ddc pin + sanitize (jsc#SLE-22724). +- Refresh + patches.suse/drm-i915-Fix-type1-DVI-DP-dual-mode-adapter-heuristi.patch. +- commit 1eb8e9c + +- drm/i915/bios: use alternate aux channel directly from child + data (jsc#SLE-22724). +- commit ed48aa0 + +- drm/i915/bios: use dp max link rate directly from child data + (jsc#SLE-22724). +- commit 34545c4 + +- drm/i915/bios: use max tmds clock directly from child data + (jsc#SLE-22724). +- commit ab53297 + +- drm/i915/bios: use hdmi level shift directly from child data + (jsc#SLE-22724). +- commit 01b51f5 + +- powerpc/security/mitigation-patching.sh: Support X taint flag + (bsc#1194305 ltc#195651). +- commit 18af6bc + +- tracing/probes: check the return value of kstrndup() for pbuf + (git-fixes). +- commit 2424e3d + +- tracing/uprobes: Check the return value of kstrdup() for + tu->filename (git-fixes). +- commit d142b62 + +- tracing: Do not let synth_events block other dyn_event systems + during create (git-fixes). +- commit 7b4ab30 + +- dt-bindings: display: meson-dw-hdmi: add missing + sound-name-prefix property (git-fixes). +- workqueue: Fix unbind_workers() VS wq_worker_sleeping() race + (git-fixes). +- workqueue: Fix unbind_workers() VS wq_worker_running() race + (git-fixes). +- timekeeping: Really make sure wall_to_monotonic isn't positive + (git-fixes). +- selinux: fix sleeping function called from invalid context + (git-fixes). +- preempt/dynamic: Fix setup_preempt_mode() return value + (git-fixes). +- sock: fix /proc/net/sockstat underflow in sk_clone_lock() + (git-fixes). +- scripts: update the comments of kallsyms support (git-fixes). +- commit 9f1e40d + +- dt-bindings: display: meson-vpu: Add missing amlogic,canvas + property (git-fixes). +- dt-bindings: thermal: Fix definition of cooling-maps + contribution property (git-fixes). +- dt-bindings: net: Reintroduce PHY no lane swap binding + (git-fixes). +- dt-bindings: media: nxp,imx7-mipi-csi2: Drop bad if/then schema + (git-fixes). +- dt-bindings: i2c: imx: hardware do not restrict clock-frequency + to only 100 and 400 kHz (git-fixes). +- dt-bindings: display: xilinx: Fix example with psgtr + (git-fixes). +- dt-bindings: devfreq: rk3399_dmc: fix clocks in example + (git-fixes). +- dt-bindings: net: dsa: marvell: fix compatible in example + (git-fixes). +- dt-bindings: net: dsa: sja1105: update nxp,sja1105.yaml + reference (git-fixes). +- dt-bindings: pinctrl: mt8195: Use real world values for + drive-strength arguments (git-fixes). +- commit b68e291 + +- Documentation/locking/locktypes: Update migrate_disable() bits + (git-fixes). +- commit ff0f4be + +- arm64: tegra: Remove non existent Tegra194 reset (git-fixes). +- arm64: mte: DC {GVA,GZVA} shouldn't be used when DCZID_EL0.DZP + == 1 (git-fixes). +- arm64: clear_page() shouldn't use DC ZVA when DCZID_EL0.DZP == + 1 (git-fixes). +- arm64: errata: Fix exec handling in erratum 1418040 workaround + (git-fixes). +- dt-bindings: mtd: update mtd-physmap.yaml reference (git-fixes). +- dt-bindings: msm: dsi: add missing 7nm bindings (git-fixes). +- dt-bindings: iio: accel: bma255: Fix interrupt type (git-fixes). +- dt-bindings: phy: Rename Intel Keem Bay USB PHY bindings + (git-fixes). +- dt-bindings: firmware: update arm,scpi.yaml reference + (git-fixes). +- commit 7b30d34 + +- arm64: dts: qcom: ipq6018: Fix gpio-ranges property (git-fixes). +- arm64: dts: qcom: c630: Fix soundcard setup (git-fixes). +- arm64: dts: qcom: msm8916: fix MMC controller aliases + (git-fixes). +- arm64: dts: qcom: sc7280: Fix incorrect clock name (git-fixes). +- arm64: dts: qcom: msm8996: drop not documented adreno properties + (git-fixes). +- arm64: dts: marvell: cn9130: enable CP0 GPIO controllers + (git-fixes). +- arm64: dts: marvell: cn9130: add GPIO and SPI aliases + (git-fixes). +- arm64: dts: ti: k3-j7200: Correct the d-cache-sets info + (git-fixes). +- arm64: dts: ti: k3-j721e: Fix the L2 cache sets (git-fixes). +- arm64: dts: ti: k3-j7200: Fix the L2 cache sets (git-fixes). +- commit 97c18d2 + +- arm64: dts: ti: k3-am642: Fix the L2 cache sets (git-fixes). +- arm64: dts: ti: k3-j721e: correct cache-sets info (git-fixes). +- arm64: dts: meson-gxbb-wetek: fix missing GPIO binding + (git-fixes). +- arm64: dts: meson-gxbb-wetek: fix HDMI in early boot + (git-fixes). +- arm64: dts: amlogic: Fix SPI NOR flash node name for ODROID + N2/N2+ (git-fixes). +- arm64: dts: amlogic: meson-g12: Fix GPU operating point table + node name (git-fixes). +- arm64: dts: renesas: cat875: Add rx/tx delays (git-fixes). +- arm64: dts: lx2160a: fix scl-gpios property name (git-fixes). +- arm64: dts: allwinner: orangepi-zero-plus: fix PHY mode + (git-fixes). +- arm64: dts: rockchip: fix poweroff on helios64 (git-fixes). +- commit 68a372e + +- arm64: dts: rockchip: fix audio-supply for Rock Pi 4 + (git-fixes). +- arm64: dts: rockchip: fix rk3399-leez-p710 vcc3v3-lan supply + (git-fixes). +- arm64: dts: rockchip: fix rk3308-roc-cc vcc-sd supply + (git-fixes). +- arm64: dts: rockchip: remove mmc-hs400-enhanced-strobe from + rk3399-khadas-edge (git-fixes). +- arm64: dts: imx8mq: remove interconnect property from lcdif + (git-fixes). +- arm64: kexec: Fix missing error code 'ret' warning in + load_other_segments() (git-fixes). +- arm64: ftrace: add missing BTIs (git-fixes). +- arm64: uaccess: avoid blocking within critical sections + (git-fixes). +- arm64: dts: qcom: sdm845-oneplus: remove devinfo-size from + ramoops node (git-fixes). +- arm64: dts: allwinner: a100: Fix thermal zone node name + (git-fixes). +- commit 08fa850 + +- arm64: dts: allwinner: h5: Fix GPU thermal zone node name + (git-fixes). +- arm64: dts: imx8mm-kontron: Fix reset delays for ethernet PHY + (git-fixes). +- arm64: dts: ls1012a: Add serial alias for ls1012a-rdb + (git-fixes). +- arm64: dts: freescale: fix arm,sp805 compatible string + (git-fixes). +- arm64: dts: hisilicon: fix arm,sp805 compatible string + (git-fixes). +- arm64: dts: broadcom: bcm4908: Move reboot syscon out of bus + (git-fixes). +- arm64: dts: qcom: sdm845: Fix qcom,controlled-remotely property + (git-fixes). +- arm64: dts: qcom: ipq6018: Fix qcom,controlled-remotely property + (git-fixes). +- arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and + residency (git-fixes). +- commit 5e706fb + +- kunit: fix kernel-doc warnings due to mismatched arg names + (git-fixes). +- commit 584c0b5 + +- ARM: dts: omap3-n900: Fix lp5523 for multi color (git-fixes). +- ARM: 9159/1: decompressor: Avoid UNPREDICTABLE NOP encoding + (git-fixes). +- ARM: dts: exynos: Fix BCM4330 Bluetooth reset polarity in I9100 + (git-fixes). +- arm64: dts: meson-g12b-odroid-n2: add 5v regulator gpio + (git-fixes). +- arm64: zynqmp: Fix serial compatible string (git-fixes). +- arm64: zynqmp: Do not duplicate flash partition label property + (git-fixes). +- arm64: vdso32: require CROSS_COMPILE_COMPAT for gcc+bfd + (git-fixes). +- arm64: dts: qcom: sm8350: Rename GENI serial engine DT node + (git-fixes). +- arm64: dts: qcom: sc7280: Remove pm8350 and pmr735b for + sc7280-idp (git-fixes). +- commit d164fbf + +- ARM: dts: armada-38x: Add generic compatible to UART nodes + (git-fixes). +- ARM: dts: stm32: fix dtbs_check warning on ili9341 dts binding + on stm32f429 disco (git-fixes). +- ARM: dts: gemini: NAS4220-B: fis-index-block with 128 KiB + sectors (git-fixes). +- ARM: dts: gpio-ranges property is now required (git-fixes). +- ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling + (git-fixes). +- ARM: 9160/1: NOMMU: Reload __secondary_data after + PROCINFO_INITFUNC (git-fixes). +- ARM: dts: imx6qdl-wandboard: Fix Ethernet support (git-fixes). +- ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name + (git-fixes). +- ARM: socfpga: dts: fix qspi node compatible (git-fixes). +- ARM: dts: bcm2711: Fix PCIe interrupts (git-fixes). +- commit ef21691 + +- ARM: dts: BCM5301X: Add interrupt properties to GPIO node + (git-fixes). +- ARM: dts: BCM5301X: Fix I2C controller interrupt (git-fixes). +- ARM: configs: aspeed_g5: Reneable DRM_FBDEV_EMULATION + (git-fixes). +- ARM: dts: qcom: fix memory and mdio nodes naming for RB3011 + (git-fixes). +- ARM: dts: omap: fix gpmc,mux-add-data type (git-fixes). +- ARM: dts: sunxi: Fix OPPs node name (git-fixes). +- ARM: dts: ls1021a-tsn: use generic "jedec,spi-nor" compatible + for flash (git-fixes). +- ARM: dts: ls1021a: move thermal-zones node out of soc/ + (git-fixes). +- ARM: dts: ux500: Skomer regulator fixes (git-fixes). +- ARM: BCM53016: Specify switch ports for Meraki MR32 (git-fixes). +- commit 187b6ed + +- ARM: dts: NSP: Fix mpcore, mmc node names (git-fixes). +- ARM: dts: BCM5301X: Fix MDIO mux binding (git-fixes). +- ARM: dts: BCM5301X: Fix nodes names (git-fixes). +- ARM: imx_v6_v7_defconfig: enable fb (git-fixes). +- ARM: 9110/1: oabi-compat: fix oabi epoll sparse warning + (git-fixes). +- ARM: dts: vf610-zii-dev-rev-b: Remove #address-cells and + [#]size-cells property from at93c46d dt node (git-fixes). +- ARM: tegra: Enable CONFIG_CROS_EC (git-fixes). +- ARM: tegra: Enable CONFIG_FB (git-fixes). +- commit 51d32f8 + +- Add cherry-picked id for HD-audio HDMI fix (git-fixes) +- commit 4f7bd06 + +- cgroup: Trace event cgroup id fields should be u64 (git-fixes). +- commit db15697 + +- crypto: qat - fix undetected PFVF timeout in ACK loop + (git-fixes). +- commit a5918df + +- selftests: KVM: Explicitly use movq to read xmm registers + (git-fixes). +- commit 2d50b70 + +- Delete patches.suse/cdrom-turn-off-autoclose-by-default.patch (bsc#1165047). + This is now shipped as modprobe.conf preset in suse-module-tools. +- commit 6aca37e + +- select: Fix indefinitely sleeping task in + poll_schedule_timeout() (bsc#1194027). +- commit 1695292 + +- Move upstreamed subsystem patches into sorted section +- commit cb7f697 + +- PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device + (git-fixes). +- PCI: pci-bridge-emul: Correctly set PCIe capabilities + (git-fixes). +- PCI: pci-bridge-emul: Fix definitions of reserved bits + (git-fixes). +- video: vga16fb: Only probe for EGA and VGA 16 color graphic + cards (git-fixes). +- USB: core: Fix bug in resuming hub's handling of wakeup requests + (git-fixes). +- USB: Fix "slab-out-of-bounds Write" bug in + usb_hcd_poll_rh_status (git-fixes). +- random: fix crash on multiple early calls to + add_bootloader_randomness() (git-fixes). +- random: fix data race on crng init time (git-fixes). +- random: fix data race on crng_node_pool (git-fixes). +- staging: wlan-ng: Avoid bitwise vs logical OR warning in + hfa384x_usb_throttlefn() (git-fixes). +- commit 9176445 + +- PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI + config space (git-fixes). +- PCI: pci-bridge-emul: Make expansion ROM Base Address register + read-only (git-fixes). +- PCI: xgene: Fix IB window setup (git-fixes). +- PCI: mvebu: Fix support for DEVCAP2, DEVCTL2 and LNKCTL2 + registers on emulated bridge (git-fixes). +- PCI: mvebu: Fix support for PCI_EXP_RTSTA on emulated bridge + (git-fixes). +- PCI: mvebu: Fix support for PCI_EXP_DEVCTL on emulated bridge + (git-fixes). +- PCI: mvebu: Do not modify PCI IO type bits in conf_write + (git-fixes). +- PCI: mvebu: Check for errors from pci_bridge_emul_init() call + (git-fixes). +- PCI: mediatek-gen3: Disable DVFSRC voltage request (git-fixes). +- commit d9b2ed2 + +- PCI: dwc: Do not remap invalid res (git-fixes). +- PCI: aardvark: Fix checking for MEM resource type (git-fixes). +- PCI: pciehp: Fix infinite loop in IRQ handler upon power fault + (git-fixes). +- drm/amdkfd: Check for null pointer after calling kmemdup + (git-fixes). +- drm/sun4i: dw-hdmi: Fix missing put_device() call in + sun8i_hdmi_phy_get (git-fixes). +- drm/atomic: Check new_crtc_state->active to determine if CRTC + needs disable in self refresh mode (git-fixes). +- drm/i915/ttm: add unmap_virtual callback (git-fixes). +- drm/i915: don't call free_mmap_offset when purging (git-fixes). +- mmc: sdhci-pci: Add PCI ID for Intel ADL (git-fixes). +- drm/i915: Avoid bitwise vs logical OR warning in + snb_wm_latency_quirk() (git-fixes). +- commit 9f50bf5 + +- Bluetooth: btusb: Add support for Foxconn QCA 0xe0d0 + (git-fixes). +- Bluetooth: btusb: Add support for Foxconn MT7922A (git-fixes). +- Bluetooth: btusb: Add two more Bluetooth parts for WCN6855 + (git-fixes). +- Bluetooth: btusb: Add one more Bluetooth part for WCN6855 + (git-fixes). +- Bluetooth: btusb: Add one more Bluetooth part for the Realtek + RTL8852AE (git-fixes). +- Bluetooth: btusb: enable Mediatek to support AOSP extension + (git-fixes). +- Bluetooth: bfusb: fix division by zero in send path (git-fixes). +- commit 9fdbfa4 + +- Move upstreamed ALSA and coresight patches into sorted section +- commit 14619f6 + +- Bluetooth: btintel: Fix broken LED quirk for legacy ROM devices + (bsc#1193124). +- Delete + patches.suse/Bluetooth-Apply-initial-command-workaround-for-more-.patch. +- commit 38b5832 + +- blacklist.conf: add one ath5k config fix +- commit d106a94 + +- SUNRPC: lock against ->sock changing during sysfs read + (bsc#1194324). +- SUNRPC: Check if the xprt is connected before handling sysfs + reads (bsc#1194324). +- commit f48a6d6 + +- xfs: only run COW extent recovery when there are no live extents + (bsc#1193791). +- commit f025202 + +- xfs: move recovery needed state updates to xfs_log_mount_finish + (bsc#1193791). +- commit 3ab22f2 + +- xfs: allow setting and clearing of log incompat feature flags + (bsc#1193791). +- commit e5ce8a5 + +- xfs: remove all COW fork extents when remounting readonly + (git-fixes). +- commit dda180e + +- xfs: punch out data fork delalloc blocks on COW writeback + failure (git-fixes). +- commit d8175c4 + +- ALSA: hda: ALC287: Add Lenovo IdeaPad Slim 9i 14ITL5 speaker + quirk (git-fixes). +- ALSA: hda/realtek: Re-order quirk entries for Lenovo + (git-fixes). +- ALSA: hda/realtek: Add quirk for Legion Y9000X 2020 (git-fixes). +- ALSA: hda/tegra: Fix Tegra194 HDA reset failure (git-fixes). +- ALSA: hda/realtek: Use ALC285_FIXUP_HP_GPIO_LED on another HP + laptop (git-fixes). +- ALSA: hda/realtek: Add speaker fixup for some Yoga 15ITL5 + devices (git-fixes). +- commit 97194d3 + +- mei: hbm: fix client dma reply status (git-fixes). +- misc: lattice-ecp3-config: Fix task hung when firmware load + failed (git-fixes). +- phy: cadence: Sierra: Fix to get correct parent for mux clocks + (git-fixes). +- phy: uniphier-usb3ss: fix unintended writing zeros to PHY + register (git-fixes). +- iio: adc: ti-adc081c: Partial revert of removal of ACPI IDs + (git-fixes). +- firmware: qemu_fw_cfg: fix sysfs information leak (git-fixes). +- firmware: qemu_fw_cfg: fix kobject leak in probe error path + (git-fixes). +- firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate + entries (git-fixes). +- firmware: Update Kconfig help text for Google firmware + (git-fixes). +- uio: uio_dmem_genirq: Catch the Exception (git-fixes). +- char/mwave: Adjust io port register size (git-fixes). +- misc: at25: Make driver OF independent again (git-fixes). +- ASoC: imx-card: improve the sound quality for low rate + (git-fixes). +- ASoC: imx-card: Fix mclk calculation issue for akcodec + (git-fixes). +- ASoC: imx-card: Need special setting for ak4497 on i.MX8MQ + (git-fixes). +- ASoC: fsl_asrc: refine the check of available clock divider + (git-fixes). +- dmaengine: pxa/mmp: stop referencing config->slave_id + (git-fixes). +- commit 0ba81f9 + +- ASoC: fsl_mqs: fix MODULE_ALIAS (git-fixes). +- ASoC: samsung: idma: Check of ioremap return value (git-fixes). +- ASoC: mediatek: Check for error clk pointer (git-fixes). +- ASoC: Intel: catpt: Test dmaengine_submit() result before + moving on (git-fixes). +- ASoC: rt5663: Handle device_property_read_u32_array error codes + (git-fixes). +- ASoC: codecs: wcd938x: add SND_SOC_WCD938_SDW to codec list + instead (git-fixes). +- ASoC: uniphier: drop selecting non-existing + SND_SOC_UNIPHIER_AIO_DMA (git-fixes). +- ASoC: Intel: sof_sdw: fix jack detection on HP Spectre x360 + convertible (git-fixes). +- ALSA: hda/cs8409: Fix Jack detection after resume (git-fixes). +- ALSA: hda/cs8409: Increase delay during jack detection + (git-fixes). +- commit 501f634 + +- ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus + Master after reboot from Windows (git-fixes). +- ALSA: usb-audio: Drop superfluous '0' in Presonus Studio + 1810c's ID (git-fixes). +- ALSA: oss: fix compile error when OSS_DEBUG is enabled + (git-fixes). +- ALSA: hda: Make proper use of timecounter (git-fixes). +- ALSA: led: Use restricted type for iface assignment (git-fixes). +- ALSA: hda: Fix potential deadlock at codec unbinding + (git-fixes). +- ALSA: hda: Add missing rwsem around snd_ctl_remove() calls + (git-fixes). +- ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls + (git-fixes). +- ALSA: jack: Add missing rwsem around snd_ctl_remove() calls + (git-fixes). +- commit 073769b + +- Updated mpi3mr entry in supported.conf (bsc#1194578 jsc#SLE-18121) +- commit d76e53a + +- Move upstreamed thunderbolt patches into sorted section +- commit cc9c167 + +- selftests: KVM: Fix non-x86 compiling (bsc#1194396). +- commit f5bdc4a + +- x86/sev: Move common memory encryption code to mem_encrypt.c + (jsc#SLE-19924). +- Update config files. +- commit 295fcc1 + +- x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c + (jsc#SLE-19924). +- commit e716904 + +- x86/sev: Use CC_ATTR attribute to generalize string I/O unroll + (jsc#SLE-19924). +- x86/sev: Remove do_early_exception() forward declarations + (jsc#SLE-19924). +- x86/head64: Carve out the guest encryption postprocessing into + a helper (jsc#SLE-19924). +- x86/sev: Get rid of excessive use of defines (jsc#SLE-19924). +- x86/sev: Shorten GHCB terminate macro names (jsc#SLE-19924). +- commit f844a2b + +- Delete mistakenly merged bogus file. +- commit 3a6a1bf + +- Update config files to enable NVMe In-band Authentication (jsc#SLE-20183) +- commit 1154950 + +- nvme: add TCP TSAS definitions (jsc#SLE-20183). +- {PATCH 11/12] nvmet-auth: expire authentication sessions + (jsc#SLE-20183). +- nvmet-auth: Diffie-Hellman key exchange support (jsc#SLE-20183). +- nvmet: Implement basic In-Band Authentication (jsc#SLE-20183). +- nvmet: parse fabrics commands on io queues (jsc#SLE-20183). +- nvme-auth: Diffie-Hellman key exchange support (jsc#SLE-20183). +- nvme: Implement In-Band authentication (jsc#SLE-20183). +- nvme-fabrics: decode 'authentication required' connect error + (jsc#SLE-20183). +- nvme: add definitions for NVMe In-Band authentication + (jsc#SLE-20183). +- lib/base64: RFC4648-compliant base64 encoding (jsc#SLE-20183). +- crypto: add crypto_has_kpp() (jsc#SLE-20183). +- crypto: add crypto_has_shash() (jsc#SLE-20183). +- commit 64effa8 + +- mailbox: hi3660: convert struct comments to kernel-doc notation + (git-fixes). +- PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity() + (git-fixes). +- commit 098c83f + +- nvme: add new discovery log page entry definitions + (bsc#1192761). +- nvme: add CNTRLTYPE definitions for 'identify controller' + (bsc#1192761). +- commit 769658d + +- Move upstreamed serial patches into sorted section +- commit 3fba525 + +- nvme: add 'iopolicy' module parameter (bsc#1177599). +- nvme-fabrics: print out valid arguments when reading from + /dev/nvme-fabrics (bsc#1192761). +- nvme: fix use after free when disconnecting a reconnecting ctrl + (bsc#1192761). +- nvme-multipath: set ana_log_size to 0 after free ana_log_buf + (bsc#1192761). +- nvmet: register discovery subsystem as 'current' (bsc#1192761). +- nvmet: switch check for subsystem type (bsc#1192761). +- nvme: display correct subsystem NQN (bsc#1192761). +- nvme: Add connect option 'discovery' (bsc#1192761). +- nvme: expose subsystem type in sysfs attribute 'subsystype' + (bsc#1192761). +- nvmet: set 'CNTRLTYPE' in the identify controller data + (bsc#1192761). +- nvmet: add nvmet_is_disc_subsys() helper (bsc#1192761). +- nvmet: make discovery NQN configurable (bsc#1192761). +- commit 439c8e7 + +- btrfs: respect the max size in the header when activating swap file (bsc#1194595). +- commit ed07a37 + +- tools headers UAPI: Sync linux/prctl.h with the kernel sources + (bsc#1194659). +- commit 5606b92 + +- Disable hyperv_fb in favour of hyperv_drm (jsc#SLE-19733) +- commit 19fee0c + +- net: mana: Add RX fencing (bsc#1193506). +- commit e3d6f05 + +- Drivers: hv: vmbus: Initialize request offers message for + Isolation VM (bsc#1183682). +- commit 7c5d060 + +- scsi: storvsc: Fix unsigned comparison to zero (git-fixes). +- commit 9e68988 + +- x86/hyperv: Fix definition of hv_ghcb_pg variable (bsc#1183682). +- commit 95638ec + +- Drivers: hv: Fix definition of hypercall input & output arg + variables (git-fixes). +- commit 607f280 + +- net: netvsc: Add Isolation VM support for netvsc driver + (bsc#1183682). +- commit 6e48a4c + +- hv_sock: Extract hvs_send_data() helper that takes only header + (git-fixes). +- commit 460e07f + +- scsi: storvsc: Add Isolation VM support for storvsc driver + (bsc#1183682). +- commit e37f664 + +- hyper-v: Enable swiotlb bounce buffer for Isolation VM + (bsc#1183682). +- commit 48df245 + +- net: mana: Add XDP support (bsc#1193506). +- commit 5fa8748 + +- hv_netvsc: Use bitmap_zalloc() when applicable (bsc#1193506). +- commit 11f2462 + +- PCI: hv: Add arm64 Hyper-V vPCI support + (jsc#SLE-17855,bsc#1186071). +- commit e9d267d + +- PCI: hv: Make the code arch neutral by adding arch specific + interfaces (jsc#SLE-17855,bsc#1186071). +- commit 51d1087 + +- PCI: hv: Use PCI_ERROR_RESPONSE to identify config read errors + (git-fixes). +- commit e8d71a7 + +- x86/hyper-v: Add hyperv Isolation VM check in the + cc_platform_has() (bsc#1183682). +- commit 4fb06cd + +- swiotlb: Add swiotlb bounce buffer remap function for HV IVM + (bsc#1183682). +- commit 8e7bfc2 + +- uapi/linux/prctl: provide macro definitions for the PR_SCHED_CORE + type argument (bsc#1194659). +- commit d1a1904 + +- btrfs: fix warning when freeing leaf after subvolume creation + failure (bsc#1194656). +- btrfs: fix invalid delayed ref after subvolume creation failure + (bsc#1194656). +- btrfs: fix double free of anon_dev after failure to create + subvolume (bsc#1194656). +- commit e3b8e6b + +- KVM: SVM: Fall back to KVM's hardcoded value for EDX at RESET/INIT + (bsc#1194650). +- commit aaac702 + +- KVM: SVM: Require exact CPUID.0x1 match when stuffing EDX at INIT + (bsc#1194650). +- commit d70b6af + +- KVM: VMX: Set EDX at INIT with CPUID.0x1, Family-Model-Stepping + (bsc#1194647). +- commit b8eb21e + +- Refresh + patches.suse/Revert-drm-i915-Implement-Wa_1508744258.patch. + Alt-commit +- commit 7a9c995 + +- Refresh + patches.suse/0445-drm-i915-Revert-guc_id-from-i915_request-tracepoint.patch. + Alt-commit +- commit 50dc252 + +- KVM: SVM: Zero out GDTR.base and IDTR.base on INIT + (bsc#1194644). +- commit 1e7e5ae + +- Revert "drm/i915/display: Disable audio, DRRS and PSR before + planes" (git-fixes). +- commit fa3f617 + +- KVM: nVMX: Set LDTR to its architecturally defined value on + nested VM-Exit (bsc#1194641). +- commit ef61f72 + +- KVM: x86: Flush the guest's TLB on INIT (bsc#1194639). +- commit b025945 + +- KVM: x86/mmu: Fix use of enums in trace_fast_page_fault + (bsc#1194638). +- commit 232ac66 + +- KVM: x86/mmu: Rename cr2_or_gpa to gpa in fast_page_fault + (bsc#1194636). +- commit 748abc3 + +- optee: Suppress false positive kmemleak report in + optee_handle_rpc() (jsc#SLE-21844). +- tee: optee: Fix incorrect page free bug (jsc#SLE-21844). +- tee: amdtee: fix an IS_ERR() vs NULL bug (jsc#SLE-21844). +- optee: smc_abi.c: add missing #include + (jsc#SLE-21844). +- commit 818bd23 + +- net/smc: Clear memory when release and reuse buffer + (jsc#SLE-18331). +- commit 7a4e5bd + +- net/smc: Keep smc_close_final rc during active close + (git-fixes). +- net/smc: Don't call clcsock shutdown twice when smc shutdown + (git-fixes). +- commit 22f3071 + +- net/smc: fix kernel panic caused by race of smc_sock + (git-fixes). +- net/smc: don't send CDC/LLC message if link not ready + (git-fixes). +- net/smc: fix using of uninitialized completions (git-fixes). +- net/smc: Prevent smc_release() from long blocking (git-fixes). +- net/smc: fix wrong list_del in smc_lgr_cleanup_early + (git-fixes). +- net/smc: Fix loop in smc_listen (git-fixes). +- net/smc: Fix NULL pointer dereferencing in smc_vlan_by_tcpsk() + (git-fixes). +- net/smc: Ensure the active closing peer first closes clcsock + (git-fixes). +- net/smc: Clean up local struct sock variables (git-fixes). +- net/smc: Make sure the link_id is unique (git-fixes). +- commit 8fbf330 + +- optee: fix kfree NULL pointer (jsc#SLE-21844). +- optee: Fix spelling mistake "reclain" -> "reclaim" + (jsc#SLE-21844). +- firmware: arm_ffa: Remove unused 'compat_version' variable + (jsc#SLE-21844). +- firmware: arm_ffa: Add support for MEM_LEND (jsc#SLE-21844). +- firmware: arm_ffa: Handle compatibility with different firmware + versions (jsc#SLE-21844). +- optee: add FF-A support (jsc#SLE-21844). +- optee: isolate smc abi (jsc#SLE-21844). +- optee: refactor driver with internal callbacks (jsc#SLE-21844). +- optee: simplify optee_release() (jsc#SLE-21844). +- commit 5c29442 + +- tee: add sec_world_id to struct tee_shm (jsc#SLE-21844). +- Refresh + patches.suse/tee-handle-lookup-of-shm-with-reference-count-0.patch. +- commit 16de057 + +- tee/optee/shm_pool: fix application of sizeof to pointer + (jsc#SLE-21844). +- commit a041250 + +- selftests: KVM: avoid failures due to reserved HyperTransport + region (bsc#1194396). +- commit dc525da + +- net/smc: Print function name in smcr_link_down tracepoint + (jsc#SLE-18331). +- net/smc: Introduce tracepoint for smcr link down + (jsc#SLE-18331). +- net/smc: Introduce tracepoints for tx and rx msg + (jsc#SLE-18331). +- net/smc: Introduce tracepoint for fallback (jsc#SLE-18331). +- net/smc: stop links when their GID is removed (jsc#SLE-18331). +- net/smc: add netlink support for SMC-Rv2 (jsc#SLE-18331). +- net/smc: extend LLC layer for SMC-Rv2 (jsc#SLE-18331). +- net/smc: add v2 support to the work request layer + (jsc#SLE-18331). +- net/smc: retrieve v2 gid from IB device (jsc#SLE-18331). +- net/smc: add v2 format of CLC decline message (jsc#SLE-18331). +- net/smc: add listen processing for SMC-Rv2 (jsc#SLE-18331). +- net/smc: add SMC-Rv2 connection establishment (jsc#SLE-18331). +- net/smc: prepare for SMC-Rv2 connection (jsc#SLE-18331). +- net/smc: save stack space and allocate smc_init_info + (jsc#SLE-18331). +- net/smc: add generic netlink support for system EID + (jsc#SLE-18331). +- net/smc: keep static copy of system EID (jsc#SLE-18331). +- net/smc: add support for user defined EIDs (jsc#SLE-18331). +- net/smc: Allow SMC-D 1MB DMB allocations (jsc#SLE-18331). +- commit f31e069 + +- clk: bm1880: remove kfrees on static allocations (git-fixes). +- clk: qcom: gcc-sc7280: Mark gcc_cfg_noc_lpass_clk always enabled + (git-fixes). +- clk: imx8mn: Fix imx8mn_clko1_sels (git-fixes). +- clk: stm32: Fix ltdc's clock turn off by clk_disable_unused() + after system enter shell (git-fixes). +- clk: Emit a stern warning with writable debugfs enabled + (git-fixes). +- clk: Gemini: fix struct name in kernel-doc (git-fixes). +- clk: imx: pllv1: fix kernel-doc notation for struct clk_pllv1 + (git-fixes). +- leds: lp55xx: initialise output direction from dts (git-fixes). +- usb: gadget: u_audio: Subdevice 0 for capture ctls (git-fixes). +- usb: dwc2: do not gate off the hardware if it does not support + clock gating (git-fixes). +- usb: dwc3: qcom: Fix NULL vs IS_ERR checking in dwc3_qcom_probe + (git-fixes). +- usb: ftdi-elan: fix memory leak on device disconnect + (git-fixes). +- serial: stm32: move tx dma terminate DMA to shutdown + (git-fixes). +- serial: liteuart: fix MODULE_ALIAS (git-fixes). +- serial: 8250_bcm7271: Propagate error codes from + brcmuart_probe() (git-fixes). +- serial: Fix incorrect rs485 polarity on uart open (git-fixes). +- serial: amba-pl011: do not request memory region twice + (git-fixes). +- tty: serial: uartlite: allow 64 bit address (git-fixes). +- tty: serial: atmel: Call dma_async_issue_pending() (git-fixes). +- tty: serial: atmel: Check return code of dmaengine_submit() + (git-fixes). +- staging: rtl8192e: rtllib_module: fix error handle case in + alloc_rtllib() (git-fixes). +- staging: rtl8192e: return error code from rtllib_softmac_init() + (git-fixes). +- drivers/firmware: Add missing platform_device_put() in + sysfb_create_simplefb (git-fixes). +- pinctrl: renesas: rza1: Fix kerneldoc function names + (git-fixes). +- floppy: Fix hang in watchdog when disk is ejected (git-fixes). +- commit 13cce41 + +- scsi: vmw_pvscsi: Set residual data length conditionally + (git-fixes). +- scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() + (git-fixes). +- commit 4c59c88 + +- Move mpi3mr driver to being fully supported (bsc#1194578) +- commit 8f564bb + +- blacklist.conf: f28439db470c ("tracing: Tag trace_percpu_buffer as a percpu pointer") + It fixes a sparse warning only. +- commit f67dade + +- tracing: Fix check for trace_percpu_buffer validity in + get_trace_buf() (git-fixes). +- commit 8ff3def + +- drm: Enable support for simpledrm devices on x86-64 (jsc#SLE-18823) + - enable support for simple-framebuffer devices + - disabled by default +- commit 74f8512 + +- cgroup: Use open-time cgroup namespace for process migration + perm checks (bsc#1194302 CVE-2021-4197). +- cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv + (bsc#1194302 CVE-2021-4197). +- cgroup: Use open-time credentials for process migraton perm + checks (bsc#1194302 CVE-2021-4197). +- commit 91b620d + +- firmware/sysfb: Add parameter to enable sysfb support (jsc#SLE-18823) +- commit afbe6c6 + +- s390: add HWCAP_S390_PCI_MIO to ELF hwcaps (jsc#SLE-23099). +- s390/disassembler: add instructions (jsc#SLE-18634). +- s390: report more CPU capabilities (jsc#SLE-18634). +- commit f81382d + +- fget: clarify and improve __fget_files() implementation + (bsc#1193727). +- commit 5f0b9f7 + +- fget: check that the fd still exists after getting a ref to it + (bsc#1193727 CVE-2021-4083). +- commit 2321692 + +- tpm: fix NPE on probe for missing device (git-fixes). +- tpm: fix potential NULL pointer access in tpm_del_char_device + (git-fixes). +- tpm_tis: Fix an error handling path in 'tpm_tis_core_init()' + (git-fixes). +- tpm: add request_locality before write TPM_INT_ENABLE + (git-fixes). +- spi: uniphier: Fix a bug that doesn't point to private data + correctly (git-fixes). +- usb: mtu3: fix interval value for intr and isoc (git-fixes). +- commit c4bbaa3 + +- selinux: fix potential memleak in selinux_add_opt() (git-fixes). +- spi: spi-meson-spifc: Add missing pm_runtime_disable() in + meson_spifc_probe (git-fixes). +- spi: spi-rspi: Drop redeclaring ret variable in + qspi_transfer_in() (git-fixes). +- spi: hisi-kunpeng: Fix the debugfs directory name incorrect + (git-fixes). +- regulator: qcom-labibb: OCP interrupts are not a failure while + disabled (git-fixes). +- regulator: Drop unnecessary struct member (git-fixes). +- regmap: Call regmap_debugfs_exit() prior to _init() (git-fixes). +- power: reset: mt6397: Check for null res pointer (git-fixes). +- power: bq25890: Enable continuous conversion for ADC at charging + (git-fixes). +- rndis_host: support Hytera digital radios (git-fixes). +- commit 8693eaa + +- mtd: rawnand: mpc5121: Remove unused variable in + ads5121_select_chip() (git-fixes). +- mtd: rawnand: ingenic: JZ4740 needs 'oob_first' read page + function (git-fixes). +- mtd: rawnand: Export nand_read_page_hwecc_oob_first() + (git-fixes). +- mtd: rawnand: davinci: Rewrite function description (git-fixes). +- mtd: rawnand: davinci: Avoid duplicated page read (git-fixes). +- mtd: rawnand: davinci: Don't calculate ECC when reading page + (git-fixes). +- mtd: hyperbus: rpc-if: fix bug in rpcif_hb_remove (git-fixes). +- mtd: hyperbus: rpc-if: Check return value of rpcif_sw_init() + (git-fixes). +- Revert "net: usb: r8152: Add MAC passthrough support for more + Lenovo Docks" (git-fixes). +- commit d77e38e + +- pcmcia: fix setting of kthread task states (git-fixes). +- pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in + nonstatic_find_mem_region() (git-fixes). +- pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in + __nonstatic_find_io_region() (git-fixes). +- commit 291cf9b + +- kernel/locking: Use a pointer in ww_mutex_trylock() (git-fixes). +- lib/logic_iomem: Fix operation on 32-bit (git-fixes). +- lib/logic_iomem: Fix 32-bit build (git-fixes). +- mmc: meson-mx-sdio: add IRQ check (git-fixes). +- mmc: meson-mx-sdhc: add IRQ check (git-fixes). +- mfd: intel-lpss: Fix too early PM enablement in the ACPI + - >probe() (git-fixes). +- mtd: core: provide unique name for nvmem device (git-fixes). +- mtd: Fixed breaking list in __mtd_del_partition (git-fixes). +- lib/mpi: Add the return value check of kcalloc() (git-fixes). +- mISDN: change function names to avoid conflicts (git-fixes). +- commit 9a0c88a + +- HID: hid-uclogic-params: Invalid parameter check in + uclogic_params_frame_init_v1_buttonpad (git-fixes). +- HID: hid-uclogic-params: Invalid parameter check in + uclogic_params_huion_init (git-fixes). +- HID: hid-uclogic-params: Invalid parameter check in + uclogic_params_get_str_desc (git-fixes). +- HID: hid-uclogic-params: Invalid parameter check in + uclogic_params_init (git-fixes). +- hwmon: (mr75203) fix wrong power-up delay value (git-fixes). +- drm/amdgpu: disable runpm if we are the primary adapter + (git-fixes). +- fbdev: fbmem: add a helper to determine if an aperture is used + by a fw fb (git-fixes). +- drm/amd/pm: keep the BACO feature enabled for suspend + (git-fixes). +- drm/amdgpu: fix dropped backing store handling in + amdgpu_dma_buf_move_notify (git-fixes). +- drm/amd/display: Added power down for DCN10 (git-fixes). +- commit 49a64a1 + +- drm/i915/backlight: extract backlight code to a separate file + (git-fixes). +- Refresh + patches.suse/drm-i915-dp-Perform-30ms-delay-after-source-OUI-writ.patch. +- commit de43291 + +- crypto: x86/aesni - don't require alignment of data (git-fixes). +- crypto: stm32/crc32 - Fix kernel BUG triggered in probe() + (git-fixes). +- docs: automarkup.py: Fix invalid HTML link output and broken + URI fragments (git-fixes). +- Documentation: refer to config RANDOMIZE_BASE for kernel + address-space randomization (git-fixes). +- drm/amd/display: fix B0 TMDS deepcolor no dislay issue + (git-fixes). +- drm/amdgpu: put SMU into proper state on runpm suspending for + BOCO capable platform (git-fixes). +- drm/amdgpu: always reset the asic in suspend (v2) (git-fixes). +- drm/amd/pm: skip setting gfx cgpg in the s0ix suspend-resume + (git-fixes). +- drm/amd/pm: Fix xgmi link control on aldebaran (git-fixes). +- drm/i915: Add support for panels with VESA backlights with + PWM enable/disable (git-fixes). +- drm/i915/backlight: mass rename functions to have + intel_backlight_ prefix (git-fixes). +- commit 941e68f + +- crypto: omap-aes - Fix broken pm_runtime_and_get() usage + (git-fixes). +- crypto: octeontx2 - prevent underflow in get_cores_bmap() + (git-fixes). +- crypto: stm32 - Revert broken pm_runtime_resume_and_get changes + (git-fixes). +- crypto: stm32/cryp - fix bugs and crash in tests (git-fixes). +- crypto: stm32/cryp - fix lrw chaining mode (git-fixes). +- crypto: stm32/cryp - fix double pm exit (git-fixes). +- crypto: stm32/cryp - check early input data (git-fixes). +- crypto: stm32/cryp - fix xts and race condition in crypto_engine + requests (git-fixes). +- crypto: stm32/cryp - fix CTR counter carry (git-fixes). +- crypto: octeontx2 - uninitialized variable in kvf_limits_store() + (git-fixes). +- commit 1f3d99d + +- backlight: qcom-wled: Override default length with + qcom,enabled-strings (git-fixes). +- backlight: qcom-wled: Fix off-by-one maximum with default + num_strings (git-fixes). +- backlight: qcom-wled: Pass number of elements to read to + read_u32_array (git-fixes). +- backlight: qcom-wled: Validate enabled string indices in DT + (git-fixes). +- crypto: qce - fix uaf on qce_skcipher_register_one (git-fixes). +- crypto: qce - fix uaf on qce_ahash_register_one (git-fixes). +- crypto: qce - fix uaf on qce_aead_register_one (git-fixes). +- atlantic: Fix buff_ring OOB in aq_ring_rx_clean (git-fixes). +- auxdisplay: charlcd: checking for pointer reference before + dereferencing (git-fixes). +- commit 85744be + +- Move upstreamed caam patches into sorted section +- commit c0716a1 + +- vfs: fs_context: fix up param length parsing in legacy_parse_param + (CVE-2022-0185 bsc#1194517). +- vfs: Out-of-bounds write of heap buffer in fs_context.c + (CVE-2022-0185 bsc#1194517). +- commit 4eff35e + +- Refresh and reenable patches.suse/powerpc-Add-kABI-placeholder-to-struct-pci_controlle.patch. +- commit 0662bab + +- Move upstreamed i915 patch into sorted section +- commit ab774ad + +- Drop a bogus DRM patch that has been already cherry-picked +- commit 74d26f7 + +- thunderbolt: xdomain: Avoid potential stack OOB read + (jsc#SLE-19356 jsc#SLE-19358 jsc#SLE-19359). +- commit b3e0efa + +- Update patch references for NFC security fixes (CVE-2021-4202 bsc#1194529) +- commit 73f05a8 + +- RDMA/core: Don't infoleak GRH fields (jsc#SLE-19249). +- RDMA/uverbs: Check for null return of kmalloc_array + (jsc#SLE-19249). +- Revert "RDMA/mlx5: Fix releasing unallocated memory in dereg + MR flow" (jsc#SLE-19253). +- RDMA/rxe: Prevent double freeing rxe_map_set() (jsc#SLE-19249). +- iavf: Fix limit of total number of queues to active queues of VF + (jsc#SLE-18385). +- i40e: Fix incorrect netdev's real number of RX/TX queues + (jsc#SLE-18378). +- i40e: Fix for displaying message regarding NVM version + (jsc#SLE-18378). +- i40e: fix use-after-free in i40e_sync_filters_subtask() + (jsc#SLE-18378). +- i40e: Fix to not show opcode msg on unsuccessful VF MAC change + (jsc#SLE-18378). +- sfc: The RX page_ring is optional (git-fixes). +- sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc + (git-fixes). +- net: ena: Fix error handling when calculating max IO queues + number (git-fixes). +- net: ena: Fix wrong rx request id by resetting device + (git-fixes). +- net: