------------------------------------------------------------------ --- Changelog.all ----------- Thu Mar 26 14:48:21 UTC 2026 ------ ------------------------------------------------------------------ ------------------------------------------------------------------ ------------------ 2026-3-20 - Mar 20 2026 ------------------- ------------------------------------------------------------------ ++++ nghttp2: - added patches CVE-2026-27135: assertion failure due to missing state validation can lead to DoS (bsc#1259845) * nghttp2-CVE-2026-27135.patch ++++ rust-keylime: - Suggests only the IMA policy package, and keep it as example (bsc#1259963) - Add Cargo_toml.patch to re-generate TSS bindings - Update to version 0.2.9+8: * build(deps): bump thiserror from 2.0.17 to 2.0.18 * build(deps): bump docker/login-action from 3 to 4 * build(deps): bump docker/metadata-action from 5 to 6 * Remove generate-bindings feature from tss-esapi * Use port constants instead of hardcoded values in tests * push-attestation: Use registrar TLS port when TLS is enabled * build(deps): bump docker/build-push-action from 6 to 7 * build(deps): bump actions/upload-artifact from 6 to 7 * dist: Make the services to conflict with each other * Bump version to 0.2.9 * build(deps): bump mockoon/cli-action from 2 to 3 * cargo: Bump tracing_subscriber to version 0.3.20 * cargo: Bump time to version 0.3.47 * build(deps): bump http from 1.3.1 to 1.4.0 * Update reqwest from 0.12 to 0.13 * build(deps): bump serde from 1.0.219 to 1.0.228 * auth: Load CA certificate in authentication client * packit: Add missing e2e tests * registrar: Rename insecure option to disable_tls * push-attestation: Drop self-signed mTLS certificate generation * config: Add missing config options to keylime-agent.conf * config: Add support for "default" in registrar_api_versions option * config: Add support for "default" in registrar_tls_ca_cert option * config: Drop unused config options and constants * push-attestation: Drop support for mTLS to registrar * push-attestation: Drop mTLS support and require PoP authentication * build(deps): bump clap from 4.5.45 to 4.5.54 * build(deps): bump actix-web from 4.11.0 to 4.12.1 * auth: Reuse existing ContextInfo to avoid duplicate TPM objects * resilient_client: Reauthenticate if a 403 error is received ------------------------------------------------------------------ ------------------ 2026-3-17 - Mar 17 2026 ------------------- ------------------------------------------------------------------ ++++ python-tornado6: - CVE-2026-31958: parsing large multipart bodies with many parts can cause a denial of service (bsc#1259553) * added CVE-2026-31958.patch - VUL-0: incomplete validation of cookie attributes allows for injection of user-controlled values in other cookie attributes (bsc#1259630) * added VUL-0-cookie-attribute-validation.patch ------------------------------------------------------------------ ------------------ 2026-3-11 - Mar 11 2026 ------------------- ------------------------------------------------------------------ ++++ vim: * Update Vim to version 9.2.0110 (from 9.2.0045). * Specifically, this fixes bsc#1259051 / CVE-2026-28417. ------------------------------------------------------------------ ------------------ 2026-3-9 - Mar 9 2026 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fixes: * CVE-2026-1965: Bad reuse of HTTP Negotiate connection (bsc#1259362) * CVE-2026-3783: Token leak with redirect and netrc (bsc#1259363) * CVE-2026-3784: Wrong proxy connection reuse with credentials (bsc#1259364) * CVE-2026-3805: Use after free in SMB connection reuse (bsc#1259365) * tool_operate: reset the URL --url-query between --next (510fdad) * Add patches: - curl-CVE-2026-1965.patch curl-CVE-2026-1965-disable-ntlm-fix.patch - curl-CVE-2026-3783.patch - curl-CVE-2026-3784.patch - curl-CVE-2026-3805.patch ++++ kernel-default: - dm mpath: make pg_init_delay_msecs settable (git-fixes). - commit b2a0fd6 - dm: clear cloned request bio pointer when last clone bio completes (git-fixes). - commit d6eb6ea - dm: remove fake timeout to avoid leak request (git-fixes). - commit bf8f04d - add bugnumber to existing mana change (bsc#1252266). - net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes). - PCI: hv: remove unnecessary module_init/exit functions (git-fixes). - PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes). - RDMA/mana_ib: Add device-memory support (git-fixes). - RDMA/mana_ib: Take CQ type from the device type (git-fixes). - net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472). - Drivers: hv: Always do Hyper-V panic notification in hv_kmsg_dump() (git-fixes). - net: mana: Fix use-after-free in reset service rescan path (git-fixes). - net: mana: Handle hardware recovery events when probing the device (bsc#1257466). - net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes). - net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes). - net: mana: Add standard counter rx_missed_errors (git-fixes). - commit dde91c8 - btrfs: fallback to buffered IO if the data profile has duplication (git-fixes). - commit c194c61 - arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS (bsc#1259329) - commit c775b21 - selftests/bpf: add verifier sign extension bound computation tests (git-fixes). - bpf: verifier improvement in 32bit shift sign extension pattern (git-fixes). - commit 9625613 ++++ kernel-rt: - dm mpath: make pg_init_delay_msecs settable (git-fixes). - commit b2a0fd6 - dm: clear cloned request bio pointer when last clone bio completes (git-fixes). - commit d6eb6ea - dm: remove fake timeout to avoid leak request (git-fixes). - commit bf8f04d - add bugnumber to existing mana change (bsc#1252266). - net: mana: Ring doorbell at 4 CQ wraparounds (git-fixes). - PCI: hv: remove unnecessary module_init/exit functions (git-fixes). - PCI: hv: Remove unused field pci_bus in struct hv_pcibus_device (git-fixes). - RDMA/mana_ib: Add device-memory support (git-fixes). - RDMA/mana_ib: Take CQ type from the device type (git-fixes). - net: mana: Implement ndo_tx_timeout and serialize queue resets per port (bsc#1257472). - Drivers: hv: Always do Hyper-V panic notification in hv_kmsg_dump() (git-fixes). - net: mana: Fix use-after-free in reset service rescan path (git-fixes). - net: mana: Handle hardware recovery events when probing the device (bsc#1257466). - net: mana: Drop TX skb on post_work_request failure and unmap resources (git-fixes). - net: mana: Handle SKB if TX SGEs exceed hardware limit (git-fixes). - net: mana: Add standard counter rx_missed_errors (git-fixes). - commit dde91c8 - btrfs: fallback to buffered IO if the data profile has duplication (git-fixes). - commit c194c61 - arm64: contpte: fix set_access_flags() no-op check for SMMU/ATS (bsc#1259329) - commit c775b21 - selftests/bpf: add verifier sign extension bound computation tests (git-fixes). - bpf: verifier improvement in 32bit shift sign extension pattern (git-fixes). - commit 9625613 ++++ python-maturin: - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257918) * refreshed vendor tarball to update time crate to 0.3.47 ------------------------------------------------------------------ ------------------ 2026-3-8 - Mar 8 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read (git-fixes). - hwmon: (it87) Check the it87_lock() return value (git-fixes). - commit 8d41466 ++++ kernel-rt: - hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read (git-fixes). - hwmon: (it87) Check the it87_lock() return value (git-fixes). - commit 8d41466 ------------------------------------------------------------------ ------------------ 2026-3-7 - Mar 7 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/xe/reg_sr: Fix leak on xa_store failure (git-fixes). - drm/xe: Do not preempt fence signaling CS instructions (git-fixes). - nouveau/dpcd: return EBUSY for aux xfer if the device is asleep (git-fixes). - drm/sched: Fix kernel-doc warning for drm_sched_job_done() (git-fixes). - drm/solomon: Fix page start when updating rectangle in page addressing mode (git-fixes). - platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data (git-fixes). - pmdomain: bcm: bcm2835-power: Fix broken reset status read (git-fixes). - ata: libata-core: Disable LPM on ST1000DM010-2EP102 (git-fixes). - commit a06b327 ++++ kernel-rt: - drm/xe/reg_sr: Fix leak on xa_store failure (git-fixes). - drm/xe: Do not preempt fence signaling CS instructions (git-fixes). - nouveau/dpcd: return EBUSY for aux xfer if the device is asleep (git-fixes). - drm/sched: Fix kernel-doc warning for drm_sched_job_done() (git-fixes). - drm/solomon: Fix page start when updating rectangle in page addressing mode (git-fixes). - platform/x86: dell-wmi-sysman: Don't hex dump plaintext password data (git-fixes). - pmdomain: bcm: bcm2835-power: Fix broken reset status read (git-fixes). - ata: libata-core: Disable LPM on ST1000DM010-2EP102 (git-fixes). - commit a06b327 ------------------------------------------------------------------ ------------------ 2026-3-6 - Mar 6 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - tracing: Fix crash on synthetic stacktrace field usage (CVE-2026-23088 bsc#1257814). - commit 41fea09 - tracing: Do not register unsupported perf events (CVE-2025-71125 bsc#1256784). - commit 8e15740 - tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs (CVE-2025-68329 bsc#1255490). - commit b6b73bb - ftrace: Fix softlockup in ftrace_module_enable (CVE-2025-68173 bsc#1255311). - commit 2eaaeb0 - ring-buffer: Do not warn in ring_buffer_map_get_reader() when reader catches up (CVE-2025-68186 bsc#1255144). - commit 6132115 - nfc: rawsock: cancel tx_work before socket teardown (git-fixes). - nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback (git-fixes). - nfc: nci: free skb on nci_transceive early error paths (git-fixes). - net: nfc: nci: Fix zero-length proprietary notifications (git-fixes). - can: usb: f81604: correctly anchor the urb in the read bulk callback (git-fixes). - can: usb: f81604: handle bulk write errors properly (git-fixes). - can: usb: f81604: handle short interrupt urb messages properly (git-fixes). - can: usb: etas_es58x: correctly anchor the urb in the read bulk callback (git-fixes). - can: ucan: Fix infinite loop from zero-length messages (git-fixes). - can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message (git-fixes). - can: mcp251x: fix deadlock in error path of mcp251x_open (git-fixes). - can: bcm: fix locking for bcm_op runtime updates (git-fixes). - wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() (git-fixes). - wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211() (git-fixes). - wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() (git-fixes). - wifi: wlcore: Fix a locking bug (git-fixes). - wifi: cw1200: Fix locking in error paths (git-fixes). - wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config (git-fixes). - batman-adv: Avoid double-rtnl_lock ELP metric worker (git-fixes). - commit f8549ba ++++ kernel-rt: - tracing: Fix crash on synthetic stacktrace field usage (CVE-2026-23088 bsc#1257814). - commit 41fea09 - tracing: Do not register unsupported perf events (CVE-2025-71125 bsc#1256784). - commit 8e15740 - tracing: Fix WARN_ON in tracing_buffers_mmap_close for split VMAs (CVE-2025-68329 bsc#1255490). - commit b6b73bb - ftrace: Fix softlockup in ftrace_module_enable (CVE-2025-68173 bsc#1255311). - commit 2eaaeb0 - ring-buffer: Do not warn in ring_buffer_map_get_reader() when reader catches up (CVE-2025-68186 bsc#1255144). - commit 6132115 - nfc: rawsock: cancel tx_work before socket teardown (git-fixes). - nfc: nci: clear NCI_DATA_EXCHANGE before calling completion callback (git-fixes). - nfc: nci: free skb on nci_transceive early error paths (git-fixes). - net: nfc: nci: Fix zero-length proprietary notifications (git-fixes). - can: usb: f81604: correctly anchor the urb in the read bulk callback (git-fixes). - can: usb: f81604: handle bulk write errors properly (git-fixes). - can: usb: f81604: handle short interrupt urb messages properly (git-fixes). - can: usb: etas_es58x: correctly anchor the urb in the read bulk callback (git-fixes). - can: ucan: Fix infinite loop from zero-length messages (git-fixes). - can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message (git-fixes). - can: mcp251x: fix deadlock in error path of mcp251x_open (git-fixes). - can: bcm: fix locking for bcm_op runtime updates (git-fixes). - wifi: mt76: Fix possible oob access in mt76_connac2_mac_write_txwi_80211() (git-fixes). - wifi: mt76: mt7925: Fix possible oob access in mt7925_mac_write_txwi_80211() (git-fixes). - wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211() (git-fixes). - wifi: wlcore: Fix a locking bug (git-fixes). - wifi: cw1200: Fix locking in error paths (git-fixes). - wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config (git-fixes). - batman-adv: Avoid double-rtnl_lock ELP metric worker (git-fixes). - commit f8549ba ------------------------------------------------------------------ ------------------ 2026-3-5 - Mar 5 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - libceph: reset sparse-read state in osd_fault() (CVE-2026-23136 bsc#1258303). - commit a1cc877 - libceph: make calc_target() set t->paused, not just clear it (CVE-2026-23047 bsc#1257682). - commit 3225b77 - mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure (CVE-2026-23142 bsc#1258289). - commit 217a6fd - mm/damon/sysfs-scheme: cleanup quotas subdirs on scheme dir setup failure (git-fixes). - commit c642652 - mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure (CVE-2026-23144 bsc#1258290). - commit c7e0495 - crypto: ccp - Fix a case where SNP_SHUTDOWN is missed (git-fixes). - drm/xe: Defer gt->mmio initialization until after multi-tile setup (git-fixes). - commit 56b85e5 - wifi: ath10k: fix lock protection in ath10k_wmi_event_peer_sta_ps_state_chg() (stable-fixes). - wifi: rtw89: pci: restore LDO setting after device resume (stable-fixes). - wifi: rtw89: 8922a: add digital compensation for 2GHz (stable-fixes). - wifi: rtw89: fix unable to receive probe responses under MLO connection (stable-fixes). - wifi: iwlwifi: mvm: check the validity of noa_len (stable-fixes). - wifi: ath12k: fix preferred hardware mode calculation (stable-fixes). - wifi: ath11k: Fix failure to connect to a 6 GHz AP (stable-fixes). - wifi: ath11k: add pm quirk for Thinkpad Z13/Z16 Gen1 (stable-fixes). - wifi: iwlegacy: add missing mutex protection in il4965_store_tx_power() (stable-fixes). - commit 4df290e - rtc: zynqmp: correct frequency value (stable-fixes). - thermal: int340x: Fix sysfs group leak on DLVR registration failure (stable-fixes). - soundwire: dmi-quirks: add mapping for Avell B.ON (OEM rebranded of NUC15) (stable-fixes). - soundwire: intel_auxdevice: add cs42l45 codec to wake_capable_list (stable-fixes). - staging: rtl8723bs: fix memory leak on failure path (stable-fixes). - staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes). - watchdog: imx7ulp_wdt: handle the nowayout option (stable-fixes). - watchdog: starfive-wdt: Fix PM reference leak in probe error path (git-fixes). - watchdog/softlockup: fix sample ring index wrap in need_counting_irqs() (git-fixes). - wifi: iwlegacy: add missing mutex protection in il3945_store_measurement() (stable-fixes). - wifi: cfg80211: allow only one NAN interface, also in multi radio (stable-fixes). - wifi: rtw89: mac: correct page number for CSI response (stable-fixes). - wifi: rtw89: wow: add reason codes for disassociation in WoWLAN mode (stable-fixes). - wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band() (stable-fixes). - wifi: rtw89: ser: enable error IMR after recovering from L1 (stable-fixes). - wifi: rtw89: 8922a: set random mac if efuse contains zeroes (stable-fixes). - wifi: rtw88: rtw8821cu: Add ID for Mercusys MU6H (stable-fixes). - wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() (stable-fixes). - wifi: rtw88: fix DTIM period handling when conf->dtim_period is zero (stable-fixes). - wifi: libertas: fix WARNING in usb_tx_block (stable-fixes). - power: sequencing: fix missing state_lock in pwrseq_power_on() error path (stable-fixes). - spi: geni-qcom: Fix abort sequence execution for serial engine errors (stable-fixes). - spi: stm32: fix Overrun issue at < 8bpw (stable-fixes). - spi-geni-qcom: initialize mode related registers to 0 (stable-fixes). - spi-geni-qcom: use xfer->bits_per_word for can_dma() (stable-fixes). - tools/power cpupower: Reset errno before strtoull() (stable-fixes). - powercap: intel_rapl: Add PL4 support for Ice Lake (stable-fixes). - commit a96ba92 - PCI: Add defines for bridge window indexing (stable-fixes). - Refresh patches.suse/PCI-ACPI-Restrict-program_hpx_type2-to-AER-bits.patch. - commit 41bad5b - pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe() (git-fixes). - ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access (stable-fixes). - ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut (stable-fixes). - phy: mvebu-cp110-utmi: fix dr_mode property read from dts (stable-fixes). - phy: fsl-imx8mq-usb: disable bind/unbind platform driver feature (stable-fixes). - phy: cadence-torrent: restore parent clock for refclk during resume (stable-fixes). - phy: ti: phy-j721e-wiz: restore mux selection during resume (stable-fixes). - Revert "mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms" (git-fixes). - nfc: nxp-nci: remove interrupt trigger type (stable-fixes). - PCI: Add Intel Nova Lake audio Device ID (stable-fixes). - commit 52ffef7 - media: dvb-net: fix OOB access in ULE extension header tables (git-fixes). - mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms (git-fixes). - misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read() (stable-fixes). - misc: eeprom: Fix EWEN/EWDS/ERAL commands for 93xx56 and 93xx66 (stable-fixes). - mfd: intel-lpss: Add Intel Nova Lake-S PCI IDs (stable-fixes). - myri10ge: avoid uninitialized variable use (stable-fixes). - media: rkisp1: Fix filter mode register configuration (stable-fixes). - media: ipu6: Always close firmware stream (stable-fixes). - media: ipu6: Close firmware streams on streaming enable failure (stable-fixes). - media: ipu6: Ensure stream_mutex is acquired when dealing with node list (stable-fixes). - media: mt9m114: Return -EPROBE_DEFER if no endpoint is found (stable-fixes). - media: mt9m114: Avoid a reset low spike during probe() (stable-fixes). - media: v4l2-async: Fix error handling on steps after finding a match (stable-fixes). - media: cx25821: Fix a resource leak in cx25821_dev_setup() (stable-fixes). - media: pvrusb2: fix URB leak in pvr2_send_request_ex (stable-fixes). - media: solo6x10: Check for out of bounds chip_id (stable-fixes). - media: adv7180: fix frame interval in progressive mode (stable-fixes). - media: amphion: Clear last_buffer_dequeued flag for DEC_CMD_START (stable-fixes). - media: mediatek: vcodec: Don't try to decode 422/444 VP9 (stable-fixes). - media: chips-media: wave5: Process ready frames when CMD_STOP sent to Encoder (stable-fixes). - media: chips-media: wave5: Fix conditional in start_streaming (stable-fixes). - media: omap3isp: isppreview: always clamp in preview_try_format() (stable-fixes). - media: omap3isp: set initial format (stable-fixes). - mfd: simple-mfd-i2c: Add compatible strings for Layerscape QIXIS FPGA (stable-fixes). - mfd: simple-mfd-i2c: Add MAX77705 support (stable-fixes). - commit 26d6095 - iio: magnetometer: Remove IRQF_ONESHOT (stable-fixes). - iio: Use IRQF_NO_THREAD (stable-fixes). - HID: i2c-hid: Add FocalTech FT8112 (stable-fixes). - media: omap3isp: isp_video_mbus_to_pix/pix_to_mbus fixes (stable-fixes). - media: dvb-core: dmxdevfilter must always flush bufs (stable-fixes). - HID: elecom: Add support for ELECOM HUGE Plus M-HT1MRBK (stable-fixes). - HID: logitech-hidpp: Add support for Logitech K980 (stable-fixes). - HID: multitouch: add eGalaxTouch EXC3188 support (stable-fixes). - HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() (stable-fixes). - hwmon: (pmbus/mpq8785) fix VOUT_MODE mismatch during identification (git-fixes). - hwmon: (f71882fg) Add F81968 support (stable-fixes). - hwmon: (nct6775) Add ASUS Pro WS WRX90E-SAGE SE (stable-fixes). - hwmon: (dell-smm) Add support for Dell OptiPlex 7080 (stable-fixes). - i3c: mipi-i3c-hci: Reset RING_OPERATION1 fields during init (stable-fixes). - i3c: master: svc: Initialize 'dev' to NULL in svc_i3c_master_ibi_isr() (stable-fixes). - hwrng: core - Allow runtime disabling of the HW RNG (stable-fixes). - hwmon: pmbus: mpq8785: Add support for MPM82504 (stable-fixes). - hwmon: pmbus: mpq8785: Implement VOUT feedback resistor divider ratio configuration (stable-fixes). - hwmon: pmbus: mpq8785: Prepare driver for multiple device support (stable-fixes). - commit 755fe92 - drm/xe/xe2_hpg: Fix handling of Wa_14019988906 & Wa_14019877138 (git-fixes). - drm/xe/mmio: Avoid double-adjust in 64-bit reads (git-fixes). - drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable-fixes). - drm/amd/display: Remove conditional for shaper 3DLUT power-on (stable-fixes). - drm/amdgpu: Add HAINAN clock adjustment (stable-fixes). - drm/radeon: Add HAINAN clock adjustment (stable-fixes). - drm/amdgpu: Adjust usleep_range in fence wait (stable-fixes). - drm/amd/display: bypass post csc for additional color spaces in dal (stable-fixes). - drm/amd/display: Increase DCN35 SR enter/exit latency (stable-fixes). - drm/amd/display: Avoid updating surface with the same surface under MPO (stable-fixes). - drm/amd/display: Fix system resume lag issue (stable-fixes). - drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (stable-fixes). - drm/amd/display: Fix writeback on DCN 3.2+ (stable-fixes). - fpga: of-fpga-region: Fail if any bridge is missing (stable-fixes). - fix it87_wdt early reboot by reporting running timer (stable-fixes). - fbdev: ffb: fix corrupted video output on Sun FFB1 (stable-fixes). - drm/amd/display: avoid dig reg access timeout on usb4 link training fail (stable-fixes). - drm/amd/display: Fix GFX12 family constant checks (stable-fixes). - drm/amd/display: Disable FEC when powering down encoders (stable-fixes). - drm/atmel-hlcdc: don't reject the commit if the src rect has fractional parts (stable-fixes). - drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release (stable-fixes). - drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback (stable-fixes). - drm: Account property blob allocations to memcg (stable-fixes). - drm/amdkfd: Fix GART PTE for non-4K pagesize in svm_migrate_gart_map() (stable-fixes). - drm/amdkfd: Relax size checking during queue buffer get (stable-fixes). - drm/amd/display: only power down dig on phy endpoints (stable-fixes). - drm/amdgpu: Skip loading SDMA_RS64 in VF (stable-fixes). - drm/xe: Only toggle scheduling in TDR if GuC is running (stable-fixes). - drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove() (stable-fixes). - drm/amd/display: Fix dsc eDP issue (stable-fixes). - drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src (stable-fixes). - gpu/panel-edp: add AUO panel entry for B140HAN06.4 (stable-fixes). - HID: prodikeys: Check presence of pm->input_ep82 (stable-fixes). - HID: magicmouse: Do not crash on missing msc->input (stable-fixes). - HID: apple: Add "SONiX KN85 Keyboard" to the list of non-apple keyboards (stable-fixes). - gpio: aspeed-sgpio: Change the macro to support deferred probe (stable-fixes). - commit 2524956 - drm/xe/ptl: Apply Wa_13011645652 (stable-fixes). - Refresh patches.suse/drm-xe-xe3lpg-Apply-Wa_14022293748-Wa_22019794406.patch. - commit 689b272 - dmaengine: stm32-mdma: initialize m2m_hw_period and ccr to fix warnings (stable-fixes). - drm/amdgpu: add support for HDP IP version 6.1.1 (stable-fixes). - drm/amd/display: Add USB-C DP Alt Mode lane limitation in DCN32 (stable-fixes). - drm/amdkfd: Handle GPU reset and drain retry fault race (stable-fixes). - drm/amdgpu: fix NULL pointer issue buffer funcs (stable-fixes). - drm/v3d: Set DMA segment size to avoid debug warnings (stable-fixes). - drm/i915/wakeref: clean up INTEL_WAKEREF_PUT_* flag macros (stable-fixes). - drm/display/dp_mst: Add protection against 0 vcpi (stable-fixes). - drm/xe/xe2_hpg: Add set of workarounds (stable-fixes). - drm/xe: Switch MMIO interface to take xe_mmio instead of xe_gt (stable-fixes). - drm/xe: Adjust mmio code to pass VF substructure to SRIOV code (stable-fixes). - drm/xe: Add xe_tile backpointer to xe_mmio (stable-fixes). - drm/xe: Switch mmio_ext to use 'struct xe_mmio' (stable-fixes). - drm/xe: Populate GT's mmio iomap from tile during init (stable-fixes). - drm/xe: Move GSI offset adjustment fields into 'struct xe_mmio' (stable-fixes). - drm/xe: Clarify size of MMIO region (stable-fixes). - drm/xe: Create dedicated xe_mmio structure (stable-fixes). - drm/xe: Move forcewake to 'gt.pm' substructure (stable-fixes). - docs: fix WARNING document not included in any toctree (stable-fixes). - commit 4836e0c - ASoC: amd: yc: Add DMI quirk for ASUS Vivobook Pro 15X M6501RR (stable-fixes). - dma: dma-axi-dmac: fix HW scatter-gather not looking at the queue (git-fixes). - dma: dma-axi-dmac: fix SW cyclic transfers (git-fixes). - dmaengine: sun6i: Choose appropriate burst length under maxburst (stable-fixes). - dmaengine: stm32-dma3: use module_platform_driver (stable-fixes). - crypto: ccp - Send PSP_CMD_TEE_RING_DESTROY when PSP_CMD_TEE_RING_INIT fails (git-fixes). - crypto: ccp - Factor out ring destroy handling to a helper (stable-fixes). - ata: libata: avoid long timeouts on hot-unplugged SATA DAS (stable-fixes). - Bluetooth: btusb: Add device ID for Realtek RTL8761BU (stable-fixes). - Bluetooth: btusb: Add new VID/PID for RTL8852CE (stable-fixes). - Bluetooth: hci_conn: Set link_policy on incoming ACL connections (stable-fixes). - Bluetooth: hci_conn: use mod_delayed_work for active mode timeout (stable-fixes). - Bluetooth: btusb: Add support for MediaTek7920 0489:e158 (stable-fixes). - ASoC: fsl: imx-rpmsg: use snd_soc_find_dai_with_mutex() in probe (stable-fixes). - ASoC: SOF: Intel: hda: Fix NULL pointer dereference (stable-fixes). - ASoC: codecs: max98390: Check return value of devm_gpiod_get_optional() in max98390_i2c_probe() (stable-fixes). - ASoC: sunxi: sun50i-dmic: Add missing check for devm_regmap_init_mmio (stable-fixes). - ASoC: soc-acpi-intel-arl-match: change rt722 amp endpoint to aggregated (stable-fixes). - ASoC: SOF: Intel: hda: Remove MODULE_SOFTDEP for snd-hda-codec-hdmi (stable-fixes). - ASoC: wm8962: Don't report a microphone if it's shorted to ground on plug (stable-fixes). - ASoC: wm8962: Add WM8962_ADC_MONOMIX to "3D Coefficients" mask (stable-fixes). - ASoC: nau8821: Cancel pending work before suspend (git-fixes). - ASoC: nau8821: Cancel delayed work on component remove (git-fixes). - ASoC: nau8821: Fixup nau8821_enable_jack_detect() (git-fixes). - ASoC: SOF: ipc4: Support for sending payload along with LARGE_CONFIG_GET (stable-fixes). - crypto: hisilicon/qm - move the barrier before writing to the mailbox register (stable-fixes). - crypto: ccp - narrow scope of snp_range_list (git-fixes). - APEI/GHES: ensure that won't go past CPER allocated record (stable-fixes). - ASoC: nau8821: Avoid unnecessary blocking in IRQ handler (stable-fixes). - crypto: ccp - Ensure implicit SEV/SNP init and shutdown in ioctls (stable-fixes). - commit ef48f01 - ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put() (git-fixes). - ALSA: usb-audio: Add sanity check for OOB writes at silencing (stable-fixes). - ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes). - ACPI: x86: Force enabling of PWM2 on the Yogabook YB1-X90 (stable-fixes). - ALSA: mixer: oss: Add card disconnect checkpoints (stable-fixes). - ALSA: usb-audio: Add iface reset and delay quirk for AB13X USB Audio (stable-fixes). - ALSA: hda/realtek - Enable mute LEDs on HP ENVY x360 15-es0xxx (stable-fixes). - ALSA: hda/conexant: Add headset mic fix for MECHREVO Wujie 15X Pro (stable-fixes). - ALSA: hda/realtek: fix LG Gram Style 14 speakers (stable-fixes). - ALSA: hda/realtek: add HP Victus 16-e0xxx mute LED quirk (stable-fixes). - ALSA: pcm: Revert bufs move in snd_pcm_xfern_frames_ioctl() (stable-fixes). - ALSA: vmaster: Relax __free() variable declarations (git-fixes). - ALSA: pcm: Relax __free() variable declarations (git-fixes). - ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() (stable-fixes). - ACPI: battery: fix incorrect charging status when current is zero (stable-fixes). - ACPI: resource: Add JWIPC JVC9100 to irq1_level_low_skip_override[] (stable-fixes). - ACPI: x86: s2idle: Invoke Microsoft _DSM Function 9 (Turn On Display) (stable-fixes). - ACPICA: Abort AML bytecode execution when executing AML_FATAL_OP (stable-fixes). - commit 119c4f9 - net: usb: sr9700: remove code to drive nonexistent multicast filter (git-fixes). - commit 5659850 - net: usb: r8152: fix transmit queue timeout (git-fixes). - commit cd570dd - usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke() (git-fixes). - commit 56a794c - usb: gadget: f_fs: fix DMA-BUF OUT queues (git-fixes). - commit 185e5e6 - usb: gadget: f_fs: Fix ioctl error handling (git-fixes). - commit f20163c - usb: typec: ucsi: psy: Fix voltage and current max for non-Fixed PDOs (git-fixes). - commit 10c0ad8 - firmware: arm_ffa: Unmap Rx/Tx buffers on init failure (git-fixes) - commit 8f51ada - spi: spidev: fix lock inversion between spi_lock and buf_lock (git-fixes) - commit b76bf6c - spi: spi-mem: Protect dirmap_create() with spi_mem_access_start/end (git-fixes) - commit c1581a2 - spi: spi-mem: Limit octal DTR constraints to octal DTR situations (git-fixes) - commit 47ade1e - arm64: hugetlbpage: avoid unused-but-set-parameter warning (gcc-16) (git-fixes) - commit c2e347e - arm64: tegra: smaug: Add usb-role-switch support (git-fixes) - commit 2aec3f9 - arm64: Disable branch profiling for all arm64 code (git-fixes) - commit 20e29ae - arm64: Add support for TSV110 Spectre-BHB mitigation (git-fixes) - commit 7b883f1 - serial: 8250: 8250_omap.c: Clear DMA RX running status only after DMA termination is done (git-fixes). - serial: 8250: 8250_omap.c: Add support for handling UART error conditions (git-fixes). - serial: 8250_dw: handle clock enable errors in runtime_resume (git-fixes). - PCI: Enable ACS after configuring IOMMU for OF platforms (git-fixes). - PCI: Add ACS quirk for Qualcomm Hamoa & Glymur (git-fixes). - PCI: Fix pci_slot_lock () device locking (git-fixes). - PCI: Mark Nvidia GB10 to avoid bus reset (git-fixes). - PCI: Mark ASM1164 SATA controller to avoid bus reset (git-fixes). - PCI/AER: Clear stale errors on reporting agents upon probe (git-fixes). - PCI/MSI: Unmap MSI-X region on error (git-fixes). - char: tpm: cr50: Remove IRQF_ONESHOT (git-fixes). - commit 87922f3 - mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (CVE-2026-23169 bsc#1258389). - commit ece2971 ++++ kernel-rt: - libceph: reset sparse-read state in osd_fault() (CVE-2026-23136 bsc#1258303). - commit a1cc877 - libceph: make calc_target() set t->paused, not just clear it (CVE-2026-23047 bsc#1257682). - commit 3225b77 - mm/damon/sysfs-scheme: cleanup access_pattern subdirs on scheme dir setup failure (CVE-2026-23142 bsc#1258289). - commit 217a6fd - mm/damon/sysfs-scheme: cleanup quotas subdirs on scheme dir setup failure (git-fixes). - commit c642652 - mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure (CVE-2026-23144 bsc#1258290). - commit c7e0495 - crypto: ccp - Fix a case where SNP_SHUTDOWN is missed (git-fixes). - drm/xe: Defer gt->mmio initialization until after multi-tile setup (git-fixes). - commit 56b85e5 - wifi: ath10k: fix lock protection in ath10k_wmi_event_peer_sta_ps_state_chg() (stable-fixes). - wifi: rtw89: pci: restore LDO setting after device resume (stable-fixes). - wifi: rtw89: 8922a: add digital compensation for 2GHz (stable-fixes). - wifi: rtw89: fix unable to receive probe responses under MLO connection (stable-fixes). - wifi: iwlwifi: mvm: check the validity of noa_len (stable-fixes). - wifi: ath12k: fix preferred hardware mode calculation (stable-fixes). - wifi: ath11k: Fix failure to connect to a 6 GHz AP (stable-fixes). - wifi: ath11k: add pm quirk for Thinkpad Z13/Z16 Gen1 (stable-fixes). - wifi: iwlegacy: add missing mutex protection in il4965_store_tx_power() (stable-fixes). - commit 4df290e - rtc: zynqmp: correct frequency value (stable-fixes). - thermal: int340x: Fix sysfs group leak on DLVR registration failure (stable-fixes). - soundwire: dmi-quirks: add mapping for Avell B.ON (OEM rebranded of NUC15) (stable-fixes). - soundwire: intel_auxdevice: add cs42l45 codec to wake_capable_list (stable-fixes). - staging: rtl8723bs: fix memory leak on failure path (stable-fixes). - staging: rtl8723bs: fix missing status update on sdio_alloc_irq() failure (stable-fixes). - watchdog: imx7ulp_wdt: handle the nowayout option (stable-fixes). - watchdog: starfive-wdt: Fix PM reference leak in probe error path (git-fixes). - watchdog/softlockup: fix sample ring index wrap in need_counting_irqs() (git-fixes). - wifi: iwlegacy: add missing mutex protection in il3945_store_measurement() (stable-fixes). - wifi: cfg80211: allow only one NAN interface, also in multi radio (stable-fixes). - wifi: rtw89: mac: correct page number for CSI response (stable-fixes). - wifi: rtw89: wow: add reason codes for disassociation in WoWLAN mode (stable-fixes). - wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band() (stable-fixes). - wifi: rtw89: ser: enable error IMR after recovering from L1 (stable-fixes). - wifi: rtw89: 8922a: set random mac if efuse contains zeroes (stable-fixes). - wifi: rtw88: rtw8821cu: Add ID for Mercusys MU6H (stable-fixes). - wifi: rtw88: 8822b: Avoid WARNING in rtw8822b_config_trx_mode() (stable-fixes). - wifi: rtw88: fix DTIM period handling when conf->dtim_period is zero (stable-fixes). - wifi: libertas: fix WARNING in usb_tx_block (stable-fixes). - power: sequencing: fix missing state_lock in pwrseq_power_on() error path (stable-fixes). - spi: geni-qcom: Fix abort sequence execution for serial engine errors (stable-fixes). - spi: stm32: fix Overrun issue at < 8bpw (stable-fixes). - spi-geni-qcom: initialize mode related registers to 0 (stable-fixes). - spi-geni-qcom: use xfer->bits_per_word for can_dma() (stable-fixes). - tools/power cpupower: Reset errno before strtoull() (stable-fixes). - powercap: intel_rapl: Add PL4 support for Ice Lake (stable-fixes). - commit a96ba92 - PCI: Add defines for bridge window indexing (stable-fixes). - Refresh patches.suse/PCI-ACPI-Restrict-program_hpx_type2-to-AER-bits.patch. - commit 41bad5b - pinctrl: cirrus: cs42l43: Fix double-put in cs42l43_pin_probe() (git-fixes). - ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access (stable-fixes). - ntb: ntb_hw_switchtec: Fix shift-out-of-bounds for 0 mw lut (stable-fixes). - phy: mvebu-cp110-utmi: fix dr_mode property read from dts (stable-fixes). - phy: fsl-imx8mq-usb: disable bind/unbind platform driver feature (stable-fixes). - phy: cadence-torrent: restore parent clock for refclk during resume (stable-fixes). - phy: ti: phy-j721e-wiz: restore mux selection during resume (stable-fixes). - Revert "mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms" (git-fixes). - nfc: nxp-nci: remove interrupt trigger type (stable-fixes). - PCI: Add Intel Nova Lake audio Device ID (stable-fixes). - commit 52ffef7 - media: dvb-net: fix OOB access in ULE extension header tables (git-fixes). - mmc: rtsx_pci_sdmmc: increase power-on settling delay to 5ms (git-fixes). - misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read() (stable-fixes). - misc: eeprom: Fix EWEN/EWDS/ERAL commands for 93xx56 and 93xx66 (stable-fixes). - mfd: intel-lpss: Add Intel Nova Lake-S PCI IDs (stable-fixes). - myri10ge: avoid uninitialized variable use (stable-fixes). - media: rkisp1: Fix filter mode register configuration (stable-fixes). - media: ipu6: Always close firmware stream (stable-fixes). - media: ipu6: Close firmware streams on streaming enable failure (stable-fixes). - media: ipu6: Ensure stream_mutex is acquired when dealing with node list (stable-fixes). - media: mt9m114: Return -EPROBE_DEFER if no endpoint is found (stable-fixes). - media: mt9m114: Avoid a reset low spike during probe() (stable-fixes). - media: v4l2-async: Fix error handling on steps after finding a match (stable-fixes). - media: cx25821: Fix a resource leak in cx25821_dev_setup() (stable-fixes). - media: pvrusb2: fix URB leak in pvr2_send_request_ex (stable-fixes). - media: solo6x10: Check for out of bounds chip_id (stable-fixes). - media: adv7180: fix frame interval in progressive mode (stable-fixes). - media: amphion: Clear last_buffer_dequeued flag for DEC_CMD_START (stable-fixes). - media: mediatek: vcodec: Don't try to decode 422/444 VP9 (stable-fixes). - media: chips-media: wave5: Process ready frames when CMD_STOP sent to Encoder (stable-fixes). - media: chips-media: wave5: Fix conditional in start_streaming (stable-fixes). - media: omap3isp: isppreview: always clamp in preview_try_format() (stable-fixes). - media: omap3isp: set initial format (stable-fixes). - mfd: simple-mfd-i2c: Add compatible strings for Layerscape QIXIS FPGA (stable-fixes). - mfd: simple-mfd-i2c: Add MAX77705 support (stable-fixes). - commit 26d6095 - iio: magnetometer: Remove IRQF_ONESHOT (stable-fixes). - iio: Use IRQF_NO_THREAD (stable-fixes). - HID: i2c-hid: Add FocalTech FT8112 (stable-fixes). - media: omap3isp: isp_video_mbus_to_pix/pix_to_mbus fixes (stable-fixes). - media: dvb-core: dmxdevfilter must always flush bufs (stable-fixes). - HID: elecom: Add support for ELECOM HUGE Plus M-HT1MRBK (stable-fixes). - HID: logitech-hidpp: Add support for Logitech K980 (stable-fixes). - HID: multitouch: add eGalaxTouch EXC3188 support (stable-fixes). - HID: logitech-hidpp: Check maxfield in hidpp_get_report_length() (stable-fixes). - hwmon: (pmbus/mpq8785) fix VOUT_MODE mismatch during identification (git-fixes). - hwmon: (f71882fg) Add F81968 support (stable-fixes). - hwmon: (nct6775) Add ASUS Pro WS WRX90E-SAGE SE (stable-fixes). - hwmon: (dell-smm) Add support for Dell OptiPlex 7080 (stable-fixes). - i3c: mipi-i3c-hci: Reset RING_OPERATION1 fields during init (stable-fixes). - i3c: master: svc: Initialize 'dev' to NULL in svc_i3c_master_ibi_isr() (stable-fixes). - hwrng: core - Allow runtime disabling of the HW RNG (stable-fixes). - hwmon: pmbus: mpq8785: Add support for MPM82504 (stable-fixes). - hwmon: pmbus: mpq8785: Implement VOUT feedback resistor divider ratio configuration (stable-fixes). - hwmon: pmbus: mpq8785: Prepare driver for multiple device support (stable-fixes). - commit 755fe92 - drm/xe/xe2_hpg: Fix handling of Wa_14019988906 & Wa_14019877138 (git-fixes). - drm/xe/mmio: Avoid double-adjust in 64-bit reads (git-fixes). - drm/amdgpu: keep vga memory on MacBooks with switchable graphics (stable-fixes). - drm/amd/display: Remove conditional for shaper 3DLUT power-on (stable-fixes). - drm/amdgpu: Add HAINAN clock adjustment (stable-fixes). - drm/radeon: Add HAINAN clock adjustment (stable-fixes). - drm/amdgpu: Adjust usleep_range in fence wait (stable-fixes). - drm/amd/display: bypass post csc for additional color spaces in dal (stable-fixes). - drm/amd/display: Increase DCN35 SR enter/exit latency (stable-fixes). - drm/amd/display: Avoid updating surface with the same surface under MPO (stable-fixes). - drm/amd/display: Fix system resume lag issue (stable-fixes). - drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (stable-fixes). - drm/amd/display: Fix writeback on DCN 3.2+ (stable-fixes). - fpga: of-fpga-region: Fail if any bridge is missing (stable-fixes). - fix it87_wdt early reboot by reporting running timer (stable-fixes). - fbdev: ffb: fix corrupted video output on Sun FFB1 (stable-fixes). - drm/amd/display: avoid dig reg access timeout on usb4 link training fail (stable-fixes). - drm/amd/display: Fix GFX12 family constant checks (stable-fixes). - drm/amd/display: Disable FEC when powering down encoders (stable-fixes). - drm/atmel-hlcdc: don't reject the commit if the src rect has fractional parts (stable-fixes). - drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release (stable-fixes). - drm/atmel-hlcdc: fix memory leak from the atomic_destroy_state callback (stable-fixes). - drm: Account property blob allocations to memcg (stable-fixes). - drm/amdkfd: Fix GART PTE for non-4K pagesize in svm_migrate_gart_map() (stable-fixes). - drm/amdkfd: Relax size checking during queue buffer get (stable-fixes). - drm/amd/display: only power down dig on phy endpoints (stable-fixes). - drm/amdgpu: Skip loading SDMA_RS64 in VF (stable-fixes). - drm/xe: Only toggle scheduling in TDR if GuC is running (stable-fixes). - drm/panel: Fix a possible null-pointer dereference in jdi_panel_dsi_remove() (stable-fixes). - drm/amd/display: Fix dsc eDP issue (stable-fixes). - drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src (stable-fixes). - gpu/panel-edp: add AUO panel entry for B140HAN06.4 (stable-fixes). - HID: prodikeys: Check presence of pm->input_ep82 (stable-fixes). - HID: magicmouse: Do not crash on missing msc->input (stable-fixes). - HID: apple: Add "SONiX KN85 Keyboard" to the list of non-apple keyboards (stable-fixes). - gpio: aspeed-sgpio: Change the macro to support deferred probe (stable-fixes). - commit 2524956 - drm/xe/ptl: Apply Wa_13011645652 (stable-fixes). - Refresh patches.suse/drm-xe-xe3lpg-Apply-Wa_14022293748-Wa_22019794406.patch. - commit 689b272 - dmaengine: stm32-mdma: initialize m2m_hw_period and ccr to fix warnings (stable-fixes). - drm/amdgpu: add support for HDP IP version 6.1.1 (stable-fixes). - drm/amd/display: Add USB-C DP Alt Mode lane limitation in DCN32 (stable-fixes). - drm/amdkfd: Handle GPU reset and drain retry fault race (stable-fixes). - drm/amdgpu: fix NULL pointer issue buffer funcs (stable-fixes). - drm/v3d: Set DMA segment size to avoid debug warnings (stable-fixes). - drm/i915/wakeref: clean up INTEL_WAKEREF_PUT_* flag macros (stable-fixes). - drm/display/dp_mst: Add protection against 0 vcpi (stable-fixes). - drm/xe/xe2_hpg: Add set of workarounds (stable-fixes). - drm/xe: Switch MMIO interface to take xe_mmio instead of xe_gt (stable-fixes). - drm/xe: Adjust mmio code to pass VF substructure to SRIOV code (stable-fixes). - drm/xe: Add xe_tile backpointer to xe_mmio (stable-fixes). - drm/xe: Switch mmio_ext to use 'struct xe_mmio' (stable-fixes). - drm/xe: Populate GT's mmio iomap from tile during init (stable-fixes). - drm/xe: Move GSI offset adjustment fields into 'struct xe_mmio' (stable-fixes). - drm/xe: Clarify size of MMIO region (stable-fixes). - drm/xe: Create dedicated xe_mmio structure (stable-fixes). - drm/xe: Move forcewake to 'gt.pm' substructure (stable-fixes). - docs: fix WARNING document not included in any toctree (stable-fixes). - commit 4836e0c - ASoC: amd: yc: Add DMI quirk for ASUS Vivobook Pro 15X M6501RR (stable-fixes). - dma: dma-axi-dmac: fix HW scatter-gather not looking at the queue (git-fixes). - dma: dma-axi-dmac: fix SW cyclic transfers (git-fixes). - dmaengine: sun6i: Choose appropriate burst length under maxburst (stable-fixes). - dmaengine: stm32-dma3: use module_platform_driver (stable-fixes). - crypto: ccp - Send PSP_CMD_TEE_RING_DESTROY when PSP_CMD_TEE_RING_INIT fails (git-fixes). - crypto: ccp - Factor out ring destroy handling to a helper (stable-fixes). - ata: libata: avoid long timeouts on hot-unplugged SATA DAS (stable-fixes). - Bluetooth: btusb: Add device ID for Realtek RTL8761BU (stable-fixes). - Bluetooth: btusb: Add new VID/PID for RTL8852CE (stable-fixes). - Bluetooth: hci_conn: Set link_policy on incoming ACL connections (stable-fixes). - Bluetooth: hci_conn: use mod_delayed_work for active mode timeout (stable-fixes). - Bluetooth: btusb: Add support for MediaTek7920 0489:e158 (stable-fixes). - ASoC: fsl: imx-rpmsg: use snd_soc_find_dai_with_mutex() in probe (stable-fixes). - ASoC: SOF: Intel: hda: Fix NULL pointer dereference (stable-fixes). - ASoC: codecs: max98390: Check return value of devm_gpiod_get_optional() in max98390_i2c_probe() (stable-fixes). - ASoC: sunxi: sun50i-dmic: Add missing check for devm_regmap_init_mmio (stable-fixes). - ASoC: soc-acpi-intel-arl-match: change rt722 amp endpoint to aggregated (stable-fixes). - ASoC: SOF: Intel: hda: Remove MODULE_SOFTDEP for snd-hda-codec-hdmi (stable-fixes). - ASoC: wm8962: Don't report a microphone if it's shorted to ground on plug (stable-fixes). - ASoC: wm8962: Add WM8962_ADC_MONOMIX to "3D Coefficients" mask (stable-fixes). - ASoC: nau8821: Cancel pending work before suspend (git-fixes). - ASoC: nau8821: Cancel delayed work on component remove (git-fixes). - ASoC: nau8821: Fixup nau8821_enable_jack_detect() (git-fixes). - ASoC: SOF: ipc4: Support for sending payload along with LARGE_CONFIG_GET (stable-fixes). - crypto: hisilicon/qm - move the barrier before writing to the mailbox register (stable-fixes). - crypto: ccp - narrow scope of snp_range_list (git-fixes). - APEI/GHES: ensure that won't go past CPER allocated record (stable-fixes). - ASoC: nau8821: Avoid unnecessary blocking in IRQ handler (stable-fixes). - crypto: ccp - Ensure implicit SEV/SNP init and shutdown in ioctls (stable-fixes). - commit ef48f01 - ALSA: hda: cs35l56: Fix signedness error in cs35l56_hda_posture_put() (git-fixes). - ALSA: usb-audio: Add sanity check for OOB writes at silencing (stable-fixes). - ALSA: usb-audio: Update the number of packets properly at receiving (stable-fixes). - ACPI: x86: Force enabling of PWM2 on the Yogabook YB1-X90 (stable-fixes). - ALSA: mixer: oss: Add card disconnect checkpoints (stable-fixes). - ALSA: usb-audio: Add iface reset and delay quirk for AB13X USB Audio (stable-fixes). - ALSA: hda/realtek - Enable mute LEDs on HP ENVY x360 15-es0xxx (stable-fixes). - ALSA: hda/conexant: Add headset mic fix for MECHREVO Wujie 15X Pro (stable-fixes). - ALSA: hda/realtek: fix LG Gram Style 14 speakers (stable-fixes). - ALSA: hda/realtek: add HP Victus 16-e0xxx mute LED quirk (stable-fixes). - ALSA: pcm: Revert bufs move in snd_pcm_xfern_frames_ioctl() (stable-fixes). - ALSA: vmaster: Relax __free() variable declarations (git-fixes). - ALSA: pcm: Relax __free() variable declarations (git-fixes). - ACPI: processor: Fix NULL-pointer dereference in acpi_processor_errata_piix4() (stable-fixes). - ACPI: battery: fix incorrect charging status when current is zero (stable-fixes). - ACPI: resource: Add JWIPC JVC9100 to irq1_level_low_skip_override[] (stable-fixes). - ACPI: x86: s2idle: Invoke Microsoft _DSM Function 9 (Turn On Display) (stable-fixes). - ACPICA: Abort AML bytecode execution when executing AML_FATAL_OP (stable-fixes). - commit 119c4f9 - net: usb: sr9700: remove code to drive nonexistent multicast filter (git-fixes). - commit 5659850 - net: usb: r8152: fix transmit queue timeout (git-fixes). - commit cd570dd - usb: chipidea: udc: fix DMA and SG cleanup in _ep_nuke() (git-fixes). - commit 56a794c - usb: gadget: f_fs: fix DMA-BUF OUT queues (git-fixes). - commit 185e5e6 - usb: gadget: f_fs: Fix ioctl error handling (git-fixes). - commit f20163c - usb: typec: ucsi: psy: Fix voltage and current max for non-Fixed PDOs (git-fixes). - commit 10c0ad8 - firmware: arm_ffa: Unmap Rx/Tx buffers on init failure (git-fixes) - commit 8f51ada - spi: spidev: fix lock inversion between spi_lock and buf_lock (git-fixes) - commit b76bf6c - spi: spi-mem: Protect dirmap_create() with spi_mem_access_start/end (git-fixes) - commit c1581a2 - spi: spi-mem: Limit octal DTR constraints to octal DTR situations (git-fixes) - commit 47ade1e - arm64: hugetlbpage: avoid unused-but-set-parameter warning (gcc-16) (git-fixes) - commit c2e347e - arm64: tegra: smaug: Add usb-role-switch support (git-fixes) - commit 2aec3f9 - arm64: Disable branch profiling for all arm64 code (git-fixes) - commit 20e29ae - arm64: Add support for TSV110 Spectre-BHB mitigation (git-fixes) - commit 7b883f1 - serial: 8250: 8250_omap.c: Clear DMA RX running status only after DMA termination is done (git-fixes). - serial: 8250: 8250_omap.c: Add support for handling UART error conditions (git-fixes). - serial: 8250_dw: handle clock enable errors in runtime_resume (git-fixes). - PCI: Enable ACS after configuring IOMMU for OF platforms (git-fixes). - PCI: Add ACS quirk for Qualcomm Hamoa & Glymur (git-fixes). - PCI: Fix pci_slot_lock () device locking (git-fixes). - PCI: Mark Nvidia GB10 to avoid bus reset (git-fixes). - PCI: Mark ASM1164 SATA controller to avoid bus reset (git-fixes). - PCI/AER: Clear stale errors on reporting agents upon probe (git-fixes). - PCI/MSI: Unmap MSI-X region on error (git-fixes). - char: tpm: cr50: Remove IRQF_ONESHOT (git-fixes). - commit 87922f3 - mptcp: fix race in mptcp_pm_nl_flush_addrs_doit() (CVE-2026-23169 bsc#1258389). - commit ece2971 ------------------------------------------------------------------ ------------------ 2026-3-4 - Mar 4 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: fix segmentation of forwarding fraglist GRO (CVE-2026-23154 bsc#1258286). - commit f4ffe72 - pmdomain: imx: gpcv2: Fix the imx8mm gpu hang due to wrong adb400 reset (git-fixes). - commit 6367118 - vsock/virtio: fix potential underflow in virtio_transport_get_credit() (bsc#1257755, CVE-2026-23069). - Refresh patches.suse/vsock-virtio-cap-TX-credit-to-local-buffer-size.patch. - commit c6696d4 ++++ kernel-rt: - net: fix segmentation of forwarding fraglist GRO (CVE-2026-23154 bsc#1258286). - commit f4ffe72 - pmdomain: imx: gpcv2: Fix the imx8mm gpu hang due to wrong adb400 reset (git-fixes). - commit 6367118 - vsock/virtio: fix potential underflow in virtio_transport_get_credit() (bsc#1257755, CVE-2026-23069). - Refresh patches.suse/vsock-virtio-cap-TX-credit-to-local-buffer-size.patch. - commit c6696d4 ++++ mdadm: - Update to version 4.4+40.gad81df32: * avoid mdcheck_continue.timer and mdcheck_start.timer firing simultaneously (bsc#1243443, bsc#1259090) ++++ salt: - Make syntax in httputil_test compatible with Python 3.6 - Fix KeyError in postgres module with PostgreSQL 17 (bsc#1254325) - Use internal deb classes instead of external aptsource lib - Speed up wheel key.finger call (bsc#1240532) - Backport security patches for Salt vendored tornado: * CVE-2025-67724: missing validation of supplied reason phrase (bsc#1254903) * CVE-2025-67725: fix DoS via malicious HTTP request (bsc#1254905) * CVE-2025-67726: fix HTTP header parameter parsing algorithm (bsc#1254904) - Simplify and speed up utils.find_json function (bsc#1246130) - Extend warn_until period to 2027 - Added: * fix-tornado-s-httputil_test-syntax-for-python-3.6.patch * backport-add-maintain-m-privilege-to-postgres-module.patch * use-internal-salt.utils.pkg.deb-classes-instead-of-a.patch * speedup-wheel-key.finger-call-bsc-1240532-713.patch * fixes-for-security-issues-cve-2025-13836-cve-2025-67.patch * simplify-utils.json.find_json-function.patch * extend-fails-to-warnings-until-2027-742.patch ++++ vim: * Update Vim to version 9.2.0045 (from 9.1.1406). * Fix bsc#1258229 CVE-2026-26269 as 9.2.0045 is not impacted (fixed upstream). * Fix bsc#1246602 CVE-2025-53906 as 9.2.0045 is not impacted (fixed upstream). * Add wayland-client to BuildRequires and enable Wayland support. * Add Wayland include path to CFLAGS to fix clipboard compilation. * Package new Swedish (sv) man pages and clean up duplicate encodings (sv.ISO8859-1 and sv.UTF-8). * Add new patch: - reorder-exit-raw-mode.patch * Drop obsolete or upstreamed patches: - vim-7.3-filetype_spec.patch - vim-7.3-mktemp_tutor.patch - vim-7.4-filetype_apparmor.patch - vim-8.2.2411-globalvimrc.patch * Refresh the following patches: - vim-7.3-filetype_changes.patch - vim-7.3-filetype_ftl.patch - vim-7.3-sh_is_bash.patch - vim-9.1.1134-revert-putty-terminal-colors.patch ------------------------------------------------------------------ ------------------ 2026-3-3 - Mar 3 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - iommu/mediatek: fix use-after-free on probe deferral (CVE-2025-71071 bsc#1256802). - commit 8109677 - bonding: fix use-after-free due to enslave fail after slave array update (CVE-2026-23171 bsc#1258349). - commit 8dac8cc - gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops (bsc#1249590 CVE-2025-39753). - commit e7cde82 ++++ kernel-rt: - iommu/mediatek: fix use-after-free on probe deferral (CVE-2025-71071 bsc#1256802). - commit 8109677 - bonding: fix use-after-free due to enslave fail after slave array update (CVE-2026-23171 bsc#1258349). - commit 8dac8cc - gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops (bsc#1249590 CVE-2025-39753). - commit e7cde82 ------------------------------------------------------------------ ------------------ 2026-3-2 - Mar 2 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (CVE-2026-23179 bsc#1258394). - commit ac77228 - nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference (CVE-2026-23148 bsc#1258258). - commit 9bda130 - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (CVE-2026-23112 bsc#1258184). - commit efcbeaa - nvme-fc: release admin tagset if init fails (git-fixes). - nvme-pci: disable secondary temp for Wodposit WPBSNM8 (git-fixes). - nvme-fabrics: add ENOKEY to no retry criteria for authentication failures (git-fixes). - nvme-fc: don't hold rport lock when putting ctrl (git-fixes). - commit dd0c54b - pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (CVE-2026-23116 bsc#1258277). - commit ff9d60e - Add bugnumber to existing mana and mana_ib changes (bsc#1251135 bsc#1251971). - scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT (git-fixes). - net: mana: Fix double destroy_workqueue on service rescan PCI path (git-fixes). - commit 984835c - ceph: fix NULL pointer dereference in ceph_mds_auth_match() (CVE-2026-23189 bsc#1258308). - commit 51b8eb2 - Update patches.suse/ALSA-ac97-fix-a-double-free-in-snd_ac97_controller_r.patch (git-fixes CVE-2025-71192 bsc#1257679). - Update patches.suse/ALSA-aloop-Fix-racy-access-at-PCM-trigger.patch (stable-fixes CVE-2026-23191 bsc#1258395). - Update patches.suse/ALSA-ctxfi-Fix-potential-OOB-access-in-audio-mixer-h.patch (stable-fixes CVE-2026-23076 bsc#1257788). - Update patches.suse/ALSA-scarlett2-Fix-buffer-overflow-in-config-retriev.patch (git-fixes CVE-2026-23078 bsc#1257789). - Update patches.suse/ALSA-usb-audio-Fix-use-after-free-in-snd_usb_mixer_f.patch (git-fixes CVE-2026-23089 bsc#1257790). - Update patches.suse/ASoC-amd-fix-memory-leak-in-acp3x-pdm-dma-ops.patch (git-fixes CVE-2026-23190 bsc#1258397). - Update patches.suse/Bluetooth-MGMT-Fix-memory-leak-in-set_ssp_complete.patch (git-fixes CVE-2026-23151 bsc#1258237). - Update patches.suse/Bluetooth-hci_uart-fix-null-ptr-deref-in-hci_uart_wr.patch (git-fixes CVE-2026-23146 bsc#1258234). - Update patches.suse/HID-i2c-hid-fix-potential-buffer-overflow-in-i2c_hid.patch (stable-fixes CVE-2026-23178 bsc#1258358). - Update patches.suse/PCI-endpoint-Avoid-creating-sub-groups-asynchronousl.patch (git-fixes CVE-2025-71233 bsc#1258421). - Update patches.suse/arm64-Set-__nocfi-on-swsusp_arch_resume.patch (git-fixes CVE-2026-23128 bsc#1258298). - Update patches.suse/btrfs-always-detect-conflicting-inodes-when-logging-.patch (git-fixes CVE-2025-71183 bsc#1257631). - Update patches.suse/btrfs-do-not-strictly-require-dirty-metadata-thresho.patch (stable-fixes CVE-2026-23157 bsc#1258376). - Update patches.suse/btrfs-fix-deadlock-in-wait_current_trans-due-to-igno.patch (git-fixes CVE-2025-71194 bsc#1257687). - Update patches.suse/btrfs-release-path-before-initializing-extent-tree-i.patch (git-fixes CVE-2026-23018 bsc#1257551). - Update patches.suse/bus-fsl-mc-fix-use-after-free-in-driver_override_sho.patch (git-fixes CVE-2026-23221 bsc#1258660). - Update patches.suse/can-ems_usb-ems_usb_read_bulk_callback-fix-URB-memor.patch (git-fixes CVE-2026-23058 bsc#1257739). - Update patches.suse/can-etas_es58x-allow-partial-RX-URB-allocation-to-su.patch (git-fixes CVE-2026-23037 bsc#1257554). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-fix-URB-memo.patch (git-fixes CVE-2026-23031 bsc#1257600). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-fix-error-me.patch (git-fixes CVE-2026-23155 bsc#1258313). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-unanchor-URL.patch (git-fixes CVE-2026-23082 bsc#1257715). - Update patches.suse/can-j1939-make-j1939_session_activate-fail-if-device.patch (stable-fixes CVE-2025-71182 bsc#1257586). - Update patches.suse/can-kvaser_usb-kvaser_usb_read_bulk_callback-fix-URB.patch (git-fixes CVE-2026-23061 bsc#1257776). - Update patches.suse/can-mcba_usb-mcba_usb_read_bulk_callback-fix-URB-mem.patch (git-fixes CVE-2026-23080 bsc#1257714). - Update patches.suse/can-usb_8dev-usb_8dev_read_bulk_callback-fix-URB-mem.patch (git-fixes CVE-2026-23108 bsc#1257770). - Update patches.suse/crypto-authencesn-reject-too-short-AAD-assoclen-8-to.patch (git-fixes CVE-2026-23060 bsc#1257735). - Update patches.suse/crypto-iaa-Fix-out-of-bounds-index-in-find_empty_iaa.patch (git-fixes CVE-2025-71231 bsc#1258424). - Update patches.suse/crypto-omap-Allocate-OMAP_CRYPTO_FORCE_COPY-scatterl.patch (git-fixes CVE-2026-23222 bsc#1258484). - Update patches.suse/crypto-virtio-Add-spinlock-protection-with-virtqueue.patch (git-fixes CVE-2026-23229 bsc#1258429). - Update patches.suse/dmaengine-at_hdmac-fix-device-leak-on-of_dma_xlate.patch (git-fixes CVE-2025-71191 bsc#1257579). - Update patches.suse/dmaengine-bcm-sba-raid-fix-device-leak-on-probe.patch (git-fixes CVE-2025-71190 bsc#1257580). - Update patches.suse/dmaengine-dw-dmamux-fix-OF-node-leak-on-route-alloca.patch (git-fixes CVE-2025-71189 bsc#1257573). - Update patches.suse/dmaengine-lpc18xx-dmamux-fix-device-leak-on-route-al.patch (git-fixes CVE-2025-71188 bsc#1257576). - Update patches.suse/dmaengine-omap-dma-fix-dma_pool-resource-leak-in-err.patch (git-fixes CVE-2026-23033 bsc#1257570). - Update patches.suse/dmaengine-qcom-gpi-Fix-memory-leak-in-gpi_peripheral.patch (git-fixes CVE-2026-23026 bsc#1257562). - Update patches.suse/dmaengine-stm32-dmamux-fix-device-leak-on-route-allo.patch (git-fixes CVE-2025-71186 bsc#1257565). - Update patches.suse/dmaengine-ti-dma-crossbar-fix-device-leak-on-am335x-.patch (git-fixes CVE-2025-71185 bsc#1257560). - Update patches.suse/dmaengine-xilinx-xdma-Fix-regmap-max_register.patch (git-fixes CVE-2025-71195 bsc#1257704). - Update patches.suse/dpll-Prevent-duplicate-registrations.patch (git-fixes CVE-2026-23129 bsc#1258299). - Update patches.suse/drm-amd-pm-Disable-MMIO-access-during-SMU-Mode-1-res.patch (stable-fixes CVE-2026-23213 bsc#1258465). - Update patches.suse/drm-amdgpu-fix-NULL-pointer-dereference-in-amdgpu_gm.patch (git-fixes CVE-2026-23163 bsc#1258544). - Update patches.suse/drm-imx-tve-fix-probe-device-leak.patch (git-fixes CVE-2026-23170 bsc#1258379). - Update patches.suse/drm-panel-simple-fix-connector-type-for-DataImage-SC.patch (git-fixes CVE-2026-23049 bsc#1257723). - Update patches.suse/efivarfs-fix-error-propagation-in-efivar_entry_get.patch (git-fixes CVE-2026-23156 bsc#1258317). - Update patches.suse/ext4-fix-iloc.bh-leak-in-ext4_xattr_inode_update_ref.patch (git-fixes CVE-2026-23145 bsc#1258326). - Update patches.suse/gpio-virtuser-fix-UAF-in-configfs-release-path.patch (git-fixes CVE-2026-23158 bsc#1258323). - Update patches.suse/i2c-riic-Move-suspend-handling-to-NOIRQ-phase.patch (git-fixes CVE-2026-23055 bsc#1257730). - Update patches.suse/iio-adc-at91-sama5d2_adc-Fix-potential-use-after-fre.patch (git-fixes CVE-2025-71199 bsc#1257750). - Update patches.suse/iio-imu-st_lsm6dsx-fix-iio_chan_spec-for-sensors-wit.patch (git-fixes CVE-2025-71198 bsc#1257741). - Update patches.suse/intel_th-fix-device-leak-on-output-open.patch (git-fixes CVE-2026-23091 bsc#1257813). - Update patches.suse/interconnect-debugfs-initialize-src_node-and-dst_nod.patch (git-fixes CVE-2026-23123 bsc#1258276). - Update patches.suse/leds-led-class-Only-Add-LED-to-leds_list-when-it-is-.patch (git-fixes CVE-2026-23101 bsc#1257768). - Update patches.suse/mISDN-annotate-data-race-around-dev-work.patch (git-fixes CVE-2026-23121 bsc#1258309). - Update patches.suse/mm-shmem-prevent-infinite-loop-on-truncate-race.patch (CVE-2026-23161 bsc#1258355 CVE-2026-23177 bsc#1258324). - Update patches.suse/mmc-sdhci-of-dwcmshc-Prevent-illegal-clock-reduction.patch (git-fixes CVE-2025-71200 bsc#1258222). - Update patches.suse/msft-hv-3440-net-hv_netvsc-reject-RSS-hash-key-programming-withou.patch (bsc#1257473 CVE-2026-23054 bsc#1257732). - Update patches.suse/net-usb-pegasus-fix-memory-leak-in-update_eth_regs_a.patch (git-fixes CVE-2026-23021 bsc#1257557). - Update patches.suse/net-usb-r8152-fix-resume-reset-deadlock.patch (git-fixes CVE-2026-23188 bsc#1258331). - Update patches.suse/net-wwan-t7xx-fix-potential-skb-frags-overflow-in-RX.patch (git-fixes CVE-2026-23172 bsc#1258519). - Update patches.suse/nfc-llcp-Fix-memleak-in-nfc_llcp_send_ui_frame.patch (git-fixes CVE-2026-23150 bsc#1258354). - Update patches.suse/nfc-nci-Fix-race-between-rfkill-and-nci_unregister_d.patch (git-fixes CVE-2026-23167 bsc#1258374). - Update patches.suse/nfsd-provide-locking-for-v4_end_grace.patch (git-fixes CVE-2026-22980 bsc#1257222). - Update patches.suse/of-unittest-Fix-memory-leak-in-unittest_data_add.patch (git-fixes CVE-2026-23137 bsc#1258232). - Update patches.suse/pNFS-Fix-a-deadlock-when-returning-a-delegation-during-open.patch (git-fixes CVE-2026-23050 bsc#1257688). - Update patches.suse/phy-rockchip-inno-usb2-Fix-a-double-free-bug-in-rock.patch (git-fixes CVE-2026-23030 bsc#1257561). - Update patches.suse/phy-stm32-usphyc-Fix-off-by-one-in-probe.patch (git-fixes CVE-2025-71196 bsc#1257716). - Update patches.suse/platform-x86-amd-Fix-memory-leak-in-wbrf_record.patch (git-fixes CVE-2026-23065 bsc#1257742). - Update patches.suse/platform-x86-hp-bioscfg-Fix-kernel-panic-in-GET_INST.patch (git-fixes CVE-2026-23062 bsc#1257734). - Update patches.suse/platform-x86-hp-bioscfg-Fix-kobject-warnings-for-emp.patch (git-fixes CVE-2026-23131 bsc#1258297). - Update patches.suse/platform-x86-toshiba_haps-Fix-memory-leaks-in-add-re.patch (git-fixes CVE-2026-23176 bsc#1258256). - Update patches.suse/pnfs-flexfiles-Fix-memory-leak-in-nfs4_ff_alloc_deviceid_node.patch (git-fixes CVE-2026-23038 bsc#1257553). - Update patches.suse/regmap-Fix-race-condition-in-hwspinlock-irqsave-rout.patch (git-fixes CVE-2026-23071 bsc#1257706). - Update patches.suse/scsi-qla2xxx-Delay-module-unload-while-fabric-scan-i.patch (bsc#1256865 bsc#1256867 jsc#PED-14156 CVE-2025-71235 bsc#1258469). - Update patches.suse/scsi-qla2xxx-Free-sp-in-error-path-to-fix-system-cra.patch (bsc#1256865 bsc#1256867 jsc#PED-14156 CVE-2025-71232 bsc#1258422). - Update patches.suse/scsi-qla2xxx-Sanitize-payload-size-to-prevent-member.patch (git-fixes CVE-2026-23059 bsc#1257737). - Update patches.suse/scsi-qla2xxx-Validate-sp-before-freeing-associated-m.patch (bsc#1256865 bsc#1256867 jsc#PED-14156 CVE-2025-71236 bsc#1258442). - Update patches.suse/slimbus-core-fix-device-reference-leak-on-report-pre.patch (git-fixes CVE-2026-23090 bsc#1257759). - Update patches.suse/smb-client-split-cached_fid-bitfields-to-avoid-shared-byte-RMW-rac.patch (bsc#1250748 bsc#1257154 CVE-2026-23230 bsc#1258430). - Update patches.suse/spi-tegra-Fix-a-memory-leak-in-tegra_slink_probe.patch (git-fixes CVE-2026-23182 bsc#1258259). - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-check-in-IRQ-han.patch (git-fixes bsc#1257952 CVE-2026-23207 bsc#1258524). - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-in-tegra_qspi_co.patch (git-fixes bsc#1257952 CVE-2026-23202 bsc#1258338). - Update patches.suse/uacce-ensure-safe-queue-release-with-state-managemen.patch (git-fixes CVE-2026-23063 bsc#1257722). - Update patches.suse/uacce-fix-cdev-handling-in-the-cleanup-path.patch (git-fixes CVE-2026-23096 bsc#1257809). - Update patches.suse/uacce-fix-isolate-sysfs-check-condition.patch (git-fixes CVE-2026-23094 bsc#1257811). - Update patches.suse/uacce-implement-mremap-in-uacce_vm_ops-to-return-EPE.patch (git-fixes CVE-2026-23056 bsc#1257729). - Update patches.suse/w1-therm-Fix-off-by-one-buffer-overflow-in-alarms_st.patch (git-fixes CVE-2025-71197 bsc#1257743). - Update patches.suse/wifi-ath10k-fix-dma_free_coherent-pointer.patch (git-fixes CVE-2026-23133 bsc#1258249). - Update patches.suse/wifi-ath12k-fix-dma_free_coherent-pointer.patch (git-fixes CVE-2026-23135 bsc#1258245). - Update patches.suse/wifi-mac80211-correctly-decode-TTLM-with-default-lin.patch (git-fixes CVE-2026-23152 bsc#1258252). - Update patches.suse/wifi-mac80211-ocb-skip-rx_no_sta-when-interface-is-n.patch (stable-fixes CVE-2025-71224 bsc#1258824). - Update patches.suse/wifi-rsi-Fix-memory-corruption-due-to-not-set-vif-dr.patch (git-fixes CVE-2026-23073 bsc#1257707). - Update patches.suse/wifi-rtl8xxxu-fix-slab-out-of-bounds-in-rtl8xxxu_sta.patch (git-fixes CVE-2025-71234 bsc#1258419). - Update patches.suse/wifi-rtw88-Fix-alignment-fault-in-rtw_core_enable_be.patch (git-fixes CVE-2025-71229 bsc#1258415). - Update patches.suse/wifi-wlcore-ensure-skb-headroom-before-skb_push.patch (stable-fixes CVE-2025-71222 bsc#1258279). - commit 154bcac - bonding: provide a net pointer to __skb_flow_dissect() (CVE-2026-23119 bsc#1258273). - commit 15d3820 - drm/i915/display: Add quirk to skip retraining of dp link (bsc#1253129). - commit f730886 - smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924, CVE-2025-40103). - commit 176c45b - cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911, CVE-2025-40099). - commit 1544b30 - sched/fair: Fix pelt clock sync when entering idle (bsc#1234634 (Scheduler functional and performance backports SL-16.0)). - commit 24b0d4e - sched/fair: Fix pelt lost idle time detection (bsc#1234634 (Scheduler functional and performance backports SL-16.0)). - sched/deadline: Stop dl_server before CPU goes offline (bsc#1234634 (Scheduler functional and performance backports SL-16.0)). - sched/core: Avoid direct access to hrtimer clockbase (bsc#1234634 (Scheduler functional and performance backports SL-16.0)). - sched/deadline: Fix race in push_dl_task() (bsc#1234634 (Scheduler functional and performance backports)). - commit b3c53c0 - ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (CVE-2026-23166 bsc#1258272). - net/mlx5e: TC, delete flows only for existing peers (CVE-2026-23173 bsc#1258520). - net/mlx5e: Don't gate FEC histograms on ppcnt_statistical_group (git-fixes). - commit 91bddd0 ++++ kernel-rt: - nvmet-tcp: fixup hang in nvmet_tcp_listen_data_ready() (CVE-2026-23179 bsc#1258394). - commit ac77228 - nvmet: fix race in nvmet_bio_done() leading to NULL pointer dereference (CVE-2026-23148 bsc#1258258). - commit 9bda130 - nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec (CVE-2026-23112 bsc#1258184). - commit efcbeaa - nvme-fc: release admin tagset if init fails (git-fixes). - nvme-pci: disable secondary temp for Wodposit WPBSNM8 (git-fixes). - nvme-fabrics: add ENOKEY to no retry criteria for authentication failures (git-fixes). - nvme-fc: don't hold rport lock when putting ctrl (git-fixes). - commit dd0c54b - pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu (CVE-2026-23116 bsc#1258277). - commit ff9d60e - Add bugnumber to existing mana and mana_ib changes (bsc#1251135 bsc#1251971). - scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT (git-fixes). - net: mana: Fix double destroy_workqueue on service rescan PCI path (git-fixes). - commit 984835c - ceph: fix NULL pointer dereference in ceph_mds_auth_match() (CVE-2026-23189 bsc#1258308). - commit 51b8eb2 - Update patches.suse/ALSA-ac97-fix-a-double-free-in-snd_ac97_controller_r.patch (git-fixes CVE-2025-71192 bsc#1257679). - Update patches.suse/ALSA-aloop-Fix-racy-access-at-PCM-trigger.patch (stable-fixes CVE-2026-23191 bsc#1258395). - Update patches.suse/ALSA-ctxfi-Fix-potential-OOB-access-in-audio-mixer-h.patch (stable-fixes CVE-2026-23076 bsc#1257788). - Update patches.suse/ALSA-scarlett2-Fix-buffer-overflow-in-config-retriev.patch (git-fixes CVE-2026-23078 bsc#1257789). - Update patches.suse/ALSA-usb-audio-Fix-use-after-free-in-snd_usb_mixer_f.patch (git-fixes CVE-2026-23089 bsc#1257790). - Update patches.suse/ASoC-amd-fix-memory-leak-in-acp3x-pdm-dma-ops.patch (git-fixes CVE-2026-23190 bsc#1258397). - Update patches.suse/Bluetooth-MGMT-Fix-memory-leak-in-set_ssp_complete.patch (git-fixes CVE-2026-23151 bsc#1258237). - Update patches.suse/Bluetooth-hci_uart-fix-null-ptr-deref-in-hci_uart_wr.patch (git-fixes CVE-2026-23146 bsc#1258234). - Update patches.suse/HID-i2c-hid-fix-potential-buffer-overflow-in-i2c_hid.patch (stable-fixes CVE-2026-23178 bsc#1258358). - Update patches.suse/PCI-endpoint-Avoid-creating-sub-groups-asynchronousl.patch (git-fixes CVE-2025-71233 bsc#1258421). - Update patches.suse/arm64-Set-__nocfi-on-swsusp_arch_resume.patch (git-fixes CVE-2026-23128 bsc#1258298). - Update patches.suse/btrfs-always-detect-conflicting-inodes-when-logging-.patch (git-fixes CVE-2025-71183 bsc#1257631). - Update patches.suse/btrfs-do-not-strictly-require-dirty-metadata-thresho.patch (stable-fixes CVE-2026-23157 bsc#1258376). - Update patches.suse/btrfs-fix-deadlock-in-wait_current_trans-due-to-igno.patch (git-fixes CVE-2025-71194 bsc#1257687). - Update patches.suse/btrfs-release-path-before-initializing-extent-tree-i.patch (git-fixes CVE-2026-23018 bsc#1257551). - Update patches.suse/bus-fsl-mc-fix-use-after-free-in-driver_override_sho.patch (git-fixes CVE-2026-23221 bsc#1258660). - Update patches.suse/can-ems_usb-ems_usb_read_bulk_callback-fix-URB-memor.patch (git-fixes CVE-2026-23058 bsc#1257739). - Update patches.suse/can-etas_es58x-allow-partial-RX-URB-allocation-to-su.patch (git-fixes CVE-2026-23037 bsc#1257554). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-fix-URB-memo.patch (git-fixes CVE-2026-23031 bsc#1257600). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-fix-error-me.patch (git-fixes CVE-2026-23155 bsc#1258313). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-unanchor-URL.patch (git-fixes CVE-2026-23082 bsc#1257715). - Update patches.suse/can-j1939-make-j1939_session_activate-fail-if-device.patch (stable-fixes CVE-2025-71182 bsc#1257586). - Update patches.suse/can-kvaser_usb-kvaser_usb_read_bulk_callback-fix-URB.patch (git-fixes CVE-2026-23061 bsc#1257776). - Update patches.suse/can-mcba_usb-mcba_usb_read_bulk_callback-fix-URB-mem.patch (git-fixes CVE-2026-23080 bsc#1257714). - Update patches.suse/can-usb_8dev-usb_8dev_read_bulk_callback-fix-URB-mem.patch (git-fixes CVE-2026-23108 bsc#1257770). - Update patches.suse/crypto-authencesn-reject-too-short-AAD-assoclen-8-to.patch (git-fixes CVE-2026-23060 bsc#1257735). - Update patches.suse/crypto-iaa-Fix-out-of-bounds-index-in-find_empty_iaa.patch (git-fixes CVE-2025-71231 bsc#1258424). - Update patches.suse/crypto-omap-Allocate-OMAP_CRYPTO_FORCE_COPY-scatterl.patch (git-fixes CVE-2026-23222 bsc#1258484). - Update patches.suse/crypto-virtio-Add-spinlock-protection-with-virtqueue.patch (git-fixes CVE-2026-23229 bsc#1258429). - Update patches.suse/dmaengine-at_hdmac-fix-device-leak-on-of_dma_xlate.patch (git-fixes CVE-2025-71191 bsc#1257579). - Update patches.suse/dmaengine-bcm-sba-raid-fix-device-leak-on-probe.patch (git-fixes CVE-2025-71190 bsc#1257580). - Update patches.suse/dmaengine-dw-dmamux-fix-OF-node-leak-on-route-alloca.patch (git-fixes CVE-2025-71189 bsc#1257573). - Update patches.suse/dmaengine-lpc18xx-dmamux-fix-device-leak-on-route-al.patch (git-fixes CVE-2025-71188 bsc#1257576). - Update patches.suse/dmaengine-omap-dma-fix-dma_pool-resource-leak-in-err.patch (git-fixes CVE-2026-23033 bsc#1257570). - Update patches.suse/dmaengine-qcom-gpi-Fix-memory-leak-in-gpi_peripheral.patch (git-fixes CVE-2026-23026 bsc#1257562). - Update patches.suse/dmaengine-stm32-dmamux-fix-device-leak-on-route-allo.patch (git-fixes CVE-2025-71186 bsc#1257565). - Update patches.suse/dmaengine-ti-dma-crossbar-fix-device-leak-on-am335x-.patch (git-fixes CVE-2025-71185 bsc#1257560). - Update patches.suse/dmaengine-xilinx-xdma-Fix-regmap-max_register.patch (git-fixes CVE-2025-71195 bsc#1257704). - Update patches.suse/dpll-Prevent-duplicate-registrations.patch (git-fixes CVE-2026-23129 bsc#1258299). - Update patches.suse/drm-amd-pm-Disable-MMIO-access-during-SMU-Mode-1-res.patch (stable-fixes CVE-2026-23213 bsc#1258465). - Update patches.suse/drm-amdgpu-fix-NULL-pointer-dereference-in-amdgpu_gm.patch (git-fixes CVE-2026-23163 bsc#1258544). - Update patches.suse/drm-imx-tve-fix-probe-device-leak.patch (git-fixes CVE-2026-23170 bsc#1258379). - Update patches.suse/drm-panel-simple-fix-connector-type-for-DataImage-SC.patch (git-fixes CVE-2026-23049 bsc#1257723). - Update patches.suse/efivarfs-fix-error-propagation-in-efivar_entry_get.patch (git-fixes CVE-2026-23156 bsc#1258317). - Update patches.suse/ext4-fix-iloc.bh-leak-in-ext4_xattr_inode_update_ref.patch (git-fixes CVE-2026-23145 bsc#1258326). - Update patches.suse/gpio-virtuser-fix-UAF-in-configfs-release-path.patch (git-fixes CVE-2026-23158 bsc#1258323). - Update patches.suse/i2c-riic-Move-suspend-handling-to-NOIRQ-phase.patch (git-fixes CVE-2026-23055 bsc#1257730). - Update patches.suse/iio-adc-at91-sama5d2_adc-Fix-potential-use-after-fre.patch (git-fixes CVE-2025-71199 bsc#1257750). - Update patches.suse/iio-imu-st_lsm6dsx-fix-iio_chan_spec-for-sensors-wit.patch (git-fixes CVE-2025-71198 bsc#1257741). - Update patches.suse/intel_th-fix-device-leak-on-output-open.patch (git-fixes CVE-2026-23091 bsc#1257813). - Update patches.suse/interconnect-debugfs-initialize-src_node-and-dst_nod.patch (git-fixes CVE-2026-23123 bsc#1258276). - Update patches.suse/leds-led-class-Only-Add-LED-to-leds_list-when-it-is-.patch (git-fixes CVE-2026-23101 bsc#1257768). - Update patches.suse/mISDN-annotate-data-race-around-dev-work.patch (git-fixes CVE-2026-23121 bsc#1258309). - Update patches.suse/mm-shmem-prevent-infinite-loop-on-truncate-race.patch (CVE-2026-23161 bsc#1258355 CVE-2026-23177 bsc#1258324). - Update patches.suse/mmc-sdhci-of-dwcmshc-Prevent-illegal-clock-reduction.patch (git-fixes CVE-2025-71200 bsc#1258222). - Update patches.suse/msft-hv-3440-net-hv_netvsc-reject-RSS-hash-key-programming-withou.patch (bsc#1257473 CVE-2026-23054 bsc#1257732). - Update patches.suse/net-usb-pegasus-fix-memory-leak-in-update_eth_regs_a.patch (git-fixes CVE-2026-23021 bsc#1257557). - Update patches.suse/net-usb-r8152-fix-resume-reset-deadlock.patch (git-fixes CVE-2026-23188 bsc#1258331). - Update patches.suse/net-wwan-t7xx-fix-potential-skb-frags-overflow-in-RX.patch (git-fixes CVE-2026-23172 bsc#1258519). - Update patches.suse/nfc-llcp-Fix-memleak-in-nfc_llcp_send_ui_frame.patch (git-fixes CVE-2026-23150 bsc#1258354). - Update patches.suse/nfc-nci-Fix-race-between-rfkill-and-nci_unregister_d.patch (git-fixes CVE-2026-23167 bsc#1258374). - Update patches.suse/nfsd-provide-locking-for-v4_end_grace.patch (git-fixes CVE-2026-22980 bsc#1257222). - Update patches.suse/of-unittest-Fix-memory-leak-in-unittest_data_add.patch (git-fixes CVE-2026-23137 bsc#1258232). - Update patches.suse/pNFS-Fix-a-deadlock-when-returning-a-delegation-during-open.patch (git-fixes CVE-2026-23050 bsc#1257688). - Update patches.suse/phy-rockchip-inno-usb2-Fix-a-double-free-bug-in-rock.patch (git-fixes CVE-2026-23030 bsc#1257561). - Update patches.suse/phy-stm32-usphyc-Fix-off-by-one-in-probe.patch (git-fixes CVE-2025-71196 bsc#1257716). - Update patches.suse/platform-x86-amd-Fix-memory-leak-in-wbrf_record.patch (git-fixes CVE-2026-23065 bsc#1257742). - Update patches.suse/platform-x86-hp-bioscfg-Fix-kernel-panic-in-GET_INST.patch (git-fixes CVE-2026-23062 bsc#1257734). - Update patches.suse/platform-x86-hp-bioscfg-Fix-kobject-warnings-for-emp.patch (git-fixes CVE-2026-23131 bsc#1258297). - Update patches.suse/platform-x86-toshiba_haps-Fix-memory-leaks-in-add-re.patch (git-fixes CVE-2026-23176 bsc#1258256). - Update patches.suse/pnfs-flexfiles-Fix-memory-leak-in-nfs4_ff_alloc_deviceid_node.patch (git-fixes CVE-2026-23038 bsc#1257553). - Update patches.suse/regmap-Fix-race-condition-in-hwspinlock-irqsave-rout.patch (git-fixes CVE-2026-23071 bsc#1257706). - Update patches.suse/scsi-qla2xxx-Delay-module-unload-while-fabric-scan-i.patch (bsc#1256865 bsc#1256867 jsc#PED-14156 CVE-2025-71235 bsc#1258469). - Update patches.suse/scsi-qla2xxx-Free-sp-in-error-path-to-fix-system-cra.patch (bsc#1256865 bsc#1256867 jsc#PED-14156 CVE-2025-71232 bsc#1258422). - Update patches.suse/scsi-qla2xxx-Sanitize-payload-size-to-prevent-member.patch (git-fixes CVE-2026-23059 bsc#1257737). - Update patches.suse/scsi-qla2xxx-Validate-sp-before-freeing-associated-m.patch (bsc#1256865 bsc#1256867 jsc#PED-14156 CVE-2025-71236 bsc#1258442). - Update patches.suse/slimbus-core-fix-device-reference-leak-on-report-pre.patch (git-fixes CVE-2026-23090 bsc#1257759). - Update patches.suse/smb-client-split-cached_fid-bitfields-to-avoid-shared-byte-RMW-rac.patch (bsc#1250748 bsc#1257154 CVE-2026-23230 bsc#1258430). - Update patches.suse/spi-tegra-Fix-a-memory-leak-in-tegra_slink_probe.patch (git-fixes CVE-2026-23182 bsc#1258259). - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-check-in-IRQ-han.patch (git-fixes bsc#1257952 CVE-2026-23207 bsc#1258524). - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-in-tegra_qspi_co.patch (git-fixes bsc#1257952 CVE-2026-23202 bsc#1258338). - Update patches.suse/uacce-ensure-safe-queue-release-with-state-managemen.patch (git-fixes CVE-2026-23063 bsc#1257722). - Update patches.suse/uacce-fix-cdev-handling-in-the-cleanup-path.patch (git-fixes CVE-2026-23096 bsc#1257809). - Update patches.suse/uacce-fix-isolate-sysfs-check-condition.patch (git-fixes CVE-2026-23094 bsc#1257811). - Update patches.suse/uacce-implement-mremap-in-uacce_vm_ops-to-return-EPE.patch (git-fixes CVE-2026-23056 bsc#1257729). - Update patches.suse/w1-therm-Fix-off-by-one-buffer-overflow-in-alarms_st.patch (git-fixes CVE-2025-71197 bsc#1257743). - Update patches.suse/wifi-ath10k-fix-dma_free_coherent-pointer.patch (git-fixes CVE-2026-23133 bsc#1258249). - Update patches.suse/wifi-ath12k-fix-dma_free_coherent-pointer.patch (git-fixes CVE-2026-23135 bsc#1258245). - Update patches.suse/wifi-mac80211-correctly-decode-TTLM-with-default-lin.patch (git-fixes CVE-2026-23152 bsc#1258252). - Update patches.suse/wifi-mac80211-ocb-skip-rx_no_sta-when-interface-is-n.patch (stable-fixes CVE-2025-71224 bsc#1258824). - Update patches.suse/wifi-rsi-Fix-memory-corruption-due-to-not-set-vif-dr.patch (git-fixes CVE-2026-23073 bsc#1257707). - Update patches.suse/wifi-rtl8xxxu-fix-slab-out-of-bounds-in-rtl8xxxu_sta.patch (git-fixes CVE-2025-71234 bsc#1258419). - Update patches.suse/wifi-rtw88-Fix-alignment-fault-in-rtw_core_enable_be.patch (git-fixes CVE-2025-71229 bsc#1258415). - Update patches.suse/wifi-wlcore-ensure-skb-headroom-before-skb_push.patch (stable-fixes CVE-2025-71222 bsc#1258279). - commit 154bcac - bonding: provide a net pointer to __skb_flow_dissect() (CVE-2026-23119 bsc#1258273). - commit 15d3820 - drm/i915/display: Add quirk to skip retraining of dp link (bsc#1253129). - commit f730886 - smb: client: Fix refcount leak for cifs_sb_tlink (bsc#1252924, CVE-2025-40103). - commit 176c45b - cifs: parse_dfs_referrals: prevent oob on malformed input (bsc#1252911, CVE-2025-40099). - commit 1544b30 - sched/fair: Fix pelt clock sync when entering idle (bsc#1234634 (Scheduler functional and performance backports SL-16.0)). - commit 24b0d4e - sched/fair: Fix pelt lost idle time detection (bsc#1234634 (Scheduler functional and performance backports SL-16.0)). - sched/deadline: Stop dl_server before CPU goes offline (bsc#1234634 (Scheduler functional and performance backports SL-16.0)). - sched/core: Avoid direct access to hrtimer clockbase (bsc#1234634 (Scheduler functional and performance backports SL-16.0)). - sched/deadline: Fix race in push_dl_task() (bsc#1234634 (Scheduler functional and performance backports)). - commit b3c53c0 - ice: Fix NULL pointer dereference in ice_vsi_set_napi_queues (CVE-2026-23166 bsc#1258272). - net/mlx5e: TC, delete flows only for existing peers (CVE-2026-23173 bsc#1258520). - net/mlx5e: Don't gate FEC histograms on ppcnt_statistical_group (git-fixes). - commit 91bddd0 ++++ openssh: - Add openssh-7.7p1-gssapi-new-unique.patch (bsc#1258166). This allows using SSSD with a non-file backend. ++++ virtiofsd: - Add CVE-2026-25727.patch: Avoid denial of service when parsing Rfc2822(bsc#1257912 CVE-2026-25727). ------------------------------------------------------------------ ------------------ 2026-3-1 - Mar 1 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - device property: Allow secondary lookup in fwnode_get_next_child_node() (git-fixes). - commit 4755249 ++++ kernel-rt: - device property: Allow secondary lookup in fwnode_get_next_child_node() (git-fixes). - commit 4755249 ------------------------------------------------------------------ ------------------ 2026-2-28 - Feb 28 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/amdgpu: Fix locking bugs in error paths (git-fixes). - drm/amdgpu: Replace kzalloc + copy_from_user with memdup_user (stable-fixes). - commit baf5092 - ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0 (stable-fixes). - ALSA: usb-audio: Check max frame size for implicit feedback mode, too (stable-fixes). - commit 1958ad9 - PCI: Correct PCI_CAP_EXP_ENDPOINT_SIZEOF_V2 value (git-fixes). - mmc: mmci: Fix device_node reference leak in of_get_dml_pipe_index() (git-fixes). - ALSA: usb-audio: Use correct version for UAC3 header validation (git-fixes). - ALSA: usb-audio: Use inclusive terms (git-fixes). - ALSA: usb-audio: Cap the packet size pre-calculations (git-fixes). - ALSA: usb-audio: Remove VALIDATE_RATES quirk for Focusrite devices (git-fixes). - drm/amd: Disable MES LR compute W/A (git-fixes). - drm/amdgpu: Unlock a mutex before destroying it (git-fixes). - drm/xe/sync: Cleanup partially initialized sync on parse failure (git-fixes). - drm/bridge: samsung-dsim: Fix memory leak in error path (git-fixes). - drm/bridge: ti-sn65dsi86: Enable HPD polling if IRQ is not used (git-fixes). - drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse() (git-fixes). - drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (git-fixes). - drm/vmwgfx: Fix invalid kref_put callback in vmw_bo_dirty_release (git-fixes). - commit 65e48f9 ++++ kernel-rt: - drm/amdgpu: Fix locking bugs in error paths (git-fixes). - drm/amdgpu: Replace kzalloc + copy_from_user with memdup_user (stable-fixes). - commit baf5092 - ALSA: usb-audio: Avoid implicit feedback mode on DIYINHK USB Audio 2.0 (stable-fixes). - ALSA: usb-audio: Check max frame size for implicit feedback mode, too (stable-fixes). - commit 1958ad9 - PCI: Correct PCI_CAP_EXP_ENDPOINT_SIZEOF_V2 value (git-fixes). - mmc: mmci: Fix device_node reference leak in of_get_dml_pipe_index() (git-fixes). - ALSA: usb-audio: Use correct version for UAC3 header validation (git-fixes). - ALSA: usb-audio: Use inclusive terms (git-fixes). - ALSA: usb-audio: Cap the packet size pre-calculations (git-fixes). - ALSA: usb-audio: Remove VALIDATE_RATES quirk for Focusrite devices (git-fixes). - drm/amd: Disable MES LR compute W/A (git-fixes). - drm/amdgpu: Unlock a mutex before destroying it (git-fixes). - drm/xe/sync: Cleanup partially initialized sync on parse failure (git-fixes). - drm/bridge: samsung-dsim: Fix memory leak in error path (git-fixes). - drm/bridge: ti-sn65dsi86: Enable HPD polling if IRQ is not used (git-fixes). - drm/logicvc: Fix device node reference leak in logicvc_drm_config_parse() (git-fixes). - drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (git-fixes). - drm/vmwgfx: Fix invalid kref_put callback in vmw_bo_dirty_release (git-fixes). - commit 65e48f9 ------------------------------------------------------------------ ------------------ 2026-2-27 - Feb 27 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fou: Don't allow 0 for FOU_ATTR_IPPROTO (CVE-2026-23083 bsc#1257745). - bonding: limit BOND_MODE_8023AD to Ethernet devices (CVE-2026-23099 bsc#1257816). - netlink: specs: fou: change local-v6/peer-v6 check (CVE-2026-23083 bsc#1257745). - tools: ynl-gen: use big-endian netlink attribute types (CVE-2026-23083 bsc#1257745). - commit 3712b18 - netfilter: nf_conncount: update last_gc only when GC has been performed (CVE-2026-23139 bsc#1258304). - commit f7db582 - netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (CVE-2026-23111 bsc#1258181). - commit a2cf5ae - ipmi: ipmb: initialise event handler read bytes (git-fixes). - wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() (git-fixes). - wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration (git-fixes). - wifi: radiotap: reject radiotap with unknown bits (git-fixes). - wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() (git-fixes). - wifi: cfg80211: wext: fix IGTK key ID off-by-one (git-fixes). - net: usb: kaweth: validate USB endpoints (git-fixes). - net: usb: kalmia: validate USB endpoints (git-fixes). - nfc: pn533: properly drop the usb interface reference on disconnect (git-fixes). - Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ (git-fixes). - Bluetooth: L2CAP: Fix not checking output MTU is acceptable on L2CAP_ECRED_CONN_REQ (git-fixes). - Bluetooth: L2CAP: Fix response to L2CAP_ECRED_CONN_REQ (git-fixes). - Bluetooth: hci_qca: Cleanup on all setup failures (git-fixes). - Bluetooth: L2CAP: Fix result of L2CAP_ECRED_CONN_RSP when MTU is too short (git-fixes). - Bluetooth: L2CAP: Fix invalid response to L2CAP_ECRED_RECONF_REQ (git-fixes). - net: usb: pegasus: enable basic endpoint checking (git-fixes). - net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets (git-fixes). - net: usb: lan78xx: scan all MDIO addresses on LAN7801 (git-fixes). - net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode (git-fixes). - commit cd64e0b ++++ kernel-rt: - fou: Don't allow 0 for FOU_ATTR_IPPROTO (CVE-2026-23083 bsc#1257745). - bonding: limit BOND_MODE_8023AD to Ethernet devices (CVE-2026-23099 bsc#1257816). - netlink: specs: fou: change local-v6/peer-v6 check (CVE-2026-23083 bsc#1257745). - tools: ynl-gen: use big-endian netlink attribute types (CVE-2026-23083 bsc#1257745). - commit 3712b18 - netfilter: nf_conncount: update last_gc only when GC has been performed (CVE-2026-23139 bsc#1258304). - commit f7db582 - netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (CVE-2026-23111 bsc#1258181). - commit a2cf5ae - ipmi: ipmb: initialise event handler read bytes (git-fixes). - wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() (git-fixes). - wifi: mac80211: bounds-check link_id in ieee80211_ml_reconfiguration (git-fixes). - wifi: radiotap: reject radiotap with unknown bits (git-fixes). - wifi: cfg80211: cancel rfkill_block work in wiphy_unregister() (git-fixes). - wifi: cfg80211: wext: fix IGTK key ID off-by-one (git-fixes). - net: usb: kaweth: validate USB endpoints (git-fixes). - net: usb: kalmia: validate USB endpoints (git-fixes). - nfc: pn533: properly drop the usb interface reference on disconnect (git-fixes). - Bluetooth: L2CAP: Fix missing key size check for L2CAP_LE_CONN_REQ (git-fixes). - Bluetooth: L2CAP: Fix not checking output MTU is acceptable on L2CAP_ECRED_CONN_REQ (git-fixes). - Bluetooth: L2CAP: Fix response to L2CAP_ECRED_CONN_REQ (git-fixes). - Bluetooth: hci_qca: Cleanup on all setup failures (git-fixes). - Bluetooth: L2CAP: Fix result of L2CAP_ECRED_CONN_RSP when MTU is too short (git-fixes). - Bluetooth: L2CAP: Fix invalid response to L2CAP_ECRED_RECONF_REQ (git-fixes). - net: usb: pegasus: enable basic endpoint checking (git-fixes). - net: wan: farsync: Fix use-after-free bugs caused by unfinished tasklets (git-fixes). - net: usb: lan78xx: scan all MDIO addresses on LAN7801 (git-fixes). - net: usb: kaweth: remove TX queue manipulation in kaweth_set_rx_mode (git-fixes). - commit cd64e0b ------------------------------------------------------------------ ------------------ 2026-2-26 - Feb 26 2026 ------------------- ------------------------------------------------------------------ ++++ haproxy: - Update to version 3.2.12+git0.6011f448e: * [RELEASE] Released version 3.2.12 * BUG/MAJOR: quic: fix parsing frame type * BUG/MAJOR: quic: reject invalid token * BUG/MINOR: startup: handle a possible strdup() failure * BUG/MINOR: startup: fix allocation error message of progname string * BUG/MINOR: config: Fix setting of alt_proto * DOC: config: mention the limitation on server id range for consistent hash * BUG/MEDIUM: lb-chash: always properly initialize lb_nodes with dynamic servers * BUG/MINOR: cpu-topo: count cores not cpus to distinguish core types * CLEANUP: haproxy: fix bad line wrapping in run_poll_loop() * BUG/MEDIUM: threads: Atomically set TH_FL_SLEEPING and clr FL_NOTIFIED * DOC: internals: cleanup few typos in master-worker documentation * BUG/MEDIUM: applet: Fix test on shut flags for legacy applets * BUG/MAJOR: applet: Don't call I/O handler if the applet was shut * MEDIUM: ssl: don't always process pending handshakes on closed connections * MINOR: rawsock: introduce CO_RFL_TRY_HARDER to detect closures on complete reads * [RELEASE] Released version 3.2.11 * BUG/MEDIUM: debug: only dump Lua state when panicking * BUG/MINOR: config: check capture pool creations for failures * DOC: reg-tests: update VTest upstream link in the starting guide * MINOR: hlua: Add support for lua 5.5 * BUG/MEDIUM: mux-h2: synchronize all conditions to create a new backend stream * BUG/MINOR: mworker/cli: fix show proc pagination using reload counter * BUG/MINOR: mworker/cli: 'show proc' is limited by buffer size * CLEANUP: mworker/cli: remove useless variable * BUG/MINOR: ssl: fix error message of tune.ssl.certificate-compression * MINOR: ssl: allow to disable certificate compression * BUG/MEDIUM: mux-h1: Skip UNUSED htx block when formating the start line * BUG/MINOR: promex: Detach promex from the server on error dump its metrics dump * BUG/MINOR: hlua: consume error object if ignored after a failing lua_pcall() * BUG/MEDIUM: hlua: fix invalid lua_pcall() usage in hlua_traceback() * BUG/MINOR: proxy: fix deinit crash on defaults with duplicate name * REGTESTS: ssl: fix generate-certificates w/ LibreSSL * BUG/MEDIUM: mux-quic: prevent BUG_ON() on aborted uni stream close * BUG/MEDIUM: ssl: fix generate-certificates option when SNI greater than 64bytes * BUG/MEDIUM: ssl: fix error path on generate-certificates * BUG/MEDIUM: log: parsing log-forward options may result in segfault * BUG/MEDIUM: promex: server iteration may rely on stale server * BUG/MINOR: cfgparse: fix "default" prefix parsing * BUG/MINOR: proxy: free persist_rules * BUG/MINOR: http_act: fix deinit performed on uninitialized lf_expr in release_http_map() * BUG/MEDIUM: quic: fix ACK ECN frame parsing * BUG/MINOR: hlua_fcn: ensure Patref:add_bulk() is given a table object before using it * BUG/MINOR: hlua_fcn: fix broken yield for Patref:add_bulk() * MINOR: cfgparse: remove duplicate "force-persist" in common kw list * REGTESTS: ssl: Fix reg-tests curve check * BUG/MINOR: cli/stick-tables: argument to "show table" is optional * BUILD: sockpair: fix build issue on macOS related to variable-length arrays * BUG/MINOR: cfgparse: wrong section name upon error * BUILD: tools: memchr definition changed in C23 * BUILD: ssl: strchr definition changed in C23 * BUG/MEDIUM: mworker: can't use signals after a failed reload * DOC: config: fix the length attribute name for stick tables of type binary / string * BUG/MINOR: backend: inspect request not response buffer to check for TFO * BUG/MINOR: backend: fix the conn_retries check for TFO * BUG/MEDIUM: ssl: Don't resume session for check connections * MINOR: connections: Add a new CO_FL_SSL_NO_CACHED_INFO flag * MEDIUM: ssl/server: No longer store the SNI of cached TLS sessions * BUG/MEDIUM: ssl: Don't reuse TLS session if the connection's SNI differs * MEDIUM: tcpcheck/backend: Get the connection SNI before initializing SSL ctx * MINOR: connection/ssl: Store the SNI hash value in the connection itself * MINOR: ssl: Compare hashes instead of SNIs when a session is cached * MINOR: ssl: Store hash of the SNI for cached TLS sessions * MINOR: ssl: Add a function to hash SNIs * BUG/MINOR: sock-inet: ignore conntrack for transparent sockets on Linux * BUG/MEDIUM: stconn: Don't report abort from SC if read0 was already received * BUG/MEDIUM: http-ana: Properly detect client abort when forwarding response (v2) * [RELEASE] Released version 3.2.10 * BUG/MEDIUM: quic: Don't try to use hystart if not implemented * BUG/MEDIUM: quic: handle collision on CID generation * MINOR: quic: split CID alloc/generation function * MINOR: quic: adjust CID conn tree alloc in qc_new_conn() * BUG/MINOR: check: only try connection reuse for http-check rulesets * MINOR: cfgdiag: adjust diag on servers * BUG/MINOR: mux-h2: send the preface along with the first request if needed * MINOR: mux-h2: extract the code to send preface+settings into its own function * MEDIUM: mux-h2: do not needlessly refrain from sending data early * MEDIUM: h1: Immediately try to read data for frontend * BUG/MINOR: cfgparse-listen: update err_code for fatal error on proxy directive * BUG/MEDIUM: quic: support some ciphersuites and curves related options * MINOR: hlua: emit a log instead of an alert for aborted actions due to unavailable yield * MINOR: h2/trace: emit a trace of the received RST_STREAM type * DOC: config: Improve spop mode documentation * DOC: config: Fix description of the spop mode * BUG/MEDIUM: http-ana: Don't close server connection on read0 in TUNNEL mode * BUG/MINOR: ssl: Don't allow to set NULL sni * MINOR: quic: Add useful debugging traces in qc_idle_timer_do_rearm() * BUG/MINOR: quic/ssl: crash in ClientHello callback ssl traces * DOC: config: reorder the cache section's keywords * DOC: config: mention clearer that the cache's total-max-size is mandatory * BUG/MEDIUM: connection: fix "bc_settings_streams_limit" typo * BUG/MINOR: jwt: Missing "case" in switch statement * BUG/MINOR: acme: fix ha_alert() call * BUG/MINOR: acme: warning ‘ctx’ may be used uninitialized * BUG/MINOR: acme: better challenge_ready processing * BUG/MINOR: acme: prevent creating map entries with dns-01 * BUG/MINOR: acme: handle multiple auth with the same name * BUG/MEDIUM: cli: State the cli have no more data to deliver if it yields * BUG/MEDIUM: applet: Fix conditions to detect spinning loop with the new API * BUG/MINOR: http-ana: Reset analyse_exp date after 'wait-for-body' action * BUG/MEDIUM: h1-htx: Don't set HTX_FL_EOM flag on 1xx informational messages * BUG/MEDIUM: mworker/listener: ambiguous use of RX_F_INHERITED with shards * [RELEASE] Released version 3.2.9 * DOC: http: document 413 response code * ADMIN: dump-certs: let dry-run compare certificates * ADMIN: dump-certs: use same error format as haproxy * ADMIN: dump-certs: fix lack of / in -p * ADMIN: dump-certs: create files in a tmpdir * ADMIN: dump-certs: don't update the file if it's up to date * ADMIN: haproxy-dump-certs: implement a certificate dumper * BUG/MEDIUM: proxy: do not align proxy_per_tgroup beyond allocator's capabilities * BUG/MEDIUM: config: Use the mux protocol ALPN by default for listeners if forced * MINOR: config: Do proto detection for listeners before checks about ALPN * MINOR: muxes: Support an optional ALPN string when defining mux protocols * BUG/MEDIUM: queues: Don't forget to unlock the queue before exiting * DOC: acme: configuring acme needs a crt file * DOC: acme: explain how to dump the certificates * DOC: acme: add details about the DNS-01 support * BUG/MINOR: acme: alert when the map doesn't exist at startup * BUG/MINOR: ssl: remove dead code in ssl_sock_from_buf() * BUG/MINOR: mworker: wrong signals during startup * BUG/MEDIUM: mworker: signals inconsistencies during startup and reload * BUG/MINOR: quic-be: backend SSL session reuse fix (OpenSSL 3.5) * BUG/MEDIUM: h1: prevent a crash on HTTP/2 upgrade * MINOR: h1: h1_release() should return if it destroyed the connection * BUG/MINOR: stick-tables: Fix return value for __stksess_kill() * BUG/MEDIUM: stick-tables: Always return the good stksess from stktable_set_entry * DOC: configuration: add missing openssl_version predicates * DOC: configuration: add missing ssllib_name_startswith() * BUG/MINOR: check: fix reuse-pool if MUX inherited from server * BUG/MINOR: acme: can't override the default resolver * BUG/MEDIUM: acme: move from mt_list to a rwlock + ebmbtree * BUG/MINOR: acme: more explicit error when BIO_new_file() * BUG/MINOR: quic: close connection on CID alloc failure * BUG/MEDIUM: stick-tables: Make sure updates are seen as local * BUG/MINOR: config: Limit "tune.maxpollevents" parameter to 1000000 * BUG/MEDIUM: connection/ssl: also fix the ssl_sock_io_cb() regarding idle list * BUG/MEDIUM: connection: do not reinsert a purgeable conn in idle list * Revert "BUG/MEDIUM: connections: permit to permanently remove an idle conn" * MINOR: ssl/sample: expose ssl_*c_curve for AWS-LC * [RELEASE] Released version 3.2.8 * BUG/MINOR: acme: wrong dns-01 challenge in the log * BUG/MEDIUM: server: close a race around ready_srv when deleting a server * BUG/MEDIUM: connections: permit to permanently remove an idle conn * BUG/MEDIUM: mux-h2: make sure not to move a dead connection to idle * BUG/MEDIUM: mux-h1: fix 414 / 431 status code reporting * SCRIPTS: build-ssl: fix rpath in AWS-LC install for openssl and bssl bin * OPTIM: backend: skip conn reuse for incompatible proxies * BUG/MINOR: resolvers: ensure fair round robin iteration * BUG/MINOR: ssl: returns when SSL_CTX_new failed during init * BUG/MINOR: resolvers: Apply dns-accept-family setting on additional records * BUG/MINOR: init: Do not close previously created fd in stdio_quiet * MINOR: http: fix 405,431,501 default errorfile * MINOR: ssl-sample: add ssl_fc_early_rcvd() to detect use of early data * DOC: config: slightly clarify the ssl_fc_has_early() behavior * BUG/MEDIUM: ssl: Crash because of dangling ckch_store reference in a ckch instance * MINOR: backend: srv_is_up converter * MINOR: backend: srv_queue helper * BUG/MEDIUM: cli: do not return ACKs one char at a time * MINOR: cli: create cli_raw_rcv_buf() from the generic applet_raw_rcv_buf() * MINOR: applet: do not put SE_FL_WANT_ROOM on rcv_buf() if the channel is empty * BUG/MEDIUM: mt_list: Use atomic operations to prevent compiler optims * BUG/MINOR: stick-tables: properly index string-type keys * BUG/MEDIUM: applet: Improve again spinning loops detection with the new API * BUG/MEDIUM: mt_lists: Avoid el->prev = el->next = el * [RELEASE] Released version 3.2.7 * MINOR: acme: display the complete challenge_ready command in the logs * MINOR: acme: add the dns-01-record field to the sink * BUG/MINOR: acme: memory leak from the config parser * MEDIUM: acme: don't insert acme account key in ckchs_tree * MINOR: acme: implement "reuse-key" option * BUILD: acme: fix false positive null pointer dereference * MINOR: acme: provider-name for dpapi sink * CLEANUP: acme: acme_will_expire() uses acme_schedule_date() * MINOR: acme: check acme-vars allocation during escaping * MINOR: acme: acme-vars allow to pass data to the dpapi sink * BUG/MEDIUM: build: limit excessive and counter-productive gcc-15 vectorization * BUG/MAJOR: quic: use ncbmbuf for CRYPTO handling * MINOR: ncbmbuf: add tests as standalone mode * MINOR: ncbmbuf: implement advance operation * MINOR: ncbmbuf: implement ncbmb_data() * MINOR: ncbmbuf: implement iterator bitmap utilities functions * MINOR: ncbmbuf: implement add * MINOR: ncbmbuf: define new ncbmbuf type * MINOR: ncbuf: extract common types * BUG/MEDIUM: h3: properly encode response after interim one in same buf * BUG/MAJOR: quic: uninitialized quic_conn_closed struct members * BUG/MINOR: quic: SSL counters not handled * BUG/MEDIUM: cli: also free the trash chunk on the error path * BUG/MEDIUM: mt_list: Make sure not to unlock the element twice * BUG/MEDIUM: threads/config: drop absent threads from thread groups * DOC: clarify the experimental status for certain features * BUG/MINOR: quic: check applet_putchk() for 'show quic' first line * BUG/MEDIUM: stick-tables: Don't forget to dec count on failure. * MINOR: quic: restore QUIC_HP_SAMPLE_LEN constant * BUG/MINOR: quic: too short PADDING frame for too short packets * BUILD: ssl: can't build when using -DLISTEN_DEFAULT_CIPHERS * BUG/MAJOR: lb-chash: fix key calculation when using default hash-key id * BUG/MINOR: pools: don't report "limited to the first X entries" by default * BUG/MEDIUM: pools: fix crash on filtered "show pools" output * TESTS: quic: useless param for b_quic_dec_int() * BUG/MINOR: ssl: Potential NULL deref in trace macro * BUG/MINOR: ssl: Free key_base from global_ssl structure during deinit * BUG/MINOR: ssl: Free global_ssl structure contents during deinit * MINOR: debug: add distro name and version in postmortem * BUG/MINOR: sink: retry attempt for sft server may never occur * BUG/MEDIUM: apppet: Improve spinning loop detection with the new API * BUILD: makefile: disable tail calls optimizations with memory profiling * BUG/MINOR: ssl: leak crtlist_name in ssl-f-use * BUG/MINOR: ssl: leak in ssl-f-use * BUG/MINOR: ssl: always clear the remains of the first hello for the second one * BUG/MEDIUM: ssl: take care of second client hello * BUG/MINOr: hlua: Fix receive from HTTP applet by properly accounting data * BUG/MINOR: acme: avoid overflow when diff > notAfter * [RELEASE] Released version 3.2.6 * BUG/MEDIUM: resolvers: break an infinite loop in resolv_get_ip_from_response() * BUG/MINOR: h3: forbid 'Z' as well in header field names checks * BUG/MINOR: h2: forbid 'Z' as well in header field names checks * BUG/CRITICAL: mjson: fix possible DoS when parsing numbers * DOC: config: clarify some known limitations of the json_query() converter * BUG/MEDIUM: fwlc: Handle memory allocation failures. * MEDIUM: fwlc: Make it so fwlc_srv_reposition works with unqueued srv * MEDIUM: servers: Schedule the server requeue target on creation * BUG/MEDIUM: stick-tables: Make sure not to free a pending entry * MINOR: mt_list: Implement MT_LIST_POP_LOCKED() * BUG/MEDIUM: ssl: ca-file directory mode must read every certificates of a file * BUG/MINOR: pattern: Fix pattern lookup for map with opt@ prefix * BUG/MINOR: acme: possible overflow in acme_will_expire() * BUG/MINOR: acme: possible overflow on scheduling computation * BUG/MINOR: pattern: Properly flag virtual maps as using samples * BUG/MINOR: compression: Test payload size only if content-length is specified * MINOR: ssl: add the ssl_bc_sni sample fetch function to retrieve backend SNI * BUG/MEDIUM: wdt: improve stuck task detection accuracy * MINOR: sched: pass the thread number to is_sched_alive() * MINOR: sched: let's permit to share the local ctx between threads * BUG/MEDIUM: acme: free() of i2d_X509_REQ() with AWS-LC * BUG/MEDIUM: acme: cfg_postsection_acme() don't init correctly acme sections * BUG/MINOR: acme: don't unlink from acme_ctx_destroy() * CI: github: build halog on the vtest job * BUILD: halog: misleading indentation in halog.c * BUG/MINOR: pools: Fix the dump of pools info to deal with buffers limitations * BUG/MEDIUM: stick-tables: Don't let table_process_entry() handle refcnt * BUG/MINOR: acme/cli: wrong description for "acme challenge_ready" * MEDIUM: resolvers: make the process_resolvers() task single-threaded * MEDIUM: dns: bind the nameserver sockets to the initiating thread * OPTIM: sink: reduce contention on sink_announce_dropped() * BUG/MEDIUM: resolvers: Wake resolver task up whne unlinking a stream requester * BUG/MEDIUM: resolvers: Accept to create resolution without hostname * BUG/MEDIUM: resolvers: Make resolution owns its hostname_dn value * BUG/MEDIUM: resolvers: Test for empty tree when getting a record from DNS answer * BUG/MINOR: resolvers: Restore round-robin selection on records in DNS answers * BUG/MEDIUM: resolvers: Properly cache do-resolv resolution * MINOR: tools: don't emit "+0" for symbol names which exactly match known ones * MINOR: activity: indicate the number of calls on "show tasks" * MEDIUM: peers: move process_peer_sync() to a single thread * MEDIUM: stick-table: move process_table_expire() to a single thread * MEDIUM: peers: don't even try to process updates under contention * MEDIUM: stick-tables: don't wait indefinitely in stktable_add_pend_updates() * MEDIUM: stick-tables: give up on lock contention in process_table_expire() * MEDIUM: stick-tables: relax stktable_trash_oldest() to only purge what is needed * MINOR: stick-table: permit stksess_new() to temporarily allocate more entries * DEBUG: peers: export functions that use locks * MINOR: debug: report the time since last wakeup and call * MINOR: debug: report the number of loops and ctxsw for each thread * DEBUG: stream: count the number of passes in the connect loop * MINOR: debug: report the process id in warnings and panics * BUG/MINOR: tcpcheck: Don't use sni as pool-conn-name for non-SSL connections * BUG/MINOR: server: Update healthcheck when server settings are changed via CLI * BUG/MEDIUM: server: Use sni as pool connection name for SSL server only * MINOR: server: Parse sni and pool-conn-name expressions in a dedicated function * OPTIM: stick-tables: exit expiry faster when the update lock is held * MINOR: stick-tables: limit the number of visited nodes during expiration * [RELEASE] Released version 3.2.5 * BUG/MEDIUM: pattern: fix possible infinite loops on deletion (try 2) * DEBUG: stick-tables: export stktable_add_pend_updates() for better reporting * BUG/MEDIUM: ring: invert the length check to avoid an int overflow * BUG/MINOR: resolvers: always normalize FQDN from response * BUG/MINOR: ocsp: Crash when updating CA during ocsp updates * BUG/MEDIUM: http_ana: fix potential NULL deref in http_process_req_common() * BUG/MINOR: ocsp: prototype inconsistency * BUG/MINOR: ssl: Fix potential NULL deref in trace callback * BUG/MINOR: ssl: Potential NULL deref in trace macro * BUG/MEDIUM: jws: return size_t in JWS functions * BUG/MINOR: acme: null pointer dereference upon allocation failure * BUG/MAJOR: stream: Force channel analysis on successful synchronous send * BUG/MAJOR: stream: Remove READ/WRITE events on channels after analysers eval * BUG/MINOR: stick-table: make sure never to miss a process_table_expire update * BUG/MEDIUM: stick-tables: don't loop on non-expirable entries * BUG/MINOR: activity: fix reporting of task latency * BUG/MEDIUM: ssl: create the mux immediately on early data * BUG/MEDIUM: h1: Allow reception if we have early data * BUG/MEDIUM: checks: fix ALPN inheritance from server * OPTIM: check: do not delay MUX for ALPN if SSL not active * BUG/MEDIUM: mux-h2: Reinforce conditions to report an error to app-layer stream * BUG/MEDIUM: mux-h2: Report RST/error to app-layer stream during 0-copy fwding * BUG/MINOR: mux-h2: Remove H2_CF_DEM_DFULL flags when the demux buffer is reset * BUG/MEDIUM: mux-h2: Restart reading when mbuf ring is no longer full * BUG/MEDIUM: mux-h2; Don't block reveives in H2_CS_ERROR and H2_CS_ERROR2 states * BUG/MEDIUM: mux-h2: Reset MUX blocking flags when a send error is caught * CLEANUP: quic: fix typo in quic_tx trace * BUG/MINOR: cpu_topo: work around a small bug in musl's CPU_ISSET() * BUILD: trace: silence a bogus build warning at -Og * BUG/MINOR: log: fix potential memory leak upon error in add_to_logformat_list() * BUG/MINOR: connection: streamline conn detach from lists * BUG/MEDIUM: conn: fix UAF on connection after reversal on edge * REGTESTS: explicitly use "balance roundrobin" where RR is needed * BUG/MINOR: check: fix dst address when reusing a connection * BUG/MINOR: check: ensure check-reuse is compatible with SSL * BUG/MEDIUM: peers: don't fail twice to grab the update lock * BUG/MINOR: stick-tables: never leave used entries without expiration * BUG/MEDIUM: stick-tables: don't leave the expire loop with elements deleted * MINOR: quic: Add more information about RX packets * BUILD: acl: silence a possible null deref warning in parse_acl_expr() * BUG/MINOR: haproxy: be sure not to quit too early on soft stop * BUG/MINOR: quic: fix padding issue on INITIAL retransmit * BUG/MINOR: quic: fix room check if padding requested * BUG/MINOR: quic: ignore AGAIN ncbuf err when parsing CRYPTO frames * BUG/MINOR: tools: Add OOM check for malloc() in indent_msg() * BUG/MINOR: compression: Add OOM check for calloc() in parse_compression_options() * BUG/MINOR: cfgparse: Add OOM check for calloc() in cfg_parse_listen() * BUG/MINOR: acl: Add OOM check for calloc() in smp_fetch_acl_parse() * BUG/MINOR: log: Add OOM checks for calloc() and malloc() in logformat parser and dup_logger() * BUG/MINOR: halog: Add OOM checks for calloc() in filter_count_srv_status() and filter_count_url() * BUG/MEDIUM: server: Duplicate healthcheck's alpn inherited from default server * REG-TESTS: map_redirect: Don't use hdr_dom in ACLs with "-m end" matching method * BUG/MAJOR: mux-quic: fix crash on reload during emission * BUG/MEDIUM: quic: CRYPTO frame freeing without eb_delete() * CLEANUP: quic: remove a useless CRYPTO frame variable assignment * MINOR: doc: add missing statistics column * MINOR: doc: add missing statistics column * DOC: configuration: confuse "strict-mode" with "zero-warning" * DOC: unreliable sockpair@ on macOS * BUILD: mworker: fix ignoring return value of ‘read’ * BUG/MINOR: server: decrement session idle_conns on del server * BUG/MINOR: connection: remove extra session_unown_conn() on reverse * BUG/MINOR: connection: rearrange union list members * BUG/MEDIUM: mworker: fix startup and reload on macOS * BUG/MINOR: acl: set arg_list->kw to aclkw->kw string literal if aclkw is found * BUG/MINOR: mux-quic: trace with non initialized qcc * MINOR: quic: remove ->offset qf_crypto struct field * DOC: configuration: clarify 'default-crt' and implicit default certificates * MINOR: ssl: diagnostic warning when both 'default-crt' and 'strict-sni' are used * BUG/MINOR: quic: reorder fragmented RX CRYPTO frames by their offsets * MINOR: sample: Add base2 converter * MINOR: sample: Add le2dec (little endian to decimal) sample fetch * BUG/MEDIUM: spoe: Improve error detection in SPOE applet on client abort * BUG/MEDIUM: http_ana: handle yield for "stats http-request" evaluation * BUG/MEDIUM: mux-spop: Reject connection attempts from a non-spop frontend * MINOR: http_ana: fix typo in http_res_get_intercept_rule * MINOR: quic: centralize padding for HP sampling on packet building * BUG/MINOR: quic: don't coalesce probing and ACK packet of same type * BUG/MAJOR: quic: fix INITIAL padding with probing packet only * BUG/MINOR: quic: do not emit probe data if CONNECTION_CLOSE requested * BUG/MEDIUM: quic: reset padding when building GSO datagrams * MINOR: dns: dns_connect_nameserver: fix fd leak at error path * BUG/MEDIUM: ssl: apply ssl-f-use on every "ssl" bind * BUG/MEDIUM: mux-h2: fix crash on idle-ping due to unwanted ABORT_NOW * BUG/MEDIUM: mworker: more verbose error upon loading failure * BUG/MEDIUM: cli: Report inbuf is no longer full when a line is consumed * BUG/MINOR: spoe: Properly detect and skip empty NOTIFY frames * MEDIUM: dns: don't call connect to dest socket for AF_INET* * BUG/MINOR: mux-h1: fix wrong lock label * BUG/MEDIUM: quic: listener connection stuck during handshakes (OpenSSL 3.5) * MINOR: quic: implement qc_ssl_do_hanshake() * BUG/MEDIUM: Remove sync sends from streams to applets * BUG/MEDIUM: stconn: Fix conditions to know an applet can get data from stream * [RELEASE] Released version 3.2.4 * BUG/MEDIUM: http-client: Test HTX_FL_EOM flag before commiting the HTX buffer * BUG/MEDIUM: mux-quic: adjust wakeup behavior * DOC: config: recommend single quoting passwords * DOC: management: fix typo in commit f4f93c56 * BUG/MINOR: init: Initialize random seed earlier in the init process * BUG/MEDIUM: ssl: fix build with AWS-LC * BUG/MEDIUM: ssl: Fix 0rtt to the server * MINOR: sock: update broken accept4 detection for older hardwares. * BUG/MINOR: stick-table: cap sticky counter idx with tune.nb_stk_ctr instead of MAX_SESS_STKCTR * BUILD: compat: always set _POSIX_VERSION to ease comparisons * BUILD: compat: provide relaxed versions of the MIN/MAX macros * DOC: list missing global QUIC settings * CLEANUP: http-client: Remove useless indentation when sending request body * BUG/MINOR: mux-quic: ensure close-spread-time is properly applied * BUG/MINOR mux-quic: apply correctly timeout on output pending data * BUG/MINOR: hq-interop: fix FIN transmission * BUG/MINOR: logs: fix log-steps extra log origins selection * BUG/MEDIUM: threads: Disable the workaround to load libgcc_s on macOS * BUG/MINOR: halog: exit with error when some output filters are set simultaneosly * BUG/MINOR: applet: Don't trigger BUG_ON if the tid is not on appctx init * MINOR: h3: remove unused outbuf in h3_resp_headers_send() * BUG/MINOR: quic: Wrong source address use on FreeBSD * BUG/MEDIUM: h3: handle interim response properly on FE side * MINOR: qmux: change API for snd_buf FIN transmission * BUG/MINOR: h3: ensure that invalid status code are not encoded (FE side) * BUG/MINOR: h3: properly realloc buffer after interim response encoding * BUG/MEDIUM: h3: do not overwrite interim with final response * BUG/MINOR: h1-htx: Don't forget to init flags in h1_format_htx_msg function * BUG/MINOR: mux-h1: Use configured error files if possible for early H1 errors * MINOR: h1-htx: Add function to format an HTX message in its H1 representation * BUG/MEDIUM: http-client: Notify applet has more data to deliver until the EOM * BUG/MEDIUM: http-client: Drain the request if an early response is received * BUG/MINOR: http-client: Reject any 101-switching-protocols response * BUG/MINOR: http-client: Ignore 1XX interim responses in non-HTX mode * BUG/MEDIUM: http-client: Ask for more room when request data cannot be xferred * BUG/MEDIUM: http-client: Properly inc input data when HTX blocks are xferred * BUG/MEDIUM: http-client: Don't wake http-client applet if nothing was xferred * BUG/MEDIUM: quic: Crash after QUIC server callbacks restoration (OpenSSL 3.5) * MINOR: quic: Prevent QUIC build with OpenSSL 3.5 new QUIC API version < 3.5.1 * BUG/MINOR: listener: really assign distinct IDs to shards * MEDIUM: ssl/cli: relax crt insertion in crt-list of type directory * DOC: management: clarify usage of -V with -c * MEDIUM: acme: use lowercase for challenge names in configuration * BUG/MINOR: acme: possible integer underflow in acme_txt_record() * MINOR: acme: update the log for DNS-01 * MEDIUM: acme: allow to wait and restart the task for DNS-01 * MINOR: acme: emit the DNS-01 challenge details on the dpapi sink * MINOR: acme: emit a log for DNS-01 challenge response * BUG/MEDIUM: hlua_fcn: ensure systematic watcher cleanup for server list iterator * BUILD: acme: avoid declaring TRACE_SOURCE in acme-t.h * CLEANUP: ssl: Rename ssl_trace-t.h to ssl_trace.h * BUG/MEDIUM: mux-quic: ensure Early-data header is set * BUG/MINOR: hlua: take default-path into account with lua-load-per-thread * BUG/MEDIUM: logs: fix sess_build_logline_orig() recursion with options * BUG/MEDIUM: dns: Reset reconnect tempo when connection is finally established * BUG/MEDIUM: hlua: Report to SC when output data are blocked on a lua socket * BUG/MEDIUM: hlua: Report to SC when data were consumed on a lua socket * BUG/MINOR: hlua: Skip headers when a receive is performed on an HTTP applet * MINOR: acme: implement traces * MINOR: acme: add ACME to the haproxy -vv feature list * CLEANUP: acme: fix wrong spelling of "resources" * BUG/MINOR: acme: allow "processing" in challenge requests * MINOR: acme: remove acme_req_auth() and use acme_post_as_get() instead * BUG/MEDIUM: acme: use POST-as-GET instead of GET for resources * BUG/MEDIUM: ssl/clienthello: ECDSA with ssl-max-ver TLSv1.2 and no ECDSA ciphers * DOC: deviceatlas build clarifications * [RELEASE] Released version 3.2.3 * BUILD/MEDIUM: deviceatlas: fix when installed in custom locations. * BUG/MINOR: http-act: Fix parsing of the expression argument for pause action * BUG/MINOR: ssl: crash in ssl_sock_io_cb() with SSL traces and idle connections * BUG/MINOR: ssl/ocsp: fix definition discrepancies with ocsp_update_init() * BUG/MINOR: quic: Missing TLS 1.3 QUIC cipher suites and groups inits (OpenSSL 3.5 QUIC API) * CI: github: update to OpenSSL 3.5.1 * BUG/MEDIUM: quic: SSL/TCP handshake failures with OpenSSL 3.5 * BUILD: quic: QUIC build against OpenSSL 3.5 broken * CI: github: update the stable CI to ubuntu-24.04 * CI: github: add an OpenSSL 3.5.0 job * CI: enable USE_QUIC=1 for OpenSSL versions >= 3.5.0 * [RELEASE] Released version 3.2.2 * BUILD: dev/phash: remove the accidentally committed a.out file * BUG/MINOR: httpclient: wrongly named httpproxy flag * DOC: Fix 'jwt_verify' converter doc * BUG/MINOR: jwt: Copy input and parameters in dedicated buffers in jwt_verify converter * BUG/MEDIUM: mux-h2: Properly handle connection error during preface sending * BUG/MEDIUM: hlua: Forbid any L6/L7 sample fetche functions from lua services * MINOR: ssl: check TLS1.3 ciphersuites again in clienthello with recent AWS-LC * BUG/MINOR: tools: use my_unsetenv instead of unsetenv * SCRIPTS: drop the HTML generation from announce-release * DOC: config: crt-list clarify default cert + cert-bundle * MINOR: quic: Useless TX buffer size reduction in closing state * BUG/MINOR: quic: wrong QUIC_FT_CONNECTION_CLOSE(0x1c) frame encoding * DOC: configuration: add details on prefer-client-ciphers * BUG/MINOR: log: Be able to use %ID alias at anytime of the stream's evaluation * BUG/MINOR: stream: Avoid recursive evaluation for unique-id based on itself * BUG/MINOR: tools: only reset argument start upon new argument * MINOR: fwlc: Factorize code. * BUG/MAJOR: fwlc: Count an avoided server as unusable. * BUG/MINOR: mux-quic/h3: properly handle too low peer fctl initial stream * DOC: config: prefer-last-server: add notes for non-deterministic algorithms * BUG/MEDIUM: check: Set SOCKERR by default when a connection error is reported * MINOR: cli: handle EOS/ERROR first * BUG/MEDIUM: cli: Don't consume data if outbuf is full or not available * BUG/MINOR: quic: Fix OSSL_FUNC_SSL_QUIC_TLS_got_transport_params_fn callback (OpenSSL3.5) * BUG/MINOR: http-ana: Properly handle keep-query redirect option if no QS * BUG/MINOR: config/server: reject QUIC addresses * [RELEASE] Released version 3.2.1 * BUG/MINIR: h1: Fix doc of 'accept-unsafe-...-request' about URI parsing * BUG/MEDIUM: fd: Use the provided tgid in fd_insert() to get tgroup_info * BUG/MINOR: quic: Missing SSL session object freeing * BUG/MINOR: config: fix arg number reported on empty arg warning * BUG/MINOR: config: emit warning for empty args only in discovery mode * BUG/MEDIUM: cli: Properly parse empty lines and avoid crashed * BUG/MINOR: mux-spop: Fix null-pointer deref on SPOP stream allocation failure * BUG/MEDIUM: check: Requeue healthchecks on I/O events to handle check timeout * BUG/MAJOR: leastconn: Protect tree_elt with the lbprm lock * DOC: config: Fix a typo in 2.7 (Name format for maps and ACLs) * BUILD: tools: properly define ha_dump_backtrace() to avoid a build warning Remove patches applied by update: 0001-BUG-CRITICAL-mjson-fix-possible-DoS-when-parsing-num.patch 0001-BUG-MEDIUM-applet-Fix-test-on-shut-flags-for-legacy.patch 0001-fix-parsing-frame-type.patch 0001-reject-invalid-token.patch ++++ kernel-default: - mm, shmem: prevent infinite loop on truncate race (CVE-2026-23161 bsc#1258355). - commit 905c137 - mm: prevent poison consumption when splitting THP (CVE-2025-40230 bsc#1254817). - commit 73eef46 - ice: Fix PTP NULL pointer dereference during VSI rebuild (CVE-2026-23210 bsc#1258517). - commit ebccada - mm/memfd: fix information leak in hugetlb folios (CVE-2025-68292 bsc#1255148). - commit ef8df4a - media: dvb-core: fix wrong reinitialization of ringbuffer on reopen (git-fixes). - commit 7808229 ++++ kernel-rt: - mm, shmem: prevent infinite loop on truncate race (CVE-2026-23161 bsc#1258355). - commit 905c137 - mm: prevent poison consumption when splitting THP (CVE-2025-40230 bsc#1254817). - commit 73eef46 - ice: Fix PTP NULL pointer dereference during VSI rebuild (CVE-2026-23210 bsc#1258517). - commit ebccada - mm/memfd: fix information leak in hugetlb folios (CVE-2025-68292 bsc#1255148). - commit ef8df4a - media: dvb-core: fix wrong reinitialization of ringbuffer on reopen (git-fixes). - commit 7808229 ++++ nvidia-open-driver-G06-signed: - updated CUDA variant to version 580.126.20 - supersedes kernel-6.19.patch ------------------------------------------------------------------ ------------------ 2026-2-25 - Feb 25 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mm/shmem, swap: fix race of truncate and swap entry split (CVE-2026-23161 bsc#1258355). - commit d6f1384 - NFS: Fix a deadlock involving nfs_release_folio() (CVE-2026-23053 bsc#1257718). - commit 48b00b3 - nfsd: provide locking for v4_end_grace (git-fixes). - commit 86e35a2 - rxrpc: Fix recvmsg() unconditional requeue (CVE-2026-23066 bsc#1257726). - commit c17a357 - KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (CVE-2025-68810 bsc#1256679). - commit 956c9f9 - KVM: Don't clobber irqfd routing type when deassigning irqfd (CVE-2026-23198 bsc#1258321). - commit 6b20edc ++++ kernel-rt: - mm/shmem, swap: fix race of truncate and swap entry split (CVE-2026-23161 bsc#1258355). - commit d6f1384 - NFS: Fix a deadlock involving nfs_release_folio() (CVE-2026-23053 bsc#1257718). - commit 48b00b3 - nfsd: provide locking for v4_end_grace (git-fixes). - commit 86e35a2 - rxrpc: Fix recvmsg() unconditional requeue (CVE-2026-23066 bsc#1257726). - commit c17a357 - KVM: Disallow toggling KVM_MEM_GUEST_MEMFD on an existing memslot (CVE-2025-68810 bsc#1256679). - commit 956c9f9 - KVM: Don't clobber irqfd routing type when deassigning irqfd (CVE-2026-23198 bsc#1258321). - commit 6b20edc ++++ libsoup: - Add libsoup-CVE-2026-1539.patch: Also remove Proxy-Authorization header on cross origin redirect (bsc#1257441, CVE-2026-1539, glgo#GNOME/libsoup#489). ++++ qemu: - Update to version 10.0.8 Full backport list: https://lore.kernel.org/qemu-devel/20260213060647.200707-1-mjt@tls.msk.ru/ Fixes: bsc#1255400 (CVE-2025-14876) A selection of them is reported here below: scripts/qemugdb: timers: Fix KeyError in 'qemu timers' command linux-user/syscall.c: Prevent acquiring clone_lock while fork() virtio-gpu: fix error handling in virgl_cmd_resource_create_blob virtio-pmem: ignore empty queue notifications virtio-gpu-virgl: correct parent for blob memory region cryptodev-builtin: Limit the maximum size hw/virtio/virtio-crypto: verify asym request size q35: Fix migration of SMRAM state virtio-dmabuf: Ensure UUID persistence for hash table insertion vdpa: fix vhost-vdpa suspended state not be shared hw/i2c/aspeed_i2c: Fix DMA moving data into incorrect address hw/i2c/aspeed: Fix wrong I2CC_DMA_LEN when I2CM_DMA_TX/RX_ADDR set first hw/i2c/aspeed_i2c.c: Add a check for dma_read hw/adc: Fix out-of-bounds write in Aspeed ADC model hw/uefi: fix size negotiation hw/nvme: Fix bootindex suffix use-after-free python: fix msys64 wheel directory specification tests/qtest/ufs-test: Add test for mcq completion queue wraparound hw/ufs: Fix mcq completion queue wraparound hw/ufs: fix CQE endianness and UPIU length hw/ufs: Ensure DBC of PRDT uses only lower 18 bits tests/functional: migrate sbsa_ref test images pc-bios/optionrom: Use 32-bit linker emulation for the optionroms target/i386/tcg: fix a few instructions that do not support VEX.L=1 linux-user: fixup termios2 related things on PowerPC linux-user: Add missing termios baud rates linux-user: Add termios2 support to sparc target linux-user: Add termios2 support to sh4 target linux-user: Add termios2 support to mips target linux-user: Add termios2 support to hppa target linux-user: Add termios2 support to alpha target linux-user: Add termios2 support hw/intc: avoid byte swap fiddling in gicv3 its path bsd-user/syscall_defs.h: define STAT_TIME_T_EXT only for 32 bits bsd-user: Fix __i386__ test for TARGET_HAS_STAT_TIME_T_EXT hw/sd/sdhci: Fix TYPE_IMX_USDHC to implement sd-spec-version 3 by default linux-user/aarch64/target_fcntl.h: add missing TARGET_O_LARGEFILE definition ... - Bugfix: * [openSUSE][RPM] spec: Tie guest-agent supplements to the kernel package (bsc#1257492) ------------------------------------------------------------------ ------------------ 2026-2-24 - Feb 24 2026 ------------------- ------------------------------------------------------------------ ++++ grub2: - Support dm multipath bootlist on PowerPC (bsc#1254415) * 0001-ieee1275-support-dm-multipath-bootlist.patch ++++ kernel-default: - md: suspend array while updating raid_disks via sysfs (CVE-2025-71225, bsc#1258411). - commit 4a185e4 - smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129, CVE-2025-68295). - commit cfb334a - Refresh patches.suse/smb-client-split-cached_fid-bitfields-to-avoid-shared-byte-RMW-rac.patch. - commit 3a3c827 - Refresh and move upstreamed ath12k patch into sorted section - commit 6886361 - HID: apple: Add EPOMAKER TH87 to the non-apple keyboards list (bsc#1258455). - commit 3ef2af3 - btrfs: reject new transactions if the fs is fully read-only (bsc#1258464 CVE-2026-23214). - commit c00b6f5 - btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377 CVE-2026-23141). - commit eb3646e ++++ kernel-rt: - md: suspend array while updating raid_disks via sysfs (CVE-2025-71225, bsc#1258411). - commit 4a185e4 - smb: client: fix memory leak in cifs_construct_tcon() (bsc#1255129, CVE-2025-68295). - commit cfb334a - Refresh patches.suse/smb-client-split-cached_fid-bitfields-to-avoid-shared-byte-RMW-rac.patch. - commit 3a3c827 - Refresh and move upstreamed ath12k patch into sorted section - commit 6886361 - HID: apple: Add EPOMAKER TH87 to the non-apple keyboards list (bsc#1258455). - commit 3ef2af3 - btrfs: reject new transactions if the fs is fully read-only (bsc#1258464 CVE-2026-23214). - commit c00b6f5 - btrfs: send: check for inline extents in range_is_hole_in_parent() (bsc#1258377 CVE-2026-23141). - commit eb3646e ------------------------------------------------------------------ ------------------ 2026-2-23 - Feb 23 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ipv6: Fix use-after-free in inet6_addr_del() (CVE-2026-23010 bsc#1257332). - net: fix memory leak in skb_segment_list for GRO packets (CVE-2026-22979 bsc#1257228). - commit b2654a5 - block,bfq: fix aux stat accumulation destination (git-fixes). - commit 2a3051f - macvlan: observe an RCU grace period in macvlan_common_newlink() error path (CVE-2026-23209 bsc#1258518). - bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691). - macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209 bsc#1258518). - i40e: validate ring_len parameter against hardware-specific values (git-fixes). - net/mlx5: Initialize events outside devlink lock (git-fixes). - commit bbb1b4f - btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635 CVE-2025-71184). - commit 3fff732 - btrfs: tracepoints: use btrfs_root_id() to get the id of a root (bsc#1257635 CVE-2025-71184). - commit 4039cd5 - tee: optee: ffa: fix a typo of "optee_ffa_api_is_compatible" (git-fixes) - commit d36259f - tee: fix memory leak in tee_dyn_shm_alloc_helper (git-fixes) - commit 7a7323a - arm64: Force the use of CNTVCT_EL0 in __delay() (git-fixes) - commit 2e8d443 - arm64: poe: fix stale POR_EL0 values for ptrace (git-fixes) - commit e7cd7ba - arm64: Fix cleared E0POE bit after cpu_suspend()/resume() (git-fixes) - commit ea3dd60 - PCI: Add PCI_BRIDGE_NO_ALIAS quirk for ASPEED AST1150 (bsc#1258672) - commit 63015f7 - PCI: Add ASPEED vendor ID to pci_ids.h (bsc#1258672) - commit c07c434 - rtc: interface: Alarm race handling should not discard preceding error (git-fixes). - commit 142d6d3 ++++ kernel-rt: - ipv6: Fix use-after-free in inet6_addr_del() (CVE-2026-23010 bsc#1257332). - net: fix memory leak in skb_segment_list for GRO packets (CVE-2026-22979 bsc#1257228). - commit b2654a5 - block,bfq: fix aux stat accumulation destination (git-fixes). - commit 2a3051f - macvlan: observe an RCU grace period in macvlan_common_newlink() error path (CVE-2026-23209 bsc#1258518). - bonding: only set speed/duplex to unknown, if getting speed failed (bsc#1253691). - macvlan: fix error recovery in macvlan_common_newlink() (CVE-2026-23209 bsc#1258518). - i40e: validate ring_len parameter against hardware-specific values (git-fixes). - net/mlx5: Initialize events outside devlink lock (git-fixes). - commit bbb1b4f - btrfs: fix NULL dereference on root when tracing inode eviction (bsc#1257635 CVE-2025-71184). - commit 3fff732 - btrfs: tracepoints: use btrfs_root_id() to get the id of a root (bsc#1257635 CVE-2025-71184). - commit 4039cd5 - tee: optee: ffa: fix a typo of "optee_ffa_api_is_compatible" (git-fixes) - commit d36259f - tee: fix memory leak in tee_dyn_shm_alloc_helper (git-fixes) - commit 7a7323a - arm64: Force the use of CNTVCT_EL0 in __delay() (git-fixes) - commit 2e8d443 - arm64: poe: fix stale POR_EL0 values for ptrace (git-fixes) - commit e7cd7ba - arm64: Fix cleared E0POE bit after cpu_suspend()/resume() (git-fixes) - commit ea3dd60 - PCI: Add PCI_BRIDGE_NO_ALIAS quirk for ASPEED AST1150 (bsc#1258672) - commit 63015f7 - PCI: Add ASPEED vendor ID to pci_ids.h (bsc#1258672) - commit c07c434 - rtc: interface: Alarm race handling should not discard preceding error (git-fixes). - commit 142d6d3 ++++ mdadm: - Update to version 4.4+39.g1b34084f: * platform-intel: Deal with hot-unplugged devices (bsc#1258265) * imsm: Fix UEFI backward compatibility for RAID10D4 (bsc#1257009) ------------------------------------------------------------------ ------------------ 2026-2-22 - Feb 22 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - NTB: ntb_transport: Fix too small buffer for debugfs_name (git-fixes). - commit 34f22c7 ++++ kernel-rt: - NTB: ntb_transport: Fix too small buffer for debugfs_name (git-fixes). - commit 34f22c7 ------------------------------------------------------------------ ------------------ 2026-2-21 - Feb 21 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfs: fix UAF in xchk_btree_check_block_owner (CVE-2026-23223 bsc#1258483). - commit 0986f41 - erofs: fix UAF issue for file-backed mounts w/ directio option (CVE-2026-23224 bsc#1258461). - commit 543a001 - spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() (git-fixes). - ASoC: rockchip: i2s-tdm: Use param rate if not provided by set_sysclk (git-fixes). - ASoC: codecs: aw88261: Fix erroneous bitmask logic in Awinic init (git-fixes). - drm/amd/display: Use same max plane scaling limits for all 64 bpp formats (git-fixes). - drm/amd/display: Fix out-of-bounds stream encoder index v3 (git-fixes). - drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify (git-fixes). - drm/amd/display: Reject cursor plane on DCE when scaled differently than primary (git-fixes). - drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (git-fixes). - drm/i915/acpi: free _DSM package when no connectors (git-fixes). - drm/amd: Fix hang on amdgpu unload by using pci_dev_is_disconnected() (git-fixes). - drm/amdgpu: Fix memory leak in amdgpu_ras_init() (git-fixes). - drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() (git-fixes). - drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc() (git-fixes). - drm/amdgpu: ensure no_hw_access is visible before MMIO (git-fixes). - efi: Fix reservation of unaccepted memory table (git-fixes). - commit 05f5344 - ALSA: usb-audio: Use the right limit for PCM OOB check (CVE-2026-23208 bsc#1258468). - ALSA: usb-audio: Prevent excessive number of frames (CVE-2026-23208 bsc#1258468). - commit 9c042c7 ++++ kernel-rt: - xfs: fix UAF in xchk_btree_check_block_owner (CVE-2026-23223 bsc#1258483). - commit 0986f41 - erofs: fix UAF issue for file-backed mounts w/ directio option (CVE-2026-23224 bsc#1258461). - commit 543a001 - spi: wpcm-fiu: Fix potential NULL pointer dereference in wpcm_fiu_probe() (git-fixes). - ASoC: rockchip: i2s-tdm: Use param rate if not provided by set_sysclk (git-fixes). - ASoC: codecs: aw88261: Fix erroneous bitmask logic in Awinic init (git-fixes). - drm/amd/display: Use same max plane scaling limits for all 64 bpp formats (git-fixes). - drm/amd/display: Fix out-of-bounds stream encoder index v3 (git-fixes). - drm/amdgpu: fix sync handling in amdgpu_dma_buf_move_notify (git-fixes). - drm/amd/display: Reject cursor plane on DCE when scaled differently than primary (git-fixes). - drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (git-fixes). - drm/i915/acpi: free _DSM package when no connectors (git-fixes). - drm/amd: Fix hang on amdgpu unload by using pci_dev_is_disconnected() (git-fixes). - drm/amdgpu: Fix memory leak in amdgpu_ras_init() (git-fixes). - drm/amdgpu: Use kvfree instead of kfree in amdgpu_gmc_get_nps_memranges() (git-fixes). - drm/amdgpu: Fix memory leak in amdgpu_acpi_enumerate_xcc() (git-fixes). - drm/amdgpu: ensure no_hw_access is visible before MMIO (git-fixes). - efi: Fix reservation of unaccepted memory table (git-fixes). - commit 05f5344 - ALSA: usb-audio: Use the right limit for PCM OOB check (CVE-2026-23208 bsc#1258468). - ALSA: usb-audio: Prevent excessive number of frames (CVE-2026-23208 bsc#1258468). - commit 9c042c7 ------------------------------------------------------------------ ------------------ 2026-2-20 - Feb 20 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mm/hugetlb: fix hugetlb_pmd_shared() (CVE-2026-23100 bsc#1257817). - commit d857986 - mm/memory-failure: teach kill_accessing_process to accept hugetlb tail page pfn (git-fixes). - commit 70b84af - net: nfc: nci: Fix parameter validation for packet data (git-fixes). - net: usb: catc: enable basic endpoint checking (git-fixes). - atm: fore200e: fix use-after-free in tasklets during device removal (git-fixes). - USB: serial: option: add Telit FN920C04 RNDIS compositions (stable-fixes). - fbdev: smscufx: properly copy ioctl memory to kernelspace (stable-fixes). - bus: fsl-mc: fix use-after-free in driver_override_show() (git-fixes). - ASoC: cs42l43: Correct handling of 3-pole jack load detection (stable-fixes). - drm/amd/display: remove assert around dpp_base replacement (stable-fixes). - drm/amd/display: extend delta clamping logic to CM3 LUT helper (stable-fixes). - platform/x86: classmate-laptop: Add missing NULL pointer checks (stable-fixes). - platform/x86/amd/pmc: Add quirk for MECHREVO Wujie 15X Pro (stable-fixes). - platform/x86: panasonic-laptop: Fix sysfs group leak in error path (stable-fixes). - gpio: sprd: Change sprd_gpio lock to raw_spin_lock (stable-fixes). - drm/tegra: hdmi: sor: Fix error: variable ‘j’ set but not used (stable-fixes). - bus: fsl-mc: Replace snprintf and sprintf with sysfs_emit in sysfs show functions (stable-fixes). - commit b8da8ac ++++ kernel-rt: - mm/hugetlb: fix hugetlb_pmd_shared() (CVE-2026-23100 bsc#1257817). - commit d857986 - mm/memory-failure: teach kill_accessing_process to accept hugetlb tail page pfn (git-fixes). - commit 70b84af - net: nfc: nci: Fix parameter validation for packet data (git-fixes). - net: usb: catc: enable basic endpoint checking (git-fixes). - atm: fore200e: fix use-after-free in tasklets during device removal (git-fixes). - USB: serial: option: add Telit FN920C04 RNDIS compositions (stable-fixes). - fbdev: smscufx: properly copy ioctl memory to kernelspace (stable-fixes). - bus: fsl-mc: fix use-after-free in driver_override_show() (git-fixes). - ASoC: cs42l43: Correct handling of 3-pole jack load detection (stable-fixes). - drm/amd/display: remove assert around dpp_base replacement (stable-fixes). - drm/amd/display: extend delta clamping logic to CM3 LUT helper (stable-fixes). - platform/x86: classmate-laptop: Add missing NULL pointer checks (stable-fixes). - platform/x86/amd/pmc: Add quirk for MECHREVO Wujie 15X Pro (stable-fixes). - platform/x86: panasonic-laptop: Fix sysfs group leak in error path (stable-fixes). - gpio: sprd: Change sprd_gpio lock to raw_spin_lock (stable-fixes). - drm/tegra: hdmi: sor: Fix error: variable ‘j’ set but not used (stable-fixes). - bus: fsl-mc: Replace snprintf and sprintf with sysfs_emit in sysfs show functions (stable-fixes). - commit b8da8ac ++++ libsoup: - Rebase and re-enable libsoup-CVE-2026-2708.patch. - Update to version 3.6.6: + websocket: Fix out-of-bounds read in process_frame + Check nulls returned by soup_date_time_new_from_http_string() + Numerous fixes to handling of Range headers + server: close the connection after responsing a request containing Content-Length and Transfer-Encoding + Use CRLF as line boundary when parsing chunked enconding data + websocket: do not accept messages frames after closing due to an error + Sanitize filename of content disposition header values + Always validate the headers value when coming from untrusted source + uri-utils: do host validation when checking if a GUri is valid + multipart: check length of bytes read soup_filter_input_stream_read_until() + message-headers: Reject duplicate Host headers + server: null-check soup_date_time_to_string() + auth-digest: fix crash in soup_auth_digest_get_protection_space() + session: fix 'heap-use-after-free' caused by 'finishing' queue item twice + cookies: Avoid expires attribute if date is invalid + http1: Set EOF flag once content-length bytes have been read + date-utils: Add value checks for date/time parsing + multipart: Fix multiple boundry limits + Fixed multiple possible memory leaks + message-headers: Correct merge of ranges + body-input-stream: Correct chunked trailers end detection + server-http2: Correctly validate URIs + multipart: Fix read out of buffer bounds under soup_multipart_new_from_message() + headers: Ensure Request-Line comprises entire first line + tests: Fix MSVC build error + Fix possible deadlock on init from gmodule usage + Updated translations. - Drop upstream merged patches: + libsoup-CVE-2025-11021.patch + libsoup-CVE-2025-12105.patch + libsoup-CVE-2025-14523.patch + libsoup-CVE-2025-32907.patch + libsoup-CVE-2025-32908.patch + libsoup-CVE-2025-32914.patch + libsoup-CVE-2025-4476.patch + libsoup-CVE-2025-4945.patch + libsoup-CVE-2025-4948.patch + libsoup-CVE-2025-4969.patch + libsoup-CVE-2026-0716.patch + libsoup-CVE-2026-1536.patch + libsoup-CVE-2026-1761.patch + libsoup-CVE-2026-2369.patch + libsoup-CVE-2026-2443.patch + libsoup-CVE-2026-1467.patch + libsoup-CVE-2026-1760.patch - libsoup-CVE-2026-2708.patch temporarily disabled while we need to rebase it. - Add libsoup-CVE-2026-1467.patch: uri-utils: do host validation when checking if a GUri is valid (bsc#1257398, CVE-2026-1467, glgo#GNOME/libsoup#488). - Add libsoup-CVE-2026-1760.patch: server: close the connection after responsing a request containing... (bsc#1257597, CVE-2026-1760, glgo#GNOME/libsoup#475). ------------------------------------------------------------------ ------------------ 2026-2-19 - Feb 19 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update patches.suse/scsi-Revert-scsi-qla2xxx-Perform-lockless-command-co.patch (git-fixes CVE-2025-68818 bsc#1256675). Add in the CVE and bsc numbers. - commit 421452a - scsi: core: Wake up the error handler when final completions race against each other (CVE-2026-23110 bsc#1257761). - scsi: smartpqi: Fix device resources accessed after device removal (CVE-2025-68371 bsc#1255572). - commit 1b0c2b6 - modpost: Ensure exported symbol namespaces are not quoted (bsc#1258489). - commit 9cb32ea - ACPI: CPPC: Fix remaining for_each_possible_cpu() to use online CPUs (git-fixes). - ACPI: PM: Add unused power resource quirk for THUNDEROBOT ZERO (git-fixes). - powercap: intel_rapl_tpmi: Remove FW_BUG from invalid version check (git-fixes). - PM: sleep: wakeirq: Update outdated documentation comments (git-fixes). - commit baec66c ++++ kernel-rt: - Update patches.suse/scsi-Revert-scsi-qla2xxx-Perform-lockless-command-co.patch (git-fixes CVE-2025-68818 bsc#1256675). Add in the CVE and bsc numbers. - commit 421452a - scsi: core: Wake up the error handler when final completions race against each other (CVE-2026-23110 bsc#1257761). - scsi: smartpqi: Fix device resources accessed after device removal (CVE-2025-68371 bsc#1255572). - commit 1b0c2b6 - modpost: Ensure exported symbol namespaces are not quoted (bsc#1258489). - commit 9cb32ea - ACPI: CPPC: Fix remaining for_each_possible_cpu() to use online CPUs (git-fixes). - ACPI: PM: Add unused power resource quirk for THUNDEROBOT ZERO (git-fixes). - powercap: intel_rapl_tpmi: Remove FW_BUG from invalid version check (git-fixes). - PM: sleep: wakeirq: Update outdated documentation comments (git-fixes). - commit baec66c ++++ libsoup: - Add libsoup-CVE-2026-2708.patch: do not allow adding multiple content