ena: Fix undefined state when tx request id is out of + bounds (git-fixes). +- commit 47d0d9d + +- thunderbolt: Add module parameter for CLx disabling + (jsc#SLE-19359). +- commit 2edbb7d + +- thunderbolt: Enable CL0s for Intel Titan Ridge (jsc#SLE-19359). +- commit 78214f0 + +- thunderbolt: Rename Intel TB_VSE_CAP_IECS capability + (jsc#SLE-19356 jsc#SLE-19357 jsc#SLE-19358 jsc#SLE-19359). +- commit 77795ca + +- thunderbolt: Implement TMU time disruption for Intel Titan Ridge + (jsc#SLE-19359). +- commit a599ed6 + +- thunderbolt: Move usb4_switch_wait_for_bit() to switch.c + (jsc#SLE-19356 jsc#SLE-19357 jsc#SLE-19358 jsc#SLE-19359). +- commit 654869f + +- thunderbolt: Add CL0s support for USB4 routers (jsc#SLE-19359). +- commit 2d3b539 + +- thunderbolt: Add TMU uni-directional mode (jsc#SLE-19358 + jsc#SLE-19359). +- commit 55afa32 + +- thunderbolt: Check return value of kmemdup() in + icm_handle_event() (jsc#SLE-19358). +- commit 1d198a8 + +- thunderbolt: Do not dereference fwnode in struct device + (jsc#SLE-19356 jsc#SLE-19357 jsc#SLE-19358 jsc#SLE-19359). +- commit 6c6f018 + +- thunderbolt: Add debug logging of DisplayPort resource + allocation (jsc#SLE-19356). +- commit c30ad8a + +- thunderbolt: Do not allow subtracting more NFC credits than + configured (jsc#SLE-19359). +- commit 6830e6c + +- thunderbolt: Runtime resume USB4 port when retimers are scanned + (jsc#SLE-19359). +- commit d68139f + +- thunderbolt: Runtime PM activate both ends of the device link + (jsc#SLE-19356 jsc#SLE-19359). +- commit 7b8a05d + +- iwlwifi: mvm: Use div_s64 instead of do_div in + iwl_mvm_ftm_rtt_smoothing() (git-fixes). +- drm/amd/display: Fix DPIA outbox timeout after S3/S4/reset + (git-fixes). +- commit fbf8c6a + +- wcn36xx: Fix max channels retrieval (git-fixes). +- wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma + (git-fixes). +- wcn36xx: fix RX BD rate mapping for 5GHz legacy rates + (git-fixes). +- wcn36xx: populate band before determining rate on RX + (git-fixes). +- commit e2ed707 + +- software node: fix wrong node passed to find nargs_prop + (git-fixes). +- thermal/drivers/int340x: Fix RFIM mailbox write commands + (git-fixes). +- thermal/drivers/imx8mm: Enable ADC when enabling monitor + (git-fixes). +- thermal/drivers/imx: Implement runtime PM support (git-fixes). +- rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() + with interrupts enabled (git-fixes). +- wcn36xx: Put DXE block into reset before freeing memory + (git-fixes). +- wcn36xx: Release DMA channel descriptor allocations (git-fixes). +- wcn36xx: Fix DMA channel enable/disable cycle (git-fixes). +- wcn36xx: Indicate beacon not connection loss on + MISSED_BEACON_IND (git-fixes). +- wcn36xx: ensure pairing of init_scan/finish_scan and + start_scan/end_scan (git-fixes). +- commit 33d2ad1 + +- PCI/ACPI: Fix acpi_pci_osc_control_set() kernel-doc comment + (git-fixes). +- mt76: mt7921: drop offload_flags overwritten (git-fixes). +- mwifiex: Fix possible ABBA deadlock (git-fixes). +- media: hantro: Fix probe func error path (git-fixes). +- media: ov8865: Disable only enabled regulators on error path + (git-fixes). +- media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes + (git-fixes). +- media: msi001: fix possible null-ptr-deref in msi001_probe() + (git-fixes). +- media: dw2102: Fix use after free (git-fixes). +- memory: renesas-rpc-if: Return error in case + devm_ioremap_resource() fails (git-fixes). +- commit 5b0b74d + +- media: streamzap: remove unnecessary ir_raw_event_reset and + handle (git-fixes). +- media: si2157: Fix "warm" tuner state detection (git-fixes). +- media: cec-pin: fix interrupt en/disable handling (git-fixes). +- media: saa7146: mxb: Fix a NULL pointer dereference in + mxb_attach() (git-fixes). +- media: dib8000: Fix a memleak in dib8000_init() (git-fixes). +- media: uvcvideo: fix division by zero at stream start + (git-fixes). +- media: venus: core: Fix a resource leak in the error handling + path of 'venus_probe()' (git-fixes). +- media: venus: core: Fix a potential NULL pointer dereference + in an error handling path (git-fixes). +- media: venus: correct low power frequency calculation for + encoder (git-fixes). +- media: coda: fix CODA960 JPEG encoder buffer overflow + (git-fixes). +- commit ad9c38c + +- media: mtk-vcodec: call v4l2_m2m_ctx_release first when file + is released (git-fixes). +- media: si470x-i2c: fix possible memory leak in + si470x_i2c_probe() (git-fixes). +- media: imx-pxp: Initialize the spinlock prior to using it + (git-fixes). +- media: rcar-csi2: Optimize the selection PHTW register + (git-fixes). +- media: rcar-csi2: Correct the selection of hsfreqrange + (git-fixes). +- media: i2c: ov8865: Fix lockdep error (git-fixes). +- media: i2c: Re-order runtime pm initialisation (git-fixes). +- media: i2c: imx274: fix trivial typo obainted/obtained + (git-fixes). +- media: i2c: imx274: fix trivial typo expsoure/exposure + (git-fixes). +- media: i2c: imx274: fix s_frame_interval runtime resume not + requested (git-fixes). +- commit 2f34e23 + +- media: dib0700: fix undefined behavior in tuner shutdown + (git-fixes). +- media: dmxdev: fix UAF when dvb_register_device() fails + (git-fixes). +- media: stk1160: fix control-message timeouts (git-fixes). +- media: s2255: fix control-message timeouts (git-fixes). +- media: pvrusb2: fix control-message timeouts (git-fixes). +- media: em28xx: fix control-message timeouts (git-fixes). +- media: cpia2: fix control-message timeouts (git-fixes). +- media: flexcop-usb: fix control-message timeouts (git-fixes). +- media: redrat3: fix control-message timeouts (git-fixes). +- media: mceusb: fix control-message timeouts (git-fixes). +- commit da51464 + +- media: correct MEDIA_TEST_SUPPORT help text (git-fixes). +- media: aspeed: Update signal status immediately to ensure sane + hw state (git-fixes). +- media: v4l2-ioctl.c: readbuffers depends on V4L2_CAP_READWRITE + (git-fixes). +- media: em28xx: fix memory leak in em28xx_init_dev (git-fixes). +- media: aspeed: fix mode-detect always time out at 2nd run + (git-fixes). +- media: atomisp: fix uninitialized bug in + gmin_get_pmic_id_and_addr() (git-fixes). +- media: atomisp: fix ifdefs in sh_css.c (git-fixes). +- media: atomisp: fix inverted error check for + ia_css_mipi_is_source_port_valid() (git-fixes). +- media: atomisp: do not use err var when checking port validity + for ISP2400 (git-fixes). +- commit 54c82b7 + +- iwlwifi: mvm: set protected flag only for NDP ranging + (git-fixes). +- iwlwifi: mvm: perform 6GHz passive scan after suspend + (git-fixes). +- iwlwifi: mvm: test roc running status bits before removing + the sta (git-fixes). +- iwlwifi: mvm: fix 32-bit build in FTM (git-fixes). +- iwlwifi: fix Bz NMI behaviour (git-fixes). +- media: atomisp: fix inverted logic in buffers_needed() + (git-fixes). +- media: atomisp: fix punit_ddr_dvfs_enable() argument for + mrfld_power up case (git-fixes). +- media: atomisp: add missing media_device_cleanup() in + atomisp_unregister_entities() (git-fixes). +- gpu: host1x: Add back arm_iommu_detach_device() (git-fixes). +- gpu: host1x: Drop excess kernel-doc entry @key (git-fixes). +- commit ddae815 + +- drm/amd/display: Fix the uninitialized variable in + enable_stream_features() (git-fixes). +- drm/msm/dpu: fix safe status debugfs file (git-fixes). +- drm/msm/dp: displayPort driver need algorithm rational + (git-fixes). +- drm/vmwgfx: Remove explicit transparent hugepages support + (git-fixes). +- drm/tegra: vic: Fix DMA API misuse (git-fixes). +- drm/tegra: gr2d: Explicitly control module reset (git-fixes). +- drm/amd/pm: fix a potential gpu_metrics_table memory leak + (git-fixes). +- drm/amd/display: Fix out of bounds access on DNC31 stream + encoder regs (git-fixes). +- drm/amd/display: Fix bug in debugfs crc_win_update entry + (git-fixes). +- drm/radeon/radeon_kms: Fix a NULL pointer dereference in + radeon_driver_open_kms() (git-fixes). +- commit dd193ee + +- drm/amdgpu: Fix a NULL pointer dereference in + amdgpu_connector_lcd_native_mode() (git-fixes). +- drm/bridge: ti-sn65dsi86: Set max register for regmap + (git-fixes). +- drm/vmwgfx: Fail to initialize on broken configs (git-fixes). +- drm/vmwgfx: Remove the deprecated lower mem limit (git-fixes). +- drm/amd/display: Fix DPIA outbox timeout after GPU reset + (git-fixes). +- drm/vboxvideo: fix a NULL vs IS_ERR() check (git-fixes). +- drm/dp: Don't read back backlight mode in + drm_edp_backlight_enable() (git-fixes). +- drm/vc4: crtc: Copy assigned channel to the CRTC (git-fixes). +- drm/vc4: Fix non-blocking commit getting stuck forever + (git-fixes). +- drm/vc4: crtc: Drop feed_txp from state (git-fixes). +- commit fd31773 + +- drm/bridge: analogix_dp: Make PSR-exit block less (git-fixes). +- drm/vc4: hdmi: Enable the scrambler on reconnection (git-fixes). +- drm/vc4: crtc: Make sure the HDMI controller is powered when + disabling (git-fixes). +- drm/vc4: hdmi: Rework the pre_crtc_configure error handling + (git-fixes). +- drm/vc4: hdmi: Make sure the controller is powered up during + bind (git-fixes). +- drm/vc4: hdmi: Make sure the controller is powered in detect + (git-fixes). +- drm/vc4: hdmi: Move the HSM clock enable to runtime_pm + (git-fixes). +- drm/vc4: hdmi: Set a default HSM rate (git-fixes). +- drm/rockchip: dsi: Disable PLL clock on bind error (git-fixes). +- commit c836251 + +- Documentation: ACPI: Fix data node reference documentation + (git-fixes). +- dma_fence_array: Fix PENDING_ERROR leak in + dma_fence_array_signaled() (git-fixes). +- drm/rockchip: dsi: Fix unbalanced clock on probe error + (git-fixes). +- drm/rockchip: dsi: Reconfigure hardware on resume() (git-fixes). +- drm/rockchip: dsi: Hold pm-runtime across bind/unbind + (git-fixes). +- drm/panel: innolux-p079zca: Delete panel on attach() failure + (git-fixes). +- drm/panel: kingdisplay-kd097d04: Delete panel on attach() + failure (git-fixes). +- drm: fix null-ptr-deref in drm_dev_init_release() (git-fixes). +- drm/bridge: display-connector: fix an uninitialized pointer + in probe() (git-fixes). +- Documentation, arch: Remove leftovers from raw device + (git-fixes). +- commit c33b5df + +- device property: Fix documentation for + FWNODE_GRAPH_DEVICE_DISABLED (git-fixes). +- device property: Fix fwnode_graph_devcon_match() fwnode leak + (git-fixes). +- can: gs_usb: gs_can_start_xmit(): zero-initialize + hf->{flags,reserved} (git-fixes). +- can: xilinx_can: xcan_probe(): check for error irq (git-fixes). +- can: softing: softing_startstop(): fix set but not used variable + warning (git-fixes). +- can: softing_cs: softingcs_probe(): fix memleak on registration + failure (git-fixes). +- can: isotp: convert struct tpcon::{idx,len} to unsigned int + (git-fixes). +- can: gs_usb: fix use of uninitialized variable, detach device + on reception of invalid USB data (git-fixes). +- clk: bcm-2835: Remove rounding up the dividers (git-fixes). +- clk: bcm-2835: Pick the closest clock rate (git-fixes). +- commit ccff551 + +- Bluetooth: L2CAP: uninitialized variables in + l2cap_sock_setsockopt() (git-fixes). +- Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in + qca_serdev_probe (git-fixes). +- Bluetooth: hci_bcm: Check for error irq (git-fixes). +- can: mcp251xfd: add missing newline to printed strings + (git-fixes). +- can: mcp251xfd: mcp251xfd_tef_obj_read(): fix typo in error + message (git-fixes). +- can: usb_8dev: remove unused member echo_skb from struct + usb_8dev_priv (git-fixes). +- Bluetooth: hci_qca: Stop IBS timer during BT OFF (git-fixes). +- Bluetooth: L2CAP: Fix using wrong mode (git-fixes). +- Bluetooth: btmtksdio: fix resume failure (git-fixes). +- commit 9c9f45a + +- ax25: uninitialized variable in ax25_setsockopt() (git-fixes). +- ath11k: Fix a NULL pointer dereference in + ath11k_mac_op_hw_scan() (git-fixes). +- ath11k: Fix deleting uninitialized kernel timer during fragment + cache flush (git-fixes). +- ath11k: Fix buffer overflow when scanning with extraie + (git-fixes). +- Bluetooth: stop proccessing malicious adv data (git-fixes). +- Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() + fails (git-fixes). +- Bluetooth: virtio_bt: fix memory leak in virtbt_rx_handle() + (git-fixes). +- Bluetooth: btusb: fix memory leak in + btusb_mtk_submit_wmt_recv_urb() (git-fixes). +- Bluetooth: btusb: Fix application of sizeof to pointer + (git-fixes). +- Bluetooth: L2CAP: Fix not initializing sk_peer_pid (git-fixes). +- commit 1874423 + +- ACPI: EC: Rework flushing of EC work while suspended to idle + (git-fixes). +- ACPI: scan: Create platform device for BCM4752 and LNV4752 + ACPI nodes (git-fixes). +- ath10k: Fix the MTU size on QCA9377 SDIO (git-fixes). +- ath11k: Use host CE parameters for CE interrupts configuration + (git-fixes). +- ath11k: reset RSN/WPA present state for open BSS (git-fixes). +- ath11k: clear the keys properly via DISABLE_KEY (git-fixes). +- ath11k: Fix ETSI regd with weather radar overlap (git-fixes). +- ath11k: Send PPDU_STATS_CFG with proper pdev mask to firmware + (git-fixes). +- commit daa87ce + +- Move upstreamed media and wireless patches into sorted section +- commit 0e89c6b + +- Update + patches.suse/0001-crypto-implement-downstream-solution-for-disabling-d.patch + (jsc#SLE-21132,bsc#1191270,bsc#1193976). +- commit 3bec270 + +- EDAC/i10nm: Release mdev/mbase when failing to detect HBM + (bsc#1190497). +- commit fd0b06f + +- Delete + patches.suse/sched-fair-Adjust-the-allowed-NUMA-imbalance-when-SD_NUMA-spans-multiple-LLCs.patch. +- Delete + patches.suse/sched-fair-Use-weight-of-SD_NUMA-domain-in-find_busiest_group.patch. + To be updated. +- commit d4407e8 + +- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like + fallocate (bsc#1194272 CVE-2021-4155). +- commit a336d8d + +- Input: zinitix - make sure the IRQ is allocated before it gets + enabled (git-fixes). +- Revert "drm/amdgpu: stop scheduler when calling hw_fini (v2)" + (git-fixes). +- i2c: mpc: Avoid out of bounds memory access (git-fixes). +- power: reset: ltc2952: Fix use of floating point literals + (git-fixes). +- power: supply: core: Break capacity loop (git-fixes). +- commit a4fc8b8 + +- x86/kvm: Add kexec support for SEV Live Migration (bsc#1194316). +- commit 984f004 + +- x86/kvm: Add guest support for detecting and enabling SEV Live + Migration feature (bsc#1194316). +- Refresh + patches.suse/0001-kvm-Reintroduce-nopvspin-kernel-parameter.patch. +- commit 339e71a + +- EFI: Introduce the new AMD Memory Encryption GUID (bsc#1194316). +- mm: x86: Invoke hypercall when page encryption status is changed + (bsc#1194316). +- x86/kvm: Add AMD SEV specific Hypercall3 (bsc#1194316). +- commit 9fae40a + +- tee: handle lookup of shm with reference count 0 (bsc#1193767 + CVE-2021-44733). +- commit 9b249a9 + +- sched/fair: Prevent dead task groups from regaining cfs_rq's + (bsc#1192837). +- commit 06f21e0 + +- debugfs: lockdown: Allow reading debugfs files that are not + world readable (bsc#1193328 ltc#195566). +- commit 57aefb3 + +- drm/ast: Create the driver for ASPEED proprietory Display-Port (jsc#SLE-19299) +- commit 6e5bebf + +- drm/ast: Enable the supporting of wide screen on AST2600 (jsc#SLE-19299) +- commit 20901d9 + +- rpm/kernel-binary.spec.in: Add Provides of kernel-preempt (jsc#SLE-18857) + For smooth migration with the former kernel-preempt user, kernel-default + provides kernel-preempt now when CONFIG_PREEMPT_DYNAMIC is defined. +- commit a877782 + +- Refresh BT workaround patch (bsc#1193124) + Fix yet another broken device 8086:0aa7 +- commit 97575af + +- drm/amdgpu: add support for IP discovery gc_info table v2 + (git-fixes). +- commit ddac46e + +- ieee802154: atusb: fix uninit value in atusb_set_extended_addr + (git-fixes). +- mac80211: mesh: embedd mesh_paths and mpp_paths into + ieee80211_if_mesh (git-fixes). +- mac80211: initialize variable have_higher_than_11mbit + (git-fixes). +- batman-adv: mcast: don't send link-local multicast to mcast + routers (git-fixes). +- Input: spaceball - fix parsing of movement data packets + (git-fixes). +- drm/amdgpu: When the VCN(1.0) block is suspended, powergating + is explicitly enabled (git-fixes). +- platform/x86: apple-gmux: use resource_size() with res + (git-fixes). +- platform/mellanox: mlxbf-pmc: Fix an IS_ERR() vs NULL bug in + mlxbf_pmc_map_counters (git-fixes). +- ALSA: hda: intel-sdw-acpi: go through HDAS ACPI at max depth + of 2 (git-fixes). +- ALSA: hda: intel-sdw-acpi: harden detection of controller + (git-fixes). +- tomoyo: use hwight16() in tomoyo_domain_quota_is_ok() + (git-fixes). +- tomoyo: Check exceeded quota early in + tomoyo_domain_quota_is_ok() (git-fixes). +- commit 9651cf1 + +- scsi: core: Fix scsi_device_max_queue_depth() (bsc#1194317). +- commit 3a8ce65 + +- Update + patches.suse/cpufreq-ondemand-set-default-up_threshold-to-30-on-multi-core-systems.patch + (bsc#464461,bsc#981838,bsc#1064414,bsc#1144943,bsc#1193200). +- commit 4e8aa41 + +- x86/sev: Carve out HV call's return value verification + (jsc#SLE-19924). +- Refresh + patches.suse/x86-sev-expose-sev_es_ghcb_hv_call-for-use-by-hyperv. +- commit 7220981 + +- powerpc/fadump: Fix inaccurate CPU state info in vmcore + generated with panic (bsc#1193901 ltc#194976). +- powerpc: handle kdump appropriately with + crash_kexec_post_notifiers option (bsc#1193901 ltc#194976). +- commit 7a55b80 + +- Refresh + patches.suse/ext4-Support-for-checksumming-from-journal-triggers.patch. +- commit 37abf0d + +- filesystems/locking: fix Malformed table warning (bsc#1194346). +- commit d6bb90b + +- cifs: Fix race between hole punch and page fault (bsc#1194346). +- commit b378137 + +- ceph: Fix race between hole punch and page fault (bsc#1194346). +- commit 0d112ab + +- fuse: Convert to using invalidate_lock (bsc#1194346). +- commit 5d819b0 + +- f2fs: Convert to using invalidate_lock (bsc#1194346). +- commit 9764db7 + +- zonefs: Convert to using invalidate_lock (bsc#1194346). +- commit c847453 + +- xfs: Convert double locking of MMAPLOCK to use VFS helpers + (bsc#1194346). +- commit ec46016 + +- xfs: Convert to use invalidate_lock (bsc#1194346). +- commit af165b9 + +- xfs: Refactor xfs_isilocked() (bsc#1194346). +- commit d308a96 + +- ext2: Convert to using invalidate_lock (bsc#1194346). +- commit 2e31ef0 + +- ext4: Convert to use mapping->invalidate_lock (bsc#1194346). +- commit 2285a90 + +- documentation: Sync file_operations members with reality + (bsc#1194346). +- commit ceb27b8 + +- powerpc/xmon: Dump XIVE information for online-only processors + (bsc#1193482 ltc#195600). +- commit 5695527 + +- thunderbolt: Do not program path HopIDs for USB4 routers + (jsc#SLE-19357). +- commit 4027086 + +- ext4: prevent partial update of the extent blocks (bsc#1194163). +- ext4: check for inconsistent extents between index and leaf + block (bsc#1194163). +- ext4: check for out-of-order index extents in + ext4_valid_extent_entries() (bsc#1194163). +- ext4: Support for checksumming from journal triggers + (bsc#1194163). + Refresh + patches.suse/ext4-correct-the-error-path-of-ext4_write_inline_dat.patch +- commit 52d77cb + +- thunderbolt: Tear down existing tunnels when resuming from + hibernate (jsc#SLE-19357). +- commit 06feed9 + +- Update + patches.suse/netdevsim-Zero-initialize-memory-for-new-map-s-value.patch + (bsc#1193927 CVE-2021-4135). + Added CVE number. +- commit 660e423 + +- KVM: SEV: unify cgroup cleanup code for svm_vm_migrate_from + (jsc#SLE-19924). +- KVM: SEV: Add support for SEV-ES intra host migration + (jsc#SLE-19924). +- KVM: SEV: Add support for SEV intra host migration + (jsc#SLE-19924). +- KVM: SEV: provide helpers to charge/uncharge misc_cg + (jsc#SLE-19924). +- KVM: generalize "bugged" VM to "dead" VM (jsc#SLE-19924). +- KVM: SEV: Refactor out sev_es_state struct (jsc#SLE-19924). +- KVM: x86/mmu: Return old SPTE from mmu_spte_clear_track_bits() + (jsc#SLE-19924). +- KVM: x86/mmu: Refactor shadow walk in __direct_map() to reduce + indentation (jsc#SLE-19924). +- KVM: x86: Hoist kvm_dirty_regs check out of sync_regs() + (jsc#SLE-19924). +- KVM: x86/mmu: Mark VM as bugged if page fault returns + RET_PF_INVALID (jsc#SLE-19924). +- KVM: x86: Use KVM_BUG/KVM_BUG_ON to handle bugs that are fatal + to the VM (jsc#SLE-19924). +- KVM: Export kvm_make_all_cpus_request() for use in marking + VMs as bugged (jsc#SLE-19924). +- KVM: Add infrastructure and macro to mark VM as bugged + (jsc#SLE-19924). +- commit 4c87f07 + +- kprobes: Limit max data_size of the kretprobe instances + (bsc#1193669). +- commit 37c195c + +- Refresh + patches.suse/igc-Do-not-enable-crosstimestamping-for-i225-V-model.patch. + Replaced with upstream commit and put to sorted section. +- commit 7a69d48 + +- net/mlx5e: Fix wrong features assignment in case of error + (jsc#SLE-19253). +- net/mlx5e: TC, Fix memory leak with rules with internal port + (jsc#SLE-19253). +- igc: Fix TX timestamp support for non-MSI-X platforms + (jsc#SLE-18377). +- ionic: Initialize the 'lif->dbid_inuse' bitmap (jsc#SLE-19282). +- net/mlx5: Fix some error handling paths in + 'mlx5e_tc_add_fdb_flow()' (jsc#SLE-19253). +- net/mlx5e: Delete forward rule for ct or sample action + (jsc#SLE-19253). +- net/mlx5e: Fix ICOSQ recovery flow for XSK (jsc#SLE-19253). +- net/mlx5e: Fix interoperability between XSK and ICOSQ recovery + flow (jsc#SLE-19253). +- net/mlx5e: Fix skb memory leak when TC classifier action + offloads are disabled (jsc#SLE-19253). +- net/mlx5e: Wrap the tx reporter dump callback to extract the sq + (jsc#SLE-19253). +- net/mlx5: Fix tc max supported prio for nic mode + (jsc#SLE-19253). +- net/mlx5: Fix SF health recovery flow (jsc#SLE-19253). +- net/mlx5: Fix error print in case of IRQ request failed + (jsc#SLE-19253). +- net/mlx5: Use first online CPU instead of hard coded CPU + (jsc#SLE-19253). +- net/mlx5: DR, Fix querying eswitch manager vport for ECPF + (jsc#SLE-19253). +- net/mlx5: DR, Fix NULL vs IS_ERR checking in + dr_domain_init_resources (jsc#SLE-19253). +- sfc: falcon: Check null pointer of rx_queue->page_ring + (git-fixes). +- sfc: Check null pointer of rx_queue->page_ring (git-fixes). +- bonding: fix ad_actor_system option setting to default + (git-fixes). +- igb: fix deadlock caused by taking RTNL in RPM resume path + (jsc#SLE-18379). +- qlcnic: potential dereference null pointer of + rx_queue->page_ring (git-fixes). +- ice: xsk: fix cleaned_count setting (jsc#SLE-18375). +- ice: xsk: allow empty Rx descriptors on XSK ZC data path + (jsc#SLE-18375). +- ice: xsk: do not clear status_error0 for ntu + nb_buffs + descriptor (jsc#SLE-18375). +- ice: remove dead store on XSK hotpath (jsc#SLE-18375). +- ice: xsk: allocate separate memory for XDP SW ring + (jsc#SLE-18375). +- ice: xsk: return xsk buffers back to pool when cleaning the ring + (jsc#SLE-18375). +- commit 23e6d3c + +- scsi: lpfc: Use struct_group to isolate cast to larger object + (bsc#1194266). +- scsi: lpfc: Use struct_group() to initialize struct + lpfc_cgn_info (bsc#1194266). +- scsi: lpfc: Update lpfc version to 14.0.0.4 (bsc#1194266). +- scsi: lpfc: Add additional debugfs support for CMF + (bsc#1194266). +- scsi: lpfc: Cap CMF read bytes to MBPI (bsc#1194266). +- scsi: lpfc: Adjust CMF total bytes and rxmonitor (bsc#1194266). +- scsi: lpfc: Trigger SLI4 firmware dump before doing driver + cleanup (bsc#1194266). +- scsi: lpfc: Fix NPIV port deletion crash (bsc#1194266). +- scsi: lpfc: Fix lpfc_force_rscn ndlp kref imbalance + (bsc#1194266). +- scsi: lpfc: Change return code on I/Os received during link + bounce (bsc#1194266). +- scsi: lpfc: Fix leaked lpfc_dmabuf mbox allocations with NPIV + (bsc#1194266). +- commit 56f0e4d + +- Update patches.suse/qla2xxx-synchronize-rport-dev_loss_tmo-setting.patch + Update meta data and move the patch into the sorted section. +- commit 801abe1 + +- wireguard: ratelimiter: use kvcalloc() instead of kvzalloc() + (git-fixes). +- wireguard: receive: drop handshakes if queue lock is contended + (git-fixes). +- wireguard: receive: use ring buffer for incoming handshakes + (git-fixes). +- wireguard: device: reset peer src endpoint when netns exits + (git-fixes). +- wireguard: selftests: actually test for routing loops + (git-fixes). +- wireguard: selftests: increase default dmesg log size + (git-fixes). +- wireguard: allowedips: add missing __rcu annotation to satisfy + sparse (git-fixes). +- scsi: qla2xxx: edif: Fix off by one bug in + qla_edif_app_getfcinfo() (git-fixes). +- scsi: qla2xxx: edif: Fix EDIF bsg (git-fixes). +- scsi: qla2xxx: edif: Increase ELS payload (git-fixes). +- scsi: qla2xxx: edif: Flush stale events and msgs on session down + (git-fixes). +- scsi: qla2xxx: edif: Fix app start delay (git-fixes). +- scsi: qla2xxx: edif: Fix app start fail (git-fixes). +- commit bf283b6 + +- Input: goodix - try not to touch the reset-pin on x86/ACPI + devices (git-fixes). +- commit 9c810e6 + +- Input: goodix - push error logging up into i2c_read and + i2c_write helpers (git-fixes). +- commit 83b987d + +- Input: goodix - refactor reset handling (git-fixes). +- commit fe6c264 + +- Input: goodix - add a goodix.h header file (git-fixes). +- commit d09187d + +- Input: goodix - change goodix_i2c_write() len parameter type + to int (git-fixes). +- commit cf299db + +- net: usb: pegasus: Do not drop long Ethernet frames (git-fixes). +- commit 7669ccb + +- drm/i915/adlp: Remove require_force_probe protection + (jsc#SLE-22725). +- commit ed19f50 + +- media: Revert "media: uvcvideo: Set unique vdev name based in + type" (bsc#1193255). +- commit ece5395 + +- hv: utils: add PTP_1588_CLOCK to Kconfig to fix build (git-fixes). +- commit f927f33 + +- i2c: validate user data in compat ioctl (git-fixes). +- Input: appletouch - initialize work before device registration + (git-fixes). +- commit 67ef690 + +- rtw89: 8852a: correct bit definition of dfs_en (bsc#1188303). +- rtw89: coex: Update COEX to 5.5.8 (bsc#1188303). +- rtw89: coex: Cancel PS leaving while C2H comes (bsc#1188303). +- rtw89: coex: Update BT counters while receiving report + (bsc#1188303). +- rtw89: coex: Define LPS state for BTC using (bsc#1188303). +- rtw89: coex: Add MAC API to get BT polluted counter + (bsc#1188303). +- rtw89: coex: Not to send H2C when WL not ready and count H2C + (bsc#1188303). +- rtw89: coex: correct C2H header length (bsc#1188303). +- rtw89: don't kick off TX DMA if failed to write skb + (bsc#1188303). +- rtw89: remove cch_by_bw which is not used (bsc#1188303). +- rtw89: fix sending wrong rtwsta->mac_id to firmware to fill + address CAM (bsc#1188303). +- rtw89: fix incorrect channel info during scan (bsc#1188303). +- rtw89: update scan_mac_addr during scanning period + (bsc#1188303). +- rtw89: use inline function instead macro to set H2C and CAM + (bsc#1188303). +- rtw89: add const in the cast of le32_get_bits() (bsc#1188303). +- commit de4e062 + +- Input: i8042 - enable deferred probe quirk for ASUS UM325UA + (bsc#1190256). +- commit 9eb35f2 + +- Move upstreamed patches into sorted section +- commit d24f83f + +- uapi: fix linux/nfc.h userspace compilation errors (git-fixes). +- xhci: Fresco FL1100 controller should not have BROKEN_MSI + quirk set (git-fixes). +- usb: mtu3: set interval of FS intr and isoc endpoint + (git-fixes). +- usb: mtu3: fix list_head check warning (git-fixes). +- usb: mtu3: add memory barrier before set GPD's HWO (git-fixes). +- usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear + (git-fixes). +- uapi: Fix undefined __always_inline on non-glibc systems + (git-fixes). +- spi: change clk_disable_unprepare to clk_unprepare (git-fixes). +- tty: n_hdlc: make n_hdlc_tty_wakeup() asynchronous (git-fixes). +- USB: serial: option: add Telit FN990 compositions (git-fixes). +- USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) + (git-fixes). +- usb: xhci: Extend support for runtime power management for + AMD's Yellow carp (git-fixes). +- soc/tegra: fuse: Fix bitwise vs. logical OR warning (git-fixes). +- Revert "tty: serial: fsl_lpuart: drop earlycon entry for + i.MX8QXP" (git-fixes). +- USB: core: Make do_proc_control() and do_proc_bulk() killable + (git-fixes). +- commit fd73c6a + +- r8152: sync ocp base (git-fixes). +- r8152: fix the force speed doesn't work for RTL8156 (git-fixes). +- serial: 8250_fintek: Fix garbled text for console (git-fixes). +- soc: imx: Register SoC device only on i.MX boards (git-fixes). +- Revert "serial: 8250: Fix reporting real baudrate value in + c_ospeed field" (git-fixes). +- serial: 8250: Fix reporting real baudrate value in c_ospeed + field (git-fixes). +- commit a7820da + +- NFC: st21nfca: Fix memory leak in device probe and remove + (git-fixes). +- nfc: uapi: use kernel size_t to fix user-space builds + (git-fixes). +- pinctrl: stm32: consider the GPIO offset to expose all the + GPIO lines (git-fixes). +- pinctrl: bcm2835: Change init order for gpio hogs (git-fixes). +- pinctrl: mediatek: fix global-out-of-bounds issue (git-fixes). +- platform/x86: intel_pmc_core: fix memleak on registration + failure (git-fixes). +- platform/x86: amd-pmc: only use callbacks for suspend + (git-fixes). +- PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (git-fixes). +- PCI/MSI: Mask MSI-X vectors only on success (git-fixes). +- pinctrl: amd: Fix wakeups when IRQ is shared with SCI + (git-fixes). +- commit c29a200 + +- mac80211: fix locking in ieee80211_start_ap error path + (git-fixes). +- mmc: mmci: stm32: clear DLYB_CR after sending tuning command + (git-fixes). +- mmc: meson-mx-sdhc: Set MANUAL_STOP for multi-block SDIO + commands (git-fixes). +- mmc: core: Disable card detect during shutdown (git-fixes). +- mmc: sdhci-tegra: Fix switch to HS400ES mode (git-fixes). +- mac80211: mark TX-during-stop for TX in in_reconfig (git-fixes). +- nfc: fix segfault in nfc_genl_dump_devices_done (git-fixes). +- memory-hotplug.rst: fix wrong + /sys/module/memory_hotplug/parameters/ path (git-fixes). +- memory-hotplug.rst: fix two instances of "movablecore" that + should be "movable_node" (git-fixes). +- commit e3c9499 + +- kernel/crash_core: suppress unknown crashkernel parameter + warning (git-fixes). +- Refresh + patches.suse/add-product-identifying-information-to-vmcoreinfo.patch. +- commit e11041f + +- libata: if T_LENGTH is zero, dma direction should be DMA_NONE + (git-fixes). +- mac80211: fix lookup when adding AddBA extension element + (git-fixes). +- mac80211: validate extended element ID is present (git-fixes). +- mac80211: agg-tx: don't schedule_and_wake_txq() under sta->lock + (git-fixes). +- mac80211: send ADDBA requests using the tid/queue of the + aggregation session (git-fixes). +- mac80211: fix regression in SSN handling of addba tx + (git-fixes). +- mac80211: fix rate control for retransmitted frames (git-fixes). +- mac80211: track only QoS data frames for admission control + (git-fixes). +- LSM: Avoid warnings about potentially unused hook variables + (git-fixes). +- commit 2417651 + +- hwmon: (lm90) Do not report 'busy' status bit as alarm + (git-fixes). +- hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681 + (git-fixes). +- hwmon: (lm90) Drop critical attribute support for MAX6654 + (git-fixes). +- hwmon: (lm90) Prevent integer overflow/underflow in hysteresis + calculations (git-fixes). +- hwmon: (lm90) Fix usage of CONFIG2 register in detect function + (git-fixes). +- Input: elants_i2c - do not check Remark ID on eKTH3900/eKTH5312 + (git-fixes). +- Input: atmel_mxt_ts - fix double free in mxt_read_info_block + (git-fixes). +- Input: goodix - add id->model mapping for the "9111" model + (git-fixes). +- Input: elantech - fix stack out of bound access in + elantech_change_report_id() (git-fixes). +- Input: iqs626a - prohibit inlining of channel parsing functions + (git-fixes). +- hamradio: improve the incomplete fix to avoid NPD (git-fixes). +- gpio: dln2: Fix interrupts when replugging the device + (git-fixes). +- ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module + (git-fixes). +- ipmi: fix initialization when workqueue allocation fails + (git-fixes). +- ipmi: bail out if init_srcu_struct fails (git-fixes). +- HID: potential dereference of null pointer (git-fixes). +- i2c: rk3x: Handle a spurious start completion interrupt flag + (git-fixes). +- hamradio: defer ax25 kfree after unregister_netdev (git-fixes). +- hwmon: (lm90) Add basic support for TI TMP461 (git-fixes). +- hwmon: (lm90) Introduce flag indicating extended temperature + support (git-fixes). +- commit cda309a + +- drm/amd/display: Set optimize_pwr_state for DCN31 (git-fixes). +- drm/amd/display: Send s0i2_rdy in stream_count == 0 optimization + (git-fixes). +- drm/mediatek: hdmi: Perform NULL pointer check for mtk_hdmi_conf + (git-fixes). +- drm/amd/pm: fix a potential gpu_metrics_table memory leak + (git-fixes). +- drm/amd/display: Set exit_optimized_pwr_state for DCN31 + (git-fixes). +- drm/amd/pm: fix reading SMU FW version from amdgpu_firmware_info + on YC (git-fixes). +- drm/amdgpu: don't override default ECO_BITs setting (git-fixes). +- firmware: arm_scpi: Fix string overflow in SCPI genpd driver + (git-fixes). +- firmware: tegra: Fix error application of sizeof() to pointer + (git-fixes). +- firmware_loader: fix pre-allocated buf built-in firmware use + (git-fixes). +- commit 791c862 + +- drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE + (git-fixes). +- commit d8f06f2 + +- drm/ast: potential dereference of null pointer (git-fixes). +- drm: simpledrm: fix wrong unit with pixel clock (git-fixes). +- Revert "drm/fb-helper: improve DRM fbdev emulation device names" + (git-fixes). +- drm/i915/display: Fix an unsigned subtraction which can never + be negative (git-fixes). +- drm/amdkfd: process_info lock not needed for svm (git-fixes). +- drm/amd/display: add connector type check for CRC source set + (git-fixes). +- drm/amdkfd: fix double free mem structure (git-fixes). +- drm/amd/display: Fix for the no Audio bug with Tiled Displays + (git-fixes). +- commit 3978643 + +- dmaengine: st_fdma: fix MODULE_ALIAS (git-fixes). +- dmaengine: idxd: fix missed completion on abort path + (git-fixes). +- dmaengine: idxd: fix calling wq quiesce inside spinlock + (git-fixes). +- drm/amdgpu: check atomic flag to differeniate with legacy path + (git-fixes). +- drm/msm/dp: Avoid unpowered AUX xfers that caused crashes + (git-fixes). +- drm/msm/dsi: set default num_data_lanes (git-fixes). +- drm/i915: Fix type1 DVI DP dual mode adapter heuristic for + modern platforms (git-fixes). +- drm/i915/dp: Ensure max link params are always valid + (git-fixes). +- drm/i915/dp: Ensure sink rate values are always valid + (git-fixes). +- commit 2ffa66e + +- ax25: NPD bug when detaching AX25 device (git-fixes). +- ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s + (git-fixes). +- bus: sunxi-rsb: Fix shutdown (git-fixes). +- cfg80211: Acquire wiphy mutex on regulatory work (git-fixes). +- clk: Don't parent clks until the parent is fully registered + (git-fixes). +- dmaengine: idxd: add halt interrupt support (git-fixes). +- bus: ti-sysc: Fix variable set but not used warning for + reinit_modules (git-fixes). +- cachefiles: Fix oops with cachefiles_cull() due to NULL object + (git-fixes). +- cachefiles: Fix oops in trace_cachefiles_mark_buried due to + NULL object (git-fixes). +- commit cd688de + +- asix: fix wrong return value in asix_check_host_enable() + (git-fixes). +- asix: fix uninit-value in asix_mdio_read() (git-fixes). +- ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (git-fixes). +- ASoC: meson: aiu: fifo: Add missing + dma_coerce_mask_and_coherent() (git-fixes). +- ASoC: tas2770: Fix setting of high sample rates (git-fixes). +- ASoC: rt5682: fix the wrong jack type detected (git-fixes). +- ASoC: tegra: Restore headphones jack name on Nyan Big + (git-fixes). +- ASoC: tegra: Add DAPM switches for headphones and mic jack + (git-fixes). +- ASoC: SOF: Intel: pci-tgl: add new ADL-P variant (git-fixes). +- ASoC: SOF: Intel: pci-tgl: add ADL-N support (git-fixes). +- commit a7aad6f + +- ALSA: rawmidi - fix the uninitalized user_pversion (git-fixes). +- ALSA: hda/hdmi: Disable silent stream on GLK (git-fixes). +- ALSA: hda/realtek: fix mute/micmute LEDs for a HP ProBook + (git-fixes). +- ALSA: hda/realtek: Add new alc285-hp-amp-init model (git-fixes). +- ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 + (git-fixes). +- ALSA: jack: Check the return value of kstrdup() (git-fixes). +- ALSA: drivers: opl3: Fix incorrect use of vp->state (git-fixes). +- ALSA: hda/hdmi: fix HDA codec entry table order for ADL-P + (git-fixes). +- ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid (git-fixes). +- commit edda50f + +- igc: Do not enable crosstimestamping for i225-V models + (bsc#1193039). +- commit 4b7258e + +- recordmcount.pl: fix typo in s390 mcount regex (bsc#1192267). +- commit 502efc5 + +- recordmcount.pl: look for jgnop instruction as well as bcrl + on s390 (bsc#1192267). +- Delete patches.suse/ftrace-recordmcount-binutils.patch. +- commit e276c5a + +- fix rpm build warning + tumbleweed rpm is adding these warnings to the log: + It's not recommended to have unversioned Obsoletes: Obsoletes: microcode_ctl +- commit 3ba8941 + +- signal: Skip the altstack update when not needed (bsc#1190497). +- commit 0a4e2d9 + +- bpf: Fix kernel address leakage in atomic fetch (bsc#1193883). +- commit ebab46c + +- locking/rtmutex: Fix incorrect condition in + rtmutex_spin_on_owner() (bsc#1190137 bsc#1189998). +- ipc: WARN if trying to remove ipc object which is absent + (bsc#1190187). +- ipc/ipc_sysctl.c: remove fallback for !CONFIG_PROC_SYSCTL + (bsc#1190187). +- ipc: check checkpoint_restore_ns_capable() to modify C/R proc + files (bsc#1190187). +- mm,hugetlb: remove mlock ulimit for SHM_HUGETLB (bsc#1190187). +- futex: Fix PREEMPT_RT build (bsc#1190137 bsc#1189998). +- futex: Simplify double_lock_hb() (bsc#1190137 bsc#1189998). +- futex: Split out wait/wake (bsc#1190137 bsc#1189998). +- futex: Split out requeue (bsc#1190137 bsc#1189998). +- futex: Rename mark_wake_futex() (bsc#1190137 bsc#1189998). +- futex: Rename: match_futex() (bsc#1190137 bsc#1189998). +- futex: Rename: hb_waiter_{inc,dec,pending}() (bsc#1190137 + bsc#1189998). +- futex: Split