length values to headers (bsc#1258508 CVE-2026-2708 glgo#GNOME/libsoup#500). ++++ makedumpfile: - makedumpfile-Fix-data-race-in-multi-threading-mode.patch: Fix a data race in multi-threading mode (--num-threads=N) (bsc#1245569, bsc#1256455). ------------------------------------------------------------------ ------------------ 2026-2-18 - Feb 18 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - kABI: Fixup for struct mmu_gather (Git-fixes). - commit 343900f - mm/hugetlb: fix excessive IPI broadcasts when unsharing PMD tables using mmu_gather (Git-fixes). - commit 3fe2b90 - mm/hugetlb: fix copy_hugetlb_page_range() to use - >pt_share_count (git-fixes). - commit 2c06689 - crypto: af_alg - Fix incorrect boolean values in af_alg_ctx (bsc#1251966 CVE-2025-39964). - commit 5b3134b - gue: Fix skb memleak with inner IP protocol 0 (CVE-2026-23095 bsc#1257808). - commit 858b063 - crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966 CVE-2025-39964). - commit 3cc4362 - dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (CVE-2026-23004 bsc#1257231). - commit 6d23e32 - vsock/virtio: cap TX credit to local buffer size (CVE-2026-23086 bsc#1257757). - commit 2bd0db9 - dmaengine: fsl-edma: don't explicitly disable clocks in .remove() (git-fixes). - dmaengine: mediatek: uart-apdma: Fix above 4G addressing TX/RX (git-fixes). - phy: freescale: imx8qm-hsio: fix NULL pointer dereference (git-fixes). - phy: qcom: edp: Make the number of clocks flexible (git-fixes). - soundwire: intel_ace2x: add SND_HDA_CORE dependency (git-fixes). - usb: dwc2: fix resume failure if dr_mode is host (git-fixes). - usb: dwc3: gadget: Move vbus draw to workqueue context (git-fixes). - usb: gadget: tegra-xudc: Add handling for BLCG_COREPLL_PWRDN (git-fixes). - usb: bdc: fix sleep during atomic (git-fixes). - serial: SH_SCI: improve "DMA support" prompt (git-fixes). - serial: imx: change SERIAL_IMX_CONSOLE to bool (git-fixes). - staging: rtl8723bs: fix null dereference in find_network (git-fixes). - iio: sca3000: Fix a resource leak in sca3000_probe() (git-fixes). - iio: gyro: itg3200: Fix unchecked return value in read_raw (git-fixes). - drivers: iio: mpu3050: use dev_err_probe for regulator request (git-fixes). - iio: accel: adxl380: Avoid reading more entries than present in FIFO (git-fixes). - iio: pressure: mprls0025pa: fix pressure calculation (git-fixes). - iio: pressure: mprls0025pa: fix scan_type struct (git-fixes). - iio: pressure: mprls0025pa: fix interrupt flag (git-fixes). - iio: pressure: mprls0025pa: fix SPI CS delay violation (git-fixes). - iio: pressure: mprls0025pa: fix spi_transfer struct initialisation (git-fixes). - iio: test: drop dangling symbol in gain-time-scale helpers (git-fixes). - interconnect: mediatek: Aggregate bandwidth with saturating add (git-fixes). - interconnect: mediatek: Don't hijack parent device (git-fixes). - fpga: dfl: use subsys_initcall to allow built-in drivers to be added (git-fixes). - serial: caif: fix use-after-free in caif_serial ldisc_close() (git-fixes). - dmaengine: sh: setup_xref error handling (stable-fixes). - commit d3fb21a ++++ kernel-rt: - kABI: Fixup for struct mmu_gather (Git-fixes). - commit 343900f - mm/hugetlb: fix excessive IPI broadcasts when unsharing PMD tables using mmu_gather (Git-fixes). - commit 3fe2b90 - mm/hugetlb: fix copy_hugetlb_page_range() to use - >pt_share_count (git-fixes). - commit 2c06689 - crypto: af_alg - Fix incorrect boolean values in af_alg_ctx (bsc#1251966 CVE-2025-39964). - commit 5b3134b - gue: Fix skb memleak with inner IP protocol 0 (CVE-2026-23095 bsc#1257808). - commit 858b063 - crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg (bsc#1251966 CVE-2025-39964). - commit 3cc4362 - dst: fix races in rt6_uncached_list_del() and rt_del_uncached_list() (CVE-2026-23004 bsc#1257231). - commit 6d23e32 - vsock/virtio: cap TX credit to local buffer size (CVE-2026-23086 bsc#1257757). - commit 2bd0db9 - dmaengine: fsl-edma: don't explicitly disable clocks in .remove() (git-fixes). - dmaengine: mediatek: uart-apdma: Fix above 4G addressing TX/RX (git-fixes). - phy: freescale: imx8qm-hsio: fix NULL pointer dereference (git-fixes). - phy: qcom: edp: Make the number of clocks flexible (git-fixes). - soundwire: intel_ace2x: add SND_HDA_CORE dependency (git-fixes). - usb: dwc2: fix resume failure if dr_mode is host (git-fixes). - usb: dwc3: gadget: Move vbus draw to workqueue context (git-fixes). - usb: gadget: tegra-xudc: Add handling for BLCG_COREPLL_PWRDN (git-fixes). - usb: bdc: fix sleep during atomic (git-fixes). - serial: SH_SCI: improve "DMA support" prompt (git-fixes). - serial: imx: change SERIAL_IMX_CONSOLE to bool (git-fixes). - staging: rtl8723bs: fix null dereference in find_network (git-fixes). - iio: sca3000: Fix a resource leak in sca3000_probe() (git-fixes). - iio: gyro: itg3200: Fix unchecked return value in read_raw (git-fixes). - drivers: iio: mpu3050: use dev_err_probe for regulator request (git-fixes). - iio: accel: adxl380: Avoid reading more entries than present in FIFO (git-fixes). - iio: pressure: mprls0025pa: fix pressure calculation (git-fixes). - iio: pressure: mprls0025pa: fix scan_type struct (git-fixes). - iio: pressure: mprls0025pa: fix interrupt flag (git-fixes). - iio: pressure: mprls0025pa: fix SPI CS delay violation (git-fixes). - iio: pressure: mprls0025pa: fix spi_transfer struct initialisation (git-fixes). - iio: test: drop dangling symbol in gain-time-scale helpers (git-fixes). - interconnect: mediatek: Aggregate bandwidth with saturating add (git-fixes). - interconnect: mediatek: Don't hijack parent device (git-fixes). - fpga: dfl: use subsys_initcall to allow built-in drivers to be added (git-fixes). - serial: caif: fix use-after-free in caif_serial ldisc_close() (git-fixes). - dmaengine: sh: setup_xref error handling (stable-fixes). - commit d3fb21a ------------------------------------------------------------------ ------------------ 2026-2-17 - Feb 17 2026 ------------------- ------------------------------------------------------------------ ++++ containerized-data-importer: - Update to version 1.64.0 Release notes https://github.com/kubevirt/containerized-data-importer/releases/tag/v1.64.0 bsc#1235204 (CVE-2024-28180), bsc#1235365 (CVE-2024-45338), bsc#1239205 (CVE-2025-22868) ++++ kernel-default: - mm/page_alloc: make percpu_pagelist_high_fraction reads lock-free (git-fixes). - commit 2b8ec20 - cgroup: Fix kernfs_node UAF in css_free_rwork_fn (git-fixes). - commit c3b7760 - ALSA: hda: intel-dsp-config: Prefer legacy driver as fallback (stable-fixes). - commit ac8783b - be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (CVE-2026-23084 bsc#1257830). - idpf: fix memory leak in idpf_vport_rel() (CVE-2026-23023 bsc#1257556). - commit 63e3066 - leds: qcom-lpg: Check the return value of regmap_bulk_write() (git-fixes). - backlight: qcom-wled: Change PM8950 WLED configurations (git-fixes). - backlight: qcom-wled: Support ovp values for PMI8994 (git-fixes). - mfd: omap-usb-host: Fix OF populate on driver rebind (git-fixes). - mfd: qcom-pm8xxx: Fix OF populate on driver rebind (git-fixes). - mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure (git-fixes). - mfd: core: Add locking around 'mfd_of_node_list' (git-fixes). - mfd: tps6105x: Fix kernel-doc warnings relating to the core struct and tps6105x_mode (git-fixes). - Revert "mfd: da9052-spi: Change read-mask to write-mask" (stable-fixes). - pinctrl: single: fix refcount leak in pcs_add_gpio_func() (git-fixes). - pinctrl: qcom: sm8250-lpass-lpi: Fix i2s2_data_groups definition (git-fixes). - pinctrl: equilibrium: Fix device node reference leak in pinbank_init() (git-fixes). - Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB (stable-fixes). - commit 8fe4d9c ++++ kernel-rt: - mm/page_alloc: make percpu_pagelist_high_fraction reads lock-free (git-fixes). - commit 2b8ec20 - cgroup: Fix kernfs_node UAF in css_free_rwork_fn (git-fixes). - commit c3b7760 - ALSA: hda: intel-dsp-config: Prefer legacy driver as fallback (stable-fixes). - commit ac8783b - be2net: Fix NULL pointer dereference in be_cmd_get_mac_from_list (CVE-2026-23084 bsc#1257830). - idpf: fix memory leak in idpf_vport_rel() (CVE-2026-23023 bsc#1257556). - commit 63e3066 - leds: qcom-lpg: Check the return value of regmap_bulk_write() (git-fixes). - backlight: qcom-wled: Change PM8950 WLED configurations (git-fixes). - backlight: qcom-wled: Support ovp values for PMI8994 (git-fixes). - mfd: omap-usb-host: Fix OF populate on driver rebind (git-fixes). - mfd: qcom-pm8xxx: Fix OF populate on driver rebind (git-fixes). - mfd: arizona: Fix regulator resource leak on wm5102_clear_write_sequencer() failure (git-fixes). - mfd: core: Add locking around 'mfd_of_node_list' (git-fixes). - mfd: tps6105x: Fix kernel-doc warnings relating to the core struct and tps6105x_mode (git-fixes). - Revert "mfd: da9052-spi: Change read-mask to write-mask" (stable-fixes). - pinctrl: single: fix refcount leak in pcs_add_gpio_func() (git-fixes). - pinctrl: qcom: sm8250-lpass-lpi: Fix i2s2_data_groups definition (git-fixes). - pinctrl: equilibrium: Fix device node reference leak in pinbank_init() (git-fixes). - Bluetooth: btusb: Add USB ID 7392:e611 for Edimax EW-7611UXB (stable-fixes). - commit 8fe4d9c ------------------------------------------------------------------ ------------------ 2026-2-16 - Feb 16 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Input: stmfts - make comments correct (git-fixes). - Input: stmfts - correct wording for the warning message (git-fixes). - clk: qcom: gfx3d: add parent to parent request map (git-fixes). - clk: qcom: dispcc-sdm845: Enable parents for pixel clocks (git-fixes). - clk: qcom: gcc-msm8917: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes). - clk: qcom: gcc-msm8953: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes). - clk: qcom: gcc-sm8450: Update the SDCC RCGs to use shared_floor_ops (git-fixes). - clk: qcom: rcg2: compute 2d using duty fraction directly (git-fixes). - clk: qcom: gcc-sm8550: Use floor ops for SDCC RCGs (git-fixes). - clk: mediatek: Fix error handling in runtime PM setup (git-fixes). - clk: meson: g12a: Limit the HDMI PLL OD to /4 (git-fixes). - clk: meson: gxbb: Limit the HDMI PLL OD to /4 on GXL/GXM SoCs (git-fixes). - clk: tegra: tegra124-emc: Fix potential memory leak in tegra124_clk_register_emc() (git-fixes). - clk: tegra: tegra124-emc: fix device leak on set_rate() (git-fixes). - clk: clk-apple-nco: Add "apple,t8103-nco" compatible (git-fixes). - clk: renesas: rzg2l: Select correct div round macro (git-fixes). - clk: renesas: rzg2l: Fix intin variable size (git-fixes). - fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe() (git-fixes). - fbdev: of_display_timing: Fix device node reference leak in of_get_display_timings() (git-fixes). - fbdev: of: display_timing: fix refcount leak in of_get_display_timings() (git-fixes). - fbdev: vt8500lcdfb: fix missing dma_free_coherent() (git-fixes). - fbcon: check return value of con2fb_acquire_newinfo() (git-fixes). - fbdev: rivafb: fix divide error in nv3_arb() (git-fixes). - rpmsg: core: fix race in driver_override_show() and use core helper (git-fixes). - commit 8244124 - Update "drm/mgag200: fix mgag200_bmc_stop_scanout()" bug number (bsc#1258153) - commit cbe6f46 ++++ kernel-rt: - Input: stmfts - make comments correct (git-fixes). - Input: stmfts - correct wording for the warning message (git-fixes). - clk: qcom: gfx3d: add parent to parent request map (git-fixes). - clk: qcom: dispcc-sdm845: Enable parents for pixel clocks (git-fixes). - clk: qcom: gcc-msm8917: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes). - clk: qcom: gcc-msm8953: Remove ALWAYS_ON flag from cpp_gdsc (git-fixes). - clk: qcom: gcc-sm8450: Update the SDCC RCGs to use shared_floor_ops (git-fixes). - clk: qcom: rcg2: compute 2d using duty fraction directly (git-fixes). - clk: qcom: gcc-sm8550: Use floor ops for SDCC RCGs (git-fixes). - clk: mediatek: Fix error handling in runtime PM setup (git-fixes). - clk: meson: g12a: Limit the HDMI PLL OD to /4 (git-fixes). - clk: meson: gxbb: Limit the HDMI PLL OD to /4 on GXL/GXM SoCs (git-fixes). - clk: tegra: tegra124-emc: Fix potential memory leak in tegra124_clk_register_emc() (git-fixes). - clk: tegra: tegra124-emc: fix device leak on set_rate() (git-fixes). - clk: clk-apple-nco: Add "apple,t8103-nco" compatible (git-fixes). - clk: renesas: rzg2l: Select correct div round macro (git-fixes). - clk: renesas: rzg2l: Fix intin variable size (git-fixes). - fbdev: au1200fb: Fix a memory leak in au1200fb_drv_probe() (git-fixes). - fbdev: of_display_timing: Fix device node reference leak in of_get_display_timings() (git-fixes). - fbdev: of: display_timing: fix refcount leak in of_get_display_timings() (git-fixes). - fbdev: vt8500lcdfb: fix missing dma_free_coherent() (git-fixes). - fbcon: check return value of con2fb_acquire_newinfo() (git-fixes). - fbdev: rivafb: fix divide error in nv3_arb() (git-fixes). - rpmsg: core: fix race in driver_override_show() and use core helper (git-fixes). - commit 8244124 - Update "drm/mgag200: fix mgag200_bmc_stop_scanout()" bug number (bsc#1258153) - commit cbe6f46 ------------------------------------------------------------------ ------------------ 2026-2-14 - Feb 14 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - crypto: ccp - Add an S4 restore flow (git-fixes). - crypto: ccp - Declare PSP dead if PSP_CMD_TEE_RING_INIT fails (git-fixes). - tools/power/x86/intel-speed-select: Fix file descriptor leak in isolate_cpus() (git-fixes). - platform/x86: ISST: Add missing write block check (git-fixes). - mtd: rawnand: pl353: Fix software ECC support (git-fixes). - mtd: spinand: Disable continuous read during probe (git-fixes). - mtd: spinand: Fix kernel doc (git-fixes). - mtd: rawnand: cadence: Fix return type of CDMA send-and-wait helper (git-fixes). - mtd: parsers: ofpart: fix OF node refcount leak in parse_fixed_partitions() (git-fixes). - mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse() (git-fixes). - commit 8b24802 ++++ kernel-rt: - crypto: ccp - Add an S4 restore flow (git-fixes). - crypto: ccp - Declare PSP dead if PSP_CMD_TEE_RING_INIT fails (git-fixes). - tools/power/x86/intel-speed-select: Fix file descriptor leak in isolate_cpus() (git-fixes). - platform/x86: ISST: Add missing write block check (git-fixes). - mtd: rawnand: pl353: Fix software ECC support (git-fixes). - mtd: spinand: Disable continuous read during probe (git-fixes). - mtd: spinand: Fix kernel doc (git-fixes). - mtd: rawnand: cadence: Fix return type of CDMA send-and-wait helper (git-fixes). - mtd: parsers: ofpart: fix OF node refcount leak in parse_fixed_partitions() (git-fixes). - mtd: parsers: Fix memory leak in mtd_parser_tplink_safeloader_parse() (git-fixes). - commit 8b24802 ++++ libsoup: - Add more CVE fixes: + libsoup-CVE-2025-32049.patch (bsc#1240751 CVE-2025-32049 glgo#GNOME/libsoup#390) + libsoup-CVE-2026-2443.patch (bsc#1258170 CVE-2026-2443 glgo#GNOME/libsoup#487) + libsoup-CVE-2026-2369.patch (bsc#1258120 CVE-2026-2369 glgo#GNOME/libsoup!508) ------------------------------------------------------------------ ------------------ 2026-2-13 - Feb 13 2026 ------------------- ------------------------------------------------------------------ ++++ busybox: - Fix arbitrary file overwrite and potential code execution via incomplete path sanitization (CVE-2026-26157, bsc#1258163), fix arbitrary file modification and privilege escalation via unvalidated tar archive entries (CVE-2026-26158, bsc#1258167) * 0001-tar-strip-unsafe-hardlink-components-GNU-tar-does-th.patch * 0002-tar-only-strip-unsafe-components-from-hardlinks-not-.patch ++++ kernel-default: - rtmutex_api: provide correct extern functions (git-fixes). - commit 351d966 - kabi/severities: Ignore tdx related APIs Changing struct tdx_vp causes various tdh_* apis to also change. In our kernel those are EXPORT_SYMBOL_GPL while in the upstream kernel they are EXPORT_SYMBOL_FOR_KVM, meaning the original intent was for those symbol to be consumed only by KVM. So let's add those symbol to severities and exclude them from ABI checking. - commit 48755cb - KVM: Rename kvm_slot_can_be_private() to kvm_slot_has_gmem() (git-fixes). - commit 6c28814 - KVM: x86: Enable KVM_GUEST_MEMFD for all 64-bit builds (git-fixes). - commit 6b4e8db - KVM: Rename CONFIG_KVM_GENERIC_PRIVATE_MEM to CONFIG_HAVE_KVM_ARCH_GMEM_POPULATE (git-fixes). - commit 666f7db - ice: fix devlink reload call trace (CVE-2026-23104 bsc#1257763). - net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (CVE-2026-23035 bsc#1257559). - idpf: fix aux device unplugging when rdma is not supported by vport (CVE-2026-23042 bsc#1257705). - idpf: fix memory leak of flow steer list on rmmod (CVE-2026-23024 bsc#1257572). - idpf: fix error handling in the init_task on load (CVE-2026-23017 bsc#1257552). - idpf: fix memory leak in idpf_vc_core_deinit() (CVE-2026-23022 bsc#1257581). - commit 0686561 - KVM: Rename CONFIG_KVM_PRIVATE_MEM to CONFIG_KVM_GUEST_MEMFD (git-fixes). - commit 0ae9ca0 - power: supply: qcom_battmgr: Recognize "LiP" as lithium-polymer (git-fixes). - power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler (git-fixes). - power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed() (git-fixes). - power: supply: bq27xxx: fix wrong errno when bus ops are unsupported (git-fixes). - power: reset: nvmem-reboot-mode: respect cell size for nvmem_cell_write (git-fixes). - power: supply: sbs-battery: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: rt9455: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: pm8916_lbc: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: pm8916_bms_vm: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: goldfish: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: cpcap-battery: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: bq25980: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: bq256xx: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: act8945a: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: ab8500: Fix use-after-free in power_supply_changed() (git-fixes). - ata: pata_ftide010: Fix some DMA timings (git-fixes). - rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() (git-fixes). - commit f9b5687 ++++ kernel-rt: - rtmutex_api: provide correct extern functions (git-fixes). - commit 351d966 - kabi/severities: Ignore tdx related APIs Changing struct tdx_vp causes various tdh_* apis to also change. In our kernel those are EXPORT_SYMBOL_GPL while in the upstream kernel they are EXPORT_SYMBOL_FOR_KVM, meaning the original intent was for those symbol to be consumed only by KVM. So let's add those symbol to severities and exclude them from ABI checking. - commit 48755cb - KVM: Rename kvm_slot_can_be_private() to kvm_slot_has_gmem() (git-fixes). - commit 6c28814 - KVM: x86: Enable KVM_GUEST_MEMFD for all 64-bit builds (git-fixes). - commit 6b4e8db - KVM: Rename CONFIG_KVM_GENERIC_PRIVATE_MEM to CONFIG_HAVE_KVM_ARCH_GMEM_POPULATE (git-fixes). - commit 666f7db - ice: fix devlink reload call trace (CVE-2026-23104 bsc#1257763). - net/mlx5e: Pass netdev to mlx5e_destroy_netdev instead of priv (CVE-2026-23035 bsc#1257559). - idpf: fix aux device unplugging when rdma is not supported by vport (CVE-2026-23042 bsc#1257705). - idpf: fix memory leak of flow steer list on rmmod (CVE-2026-23024 bsc#1257572). - idpf: fix error handling in the init_task on load (CVE-2026-23017 bsc#1257552). - idpf: fix memory leak in idpf_vc_core_deinit() (CVE-2026-23022 bsc#1257581). - commit 0686561 - KVM: Rename CONFIG_KVM_PRIVATE_MEM to CONFIG_KVM_GUEST_MEMFD (git-fixes). - commit 0ae9ca0 - power: supply: qcom_battmgr: Recognize "LiP" as lithium-polymer (git-fixes). - power: supply: pm8916_lbc: Fix use-after-free for extcon in IRQ handler (git-fixes). - power: supply: wm97xx: Fix NULL pointer dereference in power_supply_changed() (git-fixes). - power: supply: bq27xxx: fix wrong errno when bus ops are unsupported (git-fixes). - power: reset: nvmem-reboot-mode: respect cell size for nvmem_cell_write (git-fixes). - power: supply: sbs-battery: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: rt9455: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: pm8916_lbc: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: pm8916_bms_vm: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: goldfish: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: cpcap-battery: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: bq25980: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: bq256xx: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: act8945a: Fix use-after-free in power_supply_changed() (git-fixes). - power: supply: ab8500: Fix use-after-free in power_supply_changed() (git-fixes). - ata: pata_ftide010: Fix some DMA timings (git-fixes). - rapidio: replace rio_free_net() with kfree() in rio_scan_alloc_net() (git-fixes). - commit f9b5687 ++++ libxml2: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) * Add patch libxml2-CVE-2026-0990.patch - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) * Add patch libxml2-CVE-2026-0992.patch - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) * Add patch libxml2-CVE-2025-8732.patch ++++ libxml2-python: - CVE-2026-0990: call stack overflow leading to application crash due to infinite recursion in `xmlCatalogXMLResolveURI` (bsc#1256807, bsc#1256811) * Add patch libxml2-CVE-2026-0990.patch - CVE-2026-0992: excessive resource consumption when processing XML catalogs due to exponential behavior when handling `` elements (bsc#1256808, bsc#1256809, bsc#1256812) * Add patch libxml2-CVE-2026-0992.patch - CVE-2025-8732: infinite recursion in catalog parsing functions when processing malformed SGML catalog files (bsc#1247858, bsc#1247850) * Add patch libxml2-CVE-2025-8732.patch ------------------------------------------------------------------ ------------------ 2026-2-12 - Feb 12 2026 ------------------- ------------------------------------------------------------------ ++++ haproxy: - (bsc#1257976)VUL-0: CVE-2026-26081, CVE-2026-26080: haproxy: vulnerabilities on QUIC Apply upstream patches: 0001-fix-parsing-frame-type.patch 0001-reject-invalid-token.patch ++++ kernel-default: - KABI: fix "Revert-dm-fix-a-race-condition-in-retrieve_deps.patch" (git-fixes). - commit 53fd79b - net/sched: act_ife: avoid possible NULL deref (CVE-2026-23064 bsc#1257765). - selftests/tc-testing: Try to add teql as a child qdisc (CVE-2026-23105 bsc#1257775). - net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (CVE-2026-23105 bsc#1257775). - commit 3ff4470 - Revert "dm: fix a race condition in retrieve_deps" (git-fixes). - commit e64c40a - Refresh sorted patches. - commit 3b39938 - RISC-V: KVM: use kvm_trylock_all_vcpus when locking all vCPUs (git-fixes). - commit 292c30b - KVM: arm64: use kvm_trylock_all_vcpus when locking all vCPUs (git-fixes). - commit 45ee0a5 - KVM: add kvm_lock_all_vcpus and kvm_trylock_all_vcpus (git-fixes). - commit f8807d7 - x86: KVM: SVM: use kvm_lock_all_vcpus instead of a custom implementation (git-fixes). - commit 27b7fd9 - locking/mutex: implement mutex_lock_killable_nest_lock (git-fixes). - commit c11266f - locking/mutex: implement mutex_trylock_nested (git-fixes). - commit 4df10c6 - KVM: TDX: Use struct_size to simplify tdx_get_capabilities() (git-fixes). - commit 1f75b03 - KVM: TDX: Check size of user's kvm_tdx_capabilities array before allocating (git-fixes). - commit 319fd02 - KVM: TDX: Fix sparse warnings from using 0 for NULL (git-fixes). - commit 3438716 - KVM: TDX: Remove __user annotation from kernel pointer (git-fixes). - commit f5a4acb - KVM: TDX: Take MMU lock around tdh_vp_init() (git-fixes). - commit 3b6a5f3 - KVM: TDX: Fix list_add corruption during vcpu_load() (git-fixes). - commit fcf6177 - KVM: TDX: Bug the VM if extending the initial measurement fails (git-fixes). - commit 056ce6c - KVM: TDX: Guard VM state transitions with "all" the locks (git-fixes). - commit 6fc029e - KVM: TDX: Don't copy "cmd" back to userspace for KVM_TDX_CAPABILITIES (git-fixes). - commit a1cf957 - KVM: TDX: Use guard() to acquire kvm->lock in tdx_vm_ioctl() (git-fixes). - commit 53cbd86 - KVM: TDX: Convert INIT_MEM_REGION and INIT_VCPU to "unlocked" vCPU ioctl (git-fixes). - commit 33e9280 - KVM: TDX: Add tdx_get_cmd() helper to get and validate sub-ioctl command (git-fixes). - commit db2e487 - KVM: TDX: Add macro to retry SEAMCALLs when forcing vCPUs out of guest (git-fixes). - commit f789249 - KVM: TDX: Assert that mmu_lock is held for write when removing S-EPT entries (git-fixes). - commit 5c9b28f - KVM: TDX: Derive error argument names from the local variable names (git-fixes). - commit e750b72 - KVM: TDX: Combine KVM_BUG_ON + pr_tdx_error() into TDX_BUG_ON() (git-fixes). - commit d2a9d32 - KVM: TDX: Fold tdx_sept_zap_private_spte() into tdx_sept_remove_private_spte() (git-fixes). - commit 8fa4208 - KVM: TDX: ADD pages to the TD image while populating mirror EPT entries (git-fixes). - commit 05e82a8 - KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller (git-fixes). - commit cc267d2 - KVM: TDX: Use atomic64_dec_return() instead of a poor equivalent (git-fixes). - commit 794f48a - KVM: TDX: Avoid a double-KVM_BUG_ON() in tdx_sept_zap_private_spte() (git-fixes). - commit 8899368 - KVM: TDX: WARN if mirror SPTE doesn't have full RWX when creating S-EPT mapping (git-fixes). - commit d132554 - KVM: x86/mmu: Drop the return code from kvm_x86_ops.remove_external_spte() (git-fixes). - commit 2570719 - KVM: TDX: Fold tdx_sept_drop_private_spte() into tdx_sept_remove_private_spte() (git-fixes). - commit 83ec6b9 - KVM: TDX: Return -EIO, not -EINVAL, on a KVM_BUG_ON() condition (git-fixes). - commit ebb64f7 - KVM: TDX: Drop superfluous page pinning in S-EPT management (git-fixes). - commit 5eced3b - KVM: x86/mmu: Rename kvm_tdp_map_page() to kvm_tdp_page_prefault() (git-fixes). - commit 11c9e24 - KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708, CVE-2025-71104). - commit 8d2aab2 - migrate: correct lock ordering for hugetlb file folios (CVE-2026-23097 bsc#1257815). - commit 30b8633 - vsock/virtio: Coalesce only linear skb (bsc#1257740, CVE-2026-23057). - commit 310c89d - wifi: ath10k: sdio: add missing lock protection in ath10k_sdio_fw_crashed_dump() (git-fixes). - wifi: ath9k: fix kernel-doc warnings in common-debug.h (git-fixes). - wifi: ath9k: debug.h: fix kernel-doc bad lines and struct ath_tx_stats (git-fixes). - wifi: cfg80211: stop NAN and P2P in cfg80211_leave (git-fixes). - wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add (git-fixes). - wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() (git-fixes). - wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes). - PCI: mediatek: Fix IRQ domain leak when MSI allocation fails (git-fixes). - PCI: dwc: Fix msg_atu_index assignment (git-fixes). - Revert "PCI: qcom: Enable MSI interrupts together with Link up if 'Global IRQ' is supported" (stable-fixes). - PCI: Add ACS quirk for Pericom PI7C9X2G404 switches [12d8:b404] (git-fixes). - PCI: Fix pci_slot_trylock() error handling (git-fixes). - PCI: Use resource_set_range() that correctly sets ->end (git-fixes). - PCI/portdrv: Fix potential resource leak (git-fixes). - PCI/PM: Avoid redundant delays on D3hot->D3cold (git-fixes). - PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails (git-fixes). - PCI/IOV: Fix race between SR-IOV enable/disable and hotplug (git-fixes). - Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" (git-fixes). - PCI/ACPI: Restrict program_hpx_type2() to AER bits (git-fixes). - PCI: Initialize RCB from pci_configure_device() (git-fixes). - PCI: Check parent for NULL in of_pci_bus_release_domain_nr() (git-fixes). - PCI: Mark 3ware-9650SA Root Port Extended Tags as broken (git-fixes). - PCI: Do not attempt to set ExtTag for VFs (git-fixes). - PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions (git-fixes). - PCI: endpoint: Avoid creating sub-groups asynchronously (git-fixes). - regulator: core: move supply check earlier in set_machine_constraints() (git-fixes). - regulator: core: fix locking in regulator_resolve_supply() error path (git-fixes). - platform/chrome: cros_ec_lightbar: Fix response size initialization (git-fixes). - platform/chrome: cros_typec_switch: Don't touch struct fwnode_handle::dev (git-fixes). - soc: rockchip: grf: Support multiple grf to be handled (git-fixes). - soc: rockchip: grf: Fix wrong RK3576_IOCGRF_MISC_CON definition (git-fixes). - reset: gpio: suppress bind attributes in sysfs (git-fixes). - soc: mediatek: svs: Fix memory leak in svs_enable_debug_write() (git-fixes). - soc: qcom: cmd-db: Use devm_memremap() to fix memory leak in cmd_db_dev_probe (git-fixes). - soc: qcom: smem: handle ENOMEM error during probe (git-fixes). - soc: ti: pruss: Fix double free in pruss_clk_mux_setup() (git-fixes). - soc: ti: k3-socinfo: Fix regmap leak on probe failure (git-fixes). - spi: hisi-kunpeng: Fixed the wrong debugfs node name in hisi_spi debugfs initialization (stable-fixes). - regmap: maple: free entry on mas_store_gfp() failure (stable-fixes). - wifi: mac80211: don't increment crypto_tx_tailroom_needed_cnt twice (stable-fixes). - wifi: mac80211: correctly check if CSA is active (stable-fixes). - wifi: cfg80211: Fix bitrate calculation overflow for HE rates (stable-fixes). - wifi: mac80211: collect station statistics earlier when disconnect (stable-fixes). - wifi: mac80211: ocb: skip rx_no_sta when interface is not joined (stable-fixes). - wifi: wlcore: ensure skb headroom before skb_push (stable-fixes). - commit 6474bb4 - nfc: hci: shdlc: Stop timers and work before freeing context (git-fixes). - of: unittest: fix possible null-pointer dereferences in of_unittest_property_copy() (git-fixes). - media: uvcvideo: Fix allocation for small frame sizes (git-fixes). - media: verisilicon: AV1: Fix tile info buffer size (git-fixes). - media: venus: vdec: restrict EOS addr quirk to IRIS2 only (git-fixes). - media: venus: vdec: fix error state assignment for zero bytesused (git-fixes). - media: i2c: ov01a10: Fix digital gain range (git-fixes). - media: stm32: dcmipp: bytecap: clear all interrupts upon stream stop (git-fixes). - media: ccs: Accommodate C-PHY into the calculation (git-fixes). - media: ipu6: Fix RPM reference leak in probe error paths (git-fixes). - media: ipu6: Fix typo and wrong constant in ipu6-mmu.c (git-fixes). - media: dw9714: Fix powerup sequence (git-fixes). - media: i2c: ov5647: use our own mutex for the ctrl lock (git-fixes). - media: ccs: Fix setting initial sub-device state (git-fixes). - media: i2c: ov5647: Fix PIXEL_RATE value for VGA mode (git-fixes). - media: i2c: ov5647: Sensor should report RAW color space (git-fixes). - media: i2c: ov5647: Correct minimum VBLANK value (git-fixes). - media: i2c: ov5647: Correct pixel array offset (git-fixes). - media: i2c: ov5647: Initialize subdev before controls (git-fixes). - media: ccs: Avoid possible division by zero (git-fixes). - media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes). - media: i2c: ov01a10: Fix test-pattern disabling (git-fixes). - media: i2c: ov01a10: Fix passing stream instead of pad to v4l2_subdev_state_get_format() (git-fixes). - media: i2c: ov01a10: Add missing v4l2_subdev_cleanup() calls (git-fixes). - media: i2c: ov01a10: Fix analogue gain range (git-fixes). - media: i2c: ov01a10: Fix reported pixel-rate value (git-fixes). - media: i2c: ov01a10: Fix the horizontal flip control (git-fixes). - media: i2c/tw9906: Fix potential memory leak in tw9906_probe() (git-fixes). - media: i2c/tw9903: Fix potential memory leak in tw9903_probe() (git-fixes). - media: cx25821: Add missing unmap in snd_cx25821_hw_params() (git-fixes). - media: cx23885: Add missing unmap in snd_cx23885_hw_params() (git-fixes). - media: cx88: Add missing unmap in snd_cx88_hw_params() (git-fixes). - media: radio-keene: fix memory leak in error path (git-fixes). - media: tegra-video: Fix memory leak in __tegra_channel_try_format() (git-fixes). - media: verisilicon: AV1: Set IDR flag for intra_only frame type (git-fixes). - media: rockchip: rga: Fix possible ERR_PTR dereference in rga_buf_init() (git-fixes). - media: amphion: Drop min_queued_buffers assignment (git-fixes). - media: verisilicon: AV1: Fix tx mode bit setting (git-fixes). - media: verisilicon: AV1: Fix enable cdef computation (git-fixes). - media: chips-media: wave5: Fix memory leak on codec_info allocation failure (git-fixes). - media: chips-media: wave5: Fix device cleanup order to prevent kernel panic (git-fixes). - media: chips-media: wave5: Fix kthread worker destruction in polling mode (git-fixes). - media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() (git-fixes). - media: mtk-mdp: Fix error handling in probe function (git-fixes). - media: mediatek: encoder: Fix uninitialized scalar variable issue (git-fixes). - HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients (git-fixes). - HID: hid-pl: handle probe errors (git-fixes). - HID: playstation: Add missing check for input_ff_create_memless (git-fixes). - hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race (git-fixes). - memory: mtk-smi: fix device leak on larb probe (git-fixes). - memory: mtk-smi: fix device leaks on common probe (git-fixes). - HID: logitech: add HID++ support for Logitech MX Anywhere 3S (stable-fixes). - HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101) (stable-fixes). - HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() (stable-fixes). - HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list (stable-fixes). - HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL (stable-fixes). - net: usb: sr9700: support devices with virtual driver CD (stable-fixes). - commit 2d30005 - scsi: qla2xxx: edif: Fix dma_free_coherent() size (git-fixes). - scsi: qla2xxx: Sanitize payload size to prevent member overflow (git-fixes). - scsi: qla2xxx: Enable/disable IRQD_NO_BALANCING during reset (git-fixes). - scsi: qla2xxx: target: Improve safety of cmd lookup by handle (git-fixes). - scsi: qla2xxx: target: Add back SRR support (git-fixes). - scsi: qla2xxx: target: Improve cmd logging (git-fixes). - scsi: qla2xxx: target: Add cmd->rsp_sent (git-fixes). - scsi: qla2xxx: target: Fix invalid memory access with big CDBs (git-fixes). - scsi: qla2xxx: Fix TMR failure handling (git-fixes). - scsi: qla2xxx: target: Improve checks in qlt_xmit_response() / qlt_rdy_to_xfer() (git-fixes). - scsi: qla2xxx: target: Fix races with aborting commands (git-fixes). - scsi: qla2xxx: Clear cmds after chip reset (CVE-2025-68745 bsc#1255721 git-fixes). - scsi: qla2xxx: target: Fix term exchange when cmd_sent_to_fw == 1 (git-fixes). - scsi: qla2xxx: target: Improve debug output for term exchange (git-fixes). - scsi: qla2xxx: target: Remove code for unsupported hardware (git-fixes). - scsi: qla2xxx: Use reinit_completion on mbx_intr_comp (git-fixes). - scsi: qla2xxx: Fix lost interrupts with qlini_mode=disabled (git-fixes). - scsi: qla2xxx: Fix initiator mode with qlini_mode=exclusive (git-fixes). - scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" (git-fixes). - commit c2959d9 - drm/xe: Unregister drm device on probe error (git-fixes). - drm/msm/a2xx: fix pixel shader start on A225 (git-fixes). - drm/msm/dpu: fix CMD panels on DPU 1.x - 3.x (git-fixes). - drm/msm/dpu: drop intr_start from DPU 3.x catalog files (git-fixes). - drm/msm/disp: set num_planes to 1 for interleaved YUV formats (git-fixes). - drm/msm/dpu: fix WD timer handling on DPU 8.x (git-fixes). - drm/msm/dpu: Set vsync source irrespective of mdp top support (git-fixes). - drm/bridge: anx7625: Fix invalid EDID size (git-fixes). - drm/buddy: Prevent BUG_ON by validating rounded allocation (git-fixes). - drm/tegra: dsi: fix device leak on probe (git-fixes). - drm/amdkfd: Fix signal_eviction_fence() bool return value (git-fixes). - drm/amd: Drop "amdgpu kernel modesetting enabled" message (git-fixes). - drm/tests: shmem: Swap names of export tests (git-fixes). - drm/panthor: Evict groups before VM termination (git-fixes). - drm/panel: sw43408: Remove manual invocation of unprepare at remove (git-fixes). - drm/panthor: Make sure we resume the tick when new jobs are submitted (git-fixes). - drm/panthor: Fix the logic that decides when to stop ticking (git-fixes). - drm/panthor: Fix immediate ticking on a disabled tick (git-fixes). - drm/panthor: Fix the group priority rotation logic (git-fixes). - drm/panthor: Fix the full_tick check (git-fixes). - drm/panthor: Recover from panthor_gpu_flush_caches() failures (git-fixes). - firmware: arm_ffa: Correct 32-bit response handling in NOTIFICATION_INFO_GET (git-fixes). - drm/xe/pm: Disable D3Cold for BMG only on specific platforms (git-fixes). - drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (stable-fixes). - HID: intel-ish-hid: Reset enum_devices_done before enumeration (stable-fixes). - HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes). - HID: playstation: Center initial joystick axes to prevent spurious events (stable-fixes). - gpiolib-acpi: Update file references in the Documentation and MAINTAINERS (git-fixes). - commit bfdede0 - PCI: qcom: Remove ASPM L0s support for MSM8996 SoC (git-fixes). - PCI/ERR: Ensure error recoverability at all times (git-fixes). - commit 64dc0df - ALSA: hda/realtek: Add quirk for Acer Nitro AN517-55 (stable-fixes). - Refresh patches.suse/ALSA-hda-realtek-Enable-headset-mic-for-Acer-Nitro-5.patch. - commit dcc35f0 - Documentation: PCI: endpoint: Fix ntb/vntb copy & paste errors (git-fixes). - ASoC: amd: drop unused Kconfig symbols (git-fixes). - ASoC: pxa: drop unused Kconfig symbol (git-fixes). - ASoC: SOF: ipc4-control: Keep the payload size up to date (git-fixes). - ASoC: SOF: ipc4-control: Use the correct size for scontrol->ipc_control_data (git-fixes). - ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls (git-fixes). - ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes). - bus: fsl-mc: fix an error handling in fsl_mc_device_add() (git-fixes). - bus: omap-ocp2scp: fix OF populate on driver rebind (git-fixes). - clk: qcom: Return correct error code in qcom_cc_probe_by_index() (git-fixes). - ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU (git-fixes). - ALSA: hda/realtek: ALC269 fixup for Lenovo Yoga Book 9i 13IRU8 audio (stable-fixes). - ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU (stable-fixes). - ASoC: tlv320adcx140: Propagate error codes during probe (stable-fixes). - ASoC: amd: yc: Fix microphone on ASUS M6500RE (stable-fixes). - ASoC: davinci-evm: Fix reference leak in davinci_evm_probe (stable-fixes). - ASoC: simple-card-utils: Check device node before overwrite direction (stable-fixes). - ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk (stable-fixes). - ALSA: hda/realtek: enable woofer speakers on Medion NM14LNL (stable-fixes). - drm/xe/pm: Also avoid missing outer rpm warning on system suspend (stable-fixes). - commit 85b3e2d - nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (CVE-2026-22998 bsc#1257209). - commit f6350b1 - KVM: x86/mmu: Embed direct bits into gpa for KVM_PRE_FAULT_MEMORY (git-fixes). - commit 75ad287 - Revert "KVM: x86/tdp_mmu: Add a helper function to walk down the TDP MMU" (git-fixes). - commit cbd54f0 - KVM: x86/mmu: WARN if KVM attempts to map into an invalid TDP MMU root (git-fixes). - commit db82a28 - KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU (git-fixes). - commit 7bbdb3d - KVM: Rename kvm_arch_vcpu_async_ioctl() to kvm_arch_vcpu_unlocked_ioctl() (git-fixes). - commit cc287ee - KVM: Make support for kvm_arch_vcpu_async_ioctl() mandatory (git-fixes). - commit e9d19b9 - KVM: TDX: Drop PROVE_MMU=y sanity check on to-be-populated mappings (git-fixes). - commit 0739547 - KVM: TDX: Replace kmalloc + copy_from_user with memdup_user in tdx_td_init() (git-fixes). - commit ff33194 - x86/virt/tdx: Use precalculated TDVPR page physical address (git-fixes). - commit 3fdc23e ++++ kernel-rt: - KABI: fix "Revert-dm-fix-a-race-condition-in-retrieve_deps.patch" (git-fixes). - commit 53fd79b - net/sched: act_ife: avoid possible NULL deref (CVE-2026-23064 bsc#1257765). - selftests/tc-testing: Try to add teql as a child qdisc (CVE-2026-23105 bsc#1257775). - net/sched: qfq: Use cl_is_active to determine whether class is active in qfq_rm_from_ag (CVE-2026-23105 bsc#1257775). - commit 3ff4470 - Revert "dm: fix a race condition in retrieve_deps" (git-fixes). - commit e64c40a - Refresh sorted patches. - commit 3b39938 - RISC-V: KVM: use kvm_trylock_all_vcpus when locking all vCPUs (git-fixes). - commit 292c30b - KVM: arm64: use kvm_trylock_all_vcpus when locking all vCPUs (git-fixes). - commit 45ee0a5 - KVM: add kvm_lock_all_vcpus and kvm_trylock_all_vcpus (git-fixes). - commit f8807d7 - x86: KVM: SVM: use kvm_lock_all_vcpus instead of a custom implementation (git-fixes). - commit 27b7fd9 - locking/mutex: implement mutex_lock_killable_nest_lock (git-fixes). - commit c11266f - locking/mutex: implement mutex_trylock_nested (git-fixes). - commit 4df10c6 - KVM: TDX: Use struct_size to simplify tdx_get_capabilities() (git-fixes). - commit 1f75b03 - KVM: TDX: Check size of user's kvm_tdx_capabilities array before allocating (git-fixes). - commit 319fd02 - KVM: TDX: Fix sparse warnings from using 0 for NULL (git-fixes). - commit 3438716 - KVM: TDX: Remove __user annotation from kernel pointer (git-fixes). - commit f5a4acb - KVM: TDX: Take MMU lock around tdh_vp_init() (git-fixes). - commit 3b6a5f3 - KVM: TDX: Fix list_add corruption during vcpu_load() (git-fixes). - commit fcf6177 - KVM: TDX: Bug the VM if extending the initial measurement fails (git-fixes). - commit 056ce6c - KVM: TDX: Guard VM state transitions with "all" the locks (git-fixes). - commit 6fc029e - KVM: TDX: Don't copy "cmd" back to userspace for KVM_TDX_CAPABILITIES (git-fixes). - commit a1cf957 - KVM: TDX: Use guard() to acquire kvm->lock in tdx_vm_ioctl() (git-fixes). - commit 53cbd86 - KVM: TDX: Convert INIT_MEM_REGION and INIT_VCPU to "unlocked" vCPU ioctl (git-fixes). - commit 33e9280 - KVM: TDX: Add tdx_get_cmd() helper to get and validate sub-ioctl command (git-fixes). - commit db2e487 - KVM: TDX: Add macro to retry SEAMCALLs when forcing vCPUs out of guest (git-fixes). - commit f789249 - KVM: TDX: Assert that mmu_lock is held for write when removing S-EPT entries (git-fixes). - commit 5c9b28f - KVM: TDX: Derive error argument names from the local variable names (git-fixes). - commit e750b72 - KVM: TDX: Combine KVM_BUG_ON + pr_tdx_error() into TDX_BUG_ON() (git-fixes). - commit d2a9d32 - KVM: TDX: Fold tdx_sept_zap_private_spte() into tdx_sept_remove_private_spte() (git-fixes). - commit 8fa4208 - KVM: TDX: ADD pages to the TD image while populating mirror EPT entries (git-fixes). - commit 05e82a8 - KVM: TDX: Fold tdx_mem_page_record_premap_cnt() into its sole caller (git-fixes). - commit cc267d2 - KVM: TDX: Use atomic64_dec_return() instead of a poor equivalent (git-fixes). - commit 794f48a - KVM: TDX: Avoid a double-KVM_BUG_ON() in tdx_sept_zap_private_spte() (git-fixes). - commit 8899368 - KVM: TDX: WARN if mirror SPTE doesn't have full RWX when creating S-EPT mapping (git-fixes). - commit d132554 - KVM: x86/mmu: Drop the return code from kvm_x86_ops.remove_external_spte() (git-fixes). - commit 2570719 - KVM: TDX: Fold tdx_sept_drop_private_spte() into tdx_sept_remove_private_spte() (git-fixes). - commit 83ec6b9 - KVM: TDX: Return -EIO, not -EINVAL, on a KVM_BUG_ON() condition (git-fixes). - commit ebb64f7 - KVM: TDX: Drop superfluous page pinning in S-EPT management (git-fixes). - commit 5eced3b - KVM: x86/mmu: Rename kvm_tdp_map_page() to kvm_tdp_page_prefault() (git-fixes). - commit 11c9e24 - KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer (bsc#1256708, CVE-2025-71104). - commit 8d2aab2 - migrate: correct lock ordering for hugetlb file folios (CVE-2026-23097 bsc#1257815). - commit 30b8633 - vsock/virtio: Coalesce only linear skb (bsc#1257740, CVE-2026-23057). - commit 310c89d - wifi: ath10k: sdio: add missing lock protection in ath10k_sdio_fw_crashed_dump() (git-fixes). - wifi: ath9k: fix kernel-doc warnings in common-debug.h (git-fixes). - wifi: ath9k: debug.h: fix kernel-doc bad lines and struct ath_tx_stats (git-fixes). - wifi: cfg80211: stop NAN and P2P in cfg80211_leave (git-fixes). - wifi: rtl8xxxu: fix slab-out-of-bounds in rtl8xxxu_sta_add (git-fixes). - wifi: rtw88: Fix alignment fault in rtw_core_enable_beacon() (git-fixes). - wifi: cfg80211: Fix use_for flag update on BSS refresh (git-fixes). - PCI: mediatek: Fix IRQ domain leak when MSI allocation fails (git-fixes). - PCI: dwc: Fix msg_atu_index assignment (git-fixes). - Revert "PCI: qcom: Enable MSI interrupts together with Link up if 'Global IRQ' is supported" (stable-fixes). - PCI: Add ACS quirk for Pericom PI7C9X2G404 switches [12d8:b404] (git-fixes). - PCI: Fix pci_slot_trylock() error handling (git-fixes). - PCI: Use resource_set_range() that correctly sets ->end (git-fixes). - PCI/portdrv: Fix potential resource leak (git-fixes). - PCI/PM: Avoid redundant delays on D3hot->D3cold (git-fixes). - PCI/P2PDMA: Release per-CPU pgmap ref when vm_insert_page() fails (git-fixes). - PCI/IOV: Fix race between SR-IOV enable/disable and hotplug (git-fixes). - Revert "PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV" (git-fixes). - PCI/ACPI: Restrict program_hpx_type2() to AER bits (git-fixes). - PCI: Initialize RCB from pci_configure_device() (git-fixes). - PCI: Check parent for NULL in of_pci_bus_release_domain_nr() (git-fixes). - PCI: Mark 3ware-9650SA Root Port Extended Tags as broken (git-fixes). - PCI: Do not attempt to set ExtTag for VFs (git-fixes). - PCI: endpoint: Fix swapped parameters in pci_{primary/secondary}_epc_epf_unlink() functions (git-fixes). - PCI: endpoint: Avoid creating sub-groups asynchronously (git-fixes). - regulator: core: move supply check earlier in set_machine_constraints() (git-fixes). - regulator: core: fix locking in regulator_resolve_supply() error path (git-fixes). - platform/chrome: cros_ec_lightbar: Fix response size initialization (git-fixes). - platform/chrome: cros_typec_switch: Don't touch struct fwnode_handle::dev (git-fixes). - soc: rockchip: grf: Support multiple grf to be handled (git-fixes). - soc: rockchip: grf: Fix wrong RK3576_IOCGRF_MISC_CON definition (git-fixes). - reset: gpio: suppress bind attributes in sysfs (git-fixes). - soc: mediatek: svs: Fix memory leak in svs_enable_debug_write() (git-fixes). - soc: qcom: cmd-db: Use devm_memremap() to fix memory leak in cmd_db_dev_probe (git-fixes). - soc: qcom: smem: handle ENOMEM error during probe (git-fixes). - soc: ti: pruss: Fix double free in pruss_clk_mux_setup() (git-fixes). - soc: ti: k3-socinfo: Fix regmap leak on probe failure (git-fixes). - spi: hisi-kunpeng: Fixed the wrong debugfs node name in hisi_spi debugfs initialization (stable-fixes). - regmap: maple: free entry on mas_store_gfp() failure (stable-fixes). - wifi: mac80211: don't increment crypto_tx_tailroom_needed_cnt twice (stable-fixes). - wifi: mac80211: correctly check if CSA is active (stable-fixes). - wifi: cfg80211: Fix bitrate calculation overflow for HE rates (stable-fixes). - wifi: mac80211: collect station statistics earlier when disconnect (stable-fixes). - wifi: mac80211: ocb: skip rx_no_sta when interface is not joined (stable-fixes). - wifi: wlcore: ensure skb headroom before skb_push (stable-fixes). - commit 6474bb4 - nfc: hci: shdlc: Stop timers and work before freeing context (git-fixes). - of: unittest: fix possible null-pointer dereferences in of_unittest_property_copy() (git-fixes). - media: uvcvideo: Fix allocation for small frame sizes (git-fixes). - media: verisilicon: AV1: Fix tile info buffer size (git-fixes). - media: venus: vdec: restrict EOS addr quirk to IRIS2 only (git-fixes). - media: venus: vdec: fix error state assignment for zero bytesused (git-fixes). - media: i2c: ov01a10: Fix digital gain range (git-fixes). - media: stm32: dcmipp: bytecap: clear all interrupts upon stream stop (git-fixes). - media: ccs: Accommodate C-PHY into the calculation (git-fixes). - media: ipu6: Fix RPM reference leak in probe error paths (git-fixes). - media: ipu6: Fix typo and wrong constant in ipu6-mmu.c (git-fixes). - media: dw9714: Fix powerup sequence (git-fixes). - media: i2c: ov5647: use our own mutex for the ctrl lock (git-fixes). - media: ccs: Fix setting initial sub-device state (git-fixes). - media: i2c: ov5647: Fix PIXEL_RATE value for VGA mode (git-fixes). - media: i2c: ov5647: Sensor should report RAW color space (git-fixes). - media: i2c: ov5647: Correct minimum VBLANK value (git-fixes). - media: i2c: ov5647: Correct pixel array offset (git-fixes). - media: i2c: ov5647: Initialize subdev before controls (git-fixes). - media: ccs: Avoid possible division by zero (git-fixes). - media: qcom: camss: vfe: Fix out-of-bounds access in vfe_isr_reg_update() (git-fixes). - media: i2c: ov01a10: Fix test-pattern disabling (git-fixes). - media: i2c: ov01a10: Fix passing stream instead of pad to v4l2_subdev_state_get_format() (git-fixes). - media: i2c: ov01a10: Add missing v4l2_subdev_cleanup() calls (git-fixes). - media: i2c: ov01a10: Fix analogue gain range (git-fixes). - media: i2c: ov01a10: Fix reported pixel-rate value (git-fixes). - media: i2c: ov01a10: Fix the horizontal flip control (git-fixes). - media: i2c/tw9906: Fix potential memory leak in tw9906_probe() (git-fixes). - media: i2c/tw9903: Fix potential memory leak in tw9903_probe() (git-fixes). - media: cx25821: Add missing unmap in snd_cx25821_hw_params() (git-fixes). - media: cx23885: Add missing unmap in snd_cx23885_hw_params() (git-fixes). - media: cx88: Add missing unmap in snd_cx88_hw_params() (git-fixes). - media: radio-keene: fix memory leak in error path (git-fixes). - media: tegra-video: Fix memory leak in __tegra_channel_try_format() (git-fixes). - media: verisilicon: AV1: Set IDR flag for intra_only frame type (git-fixes). - media: rockchip: rga: Fix possible ERR_PTR dereference in rga_buf_init() (git-fixes). - media: amphion: Drop min_queued_buffers assignment (git-fixes). - media: verisilicon: AV1: Fix tx mode bit setting (git-fixes). - media: verisilicon: AV1: Fix enable cdef computation (git-fixes). - media: chips-media: wave5: Fix memory leak on codec_info allocation failure (git-fixes). - media: chips-media: wave5: Fix device cleanup order to prevent kernel panic (git-fixes). - media: chips-media: wave5: Fix kthread worker destruction in polling mode (git-fixes). - media: mtk-mdp: Fix a reference leak bug in mtk_mdp_remove() (git-fixes). - media: mtk-mdp: Fix error handling in probe function (git-fixes). - media: mediatek: encoder: Fix uninitialized scalar variable issue (git-fixes). - HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients (git-fixes). - HID: hid-pl: handle probe errors (git-fixes). - HID: playstation: Add missing check for input_ff_create_memless (git-fixes). - hwmon: (max16065) Use READ/WRITE_ONCE to avoid compiler optimization induced race (git-fixes). - memory: mtk-smi: fix device leak on larb probe (git-fixes). - memory: mtk-smi: fix device leaks on common probe (git-fixes). - HID: logitech: add HID++ support for Logitech MX Anywhere 3S (stable-fixes). - HID: Apply quirk HID_QUIRK_ALWAYS_POLL to Edifier QR30 (2d99:a101) (stable-fixes). - HID: i2c-hid: fix potential buffer overflow in i2c_hid_get_report() (stable-fixes). - HID: quirks: Add another Chicony HP 5MP Cameras to hid_ignore_list (stable-fixes). - HID: multitouch: add MT_QUIRK_STICKY_FINGERS to MT_CLS_VTL (stable-fixes). - net: usb: sr9700: support devices with virtual driver CD (stable-fixes). - commit 2d30005 - scsi: qla2xxx: edif: Fix dma_free_coherent() size (git-fixes). - scsi: qla2xxx: Sanitize payload size to prevent member overflow (git-fixes). - scsi: qla2xxx: Enable/disable IRQD_NO_BALANCING during reset (git-fixes). - scsi: qla2xxx: target: Improve safety of cmd lookup by handle (git-fixes). - scsi: qla2xxx: target: Add back SRR support (git-fixes). - scsi: qla2xxx: target: Improve cmd logging (git-fixes). - scsi: qla2xxx: target: Add cmd->rsp_sent (git-fixes). - scsi: qla2xxx: target: Fix invalid memory access with big CDBs (git-fixes). - scsi: qla2xxx: Fix TMR failure handling (git-fixes). - scsi: qla2xxx: target: Improve checks in qlt_xmit_response() / qlt_rdy_to_xfer() (git-fixes). - scsi: qla2xxx: target: Fix races with aborting commands (git-fixes). - scsi: qla2xxx: Clear cmds after chip reset (CVE-2025-68745 bsc#1255721 git-fixes). - scsi: qla2xxx: target: Fix term exchange when cmd_sent_to_fw == 1 (git-fixes). - scsi: qla2xxx: target: Improve debug output for term exchange (git-fixes). - scsi: qla2xxx: target: Remove code for unsupported hardware (git-fixes). - scsi: qla2xxx: Use reinit_completion on mbx_intr_comp (git-fixes). - scsi: qla2xxx: Fix lost interrupts with qlini_mode=disabled (git-fixes). - scsi: qla2xxx: Fix initiator mode with qlini_mode=exclusive (git-fixes). - scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path" (git-fixes). - commit c2959d9 - drm/xe: Unregister drm device on probe error (git-fixes). - drm/msm/a2xx: fix pixel shader start on A225 (git-fixes). - drm/msm/dpu: fix CMD panels on DPU 1.x - 3.x (git-fixes). - drm/msm/dpu: drop intr_start from DPU 3.x catalog files (git-fixes). - drm/msm/disp: set num_planes to 1 for interleaved YUV formats (git-fixes). - drm/msm/dpu: fix WD timer handling on DPU 8.x (git-fixes). - drm/msm/dpu: Set vsync source irrespective of mdp top support (git-fixes). - drm/bridge: anx7625: Fix invalid EDID size (git-fixes). - drm/buddy: Prevent BUG_ON by validating rounded allocation (git-fixes). - drm/tegra: dsi: fix device leak on probe (git-fixes). - drm/amdkfd: Fix signal_eviction_fence() bool return value (git-fixes). - drm/amd: Drop "amdgpu kernel modesetting enabled" message (git-fixes). - drm/tests: shmem: Swap names of export tests (git-fixes). - drm/panthor: Evict groups before VM termination (git-fixes). - drm/panel: sw43408: Remove manual invocation of unprepare at remove (git-fixes). - drm/panthor: Make sure we resume the tick when new jobs are submitted (git-fixes). - drm/panthor: Fix the logic that decides when to stop ticking (git-fixes). - drm/panthor: Fix immediate ticking on a disabled tick (git-fixes). - drm/panthor: Fix the group priority rotation logic (git-fixes). - drm/panthor: Fix the full_tick check (git-fixes). - drm/panthor: Recover from panthor_gpu_flush_caches() failures (git-fixes). - firmware: arm_ffa: Correct 32-bit response handling in NOTIFICATION_INFO_GET (git-fixes). - drm/xe/pm: Disable D3Cold for BMG only on specific platforms (git-fixes). - drm/amd/pm: Disable MMIO access during SMU Mode 1 reset (stable-fixes). - HID: intel-ish-hid: Reset enum_devices_done before enumeration (stable-fixes). - HID: intel-ish-hid: Update ishtp bus match to support device ID table (stable-fixes). - HID: playstation: Center initial joystick axes to prevent spurious events (stable-fixes). - gpiolib-acpi: Update file references in the Documentation and MAINTAINERS (git-fixes). - commit bfdede0 - PCI: qcom: Remove ASPM L0s support for MSM8996 SoC (git-fixes). - PCI/ERR: Ensure error recoverability at all times (git-fixes). - commit 64dc0df - ALSA: hda/realtek: Add quirk for Acer Nitro AN517-55 (stable-fixes). - Refresh patches.suse/ALSA-hda-realtek-Enable-headset-mic-for-Acer-Nitro-5.patch. - commit dcc35f0 - Documentation: PCI: endpoint: Fix ntb/vntb copy & paste errors (git-fixes). - ASoC: amd: drop unused Kconfig symbols (git-fixes). - ASoC: pxa: drop unused Kconfig symbol (git-fixes). - ASoC: SOF: ipc4-control: Keep the payload size up to date (git-fixes). - ASoC: SOF: ipc4-control: Use the correct size for scontrol->ipc_control_data (git-fixes). - ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls (git-fixes). - ASoC: SOF: ipc4-control: If there is no data do not send bytes update (git-fixes). - bus: fsl-mc: fix an error handling in fsl_mc_device_add() (git-fixes). - bus: omap-ocp2scp: fix OF populate on driver rebind (git-fixes). - clk: qcom: Return correct error code in qcom_cc_probe_by_index() (git-fixes). - ALSA: hda/realtek: Really fix headset mic for TongFang X6AR55xU (git-fixes). - ALSA: hda/realtek: ALC269 fixup for Lenovo Yoga Book 9i 13IRU8 audio (stable-fixes). - ALSA: hda/realtek: Fix headset mic for TongFang X6AR55xU (stable-fixes). - ASoC: tlv320adcx140: Propagate error codes during probe (stable-fixes). - ASoC: amd: yc: Fix microphone on ASUS M6500RE (stable-fixes). - ASoC: davinci-evm: Fix reference leak in davinci_evm_probe (stable-fixes). - ASoC: simple-card-utils: Check device node before overwrite direction (stable-fixes). - ALSA: hda/realtek: add HP Laptop 15s-eq1xxx mute LED quirk (stable-fixes). - ALSA: hda/realtek: enable woofer speakers on Medion NM14LNL (stable-fixes). - drm/xe/pm: Also avoid missing outer rpm warning on system suspend (stable-fixes). - commit 85b3e2d - nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (CVE-2026-22998 bsc#1257209). - commit f6350b1 - KVM: x86/mmu: Embed direct bits into gpa for KVM_PRE_FAULT_MEMORY (git-fixes). - commit 75ad287 - Revert "KVM: x86/tdp_mmu: Add a helper function to walk down the TDP MMU" (git-fixes). - commit cbd54f0 - KVM: x86/mmu: WARN if KVM attempts to map into an invalid TDP MMU root (git-fixes). - commit db82a28 - KVM: x86/mmu: Add dedicated API to map guest_memfd pfn into TDP MMU (git-fixes). - commit 7bbdb3d - KVM: Rename kvm_arch_vcpu_async_ioctl() to kvm_arch_vcpu_unlocked_ioctl() (git-fixes). - commit cc287ee - KVM: Make support for kvm_arch_vcpu_async_ioctl() mandatory (git-fixes). - commit e9d19b9 - KVM: TDX: Drop PROVE_MMU=y sanity check on to-be-populated mappings (git-fixes). - commit 0739547 - KVM: TDX: Replace kmalloc + copy_from_user with memdup_user in tdx_td_init() (git-fixes). - commit ff33194 - x86/virt/tdx: Use precalculated TDVPR page physical address (git-fixes). - commit 3fdc23e ++++ libpng16: - added patches CVE-2026-25646: Heap buffer overflow vulnerability in png_set_dither/png_set_quantize (bsc#1258020) * libpng16-CVE-2026-25646.patch ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to version 580.126.18 (boo#1258154) - updated CUDA variant to version 580.126.16 ------------------------------------------------------------------ ------------------ 2026-2-11 - Feb 11 2026 ------------------- ------------------------------------------------------------------ ++++ grub2: - Backport upstream's commit to prevent BIOS assert (bsc#1258022) * 0001-kern-efi-mm-Change-grub_efi_mm_add_regions-to-keep-t.patch ++++ kernel-default: - KVM/TDX: Explicitly do WBINVD when no more TDX SEAMCALLs (git-fixes). - commit b53af4c - mm/page_alloc: change all pageblocks migrate type on coalescing (CVE-2025-71134 bsc#1256732). - commit 3036351 - ktls, sockmap: Fix missing uncharge operation (bsc#1252008). - commit 55dd0a8 - net/sched: Enforce that teql can only be used as root qdisc (CVE-2026-23074 bsc#1257749). - commit 4a5b062 - media: pci: mg4b: Use IRQF_NO_THREAD (git-fixes). - mfd: wm8350-core: Use IRQF_ONESHOT (git-fixes). - Bluetooth: btintel_pcie: Use IRQF_ONESHOT and default primary handler (git-fixes). - platform/x86: int0002: Remove IRQF_ONESHOT from request_irq() (git-fixes). - genirq: Set IRQF_COND_ONESHOT in devm_request_irq() (git-fixes). - crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (git-fixes). - crypto: starfive - Fix memory leak in starfive_aes_aead_do_one_req() (git-fixes). - crypto: caam - fix netdev memory leak in dpaa2_caam_probe (git-fixes). - crypto: hisilicon/trng - support tfms sharing the device (git-fixes). - crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req (git-fixes). - crypto: virtio - Add spinlock protection with virtqueue notification (git-fixes). - crypto: hisilicon/sec2 - support skcipher/aead fallback for hardware queue unavailable (git-fixes). - crypto: hisilicon/zip - adjust the way to obtain the req in the callback function (git-fixes). - crypto: octeontx - fix dma_free_coherent() size (git-fixes). - crypto: cavium - fix dma_free_coherent() size (git-fixes). - crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (git-fixes). - crypto: octeontx - Fix length check to avoid truncation in ucode_load_store (git-fixes). - crypto: qat - fix warning on adf_pfvf_pf_proto.c (git-fixes). - crypto: qat - fix parameter order used in ICP_QAT_FW_COMN_FLAGS_BUILD (git-fixes). - Documentation: mailbox: mbox_chan_ops.flush() is optional (git-fixes). - platform/x86: hp-bioscfg: Skip empty attribute names (git-fixes). - commit 4559d68 ++++ kernel-rt: - KVM/TDX: Explicitly do WBINVD when no more TDX SEAMCALLs (git-fixes). - commit b53af4c - mm/page_alloc: change all pageblocks migrate type on coalescing (CVE-2025-71134 bsc#1256732). - commit 3036351 - ktls, sockmap: Fix missing uncharge operation (bsc#1252008). - commit 55dd0a8 - net/sched: Enforce that teql can only be used as root qdisc (CVE-2026-23074 bsc#1257749). - commit 4a5b062 - media: pci: mg4b: Use IRQF_NO_THREAD (git-fixes). - mfd: wm8350-core: Use IRQF_ONESHOT (git-fixes). - Bluetooth: btintel_pcie: Use IRQF_ONESHOT and default primary handler (git-fixes). - platform/x86: int0002: Remove IRQF_ONESHOT from request_irq() (git-fixes). - genirq: Set IRQF_COND_ONESHOT in devm_request_irq() (git-fixes). - crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (git-fixes). - crypto: starfive - Fix memory leak in starfive_aes_aead_do_one_req() (git-fixes). - crypto: caam - fix netdev memory leak in dpaa2_caam_probe (git-fixes). - crypto: hisilicon/trng - support tfms sharing the device (git-fixes). - crypto: virtio - Remove duplicated virtqueue_kick in virtio_crypto_skcipher_crypt_req (git-fixes). - crypto: virtio - Add spinlock protection with virtqueue notification (git-fixes). - crypto: hisilicon/sec2 - support skcipher/aead fallback for hardware queue unavailable (git-fixes). - crypto: hisilicon/zip - adjust the way to obtain the req in the callback function (git-fixes). - crypto: octeontx - fix dma_free_coherent() size (git-fixes). - crypto: cavium - fix dma_free_coherent() size (git-fixes). - crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode (git-fixes). - crypto: octeontx - Fix length check to avoid truncation in ucode_load_store (git-fixes). - crypto: qat - fix warning on adf_pfvf_pf_proto.c (git-fixes). - crypto: qat - fix parameter order used in ICP_QAT_FW_COMN_FLAGS_BUILD (git-fixes). - Documentation: mailbox: mbox_chan_ops.flush() is optional (git-fixes). - platform/x86: hp-bioscfg: Skip empty attribute names (git-fixes). - commit 4559d68 ++++ mdadm: - Update to version 4.4+37.gea219956: - Backport upstream fixes from 4.5 (bsc#1257009) * Re-enable mdadm --monitor ... for /dev/mdX * Allow RAID0 to be created with v0.90 metadata * Moves memory management into Assemble to avoid null pointer dereference * Support non-absolute name during monitor scan * Don't set badblock flag when adding a new disk * Fix metadata corruption when managing new imsm array ++++ ucode-intel: - Intel CPU Microcode was updated to the 20260210 release (bsc#1258046) - CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor (STM) in some Intel(R) Processor may allow a privileged user to potentially enable escalation of privilege via local access. (bsc#1229129) - CVE-2025-31648: Improper handling of values in the microcode flow for some Intel Processor Family may allow an escalation of privilege. (bsc#1258046 INTEL-SA-01396 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01396.html) - Update for various functional issues. - Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 0000003d | 0000003e | Core Gen12 | ADL | H0 | 06-97-05/07 | 0000003d | 0000003e | Core Gen12 | ADL | L0 | 06-9a-03/80 | 0000043a | 0000043b | Core Gen12 | ADL | R0 | 06-9a-04/80 | 0000043a | 0000043b | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001e | 00000021 | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | ARL-H | A1 | 06-c5-02/82 | 0000011a | 0000011b | Core Ultra Processor (Series 2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 0000011a | 0000011b | Core Ultra Processor (Series 2) | ARL-U | A0 | 06-b5-00/80 | 0000000a | 0000000d | Core Ultra Processor (Series 2) | AZB | A0/R0 | 06-9a-04/40 | 0000000b | 0000000c | Atom C1100 | EMR-SP | A1 | 06-cf-02/87 | 210002c0 | 210002d3 | Xeon Scalable Gen5 | GNR-AP/SP | Bx/Hx/Lx | 06-ad-01/95 | 010003f0 | 01000405 | Xeon 6900/6700/6500 Series Processors with P-Cores | GNR-D | B0/B1 | 06-ae-01/97 | 01000273 | 010002f3 | Xeon 6700P-B/6500P-B Series SoC with P-Cores | GNR-SP R1S | Bx/Hx/Lx | 06-ad-01/20 | 0a000124 | 0a000133 | Xeon 6700/6500-Series Processors with P-Cores | ICL-D | B0 | 06-6c-01/10 | 010002e0 | 010002f1 | Xeon D-17xx, D-27xx | ICL-U/Y | D1 | 06-7e-05/80 | 000000ca | 000000cc | Core Gen10 Mobile | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000410 | 0d000421 | Xeon Scalable Gen3 | MTL | C0 | 06-aa-04/e6 | 00000025 | 00000028 | Core Ultra Processor | RKL-S | B0 | 06-a7-01/02 | 00000064 | 00000065 | Core Gen11 | RPL-E/HX/S | B0 | 06-b7-01/32 | 00000132 | 00000133 | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00006133 | 00006134 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 0000003d | 0000003e | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 0000003d | 0000003e | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00006133 | 00006134 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c000410 | 2c000421 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000650 | 2b000661 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000650 | 2b000661 | Xeon Scalable Gen4 | TGL | B0/B1 | 06-8c-01/80 | 000000bc | 000000be | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | 00000056 | 00000058 | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | 0000003c | 0000003e | Core Gen11 Mobile | TWL | N0 | 06-be-00/19 | 0000001e | 00000021 | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ------------------------------------------------------------------ ------------------ 2026-2-10 - Feb 10 2026 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20260210.ecce285: * For boo#1257875 get intrinsic DEFAULT_WM back * DIR_COLORS: add vt220 and .jxl ++++ lvm2-device-mapper: - L3: LVM_SUPPRESS_FD_WARNINGS is no longer effective (bsc#1257661) * Add upstream patch + bug-1257661-libdaemon-fix-suppressing-stray-fd-warnings.patch ++++ kernel-default: - phy: qcom-qusb2: Fix NULL pointer dereference on early suspend (bsc#1257686 CVE-2025-71193) - commit 19f0093 - Octeontx2-af: Add proper checks for fwdata (bsc#1257709 CVE-2026-23070) - commit dea3240 - irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758 CVE-2026-23085) - commit be35313 - arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762 CVE-2026-23107) - commit 19d7755 - arm64/fpsimd: signal: Fix restoration of SVE context (bsc#1257772 CVE-2026-23102) - commit 1a38c1d - spi: spi-sprd-adi: Fix double free in probe error path (bsc#1257805 CVE-2026-23068) - commit 7304352 - blacklist.conf: CVE-2025-68789 is invalid - Delete patches.suse/hwmon-ibmpex-fix-use-after-free-in-high-low-store.patch. - commit f8a3a89 - net: tunnel: make skb_vlan_inet_prepare() return drop reasons (bsc#1257942 bsc#1257246 CVE-2026-23003). - commit 1cb88e2 - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-check-in-IRQ-han.patch (git-fixes bsc#1257952) - commit d5bce4f - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-clearing-in-tegr.patch (git-fixes bsc#1257952) - commit 27b982c - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-in-tegra_qspi_co.patch (git-fixes bsc#1257952) - commit 98fc331 - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-assignment-in-te.patch (git-fixes bsc#1257952) - commit bd0d13d - Update patches.suse/spi-tegra210-quad-Move-curr_xfer-read-inside-spinloc.patch (git-fixes bsc#1257952) - commit 1f60101 - Update patches.suse/spi-tegra210-quad-Return-IRQ_HANDLED-when-timeout-al.patch (git-fixes bsc#1257952) - commit c2f4ce0 - thermal: intel: x86_pkg_temp_thermal: Handle invalid temperature (git-fixes). - thermal/of: Fix reference leak in thermal_of_cm_lookup() (git-fixes). - OPP: Return correct value in dev_pm_opp_get_level (git-fixes). - PM: sleep: wakeirq: harden dev_pm_clear_wake_irq() against races (git-fixes). - PM: wakeup: Handle empty list in wakeup_sources_walk_start() (git-fixes). - ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch() (git-fixes). - tpm: st33zp24: Fix missing cleanup on get_burstcount() error (git-fixes). - tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure (git-fixes). - i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers() (git-fixes). - i3c: dw: Initialize spinlock to avoid upsetting lockdep (git-fixes). - i3c: master: Update hot-join flag only on success (git-fixes). - i3c: Move device name assignment after i3c_bus_init (git-fixes). - auxdisplay: arm-charlcd: fix release_mem_region() size (git-fixes). - OPP: OF: Fix an OF node leak in _opp_add_static_v2() (git-fixes). - commit 41b898f ++++ kernel-rt: - phy: qcom-qusb2: Fix NULL pointer dereference on early suspend (bsc#1257686 CVE-2025-71193) - commit 19f0093 - Octeontx2-af: Add proper checks for fwdata (bsc#1257709 CVE-2026-23070) - commit dea3240 - irqchip/gic-v3-its: Avoid truncating memory addresses (bsc#1257758 CVE-2026-23085) - commit be35313 - arm64/fpsimd: signal: Allocate SSVE storage when restoring ZA (bsc#1257762 CVE-2026-23107) - commit 19d7755 - arm64/fpsimd: signal: Fix restoration of SVE context (bsc#1257772 CVE-2026-23102) - commit 1a38c1d - spi: spi-sprd-adi: Fix double free in probe error path (bsc#1257805 CVE-2026-23068) - commit 7304352 - blacklist.conf: CVE-2025-68789 is invalid - Delete patches.suse/hwmon-ibmpex-fix-use-after-free-in-high-low-store.patch. - commit f8a3a89 - net: tunnel: make skb_vlan_inet_prepare() return drop reasons (bsc#1257942 bsc#1257246 CVE-2026-23003). - commit 1cb88e2 - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-check-in-IRQ-han.patch (git-fixes bsc#1257952) - commit d5bce4f - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-clearing-in-tegr.patch (git-fixes bsc#1257952) - commit 27b982c - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-in-tegra_qspi_co.patch (git-fixes bsc#1257952) - commit 98fc331 - Update patches.suse/spi-tegra210-quad-Protect-curr_xfer-assignment-in-te.patch (git-fixes bsc#1257952) - commit bd0d13d - Update patches.suse/spi-tegra210-quad-Move-curr_xfer-read-inside-spinloc.patch (git-fixes bsc#1257952) - commit 1f60101 - Update patches.suse/spi-tegra210-quad-Return-IRQ_HANDLED-when-timeout-al.patch (git-fixes bsc#1257952) - commit c2f4ce0 - thermal: intel: x86_pkg_temp_thermal: Handle invalid temperature (git-fixes). - thermal/of: Fix reference leak in thermal_of_cm_lookup() (git-fixes). - OPP: Return correct value in dev_pm_opp_get_level (git-fixes). - PM: sleep: wakeirq: harden dev_pm_clear_wake_irq() against races (git-fixes). - PM: wakeup: Handle empty list in wakeup_sources_walk_start() (git-fixes). - ACPICA: Fix NULL pointer dereference in acpi_ev_address_space_dispatch() (git-fixes). - tpm: st33zp24: Fix missing cleanup on get_burstcount() error (git-fixes). - tpm: tpm_i2c_infineon: Fix locality leak on get_burstcount() failure (git-fixes). - i3c: dw: Fix memory leak in dw_i3c_master_i2c_xfers() (git-fixes). - i3c: dw: Initialize spinlock to avoid upsetting lockdep (git-fixes). - i3c: master: Update hot-join flag only on success (git-fixes). - i3c: Move device name assignment after i3c_bus_init (git-fixes). - auxdisplay: arm-charlcd: fix release_mem_region() size (git-fixes). - OPP: OF: Fix an OF node leak in _opp_add_static_v2() (git-fixes). - commit 41b898f ++++ kubevirt: - Update to version 1.7.0 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.7.0 bsc#1241772 (CVE-2025-22872), bsc#1253181 (CVE-2025-64432), bsc#1253185 (CVE-2025-64433), bsc#1253186 (CVE-2025-64434), bsc#1253189 (CVE-2025-64435), bsc#1253194 (CVE-2025-64437), bsc#1253748 (CVE-2025-64324), bsc#1257128, bsc#1257422 (CVE-2024-45310) Drop Update-module-golang.org-x-oauth2-to-v0.27.0-SECURITY.patch and Update-module-golang.org-x-net-to-v0.38.0-SECURITY.patch - Upstream now uses stateless firmware for CoCo VMs. Drop Ensure-SEV-VMs-use-stateless-OVMF-firmware.patch ++++ lvm2: - L3: LVM_SUPPRESS_FD_WARNINGS is no longer effective (bsc#1257661) * Add upstream patch + bug-1257661-libdaemon-fix-suppressing-stray-fd-warnings.patch ++++ nvidia-open-driver-G06-signed: - kernel-6.19.patch: fixes build against kernel 6.19 ------------------------------------------------------------------ ------------------ 2026-2-9 - Feb 9 2026 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix error "grub-core/script/lexer.c:352:out of memory" after PowerPC CAS Reboot (bsc#1254299) * 0001-Fix-PowerPC-CAS-reboot-to-evaluate-menu-context.patch ++++ rust-keylime: - Update vendored crates (bsc#1257908, CVE-2026-25727) * time 0.3.47 - Update to version 0.2.8+116: * build(deps): bump bytes from 1.7.2 to 1.11.1 * api: Modify /version endpoint output in version 2.5 * Add API v2.5 with backward-compatible /v2.5/quotes/integrity * tests: add unit test for resolve_agent_id (#1182) * (pull-model): enable retry logic for registration * rpm: Update specfiles to apply on master * workflows: Add test to detect unused crates * lib: Drop unused crates * push-model: Drop unused crates * keylime-agent: Drop unused crates * build(deps): bump uuid from 1.18.1 to 1.19.0 * Update reqwest-retry to 0.8, retry-policies to 0.5 * rpm: Fix cargo_build macro usage on CentOS Stream * fix(push-model): resolve hash_ek uuid to actual EK hash * build(deps): bump thiserror from 2.0.16 to 2.0.17 * workflows: Separate upstream test suite from e2e coverage * Send UEFI measured boot logs as raw bytes (#1173) * auth: Add unit tests for SecretToken implementation * packit: Enable push-attestation tests * resilient_client: Prevent authentication token leakage in logs ------------------------------------------------------------------ ------------------ 2026-2-8 - Feb 8 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - spi: tegra114: Preserve SPI mode bits in def_command1_reg (git-fixes). - spi: tegra: Fix a memory leak in tegra_slink_probe() (git-fixes). - spi: tegra210-quad: Protect curr_xfer check in IRQ handler (git-fixes). - spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer (git-fixes). - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (git-fixes). - spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one (git-fixes). - spi: tegra210-quad: Move curr_xfer read inside spinlock (git-fixes). - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer (git-fixes). - commit 48bc42c ++++ kernel-rt: - spi: tegra114: Preserve SPI mode bits in def_command1_reg (git-fixes). - spi: tegra: Fix a memory leak in tegra_slink_probe() (git-fixes). - spi: tegra210-quad: Protect curr_xfer check in IRQ handler (git-fixes). - spi: tegra210-quad: Protect curr_xfer clearing in tegra_qspi_non_combined_seq_xfer (git-fixes). - spi: tegra210-quad: Protect curr_xfer in tegra_qspi_combined_seq_xfer (git-fixes). - spi: tegra210-quad: Protect curr_xfer assignment in tegra_qspi_setup_transfer_one (git-fixes). - spi: tegra210-quad: Move curr_xfer read inside spinlock (git-fixes). - spi: tegra210-quad: Return IRQ_HANDLED when timeout already processed transfer (git-fixes). - commit 48bc42c ------------------------------------------------------------------ ------------------ 2026-2-7 - Feb 7 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: hda/realtek: Enable headset mic for Acer Nitro 5 (stable-fixes). - ASoC: amd: yc: Add quirk for HP 200 G2a 16 (stable-fixes). - ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9 (stable-fixes). - ALSA: aloop: Fix racy access at PCM trigger (stable-fixes). - ALSA: hda/realtek: Add quirk for Inspur S14-G1 (stable-fixes). - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (stable-fixes). - ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list (stable-fixes). - ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel (stable-fixes). - ALSA: hda/realtek - fixed speaker no sound (stable-fixes). - commit 62b82cf - ASoC: amd: fix memory leak in acp3x pdm dma ops (git-fixes). - ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes). - hwmon: (occ) Mark occ_init_attribute() as __printf (git-fixes). - drm/amd/display: fix wrong color value mapping on MCM shaper LUT (git-fixes). - Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" (git-fixes). - drm/xe/query: Fix topology query pointer advance (git-fixes). - drm/mgag200: fix mgag200_bmc_stop_scanout() (git-fixes). - Revert "drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit)" (git-fixes). - efivarfs: fix error propagation in efivar_entry_get() (git-fixes). - ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO (stable-fixes). - gpio: pca953x: mask interrupts in irq shutdown (stable-fixes). - drm/amdgpu/gfx12: fix wptr reset in KGQ init (stable-fixes). - drm/amdgpu/gfx11: fix wptr reset in KGQ init (stable-fixes). - drm/amdgpu/gfx10: fix wptr reset in KGQ init (stable-fixes). - drm/amdgpu/soc21: fix xclk for APUs (stable-fixes). - pinctrl: meson: mark the GPIO controller as sleeping (git-fixes). - commit 060a2c0 ++++ kernel-rt: - ALSA: hda/realtek: Enable headset mic for Acer Nitro 5 (stable-fixes). - ASoC: amd: yc: Add quirk for HP 200 G2a 16 (stable-fixes). - ASoC: Intel: sof_es8336: Add DMI quirk for Huawei BOD-WXX9 (stable-fixes). - ALSA: aloop: Fix racy access at PCM trigger (stable-fixes). - ALSA: hda/realtek: Add quirk for Inspur S14-G1 (stable-fixes). - ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (stable-fixes). - ASoC: amd: yc: Add ASUS ExpertBook PM1503CDA to quirks list (stable-fixes). - ASoC: cs35l45: Corrects ASP_TX5 DAPM widget channel (stable-fixes). - ALSA: hda/realtek - fixed speaker no sound (stable-fixes). - commit 62b82cf - ASoC: amd: fix memory leak in acp3x pdm dma ops (git-fixes). - ALSA: usb-audio: fix broken logic in snd_audigy2nx_led_update() (git-fixes). - hwmon: (occ) Mark occ_init_attribute() as __printf (git-fixes). - drm/amd/display: fix wrong color value mapping on MCM shaper LUT (git-fixes). - Revert "drm/amd: Check if ASPM is enabled from PCIe subsystem" (git-fixes). - drm/xe/query: Fix topology query pointer advance (git-fixes). - drm/mgag200: fix mgag200_bmc_stop_scanout() (git-fixes). - Revert "drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit)" (git-fixes). - efivarfs: fix error propagation in efivar_entry_get() (git-fixes). - ASoC: amd: yc: Add DMI quirk for Acer TravelMate P216-41-TCO (stable-fixes). - gpio: pca953x: mask interrupts in irq shutdown (stable-fixes). - drm/amdgpu/gfx12: fix wptr reset in KGQ init (stable-fixes). - drm/amdgpu/gfx11: fix wptr reset in KGQ init (stable-fixes). - drm/amdgpu/gfx10: fix wptr reset in KGQ init (stable-fixes). - drm/amdgpu/soc21: fix xclk for APUs (stable-fixes). - pinctrl: meson: mark the GPIO controller as sleeping (git-fixes). - commit 060a2c0 ------------------------------------------------------------------ ------------------ 2026-2-6 - Feb 6 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: openvswitch: fix middle attribute validation in push_nsh() action (CVE-2025-68785 bsc#1256640). - commit c43798b - clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1257818). - commit 92245f0 - clocksource: Print durations for sync check unconditionally (bsc#1257818). - commit 2635eb6 - clocksource: Fix the CPUs' choice in the watchdog per CPU verification (bsc#1257818). - commit 42f5b0d - clocksource: Use pr_info() for "Checking clocksource synchronization" message (bsc#1257818). - Refresh patches.suse/clocksource-Use-migrate_disable-to-avoid-calling-get_random_u32-in-atomic-context.patch. - commit 3170141 - wifi: iwlwifi: mvm: pause TCM on fast resume (git-fixes). - net: usb: r8152: fix resume reset deadlock (git-fixes). - commit 1109b27 ++++ kernel-rt: - net: openvswitch: fix middle attribute validation in push_nsh() action (CVE-2025-68785 bsc#1256640). - commit c43798b - clocksource: Reduce watchdog readout delay limit to prevent false positives (bsc#1257818). - commit 92245f0 - clocksource: Print durations for sync check unconditionally (bsc#1257818). - commit 2635eb6 - clocksource: Fix the CPUs' choice in the watchdog per CPU verification (bsc#1257818). - commit 42f5b0d - clocksource: Use pr_info() for "Checking clocksource synchronization" message (bsc#1257818). - Refresh patches.suse/clocksource-Use-migrate_disable-to-avoid-calling-get_random_u32-in-atomic-context.patch. - commit 3170141 - wifi: iwlwifi: mvm: pause TCM on fast resume (git-fixes). - net: usb: r8152: fix resume reset deadlock (git-fixes). - commit 1109b27 ++++ python313-core: - Update to 3.13.12: Python 3.13.12 final Release date: 2026-02-03 - Tools/Demos - gh-142095: Make gdb ‘py-bt’ command use frame from thread local state when available. Patch by Sam Gross and Victor Stinner. - Tests - gh-144415: The Android testbed now distinguishes between stdout/stderr messages which were triggered by a newline, and those triggered by a manual call to flush. This fixes logging of progress indicators and similar content. - gh-65784: Add support for parametrized resource wantobjects in regrtests, which allows to run Tkinter tests with the specified value of tkinter.wantobjects, for example -u wantobjects=0. - gh-143553: Add support for parametrized resources, such as - u xpickle=2.7. - gh-142836: Accommodated Solaris in test_pdb.test_script_target_anonymous_pipe. - gh-129401: Fix a flaky test in test_repr_rlock that checks the representation of multiprocessing.RLock. - bpo-31391: Forward-port test_xpickle from Python 2 to Python 3 and add the resource back to test’s command line. - Security - gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650). - gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs (bsc#1257029, CVE-2025-11468). - gh-143925: Reject control characters in data: URL media types (bsc#1257046, CVE-2025-15282). - gh-143919: Reject control characters in http.cookies.Morsel fields and values (bsc#1257031, CVE-2026-0672). - gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters (bsc#1257042, CVE-2026-0865). - Library - gh-144380: Improve performance of io.BufferedReader line iteration by ~49%. - gh-144169: Fix three crashes when non-string keyword arguments are supplied to objects in the ast module. - gh-144100: Fixed a crash in ctypes when using a deprecated POINTER(str) type in argtypes. Instead of aborting, ctypes now raises a proper Python exception when the pointer target type is unresolved. - gh-144050: Fix stat.filemode() in the pure-Python implementation to avoid misclassifying invalid mode values as block devices. - gh-144023: Fixed validation of file descriptor 0 in posix functions when used with follow_symlinks parameter. - gh-143999: Fix an issue where inspect.getgeneratorstate() and inspect.getcoroutinestate() could fail for generators wrapped by types.coroutine() in the suspended state. - gh-143706: Fix multiprocessing forkserver so that sys.argv is correctly set before __main__ is preloaded. Previously, sys.argv was empty during main module import in forkserver child processes. This fixes a regression introduced in 3.13.8 and 3.14.1. Root caused by Aaron Wieczorek, test provided by Thomas Watson, thanks! - gh-143638: Forbid reentrant calls of the pickle.Pickler and pickle.Unpickler methods for the C implementation. Previously, this could cause crash or data corruption, now concurrent calls of methods of the same object raise RuntimeError. - gh-78724: Raise RuntimeError’s when user attempts to call methods on half-initialized Struct objects, For example, created by Struct.__new__(Struct). Patch by Sergey B Kirpichev. - gh-143602: Fix a inconsistency issue in write() that leads to unexpected buffer overwrite by deduplicating the buffer exports. - gh-143547: Fix sys.unraisablehook() when the hook raises an exception and changes sys.unraisablehook(): hold a strong reference to the old hook. Patch by Victor Stinner. - gh-143378: Fix use-after-free crashes when a BytesIO object is concurrently mutated during write() or writelines(). - gh-143346: Fix incorrect wrapping of the Base64 data in plistlib._PlistWriter when the indent contains a mix of tabs and spaces. - gh-143310: tkinter: fix a crash when a Python list is mutated during the conversion to a Tcl object (e.g., when setting a Tcl variable). Patch by Bénédikt Tran. - gh-143309: Fix a crash in os.execve() on non-Windows platforms when given a custom environment mapping which is then mutated during parsing. Patch by Bénédikt Tran. - gh-143308: pickle: fix use-after-free crashes when a PickleBuffer is concurrently mutated by a custom buffer callback during pickling. Patch by Bénédikt Tran and Aaron Wieczorek. - gh-143237: Fix support of named pipes in the rotating logging handlers. - gh-143249: Fix possible buffer leaks in Windows overlapped I/O on error handling. - gh-143241: zoneinfo: fix infinite loop in ZoneInfo.from_file when parsing a malformed TZif file. Patch by Fatih Celik. - gh-142830: sqlite3: fix use-after-free crashes when the connection’s callbacks are mutated during a callback execution. Patch by Bénédikt Tran. - gh-143200: xml.etree.ElementTree: fix use-after-free crashes in __getitem__() and __setitem__() methods of Element when the element is concurrently mutated. Patch by Bénédikt Tran. - gh-142195: Updated timeout evaluation logic in subprocess to be compatible with deterministic environments like Shadow where time moves exactly as requested. - gh-143145: Fixed a possible reference leak in ctypes when constructing results with multiple output parameters on error. - gh-122431: Corrected the error message in readline.append_history_file() to state that nelements must be non-negative instead of positive. - gh-143004: Fix a potential use-after-free in collections.Counter.update() when user code mutates the Counter during an update. - gh-143046: The asyncio REPL no longer prints copyright and version messages in the quiet mode (-q). Patch by Bartosz Sławecki. - gh-140648: The asyncio REPL now respects the -I flag (isolated mode). Previously, it would load and execute PYTHONSTARTUP even if the flag was set. Contributed by Bartosz Sławecki. - gh-142991: Fixed socket operations such as recvfrom() and sendto() for FreeBSD divert(4) socket. - gh-143010: Fixed a bug in mailbox where the precise timing of an external event could result in the library opening an existing file instead of a file it expected to create. - gh-142881: Fix concurrent and reentrant call of atexit.unregister(). - gh-112127: Fix possible use-after-free in atexit.unregister() when the callback is unregistered during comparison. - gh-142783: Fix zoneinfo use-after-free with descriptor _weak_cache. a descriptor as _weak_cache could cause crashes during object creation. The fix ensures proper reference counting for descriptor-provided objects. - gh-142754: Add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead. - gh-142784: The asyncio REPL now properly closes the loop upon the end of interactive session. Previously, it could cause surprising warnings. Contributed by Bartosz Sławecki. - gh-142555: array: fix a crash in a[i] = v when converting i to an index via i.__index__ or i.__float__ mutates the array. - gh-142594: Fix crash in TextIOWrapper.close() when the underlying buffer’s closed property calls detach(). - gh-142451: hmac: Ensure that the HMAC.block_size attribute is correctly copied by HMAC.copy. Patch by Bénédikt Tran. - gh-142495: collections.defaultdict now prioritizes __setitem__() when inserting default values from default_factory. This prevents race conditions where a default value would overwrite a value set before default_factory returns. - gh-142651: unittest.mock: fix a thread safety issue where Mock.call_count may return inaccurate values when the mock is called concurrently from multiple threads. - gh-142595: Added type check during initialization of the decimal module to prevent a crash in case of broken stdlib. Patch by Sergey B Kirpichev. - gh-142517: The non-compat32 email policies now correctly handle refolding encoded words that contain bytes that can not be decoded in their specified character set. Previously this resulted in an encoding exception during folding. - gh-112527: The help text for required options in argparse no longer extended with “ (default: None)”. - gh-142315: Pdb can now run scripts from anonymous pipes used in process substitution. Patch by Bartosz Sławecki. - gh-142282: Fix winreg.QueryValueEx() to not accidentally read garbage buffer under race condition. - gh-75949: Fix argparse to preserve | separators in mutually exclusive groups when the usage line wraps due to length. - gh-68552: MisplacedEnvelopeHeaderDefect and Missing header name defects are now correctly passed to the handle_defect method of policy in FeedParser. - gh-142006: Fix a bug in the email.policy.default folding algorithm which incorrectly resulted in a doubled newline when a line ending at exactly max_line_length was followed by an unfoldable token. - gh-105836: Fix asyncio.run_coroutine_threadsafe() leaving underlying cancelled asyncio task running. - gh-139971: pydoc: Ensure that the link to the online documentation of a stdlib module is correct. - gh-139262: Some keystrokes can be swallowed in the new PyREPL on Windows, especially when used together with the ALT key. Fix by Chris Eibl. - gh-138897: Improved license/copyright/credits display in the REPL: now uses a pager. - gh-79986: Add parsing for References and In-Reply-To headers to the email library that parses the header content as lists of message id tokens. This prevents them from being folded incorrectly. - gh-109263: Starting a process from spawn context in multiprocessing no longer sets the start method globally. - gh-90871: Fixed an off by one error concerning the backlog parameter in create_unix_server(). Contributed by Christian Harries. - gh-133253: Fix thread-safety issues in linecache. - gh-132715: Skip writing objects during marshalling once a failure has occurred. - gh-127529: Correct behavior of asyncio.selector_events.BaseSelectorEventLoop._accept_connection() in handling ConnectionAbortedError in a loop. This improves performance on OpenBSD. - IDLE - gh-143774: Better explain the operation of Format / Format Paragraph. - Documentation - gh-140806: Add documentation for enum.bin(). - Core and Builtins - gh-144307: Prevent a reference leak in module teardown at interpreter finalization. - gh-144194: Fix error handling in perf jitdump initialization on memory allocation failure. - gh-141805: Fix crash in set when objects with the same hash are concurrently added to the set after removing an element with the same hash while the set still contains elements with the same hash. - gh-143670: Fixes a crash in ga_repr_items_list function. - gh-143377: Fix a crash in _interpreters.capture_exception() when the exception is incorrectly formatted. Patch by Bénédikt Tran. - gh-143189: Fix crash when inserting a non-str key into a split table dictionary when the key matches an existing key in the split table but has no corresponding value in the dict. - gh-143228: Fix use-after-free in perf trampoline when toggling profiling while threads are running or during interpreter finalization with daemon threads active. The fix uses reference counting to ensure trampolines are not freed while any code object could still reference them. Pach by Pablo Galindo - gh-142664: Fix a use-after-free crash in memoryview.__hash__ when the __hash__ method of the referenced object mutates that object or the view. Patch by Bénédikt Tran. - gh-142557: Fix a use-after-free crash in bytearray.