out PI futex (bsc#1190137 bsc#1189998). +- futex: Rename: {get,cmpxchg}_futex_value_locked() (bsc#1190137 + bsc#1189998). +- futex: Rename hash_futex() (bsc#1190137 bsc#1189998). +- futex: Rename __unqueue_futex() (bsc#1190137 bsc#1189998). +- futex: Rename: queue_{,un}lock() (bsc#1190137 bsc#1189998). +- futex: Rename futex_wait_queue_me() (bsc#1190137 bsc#1189998). +- futex: Rename {,__}{,un}queue_me() (bsc#1190137 bsc#1189998). +- futex: Split out syscalls (bsc#1190137 bsc#1189998). +- futex: Move to kernel/futex/ (bsc#1190137 bsc#1189998). +- commit 2cdb038 + +- cifs: sanitize multiple delimiters in prepath (bsc#1193629). +- commit 451f2d6 + +- cifs: ignore resource_id while getting fscache super cookie + (bsc#1193629). +- commit eeba60d + +- cifs: fix ntlmssp auth when there is no key exchange + (bsc#1193629). +- commit 0175110 + +- cifs: avoid use of dstaddr as key for fscache client cookie + (bsc#1193629). +- commit f3d9639 + +- cifs: add server conn_id to fscache client cookie (bsc#1193629). +- commit 107f3d6 + +- cifs: wait for tcon resource_id before getting fscache super + (bsc#1193629). +- commit 9ad6391 + +- cifs: fix missed refcounting of ipc tcon (bsc#1193629). +- commit 324a379 + +- cifs: update internal version number (bsc#1193629). +- commit 069cbf3 + +- smb2: clarify rc initialization in smb2_reconnect (bsc#1193629). +- commit 7fb1cf7 + +- cifs: populate server_hostname for extra channels (bsc#1193629). +- commit a78bb02 + +- cifs: nosharesock should be set on new server (bsc#1193629). +- commit f9c0a11 + +- cifs: introduce cifs_ses_mark_for_reconnect() helper + (bsc#1193629). +- commit 75cf16a + +- cifs: protect srv_count with cifs_tcp_ses_lock (bsc#1193629). +- commit 7b74cfa + +- cifs: move debug print out of spinlock (bsc#1193629). +- commit 3fe9ee3 + +- cifs: do not duplicate fscache cookie for secondary channels + (bsc#1193629). +- commit ec76d5a + +- cifs: connect individual channel servers to primary channel + server (bsc#1193629). +- commit c5cace7 + +- cifs: protect session channel fields with chan_lock + (bsc#1193629). +- commit fc55a6d + +- cifs: do not negotiate session if session already exists + (bsc#1193629). +- commit 61214c8 + +- smb3: do not setup the fscache_super_cookie until fsinfo + initialized (bsc#1193629). +- commit ed23408 + +- cifs: fix potential use-after-free bugs (bsc#1193629, + jsc#SLE-20043). +- commit 5c08eeb + +- smb3: add additional null check in SMB311_posix_mkdir + (bsc#1193629). +- commit ceaffcf + +- cifs: release lock earlier in dequeue_mid error case + (bsc#1193629). +- commit c5b3ecb + +- smb3: add additional null check in SMB2_tcon (bsc#1193629). +- commit 4035864 + +- smb3: add additional null check in SMB2_open (bsc#1193629). +- commit 8ea5886 + +- smb3: add additional null check in SMB2_ioctl (bsc#1193629). +- commit a851210 + +- smb3: remove trivial dfs compile warning (bsc#1193629, + jsc#SLE-20043). +- commit 890475c + +- cifs: support nested dfs links over reconnect (bsc#1193629, + jsc#SLE-20043). +- commit 59d47b4 + +- cifs: for compound requests, use open handle if possible + (bsc#1193629). +- commit 02e1bae + +- cifs: split out dfs code from cifs_reconnect() (bsc#1193629, + jsc#SLE-20043). +- commit af9cd3d + +- cifs: convert list_for_each to entry variant (bsc#1193629, + jsc#SLE-20043). +- commit dce8737 + +- cifs: introduce new helper for cifs_reconnect() (bsc#1193629, + jsc#SLE-20043). +- commit 5e2b90c + +- cifs: fix print of hdr_flags in dfscache_proc_show() + (bsc#1193629, jsc#SLE-20043). +- commit 449aafc + +- cifs: send workstation name during ntlmssp session setup + (bsc#1193629). +- Refresh + patches.suse/cifs-fix-memory-leak-of-smb3_fs_context_dup-server_h.patch. +- commit 343b351 + +- cifs: nosharesock should not share socket with future sessions + (bsc#1193629). +- commit 7e97086 + +- smb3: add dynamic trace points for socket connection + (bsc#1193629). +- commit 893bf17 + +- cifs: Move SMB2_Create definitions to the shared area + (bsc#1193629). +- commit ecfb219 + +- cifs: Move more definitions into the shared area (bsc#1193629). +- commit 89babe6 + +- cifs: move NEGOTIATE_PROTOCOL definitions out into the common + area (bsc#1193629). +- commit 445edea + +- cifs: Create a new shared file holding smb2 pdu definitions + (bsc#1193629). +- commit ed5b95d + +- cifs: add mount parameter tcpnodelay (bsc#1193629). +- commit a35b30c + +- smb3: correct server pointer dereferencing check to be more + consistent (bsc#1193629). +- commit 528e69d + +- cifs: Clear modified attribute bit from inode flags + (bsc#1193629). +- commit 877f02c + +- cifs: Deal with some warnings from W=1 (bsc#1193629). +- commit 48de0a6 + +- cifs: Deferred close performance improvements (bsc#1193629). +- commit 3284ea4 + +- cifs: fix incorrect kernel doc comments (bsc#1193629). +- commit e10f67b + +- cifs: remove pathname for file from SPDX header (bsc#1193629). +- commit eba423d + +- cifs: move SMB FSCTL definitions to common code (bsc#1193629). +- commit 5fa969c + +- cifs: rename cifs_common to smbfs_common (bsc#1193629). +- Add to supported.conf: + fs/smbfs_common/cifs_arc4 + fs/smbfs_common/cifs_md4 +- Update configs to add CONFIG_SMBFS_COMMON=m. +- commit ece4318 + +- cifs: cifs_md4 convert to SPDX identifier (bsc#1193629). +- commit d7aa128 + +- cifs: create a MD4 module and switch cifs.ko to use it + (bsc#1193629). +- commit 79d9d13 + +- cifs: fork arc4 and create a separate module for it for cifs + and other users (bsc#1193629). +- commit ac6203b + +- cifs: update FSCTL definitions (bsc#1193629). +- commit 66c717f + +- x86/pkey: Fix undefined behaviour with PKRU_WD_BIT + (bsc#1190497). +- commit c9f5572 + +- Drop the preempt kernel flavor (jsc#SLE-18857) + The extra -preempt flavor is no longer needed when we have + PREEMPT_DYNAMIC enabled and the boot-time "preempt=" option available. +- commit 9d1770c + +- build initrd without systemd + This reduces the size of the initrd by over 25%, which + improves startup time of the virtual machine by 0.5-0.6s on + very fast machines, more on slower ones. +- commit ef4c569 + +- arm64: Implement HAVE_PREEMPT_DYNAMIC + (jsc#SLE-18857). +- arm64: Implement IRQ exit preemption static call for dynamic preemption + (jsc#SLE-18857). +- sched/preempt: Prepare for supporting !CONFIG_GENERIC_ENTRY + (jsc#SLE-18857). +- arm64: implement support for static call trampolines + (jsc#SLE-18857). +- commit 2443f87 + +- blacklist.conf: ef775a0e36c6 x86/Kconfig: Fix an unused variable error in dell-smm-hwmon +- commit 79fbdb8 + +- static_call: Use non-function types to refer to the trampolines + (jsc#SLE-18857). +- commit 16af38a + +- clk: renesas: r8a779a0: Add the DSI clocks (git-fixes). +- commit 4144466 + +- clk: renesas: r8a779a0: Add the DU clock (git-fixes). +- commit e4f5038 + +- bpf: Make sure bpf_disable_instrumentation() is safe vs + preemption (git-fixes). +- commit 3c01bdb + +- bpf, x86: Fix "no previous prototype" warning (git-fixes). +- commit d18ea1d + +- arm64: mm: Fix VM_BUG_ON(mm != &init_mm) for trans_pgd + (git-fixes). +- commit 3d5d99f + +- PM: sleep: Fix error handling in dpm_prepare() (git-fixes). +- commit 1d4147f + +- HID: holtek: fix mouse probing (git-fixes). +- commit e70fdd2 + +- KVM: VMX: Fix stale docs for + kvm-intel.emulate_invalid_guest_state (git-fixes). +- commit 403e13c + +- RDMA/hns: Replace kfree() with kvfree() (bsc#1190336). +- IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() + (git-fixes). +- RDMA/hns: Fix RNR retransmission issue for HIP08 (bsc#1190336). +- sfc_ef100: potential dereference of null pointer (git-fixes). +- ixgbe: set X550 MDIO speed before talking to PHY + (jsc#SLE-18384). +- ixgbe: Document how to enable NBASE-T support (jsc#SLE-18384). +- igc: Fix typo in i225 LTR functions (jsc#SLE-18377). +- igbvf: fix double free in `igbvf_probe` (jsc#SLE-18379). +- igb: Fix removal of unicast MAC filters of VFs (jsc#SLE-18379). +- netdevsim: Zero-initialize memory for new map's value in + function nsim_bpf_map_alloc (git-fixes). +- ice: Don't put stale timestamps in the skb (jsc#SLE-18375). +- ice: Use div64_u64 instead of div_u64 in adjfine + (jsc#SLE-18375). +- iavf: do not override the adapter state in the watchdog task + (again) (jsc#SLE-18385). +- iavf: missing unlocks in iavf_watchdog_task() (jsc#SLE-18385). +- flow_offload: return EOPNOTSUPP for the unsupported mpls action + type (git-fixes). +- net: hns3: fix race condition in debugfs (bsc#1190336). +- net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg + (bsc#1190336). +- commit c8da480 + +- USB: serial: cp210x: fix CP2105 GPIO registration (git-fixes). +- commit 21acdf8 + +- usb: cdnsp: Fix lack of spin_lock_irqsave/spin_lock_restore + (git-fixes). +- commit 0ecdeb8 + +- usb: dwc2: fix STM ID/VBUS detection startup delay in + dwc2_driver_probe (git-fixes). +- commit 706591c + +- usb: cdnsp: Fix incorrect status for control request + (git-fixes). +- commit 39c7644 + +- usb: cdnsp: Fix issue in cdnsp_log_ep trace event (git-fixes). +- commit 6a1899d + +- usb: cdnsp: Fix incorrect calling of cdnsp_died function + (git-fixes). +- commit 6500212 + +- usb: gadget: u_ether: fix race in setting MAC address in setup + phase (git-fixes). +- commit de812df + +- fscache: Use refcount_t for the cookie refcount instead of + atomic_t (bsc#1190277). +- fscache: Fix fscache_cookie_put() to not deref after dec + (bsc#1190277). +- cachefiles: Change %p in format strings to something else + (bsc#1190277). +- fscache: Change %p in format strings to something else + (bsc#1190277). +- fscache: Remove the object list procfile (bsc#1190277). +- fscache, cachefiles: Remove the histogram stuff (bsc#1190277). +- fscache: Procfile to display cookies (bsc#1190277). +- fscache: Add a cookie debug ID and use that in traces + (bsc#1190277). +- commit 7bdee94 + +- add kvmsmall flavor for aarch64 +- cherry-picked from master +- commit ddd3a02 + +- ceph: initialize pathlen variable in reconnect_caps_cb + (bsc#1193925). +- ceph: fix duplicate increment of opened_inodes metric + (bsc#1193924). +- commit e2145a2 + +- tracing/uprobe: Fix uprobe_perf_open probes iteration + (git-fixes). +- commit ed9f636 + +- x86/fpu/signal: Initialize sw_bytes in save_xstate_epilog() + (bsc#1190497). +- commit 7191fb9 + +- Revert "usb: early: convert to readl_poll_timeout_atomic()" + (git-fixes). +- commit cb61d99 + +- usb: typec: tcpm: fix tcpm unregister port but leave a pending + timer (git-fixes). +- commit 5235800 + +- USB: gadget: bRequestType is a bitfield, not a enum (git-fixes). +- commit 7d60d0b + +- xen/netback: don't queue unlimited number of packages + (CVE-2021-28715 XSA-392 bsc#1193442). +- commit 3c72c0c + +- xen/netback: fix rx queue stall detection (CVE-2021-28714 + XSA-392 bsc#1193442). +- commit caace15 + +- xen/console: harden hvc_xen against event channel storms + (CVE-2021-28713 XSA-391 bsc#1193440). +- commit 146b839 + +- xen/netfront: harden netfront against event channel storms + (CVE-2021-28712 XSA-391 bsc#1193440). +- commit d10254c + +- xen/blkfront: harden blkfront against event channel storms + (CVE-2021-28711 XSA-391 bsc#1193440). +- commit e1ca522 + +- NFSD: Fix exposure in nfsd4_decode_bitmap() (bnc#1193663 CVE-2021-4090). +- commit 2b4cae0 + +- hwmon: (k10temp) Remove residues of current and voltage + (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). +- hwmon: (k10temp) Add support for yellow carp (jsc#SLE-17823 + jsc#SLE-23139 jsc#ECO-3666). +- hwmon: (k10temp) Rework the temperature offset calculation + (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). +- hwmon: (k10temp) Don't show Tdie for all Zen/Zen2/Zen3 CPU/APU + (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). +- hwmon: (k10temp) Add additional missing Zen2 and Zen3 APUs + (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). +- hwmon: (k10temp) support Zen3 APUs (jsc#SLE-17823 jsc#SLE-23139 + jsc#ECO-3666). +- commit 0e017c0 + +- kernel-obs-build: remove duplicated/unused parameters + lbs=0 - this parameters is just giving "unused parameter" and it looks + like I can not find any version that implemented this. + rd.driver.pre=binfmt_misc is not needed when setup_obs is used, it + alread loads the kernel module. + quiet and panic=1 will now be also always added by OBS, so we don't have + to set it here anymore. +- commit 972c692 + +- supported.conf: enable ffa-module (jsc#SLE-21844) +- commit f52f878 + +- tracing: Add length protection to histogram string copies + (git-fixes). +- commit 0ebdac5 + +- Revert "- rpm/*build: use buildroot macro instead of env variable" + buildroot macro is not being expanded inside a shell script. go + back to the environment variable usage. This reverts parts of + commit e2f60269b9330d7225b2547e057ef0859ccec155. +- commit fe85f96 + +- kernel-obs-build: include the preferred kernel parameters + Currently the Open Build Service hardcodes the kernel boot parameters + globally. Recently functionality was added to control the parameters + by the kernel-obs-build package, so make use of that. parameters here + will overwrite what is used by OBS otherwise. +- commit a631240 + +- vfio: Introduce a vfio_uninit_group_dev() API call + (jsc#SLE-22601). +- Refresh + patches.suse/vfio-fsl-Move-to-the-device-set-infrastructure.patch. +- Refresh + patches.suse/0447-vfio-Provide-better-generic-support-for-open-release.patch. +- commit 880f484 + +- kernel-obs-build: inform build service about virtio-serial + Inform the build worker code that this kernel supports virtio-serial, + which improves performance and relability of logging. +- commit 301a3a7 + +- rpm/*.spec.in: use buildroot macro instead of env variable + The RPM_BUILD_ROOT variable is considered deprecated over + a buildroot macro. future proof the spec files. +- commit e2f6026 + +- rpm/kernel-obs-build.spec.in: move to zstd for the initrd + Newer distros have capability to decompress zstd, which + provides a 2-5% better compression ratio at very similar + cpu overhead. Plus this tests the zstd codepaths now as well. +- commit 3d53a5b + kernel-firmware -- Update to version 20211123: +- Update to version 20220119 (git commit 0c6a7b3bf728): + * linux-firmware: Update firmware file for Intel Bluetooth 9260 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX200 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: update firmware for mediatek bluetooth chip(MT7921) + * linux-firmware: update firmware for MT7921 WiFi device + * Mellanox: Add new mlxsw_spectrum firmware xx.2010.1232 + * linux-firmware: add marvell CPT firmware images + * QCA: Add Bluetooth nvm file for WCN685x + * QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00324 + * QCA: Update Bluetooth WCN685x 2.0 firmware to 2.0.0-00609 + * i915: Add GuC v69.0.3 for all platforms +- Add entry for rvu_cptpf + +- Update to version 20220111 (git commit 13dca280f760): + * linux-firmware: update firmware for MT7915 + * iwlwifi: add new FWs from core63-136 release + * iwlwifi: add new FWs from core66-88 release + * iwlwifi: update 9000-family firmwares to core66-88 + * linux-firmware: add firmware for MT7916 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * WHENCE: add missing symlink for NanoPi R1 + * amdgpu: update yellow carp dmcub firmware + * cxgb4: Update firmware to revision 1.26.6.0 +- update aliases from 5.16 final + +- Update to version 20211229 (git commit 57d6b9507e28): + * cnm: add chips&media wave521c firmware. + * linux-firmware: update firmware for MT7921 WiFi device + * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) + * rtw88: 8822c: Update normal firmware to v9.9.11 + * QCA: Update Bluetooth WCN685x firmware to 2.1.0-00298 + * amdgpu: update green sardine PSP firmware + * bnx2x: Add FW 7.13.21.0 + * linux-firmware: update frimware for mediatek bluetooth chip (MT7921) + * linux-firmware: wilc1000: update WILC1000 firmware to v15.4.1 + * rtl_bt: Update RTL8761B BT UART firmware to 0x0CA9_8A6B + * rtl_bt: Update RTL8761B BT USB firmware to 0x09A9_8A6B + * cxgb4: Update firmware to revision 1.26.4.0 + * rtw89: 8852a: update fw to v0.13.33.0 + * i915: Add DMC firmware v2.14 for ADL-P + * QCA: Add Bluetooth default nvm file for WCN685x + +- Update to version 20211123 (git commit b0e898fbaf37): kernel-firmware:compressed -- Update to version 20211123: +- Update to version 20220119 (git commit 0c6a7b3bf728): + * linux-firmware: Update firmware file for Intel Bluetooth 9260 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX200 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: update firmware for mediatek bluetooth chip(MT7921) + * linux-firmware: update firmware for MT7921 WiFi device + * Mellanox: Add new mlxsw_spectrum firmware xx.2010.1232 + * linux-firmware: add marvell CPT firmware images + * QCA: Add Bluetooth nvm file for WCN685x + * QCA: Update Bluetooth WCN685x 2.1 firmware to 2.1.0-00324 + * QCA: Update Bluetooth WCN685x 2.0 firmware to 2.0.0-00609 + * i915: Add GuC v69.0.3 for all platforms +- Add entry for rvu_cptpf + +- Update to version 20220111 (git commit 13dca280f760): + * linux-firmware: update firmware for MT7915 + * iwlwifi: add new FWs from core63-136 release + * iwlwifi: add new FWs from core66-88 release + * iwlwifi: update 9000-family firmwares to core66-88 + * linux-firmware: add firmware for MT7916 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9462 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth 9560 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX201 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX211 + * linux-firmware: Update firmware file for Intel Bluetooth AX210 + * WHENCE: add missing symlink for NanoPi R1 + * amdgpu: update yellow carp dmcub firmware + * cxgb4: Update firmware to revision 1.26.6.0 +- update aliases from 5.16 final + +- Update to version 20211229 (git commit 57d6b9507e28): + * cnm: add chips&media wave521c firmware. + * linux-firmware: update firmware for MT7921 WiFi device + * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) + * rtw88: 8822c: Update normal firmware to v9.9.11 + * QCA: Update Bluetooth WCN685x firmware to 2.1.0-00298 + * amdgpu: update green sardine PSP firmware + * bnx2x: Add FW 7.13.21.0 + * linux-firmware: update frimware for mediatek bluetooth chip (MT7921) + * linux-firmware: wilc1000: update WILC1000 firmware to v15.4.1 + * rtl_bt: Update RTL8761B BT UART firmware to 0x0CA9_8A6B + * rtl_bt: Update RTL8761B BT USB firmware to 0x09A9_8A6B + * cxgb4: Update firmware to revision 1.26.4.0 + * rtw89: 8852a: update fw to v0.13.33.0 + * i915: Add DMC firmware v2.14 for ADL-P + * QCA: Add Bluetooth default nvm file for WCN685x + +- Update to version 20211123 (git commit b0e898fbaf37): kmod +- Ensure that kmod and packages linking to libkmod provide same features + (bsc#1193430). + ldb +- Modify packaging to allow parallel installation with libldb1 + (bsc#1192684): + + Private libraries are installed in %{_libdir}/ldb2/ + + Modules are installed in %{_libdir}/ldb2/modules + libapparmor +- update to AppArmor 3.0.4 + - various fixes in profiles, abstractions, apparmor_parser and utils + (some of them were already included as patches) + - add support for mctp address family + - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.4 + for the full upstream changelog +- remove upstream(ed) patches: + - aa-notify-more-arch-mr809.diff + - ruby-3.1-build-fix.diff + - add-samba-bgqd.diff + - openssl-engdef-mr818.diff + - profiles-python-3.10-mr783.diff + - update-samba-abstractions-ldb2.diff +- refresh patches: + - apparmor-samba-include-permissions-for-shares.diff + - ruby-2_0-mkmf-destdir.patch + +- add ruby-3.1-build-fix.diff: fix build with ruby 3.1 (boo#1194221, + MR 827) + +- add update-samba-abstractions-ldb2.diff: Cater for changes to ldb + packaging to allow parallel installation with libldb (bsc#1192684). + - operation="file_mmap" violation in SLE15-SP4; (bsc#1192336). + operation="file_mmap" violation in SLE15-SP4; (bsc#1192336). + +- add openssl-engdef-mr818.diff: Allow reading /etc/ssl/engdef.d/ and + /etc/ssl/engines.d/ in abstractions/openssl which were introduced + with the latest openssl update libblockdev +- Remove unnecessary dependency of libbd_part2 on multipath-tools + (bsc#1194771) + +- Fix lack of dependency on libblockdev-lvm needed by libblockdev + package. The lvm-cache-stats binary needs the logical volume + plugin to work (boo#1183948). + +- Update to version 2.26: + + Fixes: + - Deprecated glib function call; + - Build with LLVM/clang; + - Many memory leaks; + - Many tests. +- Fix dbus.h being wrongly packaged in libbd_lvm-dbus-devl instead + of libbd_utils-devel (boo#1189787). + - * fs: Fix compile error in ext_repair caused by cherry pick from master + * fs: Fix compile error in ext_repair caused by cherry pick from + master - * lvm: Set thin metadata limits to match limits LVM uses in lvcreate - * lvm: Do not use thin_metadata_size to recommend thin metadata size + * lvm: Set thin metadata limits to match limits LVM uses in + lvcreate + * lvm: Do not use thin_metadata_size to recommend thin metadata + size - * VDO plugin has been deprecated in this release (functionality replaced by LVM VDO) + * VDO plugin has been deprecated in this release (functionality + replaced by LVM VDO) - * support for unlocking of BitLocker-compatible format BITLK added + * support for unlocking of BitLocker-compatible format BITLK + added - * test suite can now be run against installed version of libblockdev + * test suite can now be run against installed version of + libblockdev libgcrypt +- FIPS: Disable DSA in FIPS mode [bsc#1195385] + * Upstream task: https://dev.gnupg.org/T5710 + * Add libgcrypt-FIPS-disable-DSA.patch + +- FIPS: Service level indicator [bsc#1190700] + * Provide an indicator to check wether the service utilizes an + approved cryptographic algorithm or not. + * Add patches: + - libgcrypt-FIPS-service-indicators.patch + - libgcrypt-FIPS-verify-unsupported-KDF-test.patch + - libgcrypt-FIPS-HMAC-short-keylen.patch + +- FIPS: Fix gcry_mpi_sub_ui subtraction [bsc#1193480] + * gcry_mpi_sub_ui: fix subtracting from negative value + * Add libgcrypt-FIPS-fix-gcry_mpi_sub_ui.patch + +- FIPS: Define an entropy source SP800-90B compliant [bsc#1185140] + * Disable jitter entropy by default in random.conf + * Disable only-urandom option by default in random.conf + +- FIPS: RSA KeyGen/SigGen fail with 4096 bit key sizes [bsc#1192240] + * rsa: Check RSA keylen constraints for key operations. + * rsa: Fix regression in not returning an error for prime generation. + * tests: Add 2k RSA key working in FIPS mode. + * tests: pubkey: Replace RSA key to one of 2k. + * tests: pkcs1v2: Skip tests with small keys in FIPS. + * Add patches: + - libgcrypt-FIPS-RSA-keylen.patch + - libgcrypt-FIPS-RSA-keylen-tests.patch + +- FIPS: Disable 3DES/Triple-DES in FIPS mode [bsc#1185138] + * Add libgcrypt-FIPS-disable-3DES.patch + +- FIPS: PBKDF requirements [bsc#1185137] + * The PBKDF2 selftests were introduced in libgcrypt version + 1.9.1 in the function selftest_pbkdf2() + * Upstream task: https://dev.gnupg.org/T5182 + +- FIPS: Fix regression tests in FIPS mode [bsc#1192131] + * Add libgcrypt-FIPS-fix-regression-tests.patch + * Upstream task: https://dev.gnupg.org/T5520 + +- FIPS: Provide a module name/identifier and version that can be + mapped to the validation records. [bsc#1190706] + * Add libgcrypt-FIPS-module-version.patch + * Upstream task: https://dev.gnupg.org/T5600 + +- FIPS: Enable hardware support also in FIPS mode [bsc#1187110] + * Add libgcrypt-FIPS-hw-optimizations.patch + * Upstream task: https://dev.gnupg.org/T5508 + libimobiledevice +- Add python-rpm-macros to BuildRequires (boo#1194755). + +- Update to version 1.3.0+git.20210921: + * Remove common code in favor of new libimobiledevice-glue + * tools: idevicebackup2: Exit on service startup failure and improve error messages + * idevice: Reset receive length variable in internal_ssl_read retry loop and fix wrong variable in debug message + * lockdown: Get DeviceClass to make sure OS version dependent code is executed correctly + * Handle error cases in relevant code when retrieving pair record fails + * common: Return proper error codes from userpref_read_pair_record + * Add support for MbedTLS + * idevice: Make sure to handle timeout condition for network connections too + * installation_proxy: Ignore non-status messages instead of terminating loop + * mobilesync: Set DeviceLink version to 400 to support iOS 14b4+ + * tools/idevicecrashreport: Fix illegal filenames on Windows + * tools: Fix entering recovery mode on iOS 14.5+ which now requires a pairing + * tools: Fix delays in idevicedebugserverproxy when using SSL + * debugserver: Return success when a receive timed out but actualy bytes have been read + * idevice: Allow partial reads in idevice_connection_receive_timeout() and handle timeouts more adequate + * Fixed bytes/strings checks in lockdown.pxi for compatibility with Python2/3 + * Fixed bytes/strings check in imobiledevice.pyx for compatibility with Python2/3 + * Fixed debugserver.pxi PyString_AsString compatibility with Python3 + * Fixed AFC afc.pxi definitions for Python2/3 compatibility. Added missing public method 'remove_path_and_contents' + * ideviceprovision: Fix date output by adding MAC_EPOCH + * docs: Improve --quiet command line switch description in idevicesyslog man page + * idevicescreenshot: Choose a better filename, prevent overwriting existing files + * idevicedebug: Add --detach option to start an app and exit idevicedebug without killing the app + * idevicebackup2: Handle DLMessagePurgeDiskSpace by sending back error code + * idevicebackup2: Update errno to device error mapping + * idevice: Handle -EAGAIN in case usbmuxd_send() returns it + * idevicebackup2: Don't fail on restore when source backup doesn't have any application info + libinput +- Add missing pkgconfig(wayland-protocols) BuildRequires: + Previously pulled in by an other package. + +- Update to release 1.19.3 + * quirks: add ModelBouncingKeys for A4Tech X-710BK Mouse + * quirks: Dell 15R touchpad settings for firmware v3 + * quirks: change touchpad pressure on Lenovo Yoga 2 Pro + * gestures: cancel hold gestures on thumb detection + libmbim +- Update to version 1.26.2: + + The GUdev optional build/runtime requirement is now fully + dropped, it's no longer used. + + Implemented new link management operations, exclusively for the + cdc_mbim driver for now. These new operations allow creating or + deleting VLAN network interfaces in order to run multiplexed + data sessions over one single physical network interface. + + Added support for the Microsoft-defined SAR service, including + the following operations: + - MBIM_CID_MS_SAR_CONFIG + - MBIM_CID_MS_SAR_TRANSMISSION_STATUS + + libmbim-glib: + - Logic updated to make sure full packets are written at once, + instead of writing them in chunks. + - Updated the "LTE attach status" APIs in order to avoid + creating unneeded struct types in the interface. The older + methods have been deprecated and maintained in the library + for compatibility purposes only. + + Bugfixes. +- Drop pkgconfig(gudev-1.0) BuildRequires: no longer used. + libmspack +- chmextract.c add anti "../" and leading slash protection to chmextract + (CVE-2018-18586.patch, bsc#1113040) + * cve-2018-18586.patch + libnettle +- Provide s390x CPACF/SHA/AES Support for Crypto Libraries + * Add libnettle-s390x-CPACF-SHA-AES-support.patch [jsc#SLE-20733] + libpinyin +- Update version to 2.6.1 + * bug fixes + +- Update version to 2.6.0 + * bug fixes + +- Update version to 2.4.92 + * update pinyin data + * bug fixes + libplist +- Add python-rpm-macros to BuildRequires (boo#1194756). + libqmi +- Mention libqmi.keyring + +- update to 1.30.2: + * libqmi-glib: + * * Added support for 'hsic', 'bam-dmux' and 'unknown' endpoint types. + * * Added support for QMAPv2, QMAPv3 and QMAPv4 data aggregation types. + * * Added support for 'NGRAN' access technology identifier. + * * New 'qmi_device_add_link_with_flags()' method, in order to give e.g. rmnet + specific checksum offload related flags when creating a new link. + * qmicli: + * * New '--nas-get-preferred-networks' command. + * * New '--nas-set-preferred-networks' command. + * * New '--uim-get-configuration' command. + * * New '--uim-depersonalization' command. + * * New '--wms-get-routes' command. + * * New '--dpm-open-port' command. + * * New '--dpm-close-port' command. + * * Updated '--wds-create-profile' with an additional 'apn-type-mask' setting. + * * Updated '--wds-modify-profile' with an additional 'apn-type-mask' setting. + * * Updated '--link-add' with an additional optional 'flags' setting. + * qmi-network: + * * New PROFILE configuration setting to allow specifying which WDS profile to + use when connecting. + * * New IP-TYPE configuration setting to allow selecting the IP type requested + * collections: + * * basic: added voice call management operations. + * * basic: added voice supplementary service related operations. + * * basic: added NAS preferred networks related operations. + * * basic: added NAS network reject indications. + * * basic: added UIM depersonalization related operations. + * Several other minor improvements and fixes. +- add gpg validation + libqt5-qtbase -- Add patch to avoid crash in certain screen setups - (boo#1179165, kde#425188, QTBUG-88288): - * 0001-Avoid-crash-in-QScroller.patch +- Update patch after it was merged to dev upstream and fix another + place missed in the first version (boo#1195386, CVE-2022-23853): + * 0001-QProcess-Unix-ensure-we-don-t-accidentally-execute-s.patch + +- Add patch to avoid unintentionally using binaries from CWD + (boo#1195386, CVE-2022-23853): + * 0001-QProcess-Unix-ensure-we-don-t-accidentally-execute-s.patch + +- Update to version 5.15.2+kde294: + * QTzTimeZonePrivate::init(): fix handling of empty ID + * Restore support for reading /etc/timezone for system zone name + * QPathEdge: Fix array initialization + * QTzTimeZonePrivate: fix UB (data race on m_icu) + * Don't access QObject::objectName during QThread start + * Restore C++11 compatibility after e8b9f4c28d3ab5e960dc54f2dc0c4b749b0b50e0 + * QVarLengthArray: fix size update on failed append() + * Call statx() with AT_NO_AUTOMOUNT + * QThread: Remove superfluous initialization of threadId on Unix + * QThread: Reset the system thread ID when thread exits on Unix + * Add missing macOS header file that was indirectly included before + * QXcb: don't dereference pointer before checking + * xcb: avoid to use invalid pointers + * QVarLengthArray: fix insert() type/alias mismatch between decl and impl + * Use qint64 to replace int while qt_transform_image_rasterize + * QVarLengthArray: assert that the range passed to erase() is valid + * Fix pattern type matching + * QThread: fix UB (invalid enum value) on Private::Priority + * Use block char format to render list item bullets and numbers + * QDateTime: Don't require c++17 + * QVariantAnimation: fix UB (FP 0/0) in interpolated() arg calculation + * QDateTime: fix UB (signed overflow) in addDays() + * QString: fix UB (pointer arithmetic on nullptr) in qLastIndexOf + * tst_QIODevice: fix UB (precondition violation) in SequentialReadBuffer::readData() + * QVarLengthArray: fix UB (precondition violation) in range-erase() + * Fix segmentation fault in QObject::dumpObjectInfo + +- Update to version 5.15.2+kde268: + * Adapt for q_EVP_PKEY_base_id → q_EVP_PKEY_get_base_id rename in OpenSSL 3 + * Don't use a deprecated function if built/linked with OpenSSL v3 + * Diffie-Hellman parameters: remove useless 'fix' + * Dont's use DTLS_MAX_VERSION when setting SSL_CTX + * Avoid mixing atomic futex changes and QAtomic + * Fix qtdeclarative baseline test failure for text tables + * Don't let text table cells shrink below their minimum width (boo#1176530) + * Don't shrink a column when it spans multiple columns + * Use icon themes in QPrintPreviewDialog [if they exist] + * QAbstractFileEngine: fix UB (data race) on qt_file_engine_handlers_in_use + * Increment reference count when restoring reference + * Reject truncated and corrupt ascii pnm images + * Fix handling of Sunday in POSIX time-zone rules + * Fix developer build +- Drop patches, support for OpenSSL < 1.1.0 is no longer necessary: + * 0001-Lower-required-version-of-OpenSSL-to-1.1.0.patch + * fix-build-openssl-1.1.0.patch + +- Update to version 5.15.2+kde254: + * Revert "QPushButton: fix support of style sheet rule for text alignment" + * Revert "Fix invalid text layout data when a full layout run is interrupted" + * Optimize mime type matching + * fix potential mem leak on connection lost + * tst_QSslSocket - replace an old certificate + * tst_QSslCertificate::verify - remove QSKIP + * tst_QSslCertificate::verify - skip auto-test + * Doc: bump the OpenSSL minimum supported version to 1.1.1 + * QHttpSocketEngine: Fix memory leak + * QSslCertificate(OpenSSL) - harden protection against nullpointers + * QSslCertificate: Guard against accessing empty QByteArray + * Make QStyle::proxy() always return the leaf proxy + * Prefer previously used channels in QHttpNetworkConnection + * Fix populating selection clipboard with keyboard + * QSslCertificate::operator == - cleanup error queue + * Revert "Fix highdpi conversion of QTabletEvent coordinates on xcb" + * Fix highdpi conversion of QTabletEvent coordinates on xcb + * Support transformations in pattern/texture brushes in pdf + * Respect font stretch if set together with font style + * Fix QPainterPath with QFont::SmallCaps + * Avoid generating large pdf files when using dashed cosmetic pens + * PDF generation: disentangle native pen from transforms + * qmake: Switch to using Xcode's new build system + * Explicitly set input files for qtpreprocess + * Only embed launch screen when building an app + * Explicitly set output files for qtpreprocess + * Fix memory leak + * Fix reading gamma from PNGs without ICC profile + * QPlatformWindow: fix isAncestorOf not breaking recursion + * Cater for upstream changes in eglplatform.h + * QTextOdfWriter: fix exporting pixmaps to ODT + * Fix access to content: URLs with transient read/write permissions + +- Update to version 5.15.2+kde222: + * Revert "QString::lastIndexOf: fix off-by-one for zero length matches" + * MySQL: treat the MYSQL_FIELD as read-only + * Remove checks for glibc < 2 from qplatformdefs.h files + * linux-clang/qplatformdefs: fix building with musl libc + * Refix for avoiding huge number of tiny dashes + * Improve fix for avoiding huge number of tiny dashes + * Avoid processing-intensive painting of high number of tiny dashes + * xcb: add a timeout control when reading INCR property + * Remove another usage of mysql_get_client_version() + * MySQL: remove the version number checks in favor of actual functionality + * QLibraryInfo: Add MSVC 2022 + * doCrypt() - check the error codes + * Restore C++11 compatibility of QSharedPointer code + * opengl: fix a typo in QOpenGLPaintDevice::dotsPerMeterY() + * Fix rvalue overload of qobject_pointer_cast for GCC 9.3 + * QVarLengthArray: fix aliasing error in insert(it, n, v) + * Fix memory leak of QOffscreenScreen in QOffscreenIntegration + * Fix tst_moc for C++17 + * Add missing limits include + * xcb: Avoid use-after-free in QXcbConnection::initializeScreens() + * xcb: Remove need for QXCBScreen to resolve QXcbGlIntegration + * Update shared-mime-info to the 2.1 release, adjust implementation + +- Revert to the default platform plugin list ("wayland;xcb") + +- Update to version 5.15.2+kde200: + * Optimize quadratic-time insertion in QSortFilterProxyModel + +- Switch to KDE's maintenance branch +- Update to version 5.15.2+kde199: + * Too many changes to list here +- Add patch to reset version to 5.15.2: + * 0001-Revert-Bump-version.patch +- Drop patches, now upstream: + * 0001-Partially-revert-813a928c7c3cf98670b6043149880ed5c95.patch + * 0001-Fix-allocated-memory-of-QByteArray.patch + * 0001-Fix-build-with-GCC-11-include-limits.patch + * 0001-Let-QXcbConnection-getTimestamp-properly-exit-when-X.patch + * 0002-Build-fixes-for-GCC-11.patch + +- Add trailing newline to qtlogging.ini + +- Add patch to fix possible crash caused by GCC 11 build fix: + * 0001-Partially-revert-813a928c7c3cf98670b6043149880ed5c95.patch + +- Add patch to fix build with GCC 11 (boo#1181861, QTBUG-90395): + * 0001-Fix-build-with-GCC-11-include-limits.patch + * 0002-Build-fixes-for-GCC-11.patch + +- Add patch to fix infinite loop in KWin on XServer exit: + * 0001-Let-QXcbConnection-getTimestamp-properly-exit-when-X.patch +- Spec file cleanup, remove conditionals for Leap 42.x + +- Add patch to avoid excessive use of memory by lconvert: + * 0001-Fix-allocated-memory-of-QByteArray.patch + +- Update to 5.15.2: + * New bugfix release + * For more details please see: + http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.15.2/?h=5.15.2 + * Fallback to /tmp/runtime-$USER if XDG_RUNTIME_DIR is not set + or is unsafe (bsc#1172515) +- Drop patches, now upstream: + * 0001-Revert-Emit-QScreen-availableG-g-eometryChanged-on-l.patch +- Pass -confirm-license option, drop duplicates +- BuildRequire xcb-util + +- Add patch to avoid coredumps with missing display: + * 0001-Avoid-SIGABRT-on-platform-plugin-initialization-fail.patch -- Add patch to fix issues when both - /usr/include/qt5/QtGui/qopenglext.h and /usr/include/GLES3/gl3.h - are included since they defined GLintptr, GLsizeiptr, etc. - differently at least in i586 (bsc#1176130): - * 0001-Change-qopenglext-to-match-official-Khronos-headers.patch - -- Fix various issues discovered by fuzzing: - * 0001-Avoid-converting-supersized-QRectF-to-QRect.patch - * 0002-Multiply-instead-of-shifting.patch - * 0003-Fix-buffer-overflow.patch - * 0004-Check-returns-of-hex2int-in-get_hex_rgb.patch - * 0005-Sanitize-lengthValue-in-CSS-parser.patch - * 0006-QBezier-Don-t-try-calculating-a-unit-vector-when-len.patch - * 0007-Avoid-potential-ub-in-corrupt-bmp-file.patch -- Make handling of XDG_RUNTIME_DIR more secure (bsc#1172515): - * 0008-wasm-disable-XDG_RUNTIME_DIR-warning.patch - * 0009-QStandardPaths-Correct-handling-for-XDG_RUNTIME_DIR.patch - * 0010-QStandardPaths-Unix-improve-the-XDG_RUNTIME_DIR-crea.patch -- Fix buffer overflow in XBM parser (bsc#1176315, CVE-2020-17507): - * 0011-Fix-buffer-overflow-in-XBM-parser.patch - -- Add patch to fix possible crash in certificate parsing: - * 0001-q_getTimeFromASN1-fix-invalid-access.patch -- Add patch to fix DoS in QSslSocket (bsc#1172726, CVE-2020-13962): - * 0002-OpenSSL-handle-SSL_shutdown-s-errors-properly.patch - -- Add patch to support PostgreSQL 12 (boo#1173758): - * 0001-QPSQL-Add-support-for-PostgreSQL-12.patch - -- Fix builds of packages using qt5_make_output_file, e.g. FreeCAD. - * Fix-qt5_make_output_file-macro-for-paths-containing-dots.patch +- Silence xcb errors and qml connection warnings by default, see + boo#1115541 (xcb) and kde#418793. + +- Remove some no longer required build dependencies: libpulse, + alsa (now used via QtMultimedia), libmng (obsolete). + +- Revert commit to fix screen geometry on startup (boo#1176750, QTBUG-86604): + * 0001-Revert-Emit-QScreen-availableG-g-eometryChanged-on-l.patch -- Update to 5.12.7: +- Update to 5.15.1: + * Fixes CVE-2020-17507, bsc#1176315 - http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.12.7/?h=v5.12.7 + http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.15.1/?h=5.15.1 - * 0001-Do-not-load-plugin-from-the-PWD.patch - * 0003-QLibrary-Unix-do-not-attempt-to-load-a-library-relat.patch -- Refresh patches: - * 0002-Revert-qtlite-Fix-build-libs-with-no-feature-regular.patch + * 0001-Do-not-multithread-if-already-in-a-global-threadpool.patch + * 0001-Fix-QToolButton-menus-showing-on-primary-screens-in-.patch +- Adjust fix-build-openssl-1.1.0.patch + +- Add patch to prevent stuck image conversion (boo#1172599, QTBUG-84619): + * 0001-Do-not-multithread-if-already-in-a-global-threadpool.patch + +- Add patch to fix tool menu placement (boo#1172754, QTBUG-84462): + * 0001-Fix-QToolButton-menus-showing-on-primary-screens-in-.patch + +- Add patch to avoid behaviour change causing crashes (kde#419526): + * 0001-Revert-QMenu-hide-when-a-QWidgetAction-fires-the-tri.patch + +- Update to 5.15.0: + * No changelog available + +- Update to 5.15.0-rc2 + * No changelog available -- Add patches to avoid loading plugins from CWD (bsc#1161167, CVE-2020-0569): - * 0001-Do-not-load-plugin-from-the-PWD.patch - * 0002-Doc-QPluginLoader-remove-the-claim-we-search-the-cur.patch -- Same again, just in a different place (bsc#1162191, CVE-2020-0570): - * 0003-QLibrary-Unix-do-not-attempt-to-load-a-library-relat.patch +- Update to 5.15.0-rc: + * New bugfix release + * For the changes between 5.14.2 and 5.15.0 please see: + http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.15.0/?h=5.15.0 +- Drop patches, now upstream: + * 0001-QTextMarkdownImporter-fix-use-after-free-add-fuzz-ge.patch +- Add patch to fix build on Leap 15.1: + * fix-build-openssl-1.1.0.patch + +- Add patch to fix use-after-free (boo#1170582, CVE-2020-12267): + * 0001-QTextMarkdownImporter-fix-use-after-free-add-fuzz-ge.patch + +- Update to 5.15.0-beta4: + * New bugfix release + * No changelog available + * Qt incorrectly calls SSL_shutdown() in OpenSSL mid-handshake + causing denial of service in TLS applications (bsc#1172726, + CVE-2020-13962, QTBUG-83450) -- Update to 5.12.6: +- Update to 5.15.0-beta3: + * No changelog available +- Add patch to fix build on Leap 15.1: + * 0001-Lower-required-version-of-OpenSSL-to-1.1.0.patch + +- Update to 5.15.0-beta2: + * New bugfix release + * No changelog available + +- Update to 5.15.0-beta1: + * New bugfix release + * No changelog available + +- Update to 5.15.0-alpha: + * New feature release - * http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.12.6/?h=v5.12.6 -- Drop patch, with the fix for QTBUG-73021 it shouldn't be necessary anymore: - * 0001-Revert-QWidgetWindow-Immediately-forward-close-event.patch + https://wiki.qt.io/New_Features_in_Qt_5.15 +- Replace patches with single patch + 0001-Don-t-white-list-recent-Mesa-versions-for-multithrea.patch: + * 0001-Revert-Blacklist-nouveau-and-llvmpipe-for-multithrea.patch + * 0002-Revert-qtlite-Fix-build-libs-with-no-feature-regular.patch: + * 0003-Revert-White-list-more-recent-Mesa-version-for-multi.patch +- Refresh 0002-Synthesize-Enter-LeaveEvent-for-accepted-QTabletEven.patch -- Add patch to fix crash when running libQt5Core5.so.5 as executable - (boo#1155955): - * 0001-Fix-crash-when-running-QtCore-Stack-is-misaligned-on.patch +- Update to 5.14.1: + * New bugfix release + * Fixes CVE-2020-0570, bsc#1161167, bsc#1162191, QTBUG-81272 + * For more details please see: + http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.14.1/?h=v5.14.1 +- Drop patch, should be addressed by applications meanwhile: + * 0001-Revert-Always-escape-the-table-names-when-creating-t.patch +- Drop patches, now upstream: + * 0001-Revert-Fix-text-rendering-regression-on-semi-transpa.patch + * 0002-Revert-Fix-crash-with-gamma-corrected-text-blending-.patch + * 0003-Revert-Handle-transparent-pen-color-in-fast-text-pat.patch + +- Update license tag + +- Add patches to avoid regression with rendering of translucent text + (QTBUG-80982): + * 0001-Revert-Fix-text-rendering-regression-on-semi-transpa.patch + * 0002-Revert-Fix-crash-with-gamma-corrected-text-blending-.patch + * 0003-Revert-Handle-transparent-pen-color-in-fast-text-pat.patch + +- Update to 5.14.0: + * New bugfix release + * For the changes between 5.13.2 and 5.14.0 please see: + https://code.qt.io/cgit/qt/qtbase.git/tree/dist/changes-5.14.0?h=v5.14.0 + * For the changes between 5.13.1 and 5.13.2 please see: + https://code.qt.io/cgit/qt/qtbase.git/tree/dist/changes-5.13.2?h=v5.14.0 -- Update to 5.12.5: +- Update to 5.14.0-rc: + * No changelog available - * http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.12.5/?h=5.12.5 -- Refresh patches: - * libqt5-Fix-Gujarati-font.patch - * disable-rc4-ciphers-bnc865241.diff - * tell-the-truth-about-private-api.patch - * libqt5-prioritise-gtk2-platformtheme.patch + * For more details about Qt 5.14 please see: + https://wiki.qt.io/New_Features_in_Qt_5.14 +- Drop patch, Qt behaviour changed now and applications can deal with + it meanwhile: + +- Update to 5.14.0-beta3: + * New bugfix release + * No changelog available +- Drop libqt5-Fix-Gujarati-font.patch, didn't apply anymore: + * Was probably fixed upstream a loooong time ago (QTBUG-44568) + +- Update to 5.14.0-beta2: + * New bugfix release + * No changelog available + * Fix segfaults due to unaligned stack in QtCore5 (bsc#1155955) + * Add support for PostgreSQL 12 (bsc#1173758) +- Refresh patches: + * 0001-Revert-Always-escape-the-table-names-when-creating-t.patch + +- Update to 5.14.0-beta1: + * New bugfix release + * No changelog available +- Drop patches, now upstream: + * 0001-tslib-plugin-remove-debug-print-on-old-tslib-version.patch + * 0001-QWidget-setFocusProxy-adjust-focus-widget-properly.patch + +- Disable relocatability, it breaks /usr/lib/sse2 (QTBUG-78948) + +- Update to 5.14.0-alpha: + * New feature release + * No changelog available + * For more details about Qt 5.14 please see: + https://wiki.qt.io/New_Features_in_Qt_5.14 +- Refresh patches: + * 0001-Add-remote-print-queue-support.patch +- Drop patches, don't apply anymore after upstream refactoring and the + main bug for them seems fixed: - * qapplication-emit-palettechanged.patch +- Drop patches, now upstream: + * 0001-Fix-notification-of-QDockWidget-when-it-gets-undocke.patch + * 0001-Fix-CMake-config-files-for-libdir-different-from-lib.patch - * 0001-Revert-Blacklist-nouveau-and-llvmpipe-for-multithrea.patch - * 0002-Revert-qtlite-Fix-build-libs-with-no-feature-regular.patch - * 0003-Revert-White-list-more-recent-Mesa-version-for-multi.patch - * 0002-Synthesize-Enter-LeaveEvent-for-accepted-QTabletEven.patch +- Enable zstd support again, issues got fixed upstream meanwhile +- Add patch to fix build against older tslib: + * 0001-tslib-plugin-remove-debug-print-on-old-tslib-version.patch + +- Add patch to fix focus in some cases (QTBUG-77364): + * 0001-QWidget-setFocusProxy-adjust-focus-widget-properly.patch + +- Update to 5.13.1: + * New bugfix release + * For more details please see: + * http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.13.1/?h=v5.13.1 +- Refresh patches: + * 0002-xcb-Use-the-screen-s-physical-DPI-as-logical-DPI-unl.patch +- Drop patches, now upstream: + * 0001-Decrease-focusInTimer-timer-from-400-to-200.patch + * 0003-Add-an-ID-for-recognition-of-UGEE-tablets.patch + * 0001-Fix-crash-with-drag-cursor-handling.patch + * 0001-Fix-meta-file-replacements-if-matches-are-empty.patch + * 0002-Do-not-write-Libs-into-.pc-files-if-TEMPLATE-is-not-.patch + * 0003-Make-sure-.pc-.prl-and-.la-files-are-created-for-hea.patch +- Replace reverts with upstream fix: + * D 0001-Revert-Fix-QMAKE_PRL_INSTALL_REPLACE-for-macOS.patch + * D 0001-Revert-qmake-link-qt-libraries-by-full-path.patch + * D 0002-Revert-Replace-absolute-Qt-lib-dir-in-.prl-files.patch + * D 0003-Revert-Fix-prl-replacements-if-libdir-is-in-QMAKE_DE.patch + * A 0001-Fix-CMake-config-files-for-libdir-different-from-lib.patch + +- Add patch to fix crash during Drag-and-Drop: + * 0001-Fix-crash-with-drag-cursor-handling.patch + +- Fix qmake pkconfig generation, broken .pc files become apparent + when switching from pkg-config to pkgconf. (QTBUG-75901) + * 0001-Fix-meta-file-replacements-if-matches-are-empty.patch + * 0002-Do-not-write-Libs-into-.pc-files-if-TEMPLATE-is-not-.patch + * 0003-Make-sure-.pc-.prl-and-.la-files-are-created-for-hea.patch + +- Add patch to work around focus issues with VirtualBox + (boo#1140084, QTBUG-76742): + * 0001-Decrease-focusInTimer-timer-from-400-to-200.patch + +- Link from Qt bindir into %_bindir, not the other way around to fix + applicationDirPath called from Qt binaries +- Add -qt5 suffix to all binaries in %_bindir + +- Add patch to restore compatibility with akonadi's PGSQL backend + (see https://bugs.archlinux.org/task/62997): + * 0001-Revert-Always-escape-the-table-names-when-creating-t.patch + +- Disable libzstd support again, it breaks various existing codebases (QTBUG-76521) + +- Update to 5.13.0: + * New bugfix release + * No changelog available + * For more details about Qt 5.13 please see: + * http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.13.0/?h=5.13 +- Remove patches, now upstream: + * 0001-Add-quoting-to-deal-with-empty-CMAKE_CXX_STANDARD_LI.patch + * 0003-Add-an-ID-for-recognition-of-UGEE-tablets.patch + +- Revert yet another commit to fix linker errors: + * 0001-Revert-qmake-link-qt-libraries-by-full-path.patch -- Update to 5.12.4: +- Enable libzstd support + +- Revert some commits in the hope of fixing some broken paths (QTBUG-76255): + * 0001-Revert-Fix-QMAKE_PRL_INSTALL_REPLACE-for-macOS.patch + * 0002-Revert-Replace-absolute-Qt-lib-dir-in-.prl-files.patch + * 0003-Revert-Fix-prl-replacements-if-libdir-is-in-QMAKE_DE.patch + +- Add patch to fix some cmake module config files (QTBUG-76244): + * 0001-Add-quoting-to-deal-with-empty-CMAKE_CXX_STANDARD_LI.patch + +- Update to 5.13.0-rc: - * For more details please see: - * http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.12.4/?h=5.12.4 + * No changelog available +- Update to 5.13.0-beta2: + * New bugfix release + * No changelog available +- Refresh Mesa multithreading whitelist revert: + * Add 0001-Revert-Blacklist-nouveau-and-llvmpipe-for-multithrea.patch + * Refresh 0002-Revert-qtlite-Fix-build-libs-with-no-feature-regular.patch + * Refresh 0003-Revert-White-list-more-recent-Mesa-version-for-multi.patch + +- Update to 5.13.0-beta1: + * New feature release + * For more details about Qt 5.13 please see: + * http://code.qt.io/cgit/qt/qtbase.git/plain/dist/changes-5.13.0/?h=5.13 + * Qt headers redefine opengl types differently than khronos headers + (bsc#1176130) +- Remove patches, now upstream: + * qapplication-emit-palettechanged.patch + * reproducible-qrc-time.patch +- Refresh Mesa multithreading whitelist revert: + * Drop 0001-Revert-Blacklist-nouveau-and-llvmpipe-for-multithrea.patch + * Refresh 0002-Revert-qtlite-Fix-build-libs-with-no-feature-regular.patch +- libQt5XcbQpa is not static, move it to libQt5Gui-private-headers-devel + libqt5-qtstyleplugins +- Add qtstyleplugins-gtksettings.patch: Align Qt with GTK settings + a bit better. +- Add qtstyleplugins-fix-deprecations.patch: Fix various Qt deprecations. +- Remove fix-build-qt5.15.patch: merge into + qtstyleplugins-fix-deprecations.patch (not distinct enough). + +- Amend patch to fix issues with platform themes providing an + incompatible palette (boo#1172658): + * fix-build-qt5.15.patch + +- Add patch to fix build against Qt 5.15: + * fix-build-qt5.15.patch + libqt5-qtsvg -- Add patches from upstream 5.12 branch (bsc#1184783, QTBUG-91507, - CVE-2021-3481): - * 0001-Handle-empty-rects.patch - * 0002-Use-QRect-isEmpty-instead-of-QRect-isNull.patch - * 0003-Fix-oom-in-QSvgTinyDocument-load.patch - * 0004-Fix-stack-overflow-in-QSvgHandler-resolveGradients.patch - * 0005-Add-error-handling-to-color-parsing.patch - * 0006-Fix-stack-overflow-in-dtor-of-QSvgTinyDocument.patch - * 0007-Don-t-divide-by-zero.patch - * 0008-Return-nullptr-instead-of-0.patch - * 0009-Avoid-endless-recursion-when-inflating-gzip.patch - * 0010-Avoid-endless-recursion-in-SvgStructureNode-bounds.patch - * 0011-Don-t-divide-by-zero.patch - * 0012-Use-qFuzzyIsNull-instead-of-isEmpty-on-QRectF.patch - * 0013-Fix-check-against-division-by-zero.patch - * 0014-Don-t-return-partially-inflated-QByteArray.patch - * 0015-Implement-basic-format-check-also-for-compressed-svg.patch - * 0016-Avoid-recursion-when-inflating-compressed-svgs.patch - * 0017-Change-classification-of-XSVG-License.patch - * 0018-Reject-corrupt-svgs-with-invalid-size.patch - * 0019-Allow-loading-SVG-files-with-a-doctype-declaration.patch - * 0020-Improve-handling-of-malformed-numeric-values-in-svg-.patch - * 0021-Clamp-parsed-doubles-to-float-representable-values.patch +- Update to version 5.15.2+kde16: + * Unconditionally stop parsing after the svg end tag + * SVG Image reading: Reject oversize svgs as corrupt + * Do stricter error checking when parsing path nodes + +- Update to version 5.15.2+kde13: + * Fix parsing of animation clock values + * Improve parsing of "r" + * Fix parsing of arc elements in paths + * Fix text x/y when the length is not in pixels + * Support font size not in pixels + * Limit font size to avoid numerous overflows + +- Switch to KDE's maintenance branch +- Update to version 5.15.2+kde7: + * Make image handler accept UTF-16/UTF-32 encoded SVGs + * Avoid buffer overflow in isSupportedSvgFeature + * Clamp parsed doubles to float representable values + * Improve handling of malformed numeric values in svg files + * Bump version + * Add changes file for Qt 5.15.2 + * Add changes file for Qt 5.12.10 +- Add patch to reset version to 5.15.2: + * 0001-Revert-Bump-version.patch +- Drop patches, now upstream: + * 0001-Improve-handling-of-malformed-numeric-values-in-svg-.patch + * 0002-Clamp-parsed-doubles-to-float-representable-values.patch + * 0003-Avoid-buffer-overflow-in-isSupportedSvgFeature.patch + * 0004-Make-image-handler-accept-UTF-16-UTF-32-encoded-SVGs.patch + +- Add commits from kde's 5.15 branch: + * 0001-Improve-handling-of-malformed-numeric-values-in-svg-.patch + * 0002-Clamp-parsed-doubles-to-float-representable-values.patch + (bsc#1184783, QTBUG-91507, CVE-2021-3481) + * 0003-Avoid-buffer-overflow-in-isSupportedSvgFeature.patch + * 0004-Make-image-handler-accept-UTF-16-UTF-32-encoded-SVGs.patch + (QTBUG-90744) -- Update to 5.12.7: +- Update to 5.15.2: - http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.12.7/?h=v5.12.7 + http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.15.2/?h=5.15.2 -- Update to 5.12.6: +- Update to 5.15.1: - * http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.12.6/?h=v5.12.6 + http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.15.1/?h=5.15.1 -- Use %license +- Update to version 5.15.0: + * No changelog available -- Update to 5.12.5: +- Update to version 5.15.0-rc2: + * No changelog available + +- Update to 5.15.0-rc: + * New bugfix release + * For the changes between 5.14.2 and 5.15.0 please see: + http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.15.0/?h=5.15.0 + +- Update to 5.15.0-beta4: + * New bugfix release + * No changelog available + +- Update to 5.15.0-beta3: + * New bugfix release + * No changelog available + +- Update to 5.15.0-beta2: + * New bugfix release + * No changelog available + +- Update to 5.15.0-beta1: + * New bugfix release + * No changelog available + +- Update to 5.15.0-alpha: + * New feature release + * For more details please see: + https://wiki.qt.io/New_Features_in_Qt_5.15 + +- Update to 5.14.1: - * http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.12.5/?h=5.12.5 + http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.14.1/?h=v5.14.1 -- Update to 5.12.4: +- Update the license tags. + +- Update to 5.14.0: + * New bugfix release + * For the changes between 5.13.2 and 5.14.0 please see: + https://code.qt.io/cgit/qt/qtsvg.git/tree/dist/changes-5.14.0?h=v5.14.0 + * For the changes between 5.13.1 and 5.13.2 please see: + https://code.qt.io/cgit/qt/qtsvg.git/tree/dist/changes-5.13.2?h=v5.14.0 + +- Update to 5.14.0-rc: + * No changelog available - * http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.12.4/?h=5.12.4 + * For more details about Qt 5.14 please see: + https://wiki.qt.io/New_Features_in_Qt_5.14 +- Drop patch, fixed upstream: + * 0001-Revert-Fix-rendering-of-SVGs-with-viewBoxes.patch + +- Update to 5.14.0-beta3: + * New bugfix release + * No changelog available + +- Update to 5.14.0-beta2: + * New bugfix release + * No changelog available + +- Update to 5.14.0-beta1: + * New bugfix release + * No changelog available +- Add patch to avoid regression (QTBUG-78200): + * 0001-Revert-Fix-rendering-of-SVGs-with-viewBoxes.patch + +- Update to 5.14.0-alpha: + * New feature release + * No changelog available + * For more details about Qt 5.14 please see: + https://wiki.qt.io/New_Features_in_Qt_5.14 + +- Update to 5.13.1: + * New bugfix release + * For more details please see: + * http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.13.1/?h=v5.13.1 + +- Update to 5.13.0: + * New bugfix release + * No changelog available + * For more details about Qt 5.13 please see: + * http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.13.0/?h=5.13 + +- Update to 5.13.0-rc: + * New bugfix release + * No changelog available + +- Update to 5.13.0-beta2: + * New bugfix release + * No changelog available +- Update to 5.13.0-beta1: + * New feature release + * For more details about Qt 5.13 please see: + * http://code.qt.io/cgit/qt/qtsvg.git/plain/dist/changes-5.13.0/?h=5.13 + libqt5-qttranslations -- Update to 5.12.7: +- Update to version 5.15.2+kde22: + * fix pt_BR meta catalog + * rename (outdated) qt_pt.ts => qt_pt_PT.ts + +- Switch to KDE's maintenance branch +- Update to version 5.15.2+kde20: + * prune bogus comment from linguist_nl + * Update pt_BR translations for 5.15 branch + * Remove obsolete entries from zh_CN translations + * Add initial translation for Norwegian Nynorsk + * l10n: zh_TW: update translations + * update chinese simplifid language for qt5.12 + * Add dutch (nl) files and partial translations + * Split and update Persian translations + * Add pt_BR translations for 5.12 + * Bump version + * Bump version + * Bump version + * Bump version + * add croatian translation + * Bump version + * fix translation of "discard" in italian +- Add patch to reset version to 5.15.2: + * 0001-Revert-Bump-version.patch + +- Update to 5.15.2: + * New bugfix release + * For more details please see: + http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.15.2/?h=5.15.2 + +- Update to 5.15.1: + * New bugfix release + * For more details please see: + http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.15.1/?h=5.15.1 + +- Update to version 5.15.0: + * No changelog available + +- Update to version 5.15.0-rc2: + * No changelog available + +- Update to 5.15.0-rc: + * New bugfix release + * For the changes between 5.14.2 and 5.15.0 please see: + http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.15.0/?h=5.15.0 + +- Update to 5.15.0-beta4: + * New bugfix release + * No changelog available + +- Update to 5.15.0-beta3: + * New bugfix release + * No changelog available + +- Update to 5.15.0-beta2: + * New bugfix release + * No changelog available + +- Update to 5.15.0-beta1: + * No changelog available + +- Update to 5.15.0-alpha: + * New feature release - http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.12.7/?h=v5.12.7 + https://wiki.qt.io/New_Features_in_Qt_5.15 -- Update to 5.12.6: +- Update to 5.14.1: - * http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.12.6/?h=v5.12.6 + http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.14.1/?h=v5.14.1 + +- Update the license tag. -- Update to 5.12.5: +- Update to 5.14.0: + * For the changes between 5.13.2 and 5.14.0 please see: + https://code.qt.io/cgit/qt/qttranslations.git/tree/dist/changes-5.14.0?h=v5.14.0 + * For the changes between 5.13.1 and 5.13.2 please see: + https://code.qt.io/cgit/qt/qttranslations.git/tree/dist/changes-5.13.2?h=v5.14.0 + +- Update to 5.14.0-rc: + * New bugfix release + * No changelog available - * http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.12.5/?h=5.12.5 + * For more details about Qt 5.14 please see: + https://wiki.qt.io/New_Features_in_Qt_5.14 + +- Update to 5.14.0-beta3: + * New bugfix release + * No changelog available + +- Update to 5.14.0-beta2: + * New bugfix release + * No changelog available + +- Update to 5.14.0-beta1: + * New bugfix release + * No changelog available + +- Update to 5.14.0-alpha: + * New feature release + * No changelog available + * For more details about Qt 5.14 please see: + https://wiki.qt.io/New_Features_in_Qt_5.14 -- Update to 5.12.4: +- Update to 5.13.1: - * http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.12.4/?h=5.12.4 + * http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.13.1/?h=v5.13.1 + +- Update to 5.13.0: + * New bugfix release + * No changelog available + * For more details about Qt 5.13 please see: + * http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.13.0/?h=5.13 + +- Update to 5.13.0-rc: + * New bugfix release + * No changelog available + +- Update to 5.13.0-beta2: + * New bugfix release + * No changelog available +- Update to 5.13.0-beta1: + * New feature release + * For more details about Qt 5.13 please see: + * http://code.qt.io/cgit/qt/qttranslations.git/plain/dist/changes-5.13.0/?h=5.13 + librsvg +- Update to version 2.52.5: + + Fix mangled output in rsvg-convert when redirecting output to + a pipe on Windows. + + When outputting to SVG, rsvg-convert now uses the width/height + units specified in the command line; it always used pixels + before. + + Fix incorrect top/left margins for SVG/PS/EPS/PDF output. + + Fix incorrect placement of glyphs when text has non-uniform + scaling in the X/Y axes. This is not a librsvg bug, but is + fixed by Pango 1.49.3 and later. Hopefully Pango 1.48.11 will + be released soon with this fix as well. Note that this release + of librsvg cannot increase the minimum Pango version to 1.48.11 + because it is not released yet. + + Miscellaneous: Updated crate dependencies: assert_cmd, cast, + clap cssparser, float-cmp, itertools, nalgebra, png, proptest, + rctree, selectors, system-deps. + libselinux +- Update to version 3.1: + * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were + removed. All userspace object managers should have been updated to use the + dynamic class/perm mapping support. + Use string_to_security_class(3) and string_to_av_perm(3) to map the class + and permission names to their policy values, or selinux_set_mapping(3) to + create a mapping from class and permission index values used by the + application to the policy values. + * Removed restrictions in libsepol and checkpolicy that required all declared + initial SIDs to be assigned a context. + * Support for new policy capability genfs_seclabel_symlinks + * selinuxfs is mounted with noexec and nosuid + * `security_compute_user()` was deprecated + +- Added skip_cycles.patch to skip directory cycles and not error + out + libsemanage +- Add /var/lib/selinux + +- Remove libsemanage-update-map-file.patch to prevent checkers from declining + the submission. Keeping the snippet in the spec file in case we try to + enable LTO again + +- Update to version 3.1 + * Improved manpage + * fsync final files before rename + +- Disabled LTO again. This breaks e.g. shadow and also other packages + in security:SELinux + +- Fix build with LTO: [bsc#1133102] + * Enable LTO (Link Time Optimization) and build with -ffat-lto-objects + * Update map file to include new symbols and remove wildcards +- Add libsemanage-update-map-file.patch + +- Drop suse_path.patch: replace it with a grep/sed logic replacing + /usr/libexec in all files with the correct value for all distros + (taking into account that openSUSE is in progress of migrating + from /usr/lib to /usr/libexec). + +- Apply suse_path.patch only for older distributions. Newer + use libexec + libsepol +- Update to version 3.1 + * Add support for new polcap genfs_seclabel_symlinks + * Initialize the multiple_decls field of the cil db + * Return error when identifier declared as both type and attribute + * Write CIL default MLS rules on separate lines + * Sort portcon rules consistently + * Remove leftovers of cil_mem_error_handler + * Drop remove_cil_mem_error_handler.patch, is included + +- Enable -fcommon in order to fix boo#1160874. + libsndfile +- Fix heap buffer overflow in flac_buffer_copy (CVE-2021-4156, + bsc#1194006): + libsndfile-CVE-2021-4156.patch + libstorage-ng +- merge gh#openSUSE/libstorage-ng#857 +- add support for RAID metadata versions 1.1 and 1.2 (for bsc#1168914) +- improved integration test for RAIDs +- 4.4.76 + +- merge gh#openSUSE/libstorage-ng#856 +- added python-rpm-macros to build requires (bsc#1194759) +- 4.4.75 + +- Translated using Weblate (Italian) (bsc#1149754) +- 4.4.74 + +- Translated using Weblate (Indonesian) (bsc#1149754) +- 4.4.73 + +- Translated using Weblate (Portuguese (Brazil)) (bsc#1149754) +- 4.4.72 + +- merge gh#openSUSE/libstorage-ng#855 +- made some memory handling exception safe +- coding style +- 4.4.71 + +- merge gh#openSUSE/libstorage-ng#854 +- use make_shared instead of new when creating actions for the + actiongraph +- 4.4.70 + +- merge gh#openSUSE/libstorage-ng#853 +- added const +- 4.4.69 + +- merge gh#openSUSE/libstorage-ng#852 +- added Luks::reset_activation_infos() + +- Translated using Weblate (Japanese) (bsc#1149754) + +- Translated using Weblate (Catalan) (bsc#1149754) + +- Translated using Weblate (Slovak) (bsc#1149754) + +- merge gh#openSUSE/libstorage-ng#851 +- updated pot and po files +- 4.4.68 + +- merge gh#openSUSE/libstorage-ng#850 +- extended callbacks for probing problems +- 4.4.67 + +- merge gh#openSUSE/libstorage-ng#849 +- added get_size function to LuksInfo +- coding style +- 4.4.66 + +- Translated using Weblate (Japanese) (bsc#1149754) +- 4.4.65 + +- Translated using Weblate (Slovak) (bsc#1149754) +- 4.4.64 + +- Translated using Weblate (Catalan) (bsc#1149754) + libteam +- teamd: better handle failures to chown(TEAMD_RUN_DIR) during + teamd_drop_privileges() (bsc#1185424) + [+ better_handle_failures_to_chown.patch] + -- Update to new upstream release 1.11 - * add support for TIPC link watcher - * teamd quits when the device is removed - * teamd: add support for checking multiple ports IFLA_PHYS_PORT_ID - -- Update to new upstream release 1.5 - * lacp: introduce multiple aggregator selection policies - * lacp: allow to have multiple functions to find out which port - is better - * lacp: introduce agg select policy based on per-port config - options - * teamd: introduce simple SR-IOV support - * lacp: do not set state disable if driver does not report speed - and duplex - * teamd: add support for multicast group rejoin sending - * utils: add bond2team conversion tool - -- Update to new upstream release 1.0 - - (no changes summary provided; this is the first tarball release) - -- Update to git snapshot 0+git368 [a62cd9309607c6d72d46ef68403a730a6367b827] - - no changes summary provided by upstream -- Install systemd service file for teamd -- Build and install python bindings - -- Initial package for build.opensuse.org - libthai +- Update to version 0.1.29. + * Rewritten thbrk test. + * More compliance with UAX#14 (Unicode Line Breaking Algorithm) + for thbrk. + * Fix a typo in TIS-620 character name in tis.h. + * Updated word break dictionary. + -- Update to version 0.1.21: - + Updated word break dictionary. - + Improve word breaking performance by 8.61%. - libyui +- Made widget style sheet (theme) switching discoverable in the Qt UI: + Added an icon button to YQWizard + (jsc#SLE-20564, bsc#1195730) + More info + screenshots: https://github.com/libyui/libyui/pull/65 +- Fixed Qt warning in y2log: QFrame '' already has a layout +- 4.3.1 + +- Added widget style sheet (theme) switching to Qt UI (jsc#SLE-20564) + with the Shift-F3 key combination + More info + screenshots: https://github.com/libyui/libyui/pull/64 +- Added UI built-in UI.AskForWidgetStyle() +- Added UI capability HasWidgetStyleSupport (for UI.GetDisplayInfo()) +- Bumped SO version to 16 +- Fixed gcc 12 warnings (GitHub issue #63) + (elevated to error by -Werror) +- 4.3.0 + +- Fix deprecated warning (elevated to error by -Werror) + for libmicrohttpd's MHD_HTTP_UNPROCESSABLE_ENTITY in rest-api + (bsc#1193956) +- 4.2.24 + +- Fixed YQPkg button redraw problem in dark SLE installation theme: + Use centered button in dialogs with QSizeGrip (bsc#1193808) +- 4.2.23 + libyui:libyui-ncurses +- Made widget style sheet (theme) switching discoverable in the Qt UI: + Added an icon button to YQWizard + (jsc#SLE-20564, bsc#1195730) + More info + screenshots: https://github.com/libyui/libyui/pull/65 +- Fixed Qt warning in y2log: QFrame '' already has a layout +- 4.3.1 + +- Added widget style sheet (theme) switching to Qt UI (jsc#SLE-20564) + with the Shift-F3 key combination + More info + screenshots: https://github.com/libyui/libyui/pull/64 +- Added UI built-in UI.AskForWidgetStyle() +- Added UI capability HasWidgetStyleSupport (for UI.GetDisplayInfo()) +- Bumped SO version to 16 +- Fixed gcc 12 warnings (GitHub issue #63) + (elevated to error by -Werror) +- 4.3.0 + +- Fix deprecated warning (elevated to error by -Werror) + for libmicrohttpd's MHD_HTTP_UNPROCESSABLE_ENTITY in rest-api + (bsc#1193956) +- 4.2.24 + +- Fixed YQPkg button redraw problem in dark SLE installation theme: + Use centered button in dialogs with QSizeGrip (bsc#1193808) +- 4.2.23 + libyui:libyui-ncurses-pkg +- Made widget style sheet (theme) switching discoverable in the Qt UI: + Added an icon button to YQWizard + (jsc#SLE-20564, bsc#1195730) + More info + screenshots: https://github.com/libyui/libyui/pull/65 +- Fixed Qt warning in y2log: QFrame '' already has a layout +- 4.3.1 + +- Added widget style sheet (theme) switching to Qt UI (jsc#SLE-20564) + with the Shift-F3 key combination + More info + screenshots: https://github.com/libyui/libyui/pull/64 +- Added UI built-in UI.AskForWidgetStyle() +- Added UI capability HasWidgetStyleSupport (for UI.GetDisplayInfo()) +- Bumped SO version to 16 +- Fixed gcc 12 warnings (GitHub issue #63) + (elevated to error by -Werror) +- 4.3.0 + +- Fix deprecated warning (elevated to error by -Werror) + for libmicrohttpd's MHD_HTTP_UNPROCESSABLE_ENTITY in rest-api + (bsc#1193956) +- 4.2.24 + +- Fixed YQPkg button redraw problem in dark SLE installation theme: + Use centered button in dialogs with QSizeGrip (bsc#1193808) +- 4.2.23 + libyui:libyui-qt +- Made widget style sheet (theme) switching discoverable in the Qt UI: + Added an icon button to YQWizard + (jsc#SLE-20564, bsc#1195730) + More info + screenshots: https://github.com/libyui/libyui/pull/65 +- Fixed Qt warning in y2log: QFrame '' already has a layout +- 4.3.1 + +- Added widget style sheet (theme) switching to Qt UI (jsc#SLE-20564) + with the Shift-F3 key combination + More info + screenshots: https://github.com/libyui/libyui/pull/64 +- Added UI built-in UI.AskForWidgetStyle() +- Added UI capability HasWidgetStyleSupport (for UI.GetDisplayInfo()) +- Bumped SO version to 16 +- Fixed gcc 12 warnings (GitHub issue #63) + (elevated to error by -Werror) +- 4.3.0 + +- Fix deprecated warning (elevated to error by -Werror) + for libmicrohttpd's MHD_HTTP_UNPROCESSABLE_ENTITY in rest-api + (bsc#1193956) +- 4.2.24 + +- Fixed YQPkg button redraw problem in dark SLE installation theme: + Use centered button in dialogs with QSizeGrip (bsc#1193808) +- 4.2.23 + libyui:libyui-qt-graph +- Made widget style sheet (theme) switching discoverable in the Qt UI: + Added an icon button to YQWizard + (jsc#SLE-20564, bsc#1195730) + More info + screenshots: https://github.com/libyui/libyui/pull/65 +- Fixed Qt warning in y2log: QFrame '' already has a layout +- 4.3.1 + +- Added widget style sheet (theme) switching to Qt UI (jsc#SLE-20564) + with the Shift-F3 key combination + More info + screenshots: https://github.com/libyui/libyui/pull/64 +- Added UI built-in UI.AskForWidgetStyle() +- Added UI capability HasWidgetStyleSupport (for UI.GetDisplayInfo()) +- Bumped SO version to 16 +- Fixed gcc 12 warnings (GitHub issue #63) + (elevated to error by -Werror) +- 4.3.0 + +- Fix deprecated warning (elevated to error by -Werror) + for libmicrohttpd's MHD_HTTP_UNPROCESSABLE_ENTITY in rest-api + (bsc#1193956) +- 4.2.24 + +- Fixed YQPkg button redraw problem in dark SLE installation theme: + Use centered button in dialogs with QSizeGrip (bsc#1193808) +- 4.2.23 + libyui:libyui-qt-pkg +- Made widget style sheet (theme) switching discoverable in the Qt UI: + Added an icon button to YQWizard + (jsc#SLE-20564, bsc#1195730) + More info + screenshots: https://github.com/libyui/libyui/pull/65 +- Fixed Qt warning in y2log: QFrame '' already has a layout +- 4.3.1 + +- Added widget style sheet (theme) switching to Qt UI (jsc#SLE-20564) + with the Shift-F3 key combination + More info + screenshots: https://github.com/libyui/libyui/pull/64 +- Added UI built-in UI.AskForWidgetStyle() +- Added UI capability HasWidgetStyleSupport (for UI.GetDisplayInfo()) +- Bumped SO version to 16 +- Fixed gcc 12 warnings (GitHub issue #63) + (elevated to error by -Werror) +- 4.3.0 + +- Fix deprecated warning (elevated to error by -Werror) + for libmicrohttpd's MHD_HTTP_UNPROCESSABLE_ENTITY in rest-api + (bsc#1193956) +- 4.2.24 + +- Fixed YQPkg button redraw problem in dark SLE installation theme: + Use centered button in dialogs with QSizeGrip (bsc#1193808) +- 4.2.23 + libzypp +- Fix handling of redirected command in-/output (bsc#1195326) + This fixes delays at the end of zypper operations, where + zypper unintentionally waits for appdata plugin scripts to + complete. +- version 17.29.4 (22) + +- Public header files on older distros must use c++11 + (bsc#1194597) +- Fix exception handling when reading or writing credentials + (bsc#1194898) +- version 17.29.3 (22) + +- Fix Legacy include (bsc#1194597) +- version 17.29.2 (22) + +- Fix broken install path for parser compat headers (fixes #372, + bsc#1194597) +- RepoManager: remember exec errors in exception history + (bsc#1193007) +- version 17.29.1 (22) + +- Use the default zypp.conf settings if no zypp.conf exists + (bsc#1193488) +- Fix wrong encoding of iso: URL components (bsc#954813) +- Handle armv8l as armv7hl compatible userland. +- Introduce zypp-curl a sublibrary for CURL related code. +- zypp-rpm: Increase rpm loglevel if ZYPP_RPM_DEBUG is set. +- Save all signatures associated with a public key in its + PublicKeyData. +- version 17.29.0 (22) + linux-atm +- Modernise spec file a bit: + * Move licnse to library package + * Use more of new macros for building + +- add fix-build-after-y2038-changes-in-glibc.patch + +- add linux-atm-2.5.2-remove-headers-crude-hack.patch +- switch from %doc to %license for licenses + -- fix fdleak [bnc#544223] -- remove static libraries and "la" files - -- fix build with glibc 2.10 - -- add bison and flex BuildRequires - lvm2:devicemapper +- udev: create symlinks and watch even in suspended state (bsc#1195231) + + bug-1195231-udev-create-symlinks-and-watch-even-in-suspended-sta.patch + +- starting with 12SP4 lvconvert no longer takes stripes option (bsc#1183905) + + bug-1183905_lvconvert-allow-stripes-stripesize-in-mirror-convers.patch +- LVM vgimportclone on hardware snapshot does not work (bsc#1193181) + + bug-1193181_vgimportclone_on_hardware_snapshot_does_not_work.patch + mailx +- Add patch mailx-12.5-systemd.patch to add description how to avoid + bugs like bsc#1192916 -- mailx does not send mails unless run via + strace or in verbose mode + +- fix-sendmail-name.patch: fix name argument when calling + /usr/sbin/sendmail [bsc#1180355]. + +- Updates to mailx-12.5-openssl-1.1.0f.patch + * If the openssl RNG is already + seeded (on linux it always is) skip snake-oil reeseeding from + file. Update man page accordingly. + * Update man page with information that ssl2 and ssl3 are + not only deprecated but currently unavailable and that + tls1 forces TLS 1.0 but not later versions. + * RAND_EGD is also unavailable, not just unused. + * set SSL_OP_NO_TICKET, many servers accept session + tickets, but almost never rotate them properly, TLS 1.3 + session tickets are not affected by this flag. + * When using client certificates, check if the cert and key + match each other. + +- Remove redundant %clean section. +- Replace old $RPM_* shell vars by macros. + -- Correct comment in spec file - -- Crop off the brackets of an ipv6 addresse if found (bnc#853246) - -- Add patch mailx-12.5-ipv6.dif to enable mailx to parse IPv6 addresses - including a port. We do only support the [ipv6]:port syntax (bnc#853246) - -- Do not pseudo detect Latin nor UTF-8 in binary attachments (bnc#827010) -- Add patch mailx-12.5-parentheses.dif, that is try to tranquilize - gcc due warning about parentheses (please check!) - -- buildrequire groff explicitly - -- license update: BSD-4-Clause and MPL-1.1 - See COPYING. Fedora also uses this license designation - -- Add BuildRequires on man to fix build for Factory - -- Avoid header rewrite in case of specified ttycharset in wrong - locale but subject in ttycharset (bnc#753340) - -- Try to support not only UTF-8 but also latin text encodings (bnc#753340) - -- Update to heirloom mailx 12.5 - * Better detection of base64 encoded text if acrossed a line - * A null pointer dereference that lead to a segmentation fault - when the user hit return at a yes/no question has been fixed - * When both standard input and standard output refer to a - terminal, ignore SIGPIPE - * With the "-E" command line option or if the "skipemptybody" - variable is set, outgoing messages that contain no text in - their first or only part are not sent but silently discarded. - * When an attachment that would have a "text/something" content - type contains illegal byte sequences, it is now reliably sent - out with the "application/octet-stream" content type instead - * Fixed a bug that caused messages to be truncated with IMAP servers that - use LF as line ending in message data, such as Google Mail (reported by - Matthew L. Shobe). - * Do not run filename expansion for IMAP or POP3 mailboxes names, making - it possible to select mailboxes that contain both brackets and spaces - in their names (reported by Matthew L. Shobe). - * Fixed the format of the timezone in "Date" header fields for zones in - the Western Hemisphere whose offsets are not an integral number of hours - (patch by Matthew Fischer). - * Fixed a message corruption that occurred when the "inc" command was used - with a mbox format mailbox after encrypted messages had been viewed - (reported by Martin Neitzel). - * Fixed a condition that caused mailx to hang when looking at a message, - copying that message, and issuing a "z" command evaluating an uncached - portion of an IMAP folder. - * Make it compile with OpenSSL 1.0.0-beta2 - * For RFC 2047 MIME "encoded-word" parts in headers, assume that the end of - each word resets the conversion state (Yedidyah Bar-David). - * When the ORGANIZATION variable has an empty value, do not generate an - "Organization:" header field. Previously, this condition resulted in - mailx refusing to send mail -- Fix my Reply-To patch found by milli - -- Allow mailx to compile properly when openSSL is built without - SSLv2 support. - -- only recommend smtp_daemon, mailx has builtin SMTP support - -- fix parallel make - -- fixed build issue with openssl 1.0 - -- enable parallel building - -- updated patches to apply with fuzz=0 - man-pages-zh_CN +- Update to version 1.6.3.6 + * Update translations for ulimit(3) from manpages-dev 5.10 + * Update unicode_stop(1) and unicode_start(1) from kbd 2.3.0 + * Add translation for epoll(7) + * Add coreutils 8.32 translation: od(1) and pr(1). + * Replace old fileutils ln(1) with coreutils ln(1). + * Replace old bsdutils kill(1) with coreutils kill(1). + * Some other minor improvements +- Fix URL and SourceUrl + +- update version 1.6.3.4 + * switch upstream to https://github.com/manpages-zh + which has latest coreutils translations + mozilla-nss +- Mozilla NSS 3.68.2 (bsc#1193845) + * mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses + (bmo#966856) + multipath-tools +- Update to version 0.8.8+64+suse.f265f7e0: + * libmultipath: fix printing native nvme multipath topology + (bsc#1196011) + * libmultipath: add %L path wildcard for 64-bit hex LUN + * libmultipath: support host adapter name lookup for s390x ccw bus + +- Update to version 0.8.8+60+suse.4c5922cb: + * multipathd: add suppport for FC Fabric Performance Impact + Notifications (FPIN) (bsc#1195506) + +- Version 0.8.8+57+suse.dfb672fe + * kpartx.rules: skip MD devices (bsc#1195644) + * libmultipath: hwtable: use ALUA for all LIO targets (bsc#1195649) + * multipathd.service: drop ExecStartPre for loading dm-multipath + (bsc#1195397) + +- Version 0.8.8+45+suse.628d603e + * fix handling of historical-service-time path selector (bsc#1195425) + * fix marking multipath devices as failed prematurely on startup + (bsc#1195426) + * multipathd.service: remove LimitCORE=infinity directive + This should only be enabled for debugging. + * multipathd.service: don't load scsi_dh modules (bsc#1195397) + This is done via modules-load.d functionality on (open)SUSE +- Upstream fixes: + * Fix claiming of paths with "find_multipaths strict" + * Avoid unnecessary read-only reloads + +- Version 0.8.8+13+suse.79c3556f + * code-wise identical to 0.8.8+38+suse.2bdd3a14 + (previous version number was too high by mistake) + nano +- GNU nano 5.9: + * The extension of a filename is added to the name of a + corresponding temporary file, so that spell checking a C file, + for example, will check only the comments and strings + (when using 'aspell'). + * The process number is added to the name of an emergency save + file, so that when multiple nanos die they will not fight over + a filename. + * Undoing a cutting operation will restore an anchor that was + located in the cut area to its original line. + * When using --locking, saving a new buffer will create a lock + file. + * Syntax highlighting for YAML files has been added + +- GNU nano 5.8: + * After a search, the spotlighting is dropped after 1.5 seconds + (0.8 seconds with --quick) to avoid the idea that the text is + selected. + * A + and a space before a filename on the command line will put + the cursor at the end of the corresponding buffer. + * Linter messages no longer include filename and line/column + numbers. + * Color name "grey" or "gray" can be used instead of "lightblack" + * The color of the minibar can be chosen with 'set minicolor'. + +- GNU nano 5.7: + * The output of --constantshow (without --minibar) is more stable + * When opening multiple buffers and there is an error message, + this message is shown again upon first switch to the relevant + buffer + * The position and size of the indicator now follow actual + lines, instead of visual lines when in softwrap mode, meaning + that the size of the indicator can change when scrolling in + softwrap mode + +- Fox signature sources +- Drop no longer needed scriplets + +- GNU nano 5.6.1: + * Search matches are properly colorized in softwrap mode too + * Option 'highlightcolor' has been renamed to 'spotlightcolor' + +- GNU nano 5.6: + * A search match gets highlighted (in black on yellow by + default), in addition to placing the cursor at the start of + the matchA. The color combination can be changed with + 'set highlightcolor'. By default the cursor is hidden until the + next keystroke, but it can be forced on with --showcursor / + 'set showcursor'. + * Option --markmatch / 'set markmatch' has been removed + * Cursor position and character code are displayed in the + minibar only when option --constantshow / 'set constantshow' + is used, and their display can be toggled with M-C + * The state flags are displayed in the minibar only when option + - -stateflags / 'set stateflags' is used + +- GNU nano 5.5: + * Option 'set minibar' to suppress the title bar and show a bar + with basic information + * 'set promptcolor' can configure the prompt bar + * 'set markmatch' highlights the result of a successful search + * AThe bindable toggle 'nowrap' has been renamed to + 'breaklonglines' + * Support for Slang has been removed + +- Install a useful default nanorc configuration +- Enable useful extra definitions for syntax highlighting + +- GNU nano 5.4: + * Moving the cursor now skips over combining characters (an + other zero-width characters) + * Deleting a character deletes also any succeeding zero-width + characters but backspacing deletes just one character at a time + +- GNU nano 5.3: + * Option 'set stateflags' makes nano show the state of auto-indenting, + the mark, hard-wrapping, macro recording, and soft-wrapping in the + title bar. The flags take the place of "Modified", and a modified + buffer is instead indicated by an asterisk (*) after its name. + * Nano no longer by default tries using libmagic to determine the type + of a file (when neither filename nor first line gave a clue), because + in most cases it is a waste of time. It requires using the option + - -magic or -! or 'set magic' to make nano try libmagic. + * The color of the indicator can be changed with 'set scrollercolor'. + +- GNU nano 5.2: + * Making certain replacements after a large paste does not crash + * Hitting a toggle at the Search prompt does not clear the answer + * Using --positionlog does not complain at the first start + * A macro containing a Search command will not sometimes fail + +- GNU nano 5.1: + * Make M-Bsp (Alt+Backspace) delete a word backwards + * Make M-[ bindable + * Fix crash on first keystroke in an empty buffer --indicator + and --softwrap + * Fix crash when invoking the formatter while text is marked + * In UTF-8 locales, an anchor is shown as a diamond + +- GNU nano 5.0: + * With --indicator (or -q or 'set indicator') nano will show a kind + of scrollbar on the righthand side of the screen to indicate where + in the buffer the viewport is located and how much it covers. + * With any line can be "tagged" with an anchor, and + and will jump to the nearest anchor. + When using line numbers, an anchor is shown as "+" in the margin. + * The Execute Command prompt is now directly accessible from the + main menu (with ^T, replacing the Spell Checker). The Linter, + Formatter, Spell Checker, Full Justification, Suspension, and + Cut-Till-End functions are available in this menu too. + * On terminals that support at least 256 colors, nine new color + names are available: pink, purple, mauve, lagoon, mint, lime, + peach, orange, and latte. These do not have lighter versions. + * For the color names red, green, blue, yellow, cyan, magenta, + white, and black, the prefix 'light' gives a brighter color. + Prefix 'bright' is deprecated, as it means both bold AND light. + * All color names can be preceded with "bold," and/or "italic," + (in that order) to get a bold and/or italic typeface. + * With --bookstyle (or -O or 'set bookstyle') nano considers any + line that begins with whitespace as the start of a paragraph. + * Refreshing the screen with ^L now works in every menu. + * In the main menu, ^L also centers the line with the cursor. + * Toggling the help lines with M-X now works in all menus except + in the help viewer and the linter. + * At a filename prompt, the first lists the possibilities, + and these are listed near the bottom instead of near the top. + * Bindable function 'curpos' has been renamed to 'location'. + * Long option --tempfile has been renamed to --saveonexit. + * Short option -S is now a synonym of --softwrap. + * The New Buffer toggle (M-F) has become non-persistent. Options + - -multibuffer and 'set multibuffer' still make it default to on. + * Backup files will retain their group ownership (when possible). + * Data is synced to disk before "... lines written" is shown. + * The raw escape sequences for F13 to F16 are no longer recognized. + * Distro-specific syntaxes, and syntaxes of less common languages, + have been moved down to subdirectory syntax/extra/. The affected + distros and others may wish to move wanted syntaxes one level up. + Syntaxes for Markdown, Haskell, and Ada were added. + +- GNU nano 4.9.3: + * fix a crash when the terminal screen is resized while at a + lock-file prompt + net-snmp +- Fix LFH violation during v3 user creation (bsc#1181591). + Add net-snmp-5.7.3-fix-create-v3-user-outfile.patch + +- Fix hrStorage autofs objects timeout problems (bsc#1179699, bsc#1145864). + Add net-snmp-5.7.3-host-mib-skip-autofs-entries.patch + Add net-snmp-5.7.3-fix-missing-mib-hrStorage-indexes.patch +- Fix NSS mounted volumes in hrStorageDescr (bsc#1100146). + Add net-snmp-5.7.3-recognize-nss-pools-and-nss-volumes-oes.patch +- Fix subagent crash at save_set_var() (bsc#1178021). + Add net-snmp-5.7.3-subagent-set-response.patch +- Fix subagent data corruption (bsc#1178351, bsc#1179009). + Add net-snmp-5.7.3-fix-subagent-data-corruption.patch + +- Fix output for high memTotalReal RAM values (bsc#1152968). + Add net-snmp-5.7.3-ucd-snmp-mib-add-64-bit-mem-obj.patch + +- Make extended MIB read-only (bsc#1174961, CVE-2020-15862). + Add net-snmp-5.7.3-make-extended-mib-read-only.patch + +- Add Lustre filesystem support (bsc#1140341, jsc#SLE-6120). + Add net-snmp-5.7.3-add-lustre-fs-support.patch +- Add info about the original agent which triggered the trap. + When the trap is forwarded there was no info about the original + agent (bsc#1116807). + Add net-snmp-5.7.3-snmptrapd-add-forwarder-info.patch +- Fix missing sysconfig files creation (bsc#1108471). + +- Fix remote DoS in agent/helpers/table.c (bsc#1111122, CVE-2018-18065) + Add net-snmp-5.7.3-helpers-table-skip-if-next-handler-called.patch +- swintst_rpm: Protect against unspecified Group name (bsc#1102775) + Add net-snmp-5.7.3-swintst_rpm-Protect-against-unspecified-Group-name.patch +- Add tsm and tlstm MIBs and the USM security module. (bsc#1081164) +- Fix agentx freezing on timeout (bsc#1027353) + Add net-snmp-fix-agentx-freezing-on-timeout.patch + nfs-utils +- Add 0020-mountd-Initialize-logging-early.patch + If an error or warning message is produced before + closeall() is called, mountd gets confused and doesn't work. + (bsc#1194661) + nvme-cli -- Allow -1 as ctrl_loss_tmo value (bsc#1192348) - * add 0013-nvme-cli-ctrl-loss-tmo-should-accept-1-as-value.patch -- Fix segfauls while discovering (bsc#1191935) - * add 0014-Input-expects-device-name-without-dev.patch - * add 0015-fabrics-fix-nvme-discover-segfault-if-sysfs-path-is-.patch - * add 0016-fabrics-Only-free-initialized-valued-on-exit.patch - * add 0017-nvme-print-add-discovery-async-event-config-field.patch - * add 0018-fabrics-fix-nvme-connect-segfault-if-transport-type-.patch -- Context udpate - * refresh 0004-nvme-topology-no-error-message-when-openeing-of-cont.patch -- Adding missing hunk (bsc#1182591) - * update 0001-fabrics-ensure-zero-kato-for-non-persistent-controllers.patch -- Use pkg-config for libuuid dependency setup - * add 0103-build-use-pkg-config-for-libuuid-detection.patch - -- Fix failures during 'nvme list' (bsc#1186719) - * add 0005-nvme-ioctl-return-1-on-failure-from-nvme_get_nsid.patch - * add 0006-nvme-topology-scan-all-controllers-in-scan_subsystem.patch -- Permit integer as KATO argument (bsc#1182591) - * add 0007-fabrics-permit-kato-int-argument-for-discovery-contr.patch -- Skip connect if transport type doesn't match (bsc#1187287 bsc#1187860) - * add 0008-fabrics-skip-connect-if-transport-type-doesn-t-match.patch -- Ignore non live controllers when scanning subsystems (bsc#1186719 bsc#1187287) - * add 0009-nvme-topology-fix-controller-check-in-scan_subsystem.patch -- Remove UUID validation heuristic (bsc#1187890) - * add 0010-gen-hostnqn-Remove-UUID-validation-heuristic.patch - * update 0102-nvme-cli-Add-script-to-determine-host-NQN.patch -- Do not segfault when controller is not available (bsc#1189046) - * add 0011-nvme-print-fix-nvme-list-segfault-if-controller-is-u.patch -- Use correct default port for discovery (bsc#1189195 bsc#1187858) - * add 0012-fabrics-add-default-port-number-for-NVMe-TCP-I-O-con.patch - -- Do not print error message when opening controller (bsc#1186719) - * add 0004-nvme-topology-no-error-message-when-openeing-of-cont.patch - -- Add KATO fixes for NVMEoF (bsc#1182591) - * add 0001-fabrics-ensure-zero-kato-for-non-persistent-controllers.patch - * add 0002-print-device-name-when-creating-a-persistent-device.patch -- Lookup existing persistent controllers (bsc#1179825) - * add 0003-nvme-discover-lookup-existing-persistent-controllers.patch +- nvmf: Remove --matching from systemd service file (bsc#1195665) + * add 0001-nvmf-Remove-matching-from-systemd-service-file.patch + +- Fix zsh completion package depenedencies. + +- Use osc_scm to manage upstream input source. +- Fix version string. + +- Update Source URL and introduce a variable for the release canditate + version string. + +- Update to v2.0-rc0 + * Depends on libnvme + * rename harden_nvmf-connect@.service.patch to 0100-harden_nvmf-connect@.service.patch + * drop 0102-nvme-cli-Add-script-to-determine-host-NQN.patch + +- Update to version 1.16: + + Print ProductName found even if subvendor/subdevice is unknown. + + Add New fields on PEL based on NVMe 2.0a. + + nvme-cli: + - Split media units written/read into hi/lo 64 bit fields. + - Add support for new SN650 device. + - Update WDC pluging version to 1.15.3. + - fix the [data|mdata]_len param (boo#1193547). + - Add support for C3/Latency Monitor Log page parsing. + - ctrl-loss-tmo should accept -1 as value. + + nvme: add spinup control feature (fid=0x1A). + + nvme: Add Identify for CNS 08h NVMe spec 2.0a based. + + nvme: add boot partition log support. + + nvme: add support for fid supported and effects log(lid = + 0x12). + + add identify endurance group list (cns 0x19) support. + + add json support for zns report zones. + + fabrics: fix 'nvme discover' segfault if sysfs path is not + available. + +- Drop ProtectClock hardening, can cause issues if other device acceess is needed + +- Added hardening to systemd service(s) (bsc#1181400). Added patch(es): + * harden_nvmf-connect@.service.patch + +- update to 1.15 + * add NVMe MI features + * add uuid index in get and set features command + * nvme-cli: Add lsi option for get-log command + * nvme: add json output format for list_ns + * fabrics: add fast_io_fail_tmo option + * fabrics: add --host-iface option + * nvme: add latency parameter for passthru commands + * nvme: add optional copy format support id ctrl field + * nvme: add zone desc changed notice async event + * nvme: add json, binary and human readable output format for id iocs + * fabrics: print device name on connect + * nvme: add get log page 2.0 spec fields + * nvme: add the status codes from 2.0 spec + * zns: add timeout parameter for Zone Management Commands + * nvme: add CDW2 and CDW3 support for Write Zeroes and Verify Command + * nvme: add Storage Tag Check field in NVM Commands + * bash: updated completion support for latest commands and plugins + * nvme: add capacity management command support + * add identify CNS 0x18 domain list support + +- Update copyright date +- Move bash-completion into subpackage to avoid zypper + recommanding bash-completion everytime. + +- install bash-completion file in correct directory +- recommend bash-completion + +- update to 1.14 + * nvme-discover: add json output + * nvme: add support for lba status log page + * nvme: add support for endurance group event aggregate log + * nvme: add endurance group event configuration feature + * nvme: add latest opcodes for command supported and effects log + * zns: print select_all field for Zone Management Send + * print topology for NVMe nodes in kernel and path + * nvme: add support for predictable latency event aggregate log page + * nvme: add support for persistent event log page + * Show more async event config fields + +- Drop '-f' option with %service_del_postun + This option shouldn't be needed besides very few special cases. But + this package doesn't seem to belong to this category. openSUSE-build-key +- refresh the openSUSE Backports key (bsc#1193092) + - gpg-pubkey-65176565-59787af5.asc + + gpg-pubkey-65176565-61a0ee8f.asc +- removed old security key. +- replace security key with current 2020 one. + -- remove no longer used keys from (bnc#724625) -- clean up packaging for easier maintenance - openexr + fix CVE-2021-45942 [bsc#1194333], heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute + + openexr-CVE-2021-45942.patch + +- security update +- added patches openjpeg2 -- remove bogus dependency on libjpeg-devel - -- add explicit libjpeg-devel to fix build on SLE 11 - -- use pkgconfig macros -- let openjpeg2-devel only recommend openjpeg2 - -- remove bogus dependency on libgeotiff-devel and depend on - libtiff-devel -- ensure no bundled libraries are used - -- cleanup - - improve group, summary, description - - fix license - - fix build dependencies - - use optflags, don't mess with debug symbols - - fix library install path - - create main package containing codec tools - - build doxygen documentaion - - fix %post/un scriptlets for the libopenjp2-6 subpackage - - add baselibs - -- fixed make install for non suse targets - -Update to version 2.0 Final, fixed some major issues : - * support of Large JPEG2000 Files greater than 2 GBytes - * support of tile coding and decoding which allows to encode or decode only specific part of image if the file is tiled - * implements subset of the MCT part 2 - * streaming system - * improvement of the cmake build system - * adding a CDash platform to support continuous integration of the different version - * opaque pointers (opj_stream, opj_codec) have been used to simplify the API - * the library does not perform the t1 decoding of non-needed resolutions any more (increases performance) - * a lot of code has been simplified/factored in order to lower the memory consumption. - * j2k.c and jp2.c have been modified to support a simpler extension mechanism - * prefix all public and the great majority of the private symbols with opj_ to avoid conflict with external libraries - -* Initial build from SVN - openssh +- Add openssh-CVE-2021-28041-agent-double-free.patch (bsc#1183137, + CVE-2021-28041), from upstream. + openssl-1_1 +- Add a provides for openssl-has-RSA_get0_pss_params as required by + nodejs16. [bsc#1192489] + +- Backport cryptographic improvements from OpenSSL 3 [jsc#SLE-19742] + * Optimize RSA on armv8: openssl-1_1-Optimize-RSA-armv8.patch + * Optimize AES-XTS mode for aarch64: + openssl-1_1-Optimize-AES-XTS-aarch64.patch + * Optimize AES-GCM for uarchs with unroll and new instructions: + openssl-1_1-Optimize-AES-GCM-uarchs.patch + +- Add support for livepatches (jsc#SLE-20049). +- Generate ipa-clones tarball artifact when livepatching is enabled. + +- POWER10 performance enhancements for cryptography [jsc#SLE-18136] + * openssl-1_1-Optimize-ppc64.patch + perl-Bootloader +- merge gh#openSUSE/perl-bootloader#137 +- grub2 install: Support secure boot on powerpc (bsc#1192764 + jsc#SLE-18271). +- 0.937 + permissions + * setuid bit for cockpit session binary (bsc#1169614) + +- Update to version 20181225: + * drop ping capabilities in favor of ICMP_PROTO sockets (bsc#1174504) + +- Update to version 20181225: plymouth +- Update SPEC file: + Remove usermerged macro and script: + 1, currently, it blocks the building in SLE-15-SP4; + 2, plymouth already build with "without-system-root-install", + make all binary install to /usr/bin and /usr/sbin; which + fit for /user merge target. + 3, plymouth is not launched by user. and all system intergration + point are called from /usr. + 4, So no change need to do, everything already works. + Remove rm rhgb-client: + plymouth already build with "without-rhgb-compat-link", + rhgb doesn't generated from beginning. + Remove "disable-libkms": + SUSE support kms and drm very well now, plymouth works + fine with them. +- Remove plymouth-correct-runtime-dir.patch: + Use upstream build param "with-runtimedir=/run" to instead. +- Change plymouth-dracut build arch to noarch: + It only contain a script. + Change libply, libply-boot-client, libply-splash-core, + libply-splash-graphics group from Development/Libraries/C and + C++ to System/Libraries: + They are plymouth and plymouthd runtime library, which install + together with plymouth. +- Resort rpm file list. + +- Add plymouth-keep-KillMode-none.patch: Keep the plymouth-start.service + KillMode=none. The new mothod of "mixed" KillMode could not work + with current edition of systemd and will block system boot + (bsc#1177082 bsc#1184087 boo#1182145). +- Update plymouth-dracut-path.patch: Make it could apply to prior + update edition. + +- Update to version 0.9.5~git20210406.e554475: + * systemd: Add plymouth-switch-root-initramfs.service to switch back to initramfs on shutdown + * main: Add a plymouthd-fd-escrow helper + * main: Dump debug log to plymouth-shutdown-debug.log on shutdown/reboot + * main: Cleanly quit on SIGTERM + * main: Only mark plymouthd as unkillable when running from the initrd + * ply-device-manager: Don't deactivate renderers from ply_device_manager_free () + * details: Clear newly added text-display before replaying log messages + * text/tribar: Fix ply_boot_splash_hide () not clearing the terminal + * ply-text-display: Fix bottom pixels of fbcon not getting cleared + * ply-text-display: Only skip clearing the screen when tracing to a terminal + * main: Redirect stdio/stderr to null when tracing to a file + * ply-logger: Add a ply_is_tracing_to_terminal () helper + * main: Retain splash on on_show_splash() and on_hide_splash() + * ply-device-manager: Fix bad assertion + * two-step: Links against libintl.so if LNS + * The use of AM_GNU_GETTEXT_VERSION in configure.ac instructs autopoint to copy po/Makefile.in.in from the exact gettext version. It is fine if the version of gettext installed on the system has the same minor version number with the requested version, but it fails if you have a newer version of gettext because of the mismatch between autoconf macros and Makefile.in.in. + * ply-device-manager: Speed up DRM-connector probing + * ply-device-manager: add a verify_add_or_change() helper + * ply-device-manager: push udev_device_get_devnode call up into on_udev_event + * two-step: Fix unused variable compiler warning + * scripts: Remove new-object.sh + * two-step: Only create background_bgrt_fallback_image if use_firmware_background is set + * two-step: Always load the BGRT fallback image + * Fix BGRT fallback rendering + * systemd: switch to KillMode=mixed + * Use fallback image if BGRT is not supported + * client: Don't wait forever for a ping reply + * Revert "Don't wait forever for a ping reply." + * Don't wait forever for a ping reply. + * boot-server: Handle client disconnecting while trigger pending + * boot-server: Ref count the connections + * drm: Honor modes selected by the user through video= kernel cmdline argument + * use resolution of higher res monitor for window size + * Initialize the translations on start if they are available + * Use the correct key name for title and subtitle + * autogoo: use /proc/self/fd/0 instead of /dev/stdin + * configure: bump to 0.9.6 + * Apply suggestion to .gitlab-ci.yml + * ci: Add a `distcheck` step + * Add CI pipeline for Plymouth + * configure: quiet a warning + * po: drop intltool usage + * docs: fix man page cross-reference + * Rename 'percent_done' to 'fraction_done' + * main: Don't bail out of load_settings if "Theme" is missing + * main: fix mode changing before splash is shown + * main: switch log file when switching mode + * two-step: Center message text within labels if labels are centered + * drm: Do not unnecessarily get output info twice + * ply-device-manager: Only consume one udev event at a time + * two-step: Do not jump to end-animation on halt/reboot if it is disabled + * Add RemainAfterExit=yes to plymouth's systemd service files + * two-step: Add UseEndAnimation setting + * script: add Image.Crop(x, y, width, height) + * ply-throbber: Do not redraw when we need to stop throbbing on free + * ply-keymap-icon: Do not draw on free + * ply-capslock-icon: Do not draw on free + * script: add missing unref() for system update func + * themes: Drop UseFirmwareBackground=true from spinner/bgrt firmware-upgrade settings + * Fix SetSystemUpdateFunction + * event-loop: Remove ply_trace calls around the disconnect handler + * event-loop: Fix debug-log "failed to delete fd # from epoll watch list" spam + * terminal-session: Drop unnecessary grantpt() call. + * build-goo: Remove vestigial remnants of old GDM integration code. + * main: Add state variable splash_is_becoming_idle + * configure: Update bug report URL. + * drm: Remove reset_scan_out_buffer_if_needed() prototype declaration + * drm: Remove unnecessary next_node helper variable + * two-step: Remove unnecessary next_node helper variable + * Allow running plymouth-populate-initrd in a cross-compiler environment + * throbgress: Remove the throbgress plugin + * drm: Remove explicit set_scan_out_buffer() from activate() + * drm: Mark buffer as clean in ply_renderer_head_new() + * two-step: Fix wrong horizontal position of bgrt logo on left-side-up LCD panels + * two-step: Change keyboard-indicator positioning to fixed offset below dialog + * themes: spinner/bgrt: Modify password dialog to match gnome 3.34 changes + * two-step: Remove workaround for upside-down panels + * drm: Keep hw-rotation on devices with upside down LCD panels + * drm: Add get_primary_plane_rotation() helper function + * systemd-ask-password-plymouth.service.in: Do not hardcode /run path to pid file + * scripts: Add a logrotate file for /var/log/boot.log + * drm: Install our fb after drawing to it + * drm: Delay installing our framebuffer until the first draw + * configure: Make runtimedir configurable + * ply-pixel-buffer: Fix bottom edge rendering of scaled buffers + * themes: Add images for keyboard indicator support to spinner and spinfinity + * two-step: Add Keyboard layout indicator support + * capslock-icon: Draw the icon on show + * libply-splash-graphics: Add new keymap-icon control + * scripts: Add keymap-render.py script + * renderer: Add ply_renderer_get_keymap function + * terminal: add ply_terminal_get_keymap function + * key-file: Add support for non ini style config files + * x11-render-plugin: Use GTK 3.22's method to get screen size to avoid deprecate warning in compile. + * space-flares: Fix compiler warning + * ply-utils: Drop unused ply_string_has_prefix helper + * main: Use ply_kernel_command_line_get_key_value where appropriate + * ply-utils: Add ply_kernel_command_line_get_key_value helper + * two-step: Merge show_password_prompt and show_prompt into 1 function + * twp-step: Remove superflous is_hidden / is_stopped checks from on_draw + * two-step: Cleanup stop_animation function + * two-step: Group progress_animaton init together with creation + * themes: Move spinifity from the throbgress splash to the two-step splash + * two-step: Add new UseAnimation setting + * two-step: Make progress-bar location and size configurable + * two-step: Fix progress-bar not hiding when it should + * two-step: Fix progress-bar not updating on normal boot + * two-step: Fold ply_progress_animation_hide call into view_start_end_animation + * two-step: Add a capslock indicator + * two-step: Use new ply_key_file_get_* helpers to read theme file + * libply: Add ply_key_file_get_long() function + * libply: Add ply_key_file_get_double() function + * libply: Add ply_key_file_get_raw_value() helper + * libply-splash-graphics: Add new capslock-icon control + * ply-renderer: Add ply_renderer_get_capslock_state function + * terminal: add ply_terminal_get_capslock_state function + * label: Properly deal with pixel-buffers with non-upright device_rotation + * ply-device-manager: De-activate and close renderer on device hot unplug + * script: Add image tile support. + * plymouthd.defaults: Bump default DeviceTimeout to 8 seconds + * Update tr.po + * two-step: bgrt: Add workaround for desktops which do not use the golden ratio + * Revert "Merge branch 'avoid_shutdown_failure_v2' into 'master'" + * ply-utils: Drop ply_fd_can_take_data and ply_fd_may_block function Since it is from a bygone time which is no longer in use. + * ply-utils: Get rid of unused old code, drop function ply_get_max_open_fds, ply_close_open_fds, ply_close_all_fds. + * scripts: update file plymouth.spec to integrate recent fixes. + * ply-systemd-units: Drop attach-session in systemd-units to avoid the failure of unmounting separate /var during poweroff. + * two-step: Deal with buggy firmware which does not pre-rotate the bgrt image + * Revert "Merge branch 'bugfix' into 'master'" + * ply-utils: Drop ply_fd_can_take_data and ply_fd_may_block function Since it is from a bygone time which is no longer in use. + * configure: bump so name + * ply terminal session: Drop function ply_terminal_session_execute and ply_terminal_session_open_console, Since this is a feature from a bygone time which is no longer in use without ply_terminal_session_run. + * ply terminal session: Drop ply_terminal_session_run, this is a feature from a bygone time which is no longer in use + * Regenerate plymouth.pot + * two-step: Add support for firmware-splashes with rotation status bits set + * Unify all code's vi format control. Update several file's vi format control line to make it easy to maintain. + * ply-text-display.c: Correct vi format line make vi can directly edit this file without errors and make it use 8 space tabs etc. + * Add a new firmware-upgrade mode for use by fwupd + * drm: Fix tiled mode detection + * main.c: Deprecate gdm transition signal + * themes: Update spinner and bgrt background settings + * ply-pixel-buffer: Fix right and bottom edge rendering of scaled buffers + * Add support for translating the user visible strings in some themes + * Prefix Title and Subtitle theme config keywords with an underscore + * Add new reboot and system-upgrade modes + * main: Remove private ply_mode_t + * two-step: Make ProgressBarShowPercentComplete a per mode setting + * plymouthd.defaults: Change default ShowDelay to 0 + * ply-boot-splash: Do not add ply_boot_splash_update_progress timeout multiple times + * logging: Minor log-message fixes + * logging: Improve logging format + * themes: Update spinner and bgrt theme offline updates mode + * two-step: Add a per mode setting to suppress messages + * two-step: Add progress-bar support + * two-step: Add MessageBelowAnimation option + * two-step: Add support for specifying a title and sub-title in the theme file + * two-step: Add per mode settings + * two-step: Drop background_is_bgrt view_t member + * ply-progress-bar: Allow caller to specify the widgets width and height + * ply-progress-bar: Allow choosing fore- and back-ground color + * ply-progress-bar: Redraw on percentage update + * ply-label: Make sure get_width_of_control / get_height_of_control return correct values + * boot-server: fix type confusion when allocating connection object + * ply-device-manager: Handle change events for monitor hotplugging + * ply-device-manager: Consume all events in one go + * drm: Stop limiting preferred-mode picking to UEFI systems + * drm: Reset mode on display-port connected outputs with a bad link-status + * drm: Implement handle_change_event + * drm: Ensure heads are mapped before flushing them + * drm: Allow calling create_heads_for_active_connectors multiple times + * drm: Allow calling ply_renderer_head_add_connector with existing connector_id + * drm: Limit backend->resources lifetime to within query_device + * drm: Store and keep all the outputs in the backend + * drm: Add get_output_info helper function + * drm: Stop storing a pointer to drmModeConnector in ply_output_t + * drm: Stop keeing a drmModeConnector instance around + * drm: Refactor ply_renderer_head_add_connector and ply_renderer_head_new + * ply-renderer: Add ply_renderer_handle_change_event function + * ply-array: Add ply_array_contains_uint32_element function + * themes: Update spinner and bgrt diskcrypt dialog + * themes: spinner: Add watermark alignment settings + * themes: bgrt: Remove duplicate images + * plymouth-populate-initrd: Don't assume the ImageDir is the theme-dir + * two-step: Make clearing the dialog-background when using the firmware background optional + * two-step: Add support for non center alignment of the (diskcrypt) dialog + * two-step: Make the box image surrounding the unlock dialog optional + * two-step: Rename UseBGRT to UseFirmwareBackground + * libply: Add ply_key_file_get_bool function + * two-step: Use plymouth_strtod + * libply: Add ply_strtod helper + * ply-keyboard: Fix compiler warning + * device-manager: free keyboards when deactivating a renderer + * keyboard: add helper to get the keyboard's renderer, if applicable + * drm: Pick a controller for unconfigured connectors + * drm: Drop crtcs for clones for which we've picked different modes + * drm: More connector enumeration refactoring + * drm: Store tiled and rotation in ply_output_t + * drm: Refactor create_heads_for_active_connectors + * drm: Directly store the mode instead of the mode_index + * drm: Drop unused encoder_id + * two-step: Do not rotate bgrt background image for upside-down panels + * themes: Add new BGRT theme, using the firmware boot splash as background + * two-step: bgrt: Deal with quirky firmwares + * two-step: Add ACPI BGRT extension support + * two-step: Speed up background-tile drawing on HiDPI screens + * two-step: Use a pixel-buffer instead of an image for the view's background + * ply-pixel-display: Add ply_pixel_display_get_device_scale() function + * ply-pixel-buffer: Add ply_pixel_buffer_rotate_upright helper + * ply-pixel-buffer: Add ply_pixel_buffer_get/set_device_rotation helpers + * ply-pixel-buffer: Fix marking buffers as opaque when doing a solid fill + * ply-pixel-buffer: Fix fill_with_buffer fastpath when device_scale != 1 + * drm: Implement ply_renderer_get_panel_properties + * ply-renderer: Add ply_renderer_get_panel_properties function + * ply-image: Add support for loading BMPs + * ply-image: Do not assume all files are PNGs + * two-step: Fix crash asking for password with multiple heads + * spinner theme: update + * two-step: Fix animation not starting on later added heads + * ply-device-manager: Fix race causing undesired creation of non-gfx devs + * logger: Add a separator between different boot logs + * systemd-units: Also add "ConditionVirtualization=!container" in systemd-ask-password-plymouth.path.in + * configure: bump to 0.9.5 + * drm: Use preferred mode for outputs instead of current mode + * drm: Refactor ply_renderer_connector_get_rotation + * drm: Reset LUT/gamma table before the first drmModeSetCrtc call + * libply: Move kernel commandline parsing functions to libply/ply-utils + * throbber: Don't skip last frame when waiting for end. + * boot-server: free the argument and triggers + * script: fix various memory leaks + * key-file: ply_key_file_get_value returns duplicated memory, don't leak + * event-loop: fix leak in error path + * boot-splash: fix memory leak in error path + * populate-initrd: drop unused local variable + * device-manager: don't watch for udev events when deactivated + * main: ensure tty is closed on deactivate + +- Do not own /usr/share/locale (owned by filesystem): + + Split out -lang package + + Use find_lang macro to create file list for -lang package + -- Add plymouth-systemd-KillMode-mixed.patch: Backport from upstream - change plymouth systemd plymouth-start.service KillMode=mixed, - the old method is unsafe and deprecated (bnc#1177082, - bnc#1182145). - -- Add plymouth_add_RemainAfterExit_yes_to_plymouth_systemd_service.patch: - Porting from upstream to ensure all plymouth's systemd unit files - to only run once, either during boot or during shutdown/restart - (bnc#1177072). +- Fix broken use of %service_add_post and %service_del_postun. Without + any services specified, the first is a no-op, the latter will only + execute systemctl daemon-reload (boo#1179849). +- Use %ldconfig_scriptlets macro in Tumbleweed + +- Disable plymouth-ignore-serial-console.patch: + We could not totally disable serial, because S390 and some customer + are still rely on it (bnc#1180973, bnc#1181216). + +- Update to version: 0.9.5+git20201026: + Don't wait forever for a ping reply. + +- Add plymouth-disable-fedora-logo.patch: + Disable the image link which point to the fedora logo. this + modification will also avoid the failure report from build + checker. + +- Add plymouth-ignore-serial-console.patch: + Don't output in serial console for openQA need to take serial in + the test, and yast-installation prgram has a feature to install + system through it (bnc#1051692 bnc#1164123 bnc#1170906). + +- Update plymouth.spec: prepare usrmerge (boo#1029961) + +- Update to version: 0.9.5+git20200921+20778f2: + * boot-server: Handle client disconnecting while trigger pending. + * boot-server: Ref count the connections. + * drm: Honor modes selected by the user through video= kernel + cmdline argument. + * use resolution of higher res monitor for window size. + * autogoo: use /proc/self/fd/0 instead of /dev/stdin. + * main: Don't bail out of load_settings if "Theme" is missing. + * main: switch log file when switching mode. + * main: fix mode changing before splash is shown. + * two-step: Center message text within labels if labels are + centered. + * drm/kms probe speedups. + * drm: Do not unnecessarily get output info twice. + * ply-device-manager: Only consume one udev event at a time. + * two-step: Do not jump to end-animation on halt/reboot if it is + disabled. + * two-step: Add UseEndAnimation setting. + * script: add Image.Crop(x, y, width, height). + * ply-throbber: Do not redraw when we need to stop throbbing on + free. + * ply-keymap-icon: Do not draw on free. + * ply-capslock-icon: Do not draw on free. + * script: add missing unref() for system update func. + * themes: Drop UseFirmwareBackground=true from spinner/bgrt + firmware-upgrade settings. + * Fix SetSystemUpdateFunction. + * event-loop: Remove ply_trace calls around the disconnect handler. + * ply-terminal-session: Not use grantpt when the system shut down. + to avoid sytem hung up. + * build-goo: Remove vestigial remnants of old GDM integration code. +- Drop plymouth-avoid-umount-hanging-shutdown.patch: because has + been merged to upstream. + +- Remove gnu-unifont-bitmap-fonts runtime dependency, it is not + used anywhere. +- Remove unused kernel-headers and module-init-tools build deps. +- Make plymouth-scripts noarch, correct its runtime dependencies. +- Clean up spec file. - /var during shutdown period(bsc#1105688, bsc#1129386, - bsc#1134660). + /var during shutdown period(bnc#1105688, bnc#1129386, + bnc#1134660, bnc#1166601, bnc#1171971). polkit +- CVE-2021-4115: fixed a denial of service via file descriptor leak (bsc#1195542) + added CVE-2021-4115.patch + +- CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568) + added CVE-2021-4034-pkexec-fix.patch + polkit-default-privs +- Update to version 13.2+20220209.a1c561d: + * Backport kdenetwork-filesharing whitelisting (bsc#1195548) + * Backport powerdevil5 whitelisting (bsc#1195662) + +- Update to version 13.2+20220203.1f7122d: + * Backport KDE plasma5-disks (bsc#1195491) + polkit-gnome +- Add NotShowIn for Budgie desktop, it has budgie-polkit + -- Update to version 0.101: - + Return error when authentication dialog is dismissed - + Fix crashers if icons cannot be loaded - + Don't use deprecated polkit API - + Fix warnings with gcc 4.6 - + Connect to the session bus -- Changes from version 0.100: - + Make --with-gtk work with introspection - + Nuke desktop file for autostart - + Don't use a status icon for temporary authorizations - + Use avatar-default instead of stock_person - + Don't use gtk_dialog_set_has_separator - + Don't use gtk_widget_hide_all - + Add a --with-gtk configure option -- Drop polkit-gnome-OnlyShowIn.patch: this is obsolete now. -- Add as a source a .desktop file to start polkit agent: it was - removed from tarball, but we still need it. -- Use gtk3-devel BuildRequires instead of gtk2-devel, and pass - - -with-gtk=3.0 to configure to build with gtk3. - poppler -- Add 0001-Fix-opening-files-by-some-generators-that-are-a-bit-.patch: - Some PDF generators generate PDF with some wrong numbers in entry - table, but the content is still valid, this patch ignores those - problems. (bsc#1181551) +- Update to 22.01.0: + core: + * Allow local (relative to dll) fonts dir on Windows + * TextOutputDev: require more spacing between columns. + Issue #1093 + * Fix crash in Splash::gouraudTriangleShadedFill. Issue #1183 + * Fix crash when calling Form::reset() + * GfxSeparationColorSpace: Check validity of colorspace and + function. Issue #1184 + * Minor code improvements + glib: + * Include glib.h before using defines from it + * Close file descriptors on error + * Plug some memory leaks + * Replace use of deprecated g_memdup/g_time_zone_new + * Remove FD-taking functions on windows + utils: + * pdfsig: Add support for documents with passwords + * pdfsig: Fix signing with -sign if nss password is needed + +- Use gcc11 when building in SLE/Leap since a Qt6 header file + includes which was still experimental in gcc7. + +- update to 21.12.0: + * Add API to add images + * CairoOutputDev: Fix de-duping of Flate images + * Fix crash on broken files when using non-default ENABLE_ZLIB_UNCOMPRESS. Issue #393 + * Minor code improvements + * Add API for validation of signatures + * Add API to read/save to file descriptor + * pdftohtml: Reduce sensitivity of duplicate detection. Issue #1117 + * Increase C++ standard to 17 + +- Update to 21.11.0: + core: + * Fix rendering of some non-standard confirming annotations + * Support rendering of some non-standard Type3 charprocs + * TextOutputDev: Respect orientation when selecting words + * CairoOutputDev: Don't override the antialias settings from the cairo_t + * StructElement: support MCID in XObjects + * Fix detection of monospace fonts + * Ignore Adobe-Identity for non embedded CID fonts + * PageLabelInfo::labelToIndex: work on some special no style intervals + * Fix crash in malformed files + * Minor code improvements + utils: + * pdfinfo: add -url option to print all URLs in a PDF + * pdftohtml: document what zoom means in regard to DPI + qt6: + * Require Qt 6.1 + * Minor code improvements + +- Update to 21.10.0: + core: + * Add support for setting custom stamp annotations + * Add default appearance for the well known stamp names + * Correct encoding of signature's properties Reason & Location + * Splash: Fix rendering of some odd patterns + * SignatureHandler::validateCertificate: Add option to not do OCSP revocation check + * SignatureHandler::validateCertificate: Add support for AIA fetching to verify certificates + * greallocn: if memory allocation fails, free the previous pointer to avoid memory leak + * Fix issues with malformed files + utils: + * pdfsig: Add a way to list certificate nicknames + * pdfsig: You can now add signatures from pdfsig + * pdfsig: Add option to not do OCSP revocation check + * pdfsig: Add option for AIA fetching to verify certificates + * pdfinfo: Add -custom option to print custom metadata + * pdfinfo: add metadata flags + qt: + * Add support for setting custom stamp annotations + * Add getters for signature's properties Reason & Location + glib: + * Remove incorrect PopplerAttachment deprecation + +- Update to 21.09.0: + core: + * Splash: Massive speed improvement on files that use lots of save/restore (q/Q) operators + * Correct decoding of signature properties Reason & Location when they are Unicode + * Fix issues with malformed files + +- Update to 21.08.0: + core: + * Add API to allow addition and modification of outlines into a PDF + * Use additional samples to test for constant parts of an axial gradient + * forms: Create fallback fonts for some well known font names + * Support reading the PDF Version from the Catalog + * Fix XRef::copy when there are modified objects + * Take into account that Date string may be in unicode + * JBIG2Stream: Fix regression in "Do not consider a size-0 to be an error" + * Replace a local bubble sort implementation by std::sort + * Fix issues with malformed files + build system: + * Better error message when libjpeg is not found + * Better error messages when libopenjpeg2 is not found + qt5/qt6: + * Document that a document has to outlive its pages + * Make getPdfVersion return a dedicated version object + glib: + * mimick TextSelectionDumper logic change for spaceAfter + +- update to 21.07.0: + core: + * JBIG2Stream: Do not consider a size-0 to be an error. Issue #535 + * PSOutputDev: fix off-by-one error for image masking in L1/L2 output. Issue #1088 + * CairoOutputDev: Fix memory leak on broken files + * Minor code improvements + build system: + * set C standard to 11 without extensions + +- Update to 21.06.1: + core: + * Fix rendering of some extended latin1 characters in annotations. Issue #1070 + * Support some not so well formed documents with password. Issue #1083 + * Add API to get notified if the xref is reconstructed + * Add somewhat fancier left/right signature visual representation + * Fix crashes in malformed files + * Minor code improvements + qt6: + * Change some functions to return std::unique_ptr + qt5/qt6: + * Add API to get notified if the xref is reconstructed + * Add somewhat fancier left/right signature visual representation + * Don't assert when trying to invert singular matrices + build system: + * make boost opt-out if building splash + glib: + * fix poppler_rectangle_free() regression. Issue #1087 + +- Update to 21.05.0: + core: + * Fix crashes in malformed files + * Export SplashFont* symbols used by Scribus + * Minor code improvements + glib: + * Enhance find to support multi-line matching + qt5/qt6: + * Make sure new signatures are always properly oriented + * Allow to pass the border width when signing + utils: + * pdftoppm: Fix regression when using single scaleTo. +- Drop Export-SplashFont-symbols-used-by-Scribus.patch as the change + was upstreamed + +- Add Export-SplashFont-symbols-used-by-Scribus.patch to fix + scribus' PDF import plugin + +- update to 21.04.0 + core: + * Hide symbols by default + * TextSelectionDumper: fix word order for RTL text + * Fix rendering of text in some files. Issue #1052 + * Implement rendering of Masks of Image subtype. Issue #1058 + * Forms: fix unclicking standalone form buttons. Issue #1034 + glib: + * Expose more fields from MediaRendition in PopplerMedia + * Use stock glib macro to define boxed type + * Remove incorrecly used volatile from enum type registration code + qt5: + * Fix crash in files with malformed signatures + * Fix memory leak when QImage constructor "fails" + qt6: + * Fix crash in files with malformed signatures + * Fix memory leak when QImage constructor "fails" + utils: + * pdfsig: New paragraph for "-sign" in manpage + * pdfimages: Do not assert in "too big images". Issue #1061 + +- Add a Qt6 flavor to poppler + +- update to 21.03.0: + core: + * Fix parsing text in some broken pdf files. Issue #1040 + * Fix memory issue when using threads. Issue #1050 + * TextSelectionDumper: Fix getText() for space after word + * Change signature of OutputDev:tilingPatternFill + * Make PDFDocBuilder return a std::unique_ptr + * Improve well formed check for shading functions + * Fix leak in case of fread failing + * Fix memory leak in broken file in JBIG2Stream::readGenericBitmap + * PSOutputDev: Fix stack overflow in broken files + glib: + * poppler_annot_free_text_get_callout_line: Fix wrong static cast + * poppler-structure-element: fix memleak + * Improve documentation + * demo: keep same visual appearance between displayed and copied text + utils: + * pdftotext: Add -cropbox option + * pdftoppm: Add -progress option + * pdftoppm: Fix rounding bug in computation of output bitmap size. Issue #927 + qt6: + * Add missing poppler-qt6.pc.cmake + +- Update to 21.02.0: + + core: + - GfxCal*ColorSpace: introduce Bradford transform for chromatic adaptation + - Fix memory leak if saving the file fails + - Internal code improvements + - Fix various issues handling broken files + - Make checkedAdd work for long long in MSVC + + qt5: + - Properly export NewSignatureData class + - Fix regression in QIODeviceOutStream + MSVC + + qt6: + - Properly export NewSignatureData class + - Fix regression in QIODeviceOutStream + MSVC + + utils: + - pdftohtml: Fix error() parameter type + +- Update to 21.01.0: + + core: + - Faster routines for jpeg decoding + - Fix reading signatures in encrypted files + - Add white point correction when lcms is used + - JBIG2Stream: Fix byte counting + - Fix potential data loss if we try to fetch a non existing Ref after modifying the document + - Specifically use DeviceGray instead of DefaultGray for softmasks + - Fix various issues handling broken files + (including bsc#1181551, glfo#poppler/poppler#1014) + + utils: + - pdftocairo: Setmode binary for windows + - pdfsig: Add hability to digitally sign files + - pdftoppm: add options to set DeviceGray/DeviceRGB/DeviceCMYK + - pdftops: add options to set DeviceGray/DeviceRGB/DeviceCMYK + - pdfimages: Account for rotation in PPI calculation + + qt5 and qt6: + - Add hability to digitally sign files + +- Update to version 20.12.1: + + core: + - PSOutputDev: fixing regression in the rasterization code. + - Add missing profile copy operation in + GfxICCBasedColorSpace::copy() + - Fix issue in broken files. + + build system: Use modern CMake linking for Qt and boost. + +- Update to 20.12.0: + + core: + - Draw better circles for circle annotations + - Fix annotation line width if no appearance stream or style + are given + - Tweak rendering of highlight annotations + - Fix border rendering of some annotations + - Fix rendering of some files + - PSOutputDev: + . provide options to set the rasterization color space and + ICC profile + . for splashModeCMYK8 and language level >=2 activate + overprint emulation + . use the DeviceN8 bitmap for rasterization with CMYK-output + + overprint + - Use the font name without subset tag when querying for a + system font + - Splash: Fix wrong x adjustment during clipping + - Splash: Fix blitImage in uncolored tiling patterns + - timeToDateString: We forgot the ' after the minutes + - Move psLevel to PSOutputDev creation + - Fix several issues in broken files + + utils: + - pdftops: + . provide options to set the rasterization color space and + ICC profile + . for splashModeCMYK8 and language level >=2 activate + overprint emulation + +- Use the correct, upstream provided tarball. + +- update to version 20.10.0: + + core: + - Filter out repeated forms. + - Implement EmbedStream::reset(). + - CairoOutputDev: evict just font faces owned solely by cache. + - Splash: Rename Yd to Ydown, Xu to Xup, etc. + - Splash: fix crash in out-of-memory situation. + - Fix some undefined behaviour situation with forged files. + - Compability fix for Forms. + - Fix fetching of Objects failing in some cases. + - Fix clearing date in Annot setModified/setDate. + - TextSelectionPainter: support glyphless fonts. + - Splash: Don't try read past end of image. + - avoid abort() on large memory allocation. + - Fix memory leak on broken files. + - Fix potential invalid memory read. + - Small code improvements. + - Sub-page objects: initialize clip max values considering the + render resolution. + - Splash: Set initial line width to 1. + - Fix stack overflow with specially crafted files. + - GfxShading: Simplify holding the Function. + - Splash: Fix x86 + windows asm build. + - Fix regression on PS conversion.. + Regression only happened on applications that are locale + enabled i.e. Okular but not pdftops, when using a quite new + lcms and the user locale uses , as decimal separator instead + of . + - Add UTF16LE support to TextStringToUCS4, even if the standard + clearly says it should be UTF16BE + + qt5: + - Document TextAnnotation::inplaceAlign. + - Make Annotation::setModification/CreationDate work on + existing annots. + - Be a bit more stubborn converting dates that come from xml. + - Clean as many null characters from the end as possible when + converting strings. + - Deprecate Document::toc. + - Deprecate AnnotationUtils. + + glib: + - Add accessor functions for PopplerAttachment. + - Deprecate PopplerAttachment GTime fields. + - Deprecate PopplerDocument date properties. + + utils: + - pdftoppm: report error and exit if output file cannot be + written. + - Document that PDF-file can be '-' to read it from stdin. + + build system: + - cmake: Modern way to link against libpng, zlib and libtiff. + - cmake: Remove stray support for lcms1 in pdftocairo. + + qt6: + - Add work in progress qt6 port. + +- update to version 0.90.0 + + core: + - Color profile tweaks + - Small signature improvements + - BBoxOutputDev: Fix calculation when type3 fonts are involved + - Fix potential crash when reading Forms + - Fix infinite loop in broken file + + glib: + - Fix adding annots in rotated pages + - Add ability to reset forms + - Several fixes to the documentation + + qt5: + - Make it clear we require Qt 5.5 + - demo: Fix crash on broken files + - Small documentation improvements + + utils: + - pdftoppm: Add option to set display profile + - pdftops: Add a -rasterize option with values always, never, + or whenneeded + + build system: + - Require cmake 3.5 + - More modern cmake way to link against curl +- Bump poppler_sover following upstream changes. + +- update to version 0.89.0 + + core: + - Add support for ResetForm action + - Fix crash in PDFDoc::getSignatureFields when there's no Forms + at all + - Fix exporting to PS of some files with CID fonts + - Use ICC profiles in PS output (if new enough lcms is used) + - Allow almost-singular tiling pattern matrices + - Fix memory leak when failing to load some fonts + - CairoOutputDev: Use stroke opacity when clipping to a stroke + path + - CairoOutputDev: Fix tiling patterns when pattern cell is too + far + + glib: Add poppler_movie_get_aspect + + cpp: Add the font infos to the text_box object +- Bump poppler_sover following upstream changes. + +- Update to version 0.88.0: + + core: + - Support Widget Annotation Buttons not linked to any Form + - SplashOuputDev: Use stroking opacity when clipping to a + stroke path + - Handle 1 bit RGB images in ICC colorspace + - Internal code improvements + + qt5: + - Add Document::signatures. Returns signatures not attached to + any page + - ArthurOutputDev: + . Fix font hinting + . Set the opacity when filling with axial gradients + . Implement the clipToStrokePath method + . Use stroking opacity when clipping to a stroke path + + glib: + - Add poppler_page_get_bounding_box + - Add poppler_form_field_get_alternate_ui_name + - Implement rotation for 'flagNoRotate' annots + + cpp: Add non_raw_non_physical layout for page::text() + + utils: + - pdftohtml: Fix noRoundedCoordinates->noroundcoord in man page + - pdfsig: Show also signatures that aren't attached to any page +- Bump poppler_sover following upstream changes. + +- Update to version 0.87.0: + + core: + - Fix crashes due to inconsistent vtables for Clang builds + - Fix leak in broken files + - Internal code improvements + + qt5: + - Add option to get form choice for export value + - ArthurOutputDev: Avoid division by zero in updateLineDash + + glib: Internal code improvements + + utils: pdftohtml: Fix memory leak in HtmlOutputDev::getLinkDest +- Bump poppler_sover following upstream changes. + +- Add pkgconfig(poppler-data) BuildRequires: New versions of + poppler-data actually have a .pc file, and we check for it during + build, so lets add this optional dependency. +- Enable building of gtk-docs again. + +- Add missing devel package requires (bsc#1153146). + +- Update to version 0.86.1: + + core: + - Fix regression in Browse Link handling. + - Internal code improvements. +- Bump poppler_sover following upstream changes. + +- Update to version 0.86.0: + + core: + - Fix link content exfiltration attack. + - Splash: Implement gouraudTriangleShadedFill for some non + parametrized shadings. + - Fix case unsensitive search for Old Hungarian, Warang Citi, + Medefaidrin and Adlam. + - Internal code improvements. + + glib: + - Automatic handle of page's cropbox on annots. + - Fix memory leak if poppler_document_new_from_file fails. + - Minor speed optimization on poppler_page_get_annot_mapping. + + utils: + - pdfdetach: add 'savefile' option. + - pdftoppm/pdftocairo: Fix more odd/even mismatch. + + qt5: Fix loading from iodevice. +- Changes from version 0.85.0: + + core: + - Fix case unsensitive search for Deseret and Osage. + - Fix crash in unicodeToAscii7. + - CairoOutputDev: make initialisation thread-safe. + - Fix crash on broken files. + - Internal code improvements. + + qt5: + - Fix FormField::name encoding. + - Accept UTF-16 uiNames for form fields. + - Fix search for "complex" characters. + - Allow to load document from QIODevice. + + utils: + - pdftoppm/pdftocairo: Fix -e/-o printing the wrong pages. + - pdftohtml: Fix issue with the font size sometimes being huge. + + glib: make the frontend initialization thread safe. +- Bump poppler_sover following upstream changes. + +- Update to version 0.84.0: + + core: + - Fix crash when converting from Unicode to ASCII-7 + - Splash::scaleImageYdXu: Protect against crash if srcWidth is + too big + - JBIG2Stream: + . Fix potential crash in malformed documents + . Fix leak in reset() if called several times + - Internal code improvements + + utils: + - pdfimages: Add error message if first page is larger then + number of pages + - pdfinfo: Improved paper size recognition + - pdfsig: Fix exit code when dumping signatures + - pdftocairo: Error out when even/odd selects 0 pages + - pdftohtml: Fix memory leak + - pdftoppm: + . Add an option to scale before rotate + . Add -hide-annotations option + . Error out when even/odd selects 0 pages + - pdftops: Improve -optimizecolorspace + + qt5: Code cleanups + + glib: Fix compiler warnings +- Bump poppler_sover following upstream changes. + +- Update to version 0.83.0: + + core: + - Improve when a file is recognized as Linearized. + - Improve const-ness of the code. + - Make code a bit more readable/maintanable. + - Fix uninitialized memory uses in broken files. + + utils: + - pdffonts: Make code a bit more readable/maintanable. + - pdftohtml: Make code a bit more readable/maintanable. + + qt5: + - Remove a bunch of unused internal functions. + - trUtf8 -> tr (less warnings). + + build system: make-glib-api-docs: switch to python3. +- Bump poppler_sover following upstream changes. + +- Update to version 0.82.0: + + core: + - Fix not being able to open some files. Issue #832 + - Fix crashes in malformed files + - Fix memory leak on broken files + - Minor performance improvements + - Minor code improvements + + glib: + - Add poppler_document_new_from_bytes + - PopplerAttachment: Silence deprecation warnings for ctime/mtime + + build system: + - pdf-inspector: Support builddir != srcdir + - Install Cairo* headers if Cairo has been found +- Bump poppler_sover following upstream changes. +- Drop patches already included by upstream: + + 0001-Include-SplashMath.h-only-where-needed.patch + + 0002-Move-the-non-trivial-part-of-the-clip-test-to-the-im.patch + +- Avoid unconditional dependency on boost_headers when using the + (private) splash headers. Depending on the used classes (e.g. + SplashXPathScanner), the boost headers may still be needed, add + + 0001-Include-SplashMath.h-only-where-needed.patch + + 0002-Move-the-non-trivial-part-of-the-clip-test-to-the-im.patch + +- Define %cmake_build for Leap 15.0. + +- Update to version 0.81.0: + + core: + - Splash: Always enable support for CMYK rasterization. + - CairoOutputDev: Check scaled dimensions for 0. + - BaseCryptStream: Fix potential uninitialized memory read. + - SplashBitmap: Fix wrong width condition for + splashModeDeviceN8. + - Fix crashes in malformed files. +- Bump poppler_sover following upstream changes. + +- Convert linked package to _multibuild +- Cleanup spec file (remove defattr) +- Add boost_headers to BuildRequires, speedup Splash backend + +- Update to version 0.80.0: + + core: + - Annotations: Implement support for setting a different text + in the appearance stream than the real text. + - Splash: Optionally use small_vector from boost. + - Fix memory leaks on broken files. + - Fix abort on broken files. + - Small code simplifications. + - Remove USE_FIXEDPOINT support. + + qt5: + - Fix MSVC build. + - Add subsitute-font information. + - Fix since marker of some functions. + - Fix leak when aborting text extraction. + - Small code simplifications. + + glib: + - Make print scaling getter visible. + - Make Duplex/NumCopies/PrintPageRange preference available in + API. + - Implement Movie API. + + utils: pdftotext: Add -nodiag flag to remove diagonal text on + output. + + build system: Mark external lib include dirs as SYSTEM. +- Bump poppler_sover following upstream changes. +- Use cmake_build macro. pulseaudio +- Workaround for spurious errors in dump-modules command + (bsc#1194379): + pulseaudio-dump-module-Ignore-invalid-module-init-tools.patch + +- Fix parameters passed to meson: + * access-group, => access_group, system-group => system_group, + and system-user => system_user for them to actually have an + effect. + +- Fix a typo in padsp LD_PRELOAD setup (bsc#1194074) + +- Improving the handling with pipewire (bsc#1188516): + * Split the setup script to a sub-package pulseaudio-setup to be + shared with pipewire-pulseaudio package + * Modified setup script to adapt pipewire-pulse + python-pip +- Add CVE-2021-3572-split-unicode-separators.patch stopping the script + from splitting references on Unicode separators (CVE-2021-3572, + bsc#1186819). + python-pyudev +- Update to version 0.22.0+git.1642212208.d5630bf (bsc#1194613): + * Remove another flakey test + * Remove all traces of tox + * Update next Fedora to 35 + * Delete a test which is probably flakey for real + * Bump recommended development environment to fedora 34 + * Use yamllint on all the configuration files + * Add annotations to GitHub workflows + * No longer use --recursive for isort + * Update formatting for new black + * Establish a weekly task for future fedora +- Remove upstreamed patches: + - remove_mock.patch + +- Add hypothesis_settings.patch to allow longer timeouts in OBS. + +- Add remove_mock.patch gh#pyudev/pyudev#409 +- Static linting with pylint is not needed for unit tests or build + +- Add pytest_register_mark.patch to make the test suite at least + syntactically correct and skip over tests we cannot run because + of missing /dev gh#pyudev/pyudev#404. + +- update to 0.22.0: + - Add a six-enabled move for collections move imports: + https://github.com/pyudev/pyudev/pull/386 + - Fix any newly introduced pylint errors + - Numerous improvements or updates to the test infrastructure + - A number of test updates + - Require yapf 0.21.0 for Python formatting + - Various documentation fixes and updates + +- Remove superfluous devel dependency for noarch package + -- Require python-setuptools instead of distribute (upstreams merged) - -- Build HTML documentation -- Fix SLE_11_SP2 build (not noarch) - -- Update to version 0.16.1: - * #53: Fix source distribution - * #54: Fix typo in test - From version 0.16: - * Remove :meth:`pyudev.Monitor.from_socket`. - * Deprecate :meth:`pyudev.Device.traverse()` in favor of - :attr:`pyudev.Device.ancestors`. - * #47: Deprecate :meth:`pyudev.Monitor.receive_device` in favor of - :attr:`pyudev.Monitor.poll`. - * #47: Deprecate :attr:`pyudev.Monitor.enable_receiving` in favor of - :attr:`pyudev.Monitor.start`. - * #47: Deprecate :attr:`pyudev.Monitor.__iter__` in favor of explicit looping - or :class:`pyudev.MonitorObserver`. - * #49: Deprecate ``event_handler`` to :class:`pyudev.MonitorObserver` in - favour of ``callback`` argument. - * #46: Continuously test pyudev on Travis-CI. - * Add :attr:`pyudev.Device.ancestors`. - * Add :attr:`pyudev.Device.action`. - * #10: Add :attr:`pyudev.Device.sequence_number`. - * #47: Add :meth:`pyudev.Monitor.poll`. - * #47: Add :attr:`pyudev.Monitor.started`. - * #49: Add ``callback`` argument to :class:`pyudev.Monitor`. - * :meth:`pyudev.Monitor.start` can be called repeatedly. - * #45: Get rid of 2to3 - * #43: Fix test failures on Python 2.6 - * Fix signature in declaration of ``udev_monitor_set_receive_buffer_size``. - * #44: Test wrapped signatures with help of ``gccxml``. - * Fix compatibility with udev 183 and newer in :class:`pyudev.Context`. - * :meth:`pyudev.MonitorObserver.stop` can be called from the observer thread. -- Removed python-setuptools and added python-distribute as build requirement. - -- Update to version 0.15: - * #20: :meth:`pyudev.Monitor.filter_by()` and - :meth:`pyudev.Monitor.filter_by_tag()` can be called after - :meth:`pyudev.Monitor.enable_receiving()` now - * #20: Added :meth:`~pyudev.Monitor.remove_filter()` - * :class:`pyudev.MonitorObserver` calls - :meth:`pyudev.Monitor.enable_receiving()` now when started. - * #40: Added user guide to the documentation - * #39: Added :meth:`pyudev.Device.from_device_file()` - * :data:`errno.EINVAL` from underlying libudev functions causes - :exc:`~exceptions.ValueError` instead of - :exc:`~exceptions.EnvironmentError` now. - -- Update to version 0.14: - * Documentation now hosted at http://pyudev.readthedocs.org - * #37: Added :class:`pyudev.wx.WxUDevMonitorObserver` for wxPython - * Added :class:`pyudev.MonitorObserver` - * Added :attr:`pyudev.glib.GUDevMonitorObserver.enabled`, - :attr:`pyudev.pyqt4.QUDevMonitorObserver.enabled` and - :attr:`pyudev.pyside.QUDevMonitorObserver.enabled` - -- Update to version 0.13: - * #36: Added :meth:`pyudev.Monitor.set_receive_buffer_size` (thanks to Rémi - Rérolle) - * #34: :class:`pyudev.Device.tags` returns a :class:`pyudev.Tags` object now - * Added :meth:`pyudev.Enumerator.match_parent` - * Added ``parent`` keyword argument to :meth:`pyudev.Enumerator.match()` - * Removed :meth:`pyudev.Enumerator.match_children` in favour of - :meth:`pyudev.Enumerator.match_parent` - * :attr:`pyudev.Device.children` requires udev version 172 now - * #31: Added :meth:`pyudev.Enumerator.match_attribute` - * Added ``nomatch`` argument to :meth:`pyudev.Enumerator.match_subsystem` and - :meth:`pyudev.Enumerator.match_attribute` - -- Update to version 0.12: - * #32: Fixed memory leak - * #33: Fixed Python 3 support for :mod:`pyudev.glib` - * Fixed license header in :mod:`pyudev._compat` -- Spec file updates. - * Changed License: to LGPL-2.1+. - * Minor other updates. - -- Update to version 0.11: - * #30: Added :attr:`pyudev.Device.sys_number` - * #29: Added :meth:`pyudev.Device.from_device_number` and - :attr:`pyudev.Device.device_number` - * Officially support PyPy now - From 0.10: - * Added :attr:`pyudev.__version_info__` - * Added :attr:`pyudev.Device.device_type` - * :class:`pyudev.Context`, :class:`pyudev.Enumerator`, :class:`pyudev.Device` - and :class:`pyudev.Monitor` can now directly be passed to - :mod:`ctypes`-wrapped functions - * #24: Added :attr:`pyudev.Context.run_path` - From 0.9: - * #21: Added :meth:`pyudev.Device.find_parent` - * #22: Added :meth:`pyudev.Monitor.filter_by_tag` - * Added :attr:`pyudev.Context.log_priority` to control internal UDev logging - * Improve error reporting, if libudev is missing -- Spec file updates: - * Changed package name to python-pyudev. - * Changed License: to LGPL-2.1. - * Updated Url:. - * Added Provides/Obsoletes entries for pyudev. - * Build the package as noarch. - * Minor other updates. - -- Initial Package (version 0.8). - python3 +- Don't use appstream-glib on SLE-12. +- Use Python 2-based Sphinx on SLE-12. +- No documentation on SLE-12. +- Add skip_SSL_tests.patch skipping tests because of patched + OpenSSL (bpo#9425). + +- Don't use OpenSSL 1.1 on platforms which don't have it. + +- Remove shebangs from from python-base libraries in _libdir + (bsc#1193179, bsc#1192249). +- Readjust patches: + - bpo-31046_ensurepip_honours_prefix.patch + - decimal.patch + - python-3.3.0b1-fix_date_time_compiler.patch + +- build against openssl 1.1 as it is incompatible with openssl 3.0+ (bsc#1190566) + +- 0001-allow-for-reproducible-builds-of-python-packages.patch: ignore + permission error when changing the mtime of the source file in presence + of SOURCE_DATE_EPOCH + +- The previous construct works only on the current Factory, not + in SLE. + +- BuildRequire rpm-build-python: The provider to inject python(abi) + has been moved there. rpm-build pulls rpm-build-python + automatically in when building anything against python3-base, but + this implies that the initial build of python3-base does not + trigger the automatic installation. + +- Due to conflicting demands of bsc#1183858 and platforms where + Python 3.6 is only in interpreter+pip set we have to make + complicated ugly construct about Sphinx BR. + +- Make python36 primary interpreter on SLE-15 + +- Make build working even on older SLEs. + +- Update to 3.6.15: + - bpo-43124: Made the internal putcmd function in smtplib + sanitize input for presence of \r and \n characters to avoid + (unlikely) command injection. Library + - bpo-45001: Made email date parsing more robust against + malformed input, namely a whitespace-only Date: header. Patch + by Wouter Bolsterlee. Tests + - bpo-38965: Fix test_faulthandler on GCC 10. Use the + “volatile” keyword in faulthandler._stack_overflow() to + prevent tail call optimization on any compiler, rather than + relying on compiler specific pragma. +- Remove upstreamed patches: + - faulthandler_stack_overflow_on_GCC10.patch + +- test_faulthandler is still problematic under qemu linux-user emulation, + disable it there + +- Update to 3.6.14: + * Security + - bpo-44022 (bsc#1189241, CVE-2021-3737): mod:http.client now + avoids infinitely reading potential HTTP headers after + a 100 Continue status response from the server. + - bpo-43882: The presence of newline or tab characters in parts + of a URL could allow some forms of attacks. + Following the controlling specification for URLs defined by + WHATWG urllib.parse() now removes ASCII newlines and tabs + from URLs, preventing such attacks. + - bpo-42988 (CVE-2021-3426, bsc#1183374): Remove the getfile feature + of the pydoc module which could be abused to read arbitrary files + on the disk (directory traversal vulnerability). Moreover, even + source code of Python modules can contain sensitive data like + passwords. Vulnerability reported by David Schwörer. + - bpo-43285: ftplib no longer trusts the IP address value + returned from the server in response to the PASV command by + default. This prevents a malicious FTP server from using the + response to probe IPv4 address and port combinations on the + client network. + Code that requires the former vulnerable behavior may set a + trust_server_pasv_ipv4_address attribute on their ftplib.FTP + instances to True to re-enable it. + - bpo-43075 (CVE-2021-3733, bsc#1189287): Fix Regular Expression + Denial of Service (ReDoS) vulnerability in + urllib.request.AbstractBasicAuthHandler. The ReDoS-vulnerable + regex has quadratic worst-case complexity and it allows cause + a denial of service when identifying crafted invalid RFCs. This + ReDoS issue is on the client side and needs remote attackers to + control the HTTP server. +- Upstreamed patches were removed: + - CVE-2021-3426-inf-disclosure-pydoc-getfile.patch + - CVE-2021-3733-ReDoS-urllib-AbstractBasicAuthHandler.patch +- Refreshed patches: + - python3-sorted_tar.patch + - riscv64-ctypes.patch + +- Use versioned python-Sphinx to avoid dependency on other + version of Python (bsc#1183858). + +- Modify Lib/ensurepip/__init__.py to contain the same version + numbers as are in reality the ones in the bundled wheels + (bsc#1187668). + +- add 22198.patch to build with Sphinx 4 + +- Stop providing "python" symbol (bsc#1185588), which means + python2 currently. + -- Resync with python36 Factory package. -- Make this %primary_interpreter - +- (bsc#1180125) We really don't Require python-rpm-macros package. + Unnecessary dependency. + -- Remove merged patch CVE-2020-8492-urllib-ReDoS.patch +- Remove merged patch CVE-2020-8492-urllib-ReDoS.patch and + CRLF_injection_via_host_part.patch. qemu +- Enable modules for testsuite + +* Patches added: + meson-build-all-modules-by-default.patch + +- It's time to really start requiring -F when using -b in + qemu-img for us as well. Users/customers have been warned + in the relevant release notes (bsc#1190135) + * Patches dropped: + Revert-qemu-img-Improve-error-for-rebase.patch + Revert-qemu-img-Require-F-with-b-backing.patch + rav1e +- Update to version 0.5.1+0: + * Fix the dispatcher calling `avx2` code when the sub-architecture does not + support it. + rsyslog +- fix config parameters in specfile (bsc#1194593) + s390-tools +- Upgraded to version 2.19.0 (jsc#SLE-18324) + * v2.19.0 (2021-11-10)__ + Add new tools / libraries: + - chreipl-fcp-mpath: New toolset that uses multipath information to change + the configured FCP re-IPL path on detecting issues with the current path + Changes of existing tools: + - dbginfo.sh: Add retry timeout and remove possible blocking "blockdev --report" + - dbginfo.sh: Collect config- and debug-data for chreipl-fcp-mpath + - hsci: Add support for multiple MAC addresses + Bug Fixes: + - lshwc: Fix compile error for gcc <8.1 + - zdump: Various clean-ups and fixes + - ziomon: Correct throughput calculation in ziorep_printers + - zipl: Fix segmentation fault when setting stage3_parms + * v2.18.0 (2021-10-01)__ + Add new tools: + - scripts: Add tool for parsing sclp s390dbf logs + - zdev: Add udev rule helper tool + - zipl-editenv: Add tool to operate with zIPL environment installed in the boot record + Changes of existing tools: + - Makefile: Fix order of build of libraries for parallel builds + - dbginfo.sh: Add collection in area of timedate, coredump and --check option + - dbginfo.sh: Add exception on dump2tar for /sys/kernel/mm/page_idle/bitmap + - dbginfo.sh: Cleanup of outdated sections and general code rework + - dbginfo.sh: Collect zipl boot menu entries from boot loader specification + - lszcrypt: Add support for vfio-ap status field + - lszcrypt: Improved output for deconfig cards and queues + - lszfcp: Add linkdown case to host marker of extended output + - zdev: Add auto-config for PCI and crypto devices + - zdump: Introduce multi-level message logging + - zipl: Add support for environment block interpretation + - zkey-cryptsetup: Support LUKS2 volumes with integrity support enabled + Bug Fixes: + - hsavmcore: Avoid recompilation of overlay during install step + - libkmipclient: Fix parsing of hex values for XML and JSON encoding + - vmur/vmur.cpp: Fix error handling on transfer failure + - zdump: Lots of smaller fixes across the board + * v2.17.0 (2021-07-07)__ + Add new tools / libraries: + - hsavmcore: New utility to make the dump process with kdump more efficient + - libkmipclient: Add KMIP client shared library + - libseckey: Add a secure key library + - lshwc: New tool to extract and list complete counter sets + Changes of existing tools: + - genprotimg: Add '--(enable|disable)-pckmo' options + - genprotimg: Add OpenSSL 3.0 support + - genprotimg: Change plaintext control flags defaults so PCKMO functions are allowed + - libutil: Introduce multi-level message logging (util_log) + - libutil: Introduce util_arch module + - udev/dasd: Change DASD udev-rule to set none scheduler + - zdsfs: Add transparent codepage conversion + - zkey: Add support for KMIP-based key management systems + Bug Fixes: + - ttyrun-getty: Avoid conflicts with serial-getty@ + - dbginfo: add /proc/kallsyms - refresh zVM, lscpu - fix WORKARCHIVE handling + - dbginfo: add KVM data collection for server and guest - fix lszdev + - genprotimg: Add missing return values in error paths + - zkey: Fix conversion of CCA DATA keys to CCA CIPHER keys + - znetconf: avoid conflict with "chzdev -e" + * v2.16.0 (2021-02-19)__ + Add new tool: + - hsci: New tool to manage HSCI (HiperSockets Converged Interfaces) + Changes of existing tools: + - genprotimg: Add host-key document verification support + - genprotimg: boot: Make boot loader -march=z900 compatible + - libekmfweb: Make install directory for shared libraries configurable + - lsdasd: Add FC Endpoint Security information + - make: Add address sanitizer support + - netboot: Add version information to scripts + - netboot: Bump busybox version in pxelinux.0 build + - zdev: Add FC Endpoint Security information for DASD devices + - zdev: Add build option to update initial RAM-disk by default + - zkey-ekmfweb: Avoid sequence number clash when generating keys + - zkey/zkey-ekmfweb: Install KMS plugins into configurable location + - zkey: Add support to store LUKS2 dummy passphrase in key repository + Bug Fixes: + - dasdfmt: Fix segfault when an incorrect option is specified + - genprotimg: Fix several build issues + - genprotimg: Require argument for 'ramdisk' and 'parmfile' options + - zcryptstats: Fix handling of partial results with many domains + - zfcpdbf: Deal with crash 7.2.9 change in caller name formatting + - zipl/boot: Fix memory use after free in stage2 + - zipl/boot: Fix potential heap overflow in stage2 + - zipl: Fix reading 4k disk's geometry +- Added the following two IBM patches: + * s390-tools-sles15sp4-chreipl-fcp-mpath-don-t-compress-the-manpage-before-.patch + * s390-tools-sles15sp4-chreipl-fcp-mpath-remove-shebang-from-chreipl-fcp-mp.patch +- Removed the following obsolete patches + * s390-tools-sles15sp3-dasdfmt-Fix-segfault-when-an-incorrect-option-is-spe.patch + * s390-tools-sles15sp3-libutil-Compare-proc-entries-to-vfstype.patch + * s390-tools-sles15sp3-01-zdev-Add-FC-Endpoint-Security-information-for-DASD-d.patch + * s390-tools-sles15sp3-02-lsdasd-Add-FC-Endpoint-Security-information.patch + * s390-tools-sles15sp3-hsci-Add-new-tool-to-control-HiperSockets-Converged-.patch + * s390-tools-sles15sp3-zcryptstats-Fix-handling-of-partial-results-with-man.patch + * s390-tools-sles15sp3-01-genprotimg-abort-if-one-of-the-recursive-targets-is-.patch + * s390-tools-sles15sp3-02-genprotimg-fix-two-memory-leaks.patch + * s390-tools-sles15sp3-03-genprotimg-require-argument-for-ramdisk-and-parmfile.patch + * s390-tools-sles15sp3-04-genprotimg-add-host-key-document-verification-suppor.patch + * s390-tools-sles15sp3-zkey-Fix-APQN-property-names.patch + * s390-tools-sles15sp3-zipl-fix-4k-scsi-ipl.patch + * s390-tools-sles15sp3-dasd-change-DASD-udev-rule-to-set-none-scheduler.patch + * s390-tools-sles15sp3-check-return-code-from-util_file_read_l.patch + * s390-tools-sles15sp3-dbginfo.sh-exclude-page_idle-bitmap.patch +- Removed an obsolete "export ROOT_BUILD_DIR" statement from the spec file. +- Removed unnecessary defattr statements in the files section. + +- Updated the spec file to correspond to the changes made to the + location and name of the kernel image in the kernel-zfcpdump + package (bsc#1189841) +- Did some spec file cleanup based on the recommendations from + spec-cleaner. + samba +- Update to 4.15.5 + * CVE-2021-44141: UNIX extensions in SMB1 disclose whether the + outside target of a symlink exists; (bso#14911); + (bsc#1193690). + * CVE-2021-44142: Out-of-Bound Read/Write on Samba vfs_fruit + module; (bso#14914); (bsc#1194859). + * CVE-2022-0336: Re-adding an SPN skips subsequent SPN + conflict checks; bso#14950); (bsc#1195048). + +- CVE-2021-44141: Information leak via symlinks of existance of + files or directories outside of the exported share; (bso#14911); + (bsc#1193690); +- CVE-2021-44142: Out-of-bounds heap read/write vulnerability + in VFS module vfs_fruit allows code execution; (bso#14914); + (bsc#1194859); +- CVE-2022-0336: Samba AD users with permission to write to an + account can impersonate arbitrary services; (bso#14950); + (bsc#1195048); + +- Update to 4.15.4 + * Duplicate SMB file_ids leading to Windows client cache + poisoning; (bso#14928); + * Failed to parse NTLMv2_RESPONSE length 95 - Buffer Size Error - + NT_STATUS_BUFFER_TOO_SMALL; (bso#14932); + * kill_tcp_connections does not work; (bso#14934); + * Can't connect to Windows shares not requiring authentication + using KDE/Gnome; (bso#14935); + * smbclient -L doesn't set "client max protocol" to NT1 before + calling the "Reconnecting with SMB1 for workgroup listing" + path; (bso#14939); + * Cross device copy of the crossrename module always fails; + (bso#14940); + * symlinkat function from VFS cap module always fails with an + error; (bso#14941); + * Fix possible fsp pointer deference; (bso#14942); + * Missing pop_sec_ctx() in error path inside close_directory(); + (bso#14944); + * "smbd --build-options" no longer works without an smb.conf file; + (bso#14945); + +- Use pkgconfig(krb5) as dependency for the -devel package: allow + OBS to pick the right flavor of krb5-devel (full vs mini). +- Do not require the 'krb5' symbol by samba-client-libs: this + package has an automatic dependency due to linkage on + libgssapi_krb5.so.2. Automatic deps are always better. +- Do not require the 'krb5' symbol from samba-libs: samba-libs + requires samba-client-libs, which in turn requires krb5 + libraries. Samba-libs itself has no need for krb5 (but get it + indirectly anyway). + +- Reorganize libs packages. Split samba-libs into samba-client-libs, + samba-libs, samba-winbind-libs and samba-ad-dc-libs, merging samba + public libraries depending on internal samba libraries into these + packages as there were dependency problems everytime one of these + public libraries changed its version (bsc#1192684). The devel + packages are merged into samba-devel. +- Rename package samba-core-devel to samba-devel +- Add python-rpm-macros to build requirements +- Update the symlink create by samba-dsdb-modules to private samba + ldb modules following libldb2 changes from /usr/lib64/ldb/samba to + /usr/lib64/ldb2/modules/ldb/samba + +- Update to 4.15.3 + * Recursive directory delete with veto files is broken in 4.15.0; + (bso#14878); + * A directory containing dangling symlinks cannot be deleted by + SMB2 alone when they are the only entry in the directory; + (bso#14879); + * SIGSEGV in rmdir_internals/synthetic_pathref - dirfsp is used + uninitialized in rmdir_internals(); (bso#14892); + * MaxQueryDuration not honoured in Samba AD DC LDAP; (bso#14694); + * The CVE-2020-25717 username map [script] advice has undesired + side effects for the local nt token; (bso#14901); (bsc#1192849); + * User with multiple spaces (eg FredNurk) become + un-deletable; (bso#14902); + * Avoid storing NTTIME_THAW (-2) as value on disk; (bso#14127); + * smbXsrv_client_global record validation leads to crash if existing + record points at non-existing process; (bso#14882); + * Crash in vfs_fruit asking for fsp_get_io_fd() for an XATTR call; + (bso#14890); + * Samba process doesn't log to logfile; (bso#14897); + * set_ea_dos_attribute() fallback calling get_file_handle_for_metadata() + triggers locking.tdb assert; (bso#14907); + * Kerberos authentication on standalone server in MIT realm broken; + (bso#14922); + * Segmentation fault when joining the domain; (bso#14923); + * Support for ROLE_IPA_DC is incomplete; (bso#14903); + * rpcclient cannot connect to ncacn_ip_tcp services anymore; + (bso#14767); + * winexe crashes since 4.15.0 after popt parsing; (bso#14893); + * net ads status -P broken in a clustered environment; (bso#14908); + * Memory leak if ioctl(FSCTL_VALIDATE_NEGOTIATE_INFO) fails before + smbd_smb2_ioctl_send; (bso#14788); + * winbindd doesn't start when "allow trusted domains" is off; + (bso#14899); + * smbclient login without password using '-N' fails with + NT_STATUS_INVALID_PARAMETER on Samba AD DC; (bso#14883); + * A schannel client incorrectly detects a downgrade connecting to + an AES only server; (bso#14912); + * Possible null pointer dereference in winbind; (bso#14921); + * Fix -k legacy option for client tools like smbclient, rpcclient, + net, etc.; (bso#14846); + * Add Debian 11 CI bootstrap support; (bso#14872); + * Crash in recycle_unlink_internal(); (bso#14888); + sg3_utils +- Update to version 1.47+3.adb7276: + * rescan-scsi-bus.sh: fix garbled output (bsc#1195621) + +- Update to version 1.47+2.388b767: + * rescan-scsi-bus.sh: apply fix for '-r' (boo#1194293) + * _service: use openSUSE github repo again (with cherry-picks + from upstream) + * spec file: suppress commit ID in library version + shadow +- The legacy code does not support /etc/login.defs.d used by YaST. + Enable libeconf to read it (bsc#1192954). + sudo +- Update to 1.9.9 + * Sudo can now be built with OpenSSL 3.0 without generating + warnings about deprecated OpenSSL APIs. + * A digest can now be specified along with the ALL command in + the LDAP and SSSD back-ends. Sudo 1.9.0 introduced support for + this in the sudoers file but did not include corresponding + changes for the other back-ends. + * visudo now only warns about an undefined alias or a cycle in + an alias once for each alias. + * The sudoRole cn was truncated by a single character in warning + messages. GitHub issue #115. + * The cvtsudoers utility has new --group-file and --passwd-file + options to use a custom passwd or group file when the + - -match-local option is also used. + * The cvtsudoers utility can now filter or match based on a command. + * The cvtsudoers utility can now produce output in csv + (comma-separated value) format. This can be used to help generate + entitlement reports. + * Fixed a bug in sudo_logsrvd that could result in the connection + being dropped for very long command lines. + * Fixed a bug where sudo_logsrvd would not accept a restore point + of zero. + * Fixed a bug in visudo where the value of the editor setting was + not used if it did not match the user’s EDITOR environment + variable. This was only a problem if the env_editor setting was + not enabled. Bug #1000. + * Sudo now builds with the -fcf-protection compiler option and the + - z now linker option if supported. + * The output of sudoreplay -l now more closely matches the + traditional sudo log format. + * The sudo_sendlog utility will now use the full contents of the + log.json file, if present. This makes it possible to send + sudo-format I/O logs that use the newer log.json format to + sudo_logsrvd without losing any information. + * Fixed compilation of the arc4random_buf() replacement on systems + with arc4random() but no arc4random_buf(). Bug #1008. + * Sudo now uses its own getentropy() by default on Linux. The GNU + libc version of getentropy() will fail on older kernels that + don’t support the getrandom() system call. + * It is now possible to build sudo with WolfSSL’s OpenSSL + compatibility layer by using the --enable-wolfssl configure + option. + * Fixed a bug related to Daylight Saving Time when parsing + timestamps in Generalized Time format. This affected the NOTBEFORE + and NOTAFTER options in sudoers. Bug #1006. + * Added the -O and -P options to visudo, which can be used to check + or set the owner and permissions. This can be used in conjunction + with the -c option to check that the sudoers file ownership and + permissions are correct. Bug #1007. + * It is now possible to set resource limits in the sudoers file + itself. The special values default and “user” refer to the + default system limit and invoking user limit respectively. The + core dump size limit is now set to 0 by default unless overridden + by the sudoers file. + * The cvtsudoers utility can now merge multiple sudoers sources into + a single, combined sudoers file. If there are conflicting entries, + cvtsudoers will attempt to resolve them but manual intervention + may be required. The merging of sudoers rules is currently fairly + simplistic but will be improved in a future release. + * Sudo was parsing but not applying the “deref” and “tls_reqcert” + ldap.conf settings. This meant the options were effectively ignored + which broke dereferencing of aliases in LDAP. Bug #1013. + * Clarified in the sudo man page that the security policy may + override the user’s PATH environment variable. Bug #1014. + * When sudo is run in non-interactive mode (with the -n option), it + will now attempt PAM authentication and only exit with an error if + user interaction is required. This allows PAM modules that don’t + interact with the user to succeed. Previously, sudo would not + attempt authentication if the -n option was specified. Bug #956 + and GitHub issue #83. + * Fixed a regression introduced in version 1.9.1 when sudo is built + with the --with-fqdn configure option. The local host name was + being resolved before the sudoers file was processed, making it + impossible to disable DNS lookups by negating the fqdn sudoers + option. Bug #1016. + * Added support for negated sudoUser attributes in the LDAP and SSSD + sudoers back ends. A matching sudoUser that is negated will cause + the sudoRole containing it to be ignored. + * Fixed a bug where the stack resource limit could be set to a value + smaller than that of the invoking user and not be reset before the + command was run. Bug #1016. +- sudo no longer ships schema for LDAP. +- sudo-feature-negated-LDAP-users.patch dropped, included upstream +- refreshed sudo-sudoers.patch + +- Add support in the LDAP filter for negated users, patch taken + from upstream (jsc#20068) + * Adds sudo-feature-negated-LDAP-users.patch + +- update to 1.9.8p2 + * Fixed a potential out-of-bounds read with "sudo -i" when the + target user's shell is bash. This is a regression introduced + in sudo 1.9.8. Bug #998. + * sudo_logsrvd now only sends a log ID for first command of a session. + There is no need to send the log ID for each sub-command. + * Fixed a few minor memory leaks in intercept mode. + * Fixed a problem with sudo_logsrvd in relay mode if "store_first" + was enabled when handling sub-commands. A new zero-length journal + file was created for each sub-command instead of simply using + the existing journal file. +- update to 1.9.8p1 + * Fixed support for passing a prompt (sudo -p) or a login class + (sudo -l) on the command line. This is a regression introduced + in sudo 1.9.8. Bug #993. + * Fixed a crash with "sudo ALL" rules in the LDAP and SSSD back-ends. + This is a regression introduced in sudo 1.9.8. Bug #994. + * Fixed a compilation error when the --enable-static-sudoers configure + option was specified. This is a regression introduced in sudo + 1.9.8 caused by a symbol clash with the intercept and log server + protobuf functions. + * It is now possible to transparently intercepting sub-commands + executed by the original command run via sudo. Intercept support + is implemented using LD_PRELOAD (or the equivalent supported by + the system) and so has some limitations. The two main limitations + are that only dynamic executables are supported and only the + execl, execle, execlp, execv, execve, execvp, and execvpe library + functions are currently intercepted. Its main use case is to + support restricting privileged shells run via sudo. + To support this, there is a new "intercept" Defaults setting and + an INTERCEPT command tag that can be used in sudoers. For example: + Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh + Defaults!SHELLS intercept + would cause sudo to run the listed shells in intercept mode. + This can also be set on a per-rule basis. For example: + Cmnd_Alias SHELLS=/bin/bash, /bin/sh, /bin/csh, /bin/ksh, /bin/zsh + chuck ALL = INTERCEPT: SHELLS + would only apply intercept mode to user "chuck" when running one + of the listed shells. + In intercept mode, sudo will not prompt for a password before + running a sub-command and will not allow a set-user-ID or + set-group-ID program to be run by default. The new + intercept_authenticate and intercept_allow_setid sudoers settings + can be used to change this behavior. + * The new "log_subcmds" sudoers setting can be used to log additional + commands run in a privileged shell. It uses the same mechanism as + the intercept support described above and has the same limitations. + * The new "log_exit_status" sudoers setting can be used to log + the exit status commands run via sudo. This is also a corresponding + "log_exit" setting in the sudo_logsrvd.conf eventlog stanza. + * Support for logging sudo_logsrvd errors via syslog or to a file. + Previously, most sudo_logsrvd errors were only visible in the + debug log. + * Better diagnostics when there is a TLS certificate validation error. + * Using the "+=" or "-=" operators in a Defaults setting that takes + a string, not a list, now produces a warning from sudo and a + syntax error from inside visudo. + * Fixed a bug where the "iolog_mode" setting in sudoers and sudo_logsrvd + had no effect when creating I/O log parent directories if the I/O log + file name ended with the string "XXXXXX". + * Fixed a bug in the sudoers custom prompt code where the size + parameter that was passed to the strlcpy() function was incorrect. + No overflow was possible since the correct amount of memory was + already pre-allocated. + * The mksigname and mksiglist helper programs are now built with + the host compiler, not the target compiler, when cross-compiling. + Bug #989. + * Fixed compilation error when the --enable-static-sudoers configure + option was specified. This was due to a typo introduced in sudo + 1.9.7. GitHub PR #113. +- pack /usr/libexec/sudo/sudo/sudo_intercept.so + +- Fix commented out "Defaults env_keep" in sudo-sudoers.patch + suse-module-tools +- Update to version 15.4.12: + * Add /etc/modprobe.d/README on SLE/Leap (bsc#1195051) + * rpm-script: force-copy kernel to /boot (boo#1194501) + +- Update to version 15.4.11: + * cdrom: Disable autoclose by default (boo#1165047). + * Make regenerate-initrd-posttrans compatible with Dracut's + UEFI mode (unified kernel image) + system-config-printer +- Add python-rpm-macros BuildRequires in case some build + environment does not pull it automatically. This is needed by + macros like %{python3_sitelib}. + +- Fix icons yet again, this time what sizes are available. +- Drop post(un) handling, this is done automatically now. + systemd +- Make more use of %{_unitdir} in files.{systemd,container} + +- Installation of libnss_mymachines.so depended on %{bootstrap} but it is + actually installed when %{with machined} is true. +- Call ldconfig when container subpackage is installed since it ships + nss-mymachines NSS plug-in module. + +- Import commit a186eb9f9cc13b65f8380dbcae3080228e8be7e2 + 1395c74be7 udevadm: cleanup-db: don't delete information for kept db entries (bsc#1194912) + bbafc8092a udevadm: cleanup_dir: use dot_or_dot_dot() + d16f6d018d tmpfiles: split out config for systemd-resolve + 41334be59e meson: minor cleanup + 3db0c28462 sysusers: split up systemd.conf +- Drop 0012-resolved-create-etc-resolv.conf-symlink-at-runtime.patch (bsc#1195153) + Since v241, the patch isn't useful anymore because resolved is no more able to + create /etc/resolv.conf symlink by itself,it runs as 'systemd-resolve' + user. The symlink is now handled by a tmpfiles config file which is only + installed when systemd-resolved is. The tmpfiles config file has currently a + lower priority than the one shipped by netconfig. + +- Make use of %ldconfig_scriptlets + +- Merge nss-resolved and nss-mymachines NSS plug-in modules into systemd-network + and systemd-container respectively. + These modules are plug-in modules hence the shared library packaging policy + doesn't apply for them. Moreover they're pretty useless alone without their + respective systemd services, Hence let's reduce the number of sub-packages as + the list keeps increasing. + +- Merge libudev-devel into systemd-devel + +- systemd.spec: explicitely list all files for each main (sub) packages + Using glob patterns in %files section to reduce the number of listed files was + error-prone as some introduced files could silently be placed in the wrong + subpackage. The sections were also hard to read and many files needed to be + excluded from the main package making the point of glob pattern usage moot. + systemd, udev, systemd-container and systemd-network packages have now their + list of files described in a dedicated file. The lists are kept sorted to make + them easy to parse. The size of the files, especially the one for the main + package, is still reasonable and much easier to read now. + During this rework, a couple of cleanups happened: more use of + %{_systemd_util_dir}, some files was incorrectly owned by the main package and + have been moved to the correct sub-package, etc... + Note: the rest of the subpackages might be addressed later but let's find how + it goes for now. + +- Rename 0006-sysv-generator-add-back-support-for-SysV-scripts-for.patch into + 1011-sysv-generator-add-back-support-for-SysV-scripts-for.patch + This patch is now SLE specific. + +- Make sure that libopenssl-devel is installed when building resolved. Openssl + was implictly pulled in by systemd-experimental subpackage but could be + missing if the build of this subpackage was disabled. + +- resolved: disable DNSSEC until the following issue is solved: + https://github.com/systemd/systemd/issues/10579 +- resolved: disable fallback DNS servers and fail when no DNS server info could + be obtained from the links. It's better to let the sysadmin know that + something is likely misconfigured rather than silently handing over the DNS + queries to Google or Cloudflare. +- Replace '%setup+%autopatch' with '%autosetup' + +- Don't generate ID_NET_NAME_SLOT for devices behind a PCI bridge (bsc#1192637) + If multiple NICs are behind a PCI bridge, each of them will get the same + ID_NET_NAME_SLOT value leading to conflicting names. Such names weren't + generated before SLE15-SP3. + +- Move the whole content of /usr/share/doc/packages/systemd in doc subpackage + +- Move the systemd-network-generator stuff in udev package + This generator can generate .link files and is mainly used in initrd where + udev is mandatory. + +- Restore /sbin/udevadm and /bin/systemctl (obsolete) paths (bsc#1194519) + +- Import commit 7a4e2ba4e01a8dfd305b24c40e156f8d293995a5 (merge of v249.9) + For a complete list of changes, visit: + https://github.com/openSUSE/systemd/compare/6c7d6a7100488806bad0a81bbf2bca99be641938...7a4e2ba4e01a8dfd305b24c40e156f8d293995a5 + +- systemd.spec: drop our own definitions of %_pam_moduledir/%_pam_vendordir + macros since they're now defined by pam-devel shipped by SP4. +- Rename 1007-Restore-support-for-halt.local.patch into + 1007-sysv-restore-support-for-halt.local.patch +- Extract bits from 0008-sysv-generator-translate-Required-Start-into-a-Wants.patch + which are not specific to the handling of 'Required-Start:' and move them into a + new patch 1010-sysv-add-back-support-for-all-virtual-facility-and-f.patch + +- Import commit 6c7d6a7100488806bad0a81bbf2bca99be641938 (merge of v249.8) + For a complete list of changes, visit: + https://github.com/openSUSE/systemd/compare/103742c59ad2d37a54bfb91135d9c7b082ca3576...6c7d6a7100488806bad0a81bbf2bca99be641938 +- Rebase 1007-Restore-support-for-halt.local.patch + +- Import commit 103742c59ad2d37a54bfb91135d9c7b082ca3576 + e95df40b09 shared/rm-rf: loop over nested directories instead of instead of recursing (CVE-2021-3997 bsc#1194178) + 078e04305d shared/rm_rf: refactor rm_rf() to shorten code a bit + 6d560d0aca shared/rm_rf: refactor rm_rf_children_inner() to shorten code a bit + 6666ff056c localectl: don't omit keymaps files that are symlinks (bsc#1191826) + 30cbebc56f tmpfiles: 'st' may have been used uninitialized + 5443654ec0 macro: add new helper RET_NERRNO() + 8d90ecc435 rm-rf: optionally fsync() after removing directory tree + 591344010d rm-rf: refactor rm_rf_children(), split out body of directory iteration loop + 8c7762c4f1 Bump the max number of inodes for /dev to a million (bsc#1192858) + dc9476c881 journal: don't remove the flushed flag when journald is stopped + 29efc29efd TEST-10: don't attempt to write a byte to the socket + 773fb785b6 Bump the max number of inodes for /dev to 128k (bsc#1192858) + +- Rename 1009-drop-or-soften-deprecation-warnings.patch into + 1009-Drop-or-soften-some-of-the-deprecation-warnings.patch + +- Update systemd-user PAM service again + Change the default implementation of pam_setcred() again, previously + customized to run the full "auth" PAM stack and only call pam_deny.so which is + basically the SUSE default behavior without pam_warn.so. + This is considered safer, especially on SLE where a regression was spotted by + QA. + +- move files related to static nodes to udev + +- Update 1009-drop-or-soften-deprecation-warnings.patch (bsc#1193086) + It rewords the warning about the use of 'KillMode=none'. + + - upstream commit 6fe2a70b9160e35fdeed9d37bd31727c2d46a8b2 (jsc#SLE-17798) systemd-rpm-macros +- Bump version to 10 + +- %sysusers_create_inline was wrongly marked as deprecated +- %sysusers_create can be useful in certain cases and won't go away until we'll + move to file triggers. So don't mark it as deprecated too + +- Bump version to 9 + +- Introduce %_systemd_util_dir + It's a backport of upstream commit 3bc66bfa0136e370a8f7b06c3b69a52f5636ef82. + tiff +- security update: Fix buffer overwrite + * CVE-2019-17546[bsc#1154365] + + tiff-CVE-2019-17546.patch +- security update: Fix heap based buffer overflow in pal2rgb + * CVE-2017-17095[bsc#1071031] + + tiff-CVE-2017-17095.patch +- security update: Fix OOB in _TIFFmemcpy + * CVE-2022-22844[bsc#1194539] + + tiff-CVE-2022-22844.patch +- security update: Fix memory allocation failure in tif_read.c + * CVE-2020-35521[bsc#1182808] CVE-2020-35522[bsc#1182809] + + tiff-CVE-2020-35521,CVE-2020-35522.patch +- security update: Fix DOS via invertImage() + * CVE-2020-19131[bsc#1190312] + + tiff-CVE-2020-19131.patch +- security update: Fix heap-based buffer overflow in TIFF2PDF tool + * CVE-2020-35524[bsc#1182812] + + tiff-CVE-2020-35524.patch +- security update: Fix integer overflow in tif_getimage + * CVE-2020-35523 [bsc#1182811] + + tiff-CVE-2020-35523.patch + tigervnc +- u_Fix-non-functional-MaxDisconnectionTime.patch + * Backport patch that fixes issue with MaxDisconnetionTime + (bsc#1195661). + transactional-update +- Version 3.6.2 + - Bind mount root file system snapshot on itself, this makes the + temporary directory in /tmp unnecessary; also fixes [boo#1188110] + to return the correct snapshot's working directory via API call. + - Use separate mount namespace for transactional-update; this should + fix several applications that fail to run if a mount point has the + 'unbindable' mount flag set + +- Version 3.6.1 + - Fix rsyncing /etc into the running system with + - -drop-if-no-change [bsc#1192242] + +- Version 3.6.0 + - Simplify mount hierarchy by just using a single slave bind + mount as the root of the update environment; this may avoid the + error messages of failed unmounts + May fix [boo#1191945] + +- Version 3.5.7 + Various fixes affecting Salt support: + - t-u: Don't squash stderr messages into stdout + - t-u: Correctly handle case when the snapshot has been deleted due to + using --drop-if-no-change: Don't show reboot messages and avoid an awk + error message [bsc#1191475] + - tukit: Make inotify handler less sensitive / ignore more directories + [bsc#1191475] + +- Version 3.5.6 + - tukit: Add S/390 bootloader support [bsc#1189807] + - t-u: support purge-kernels with t-u patch [bsc#1190788] + +- Version 3.5.5 + - t-u: Use tukit for SUSEConnect call [bsc#1190574] + Correctly registers repositories + +- Version 3.5.4 + - tukit: Fix resolved support [boo#1190383] + +- Version 3.5.3 + - t-u: Purge kernels as part of package operations + Required for live patching support [bsc#1189728] + +- Version 3.5.2 + - tukit: Fix overlay syncing errors with SELinux [bsc#1188648] + - Don't print message for `shell` with --quiet + [gh#openSUSE/transactional-update#69] + +- Version 3.5.1 + - t-u: Disable status file generation by default + The new experimental `status` command requires the availability of + /etc/YaST2/control.xml, which is not present on all systems. Hide the + creation of the corresponding status file behind a new EXPERIMENTAL_STATUS + option to try out this functionality. + - Increase library version + +- Add tukit.conf to spec file + +- Version 3.5.0 + - Add alias setDiscardIfUnchanged for setDiscard. The old method name + wasn't really clear and will be removed if we should have an API break + in the future + - Replace mkinitrd with direct dracut call [boo#1186213] + - tukit: Add configuration file support (/etc/tukit.conf) + - Allow users to configure additional bind mounts (see /usr/etc/tukit.conf + for an example and limitations) [bsc#1188322] + - Add 'transactional-update status' call. This is a POC for obtaining a + hash of a system to verify its integrity. The functionality is still + experimental! + - Internal bugfixes / optimizations + +- Version 3.4.0 + - Apply SElinux context on /etc in transaction [boo#1185625], [boo#1185766] + [bsc#1186842], [boo#1186775] + - Implement inotify handling in C instead of Bash; this makes the + - -drop-if-no-change option work on SLE Micro [bsc#1184529] + - Use `tukit call` for up, dup and patch to allow resuming an update after + zypper updated itself in the snapshot [bsc#1185226] + - Fix obsolete output type messages in initrd [boo#1177149] + - Make different base snapshot warning more visible [bsc#1185224] + +- Version 3.3.0 + - Add support for more package managers by bind mounting their directories + - Support snapshots without dedicated overlay [boo#1183539], [bsc#1183539] + - Link RPM database correctly with older zypper versions [boo#1183521] + - Don't discard manual changes in fstab [boo#1183856], [bsc#1192302] + - [boo#1149131] & [boo#1133891] + [boo#1149131] & [boo#1133891] & [boo#1192078] util-linux +- Implement "X-fstrim.notrim" fstab mount option that skips fstrim + for selected device (jsc#SLE-17942, + util-linux-fstrim-implement-X-fstrim.notrim.patch). + +- Fix unauthorized umount (CVE-2021-3995, CVE-2021-3996, + bsc#1194976, + util-linux-libmount-check-fuse-umount-CVE-2021-3995.patch, + util-linux-libmount-fix-deleted-suffix-CVE-2021-3996.patch). + +- blockdev: Remove NBSP character in values (bsc#1188507#c31, + blockdev-remove-nbsp.patch). + +- The legacy code does not support /etc/login.defs.d used by YaST. + Enable libeconf to read it (bsc#1192954). + util-linux-systemd +- Implement "X-fstrim.notrim" fstab mount option that skips fstrim + for selected device (jsc#SLE-17942, + util-linux-fstrim-implement-X-fstrim.notrim.patch). + +- Fix unauthorized umount (CVE-2021-3995, CVE-2021-3996, + bsc#1194976, + util-linux-libmount-check-fuse-umount-CVE-2021-3995.patch, + util-linux-libmount-fix-deleted-suffix-CVE-2021-3996.patch). + +- blockdev: Remove NBSP character in values (bsc#1188507#c31, + blockdev-remove-nbsp.patch). + +- The legacy code does not support /etc/login.defs.d used by YaST. + Enable libeconf to read it (bsc#1192954). + wayland +- There is a file conflict in current wayland-devel-32bit and + prvevious libwayland-egl-devel-32bit package; therefore add + a conflicts to baselibs.conf + +- obsolete/provide libwayland-egl-devel 18.0.2 also on sle15-sp4 + +- Update to release 1.19 + * This release mostly contains bug fixes and minor + protocol updates. + webkit2gtk3:gtk3-soup2 +- Update to version 2.34.3 (boo#1194019): + + Make audio tools (like mixers) display the actual name of the + application producing sound, instead of a generic one. + + Fix several crashes and rendering issues. + + Security fixes: CVE-2021-30887, CVE-2021-30890. + - + Security fixes: CVE-2021-30846, CVE-2021-30851. + + Security fixes: CVE-2021-30846, CVE-2021-30851, CVE-2021-30818, + CVE-2021-30823, CVE-2021-30884, CVE-2021-30888, CVE-2021-30889, + CVE-2021-30897. - + Security fixes: CVE-2021-30848, CVE-2021-30849, CVE-2021-30858. + + Security fixes: CVE-2021-30848, CVE-2021-30849, CVE-2021-30858, + CVE-2021-30809, CVE-2021-30836. wicked +- fsm: fix device rename via yast (bsc#1194392) + Reset worker config instead to reject a NULL/empty config + xml node -- introduced in wicked 0.6.67 by commit c2a0385. + [+ 0001-fsm-fix-device-rename-via-yast-bsc-1194392.patch] + xorg-x11-server +- u_xfree86-Change-displays-array-to-pointers-array-to-f.patch + Fix segmentation fault during terminal switches with multiple attached + displays (bsc#1188970) + +- Fix typo in %post: xbb.conf -> xkb.conf (boo#1194159) + +- u_xf86-Accept-devices-with-the-simpledrm-driver.patch + * Add workaround to support simpledrm kernel driver +- u_xf86-Accept-devices-with-the-hyperv_drm-driver.patch + * Add workaround to support hyperv_drm kernel driver + xscreensaver +- Reenable PAM (boo#1194058). + yast2 +- ProductFeatures: add boot timeout option (jsc#SLE-22667) +- 4.4.43 + +- Added Y2Packager::NewRepositorySetup to track new repositories + (related to bsc#1194453) +- 4.4.42 + +- Fix PackageAI call to PackagesProposal.GetResolvable. It prevents + a crash when cloning a system (bsc#1195137). +- 4.4.41 + +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.40 + +- Preload libsuseconnect.so if available. On aarch64 installer/YaST + sometimes failed to load libsuseconnect.so with "cannot allocate + memory in static TLS block" error. + Loading the library before others solves the problem until a better + solution is found (bsc#1194996). +- 4.3.39 + +- Unify Package, PackageSystem and PackageAI. Now the Package + module is the entry point. PackageSystem and PackageAI implement + specific logic and they should not be referenced from outside + (bsc#1194886). +- 4.3.38 + +- Fix CWM dialog: argument delegation is handled differently in + ruby 2.6 and before (bsc#1194984). +- 4.4.37 + +- Adapted Report.yesno_popup to Ruby 3 (bsc#1193192) +- 4.4.36 + +- Simplify slide show to support future parallel installations + (jsc#SLE-20437) +- 4.4.35 + +- Fixed test failure in Ruby 2.5, caused by the fix for Ruby 3.0 + (related to bsc#1193192) +- 4.4.34 + +- Y2Packager::Resolvable: added none? method in order to not crash + in case of rubocop automatic change (bsc#1194387) +- 4.4.33 + +- properly pass named arguments in ruby3 (bsc#1193192) +- 4.4.32 + +- Do not reinitialize the packaging system during offline + upgrade (bsc#1193784 and bsc#1192437). +- 4.4.31 + yast2-add-on +- Restore the repo unexpanded URL to get it properly saved in + the /etc/zypp/repos.d file (bsc#972046, bsc#1194851). +- 4.4.7 + +- Enable RSpec verifying doubles in unit tests to ensure that + the mocked methods really exist (bsc#1194784) +- 4.4.6 + yast2-bootloader +- Allow product/system role to select boot timeout (jsc#SLE-22667) +- 4.4.16 + +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.15 + +- Unify YaST module mocking in unit tests (related to bsc#1194784) +- 4.4.14 + +- Autoyast: add support for password protection (jsc#SLE-20928) +- 4.4.13 + +- Add support for powerpc secure boot (bsc#1192764 jsc#SLE-18271). +- 4.4.12 + +- Always check tpm device for trusted boot (bsc#1193886) +- 4.4.11 + yast2-configuration-management +- Adapt to ruby3.1 (bsc#1193192) +- 4.4.2 + +- Adapt to ruby3 (bsc#1193192) +- 4.4.1 + yast2-core +- require glibc-locale for testsuite in cs_CS locale (bsc#1195390) +- 4.4.1 + yast2-country +- Fixed passing multiple arguments to "localectl set-locale" + (bsc#1177863) +- 4.4.11 + +- Unify YaST module mocking in unit tests (related to bsc#1194784) +- 4.4.10 + +- add glibc-locale dependency for testsuite (bsc#1195390) +- 4.4.9 + +- Switch console keyboard layouts to match the X11 ones + (xkb, from xkeyboard-config.rpm), to prepare for + kbd-legacy.rpm going away (jsc#SLE-21107). +- Add programmer Dvorak keyboard layout. +- 4.4.8 + yast2-firewall +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.3 + +- Unify YaST module mocking in unit tests (related to bsc#1194784) +- 4.4.2 + yast2-firstboot +- Add client to configure settings for WSL images (jsc#SLE-20413). +- Provide a yast2-firstboot-wsl subpackage to deploy specific + firstboot config for WSL. +- 4.4.7 + yast2-installation +- Set the Xft.dpi resource after running the X server, + before running yast to fix hidpi issues with Qt 5.15 + (boo#1173451) +- 4.4.40 + +- Fixed crash in Ruby 3.1 after pressing the hamburger menu icon + in the welcome screen (bsc#1195422) +- 4.4.39 + +- Redirect the STDERR output in the memsample script to not + break the YaST UI (bsc#1195116) +- 4.4.38 + +- Handle service name collision during upgrade (bsc#1194453), + do not delete the new services which have the same name + as an old service +- 4.4.37 + +- Adjusted Linux Security Module configuration wording + (related to jsc#SLE-22069). +- 4.4.36 + +- Enable RSpec verifying doubles in unit tests to ensue that + the mocked methods really exist (bsc#1194784) +- Fixed crash when importing an SSH configuration in AutoYaST + installation +- 4.4.35 + +- Show release notes button in progress in Qt interface + (jsc#SLE-20437) +- 4.4.34 + +- Updated yast2 dependency to ensure the new + Y2Packager::Resolvable.none? method is used (bsc#1194387) +- 4.4.33 + +- Do not propose Linux Security Module default configuration when + it is declared as not configurable in the control file or in the + AutoYaST profile (related to jsc#SLE-22069). +- 4.4.32 + +- Add support for selecting and configuring the desired Linux + Security Module during installation (jsc#SLE-22069) +- 4.4.31 + yast2-iscsi-client +- adjust to ruby 3.0 (bsc#1195226) +- 4.4.3 + yast2-network +- Related to (bsc#1194911) + - During installation skip the network configuration dialog when + network is configured with iBFT. + 4.4.39 + +- During installation, do not configure DHCP if there is some + active interface configured by iBFT (bsc#1194911) +- 4.4.38 + +- Fixed interfaces overview help (bsc#1195155) +- 4.4.37 + +- jsc#SLE-22015 + - renamed slaves CLI option to conform to inclusive naming: + yast lan add name=bond0 bond_ports=eth0 eth1 bootproto=dhcp + - the "slaves=" option stays for backward compatibility +- 4.4.36 + +- jsc#SLE-22015 + - make the code conform to inclusive naming, most masters and + slaves are gone. Kept only where makes sense - interface to + sysconfig + - "slave" was replaced by "port" as this naming is already used + by kernel code. "Master" was replaced by directly mentioning + "bond" (device) or "parent" in areas where the code is somehow + shared with e.g., bridge. Devices are not "enslaved" anymore, + but mostly "included". +- 4.4.35 + +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.34 + +- Unify YaST module mocking in unit tests (related to bsc#1194784) +- 4.4.33 + yast2-nfs-client +- Recover hosts caching (related to fate#318196). + +- Adapt code for a better integration with the storage Expert + Partitioner (related to fate#318196). +- Provide a new NfsForm to be used from the Expert Partitioner and + move code to yast-storage-ng. +- 4.4.4 + +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.3 + yast2-nis-client +- Fixed testsuite failure during RPM build (bsc#1195194) +- 4.4.2 + yast2-ntp-client +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.3 + +- Unify YaST module mocking in unit tests (related to bsc#1194784) +- 4.4.2 + yast2-packager +- Remove duplicate repositories created at the end of installation + (repositories which are stored in the *.repo_1 files, bsc#1194546) +- 4.4.23 + +- Fix a wrong reference to PackageSystem#EnsureSourceInit + (bsc#1195519, related to bsc#1194886). +- 4.4.22 + +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.21 + +- Enabled RSpec verifying doubles (bsc#1194784) +- 4.4.20 + +- Simplify slide show to support future parallel installations + (jsc#SLE-20437) +- 4.4.19 + yast2-pkg-bindings +- Pkg.SourceGeneralData() - return the file name from which the + repository was loaded (related to bsc#1194546) +- 4.4.4 + yast2-printer +- Fix broken help text (by @TarasPanchenko Github user, bsc#1195370) +- 4.4.2 + yast2-ruby-bindings +- Set "x509ignoreCN=0" GODEBUG environment variable option to + enable CN (Common Name) matching in SSL certificates in Go programs + (e.g. suseconnect-ng). Without it the CN would be ignored and + only the SAN (Subject Alternative Name) certificate fields would + be used. But the self-signed certificates usually only contain + the CN field without SAN so YaST could not connect to SMT/RMT + registration servers. (bsc#1195220) +- 4.4.8 + +- Added yast/rspec/helpers.rb (related to bsc#1194784) +- 4.4.7 + yast2-s390 +- Fix DasdSummary requirement (bsc#1195753) +- 4.4.4 + +- Related to jsc#SLE-20225 + - Do not limit the number of disks formatted in parallel + - New format dialog introduced +- 4.4.3 + yast2-samba-client +- Switch from file based krb5 ccache to kernel keyring; + (bsc#1109830); +- 4.4.3 + +- With latest versions of samba (>=4.15.0) calling 'net ads lookup' + with '-U%' fails; (boo#1193533). +- 4.4.2 + yast2-samba-server +- Remove libsmbclient-devel BuildRequires in favor of + pkgconfig(smbclient); (jsc#SLE-20577); +- 4.4.2 + +- Replace use of PackageSystem with Package to avoid core dumps; + (bsc#1195182). +- 4.4.1 + yast2-security +- Fixed Export unit test (related to jsc#SLE-22069). +- 4.4.11 + +Related to jsc#SLE-22069: + - AutoYaST LSM: only allow to select the desired LSM and the + SELinux mode. +- 4.4.10 + +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.9 + +- Related to jsc#SLE-22069: + - Fix import of 'none' and 'apparmor' options from the profile + when declared +- 4.4.8 + +Related to jsc#SLE-22069: + - Autoyast LSM section: added "none" section in order to mark it + as not selectable during the installation. +- 4.4.7 + +- Fix security_auto client selinux requirement (bsc#1194449) +- 4.4.6 + +- Do not use the 'lsm' kernel boot parameter by now as it could + need other modules to be pecified like the integrity one + (bsc#1194332). +- 4.4.5 + +- Related to jsc#SLE-22069: + - Autoyast LSM section: added "selectable" option to the section + - Do not propose a default LSM configuration when it is declared + as not configurable in the control file or AutoYaST +- 4.4.4 + +- Added back the selinux boot parameter when selinux is selected + and not disabled in order to switch on SELinux (jsc#SLE-22069) +- 4.4.3 + +- Add support for selecting and configuring the desired Linux + Security Module (jsc#SLE-22069) +- 4.4.2 + yast2-snapper +- Do not crash when trying to show found differences + between snapshots (bsc#1195021). +- 4.4.2 + yast2-storage-ng +- Partitioner: 'Add NFS' instead of 'Add Nfs' in the menu (related + to fate#318196). +- 4.4.36 + +- Partitioner: the details popup for an NFS displays 'defaults' + instead of an empty string if no mount options are specified for + that NFS (related to fate#318196). + +- Partitioner: improve integration with yast2-nfs-client to offer + a consistent user experience (related to fate#318196 and + bsc#1156446). +- 4.4.35 + +- Use Package module instead of PackageSystem (bsc#1194886). +- 4.4.34 + +- Fix tests according to new Md size reported by libstorage-ng + (related to bsc#1168914). +- 4.4.33 + +- Enable RSpec verifying doubles (bsc#1194784) + +- Allow to skip the activation of the rest of LUKS devices + (bsc#1162545). +- Partitioner: always allow to provide password for closed LUKS + devices. +- 4.4.32 + +- Fix calling keywords for IssuesReporter in ruby3 (bsc#1194342) +- 4.4.31 + +- Display LUKS2 configuration checkbox in the installer console + (related to jsc#SLE-21308) +- 4.4.30 + +- Adapt for ruby 3.1 (bsc#1193192) +- 4.4.29 + +- Dropped test clients proposal_testing and partitioner_testing in + favor of a more powerful one called storage_testing (related to + fate#318196). + +- Partitioner: added a warning if a required mount option, eg. + _netdev, is missing in a mount point (jsc#SLE-20535). +- 4.4.28 + yast2-trans +- Update to version 84.87.20220211.620fde21a3: + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * New POT for text domain 'storage'. + * New POT for text domain 's390'. + * New POT for text domain 'dns-server'. + * Translated using Weblate (Turkish) + * New POT for text domain 'packager'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + +- Update to version 84.87.20220206.a953ff83bc: + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Spanish) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * New POT for text domain 'storage'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * New POT for text domain 'S390'. + * New POT for text domain 's390'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * Translated using Weblate (Dutch) + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Dutch) + * Translated using Weblate (Finnish) + * Translated using Weblate (Catalan) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * New POT for text domain 'storage'. + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + * New POT for text domain 'dns-server'. + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * New POT for text domain 'printer'. + * New POT for text domain 'kdump'. + * Translated using Weblate (Catalan) + * New POT for text domain 'vpn'. + * New POT for text domain 'users'. + * New POT for text domain 'update'. + * New POT for text domain 'tune'. + * New POT for text domain 'tftp-server'. + * New POT for text domain 'sysconfig'. + * New POT for text domain 'support'. + * New POT for text domain 'sudo'. + * New POT for text domain 'storage'. + * New POT for text domain 'squid'. + * New POT for text domain 'sound'. + * New POT for text domain 'snapper'. + * New POT for text domain 'slp-server'. + * New POT for text domain 'services-manager'. + * New POT for text domain 'security'. + * New POT for text domain 'scanner'. + * New POT for text domain 'samba-server'. + * New POT for text domain 'samba-client'. + * New POT for text domain 's390'. + * New POT for text domain 'rmt'. + * New POT for text domain 'registration'. + * New POT for text domain 'rear'. + * New POT for text domain 'proxy'. + * New POT for text domain 'printer'. + * New POT for text domain 'pam'. + * New POT for text domain 'packager'. + * New POT for text domain 'online-update-configuration'. + * New POT for text domain 'online-update'. + * New POT for text domain 'oneclickinstall'. + * New POT for text domain 'ntp-client'. + * New POT for text domain 'nis_server'. + * New POT for text domain 'nis'. + * New POT for text domain 'nfs_server'. + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + * New POT for text domain 'migration'. + * New POT for text domain 'mail'. + * New POT for text domain 'ldap-client'. + * New POT for text domain 'ldap'. + * New POT for text domain 'kdump'. + * New POT for text domain 'journalctl'. + * New POT for text domain 'journal'. + * New POT for text domain 'isns'. + * New POT for text domain 'iscsi-lio-server'. + * New POT for text domain 'iscsi-client'. + * New POT for text domain 'instserver'. + * New POT for text domain 'installation'. + * New POT for text domain 'http-server'. + * New POT for text domain 'ftp-server'. + * New POT for text domain 'firewall'. + * New POT for text domain 'fcoe-client'. + * New POT for text domain 'drbd'. + * New POT for text domain 'docker'. + * New POT for text domain 'dns-server'. + * New POT for text domain 'dhcp-server'. + * New POT for text domain 'crowbar'. + * New POT for text domain 'country'. + * New POT for text domain 'control'. + * New POT for text domain 'configuration_management'. + * New POT for text domain 'cluster'. + * New POT for text domain 'cio'. + * New POT for text domain 'caasp'. + * New POT for text domain 'bootloader'. + * New POT for text domain 'base'. + * New POT for text domain 'autoinst'. + * New POT for text domain 'authserver'. + * New POT for text domain 'auth-client'. + * New POT for text domain 'audit-laf'. + * New POT for text domain 'apparmor'. + * New POT for text domain 'alternatives'. + * New POT for text domain 'add-on'. + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Slovak) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Slovak) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Dutch) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * New POT for text domain 'vpn'. + * New POT for text domain 'users'. + * New POT for text domain 'update'. + * New POT for text domain 'tune'. + * New POT for text domain 'tftp-server'. + * New POT for text domain 'sysconfig'. + * New POT for text domain 'support'. + * New POT for text domain 'sudo'. + * New POT for text domain 'storage'. + * New POT for text domain 'squid'. + * New POT for text domain 'sound'. + * New POT for text domain 'snapper'. + * New POT for text domain 'slp-server'. + * New POT for text domain 'services-manager'. + * New POT for text domain 'security'. + * New POT for text domain 'scanner'. + * New POT for text domain 'sap-installation-wizard'. + * New POT for text domain 'samba-server'. + * New POT for text domain 'samba-client'. + * New POT for text domain 's390'. + * New POT for text domain 'rmt'. + * New POT for text domain 'registration'. + * New POT for text domain 'rear'. + * New POT for text domain 'proxy'. + * New POT for text domain 'printer'. + * New POT for text domain 'pam'. + * New POT for text domain 'packager'. + * New POT for text domain 'online-update-configuration'. + * New POT for text domain 'online-update'. + * New POT for text domain 'oneclickinstall'. + * New POT for text domain 'ntp-client'. + * New POT for text domain 'nis_server'. + * New POT for text domain 'nis'. + * New POT for text domain 'nfs_server'. + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + * New POT for text domain 'migration'. + * New POT for text domain 'mail'. + * New POT for text domain 'ldap-client'. + * New POT for text domain 'ldap'. + * New POT for text domain 'kdump'. + * New POT for text domain 'journalctl'. + * New POT for text domain 'journal'. + * New POT for text domain 'isns'. + * New POT for text domain 'iscsi-lio-server'. + * New POT for text domain 'iscsi-client'. + * New POT for text domain 'instserver'. + * New POT for text domain 'installation'. + * New POT for text domain 'http-server'. + * New POT for text domain 'hana-update'. + * New POT for text domain 'hana-ha'. + * New POT for text domain 'ftp-server'. + * New POT for text domain 'firewall'. + * New POT for text domain 'fcoe-client'. + * New POT for text domain 'drbd'. + * New POT for text domain 'docker'. + * New POT for text domain 'dns-server'. + * New POT for text domain 'dhcp-server'. + * New POT for text domain 'crowbar'. + * New POT for text domain 'country'. + * New POT for text domain 'control'. + * New POT for text domain 'configuration_management'. + * New POT for text domain 'cluster'. + * New POT for text domain 'cio'. + * New POT for text domain 'caasp'. + * New POT for text domain 'bootloader'. + * New POT for text domain 'base'. + * New POT for text domain 'autoinst'. + * New POT for text domain 'authserver'. + * New POT for text domain 'auth-client'. + * New POT for text domain 'audit-laf'. + * New POT for text domain 'apparmor'. + * New POT for text domain 'alternatives'. + * New POT for text domain 'add-on'. + +- Update to version 84.87.20220131.0700dd3449: + * Translated using Weblate (Finnish) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Finnish) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Japanese) + * Translated using Weblate (Slovak) + * Translated using Weblate (Czech) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * New POT for text domain 'storage'. + * New POT for text domain 'security'. + * New POT for text domain 'installation'. + * New POT for text domain 'base'. + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * New POT for text domain 'control'. + * New POT for text domain 'autoinst'. + * Translated using Weblate (German) + * Translated using Weblate (Spanish) + +- Update to version 84.87.20220123.256c7f91b3: + * Translated using Weblate (Spanish) + * Translated using Weblate (Catalan) + * New POT for text domain 'vpn'. + * New POT for text domain 'users'. + * New POT for text domain 'update'. + * New POT for text domain 'tune'. + * New POT for text domain 'tftp-server'. + * New POT for text domain 'sysconfig'. + * New POT for text domain 'support'. + * New POT for text domain 'sudo'. + * New POT for text domain 'storage'. + * New POT for text domain 'squid'. + * New POT for text domain 'sound'. + * New POT for text domain 'snapper'. + * New POT for text domain 'slp-server'. + * New POT for text domain 'services-manager'. + * New POT for text domain 'security'. + * New POT for text domain 'scanner'. + * New POT for text domain 'samba-server'. + * New POT for text domain 'samba-client'. + * New POT for text domain 's390'. + * New POT for text domain 'registration'. + * New POT for text domain 'rear'. + * New POT for text domain 'proxy'. + * New POT for text domain 'printer'. + * New POT for text domain 'pam'. + * New POT for text domain 'packager'. + * New POT for text domain 'online-update-configuration'. + * New POT for text domain 'online-update'. + * New POT for text domain 'oneclickinstall'. + * New POT for text domain 'ntp-client'. + * New POT for text domain 'nis_server'. + * New POT for text domain 'nis'. + * New POT for text domain 'nfs_server'. + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + * New POT for text domain 'migration'. + * New POT for text domain 'mail'. + * New POT for text domain 'ldap-client'. + * New POT for text domain 'ldap'. + * New POT for text domain 'kdump'. + * New POT for text domain 'journalctl'. + * New POT for text domain 'journal'. + * New POT for text domain 'isns'. + * New POT for text domain 'iscsi-lio-server'. + * New POT for text domain 'iscsi-client'. + * New POT for text domain 'instserver'. + * New POT for text domain 'installation'. + * New POT for text domain 'http-server'. + * New POT for text domain 'ftp-server'. + * New POT for text domain 'firewall'. + * New POT for text domain 'fcoe-client'. + * New POT for text domain 'drbd'. + * New POT for text domain 'docker'. + * New POT for text domain 'dns-server'. + * New POT for text domain 'dhcp-server'. + * New POT for text domain 'crowbar'. + * New POT for text domain 'country'. + * New POT for text domain 'control'. + * New POT for text domain 'configuration_management'. + * New POT for text domain 'cluster'. + * New POT for text domain 'cio'. + * New POT for text domain 'caasp'. + * New POT for text domain 'bootloader'. + * New POT for text domain 'base'. + * New POT for text domain 'autoinst'. + * New POT for text domain 'authserver'. + * New POT for text domain 'auth-client'. + * New POT for text domain 'audit-laf'. + * New POT for text domain 'apparmor'. + * New POT for text domain 'alternatives'. + * New POT for text domain 'add-on'. + * Translated using Weblate (Czech) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * New POT for text domain 'country'. + * New POT for text domain 'autoinst'. + * New POT for text domain 'add-on'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * New POT for text domain 'vpn'. + * New POT for text domain 'users'. + * New POT for text domain 'update'. + * New POT for text domain 'tune'. + * New POT for text domain 'tftp-server'. + * New POT for text domain 'sysconfig'. + * New POT for text domain 'support'. + * New POT for text domain 'sudo'. + * New POT for text domain 'storage'. + * New POT for text domain 'squid'. + * New POT for text domain 'sound'. + * New POT for text domain 'snapper'. + * New POT for text domain 'slp-server'. + * New POT for text domain 'services-manager'. + * New POT for text domain 'security'. + * New POT for text domain 'scanner'. + * New POT for text domain 'samba-server'. + * New POT for text domain 'samba-client'. + * New POT for text domain 's390'. + * New POT for text domain 'registration'. + * New POT for text domain 'rear'. + * New POT for text domain 'proxy'. + * New POT for text domain 'printer'. + * New POT for text domain 'pam'. + * New POT for text domain 'packager'. + * New POT for text domain 'online-update-configuration'. + * New POT for text domain 'online-update'. + * New POT for text domain 'oneclickinstall'. + * New POT for text domain 'ntp-client'. + * New POT for text domain 'nis_server'. + * New POT for text domain 'nis'. + * New POT for text domain 'nfs_server'. + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + * New POT for text domain 'migration'. + * New POT for text domain 'mail'. + * New POT for text domain 'ldap-client'. + * New POT for text domain 'ldap'. + * New POT for text domain 'kdump'. + * New POT for text domain 'journalctl'. + * New POT for text domain 'journal'. + * New POT for text domain 'isns'. + * New POT for text domain 'iscsi-lio-server'. + * New POT for text domain 'iscsi-client'. + * New POT for text domain 'instserver'. + * New POT for text domain 'installation'. + * New POT for text domain 'http-server'. + * New POT for text domain 'ftp-server'. + * New POT for text domain 'firewall'. + * New POT for text domain 'fcoe-client'. + * New POT for text domain 'drbd'. + * New POT for text domain 'docker'. + * New POT for text domain 'dns-server'. + * New POT for text domain 'dhcp-server'. + * New POT for text domain 'crowbar'. + * New POT for text domain 'country'. + * New POT for text domain 'control'. + * New POT for text domain 'configuration_management'. + * New POT for text domain 'cluster'. + * New POT for text domain 'cio'. + * New POT for text domain 'caasp'. + * New POT for text domain 'bootloader'. + * New POT for text domain 'base'. + * New POT for text domain 'autoinst'. + * New POT for text domain 'authserver'. + * New POT for text domain 'auth-client'. + * New POT for text domain 'audit-laf'. + * New POT for text domain 'apparmor'. + * New POT for text domain 'alternatives'. + * New POT for text domain 'add-on'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (Dutch) + * Translated using Weblate (Dutch) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * product-check.sh: Proper indentation for bc095e9e0d + * product-check.sh: Add new check More projects use the same RPMNAME + * product-check.sh: Update sample configuration to SLE15 SP4 and Leap 15.4. + * Add sap-installation-wizard to DOMAIN_MAP. + * New POT for text domain 'wol'. + * New POT for text domain 'vpn'. + * New POT for text domain 'users'. + * New POT for text domain 'update'. + * New POT for text domain 'tune'. + * New POT for text domain 'sysconfig'. + * New POT for text domain 'support'. + * New POT for text domain 'sudo'. + * New POT for text domain 'storage'. + * New POT for text domain 'squid'. + * New POT for text domain 'sound'. + * New POT for text domain 'snapper'. + * New POT for text domain 'slp-server'. + * New POT for text domain 'services-manager'. + * New POT for text domain 'security'. + * New POT for text domain 'scanner'. + * New POT for text domain 'samba-server'. + * New POT for text domain 'samba-client'. + * New POT for text domain 's390'. + * New POT for text domain 'rmt'. + * New POT for text domain 'relocation-server'. + * New POT for text domain 'reipl'. + * New POT for text domain 'registration'. + * New POT for text domain 'rdp'. + * New POT for text domain 'proxy'. + * New POT for text domain 'printer'. + * New POT for text domain 'pam'. + * New POT for text domain 'packager'. + * New POT for text domain 'online-update'. + * New POT for text domain 'ntp-client'. + * New POT for text domain 'nis_server'. + * New POT for text domain 'nis'. + * New POT for text domain 'nfs_server'. + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + * New POT for text domain 'multipath'. + * New POT for text domain 'migration'. + * New POT for text domain 'mail'. + * New POT for text domain 'ldap-client'. + * New POT for text domain 'ldap'. + * New POT for text domain 'kdump'. + * New POT for text domain 'journalctl'. + * New POT for text domain 'isns'. + * New POT for text domain 'iscsi-lio-server'. + * New POT for text domain 'iscsi-client'. + * New POT for text domain 'iplb'. + * New POT for text domain 'instserver'. + * New POT for text domain 'installation'. + * New POT for text domain 'http-server'. + * New POT for text domain 'geo-cluster'. + * New POT for text domain 'ftp-server'. + * New POT for text domain 'firewall'. + * New POT for text domain 'fcoe-client'. + * New POT for text domain 'drbd'. + * New POT for text domain 'dns-server'. + * New POT for text domain 'dhcp-server'. + * New POT for text domain 'crowbar'. + * New POT for text domain 'country'. + * New POT for text domain 'control'. + * New POT for text domain 'cluster'. + * New POT for text domain 'bootloader'. + * New POT for text domain 'base'. + * New POT for text domain 'autoinst'. + * New POT for text domain 'auth-client'. + * New POT for text domain 'audit-laf'. + * New POT for text domain 'apparmor'. + * New POT for text domain 'add-on'. + * Automatic update of wol. + * Automatic update of vpn. + * Automatic update of users. + * Automatic update of update. + * Automatic update of tune. + * Automatic update of s390. + * Automatic update of sysconfig. + * Automatic update of support. + * Automatic update of sudo. + * Automatic update of storage. + * Automatic update of squid. + * Automatic update of sound. + * Automatic update of snapper. + * Automatic update of slp-server. + * Automatic update of services-manager. + * Automatic update of security. + * Automatic update of scanner. + * Automatic update of sap-installation-wizard. + * Automatic update of samba-server. + * Automatic update of samba-client. + * Automatic update of rmt. + * Automatic update of relocation-server. + * Automatic update of reipl. + * Automatic update of registration. + * Automatic update of rdp. + * Automatic update of proxy. + * Automatic update of printer. + * Automatic update of pam. + * Automatic update of packager. + * Automatic update of online-update. + * Automatic update of ntp-client. + * Automatic update of nis_server. + * Automatic update of nis. + * Automatic update of nfs_server. + * Automatic update of nfs. + * Automatic update of network. + * Automatic update of multipath. + * Automatic update of migration. + * Automatic update of mail. + * Automatic update of ldap-client. + * Automatic update of ldap. + * Automatic update of kdump. + * Automatic update of journalctl. + * Automatic update of isns. + * Automatic update of iscsi-lio-server. + * Automatic update of iscsi-client. + * Automatic update of iplb. + * Automatic update of instserver. + * Automatic update of installation. + * Automatic update of http-server. + * Automatic update of geo-cluster. + * Automatic update of ftp-server. + * Automatic update of firewall. + * Automatic update of fcoe-client. + * Automatic update of drbd. + * Automatic update of dns-server. + * Automatic update of dhcp-server. + * Automatic update of crowbar. + * Automatic update of country. + * Automatic update of control. + * Automatic update of cluster. + * Automatic update of bootloader. + * Automatic update of base. + * Automatic update of autoinst. + * Automatic update of auth-client. + * Automatic update of audit-laf. + * Automatic update of apparmor. + * Automatic update of add-on. + * Translated using Weblate (Slovak) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Do not translate yast/y2status + * Translated using Weblate (Japanese) + * Translated using Weblate (Dutch) + * Translated using Weblate (Japanese) + * New POT for text domain 'wol'. + * New POT for text domain 'vpn'. + * New POT for text domain 'users'. + * New POT for text domain 'update'. + * New POT for text domain 'tune'. + * New POT for text domain 'sysconfig'. + * New POT for text domain 'support'. + * New POT for text domain 'sudo'. + * New POT for text domain 'storage'. + * New POT for text domain 'squid'. + * New POT for text domain 'sound'. + * New POT for text domain 'snapper'. + * New POT for text domain 'slp-server'. + * New POT for text domain 'services-manager'. + * New POT for text domain 'security'. + * New POT for text domain 'scanner'. + * New POT for text domain 'samba-server'. + * New POT for text domain 'samba-client'. + * New POT for text domain 's390'. + * New POT for text domain 'rmt'. + * New POT for text domain 'relocation-server'. + * New POT for text domain 'reipl'. + * New POT for text domain 'registration'. + * New POT for text domain 'rdp'. + * New POT for text domain 'proxy'. + * New POT for text domain 'printer'. + * New POT for text domain 'pam'. + * New POT for text domain 'packager'. + * New POT for text domain 'online-update'. + * New POT for text domain 'ntp-client'. + * New POT for text domain 'nis_server'. + * New POT for text domain 'nis'. + * New POT for text domain 'nfs_server'. + * New POT for text domain 'nfs'. + * New POT for text domain 'network'. + * New POT for text domain 'multipath'. + * New POT for text domain 'migration'. + * New POT for text domain 'mail'. + * New POT for text domain 'ldap-client'. + * New POT for text domain 'ldap'. + * New POT for text domain 'kdump'. + * New POT for text domain 'journalctl'. + * New POT for text domain 'isns'. + * New POT for text domain 'iscsi-lio-server'. + * New POT for text domain 'iscsi-client'. + * New POT for text domain 'iplb'. + * New POT for text domain 'instserver'. + * New POT for text domain 'installation'. + * New POT for text domain 'http-server'. + * New POT for text domain 'geo-cluster'. + * New POT for text domain 'ftp-server'. + * New POT for text domain 'firewall'. + * New POT for text domain 'fcoe-client'. + * New POT for text domain 'drbd'. + * New POT for text domain 'dns-server'. + * New POT for text domain 'dhcp-server'. + * New POT for text domain 'crowbar'. + * New POT for text domain 'country'. + * New POT for text domain 'control'. + * New POT for text domain 'cluster'. + * New POT for text domain 'bootloader'. + * New POT for text domain 'base'. + * New POT for text domain 'autoinst'. + * New POT for text domain 'auth-client'. + * New POT for text domain 'audit-laf'. + * New POT for text domain 'apparmor'. + * New POT for text domain 'add-on'. + * Update DOMAIN_MAP + * Automatic update of wol. + * Automatic update of vpn. + * Automatic update of users. + * Automatic update of update. + * Automatic update of tune. + * Automatic update of s390. + * Automatic update of sysconfig. + * Automatic update of support. + * Automatic update of sudo. + * Automatic update of storage. + * Automatic update of squid. + * Automatic update of sound. + * Automatic update of snapper. + * Automatic update of slp-server. + * Automatic update of services-manager. + * Automatic update of security. + * Automatic update of scanner. + * Automatic update of samba-server. + * Automatic update of samba-client. + * Automatic update of rmt. + * Automatic update of relocation-server. + * Automatic update of reipl. + * Automatic update of registration. + * Automatic update of rdp. + * Automatic update of qt-pkg. + * Automatic update of qt. + * Automatic update of proxy. + * Automatic update of printer. + * Automatic update of pam. + * Automatic update of packager. + * Automatic update of online-update. + * Automatic update of ntp-client. + * Automatic update of nis_server. + * Automatic update of nis. + * Automatic update of nfs_server. + * Automatic update of nfs. + * Automatic update of network. + * Automatic update of ncurses-pkg. + * Automatic update of ncurses. + * Automatic update of multipath. + * Automatic update of migration. + * Automatic update of mail. + * Automatic update of ldap-client. + * Automatic update of ldap. + * Automatic update of kdump. + * Automatic update of journalctl. + * Automatic update of isns. + * Automatic update of iscsi-lio-server. + * Automatic update of iscsi-client. + * Automatic update of iplb. + * Automatic update of instserver. + * Automatic update of installation. + * Automatic update of http-server. + * Automatic update of geo-cluster. + * Automatic update of ftp-server. + * Automatic update of firstboot. + * Automatic update of firewall. + * Automatic update of fcoe-client. + * Automatic update of drbd. + * Automatic update of dns-server. + * Automatic update of dhcp-server. + * Automatic update of crowbar. + * Automatic update of country. + * Automatic update of control. + * Automatic update of cluster. + * Automatic update of bootloader. + * Automatic update of base. + * Automatic update of autoinst. + * Automatic update of auth-client. + * Automatic update of audit-laf. + * Automatic update of apparmor. + * Automatic update of add-on. + +- Update to version 84.87.20220116.6b981cb0d7: + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Russian) + * Translated using Weblate (Italian) + * Translated using Weblate (Italian) + * Translated using Weblate (Italian) + * New POT for text domain 'autoinst'. + * Translated using Weblate (Italian) + * Translated using Weblate (Italian) + * New POT for text domain 'packager'. + * New POT for text domain 'dhcp-server'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Dutch) + * Translated using Weblate (Japanese) + * Translated using Weblate (Catalan) + * New POT for text domain 'storage'. + * New POT for text domain 'packager'. + * New POT for text domain 'installation'. + * New POT for text domain 'bootloader'. + * New POT for text domain 'base'. + * Translated using Weblate (Indonesian) + * Translated using Weblate (Indonesian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + +- Update to version 84.87.20220109.a8187edd75: + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Slovak) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Portuguese (Brazil)) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * New POT for text domain 'installation'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * Translated using Weblate (Slovak) + * New POT for text domain 'storage'. + * Translated using Weblate (Arabic) + +- Update to version 84.87.20220102.99430aa97b: + * Translated using Weblate (Italian) + * Translated using Weblate (Italian) + * Translated using Weblate (Italian) + * Translated using Weblate (Spanish) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * Translated using Weblate (Lithuanian) + * Translated using Weblate (Lithuanian) + * Translated using Weblate (Lithuanian) + * Translated using Weblate (Arabic) + * New POT for text domain 'installation'. + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * New POT for text domain 'security'. + * New POT for text domain 'installation'. + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + +- Update to version 84.87.20211227.623da84d84: + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Slovak) + * New POT for text domain 'storage'. + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Catalan) + * Translated using Weblate (Catalan) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Japanese) + * Translated using Weblate (Slovak) + * New POT for text domain 'storage'. + * New POT for text domain 'base'. + +- Update to version 84.87.20211219.ed0ba1e469: + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Slovak) + * Translated using Weblate (Slovak) + * New POT for text domain 'autoinst'. + * Translated using Weblate (German) + * Translated using Weblate (German) + * Translated using Weblate (Catalan) + * Translated using Weblate (Japanese) + * Translated using Weblate (Japanese) + * New POT for text domain 'tune'. + * New POT for text domain 'registration'. + * New POT for text domain 'installation'. + * New POT for text domain 'packager'. + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * New POT for text domain 'registration'. + * New POT for text domain 'installation'. + * New POT for text domain 'bootloader'. + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Catalan) + * New POT for text domain 'installation'. + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + * Translated using Weblate (Ukrainian) + yast2-ycp-ui-bindings +- Added UI.AskForWidgetStyle() (jsc#SLE-20564) +- Added HasWidgetStyleSupport capability to UI.GetDisplayInfo() +- Adapted to libyui SO bump 15 -> 16 +- 4.4.1 + zlib +- Update 410.patch to include new fixes from upstream, + fixes bsc#1192688 +- Refresh bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch + to match upstream commit +- Drop patches which changes have been merged in 410.patch: + * zlib-compression-switching.patch + * zlib-390x-z15-fix-hw-compression.patch + * bsc1174551-fxi-imcomplete-raw-streams.patch + zypper +- Singletrans: handle fatal and non-fatal script errors properly. +- Add SingleTransReportReceiver. +- Immediately write out additional rpm output. +- BuildRequires: libzypp-devel >= 17.29.0. + Need SingleTransReport and immediate rpm script output reports. +- version 1.14.51 +