__mod__ when the bytearray is mutated while formatting the %-style arguments. Patch by Bénédikt Tran. - gh-143195: Fix use-after-free crashes in bytearray.hex() and memoryview.hex() when the separator’s __len__() mutates the original object. Patch by Bénédikt Tran. - gh-143135: Set sys.flags.inspect to 1 when PYTHONINSPECT is 0. Previously, it was set to 0 in this case. - gh-143003: Fix an overflow of the shared empty buffer in bytearray.extend() when __length_hint__() returns 0 for non-empty iterator. - gh-143006: Fix a possible assertion error when comparing negative non-integer float and int with the same number of bits in the integer part. - gh-142776: Fix a file descriptor leak in import.c - gh-142829: Fix a use-after-free crash in contextvars.Context comparison when a custom __eq__ method modifies the context via set(). - gh-142766: Clear the frame of a generator when generator.close() is called. - gh-142737: Tracebacks will be displayed in fallback mode even if io.open() is lost. Previously, this would crash the interpreter. Patch by Bartosz Sławecki. - gh-142554: Fix a crash in divmod() when _pylong.int_divmod() does not return a tuple of length two exactly. Patch by Bénédikt Tran. - gh-142560: Fix use-after-free in bytearray search-like methods (find(), count(), index(), rindex(), and rfind()) by marking the storage as exported which causes reallocation attempts to raise BufferError. For contains(), split(), and rsplit() the buffer protocol is used for this. - gh-142343: Fix SIGILL crash on m68k due to incorrect assembly constraint. - gh-141732: Ensure the __repr__() for ExceptionGroup and BaseExceptionGroup does not change when the exception sequence that was original passed in to its constructor is subsequently mutated. - gh-100964: Fix reference cycle in exhausted generator frames. Patch by Savannah Ostrowski. - gh-140373: Correctly emit PY_UNWIND event when generator object is closed. Patch by Mikhail Efimov. - gh-138568: Adjusted the built-in help() function so that empty inputs are ignored in interactive mode. - gh-127773: Do not use the type attribute cache for types with incompatible MRO. - C API - gh-142571: PyUnstable_CopyPerfMapFile() now checks that opening the file succeeded before flushing. - Build - gh-142454: When calculating the digest of the JIT stencils input, sort the hashed files by filenames before adding their content to the hasher. This ensures deterministic hash input and hence deterministic hash, independent on filesystem order. - gh-141808: When running make clean-retain-profile, keep the generated JIT stencils. That way, the stencils are not generated twice when Profile-guided optimization (PGO) is used. It also allows distributors to supply their own pre-built JIT stencils. - gh-138061: Ensure reproducible builds by making JIT stencil header generation deterministic. - Remove upstreamed patches: - CVE-2024-6923-follow-up-EOL-email-headers.patch - gh138131-exclude-pycache-from-digest.patch ++++ python313: - Update to 3.13.12: Python 3.13.12 final Release date: 2026-02-03 - Tools/Demos - gh-142095: Make gdb ‘py-bt’ command use frame from thread local state when available. Patch by Sam Gross and Victor Stinner. - Tests - gh-144415: The Android testbed now distinguishes between stdout/stderr messages which were triggered by a newline, and those triggered by a manual call to flush. This fixes logging of progress indicators and similar content. - gh-65784: Add support for parametrized resource wantobjects in regrtests, which allows to run Tkinter tests with the specified value of tkinter.wantobjects, for example -u wantobjects=0. - gh-143553: Add support for parametrized resources, such as - u xpickle=2.7. - gh-142836: Accommodated Solaris in test_pdb.test_script_target_anonymous_pipe. - gh-129401: Fix a flaky test in test_repr_rlock that checks the representation of multiprocessing.RLock. - bpo-31391: Forward-port test_xpickle from Python 2 to Python 3 and add the resource back to test’s command line. - Security - gh-144125: BytesGenerator will now refuse to serialize (write) headers that are unsafely folded or delimited; see verify_generated_headers. (Contributed by Bas Bloemsaat and Petr Viktorin in gh-121650). - gh-143935: Fixed a bug in the folding of comments when flattening an email message using a modern email policy. Comments consisting of a very long sequence of non-foldable characters could trigger a forced line wrap that omitted the required leading space on the continuation line, causing the remainder of the comment to be interpreted as a new header field. This enabled header injection with carefully crafted inputs (bsc#1257029, CVE-2025-11468). - gh-143925: Reject control characters in data: URL media types (bsc#1257046, CVE-2025-15282). - gh-143919: Reject control characters in http.cookies.Morsel fields and values (bsc#1257031, CVE-2026-0672). - gh-143916: Reject C0 control characters within wsgiref.headers.Headers fields, values, and parameters (bsc#1257042, CVE-2026-0865). - Library - gh-144380: Improve performance of io.BufferedReader line iteration by ~49%. - gh-144169: Fix three crashes when non-string keyword arguments are supplied to objects in the ast module. - gh-144100: Fixed a crash in ctypes when using a deprecated POINTER(str) type in argtypes. Instead of aborting, ctypes now raises a proper Python exception when the pointer target type is unresolved. - gh-144050: Fix stat.filemode() in the pure-Python implementation to avoid misclassifying invalid mode values as block devices. - gh-144023: Fixed validation of file descriptor 0 in posix functions when used with follow_symlinks parameter. - gh-143999: Fix an issue where inspect.getgeneratorstate() and inspect.getcoroutinestate() could fail for generators wrapped by types.coroutine() in the suspended state. - gh-143706: Fix multiprocessing forkserver so that sys.argv is correctly set before __main__ is preloaded. Previously, sys.argv was empty during main module import in forkserver child processes. This fixes a regression introduced in 3.13.8 and 3.14.1. Root caused by Aaron Wieczorek, test provided by Thomas Watson, thanks! - gh-143638: Forbid reentrant calls of the pickle.Pickler and pickle.Unpickler methods for the C implementation. Previously, this could cause crash or data corruption, now concurrent calls of methods of the same object raise RuntimeError. - gh-78724: Raise RuntimeError’s when user attempts to call methods on half-initialized Struct objects, For example, created by Struct.__new__(Struct). Patch by Sergey B Kirpichev. - gh-143602: Fix a inconsistency issue in write() that leads to unexpected buffer overwrite by deduplicating the buffer exports. - gh-143547: Fix sys.unraisablehook() when the hook raises an exception and changes sys.unraisablehook(): hold a strong reference to the old hook. Patch by Victor Stinner. - gh-143378: Fix use-after-free crashes when a BytesIO object is concurrently mutated during write() or writelines(). - gh-143346: Fix incorrect wrapping of the Base64 data in plistlib._PlistWriter when the indent contains a mix of tabs and spaces. - gh-143310: tkinter: fix a crash when a Python list is mutated during the conversion to a Tcl object (e.g., when setting a Tcl variable). Patch by Bénédikt Tran. - gh-143309: Fix a crash in os.execve() on non-Windows platforms when given a custom environment mapping which is then mutated during parsing. Patch by Bénédikt Tran. - gh-143308: pickle: fix use-after-free crashes when a PickleBuffer is concurrently mutated by a custom buffer callback during pickling. Patch by Bénédikt Tran and Aaron Wieczorek. - gh-143237: Fix support of named pipes in the rotating logging handlers. - gh-143249: Fix possible buffer leaks in Windows overlapped I/O on error handling. - gh-143241: zoneinfo: fix infinite loop in ZoneInfo.from_file when parsing a malformed TZif file. Patch by Fatih Celik. - gh-142830: sqlite3: fix use-after-free crashes when the connection’s callbacks are mutated during a callback execution. Patch by Bénédikt Tran. - gh-143200: xml.etree.ElementTree: fix use-after-free crashes in __getitem__() and __setitem__() methods of Element when the element is concurrently mutated. Patch by Bénédikt Tran. - gh-142195: Updated timeout evaluation logic in subprocess to be compatible with deterministic environments like Shadow where time moves exactly as requested. - gh-143145: Fixed a possible reference leak in ctypes when constructing results with multiple output parameters on error. - gh-122431: Corrected the error message in readline.append_history_file() to state that nelements must be non-negative instead of positive. - gh-143004: Fix a potential use-after-free in collections.Counter.update() when user code mutates the Counter during an update. - gh-143046: The asyncio REPL no longer prints copyright and version messages in the quiet mode (-q). Patch by Bartosz Sławecki. - gh-140648: The asyncio REPL now respects the -I flag (isolated mode). Previously, it would load and execute PYTHONSTARTUP even if the flag was set. Contributed by Bartosz Sławecki. - gh-142991: Fixed socket operations such as recvfrom() and sendto() for FreeBSD divert(4) socket. - gh-143010: Fixed a bug in mailbox where the precise timing of an external event could result in the library opening an existing file instead of a file it expected to create. - gh-142881: Fix concurrent and reentrant call of atexit.unregister(). - gh-112127: Fix possible use-after-free in atexit.unregister() when the callback is unregistered during comparison. - gh-142783: Fix zoneinfo use-after-free with descriptor _weak_cache. a descriptor as _weak_cache could cause crashes during object creation. The fix ensures proper reference counting for descriptor-provided objects. - gh-142754: Add the ownerDocument attribute to xml.dom.minidom elements and attributes created by directly instantiating the Element or Attr class. Note that this way of creating nodes is not supported; creator functions like xml.dom.Document.documentElement() should be used instead. - gh-142784: The asyncio REPL now properly closes the loop upon the end of interactive session. Previously, it could cause surprising warnings. Contributed by Bartosz Sławecki. - gh-142555: array: fix a crash in a[i] = v when converting i to an index via i.__index__ or i.__float__ mutates the array. - gh-142594: Fix crash in TextIOWrapper.close() when the underlying buffer’s closed property calls detach(). - gh-142451: hmac: Ensure that the HMAC.block_size attribute is correctly copied by HMAC.copy. Patch by Bénédikt Tran. - gh-142495: collections.defaultdict now prioritizes __setitem__() when inserting default values from default_factory. This prevents race conditions where a default value would overwrite a value set before default_factory returns. - gh-142651: unittest.mock: fix a thread safety issue where Mock.call_count may return inaccurate values when the mock is called concurrently from multiple threads. - gh-142595: Added type check during initialization of the decimal module to prevent a crash in case of broken stdlib. Patch by Sergey B Kirpichev. - gh-142517: The non-compat32 email policies now correctly handle refolding encoded words that contain bytes that can not be decoded in their specified character set. Previously this resulted in an encoding exception during folding. - gh-112527: The help text for required options in argparse no longer extended with “ (default: None)”. - gh-142315: Pdb can now run scripts from anonymous pipes used in process substitution. Patch by Bartosz Sławecki. - gh-142282: Fix winreg.QueryValueEx() to not accidentally read garbage buffer under race condition. - gh-75949: Fix argparse to preserve | separators in mutually exclusive groups when the usage line wraps due to length. - gh-68552: MisplacedEnvelopeHeaderDefect and Missing header name defects are now correctly passed to the handle_defect method of policy in FeedParser. - gh-142006: Fix a bug in the email.policy.default folding algorithm which incorrectly resulted in a doubled newline when a line ending at exactly max_line_length was followed by an unfoldable token. - gh-105836: Fix asyncio.run_coroutine_threadsafe() leaving underlying cancelled asyncio task running. - gh-139971: pydoc: Ensure that the link to the online documentation of a stdlib module is correct. - gh-139262: Some keystrokes can be swallowed in the new PyREPL on Windows, especially when used together with the ALT key. Fix by Chris Eibl. - gh-138897: Improved license/copyright/credits display in the REPL: now uses a pager. - gh-79986: Add parsing for References and In-Reply-To headers to the email library that parses the header content as lists of message id tokens. This prevents them from being folded incorrectly. - gh-109263: Starting a process from spawn context in multiprocessing no longer sets the start method globally. - gh-90871: Fixed an off by one error concerning the backlog parameter in create_unix_server(). Contributed by Christian Harries. - gh-133253: Fix thread-safety issues in linecache. - gh-132715: Skip writing objects during marshalling once a failure has occurred. - gh-127529: Correct behavior of asyncio.selector_events.BaseSelectorEventLoop._accept_connection() in handling ConnectionAbortedError in a loop. This improves performance on OpenBSD. - IDLE - gh-143774: Better explain the operation of Format / Format Paragraph. - Documentation - gh-140806: Add documentation for enum.bin(). - Core and Builtins - gh-144307: Prevent a reference leak in module teardown at interpreter finalization. - gh-144194: Fix error handling in perf jitdump initialization on memory allocation failure. - gh-141805: Fix crash in set when objects with the same hash are concurrently added to the set after removing an element with the same hash while the set still contains elements with the same hash. - gh-143670: Fixes a crash in ga_repr_items_list function. - gh-143377: Fix a crash in _interpreters.capture_exception() when the exception is incorrectly formatted. Patch by Bénédikt Tran. - gh-143189: Fix crash when inserting a non-str key into a split table dictionary when the key matches an existing key in the split table but has no corresponding value in the dict. - gh-143228: Fix use-after-free in perf trampoline when toggling profiling while threads are running or during interpreter finalization with daemon threads active. The fix uses reference counting to ensure trampolines are not freed while any code object could still reference them. Pach by Pablo Galindo - gh-142664: Fix a use-after-free crash in memoryview.__hash__ when the __hash__ method of the referenced object mutates that object or the view. Patch by Bénédikt Tran. - gh-142557: Fix a use-after-free crash in bytearray.__mod__ when the bytearray is mutated while formatting the %-style arguments. Patch by Bénédikt Tran. - gh-143195: Fix use-after-free crashes in bytearray.hex() and memoryview.hex() when the separator’s __len__() mutates the original object. Patch by Bénédikt Tran. - gh-143135: Set sys.flags.inspect to 1 when PYTHONINSPECT is 0. Previously, it was set to 0 in this case. - gh-143003: Fix an overflow of the shared empty buffer in bytearray.extend() when __length_hint__() returns 0 for non-empty iterator. - gh-143006: Fix a possible assertion error when comparing negative non-integer float and int with the same number of bits in the integer part. - gh-142776: Fix a file descriptor leak in import.c - gh-142829: Fix a use-after-free crash in contextvars.Context comparison when a custom __eq__ method modifies the context via set(). - gh-142766: Clear the frame of a generator when generator.close() is called. - gh-142737: Tracebacks will be displayed in fallback mode even if io.open() is lost. Previously, this would crash the interpreter. Patch by Bartosz Sławecki. - gh-142554: Fix a crash in divmod() when _pylong.int_divmod() does not return a tuple of length two exactly. Patch by Bénédikt Tran. - gh-142560: Fix use-after-free in bytearray search-like methods (find(), count(), index(), rindex(), and rfind()) by marking the storage as exported which causes reallocation attempts to raise BufferError. For contains(), split(), and rsplit() the buffer protocol is used for this. - gh-142343: Fix SIGILL crash on m68k due to incorrect assembly constraint. - gh-141732: Ensure the __repr__() for ExceptionGroup and BaseExceptionGroup does not change when the exception sequence that was original passed in to its constructor is subsequently mutated. - gh-100964: Fix reference cycle in exhausted generator frames. Patch by Savannah Ostrowski. - gh-140373: Correctly emit PY_UNWIND event when generator object is closed. Patch by Mikhail Efimov. - gh-138568: Adjusted the built-in help() function so that empty inputs are ignored in interactive mode. - gh-127773: Do not use the type attribute cache for types with incompatible MRO. - C API - gh-142571: PyUnstable_CopyPerfMapFile() now checks that opening the file succeeded before flushing. - Build - gh-142454: When calculating the digest of the JIT stencils input, sort the hashed files by filenames before adding their content to the hasher. This ensures deterministic hash input and hence deterministic hash, independent on filesystem order. - gh-141808: When running make clean-retain-profile, keep the generated JIT stencils. That way, the stencils are not generated twice when Profile-guided optimization (PGO) is used. It also allows distributors to supply their own pre-built JIT stencils. - gh-138061: Ensure reproducible builds by making JIT stencil header generation deterministic. - Remove upstreamed patches: - CVE-2024-6923-follow-up-EOL-email-headers.patch - gh138131-exclude-pycache-from-digest.patch ------------------------------------------------------------------ ------------------ 2026-2-5 - Feb 5 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - dm: Fix deadlock when reloading a multipath table (bsc#1254928). - commit 8e55787 - iomap: account for unaligned end offsets when truncating read range (git-fixes). - commit d3a2bf0 - ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes). - commit 2476b62 - arm64: Set __nocfi on swsusp_arch_resume() (git-fixes) - commit 9cd22b1 - btrfs: fix beyond-EOF write handling (git-fixes). - commit 4c56d83 ++++ kernel-rt: - dm: Fix deadlock when reloading a multipath table (bsc#1254928). - commit 8e55787 - iomap: account for unaligned end offsets when truncating read range (git-fixes). - commit d3a2bf0 - ext4: fix iloc.bh leak in ext4_xattr_inode_update_ref (git-fixes). - commit 2476b62 - arm64: Set __nocfi on swsusp_arch_resume() (git-fixes) - commit 9cd22b1 - btrfs: fix beyond-EOF write handling (git-fixes). - commit 4c56d83 ++++ gcc15: - Add gcc15-bsc1257463.patch to fix bogus expression simplification [bsc#1257463] ------------------------------------------------------------------ ------------------ 2026-2-4 - Feb 4 2026 ------------------- ------------------------------------------------------------------ ++++ docker: - Places a hard cap on the amount of mechanisms that can be specified and encoded in the payload. (bcs#1253904, CVE-2025-58181) * 0007-CVE-2025-58181-fix-vendor-crypto-ssh.patch ++++ kernel-default: - ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (CVE-2026-23003 bsc#1257246). - commit 574bdcd - Refresh patches.suse/scsi-ufs-core-Improve-ufshcd_mcq_sq_cleanup.patch. Align with resulting upstream code after merges. Avoids a format string warning. - commit dd8af96 - idpf: detach and close netdevs while handling a reset (CVE-2026-22981 bsc#1257225). - commit 6e399ef - KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes). - commit ea24b4e - KVM: nSVM: Clear exit_code_hi in VMCB when synthesizing nested VM-Exits (git-fixes). - commit 39ff5cb - KVM: x86: Explicitly set new periodic hrtimer expiration in apic_timer_fn() (git-fixes). - commit e059ee8 - KVM: x86: WARN if hrtimer callback for periodic APIC timer fires with period=0 (git-fixes). - commit 2c24d91 - platform/x86: intel_telemetry: Fix PSS event register mask (git-fixes). - platform/x86: intel_telemetry: Fix swapped arrays in PSS output (git-fixes). - platform/x86: toshiba_haps: Fix memory leaks in add/remove routines (git-fixes). - commit 35ce7c7 - KVM: x86: Don't clear async #PF queue when CR0.PG is disabled (e.g. on #SMI) (git-fixes). - commit c57db6d - btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes). - commit 9d5464b ++++ kernel-rt: - ip6_tunnel: use skb_vlan_inet_prepare() in __ip6_tnl_rcv() (CVE-2026-23003 bsc#1257246). - commit 574bdcd - Refresh patches.suse/scsi-ufs-core-Improve-ufshcd_mcq_sq_cleanup.patch. Align with resulting upstream code after merges. Avoids a format string warning. - commit dd8af96 - idpf: detach and close netdevs while handling a reset (CVE-2026-22981 bsc#1257225). - commit 6e399ef - KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes). - commit ea24b4e - KVM: nSVM: Clear exit_code_hi in VMCB when synthesizing nested VM-Exits (git-fixes). - commit 39ff5cb - KVM: x86: Explicitly set new periodic hrtimer expiration in apic_timer_fn() (git-fixes). - commit e059ee8 - KVM: x86: WARN if hrtimer callback for periodic APIC timer fires with period=0 (git-fixes). - commit 2c24d91 - platform/x86: intel_telemetry: Fix PSS event register mask (git-fixes). - platform/x86: intel_telemetry: Fix swapped arrays in PSS output (git-fixes). - platform/x86: toshiba_haps: Fix memory leaks in add/remove routines (git-fixes). - commit 35ce7c7 - KVM: x86: Don't clear async #PF queue when CR0.PG is disabled (e.g. on #SMI) (git-fixes). - commit c57db6d - btrfs: scrub: always update btrfs_scrub_progress::last_physical (git-fixes). - commit 9d5464b ++++ libxslt: - CVE-2025-10911 will be fixed on libxml2 side instead [bsc#1250553] - deleted patches * libxslt-CVE-2025-10911.patch ++++ systemd: - Import commit fb9d92682b2469aa205d4df3ffea61e4806ed0e9 b9d92682b terminal-util: stop doing 0/upper bound check in tty_is_vc() (bsc#1255326) 80ec26cee0 core/dbus-manager: propagate meaningful dbus errors from EnqueueMarkedJobs ++++ libxml2: - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) * Add patch libxml2-CVE-2026-1757.patch - CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553) * Add patch libxml2-CVE-2025-10911.patch ++++ libxml2-python: - CVE-2026-1757: memory leak in the `xmllint` interactive shell (bsc#1257593, bsc#1257594, bsc#1257595) * Add patch libxml2-CVE-2026-1757.patch - CVE-2025-10911: use-after-free with key data stored cross-RVT (bsc#1250553) * Add patch libxml2-CVE-2025-10911.patch ------------------------------------------------------------------ ------------------ 2026-2-3 - Feb 3 2026 ------------------- ------------------------------------------------------------------ ++++ cockpit-podman: - Update dependencies for bsc#1257324/CVE-2025-13465 ++++ kernel-default: - slimbus: core: Constify slim_eaddr_equal() (jsc#PED-10906 git-fixes). - commit 6c2c54b - bus: fsl-mc: Constify fsl_mc_device_match() (jsc#PED-10906 git-fixes). - commit b3ff1a5 - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087). - commit 8de8481 - arm64: Update config files. Disable DEVPORT (bsc#1256792) - commit 3858f73 - KABi: fix "dm-snapshot: fix 'scheduling while atomic' on real-time kernels" (git-fixes). - commit b8ec588 - bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603). - commit 1a032d9 ++++ kernel-rt: - slimbus: core: Constify slim_eaddr_equal() (jsc#PED-10906 git-fixes). - commit 6c2c54b - bus: fsl-mc: Constify fsl_mc_device_match() (jsc#PED-10906 git-fixes). - commit b3ff1a5 - mm, page_alloc, thp: prevent reclaim for __GFP_THISNODE THP allocations (bsc#1254447 bsc#1253087). - commit 8de8481 - arm64: Update config files. Disable DEVPORT (bsc#1256792) - commit 3858f73 - KABi: fix "dm-snapshot: fix 'scheduling while atomic' on real-time kernels" (git-fixes). - commit b8ec588 - bpf/selftests: test_select_reuseport_kern: Remove unused header (bsc#1257603). - commit 1a032d9 ++++ expat: - security update - added patches CVE-2026-24515 [bsc#1257144], NULL dereference (CWE-476) due to function XML_ExternalEntityParserCreate() failing to copy the encoding handler data passed to XML_SetUnknownEncodingHandler() from the parent to the subparser * expat-CVE-2026-24515.patch CVE-2026-25210 [bsc#1257496], lack of buffer size check can lead to an integer overflow * expat-CVE-2026-25210.patch ++++ libsoup: - Add libsoup-CVE-2026-1536.patch: Always validate the headers value when coming from untrusted source (bsc#1257440, CVE-2026-1536, glgo#GNOME/libsoup/commit/5c1a2e9c). - Add libsoup-CVE-2026-1761.patch: multipart: check length of bytes read soup_filter_input_stream_read_until() (bsc#1257598, CVE-2026-1761, glgo#GNOME/libsoup!496). ------------------------------------------------------------------ ------------------ 2026-2-2 - Feb 2 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154). - commit 9624e6c - smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes). - commit a159cff - cifs: add new field to track the last access time of cfid (git-fixes). - commit 0cd09f9 - smb: improve directory cache reuse for readdir operations (bsc#1252712). - commit 98f179c - scripts/python/git_sort/git_sort.yaml: add cifs for-next repository - commit 5e1a139 - libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (CVE-2026-22990 bsc#1257221). - commit bf45795 - libceph: prevent potential out-of-bounds reads in handle_auth_done() (CVE-2026-22984 bsc#1257217). - commit 3af214d - libceph: return the handler error from mon_handle_auth_done() (CVE-2026-22992 bsc#1257218). - commit 2da8b55 - libceph: make free_choose_arg_map() resilient to partial allocation (CVE-2026-22991 bsc#1257220). - commit 1c4a387 - Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792) - commit 89771ce - x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (CVE-2026-23005 bsc#1257245). - commit 0a828e9 - Update patches.suse/ACPICA-Avoid-walking-the-Namespace-if-start_node-is-.patch (stable-fixes CVE-2025-71118 bsc#1256763). - Update patches.suse/ALSA-hda-Fix-missing-pointer-check-in-hda_component_.patch (git-fixes CVE-2025-40097 bsc#1252900). - Update patches.suse/ALSA-usb-mixer-us16x08-validate-meter-packet-indices.patch (git-fixes CVE-2025-68783 bsc#1256650). - Update patches.suse/ASoC-codecs-wcd9375-Fix-double-free-of-regulator-sup.patch (git-fixes CVE-2025-38423 bsc#1247292). - Update patches.suse/ASoC-codecs-wcd937x-set-the-comp-soundwire-port-corr.patch (git-fixes CVE-2025-40045 bsc#1252784). - Update patches.suse/ASoC-stm32-sai-fix-OF-node-leak-on-probe.patch (git-fixes CVE-2025-71081 bsc#1256609). - Update patches.suse/ASoC-tlv320adcx140-fix-null-pointer.patch (git-fixes CVE-2026-23006 bsc#1257208). - Update patches.suse/Bluetooth-btusb-revert-use-of-devm_kzalloc-in-btusb.patch (git-fixes CVE-2025-71082 bsc#1256611). - Update patches.suse/EDAC-skx_common-Fix-general-protection-fault.patch (git-fixes CVE-2025-38298 bsc#1253079). - Update patches.suse/HID-nintendo-avoid-bluetooth-suspend-resume-stalls.patch (stable-fixes CVE-2025-38507 bsc#1248188). - Update patches.suse/HID-quirks-Add-quirk-for-2-Chicony-Electronics-HP-5M.patch (stable-fixes CVE-2025-38540 bsc#1248208). - Update patches.suse/Input-alps-fix-use-after-free-bugs-caused-by-dev3_re.patch (git-fixes CVE-2025-68822 bsc#1256668). - Update patches.suse/Input-lkkbd-disable-pending-work-before-freeing-devi.patch (stable-fixes CVE-2025-71073 bsc#1256632). - Update patches.suse/Input-ti_am335x_tsc-fix-off-by-one-error-in-wire_ord.patch (git-fixes CVE-2025-68777 bsc#1256655). - Update patches.suse/KEYS-trusted-Fix-a-memory-leak-in-tpm2_load_cmd.patch (git-fixes CVE-2025-71147 bsc#1257158). - Update patches.suse/PM-EM-Fix-potential-division-by-zero-error-in-em_com.patch (git-fixes CVE-2025-38297 bsc#1253078). - Update patches.suse/arp-do-not-assume-dev_hard_header-does-not-change-skb-head.patch (CVE-2025-71098 bsc#1256591 CVE-2026-22988 bsc#1257282). - Update patches.suse/benet-fix-BUG-when-creating-VFs.patch (git-fixes CVE-2025-38569 bsc#1248384). - Update patches.suse/block-avoid-possible-overflow-for-chunk_sectors-check-in-b.patch (git-fixes CVE-2025-39795 bsc#1249609). - Update patches.suse/bpf-Do-not-let-BPF-test-infra-emit-invalid-GSO-types.patch (bsc#1255569 CVE-2025-68725). - Update patches.suse/btrfs-don-t-log-conflicting-inode-if-it-s-a-dir-move.patch (git-fixes CVE-2025-68778 bsc#1256683). - Update patches.suse/btrfs-fix-invalid-inode-pointer-dereferences-during-.patch (git-fixes CVE-2025-38243 bsc#1246184). - Update patches.suse/btrfs-fix-the-inode-leak-in-btrfs_iget.patch (git-fixes CVE-2025-37904 bsc#1243452). - Update patches.suse/ceph-fix-race-condition-validating-r_parent-before-applyin.patch (CVE-2025-39880 bsc#1250388 CVE-2025-39927 bsc#1250738). - Update patches.suse/char-applicom-fix-NULL-pointer-dereference-in-ac_ioc.patch (stable-fixes CVE-2025-68797 bsc#1256660). - Update patches.suse/clk-samsung-exynos-clkout-Assign-.num-before-accessi.patch (git-fixes CVE-2025-71143 bsc#1256749). - Update patches.suse/comedi-aio_iiro_16-Fix-bit-shift-out-of-bounds.patch (git-fixes CVE-2025-38529 bsc#1248196). - Update patches.suse/comedi-fix-divide-by-zero-in-comedi_buf_munge.patch (stable-fixes CVE-2025-40106 bsc#1252891). - Update patches.suse/comedi-pcl812-Fix-bit-shift-out-of-bounds.patch (git-fixes CVE-2025-38530 bsc#1248206). - Update patches.suse/cpuset-fix-warning-when-disabling-remote-partition.patch (bsc#1256794 CVE-2025-71142 bsc#1256748). - Update patches.suse/crypto-af_alg-zero-initialize-memory-allocated-via-s.patch (git-fixes CVE-2025-71113 bsc#1256716). - Update patches.suse/crypto-seqiv-Do-not-use-req-iv-after-crypto_aead_enc.patch (git-fixes CVE-2025-71131 bsc#1256742). - Update patches.suse/dmaengine-idxd-fix-device-leaks-on-compat-bind-and-u.patch (git-fixes CVE-2025-71163 bsc#1257215). - Update patches.suse/dmaengine-nbpfaxi-Fix-memory-corruption-in-probe.patch (git-fixes CVE-2025-38538 bsc#1248213). - Update patches.suse/dmaengine-tegra-adma-Fix-use-after-free.patch (git-fixes CVE-2025-71162 bsc#1257204). - Update patches.suse/drm-amdkfd-Don-t-call-mmput-from-MMU-notifier-callba.patch (git-fixes CVE-2025-38520 bsc#1248217). - Update patches.suse/drm-i915-gem-Zero-initialize-the-eb.vma-array-in-i91.patch (git-fixes CVE-2025-71130 bsc#1256741). - Update patches.suse/drm-imagination-Fix-kernel-crash-when-hard-resetting.patch (git-fixes CVE-2025-38521 bsc#1248232). - Update patches.suse/drm-msm-dpu-Add-missing-NULL-pointer-check-for-pingp.patch (git-fixes CVE-2025-71138 bsc#1256785). - Update patches.suse/drm-sched-Increment-job-count-before-swapping-tail-s.patch (git-fixes CVE-2025-38515 bsc#1248212). - Update patches.suse/drm-tegra-nvdec-Fix-dma_alloc_coherent-error-check.patch (git-fixes CVE-2025-38543 bsc#1248214). - Update patches.suse/drm-tilcdc-Fix-removal-actions-in-case-of-failed-pro.patch (git-fixes CVE-2025-71141 bsc#1256756). - Update patches.suse/drm-ttm-Avoid-NULL-pointer-deref-for-evicted-BOs.patch (git-fixes CVE-2025-71083 bsc#1256610). - Update patches.suse/drm-xe-Limit-num_syncs-to-prevent-oversized-allocati.patch (git-fixes CVE-2025-68802 bsc#1256661). - Update patches.suse/drm-xe-oa-Fix-potential-UAF-in-xe_oa_add_config_ioct.patch (git-fixes CVE-2025-71099 bsc#1256592). - Update patches.suse/drm-xe-oa-Limit-num_syncs-to-prevent-oversized-alloc.patch (git-fixes CVE-2025-71076 bsc#1256627). - Update patches.suse/drm-xe-pf-Clear-all-LMTT-pages-on-alloc.patch (git-fixes CVE-2025-38511 bsc#1248175). - Update patches.suse/efivarfs-Fix-slab-out-of-bounds-in-efivarfs_d_compar.patch (git-fixes CVE-2025-39817 bsc#1249998). - Update patches.suse/ftrace-Also-allocate-and-copy-hash-for-reading-of-filter-f.patch (bsc#1250032 CVE-2025-39813 CVE-2025-39689 bsc#1249307). - Update patches.suse/hwmon-corsair-cpro-Validate-the-size-of-the-received.patch (git-fixes CVE-2025-38548 bsc#1248228). - Update patches.suse/hwmon-ibmpex-fix-use-after-free-in-high-low-store.patch (git-fixes CVE-2025-68789 bsc#1256781). - Update patches.suse/hwmon-w83791d-Convert-macros-to-functions-to-avoid-T.patch (git-fixes CVE-2025-71111 bsc#1256728). - Update patches.suse/ice-fix-NULL-pointer-dereference-in-ice_unplug_aux_d.patch (jsc#PED-13728 CVE-2025-39814 bsc#1249895). - Update patches.suse/idpf-Fix-RSS-LUT-NULL-pointer-crash-on-early-ethtool.patch (CVE-2026-22993 bsc#1257180 CVE-2026-22985 bsc#1257277). - Update patches.suse/iio-adc-axp20x_adc-Add-missing-sentinel-to-AXP717-AD.patch (git-fixes CVE-2025-38547 bsc#1248222). - Update patches.suse/ipv6-mcast-Delay-put-pmc-idev-in-mld_del_delrec.patch (git-fixes CVE-2025-38550 bsc#1248227). - Update patches.suse/kasan-remove-kasan_find_vm_area-to-prevent-possible-.patch (git-fixes CVE-2025-38510 bsc#1248166). - Update patches.suse/lib-buildid-use-__kernel_read-for-sleepable-context.patch (git-fixes CVE-2026-23002 bsc#1257243). - Update patches.suse/media-adv7842-Avoid-possible-out-of-bounds-array-acc.patch (git-fixes CVE-2025-71136 bsc#1256759). - Update patches.suse/media-dvb-usb-dtv5100-fix-out-of-bounds-in-dtv5100_i.patch (git-fixes CVE-2025-68819 bsc#1256664). - Update patches.suse/media-vidtv-initialize-local-pointers-upon-transfer-.patch (git-fixes CVE-2025-68808 bsc#1256682). - Update patches.suse/mount-handle-NULL-values-in-mnt_ns_release.patch (bsc#1254308 CVE-2025-40195 bsc#1253500). - Update patches.suse/neighbour-Fix-null-ptr-deref-in-neigh_flush_dev.patch (git-fixes CVE-2025-38589 bsc#1248366). - Update patches.suse/net-can-j1939-j1939_xtp_rx_rts_session_active-deacti.patch (git-fixes CVE-2026-22997 bsc#1257202). - Update patches.suse/net-mlx5-Check-device-memory-pointer-before-usage.patch (git-fixes CVE-2025-38645 bsc#1248626). - Update patches.suse/net-mlx5e-Remove-skb-secpath-if-xfrm-state-is-not-fo.patch (git-fixes CVE-2025-38590 bsc#1248360). - Update patches.suse/net-nfc-fix-deadlock-between-nfc_unregister_device-a.patch (git-fixes CVE-2025-71079 bsc#1256619). - Update patches.suse/net-phy-Don-t-register-LEDs-for-genphy.patch (git-fixes CVE-2025-38537 bsc#1248229). - Update patches.suse/net-rose-fix-invalid-array-index-in-rose_kill_by_dev.patch (git-fixes CVE-2025-71086 bsc#1256625). - Update patches.suse/net-usb-rtl8150-fix-memory-leak-on-usb_submit_urb-fa.patch (git-fixes CVE-2025-71154 bsc#1257163). - Update patches.suse/netfilter-nft_set_hash-unaligned-atomic-read-on-struct-nft.patch (git-fixes CVE-2024-54031 bsc#1235905). - Update patches.suse/nfsd-check-that-server-is-running-in-unlock_filesystem.patch (git-fixes CVE-2026-22989 bsc#1257279). - Update patches.suse/phy-tegra-xusb-Fix-unbalanced-regulator-disable-in-U.patch (git-fixes CVE-2025-38535 bsc#1248240). - Update patches.suse/pinctrl-check-the-return-value-of-pinmux_ops-get_fun.patch (stable-fixes CVE-2025-40030 bsc#1252773). - Update patches.suse/pinctrl-qcom-msm-mark-certain-pins-as-invalid-for-in.patch (git-fixes CVE-2025-38516 bsc#1248209). - Update patches.suse/platform-chrome-cros_ec_ishtp-Fix-UAF-after-unbindin.patch (git-fixes CVE-2025-68804 bsc#1256617). - Update patches.suse/platform-x86-hp-bioscfg-Fix-out-of-bounds-array-acce.patch (git-fixes CVE-2025-71101 bsc#1256594). - Update patches.suse/pm-cpupower-bench-Prevent-NULL-dereference-on-malloc.patch (stable-fixes CVE-2025-37841 bsc#1242974). - Update patches.suse/powerpc-64s-slb-Fix-SLB-multihit-issue-during-SLB-preload.patch (bac#1236022 ltc#211187 CVE-2025-71078 bsc#1256616). - Update patches.suse/powerpc-kexec-Enable-SMT-before-waking-offline-CPUs.patch (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496 CVE-2025-71119 bsc#1256730). - Update patches.suse/smb-client-fix-warning-when-reconnecting-channel.patch (git-fixes CVE-2025-38379 bsc#1247030). - Update patches.suse/spi-fsl-cpm-Check-length-parity-before-switching-to-.patch (git-fixes CVE-2025-68773 bsc#1256586). - Update patches.suse/tcp_bpf-Call-sk_msg_free-when-tcp_bpf_send_verdict-f.patch (bsc#1250705 CVE-2025-39913). - Update patches.suse/trace-fgraph-Fix-the-warning-caused-by-missing-unregister-.patch (bsc#1248211 CVE-2025-38539 CVE-2025-39829 bsc#1250082). - Update patches.suse/tracing-fprobe-events-Fix-possible-UAF-on-modules.patch (git-fixes CVE-2025-37845 bsc#1242986). - Update patches.suse/tty-serial-uartlite-register-uart-driver-in-init.patch (stable-fixes CVE-2025-38262 bsc#1246282). - Update patches.suse/usb-phy-isp1301-fix-non-OF-device-reference-imbalanc.patch (git-fixes CVE-2025-71145 bsc#1257155). - Update patches.suse/usb-typec-ucsi-Handle-incorrect-num_connectors-capab.patch (stable-fixes CVE-2025-71108 bsc#1256774). - Update patches.suse/via_wdt-fix-critical-boot-hang-due-to-unnamed-resour.patch (stable-fixes CVE-2025-71114 bsc#1256752). - Update patches.suse/virtio-net-fix-recursived-rtnl_lock-during-probe.patch (git-fixes CVE-2025-38551 bsc#1248234). - Update patches.suse/virtio-net-free-xsk_buffs-on-error-in-virtnet_xsk_po.patch (git-fixes CVE-2025-37955 bsc#1243507). - Update patches.suse/wifi-ath12k-fix-memory-leak-in-ath12k_pci_remove.patch (stable-fixes CVE-2025-37744 bsc#1243662). - Update patches.suse/wifi-avoid-kernel-infoleak-from-struct-iw_point.patch (git-fixes CVE-2026-22978 bsc#1257227). - Update patches.suse/wifi-mt76-mt7925-Fix-null-ptr-deref-in-mt7925_therma.patch (git-fixes CVE-2025-38541 bsc#1248216). - Update patches.suse/wifi-mwifiex-discard-erroneous-disassoc-frames-on-ST.patch (git-fixes CVE-2025-38505 bsc#1248185). - Update patches.suse/wifi-prevent-A-MSDU-attacks-in-mesh-networks.patch (stable-fixes CVE-2025-38512 bsc#1248178). - Update patches.suse/wifi-rtlwifi-8192cu-fix-tid-out-of-range-in-rtl92cu_.patch (git-fixes CVE-2025-71100 bsc#1256593). - Update patches.suse/wifi-zd1211rw-Fix-potential-NULL-pointer-dereference.patch (git-fixes CVE-2025-38513 bsc#1248179). - Update patches.suse/x86-cpu-Avoid-running-off-the-end-of-an-AMD-erratum-table.patch (git-fixes CVE-2025-37751 bsc#1242505). - commit 74167a5 - powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199). - commit 651b1d4 - net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv (CVE-2026-22996). - net/mlx5e: Fix crash on profile change rollback failure (CVE-2026-23000 bsc#1257234). - commit 395ffba - gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes). - commit 0d36e6c ++++ kernel-rt: - smb: client: split cached_fid bitfields to avoid shared-byte RMW races (bsc#1250748,bsc#1257154). - commit 9624e6c - smb: client: update cfid->last_access_time in open_cached_dir_by_dentry() (git-fixes). - commit a159cff - cifs: add new field to track the last access time of cfid (git-fixes). - commit 0cd09f9 - smb: improve directory cache reuse for readdir operations (bsc#1252712). - commit 98f179c - scripts/python/git_sort/git_sort.yaml: add cifs for-next repository - commit 5e1a139 - libceph: replace overzealous BUG_ON in osdmap_apply_incremental() (CVE-2026-22990 bsc#1257221). - commit bf45795 - libceph: prevent potential out-of-bounds reads in handle_auth_done() (CVE-2026-22984 bsc#1257217). - commit 3af214d - libceph: return the handler error from mon_handle_auth_done() (CVE-2026-22992 bsc#1257218). - commit 2da8b55 - libceph: make free_choose_arg_map() resilient to partial allocation (CVE-2026-22991 bsc#1257220). - commit 1c4a387 - Update config files: disable CONFIG_DEVPORT for arm64 (bsc#1256792) - commit 89771ce - x86/fpu: Clear XSTATE_BV in guest XSAVE state whenever XFD[i]=1 (CVE-2026-23005 bsc#1257245). - commit 0a828e9 - Update patches.suse/ACPICA-Avoid-walking-the-Namespace-if-start_node-is-.patch (stable-fixes CVE-2025-71118 bsc#1256763). - Update patches.suse/ALSA-hda-Fix-missing-pointer-check-in-hda_component_.patch (git-fixes CVE-2025-40097 bsc#1252900). - Update patches.suse/ALSA-usb-mixer-us16x08-validate-meter-packet-indices.patch (git-fixes CVE-2025-68783 bsc#1256650). - Update patches.suse/ASoC-codecs-wcd9375-Fix-double-free-of-regulator-sup.patch (git-fixes CVE-2025-38423 bsc#1247292). - Update patches.suse/ASoC-codecs-wcd937x-set-the-comp-soundwire-port-corr.patch (git-fixes CVE-2025-40045 bsc#1252784). - Update patches.suse/ASoC-stm32-sai-fix-OF-node-leak-on-probe.patch (git-fixes CVE-2025-71081 bsc#1256609). - Update patches.suse/ASoC-tlv320adcx140-fix-null-pointer.patch (git-fixes CVE-2026-23006 bsc#1257208). - Update patches.suse/Bluetooth-btusb-revert-use-of-devm_kzalloc-in-btusb.patch (git-fixes CVE-2025-71082 bsc#1256611). - Update patches.suse/EDAC-skx_common-Fix-general-protection-fault.patch (git-fixes CVE-2025-38298 bsc#1253079). - Update patches.suse/HID-nintendo-avoid-bluetooth-suspend-resume-stalls.patch (stable-fixes CVE-2025-38507 bsc#1248188). - Update patches.suse/HID-quirks-Add-quirk-for-2-Chicony-Electronics-HP-5M.patch (stable-fixes CVE-2025-38540 bsc#1248208). - Update patches.suse/Input-alps-fix-use-after-free-bugs-caused-by-dev3_re.patch (git-fixes CVE-2025-68822 bsc#1256668). - Update patches.suse/Input-lkkbd-disable-pending-work-before-freeing-devi.patch (stable-fixes CVE-2025-71073 bsc#1256632). - Update patches.suse/Input-ti_am335x_tsc-fix-off-by-one-error-in-wire_ord.patch (git-fixes CVE-2025-68777 bsc#1256655). - Update patches.suse/KEYS-trusted-Fix-a-memory-leak-in-tpm2_load_cmd.patch (git-fixes CVE-2025-71147 bsc#1257158). - Update patches.suse/PM-EM-Fix-potential-division-by-zero-error-in-em_com.patch (git-fixes CVE-2025-38297 bsc#1253078). - Update patches.suse/arp-do-not-assume-dev_hard_header-does-not-change-skb-head.patch (CVE-2025-71098 bsc#1256591 CVE-2026-22988 bsc#1257282). - Update patches.suse/benet-fix-BUG-when-creating-VFs.patch (git-fixes CVE-2025-38569 bsc#1248384). - Update patches.suse/block-avoid-possible-overflow-for-chunk_sectors-check-in-b.patch (git-fixes CVE-2025-39795 bsc#1249609). - Update patches.suse/bpf-Do-not-let-BPF-test-infra-emit-invalid-GSO-types.patch (bsc#1255569 CVE-2025-68725). - Update patches.suse/btrfs-don-t-log-conflicting-inode-if-it-s-a-dir-move.patch (git-fixes CVE-2025-68778 bsc#1256683). - Update patches.suse/btrfs-fix-invalid-inode-pointer-dereferences-during-.patch (git-fixes CVE-2025-38243 bsc#1246184). - Update patches.suse/btrfs-fix-the-inode-leak-in-btrfs_iget.patch (git-fixes CVE-2025-37904 bsc#1243452). - Update patches.suse/ceph-fix-race-condition-validating-r_parent-before-applyin.patch (CVE-2025-39880 bsc#1250388 CVE-2025-39927 bsc#1250738). - Update patches.suse/char-applicom-fix-NULL-pointer-dereference-in-ac_ioc.patch (stable-fixes CVE-2025-68797 bsc#1256660). - Update patches.suse/clk-samsung-exynos-clkout-Assign-.num-before-accessi.patch (git-fixes CVE-2025-71143 bsc#1256749). - Update patches.suse/comedi-aio_iiro_16-Fix-bit-shift-out-of-bounds.patch (git-fixes CVE-2025-38529 bsc#1248196). - Update patches.suse/comedi-fix-divide-by-zero-in-comedi_buf_munge.patch (stable-fixes CVE-2025-40106 bsc#1252891). - Update patches.suse/comedi-pcl812-Fix-bit-shift-out-of-bounds.patch (git-fixes CVE-2025-38530 bsc#1248206). - Update patches.suse/cpuset-fix-warning-when-disabling-remote-partition.patch (bsc#1256794 CVE-2025-71142 bsc#1256748). - Update patches.suse/crypto-af_alg-zero-initialize-memory-allocated-via-s.patch (git-fixes CVE-2025-71113 bsc#1256716). - Update patches.suse/crypto-seqiv-Do-not-use-req-iv-after-crypto_aead_enc.patch (git-fixes CVE-2025-71131 bsc#1256742). - Update patches.suse/dmaengine-idxd-fix-device-leaks-on-compat-bind-and-u.patch (git-fixes CVE-2025-71163 bsc#1257215). - Update patches.suse/dmaengine-nbpfaxi-Fix-memory-corruption-in-probe.patch (git-fixes CVE-2025-38538 bsc#1248213). - Update patches.suse/dmaengine-tegra-adma-Fix-use-after-free.patch (git-fixes CVE-2025-71162 bsc#1257204). - Update patches.suse/drm-amdkfd-Don-t-call-mmput-from-MMU-notifier-callba.patch (git-fixes CVE-2025-38520 bsc#1248217). - Update patches.suse/drm-i915-gem-Zero-initialize-the-eb.vma-array-in-i91.patch (git-fixes CVE-2025-71130 bsc#1256741). - Update patches.suse/drm-imagination-Fix-kernel-crash-when-hard-resetting.patch (git-fixes CVE-2025-38521 bsc#1248232). - Update patches.suse/drm-msm-dpu-Add-missing-NULL-pointer-check-for-pingp.patch (git-fixes CVE-2025-71138 bsc#1256785). - Update patches.suse/drm-sched-Increment-job-count-before-swapping-tail-s.patch (git-fixes CVE-2025-38515 bsc#1248212). - Update patches.suse/drm-tegra-nvdec-Fix-dma_alloc_coherent-error-check.patch (git-fixes CVE-2025-38543 bsc#1248214). - Update patches.suse/drm-tilcdc-Fix-removal-actions-in-case-of-failed-pro.patch (git-fixes CVE-2025-71141 bsc#1256756). - Update patches.suse/drm-ttm-Avoid-NULL-pointer-deref-for-evicted-BOs.patch (git-fixes CVE-2025-71083 bsc#1256610). - Update patches.suse/drm-xe-Limit-num_syncs-to-prevent-oversized-allocati.patch (git-fixes CVE-2025-68802 bsc#1256661). - Update patches.suse/drm-xe-oa-Fix-potential-UAF-in-xe_oa_add_config_ioct.patch (git-fixes CVE-2025-71099 bsc#1256592). - Update patches.suse/drm-xe-oa-Limit-num_syncs-to-prevent-oversized-alloc.patch (git-fixes CVE-2025-71076 bsc#1256627). - Update patches.suse/drm-xe-pf-Clear-all-LMTT-pages-on-alloc.patch (git-fixes CVE-2025-38511 bsc#1248175). - Update patches.suse/efivarfs-Fix-slab-out-of-bounds-in-efivarfs_d_compar.patch (git-fixes CVE-2025-39817 bsc#1249998). - Update patches.suse/ftrace-Also-allocate-and-copy-hash-for-reading-of-filter-f.patch (bsc#1250032 CVE-2025-39813 CVE-2025-39689 bsc#1249307). - Update patches.suse/hwmon-corsair-cpro-Validate-the-size-of-the-received.patch (git-fixes CVE-2025-38548 bsc#1248228). - Update patches.suse/hwmon-ibmpex-fix-use-after-free-in-high-low-store.patch (git-fixes CVE-2025-68789 bsc#1256781). - Update patches.suse/hwmon-w83791d-Convert-macros-to-functions-to-avoid-T.patch (git-fixes CVE-2025-71111 bsc#1256728). - Update patches.suse/ice-fix-NULL-pointer-dereference-in-ice_unplug_aux_d.patch (jsc#PED-13728 CVE-2025-39814 bsc#1249895). - Update patches.suse/idpf-Fix-RSS-LUT-NULL-pointer-crash-on-early-ethtool.patch (CVE-2026-22993 bsc#1257180 CVE-2026-22985 bsc#1257277). - Update patches.suse/iio-adc-axp20x_adc-Add-missing-sentinel-to-AXP717-AD.patch (git-fixes CVE-2025-38547 bsc#1248222). - Update patches.suse/ipv6-mcast-Delay-put-pmc-idev-in-mld_del_delrec.patch (git-fixes CVE-2025-38550 bsc#1248227). - Update patches.suse/kasan-remove-kasan_find_vm_area-to-prevent-possible-.patch (git-fixes CVE-2025-38510 bsc#1248166). - Update patches.suse/lib-buildid-use-__kernel_read-for-sleepable-context.patch (git-fixes CVE-2026-23002 bsc#1257243). - Update patches.suse/media-adv7842-Avoid-possible-out-of-bounds-array-acc.patch (git-fixes CVE-2025-71136 bsc#1256759). - Update patches.suse/media-dvb-usb-dtv5100-fix-out-of-bounds-in-dtv5100_i.patch (git-fixes CVE-2025-68819 bsc#1256664). - Update patches.suse/media-vidtv-initialize-local-pointers-upon-transfer-.patch (git-fixes CVE-2025-68808 bsc#1256682). - Update patches.suse/mount-handle-NULL-values-in-mnt_ns_release.patch (bsc#1254308 CVE-2025-40195 bsc#1253500). - Update patches.suse/neighbour-Fix-null-ptr-deref-in-neigh_flush_dev.patch (git-fixes CVE-2025-38589 bsc#1248366). - Update patches.suse/net-can-j1939-j1939_xtp_rx_rts_session_active-deacti.patch (git-fixes CVE-2026-22997 bsc#1257202). - Update patches.suse/net-mlx5-Check-device-memory-pointer-before-usage.patch (git-fixes CVE-2025-38645 bsc#1248626). - Update patches.suse/net-mlx5e-Remove-skb-secpath-if-xfrm-state-is-not-fo.patch (git-fixes CVE-2025-38590 bsc#1248360). - Update patches.suse/net-nfc-fix-deadlock-between-nfc_unregister_device-a.patch (git-fixes CVE-2025-71079 bsc#1256619). - Update patches.suse/net-phy-Don-t-register-LEDs-for-genphy.patch (git-fixes CVE-2025-38537 bsc#1248229). - Update patches.suse/net-rose-fix-invalid-array-index-in-rose_kill_by_dev.patch (git-fixes CVE-2025-71086 bsc#1256625). - Update patches.suse/net-usb-rtl8150-fix-memory-leak-on-usb_submit_urb-fa.patch (git-fixes CVE-2025-71154 bsc#1257163). - Update patches.suse/netfilter-nft_set_hash-unaligned-atomic-read-on-struct-nft.patch (git-fixes CVE-2024-54031 bsc#1235905). - Update patches.suse/nfsd-check-that-server-is-running-in-unlock_filesystem.patch (git-fixes CVE-2026-22989 bsc#1257279). - Update patches.suse/phy-tegra-xusb-Fix-unbalanced-regulator-disable-in-U.patch (git-fixes CVE-2025-38535 bsc#1248240). - Update patches.suse/pinctrl-check-the-return-value-of-pinmux_ops-get_fun.patch (stable-fixes CVE-2025-40030 bsc#1252773). - Update patches.suse/pinctrl-qcom-msm-mark-certain-pins-as-invalid-for-in.patch (git-fixes CVE-2025-38516 bsc#1248209). - Update patches.suse/platform-chrome-cros_ec_ishtp-Fix-UAF-after-unbindin.patch (git-fixes CVE-2025-68804 bsc#1256617). - Update patches.suse/platform-x86-hp-bioscfg-Fix-out-of-bounds-array-acce.patch (git-fixes CVE-2025-71101 bsc#1256594). - Update patches.suse/pm-cpupower-bench-Prevent-NULL-dereference-on-malloc.patch (stable-fixes CVE-2025-37841 bsc#1242974). - Update patches.suse/powerpc-64s-slb-Fix-SLB-multihit-issue-during-SLB-preload.patch (bac#1236022 ltc#211187 CVE-2025-71078 bsc#1256616). - Update patches.suse/powerpc-kexec-Enable-SMT-before-waking-offline-CPUs.patch (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496 CVE-2025-71119 bsc#1256730). - Update patches.suse/smb-client-fix-warning-when-reconnecting-channel.patch (git-fixes CVE-2025-38379 bsc#1247030). - Update patches.suse/spi-fsl-cpm-Check-length-parity-before-switching-to-.patch (git-fixes CVE-2025-68773 bsc#1256586). - Update patches.suse/tcp_bpf-Call-sk_msg_free-when-tcp_bpf_send_verdict-f.patch (bsc#1250705 CVE-2025-39913). - Update patches.suse/trace-fgraph-Fix-the-warning-caused-by-missing-unregister-.patch (bsc#1248211 CVE-2025-38539 CVE-2025-39829 bsc#1250082). - Update patches.suse/tracing-fprobe-events-Fix-possible-UAF-on-modules.patch (git-fixes CVE-2025-37845 bsc#1242986). - Update patches.suse/tty-serial-uartlite-register-uart-driver-in-init.patch (stable-fixes CVE-2025-38262 bsc#1246282). - Update patches.suse/usb-phy-isp1301-fix-non-OF-device-reference-imbalanc.patch (git-fixes CVE-2025-71145 bsc#1257155). - Update patches.suse/usb-typec-ucsi-Handle-incorrect-num_connectors-capab.patch (stable-fixes CVE-2025-71108 bsc#1256774). - Update patches.suse/via_wdt-fix-critical-boot-hang-due-to-unnamed-resour.patch (stable-fixes CVE-2025-71114 bsc#1256752). - Update patches.suse/virtio-net-fix-recursived-rtnl_lock-during-probe.patch (git-fixes CVE-2025-38551 bsc#1248234). - Update patches.suse/virtio-net-free-xsk_buffs-on-error-in-virtnet_xsk_po.patch (git-fixes CVE-2025-37955 bsc#1243507). - Update patches.suse/wifi-ath12k-fix-memory-leak-in-ath12k_pci_remove.patch (stable-fixes CVE-2025-37744 bsc#1243662). - Update patches.suse/wifi-avoid-kernel-infoleak-from-struct-iw_point.patch (git-fixes CVE-2026-22978 bsc#1257227). - Update patches.suse/wifi-mt76-mt7925-Fix-null-ptr-deref-in-mt7925_therma.patch (git-fixes CVE-2025-38541 bsc#1248216). - Update patches.suse/wifi-mwifiex-discard-erroneous-disassoc-frames-on-ST.patch (git-fixes CVE-2025-38505 bsc#1248185). - Update patches.suse/wifi-prevent-A-MSDU-attacks-in-mesh-networks.patch (stable-fixes CVE-2025-38512 bsc#1248178). - Update patches.suse/wifi-rtlwifi-8192cu-fix-tid-out-of-range-in-rtl92cu_.patch (git-fixes CVE-2025-71100 bsc#1256593). - Update patches.suse/wifi-zd1211rw-Fix-potential-NULL-pointer-dereference.patch (git-fixes CVE-2025-38513 bsc#1248179). - Update patches.suse/x86-cpu-Avoid-running-off-the-end-of-an-AMD-erratum-table.patch (git-fixes CVE-2025-37751 bsc#1242505). - commit 74167a5 - powerpc/addnote: Fix overflow on 32-bit builds (bsc#1215199). - commit 651b1d4 - net/mlx5e: Don't store mlx5e_priv in mlx5e_dev devlink priv (CVE-2026-22996). - net/mlx5e: Fix crash on profile change rollback failure (CVE-2026-23000 bsc#1257234). - commit 395ffba - gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes). - commit 0d36e6c ++++ patch: - CVE-2021-45261.patch: Clear range of pointers before they are used/freed (boo#1194037 CVE-2021-45261). ++++ pcr-oracle: - Update to 0.5.9 + Fix event skipping due to double increment + Add '--persistent-srk' to make SRK persistent (bsc#1248516) ------------------------------------------------------------------ ------------------ 2026-2-1 - Feb 1 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - gpiolib: fix race condition for gdev->srcu (CVE-2026-22986 bsc#1257276). - commit 52ce57d - btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes). - commit 17f45d0 - ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes). - ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes). - ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes). - ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes). - commit 7c26c54 ++++ kernel-rt: - gpiolib: fix race condition for gdev->srcu (CVE-2026-22986 bsc#1257276). - commit 52ce57d - btrfs: do not strictly require dirty metadata threshold for metadata writepages (stable-fixes). - commit 17f45d0 - ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes). - ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes). - ASoC: Intel: sof_es8336: fix headphone GPIO logic inversion (git-fixes). - ASoC: fsl: imx-card: Do not force slot width to sample width (git-fixes). - commit 7c26c54 ------------------------------------------------------------------ ------------------ 2026-1-31 - Jan 31 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ceph: fix crash in process_v2_sparse_read() for encrypted directories (CVE-2025-68297 bsc#1255403). - commit 49f747e - fuse: fix readahead reclaim deadlock (CVE-2025-68821 bsc#1256667). - commit f1828b7 - gpio: omap: do not register driver in probe() (git-fixes). - gpio: virtuser: fix UAF in configfs release path (git-fixes). - gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes). - drm/imx/tve: fix probe device leak (git-fixes). - drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (git-fixes). - drm/amd/pm: fix race in power state check before mutex lock (git-fixes). - drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes). - drm/msm/a6xx: fix bogus hwcg register updates (git-fixes). - iio: core: add separate lockdep class for info_exist_lock (git-fixes). - Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes). - Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes). - ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes). - drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes). - drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (stable-fixes). - mISDN: annotate data-race around dev->work (git-fixes). - iio: core: Replace lockdep_set_class() + mutex_init() by combined call (stable-fixes). - tpm: Compare HMAC values in constant time (stable-fixes). - dmaengine: ti: k3-udma: Enable second resource range for BCDMA and PKTDMA (stable-fixes). - gpio: omap: do not register driver in probe() (git-fixes). - gpio: virtuser: fix UAF in configfs release path (git-fixes). - gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes). - drm/imx/tve: fix probe device leak (git-fixes). - drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (git-fixes). - drm/amd/pm: fix race in power state check before mutex lock (git-fixes). - drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes). - drm/msm/a6xx: fix bogus hwcg register updates (git-fixes). - iio: core: add separate lockdep class for info_exist_lock (git-fixes). - Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes). - Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes). - ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes). - drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes). - drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (stable-fixes). - mISDN: annotate data-race around dev->work (git-fixes). - iio: core: Replace lockdep_set_class() + mutex_init() by combined call (stable-fixes). - tpm: Compare HMAC values in constant time (stable-fixes). - dmaengine: ti: k3-udma: Enable second resource range for BCDMA and PKTDMA (stable-fixes). - commit 3e7d134 ++++ kernel-rt: - ceph: fix crash in process_v2_sparse_read() for encrypted directories (CVE-2025-68297 bsc#1255403). - commit 49f747e - fuse: fix readahead reclaim deadlock (CVE-2025-68821 bsc#1256667). - commit f1828b7 - gpio: omap: do not register driver in probe() (git-fixes). - gpio: virtuser: fix UAF in configfs release path (git-fixes). - gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes). - drm/imx/tve: fix probe device leak (git-fixes). - drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (git-fixes). - drm/amd/pm: fix race in power state check before mutex lock (git-fixes). - drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes). - drm/msm/a6xx: fix bogus hwcg register updates (git-fixes). - iio: core: add separate lockdep class for info_exist_lock (git-fixes). - Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes). - Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes). - ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes). - drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes). - drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (stable-fixes). - mISDN: annotate data-race around dev->work (git-fixes). - iio: core: Replace lockdep_set_class() + mutex_init() by combined call (stable-fixes). - tpm: Compare HMAC values in constant time (stable-fixes). - dmaengine: ti: k3-udma: Enable second resource range for BCDMA and PKTDMA (stable-fixes). - gpio: omap: do not register driver in probe() (git-fixes). - gpio: virtuser: fix UAF in configfs release path (git-fixes). - gpio: rockchip: Stop calling pinctrl for set_direction (git-fixes). - drm/imx/tve: fix probe device leak (git-fixes). - drm/amdgpu: Fix cond_exec handling in amdgpu_ib_schedule() (git-fixes). - drm/amd/pm: fix race in power state check before mutex lock (git-fixes). - drm/amdgpu: fix NULL pointer dereference in amdgpu_gmc_filter_faults_remove (git-fixes). - drm/msm/a6xx: fix bogus hwcg register updates (git-fixes). - iio: core: add separate lockdep class for info_exist_lock (git-fixes). - Input: i8042 - add quirks for MECHREVO Wujie 15X Pro (stable-fixes). - Input: i8042 - add quirk for ASUS Zenbook UX425QA_UM425QA (stable-fixes). - ALSA: ctxfi: Fix potential OOB access in audio mixer handling (stable-fixes). - drm/amdgpu: remove frame cntl for gfx v12 (stable-fixes). - drm/nouveau/disp: Set drm_mode_config_funcs.atomic_(check|commit) (stable-fixes). - mISDN: annotate data-race around dev->work (git-fixes). - iio: core: Replace lockdep_set_class() + mutex_init() by combined call (stable-fixes). - tpm: Compare HMAC values in constant time (stable-fixes). - dmaengine: ti: k3-udma: Enable second resource range for BCDMA and PKTDMA (stable-fixes). - commit 3e7d134 ------------------------------------------------------------------ ------------------ 2026-1-30 - Jan 30 2026 ------------------- ------------------------------------------------------------------ ++++ fde-tools: - Add fde-tools-bsc1248516-tpm-Support-persistent-SRK.patch to support persistent SRK (bsc#1248516) ++++ haproxy: - haproxy bad test for for legacy applets (bsc#1257521) BUG/MEDIUM: applet: Fix test on shut flags for legacy applets BUG/MAJOR: applet: Don't call I/O handler if the applet was shut Apply upstream patch: 0001-BUG-MEDIUM-applet-Fix-test-on-shut-flags-for-legacy.patch ++++ kernel-default: - io_uring/poll: correctly handle io_poll_add() return value on update (CVE-2025-71149 bsc#1257164). - commit 0d997be - dm-snapshot: fix 'scheduling while atomic' on real-time kernels (git-fixes). - commit b3fc112 - dm-bufio: align write boundary on physical block size (git-fixes). - commit e8ab2ba - dm-ebs: Mark full buffer dirty even on partial write (git-fixes). - commit b6359d7 - dm-verity: disable recursive forward error correction (CVE-2025-71161, bsc#1257174). - commit 94c6d56 - virt: tdx-guest: Transition to scoped_cond_guard for mutex operations (bsc#1257504). - commit a7ecc0e - virt: tdx-guest: Refactor and streamline TDREPORT generation (bsc#1257504). - commit 372915e - virt: tdx-guest: Expose TDX MRs as sysfs attributes (bsc#1257504). - commit af47cfb - x86/tdx: tdx_mcall_get_report0: Return -EBUSY on TDCALL_OPERAND_BUSY error (bsc#1257504). - commit 2590e39 - x86/tdx: Add tdx_mcall_extend_rtmr() interface (bsc#1257504). - commit 4b01fb9 - tsm-mr: Add tsm-mr sample code (bsc#1257504). - commit bca5c7b - tsm-mr: Add TVM Measurement Register support (bsc#1257504). - commit a919cc1 - macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001 bsc#1257232). - net: mscc: ocelot: Fix crash when adding interface under a lag (CVE-2026-22982 bsc#1257179). - net/handshake: restore destructor on submit failure (CVE-2025-71148 bsc#1257159). - commit e5558d8 - net/sched: sch_qfq: do not free existing class in qfq_change_class() (CVE-2026-22999 bsc#1257236). - commit 79bc198 - ipv4: ip_gre: make ipgre_header() robust (CVE-2026-23011 bsc#1257207). - commit 26b5de2 - Revert "mtd: spinand: esmt: fix id code for F50D1G41LB" (stable-fixes). - wifi: mac80211: correctly decode TTLM with default link map (git-fixes). - net: phy: micrel: fix clk warning when removing the driver (git-fixes). - nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes). - nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes). - net: wwan: t7xx: fix potential skb->frags overflow in RX path (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes). - can: at91_can: Fix memory leak in at91_can_probe() (git-fixes). - Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes). - Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes). - tpm2-sessions: Fix tpm2_read_public range checks (git-fixes). - commit 46e120b ++++ kernel-rt: - io_uring/poll: correctly handle io_poll_add() return value on update (CVE-2025-71149 bsc#1257164). - commit 0d997be - dm-snapshot: fix 'scheduling while atomic' on real-time kernels (git-fixes). - commit b3fc112 - dm-bufio: align write boundary on physical block size (git-fixes). - commit e8ab2ba - dm-ebs: Mark full buffer dirty even on partial write (git-fixes). - commit b6359d7 - dm-verity: disable recursive forward error correction (CVE-2025-71161, bsc#1257174). - commit 94c6d56 - virt: tdx-guest: Transition to scoped_cond_guard for mutex operations (bsc#1257504). - commit a7ecc0e - virt: tdx-guest: Refactor and streamline TDREPORT generation (bsc#1257504). - commit 372915e - virt: tdx-guest: Expose TDX MRs as sysfs attributes (bsc#1257504). - commit af47cfb - x86/tdx: tdx_mcall_get_report0: Return -EBUSY on TDCALL_OPERAND_BUSY error (bsc#1257504). - commit 2590e39 - x86/tdx: Add tdx_mcall_extend_rtmr() interface (bsc#1257504). - commit 4b01fb9 - tsm-mr: Add tsm-mr sample code (bsc#1257504). - commit bca5c7b - tsm-mr: Add TVM Measurement Register support (bsc#1257504). - commit a919cc1 - macvlan: fix possible UAF in macvlan_forward_source() (CVE-2026-23001 bsc#1257232). - net: mscc: ocelot: Fix crash when adding interface under a lag (CVE-2026-22982 bsc#1257179). - net/handshake: restore destructor on submit failure (CVE-2025-71148 bsc#1257159). - commit e5558d8 - net/sched: sch_qfq: do not free existing class in qfq_change_class() (CVE-2026-22999 bsc#1257236). - commit 79bc198 - ipv4: ip_gre: make ipgre_header() robust (CVE-2026-23011 bsc#1257207). - commit 26b5de2 - Revert "mtd: spinand: esmt: fix id code for F50D1G41LB" (stable-fixes). - wifi: mac80211: correctly decode TTLM with default link map (git-fixes). - net: phy: micrel: fix clk warning when removing the driver (git-fixes). - nfc: nci: Fix race between rfkill and nci_unregister_device() (git-fixes). - nfc: llcp: Fix memleak in nfc_llcp_send_ui_frame() (git-fixes). - net: wwan: t7xx: fix potential skb->frags overflow in RX path (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): fix error message (git-fixes). - can: at91_can: Fix memory leak in at91_can_probe() (git-fixes). - Bluetooth: MGMT: Fix memory leak in set_ssp_complete (git-fixes). - Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (git-fixes). - tpm2-sessions: Fix tpm2_read_public range checks (git-fixes). - commit 46e120b ------------------------------------------------------------------ ------------------ 2026-1-29 - Jan 29 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). - Add bugnumber to an existing hv_netvsc change (bsc#1257473). - commit 6b4816a - Refresh patches.kabi/tpm2-sessions-kabi-workaround.patch Suppress compiler warnings due to missing prototypes. - commit e9a2f19 - idpf: Fix RSS LUT NULL ptr issue after soft reset (CVE-2026-22993 bsc#1257180). - idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (CVE-2026-22993 bsc#1257180). - gve: defer interrupt enabling until NAPI registration (CVE-2025-71156 bsc#1257167). - mlxbf_gige: emit messages during open and probe failures (git-fixes). - mlxbf_gige: return EPROBE_DEFER if PHY IRQ is not available (git-fixes). - commit 247473b - ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085 bsc#1256623). - commit 5565f0e - mptcp: fallback earlier on simult connection (CVE-2025-71088 bsc#1256630). - commit 38b098b - RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (CVE-2025-71157 bsc#1257168) - commit 7027c8b - =?UTF-8?q?net:=20phy:=20Introduce=20PHY=5FID=5FSIZE=20?= =?UTF-8?q?=E2=80=94=20minimum=20size=20for=20PHY=20ID=20string?= (CVE-2025-71094 bsc#1256597). - commit d8e9577 - kabi: export inet_frag_rbtree_purge() function again (CVE-2025-68768 bsc#1256579). - commit e7cc137 - inet: frags: flush pending skbs in fqdir_pre_exit() (CVE-2025-68768 bsc#1256579). - inet: frags: add inet_frag_queue_flush() (CVE-2025-68768 bsc#1256579). - commit 7956a17 ++++ kernel-rt: - scsi: storvsc: Process unsupported MODE_SENSE_10 (bsc#1257296). - Add bugnumber to an existing hv_netvsc change (bsc#1257473). - commit 6b4816a - Refresh patches.kabi/tpm2-sessions-kabi-workaround.patch Suppress compiler warnings due to missing prototypes. - commit e9a2f19 - idpf: Fix RSS LUT NULL ptr issue after soft reset (CVE-2026-22993 bsc#1257180). - idpf: Fix RSS LUT NULL pointer crash on early ethtool operations (CVE-2026-22993 bsc#1257180). - gve: defer interrupt enabling until NAPI registration (CVE-2025-71156 bsc#1257167). - mlxbf_gige: emit messages during open and probe failures (git-fixes). - mlxbf_gige: return EPROBE_DEFER if PHY IRQ is not available (git-fixes). - commit 247473b - ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CVE-2025-71085 bsc#1256623). - commit 5565f0e - mptcp: fallback earlier on simult connection (CVE-2025-71088 bsc#1256630). - commit 38b098b - RDMA/core: always drop device refcount in ib_del_sub_device_and_put() (CVE-2025-71157 bsc#1257168) - commit 7027c8b - =?UTF-8?q?net:=20phy:=20Introduce=20PHY=5FID=5FSIZE=20?= =?UTF-8?q?=E2=80=94=20minimum=20size=20for=20PHY=20ID=20string?= (CVE-2025-71094 bsc#1256597). - commit d8e9577 - kabi: export inet_frag_rbtree_purge() function again (CVE-2025-68768 bsc#1256579). - commit e7cc137 - inet: frags: flush pending skbs in fqdir_pre_exit() (CVE-2025-68768 bsc#1256579). - inet: frags: add inet_frag_queue_flush() (CVE-2025-68768 bsc#1256579). - commit 7956a17 ++++ libzypp: - Prepare a legacy /etc/zypp/zypp.conf to be installed on old distros. See the ZYPP.CONF(5) man page for details. - Fix runtime check for broken rpm --runposttrans (bsc#1257068) - version 17.38.2 (35) ++++ nvidia-open-driver-G06-signed: - apply kernel-5.14.patch also on sle15-sp5 in order to fix build and adjusted it to sle15-sp5 kernel ++++ podman: - Add symlink to catatonit in /usr/libexec/podman (bsc#1248988) ++++ qemu: - Fix bsc#1257474: * ui/vdagent: remove migration blocker (bsc#1257474) * ui/vdagent: add migration support (bsc#1257474) * ui/vdagent: factor out clipboard peer registration (bsc#1257474) * ui/vdagent: keep "connected" state (bsc#1257474) * ui/vdagent: replace Buffer with GByteArray (bsc#1257474) * ui/clipboard: delay clipboard update when not running (bsc#1257474) * ui/clipboard: add vmstate_cbinfo (bsc#1257474) * ui/clipboard: split out QemuClipboardContent (bsc#1257474) * ui/clipboard: use int for selection field (bsc#1257474) * ui/gtk: warn if setting the clipboard failed (bsc#1257474) - Bug and spec file fixes: * hw/i386/kvm: fix PIRQ bounds check in xen_physdev_map_pirq() (bsc#1256484, CVE-2026-0665) * [openSUSE][RPM] spec: require qemu-hw-display-virtio-gpu-pci for x86 too ++++ syslinux: - bsc#1257495: NASM (3.00+) requires explicit size hints Add syslinux-4.04-size.patch ------------------------------------------------------------------ ------------------ 2026-1-28 - Jan 28 2026 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Update dependencies for bsc#1257324/CVE-2025-13465 ++++ librsvg: - Update to version 2.60.2: + Fix the check for the cargo-cbuild version. ++++ gpg2: - Security fix * [bsc#1257396, CVE-2026-24882] - gpg2: stack-based buffer overflow in TPM2 PKDECRYPT for TPM-backed RSA and ECC keys - Added gnupg-CVE-2026-24882.patch * [bsc#1257395, CVE-2026-24883] - gpg2: denial of service due to long signature packet length causing parse_signature to return success with sig->data[] set to a NULL value - Added gnupg-CVE-2026-24883.patch - Security fix [bsc#1256389] (gpg.fail/filename) * Added gnupg-accepts-path-separators-literal-data.patch * GnuPG Accepts Path Separators and Path Traversals in Literal Data ++++ kernel-default: - net/sched: ets: Remove drr class from the active list if it changes to strict (CVE-2025-68815 bsc#1256680). - commit ef2665d - net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (CVE-2025-71066 bsc#1256645). - commit 19d5700 - libceph: make decode_pool() more resilient against corrupted osdmaps (CVE-2025-71116 bsc#1256744). - commit ec226dd - net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (CVE-2026-22976 bsc#1257035). - commit 9a83c42 - net: usb: asix: validate PHY address before use (CVE-2025-71094 bsc#1256597). - commit 1c268d0 - net: usb: asix: ax88772: Increase phy_name size (CVE-2025-71094 bsc#1256597). - commit 1a25880 - selftests/bpf: ns_current_pid_tgid: Use test_progs's ns_ feature (bsc#1255552 CVE-2025-68363). - selftests/bpf: tc_links/tc_opts: Unserialize tests (bsc#1255552 CVE-2025-68363). - selftests/bpf: Optionally open a dedicated namespace to run test in it (CVE-2025-68363 bsc#1255552). - selftests/bpf: ns_current_pid_tgid: Rename the test function (bsc#1255552 CVE-2025-68363). - commit deba1cc ++++ kernel-rt: - net/sched: ets: Remove drr class from the active list if it changes to strict (CVE-2025-68815 bsc#1256680). - commit ef2665d - net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (CVE-2025-71066 bsc#1256645). - commit 19d5700 - libceph: make decode_pool() more resilient against corrupted osdmaps (CVE-2025-71116 bsc#1256744). - commit ec226dd - net/sched: sch_qfq: Fix NULL deref when deactivating inactive aggregate in qfq_reset (CVE-2026-22976 bsc#1257035). - commit 9a83c42 - net: usb: asix: validate PHY address before use (CVE-2025-71094 bsc#1256597). - commit 1c268d0 - net: usb: asix: ax88772: Increase phy_name size (CVE-2025-71094 bsc#1256597). - commit 1a25880 - selftests/bpf: ns_current_pid_tgid: Use test_progs's ns_ feature (bsc#1255552 CVE-2025-68363). - selftests/bpf: tc_links/tc_opts: Unserialize tests (bsc#1255552 CVE-2025-68363). - selftests/bpf: Optionally open a dedicated namespace to run test in it (CVE-2025-68363 bsc#1255552). - selftests/bpf: ns_current_pid_tgid: Rename the test function (bsc#1255552 CVE-2025-68363). - commit deba1cc ++++ libpng16: - security update - added patches CVE-2025-28162 [bsc#1257364], memory leaks when running `pngimage` CVE-2025-28164 [bsc#1257365], memory leaks when running `pngimage` * libpng16-CVE-2025-28162,28164.patch ------------------------------------------------------------------ ------------------ 2026-1-27 - Jan 27 2026 ------------------- ------------------------------------------------------------------ ++++ cockpit-machines: - Update dependencies for bsc#1257325/CVE-2025-13465 - Update to 346 * 346 - Performance improvements - Translation updates * 345 - New virtual machines don't get SPICE graphics anymore - Support for network port forwarding - Bug fixes and translation updates ++++ glib2: - Add CVE fixes: + glib2-CVE-2026-1484.patch (bsc#1257355 CVE-2026-1484 glgo#GNOME/glib!4979). + glib2-CVE-2026-1485.patch (bsc#1257354 CVE-2026-1485 glgo#GNOME/glib!4981). + glib2-CVE-2026-1489.patch (bsc#1257353 CVE-2026-1489 glgo#GNOME/glib!4984). ++++ kernel-default: - perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689 CVE-2025-68798). - commit 599ecfb - selftests/bpf: Optionally open a dedicated namespace to run test in it (CVE-2025-68363 bsc#1255552). - commit 72f882c - btrfs: use variable for end offset in extent_writepage_io() (git-fixes). - commit b0ce396 - btrfs: truncate ordered extent when skipping writeback past i_size (git-fixes). - commit 2d28056 - btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (git-fixes). - commit 58c1893 - blk-cgroup: fix possible deadlock while configuring policy (CVE-2025-68178 bsc#1255266). - commit 39b8d0d - libbpf: Fix -Wdiscarded-qualifiers under C23 (bsc#1257309). - commit 123e6ba - scripts/cve_tools/kss-dashboard: --exportpatch: Skip commits that are in base kernel - commit ef59f5e - scripts/cve_tools/kss-dashboard: Simplify --exportpatch condition Use the filtering logic only once. (This changes warning messages when patch would have been both backported and blacklisted.) Fix insert_sereis comand when we end up with empty patch set. - commit d3bd915 - bpf: Add bpf_prog_run_data_pointers() (bsc#1255241 CVE-2025-68200). - commit 738511e ++++ kernel-rt: - perf/x86/amd: Check event before enable to avoid GPF (bsc#1256689 CVE-2025-68798). - commit 599ecfb - selftests/bpf: Optionally open a dedicated namespace to run test in it (CVE-2025-68363 bsc#1255552). - commit 72f882c - btrfs: use variable for end offset in extent_writepage_io() (git-fixes). - commit b0ce396 - btrfs: truncate ordered extent when skipping writeback past i_size (git-fixes). - commit 2d28056 - btrfs: fix deadlock in wait_current_trans() due to ignored transaction type (git-fixes). - commit 58c1893 - blk-cgroup: fix possible deadlock while configuring policy (CVE-2025-68178 bsc#1255266). - commit 39b8d0d - libbpf: Fix -Wdiscarded-qualifiers under C23 (bsc#1257309). - commit 123e6ba - scripts/cve_tools/kss-dashboard: --exportpatch: Skip commits that are in base kernel - commit ef59f5e - scripts/cve_tools/kss-dashboard: Simplify --exportpatch condition Use the filtering logic only once. (This changes warning messages when patch would have been both backported and blacklisted.) Fix insert_sereis comand when we end up with empty patch set. - commit d3bd915 - bpf: Add bpf_prog_run_data_pointers() (bsc#1255241 CVE-2025-68200). - commit 738511e ++++ openssl-3: - Security fixes: * Missing ASN1_TYPE validation in PKCS#12 parsing - openssl-CVE-2026-22795.patch [bsc#1256839, CVE-2026-22795] * ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes() function - openssl-CVE-2026-22795.patch [bsc#1256840, CVE-2026-22796] * Missing ASN1_TYPE validation in TS_RESP_verify_response() function - openssl-CVE-2025-69420.patch [bsc#1256837, CVE-2025-69420] * NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex function - openssl-CVE-2025-69421.patch [bsc#1256838, CVE-2025-69421] * Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion - openssl-CVE-2025-69419.patch [bsc#1256836, CVE-2025-69419] * TLS 1.3 CompressedCertificate excessive memory allocation - openssl-CVE-2025-66199.patch [bsc#1256833, CVE-2025-66199] * Heap out-of-bounds write in BIO_f_linebuffer on short writes - openssl-CVE-2025-68160.patch [bsc#1256834, CVE-2025-68160] * Unauthenticated/unencrypted trailing bytes with low-level OCB function calls - openssl-CVE-2025-69418.patch [bsc#1256835, CVE-2025-69418] * 'openssl dgst' one-shot codepath silently truncates inputs greater than 16MB - openssl-CVE-2025-15469.patch [bsc#1256832, CVE-2025-15469] * Stack buffer overflow in CMS AuthEnvelopedData parsing - openssl-CVE-2025-15467.patch [bsc#1256830, CVE-2025-15467] - openssl-CVE-2025-15467-comments.patch - openssl-CVE-2025-15467-test.patch * Improper validation of PBMAC1 parameters in PKCS#12 MAC verification - openssl-CVE-2025-11187.patch [bsc#1256829, CVE-2025-11187] * NULL dereference in SSL_CIPHER_find() function on unknown cipher ID - openssl-CVE-2025-15468.patch [bsc#1256831, CVE-2025-15468] - Enable livepatching support for ppc64le [bsc#1257274] ++++ python313-core: - Add CVE-2024-6923-follow-up-EOL-email-headers.patch which is a follow-up to the previous fix of CVE-2024-6923 further encoding EOL possibly hidden in email headers (bsc#1257181). ++++ open-vm-tools: - update to 13.0.10 based on build 25056151: (boo#1257357): Please refer to the Release Notes at https://github.com/vmware/open-vm-tools/blob/stable-13.0.10/ReleaseNotes.md. The granular changes that have gone into the open-vm-tools 13.0.10 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-13.0.10/open-vm-tools/ChangeLog. There are no new features in the open-vm-tools 13.0.10 release. This is primarily a maintenance release that addresses a fix. A minor enhancement has been made for Guest OS Customization. The DeployPkg plugin has been updated to handle a new cloud-init error code that signals a recoverable error and allow cloud-init to finish running. For a more complete description of what's new in this release, see the What's New and Resolved Issues sections of the Release Notes. ++++ python313: - Add CVE-2024-6923-follow-up-EOL-email-headers.patch which is a follow-up to the previous fix of CVE-2024-6923 further encoding EOL possibly hidden in email headers (bsc#1257181). ------------------------------------------------------------------ ------------------ 2026-1-26 - Jan 26 2026 ------------------- ------------------------------------------------------------------ ++++ hwinfo: - merge gh#openSUSE/hwinfo#175 - include package spec file in git repo - adjust spec file for immutable mode: switch to using systemd-tmpfiles (jsc#PED-14832) - update git2log script - 25.1 ++++ kernel-default: - smb: client: don't try following DFS links in cifs_tree_connect() (git-fixes). - commit 3cf926a - kABI workaround for tpm_chip changes (CVE-2025-71077 bsc#1256613). - commit b25df62 - e1000: fix OOB in e1000_tbi_should_accept() (CVE-2025-71093 bsc#1256777). - net/mlx5: fw_tracer, Validate format string parameters (CVE-2025-68816 bsc#1256674). - commit 767a8ff - tpm: Cap the number of PCR banks (CVE-2025-71077 bsc#1256613). - Refresh patches.suse/0003-ima-invalidate-unsupported-PCR-banks.patch. - commit 3fdd7fa - gfs2: Prevent recursive memory reclaim (bsc#1255593 CVE-2025-68356). - commit 798fe56 - keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal (CVE-2025-68792 bsc#1256656). - commit 6ebc180 - kABI workaround for tpm2_session changes (CVE-2025-68792 bsc#1256656). - commit 7af0065 - tpm2-sessions: Fix out of range indexing in name_size (CVE-2025-68792 bsc#1256656). - commit 2805234 - x86: make page fault handling disable interrupts properly (git-fixes). - commit 8ec97c6 - selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346). - commit 9f9ee4e - Delete patches.suse/selftests-net-fib-onlink-tests-Set-high-metric-for-d.patch. - commit 3ae01ff - exfat: check return value of sb_min_blocksize in exfat_read_boot_sector (git-fixes). - commit 3d9560f - pnfs/blocklayout: Fix memory leak in bl_parse_scsi() (git-fixes). - commit 25884fe - pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (git-fixes). - commit def5db6 - pNFS: Fix a deadlock when returning a delegation during open() (git-fixes). - commit 39c05eb - nfsd: check that server is running in unlock_filesystem (git-fixes). - commit d20f2be - nfsd: use correct loop termination in nfsd4_revoke_states() (git-fixes). - commit bb91457 - NFSD: Fix permission check for read access to executable-only files (git-fixes). - commit 183186b - nfsd: Drop the client reference in client_states_open() (git-fixes). - commit c888f17 - NFSD/blocklayout: Fix minlength check in proc_layoutget (git-fixes). - commit b191678 - NFSD: use correct reservation type in nfsd4_scsi_fence_client (git-fixes). - commit 9c83e59 - svcrdma: return 0 on success from svc_rdma_copy_inline_range (git-fixes). - commit 029a31c - NFSD: Clear SECLABEL in the suppattr_exclcreat bitmap (git-fixes). - commit 5253399 - NFS: Fix up the automount fs_context to use the correct cred (git-fixes). - commit 98b121a - NFSv4: ensure the open stateid seqid doesn't go backwards (git-fixes). - commit 15f5d8e - exfat: fix remount failure in different process environments (git-fixes). - commit 2a1614d - exfat: zero out post-EOF page cache on file extension (git-fixes). - commit b63526d - Update patch metadata and sort patches.suse/sched-fair-Disable-scheduler-feature-NEXT_BUDDY.patch. - commit 6b28e35 - w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes). - w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes). - comedi: dmm32at: serialize use of paged registers (git-fixes). - mei: trace: treat reg parameter as string (git-fixes). - uacce: ensure safe queue release with state management (git-fixes). - uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes). - uacce: fix isolate sysfs check condition (git-fixes). - uacce: fix cdev handling in the cleanup path (git-fixes). - slimbus: core: fix of_slim_get_device() kernel doc (git-fixes). - slimbus: core: fix device reference leak on report present (git-fixes). - slimbus: core: fix runtime PM imbalance on report present (git-fixes). - slimbus: core: fix OF node leak on registration failure (git-fixes). - intel_th: fix device leak on output open() (git-fixes). - comedi: Fix getting range information for subdevices 16 to 255 (git-fixes). - interconnect: debugfs: initialize src_node and dst_node to empty strings (git-fixes). - iio: accel: iis328dq: fix gain values (git-fixes). - iio: chemical: scd4x: fix reported channel endianness (git-fixes). - iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes). - iio: accel: adxl380: fix handling of unavailable "INT1" interrupt (git-fixes). - iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes). - iio: adc: pac1934: Fix clamped value in pac1934_reg_snapshot (git-fixes). - iio: adc: ad9467: fix ad9434 vref mask (git-fixes). - iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes). - iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes). - serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes). - comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes). - commit e39a507 - bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569). - commit 7eec89f ++++ kernel-rt: - smb: client: don't try following DFS links in cifs_tree_connect() (git-fixes). - commit 3cf926a - kABI workaround for tpm_chip changes (CVE-2025-71077 bsc#1256613). - commit b25df62 - e1000: fix OOB in e1000_tbi_should_accept() (CVE-2025-71093 bsc#1256777). - net/mlx5: fw_tracer, Validate format string parameters (CVE-2025-68816 bsc#1256674). - commit 767a8ff - tpm: Cap the number of PCR banks (CVE-2025-71077 bsc#1256613). - Refresh patches.suse/0003-ima-invalidate-unsupported-PCR-banks.patch. - commit 3fdd7fa - gfs2: Prevent recursive memory reclaim (bsc#1255593 CVE-2025-68356). - commit 798fe56 - keys/trusted_keys: fix handle passed to tpm_buf_append_name during unseal (CVE-2025-68792 bsc#1256656). - commit 6ebc180 - kABI workaround for tpm2_session changes (CVE-2025-68792 bsc#1256656). - commit 7af0065 - tpm2-sessions: Fix out of range indexing in name_size (CVE-2025-68792 bsc#1256656). - commit 2805234 - x86: make page fault handling disable interrupts properly (git-fixes). - commit 8ec97c6 - selftests: net: fib-onlink-tests: Convert to use namespaces by default (bsc#1255346). - commit 9f9ee4e - Delete patches.suse/selftests-net-fib-onlink-tests-Set-high-metric-for-d.patch. - commit 3ae01ff - exfat: check return value of sb_min_blocksize in exfat_read_boot_sector (git-fixes). - commit 3d9560f - pnfs/blocklayout: Fix memory leak in bl_parse_scsi() (git-fixes). - commit 25884fe - pnfs/flexfiles: Fix memory leak in nfs4_ff_alloc_deviceid_node() (git-fixes). - commit def5db6 - pNFS: Fix a deadlock when returning a delegation during open() (git-fixes). - commit 39c05eb - nfsd: check that server is running in unlock_filesystem (git-fixes). - commit d20f2be - nfsd: use correct loop termination in nfsd4_revoke_states() (git-fixes). - commit bb91457 - NFSD: Fix permission check for read access to executable-only files (git-fixes). - commit 183186b - nfsd: Drop the client reference in client_states_open() (git-fixes). - commit c888f17 - NFSD/blocklayout: Fix minlength check in proc_layoutget (git-fixes). - commit b191678 - NFSD: use correct reservation type in nfsd4_scsi_fence_client (git-fixes). - commit 9c83e59 - svcrdma: return 0 on success from svc_rdma_copy_inline_range (git-fixes). - commit 029a31c - NFSD: Clear SECLABEL in the suppattr_exclcreat bitmap (git-fixes). - commit 5253399 - NFS: Fix up the automount fs_context to use the correct cred (git-fixes). - commit 98b121a - NFSv4: ensure the open stateid seqid doesn't go backwards (git-fixes). - commit 15f5d8e - exfat: fix remount failure in different process environments (git-fixes). - commit 2a1614d - exfat: zero out post-EOF page cache on file extension (git-fixes). - commit b63526d - Update patch metadata and sort patches.suse/sched-fair-Disable-scheduler-feature-NEXT_BUDDY.patch. - commit 6b28e35 - w1: fix redundant counter decrement in w1_attach_slave_device() (git-fixes). - w1: therm: Fix off-by-one buffer overflow in alarms_store (git-fixes). - comedi: dmm32at: serialize use of paged registers (git-fixes). - mei: trace: treat reg parameter as string (git-fixes). - uacce: ensure safe queue release with state management (git-fixes). - uacce: implement mremap in uacce_vm_ops to return -EPERM (git-fixes). - uacce: fix isolate sysfs check condition (git-fixes). - uacce: fix cdev handling in the cleanup path (git-fixes). - slimbus: core: fix of_slim_get_device() kernel doc (git-fixes). - slimbus: core: fix device reference leak on report present (git-fixes). - slimbus: core: fix runtime PM imbalance on report present (git-fixes). - slimbus: core: fix OF node leak on registration failure (git-fixes). - intel_th: fix device leak on output open() (git-fixes). - comedi: Fix getting range information for subdevices 16 to 255 (git-fixes). - interconnect: debugfs: initialize src_node and dst_node to empty strings (git-fixes). - iio: accel: iis328dq: fix gain values (git-fixes). - iio: chemical: scd4x: fix reported channel endianness (git-fixes). - iio: dac: ad5686: add AD5695R to ad5686_chip_info_tbl (git-fixes). - iio: accel: adxl380: fix handling of unavailable "INT1" interrupt (git-fixes). - iio: imu: st_lsm6dsx: fix iio_chan_spec for sensors without event detection (git-fixes). - iio: adc: pac1934: Fix clamped value in pac1934_reg_snapshot (git-fixes). - iio: adc: ad9467: fix ad9434 vref mask (git-fixes). - iio: adc: ad7280a: handle spi_setup() errors in probe() (git-fixes). - iio: adc: at91-sama5d2_adc: Fix potential use-after-free in sama5d2_adc driver (git-fixes). - serial: 8250_pci: Fix broken RS485 for F81504/508/512 (git-fixes). - comedi: fix divide-by-zero in comedi_buf_munge() (stable-fixes). - commit e39a507 - bpf: Do not let BPF test infra emit invalid GSO types to stack (bsc#1255569). - commit 7eec89f ++++ multipath-tools: - Update to version 0.12.2+254+suse.924a3ed8: - Bug fixes from 0.12.2 (bsc#1257007, see NEWS.md for details) * kpartx: fix segfault when operating on regular files (bsc#1257244, bsc#1257153) * multipathd: print path offline message even without a checker (bsc#1254094) * Fix `mpathpersist --report-capabilities` output. * Fix command descriptions in the multipathd man page. * Fix ISO C23 compatibility issue causing errors with new compilers. * Fix memory leak caused by not joining the "init unwinder" thread. * Fix memory leaks in kpartx. * Print the warning "setting scsi timeouts is unsupported for protocol" only once per protocol. * Make sure multipath-tools is compiled with the compiler flag `-fno-strict-aliasing`. (gh#opensvc/multipath-tools#130, bsc#1255285) - Features from upstream 0.12.0 (see also NEWS.md): * Maps that were added outside of multipathd (e.g. using the **multipath** command) and that couldn't be reloaded by multipathd used to be ignored by multipathd. multipathd will now monitor them. If some paths were offline while the map was created, multipathd will now add them to the map when they go online again. * multipathd retries persistent reservation commands that have failed on one path on another one. - Documentation fixes - Additions to the hardware table ++++ pcr-oracle: - Enable build on %{arm} as it is required by sdbootutil ------------------------------------------------------------------ ------------------ 2026-1-24 - Jan 24 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - platform/x86: hp-bioscfg: Fix automatic module loading (git-fixes). - platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro (git-fixes). - platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names (git-fixes). - platform/x86/amd: Fix memory leak in wbrf_record() (git-fixes). - mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes). - mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes). - regmap: Fix race condition in hwspinlock irqsave routine (git-fixes). - gpio: cdev: Correct return code on memory allocation failure (git-fixes). - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes). - ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes). - ALSA: usb: Increase volume range that triggers a warning (git-fixes). - drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes). - drm/amd/pm: Don't clear SI SMC table when setting power limit (git-fixes). - drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes). - drm/nouveau: add missing DCB connector types (git-fixes). - drm/imagination: Wait for FW trace update command completion (git-fixes). - commit a8c0274 ++++ kernel-rt: - platform/x86: hp-bioscfg: Fix automatic module loading (git-fixes). - platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro (git-fixes). - platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names (git-fixes). - platform/x86/amd: Fix memory leak in wbrf_record() (git-fixes). - mmc: rtsx_pci_sdmmc: implement sdmmc_card_busy function (git-fixes). - mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode (git-fixes). - regmap: Fix race condition in hwspinlock irqsave routine (git-fixes). - gpio: cdev: Correct return code on memory allocation failure (git-fixes). - ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() (git-fixes). - ALSA: scarlett2: Fix buffer overflow in config retrieval (git-fixes). - ALSA: usb: Increase volume range that triggers a warning (git-fixes). - drm/amd/pm: Workaround SI powertune issue on Radeon 430 (v2) (git-fixes). - drm/amd/pm: Don't clear SI SMC table when setting power limit (git-fixes). - drm/nouveau: implement missing DCB connector types; gracefully handle unknown connectors (git-fixes). - drm/nouveau: add missing DCB connector types (git-fixes). - drm/imagination: Wait for FW trace update command completion (git-fixes). - commit a8c0274 ------------------------------------------------------------------ ------------------ 2026-1-23 - Jan 23 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes). - phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (git-fixes). - USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes). - USB: serial: option: add Telit LE910 MBIM composition (stable-fixes). - USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes). - usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes). - usb: dwc3: Check for USB4 IP_NAME (stable-fixes). - drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2 (git-fixes). - drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes). - drm/amd: Clean up kfd node on surprise disconnect (stable-fixes). - HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes). - firmware: imx: scu-irq: Set mu_resource_id before get handle (stable-fixes). - phy: phy-rockchip-inno-usb2: Use dev_err_probe() in the probe path (stable-fixes). - commit 3f8bd8a - io_uring: fix filename leak in __io_openat_prep() (CVE-2025-68814 bsc#1256651). - commit 675d22e - octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" (CVE-2025-71137 bsc#1256760) - commit 3d4407e - net: hns3: using the num_tqps in the vf driver to apply for resources (CVE-2025-71064 bsc#1256654) - commit 58ee56d - macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (CVE-2025-68367 bsc#1255547) - commit ed9e7a9 - team: fix check for port enabled in team_queue_override_port_prio_changed() (CVE-2025-71091 bsc#1256773) - commit c426951 - md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (CVE-2025-71135 bsc#1256761). - commit 1fc61fc - net: sock: fix hardened usercopy panic in sock_recv_errqueue (CVE-2026-22977 bsc#1257053). - commit d4fc6df - ipv4: Fix reference count leak when using error routes with nexthop objects (CVE-2025-71097 bsc#1256607). - net: stmmac: fix the crash issue for zero copy XDP_TX action (CVE-2025-71095 bsc#1256605). - net: hns3: add VLAN id validation before using (CVE-2025-71112 bsc#1256726). - net/handshake: duplicate handshake cancellations leak socket (CVE-2025-68775 bsc#1256665). - ethtool: Avoid overflowing userspace buffer on stats query (CVE-2025-68795 bsc#1256688). - mptcp: avoid deadlock on fallback while reinjecting (CVE-2025-71126 bsc#1256755). - bnxt_en: Fix XDP_TX path (CVE-2025-68770 bsc#1256584). - mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CVE-2025-68800 bsc#1256646). - mlxsw: spectrum_router: Fix neighbour use-after-free (CVE-2025-68801 bsc#1256653). - lan966x: Fix sleeping in atomic context (CVE-2025-68320 bsc#1255172). - commit 4e1af62 - iommu: disable SVA when CONFIG_X86 is set (CVE-2025-71089 bsc#1256612). - commit 2eb2757 - dpll: Prevent duplicate registrations (git-fixes). - dpll: zl3073x: Fix output pin registration (git-fixes). - dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes). - dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes). - dpll: fix clock quality level reporting (git-fixes). - dpll: Add an assertion to check freq_supported_num (stable-fixes). - commit 59f0fdc - crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (git-fixes). - wifi: mac80211: don't perform DA check on S1G beacon (git-fixes). - wifi: ath12k: fix dma_free_coherent() pointer (git-fixes). - wifi: ath10k: fix dma_free_coherent() pointer (git-fixes). - wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes). - wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes). - usbnet: limit max_mtu based on device's hard_mtu (git-fixes). - can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes). - can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes). - Revert "nfc/nci: Add the inconsistency check between the input data length and count" (git-fixes). - net: usb: dm9601: remove broken SR9700 support (git-fixes). - leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes). - commit d5d2445 ++++ kernel-rt: - phy: freescale: imx8m-pcie: assert phy reset during power on (stable-fixes). - phy: rockchip: inno-usb2: Fix a double free bug in rockchip_usb2phy_probe() (git-fixes). - USB: serial: ftdi_sio: add support for PICAXE AXE027 cable (stable-fixes). - USB: serial: option: add Telit LE910 MBIM composition (stable-fixes). - USB: OHCI/UHCI: Add soft dependencies on ehci_platform (stable-fixes). - usb: core: add USB_QUIRK_NO_BOS for devices that hang on BOS descriptor (stable-fixes). - usb: dwc3: Check for USB4 IP_NAME (stable-fixes). - drm/amd/pm: fix smu overdrive data type wrong issue on smu 14.0.2 (git-fixes). - drm/amd/display: Bump the HDMI clock to 340MHz (stable-fixes). - drm/amd: Clean up kfd node on surprise disconnect (stable-fixes). - HID: usbhid: paper over wrong bNumDescriptor field (stable-fixes). - firmware: imx: scu-irq: Set mu_resource_id before get handle (stable-fixes). - phy: phy-rockchip-inno-usb2: Use dev_err_probe() in the probe path (stable-fixes). - commit 3f8bd8a - io_uring: fix filename leak in __io_openat_prep() (CVE-2025-68814 bsc#1256651). - commit 675d22e - octeontx2-pf: fix "UBSAN: shift-out-of-bounds error" (CVE-2025-71137 bsc#1256760) - commit 3d4407e - net: hns3: using the num_tqps in the vf driver to apply for resources (CVE-2025-71064 bsc#1256654) - commit 58ee56d - macintosh/mac_hid: fix race condition in mac_hid_toggle_emumouse (CVE-2025-68367 bsc#1255547) - commit ed9e7a9 - team: fix check for port enabled in team_queue_override_port_prio_changed() (CVE-2025-71091 bsc#1256773) - commit c426951 - md/raid5: fix possible null-pointer dereferences in raid5_store_group_thread_cnt() (CVE-2025-71135 bsc#1256761). - commit 1fc61fc - net: sock: fix hardened usercopy panic in sock_recv_errqueue (CVE-2026-22977 bsc#1257053). - commit d4fc6df - ipv4: Fix reference count leak when using error routes with nexthop objects (CVE-2025-71097 bsc#1256607). - net: stmmac: fix the crash issue for zero copy XDP_TX action (CVE-2025-71095 bsc#1256605). - net: hns3: add VLAN id validation before using (CVE-2025-71112 bsc#1256726). - net/handshake: duplicate handshake cancellations leak socket (CVE-2025-68775 bsc#1256665). - ethtool: Avoid overflowing userspace buffer on stats query (CVE-2025-68795 bsc#1256688). - mptcp: avoid deadlock on fallback while reinjecting (CVE-2025-71126 bsc#1256755). - bnxt_en: Fix XDP_TX path (CVE-2025-68770 bsc#1256584). - mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CVE-2025-68800 bsc#1256646). - mlxsw: spectrum_router: Fix neighbour use-after-free (CVE-2025-68801 bsc#1256653). - lan966x: Fix sleeping in atomic context (CVE-2025-68320 bsc#1255172). - commit 4e1af62 - iommu: disable SVA when CONFIG_X86 is set (CVE-2025-71089 bsc#1256612). - commit 2eb2757 - dpll: Prevent duplicate registrations (git-fixes). - dpll: zl3073x: Fix output pin registration (git-fixes). - dpll: fix device-id-get and pin-id-get to return errors properly (git-fixes). - dpll: spec: add missing module-name and clock-id to pin-get reply (git-fixes). - dpll: fix clock quality level reporting (git-fixes). - dpll: Add an assertion to check freq_supported_num (stable-fixes). - commit 59f0fdc - crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (git-fixes). - wifi: mac80211: don't perform DA check on S1G beacon (git-fixes). - wifi: ath12k: fix dma_free_coherent() pointer (git-fixes). - wifi: ath10k: fix dma_free_coherent() pointer (git-fixes). - wifi: mwifiex: Fix a loop in mwifiex_update_ampdu_rxwinsize() (git-fixes). - wifi: rsi: Fix memory corruption due to not set vif driver data size (git-fixes). - usbnet: limit max_mtu based on device's hard_mtu (git-fixes). - can: usb_8dev: usb_8dev_read_bulk_callback(): fix URB memory leak (git-fixes). - can: mcba_usb: mcba_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - can: kvaser_usb: kvaser_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - can: ems_usb: ems_usb_read_bulk_callback(): fix URB memory leak (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error (git-fixes). - Revert "nfc/nci: Add the inconsistency check between the input data length and count" (git-fixes). - net: usb: dm9601: remove broken SR9700 support (git-fixes). - leds: led-class: Only Add LED to leds_list when it is fully ready (git-fixes). - commit d5d2445 ------------------------------------------------------------------ ------------------ 2026-1-22 - Jan 22 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - mptcp: fix a race in mptcp_pm_del_add_timer() (CVE-2025-40257 bsc#1254842). - commit dab52b4 - net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (CVE-2025-68325 bsc#1255417). - commit 1f83ea8 - tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (CVE-2025-68188 bsc#1255269). - commit 46ce97a ++++ kernel-rt: - mptcp: fix a race in mptcp_pm_del_add_timer() (CVE-2025-40257 bsc#1254842). - commit dab52b4 - net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (CVE-2025-68325 bsc#1255417). - commit 1f83ea8 - tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check() (CVE-2025-68188 bsc#1255269). - commit 46ce97a ++++ libxml2: - CVE-2026-0989: call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `` directives (bsc#1256804, bsc#1256805, bsc#1256810) * Add patch libxml2-CVE-2026-0989.patch * https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/374 ++++ libxml2-python: - CVE-2026-0989: call stack exhaustion leading to application crash due to RelaxNG parser not limiting the recursion depth when resolving `` directives (bsc#1256804, bsc#1256805, bsc#1256810) * Add patch libxml2-CVE-2026-0989.patch * https://gitlab.gnome.org/GNOME/libxml2/-/merge_requests/374 ------------------------------------------------------------------ ------------------ 2026-1-21 - Jan 21 2026 ------------------- ------------------------------------------------------------------ ++++ cups: - Version upgrade to 2.4.16: See https://github.com/openprinting/cups/releases The hotfix release 2.4.16 includes fix for infinite loop in GTK, which was caused by change of internal behavior in libcups on which GTK depended on, and workaround for stopping the scheduler if configuration includes unknown directives. Detailed list (from CHANGES.md): * 'cupsUTF8ToCharset' didn't validate 2-byte UTF-8 sequences, potentially reading past the end of the source string (Issue #1438) * The web interface did not support domain usernames fully (Issue #1441) * Fixed an infinite loop issue in the GTK+ print dialog (Issue #1439 boo#1254353) * Fixed stopping scheduler on unknown directive in configuration (Issue #1443) Issues are those at https://github.com/OpenPrinting/cups/issues - Version upgrade to 2.4.15: See https://github.com/openprinting/cups/releases The release CUPS 2.4.15 brings two CVE fixes: Fix various cupsd issues which cause local DoS (CVE-2025-61915 bsc#1253783) Fix unresponsive cupsd process caused by slow client (CVE-2025-58436 bsc#1244057) and several bug fixes described in CHANGES.md. Detailed list (from CHANGES.md): * Fixed potential crash in 'cups-driverd' when there are duplicate PPDs (Issue #1355) * Fixed error recovery when scanning for PPDs in 'cups-driverd' (Issue #1416) Issues are those at https://github.com/OpenPrinting/cups/issues - Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.16 - Fixed entry below dated "Sat Sep 30 08:52:42 UTC 2017" which contained needless UTF-8 Unicode characters that are now replaced by plain ASCII text in "... line - the ..." to fix a rpmlint "non-break-space" warning. - Adapted and enhanced 'tmpfiles.d' related things in cups.spec to "Fix packages for Immutable Mode - cups" (implementation task jsc#PED-14775 from epic jsc#PED-14688) ++++ glib2: - Add glib2-CVE-2026-0988.patch: fix a potential integer overflow in g_buffered_input_stream_peek (bsc#1257049 CVE-2026-0988 glgo#GNOME/glib#3851). ++++ kernel-default: - erofs: fix file-backed mounts no longer working on EROFS partitions (CVE-2025-68361 bsc#1255526). - commit 472da07 - erofs: don't bother with s_stack_depth increasing for now (CVE-2025-68361 bsc#1255526). - commit 39303bf - net: ipv6: fix field-spanning memcpy warning in AH output (CVE-2025-40363 bsc#1255102). - commit e140a1d - fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638 CVE-2025-68788). - commit c5ba5af - ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754 CVE-2025-68820). - commit 5db1006 - ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757 CVE-2025-71123). - commit f859099 - ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164 CVE-2025-68261). - commit ca299fb - nbd: defer config put in recv_work (bsc#1255537 CVE-2025-68372). - commit a3661a2 - nbd: defer config unlock in nbd_genl_connect (bsc#1255622 CVE-2025-68366). - commit abe0920 - jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482 CVE-2025-68337). - commit 158d717 - Refresh patches.suse/iavf-get-rid-of-the-crit-lock.patch. Fix locking issue introduced by CVE backport (bsc#1256975 bsc#1254977). - commit d093512 - erofs: limit the level of fs stacking for file-backed mounts (CVE-2025-68361 bsc#1255526). - commit 4238cae - ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (CVE-2025-68241 bsc#1255157). - net: netpoll: fix incorrect refcount handling causing incorrect cleanup (CVE-2025-68245 bsc#1255268). - commit b8da07f - nfsd: adjust WARN_ON_ONCE in revoke_delegation (bsc#1257015). - commit da1be71 - of: fix reference count leak in of_alias_scan() (git-fixes). - of: platform: Use default match table for /firmware (git-fixes). - ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes). - ata: libata-sata: Improve link_power_management_supported sysfs attribute (git-fixes). - ata: ahci: Do not read the per port area for unimplemented ports (git-fixes). - ata: libata-scsi: Fix system suspend for a security locked drive (git-fixes). - ata: libata-scsi: Fix ata_to_sense_error() status handling (git-fixes). - commit 7be8126 - Refresh patches.suse/dmaengine-idxd-Fix-refcount-underflow-on-module-unlo.patch. - blacklist.conf: Fix the missing cleanup, folding the upsteram stable 6.12.y fix (commit d28c1b1566a1) into the backport patch itself. - commit 3863579 ++++ kernel-rt: - erofs: fix file-backed mounts no longer working on EROFS partitions (CVE-2025-68361 bsc#1255526). - commit 472da07 - erofs: don't bother with s_stack_depth increasing for now (CVE-2025-68361 bsc#1255526). - commit 39303bf - net: ipv6: fix field-spanning memcpy warning in AH output (CVE-2025-40363 bsc#1255102). - commit e140a1d - fsnotify: do not generate ACCESS/MODIFY events on child for special files (bsc#1256638 CVE-2025-68788). - commit c5ba5af - ext4: xattr: fix null pointer deref in ext4_raw_inode() (bsc#1256754 CVE-2025-68820). - commit 5db1006 - ext4: fix string copying in parse_apply_sb_mount_options() (bsc#1256757 CVE-2025-71123). - commit f859099 - ext4: add i_data_sem protection in ext4_destroy_inline_data_nolock() (bsc#1255164 CVE-2025-68261). - commit ca299fb - nbd: defer config put in recv_work (bsc#1255537 CVE-2025-68372). - commit a3661a2 - nbd: defer config unlock in nbd_genl_connect (bsc#1255622 CVE-2025-68366). - commit abe0920 - jbd2: avoid bug_on in jbd2_journal_get_create_access() when file system corrupted (bsc#1255482 CVE-2025-68337). - commit 158d717 - Refresh patches.suse/iavf-get-rid-of-the-crit-lock.patch. Fix locking issue introduced by CVE backport (bsc#1256975 bsc#1254977). - commit d093512 - erofs: limit the level of fs stacking for file-backed mounts (CVE-2025-68361 bsc#1255526). - commit 4238cae - ipv4: route: Prevent rt_bind_exception() from rebinding stale fnhe (CVE-2025-68241 bsc#1255157). - net: netpoll: fix incorrect refcount handling causing incorrect cleanup (CVE-2025-68245 bsc#1255268). - commit b8da07f - nfsd: adjust WARN_ON_ONCE in revoke_delegation (bsc#1257015). - commit da1be71 - of: fix reference count leak in of_alias_scan() (git-fixes). - of: platform: Use default match table for /firmware (git-fixes). - ata: libata: Add cpr_log to ata_dev_print_features() early return (git-fixes). - ata: libata-sata: Improve link_power_management_supported sysfs attribute (git-fixes). - ata: ahci: Do not read the per port area for unimplemented ports (git-fixes). - ata: libata-scsi: Fix system suspend for a security locked drive (git-fixes). - ata: libata-scsi: Fix ata_to_sense_error() status handling (git-fixes). - commit 7be8126 - Refresh patches.suse/dmaengine-idxd-Fix-refcount-underflow-on-module-unlo.patch. - blacklist.conf: Fix the missing cleanup, folding the upsteram stable 6.12.y fix (commit d28c1b1566a1) into the backport patch itself. - commit 3863579 ++++ samba: - Fix mistake in README.SUSE /var/spool/samba => /var/samba/spool (bsc#1254665). ------------------------------------------------------------------ ------------------ 2026-1-20 - Jan 20 2026 ------------------- ------------------------------------------------------------------ ++++ glibc: - memalign-overflow-check.patch: memalign: reinstate alignment overflow check (CVE-2026-0861, bsc#1256766, BZ #33796) - nss-dns-getnetbyaddr.patch: resolv: Fix NSS DNS backend for getnetbyaddr (CVE-2026-0915, bsc#1256822, BZ #33802) - nptl-optimize-trylock.patch: nptl: Optimize trylock for high cache contention workloads (bsc#1256436, BZ #33704) - wordexp-wrde-reuse.patch: posix: Reset wordexp_t fields with WRDE_REUSE (CVE-2025-15281, bsc#1257005, BZ #33814) ++++ grub2: - Optimize PBKDF2 to reduce the decryption time (bsc#1248516) * 0001-lib-crypto-Introduce-new-HMAC-functions-to-reuse-buf.patch * 0002-lib-pbkdf2-Optimize-PBKDF2-by-reusing-HMAC-handle.patch * 0001-kern-misc-Implement-faster-grub_memcpy-for-aligned-b.patch ++++ kernel-default: - blk-throttle: fix throtl_data leak during disk release (git-fixes). - commit d28bb8b - NFSD: NFSv4 file creation neglects setting ACL (CVE-2025-68803 bsc#1256770). - commit ac1975f - xfs: fix a UAF problem in xattr repair (CVE-2025-68784 bsc#1256793). - commit 2b579a4 - svcrdma: use rc_pageoff for memcpy byte offset (CVE-2025-68811 bsc#1256677). - commit 5da529b - RDMA/irdma: avoid invalid read in irdma_net_event (CVE-2025-71133 bsc#1256733) - commit d92ea95 - RDMA/cm: Fix leaking the multicast GID table reference (CVE-2025-71084 bsc#1256622) - commit 677f876 - ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (CVE-2025-71080 bsc#1256608). - smc91x: fix broken irq-context in PREEMPT_RT (CVE-2025-71132 bsc#1256737). - commit 1c36926 - sched/fair: Disable scheduler feature NEXT_BUDDY (bsc#1255459). - commit a542b6f - drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128 CVE-2025-68296) - commit 77ece13 - Remove patches.suse/0001-drm-fbcon-vga_switcheroo-Avoid-race-condition-in-fbc.patch Remove this patch before remaking it in an appropriate way. - commit f91d20a - SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (CVE-2025-71120 bsc#1256779). - commit 796b399 ++++ kernel-rt: - blk-throttle: fix throtl_data leak during disk release (git-fixes). - commit d28bb8b - NFSD: NFSv4 file creation neglects setting ACL (CVE-2025-68803 bsc#1256770). - commit ac1975f - xfs: fix a UAF problem in xattr repair (CVE-2025-68784 bsc#1256793). - commit 2b579a4 - svcrdma: use rc_pageoff for memcpy byte offset (CVE-2025-68811 bsc#1256677). - commit 5da529b - RDMA/irdma: avoid invalid read in irdma_net_event (CVE-2025-71133 bsc#1256733) - commit d92ea95 - RDMA/cm: Fix leaking the multicast GID table reference (CVE-2025-71084 bsc#1256622) - commit 677f876 - ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT (CVE-2025-71080 bsc#1256608). - smc91x: fix broken irq-context in PREEMPT_RT (CVE-2025-71132 bsc#1256737). - commit 1c36926 - sched/fair: Disable scheduler feature NEXT_BUDDY (bsc#1255459). - commit a542b6f - drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128 CVE-2025-68296) - commit 77ece13 - Remove patches.suse/0001-drm-fbcon-vga_switcheroo-Avoid-race-condition-in-fbc.patch Remove this patch before remaking it in an appropriate way. - commit f91d20a - SUNRPC: svcauth_gss: avoid NULL deref on zero length gss_token in gss_read_proxy_verf (CVE-2025-71120 bsc#1256779). - commit 796b399 ++++ nvidia-open-driver-G06-signed: - updated CUDA variant to version 580.126.09 - supersedes kernel-6.18.patch ++++ python-urllib3: - Add security patch: * CVE-2025-66471.patch (bsc#1254867) * CVE-2025-66418.patch (bsc#1254866) ------------------------------------------------------------------ ------------------ 2026-1-19 - Jan 19 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: qla2xxx: Fix improper freeing of purex item (CVE-2025-68741 bsc#1255703). - scsi: sg: Do not sleep in atomic context (CVE-2025-40259 bsc#1254845). - blk-throttle: fix access race during throttle policy activation (CVE-2025-40147 bsc#1253344). - commit 3a550b4 - arp: do not assume dev_hard_header() does not change skb->head (CVE-2025-71098 bsc#1256591). - ip6_gre: make ip6gre_header() robust (CVE-2025-71098 bsc#1256591). - commit 7dae7cf - ksm: use range-walk function to jump over holes in scan_get_next_rmap_item (CVE-2025-68211 bsc#1255319). - commit 4816124 - btrfs: release path before iget_failed() in btrfs_read_locked_inode() (git-fixes). - commit fa0306d - btrfs: fix double free of qgroup record after failure to add delayed ref head (bsc#1255542 CVE-2025-68359). - commit 6ceb575 - btrfs: track delayed ref heads in an xarray (git-fixes). - commit 1e30518 - btrfs: remove pointless initialization at btrfs_qgroup_trace_extent() (git-fixes). - commit a6f074a - btrfs: always use delayed_refs local variable at btrfs_qgroup_trace_extent() (git-fixes). - commit fe22722 - btrfs: remove unnecessary delayed refs locking at btrfs_qgroup_trace_extent() (git-fixes). - commit 9f1e0ee - btrfs: store fs_info in a local variable at btrfs_qgroup_trace_extent_post() (git-fixes). - commit 83a75de - btrfs: qgroups: remove bytenr field from struct btrfs_qgroup_extent_record (git-fixes). - commit 4040e94 - btrfs: add comments regarding locking to struct btrfs_delayed_ref_root (git-fixes). - commit c3029d5 - btrfs: assert delayed refs lock is held at add_delayed_ref_head() (git-fixes). - commit a71ad52 - btrfs: assert delayed refs lock is held at find_first_ref_head() (git-fixes). - commit d0232bb - btrfs: assert delayed refs lock is held at find_ref_head() (git-fixes). - commit c64e28a - btrfs: pass fs_info to btrfs_delete_ref_head() (git-fixes). - commit 9209eb3 - btrfs: pass fs_info to functions that search for delayed ref heads (git-fixes). - commit c8e07b0 - btrfs: move delayed ref head unselection to delayed-ref.c (git-fixes). - commit 489dc34 - btrfs: simplify obtaining a delayed ref head (git-fixes). - commit 16c3f62 - btrfs: change return type of btrfs_delayed_ref_lock() to boolean (git-fixes). - commit 03bca3c - btrfs: remove num_entries atomic counter from delayed ref root (git-fixes). - commit 054bc10 - btrfs: use helper to find first ref head at btrfs_destroy_delayed_refs() (git-fixes). - commit 4374302 - btrfs: remove duplicated code to drop delayed ref during transaction abort (git-fixes). - commit 725dadb - btrfs: remove fs_info parameter from btrfs_cleanup_one_transaction() (git-fixes). - commit 1591511 - btrfs: remove fs_info parameter from btrfs_destroy_delayed_refs() (git-fixes). - commit 9c2d1b7 - btrfs: move btrfs_destroy_delayed_refs() to delayed-ref.c (git-fixes). - commit 3491ecf - btrfs: remove BUG_ON() at btrfs_destroy_delayed_refs() (git-fixes). - commit 08fe1bf - move GDMA_DRV_CAP_FLAG_1_DYNAMIC_IRQ_ALLOC_SUPPORT to upstream location - remove a bpf CVE change which is already part of the base kernel - net: hv_netvsc: reject RSS hash key programming without RX indirection table (git-fixes). - RDMA/mana_ib: check cqe length for kernel CQs (git-fixes). - Drivers: hv: use kmalloc_array() instead of kmalloc() (git-fixes). - mshv: Fix create memory region overlap check (bsc#1255708 CVE-2025-68743). - Drivers: hv: Use kmalloc_array() instead of kmalloc() (git-fixes). - Drivers: hv: Resolve ambiguity in hypervisor version log (git-fixes). - Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes). - Drivers: hv: remove stale comment (git-fixes). - mshv: Fix deposit memory in MSHV_ROOT_HVCALL (git-fixes). - mshv: Fix VpRootDispatchThreadBlocked value (git-fixes). - net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes). - commit 5f8e751 - dmaengine: apple-admac: Add "apple,t8103-admac" compatible (git-fixes). - dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes). - dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes). - dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes). - dmaengine: xilinx_dma: Fix uninitialized addr_width when "xlnx,addrwidth" property is missing (git-fixes). - dmaengine: tegra-adma: Fix use-after-free (git-fixes). - dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes). - dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes). - dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes). - dmaengine: stm32: dmamux: fix OF node leak on route allocation failure (git-fixes). - dmaengine: stm32: dmamux: fix device leak on route allocation (git-fixes). - dmaengine: lpc32xx-dmamux: fix device leak on route allocation (git-fixes). - dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes). - dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes). - dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes). - dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes). - dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes). - dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes). - phy: broadcom: ns-usb3: Fix Wvoid-pointer-to-enum-cast warning (again) (git-fixes). - phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes). - phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes). - phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes). - phy: ti: gmii-sel: fix regmap leak on probe failure (git-fixes). - phy: ti: da8xx-usb: Handle devm_pm_runtime_enable() errors (git-fixes). - phy: stm32-usphyc: Fix off by one in probe() (git-fixes). - phy: fsl-imx8mq-usb: Clear the PCS_TX_SWING_FULL field before using it (git-fixes). - i2c: riic: Move suspend handling to NOIRQ phase (git-fixes). - commit f852916 ++++ kernel-rt: - scsi: qla2xxx: Fix improper freeing of purex item (CVE-2025-68741 bsc#1255703). - scsi: sg: Do not sleep in atomic context (CVE-2025-40259 bsc#1254845). - blk-throttle: fix access race during throttle policy activation (CVE-2025-40147 bsc#1253344). - commit 3a550b4 - arp: do not assume dev_hard_header() does not change skb->head (CVE-2025-71098 bsc#1256591). - ip6_gre: make ip6gre_header() robust (CVE-2025-71098 bsc#1256591). - commit 7dae7cf - ksm: use range-walk function to jump over holes in scan_get_next_rmap_item (CVE-2025-68211 bsc#1255319). - commit 4816124 - btrfs: release path before iget_failed() in btrfs_read_locked_inode() (git-fixes). - commit fa0306d - btrfs: fix double free of qgroup record after failure to add delayed ref head (bsc#1255542 CVE-2025-68359). - commit 6ceb575 - btrfs: track delayed ref heads in an xarray (git-fixes). - commit 1e30518 - btrfs: remove pointless initialization at btrfs_qgroup_trace_extent() (git-fixes). - commit a6f074a - btrfs: always use delayed_refs local variable at btrfs_qgroup_trace_extent() (git-fixes). - commit fe22722 - btrfs: remove unnecessary delayed refs locking at btrfs_qgroup_trace_extent() (git-fixes). - commit 9f1e0ee - btrfs: store fs_info in a local variable at btrfs_qgroup_trace_extent_post() (git-fixes). - commit 83a75de - btrfs: qgroups: remove bytenr field from struct btrfs_qgroup_extent_record (git-fixes). - commit 4040e94 - btrfs: add comments regarding locking to struct btrfs_delayed_ref_root (git-fixes). - commit c3029d5 - btrfs: assert delayed refs lock is held at add_delayed_ref_head() (git-fixes). - commit a71ad52 - btrfs: assert delayed refs lock is held at find_first_ref_head() (git-fixes). - commit d0232bb - btrfs: assert delayed refs lock is held at find_ref_head() (git-fixes). - commit c64e28a - btrfs: pass fs_info to btrfs_delete_ref_head() (git-fixes). - commit 9209eb3 - btrfs: pass fs_info to functions that search for delayed ref heads (git-fixes). - commit c8e07b0 - btrfs: move delayed ref head unselection to delayed-ref.c (git-fixes). - commit 489dc34 - btrfs: simplify obtaining a delayed ref head (git-fixes). - commit 16c3f62 - btrfs: change return type of btrfs_delayed_ref_lock() to boolean (git-fixes). - commit 03bca3c - btrfs: remove num_entries atomic counter from delayed ref root (git-fixes). - commit 054bc10 - btrfs: use helper to find first ref head at btrfs_destroy_delayed_refs() (git-fixes). - commit 4374302 - btrfs: remove duplicated code to drop delayed ref during transaction abort (git-fixes). - commit 725dadb - btrfs: remove fs_info parameter from btrfs_cleanup_one_transaction() (git-fixes). - commit 1591511 - btrfs: remove fs_info parameter from btrfs_destroy_delayed_refs() (git-fixes). - commit 9c2d1b7 - btrfs: move btrfs_destroy_delayed_refs() to delayed-ref.c (git-fixes). - commit 3491ecf - btrfs: remove BUG_ON() at btrfs_destroy_delayed_refs() (git-fixes). - commit 08fe1bf - move GDMA_DRV_CAP_FLAG_1_DYNAMIC_IRQ_ALLOC_SUPPORT to upstream location - remove a bpf CVE change which is already part of the base kernel - net: hv_netvsc: reject RSS hash key programming without RX indirection table (git-fixes). - RDMA/mana_ib: check cqe length for kernel CQs (git-fixes). - Drivers: hv: use kmalloc_array() instead of kmalloc() (git-fixes). - mshv: Fix create memory region overlap check (bsc#1255708 CVE-2025-68743). - Drivers: hv: Use kmalloc_array() instead of kmalloc() (git-fixes). - Drivers: hv: Resolve ambiguity in hypervisor version log (git-fixes). - Drivers: hv: fix missing kernel-doc description for 'size' in request_arr_init() (git-fixes). - Drivers: hv: remove stale comment (git-fixes). - mshv: Fix deposit memory in MSHV_ROOT_HVCALL (git-fixes). - mshv: Fix VpRootDispatchThreadBlocked value (git-fixes). - net: mana: Move hardware counter stats from per-port to per-VF context (git-fixes). - commit 5f8e751 - dmaengine: apple-admac: Add "apple,t8103-admac" compatible (git-fixes). - dmaengine: omap-dma: fix dma_pool resource leak in error paths (git-fixes). - dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config() (git-fixes). - dmaengine: sh: rz-dmac: Fix rz_dmac_terminate_all() (git-fixes). - dmaengine: xilinx_dma: Fix uninitialized addr_width when "xlnx,addrwidth" property is missing (git-fixes). - dmaengine: tegra-adma: Fix use-after-free (git-fixes). - dmaengine: ti: k3-udma: fix device leak on udma lookup (git-fixes). - dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation (git-fixes). - dmaengine: ti: dma-crossbar: fix device leak on dra7x route allocation (git-fixes). - dmaengine: stm32: dmamux: fix OF node leak on route allocation failure (git-fixes). - dmaengine: stm32: dmamux: fix device leak on route allocation (git-fixes). - dmaengine: lpc32xx-dmamux: fix device leak on route allocation (git-fixes). - dmaengine: lpc18xx-dmamux: fix device leak on route allocation (git-fixes). - dmaengine: idxd: fix device leaks on compat bind and unbind (git-fixes). - dmaengine: dw: dmamux: fix OF node leak on route allocation failure (git-fixes). - dmaengine: bcm-sba-raid: fix device leak on probe (git-fixes). - dmaengine: at_hdmac: fix device leak on of_dma_xlate() (git-fixes). - dmaengine: xilinx: xdma: Fix regmap max_register (git-fixes). - phy: broadcom: ns-usb3: Fix Wvoid-pointer-to-enum-cast warning (again) (git-fixes). - phy: tegra: xusb: Explicitly configure HS_DISCON_LEVEL to 0x7 (git-fixes). - phy: rockchip: inno-usb2: fix communication disruption in gadget mode (git-fixes). - phy: rockchip: inno-usb2: fix disconnection in gadget mode (git-fixes). - phy: ti: gmii-sel: fix regmap leak on probe failure (git-fixes). - phy: ti: da8xx-usb: Handle devm_pm_runtime_enable() errors (git-fixes). - phy: stm32-usphyc: Fix off by one in probe() (git-fixes). - phy: fsl-imx8mq-usb: Clear the PCS_TX_SWING_FULL field before using it (git-fixes). - i2c: riic: Move suspend handling to NOIRQ phase (git-fixes). - commit f852916 ++++ samba: - Update to 4.22.7 * Samba 4.22 breaks Time Machine; (bso#15926). * Searching for numbers doesn't work with Spotlight; (bso#15930). * mdssvc doesn't support $time.iso dates before 1970; (bso#15947). * Fix winbind cache consistency; (bso#15963). * vfs_recycle does not update mtime; (bso#15940). * Assert failed: (dirfd != -1) || (smb_fname->base_name[0] == '/') in vfswrap_openat; (bso#15897). * ctdb can crash with inconsistent cluster lock configuration; (bso#15950). * samba-bgqd: rework man page; (bso#15809). * samba-bgqd can't find [printers] share; (bso#15936); (bsc#1254586). * Winbind can hang forever in gssapi if there are network issues; (bso#15955). * libldb requires linking libreplace on Linux; (bso#15961). * Crash in ctdbd on failed updateip; (bso#15935). ------------------------------------------------------------------ ------------------ 2026-1-18 - Jan 18 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/amdgpu: Fix query for VPE block_type and ip_count (stable-fixes). - drm/amd/display: Apply e4479aecf658 to dml (stable-fixes). - spi: cadence-quadspi: Prevent lost complete() call during indirect read (stable-fixes). - ata: libata-core: Disable LPM on ST2000DM008-2FR102 (stable-fixes). - spi: mt65xx: Use IRQF_ONESHOT with threaded IRQ (stable-fixes). - drm/amdkfd: Fix improper NULL termination of queue restore SMI event string (stable-fixes). - drm/amd/display: shrink struct members (stable-fixes). - ASoC: rockchip: Fix Wvoid-pointer-to-enum-cast warning (again) (stable-fixes). - drm/amd/display: Respect user's CONFIG_FRAME_WARN more for dml files (stable-fixes). - commit d246be3 - mei: me: add nova lake point S DID (stable-fixes). - gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes). - drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes). - ASoC: fsl_sai: Add missing registers to cache default (stable-fixes). - ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes). - ALSA: usb-audio: Update for native DSD support quirks (stable-fixes). - drm/amd/display: Fix DP no audio issue (stable-fixes). - powercap: fix sscanf() error return value handling (stable-fixes). - powercap: fix race condition in register_control_type() (stable-fixes). - can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes). - gpio: pca953x: Add support for level-triggered interrupts (stable-fixes). - commit 18eceac - ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582 CVE-2025-68771). - commit a066f3b ++++ kernel-rt: - drm/amdgpu: Fix query for VPE block_type and ip_count (stable-fixes). - drm/amd/display: Apply e4479aecf658 to dml (stable-fixes). - spi: cadence-quadspi: Prevent lost complete() call during indirect read (stable-fixes). - ata: libata-core: Disable LPM on ST2000DM008-2FR102 (stable-fixes). - spi: mt65xx: Use IRQF_ONESHOT with threaded IRQ (stable-fixes). - drm/amdkfd: Fix improper NULL termination of queue restore SMI event string (stable-fixes). - drm/amd/display: shrink struct members (stable-fixes). - ASoC: rockchip: Fix Wvoid-pointer-to-enum-cast warning (again) (stable-fixes). - drm/amd/display: Respect user's CONFIG_FRAME_WARN more for dml files (stable-fixes). - commit d246be3 - mei: me: add nova lake point S DID (stable-fixes). - gpio: pca953x: handle short interrupt pulses on PCAL devices (git-fixes). - drm/radeon: Remove __counted_by from ClockInfoArray.clockInfo[] (stable-fixes). - ASoC: fsl_sai: Add missing registers to cache default (stable-fixes). - ASoC: amd: yc: Add quirk for Honor MagicBook X16 2025 (stable-fixes). - ALSA: usb-audio: Update for native DSD support quirks (stable-fixes). - drm/amd/display: Fix DP no audio issue (stable-fixes). - powercap: fix sscanf() error return value handling (stable-fixes). - powercap: fix race condition in register_control_type() (stable-fixes). - can: j1939: make j1939_session_activate() fail if device is no longer registered (stable-fixes). - gpio: pca953x: Add support for level-triggered interrupts (stable-fixes). - commit 18eceac - ocfs2: fix kernel BUG in ocfs2_find_victim_chain (bsc#1256582 CVE-2025-68771). - commit a066f3b ------------------------------------------------------------------ ------------------ 2026-1-17 - Jan 17 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes). - drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes). - drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes). - drm/vmwgfx: Merge vmw_bo_release and vmw_bo_free functions (git-fixes). - drm/amd/display: Initialise backlight level values from hw (git-fixes). - drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes). - PM: EM: Fix incorrect description of the cost field in struct em_perf_state (git-fixes). - ASoC: tlv320adcx140: fix word length (git-fixes). - ASoC: tlv320adcx140: fix null pointer (git-fixes). - ASoC: sdw_utils: cs42l43: Enable Headphone pin for LINEOUT jack type (git-fixes). - ASoC: codecs: wsa884x: fix codec initialisation (git-fixes). - ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes). - ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes). - ALSA: hda/cirrus_scodec_test: Fix test suite name (git-fixes). - ALSA: hda/cirrus_scodec_test: Fix incorrect setup of gpiochip (git-fixes). - commit fcd5437 ++++ kernel-rt: - drm/nouveau/disp/nv50-: Set lock_core in curs507a_prepare (git-fixes). - drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel (git-fixes). - drm/vmwgfx: Fix an error return check in vmw_compat_shader_add() (git-fixes). - drm/vmwgfx: Merge vmw_bo_release and vmw_bo_free functions (git-fixes). - drm/amd/display: Initialise backlight level values from hw (git-fixes). - drm/amdkfd: fix a memory leak in device_queue_manager_init() (git-fixes). - PM: EM: Fix incorrect description of the cost field in struct em_perf_state (git-fixes). - ASoC: tlv320adcx140: fix word length (git-fixes). - ASoC: tlv320adcx140: fix null pointer (git-fixes). - ASoC: sdw_utils: cs42l43: Enable Headphone pin for LINEOUT jack type (git-fixes). - ASoC: codecs: wsa884x: fix codec initialisation (git-fixes). - ASoC: codecs: wsa881x: fix unnecessary initialisation (git-fixes). - ASoC: codecs: wsa883x: fix unnecessary initialisation (git-fixes). - ALSA: hda/cirrus_scodec_test: Fix test suite name (git-fixes). - ALSA: hda/cirrus_scodec_test: Fix incorrect setup of gpiochip (git-fixes). - commit fcd5437 ------------------------------------------------------------------ ------------------ 2026-1-16 - Jan 16 2026 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Drop 0010-add-onExpand-prop-to-ListingTable.patch: Has been upstreamed - Update to 354 * changes since 351 - 354 * Convert documentation to AsciiDoc * Work around Firefox 146/147 bug (rhbz#2422331) * Bug fixes - 353 * Networking: Suggest prefix length and gateway address * Bug fixes and translation updates - 352 * Shown a warning if the last shutdown/reboot was unclean * Bug fixes and translation updates ++++ kernel-default: - caif: fix integer underflow in cffrml_receive() (CVE-2025-68799 bsc#1256643) - commit 1ef0d96 - NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (CVE-2025-68764 bsc#1255930). - commit 09d81f3 - coresight: ETR: Fix ETR buffer use-after-free issue (CVE-2025-68376 bsc#1255529) - commit a4ff2c1 - net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (CVE-2025-68776 bsc#1256659) - commit 49a3b6c - block: fix memory leak in __blkdev_issue_zero_pages (CVE-2025-68348 bsc#1255694) - commit 73e6c55 - RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (CVE-2025-68379 bsc#1255695) - commit c6b18fc - Fix KABI for "md: fix rcu protection in md_wakeup_thread" (CVE-2025-68374 bsc#1255530). - commit 19ea2fb - ice: use netif_get_num_default_rss_queues() (bsc#1247712). - commit 9a8d388 - scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Allow recovery for tape devices (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Add Speed in SFP print information (bsc#1256865 bsc#1256867 jsc#PED-14156). - commit c16cfd0 - iavf: fix off-by-one issues in iavf_config_rss_reg() (CVE-2025-71087 bsc#1256628). - net: mana: Fix incorrect speed reported by debugfs (bsc#1255232). - net: mana: Support HW link state events (bsc#1253049). - veth: reduce XDP no_direct return section to fix race (CVE-2025-68341 bsc#1255506). - commit ffa2fc1 - scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256864). - scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256864). - commit ff9c1e2 - Refresh patches.suse/perf-hwmon_pmu-Fix-uninitialized-variable-warning.patch. - Refresh patches.suse/scsi-lpfc-Add-capability-to-register-Platform-Name-I.patch. - Refresh patches.suse/scsi-lpfc-Allow-support-for-BB-credit-recovery-in-po.patch. - Refresh patches.suse/scsi-lpfc-Ensure-unregistration-of-rpis-for-received.patch. - Refresh patches.suse/scsi-lpfc-Fix-leaked-ndlp-krefs-when-in-point-to-poi.patch. - Refresh patches.suse/scsi-lpfc-Fix-reusing-an-ndlp-that-is-marked-NLP_DRO.patch. - Refresh patches.suse/scsi-lpfc-Modify-kref-handling-for-Fabric-Controller.patch. - Refresh patches.suse/scsi-lpfc-Remove-redundant-NULL-ptr-assignment-in-lp.patch. - Refresh patches.suse/scsi-lpfc-Revise-discovery-related-function-headers-.patch. - Refresh patches.suse/scsi-lpfc-Update-lpfc-version-to-14.4.0.12.patch. - Refresh patches.suse/scsi-lpfc-Update-various-NPIV-diagnostic-log-messagi.patch. - commit b68a391 - md: fix rcu protection in md_wakeup_thread (CVE-2025-68374 bsc#1255530). - commit 4c1b1ef - NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CVE-2025-68349 bsc#1255544). - commit 6b33846 - md: init bioset in mddev_init (CVE-2025-68368 bsc#1255527). - commit 4b605d4 - ipvs: fix ipv4 null-ptr-deref in route error path (CVE-2025-68813 bsc#1256641). - commit dfa5bc8 - drm/panthor: Prevent potential UAF in group creation (CVE-2025-68735 bsc#1255811). - commit ab86e96 - nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (CVE-2025-40261 bsc#1254839). - nvme-multipath: fix lockdep WARN due to partition scan work (CVE-2025-68218 bsc#1255245). - commit ff3bc4b - wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks (CVE-2025-68360 bsc#1255536). - commit 5863e8a - Refresh patches.kabi/bpf-Enforce-expected_attach_type-for-tailcall-compat.patch. Refresh kABI workaround to use 'unsigned char' instead of the original 'enum bpf_attach_type' as the data type. It was discovered at SL-16.0 MU submission time that the kABI workaround currently in-place does not work on -rt flavor. The reason is that due to preceding spinlock_t having a different size, the hole was only 2 bytes instead of 6 bytes, and thus too small to fit 'enum'. Since all the possible enum values are small enough to fit within 'unsigned char', switch the data type of the new field to that instead. - commit 06ff4d9 - drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128 CVE-2025-68296) - commit 1b12281 - efi/cper: Fix cper_bits_to_str buffer handling and return value (git-fixes). - lib/buildid: use __kernel_read() for sleepable context (git-fixes). - net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes). - can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak (git-fixes). - can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes). - commit 6b2a65b ++++ kernel-rt: - caif: fix integer underflow in cffrml_receive() (CVE-2025-68799 bsc#1256643) - commit 1ef0d96 - NFS: Automounted filesystems should inherit ro,noexec,nodev,sync flags (CVE-2025-68764 bsc#1255930). - commit 09d81f3 - coresight: ETR: Fix ETR buffer use-after-free issue (CVE-2025-68376 bsc#1255529) - commit a4ff2c1 - net/hsr: fix NULL pointer dereference in prp_get_untagged_frame() (CVE-2025-68776 bsc#1256659) - commit 49a3b6c - block: fix memory leak in __blkdev_issue_zero_pages (CVE-2025-68348 bsc#1255694) - commit 73e6c55 - RDMA/rxe: Fix null deref on srq->rq.queue after resize failure (CVE-2025-68379 bsc#1255695) - commit c6b18fc - Fix KABI for "md: fix rcu protection in md_wakeup_thread" (CVE-2025-68374 bsc#1255530). - commit 19ea2fb - ice: use netif_get_num_default_rss_queues() (bsc#1247712). - commit 9a8d388 - scsi: qla2xxx: Update version to 10.02.10.100-k (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Fix bsg_done() causing double free (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Query FW again before proceeding with login (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Validate sp before freeing associated memory (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Free sp in error path to fix system crash (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Delay module unload while fabric scan in progress (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Allow recovery for tape devices (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Add bsg interface to support firmware img validation (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Validate MCU signature before executing MBC 03h (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Add load flash firmware mailbox support for 28xxx (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Add support for 64G SFP speed (bsc#1256865 bsc#1256867 jsc#PED-14156). - scsi: qla2xxx: Add Speed in SFP print information (bsc#1256865 bsc#1256867 jsc#PED-14156). - commit c16cfd0 - iavf: fix off-by-one issues in iavf_config_rss_reg() (CVE-2025-71087 bsc#1256628). - net: mana: Fix incorrect speed reported by debugfs (bsc#1255232). - net: mana: Support HW link state events (bsc#1253049). - veth: reduce XDP no_direct return section to fix race (CVE-2025-68341 bsc#1255506). - commit ffa2fc1 - scsi: lpfc: Update lpfc version to 14.4.0.13 (bsc#1256864). - scsi: lpfc: Rework lpfc_sli4_fcf_rr_next_index_get() (bsc#1256864). - commit ff9c1e2 - Refresh patches.suse/perf-hwmon_pmu-Fix-uninitialized-variable-warning.patch. - Refresh patches.suse/scsi-lpfc-Add-capability-to-register-Platform-Name-I.patch. - Refresh patches.suse/scsi-lpfc-Allow-support-for-BB-credit-recovery-in-po.patch. - Refresh patches.suse/scsi-lpfc-Ensure-unregistration-of-rpis-for-received.patch. - Refresh patches.suse/scsi-lpfc-Fix-leaked-ndlp-krefs-when-in-point-to-poi.patch. - Refresh patches.suse/scsi-lpfc-Fix-reusing-an-ndlp-that-is-marked-NLP_DRO.patch. - Refresh patches.suse/scsi-lpfc-Modify-kref-handling-for-Fabric-Controller.patch. - Refresh patches.suse/scsi-lpfc-Remove-redundant-NULL-ptr-assignment-in-lp.patch. - Refresh patches.suse/scsi-lpfc-Revise-discovery-related-function-headers-.patch. - Refresh patches.suse/scsi-lpfc-Update-lpfc-version-to-14.4.0.12.patch. - Refresh patches.suse/scsi-lpfc-Update-various-NPIV-diagnostic-log-messagi.patch. - commit b68a391 - md: fix rcu protection in md_wakeup_thread (CVE-2025-68374 bsc#1255530). - commit 4c1b1ef - NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CVE-2025-68349 bsc#1255544). - commit 6b33846 - md: init bioset in mddev_init (CVE-2025-68368 bsc#1255527). - commit 4b605d4 - ipvs: fix ipv4 null-ptr-deref in route error path (CVE-2025-68813 bsc#1256641). - commit dfa5bc8 - drm/panthor: Prevent potential UAF in group creation (CVE-2025-68735 bsc#1255811). - commit ab86e96 - nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (CVE-2025-40261 bsc#1254839). - nvme-multipath: fix lockdep WARN due to partition scan work (CVE-2025-68218 bsc#1255245). - commit ff3bc4b - wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks (CVE-2025-68360 bsc#1255536). - commit 5863e8a - Refresh patches.kabi/bpf-Enforce-expected_attach_type-for-tailcall-compat.patch. Refresh kABI workaround to use 'unsigned char' instead of the original 'enum bpf_attach_type' as the data type. It was discovered at SL-16.0 MU submission time that the kABI workaround currently in-place does not work on -rt flavor. The reason is that due to preceding spinlock_t having a different size, the hole was only 2 bytes instead of 6 bytes, and thus too small to fit 'enum'. Since all the possible enum values are small enough to fit within 'unsigned char', switch the data type of the new field to that instead. - commit 06ff4d9 - drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup (bsc#1255128 CVE-2025-68296) - commit 1b12281 - efi/cper: Fix cper_bits_to_str buffer handling and return value (git-fixes). - lib/buildid: use __kernel_read() for sleepable context (git-fixes). - net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts (git-fixes). - can: ctucanfd: fix SSP_SRC in cases when bit-rate is higher than 1 MBit (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): fix URB memory leak (git-fixes). - can: etas_es58x: allow partial RX URB allocation to succeed (git-fixes). - commit 6b2a65b ++++ harfbuzz: - Add harfbuzz-CVE-2026-22693.patch: fix a NULL pointer dereference (bsc#1256459 CVE-2026-22693). ------------------------------------------------------------------ ------------------ 2026-1-15 - Jan 15 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285 bsc#1255401). - commit bfcbd27 - landlock: Fix handling of disconnected directories (CVE-2025-68736 bsc#1255698). - landlock: Optimize file path walks and prepare for audit support (CVE-2025-68736 bsc#1255698). - commit 255f197 - libceph: fix invalid accesses to ceph_connection_v1_info (CVE-2025-39880 bsc#1250388). - commit f8b4e56 - ceph: fix race condition validating r_parent before applying state (CVE-2025-39880 bsc#1250388). - commit 5a88d0a - cpuset: fix warning when disabling remote partition (bsc#1256794). - commit ab4d052 - RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (CVE-2025-71096 bsc#1256606) - commit 6757234 - mptcp: Fix proto fallback detection with BPF (CVE-2025-68227 bsc#1255216). - commit e27edfa - Refresh patches.suse/smb-client-introduce-close_cached_dir_locked-.patch. Just refresh to fix: warning: patches.suse/smb-client-introduce-close_cached_dir_locked-.patch: Patch unexpectedly ends in the middle of a line. - commit 675e06b - x86/fpu: Ensure XFD state on signal delivery (CVE-2025-68171 bsc#1255255). - commit 74e061b ++++ kernel-rt: - libceph: fix potential use-after-free in have_mon_and_osd_map() (CVE-2025-68285 bsc#1255401). - commit bfcbd27 - landlock: Fix handling of disconnected directories (CVE-2025-68736 bsc#1255698). - landlock: Optimize file path walks and prepare for audit support (CVE-2025-68736 bsc#1255698). - commit 255f197 - libceph: fix invalid accesses to ceph_connection_v1_info (CVE-2025-39880 bsc#1250388). - commit f8b4e56 - ceph: fix race condition validating r_parent before applying state (CVE-2025-39880 bsc#1250388). - commit 5a88d0a - cpuset: fix warning when disabling remote partition (bsc#1256794). - commit ab4d052 - RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly (CVE-2025-71096 bsc#1256606) - commit 6757234 - mptcp: Fix proto fallback detection with BPF (CVE-2025-68227 bsc#1255216). - commit e27edfa - Refresh patches.suse/smb-client-introduce-close_cached_dir_locked-.patch. Just refresh to fix: warning: patches.suse/smb-client-introduce-close_cached_dir_locked-.patch: Patch unexpectedly ends in the middle of a line. - commit 675e06b - x86/fpu: Ensure XFD state on signal delivery (CVE-2025-68171 bsc#1255255). - commit 74e061b ++++ libpng16: - security update - added patches * libpng16-CVE-2025-22801.patch CVE-2026-22695 [bsc#1256525], Heap buffer over-read in png_image_finish_read * libpng16-CVE-2026-22695.patch CVE-2026-22801 [bsc#1256526], Integer truncation causing heap buffer over-read in png_image_write_* * libpng16-CVE-2026-22801.patch ------------------------------------------------------------------ ------------------ 2026-1-14 - Jan 14 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - sched: Increase sched_tick_remote timeout (bsc#1254510). - commit 6c6193f - ice: fix PTP cleanup on driver removal in error path (CVE-2025-68215 bsc#1255226). - commit eb213a2 - KVM: VMX: Clean up and macrofy x86_ops (git-fixes). - Refresh patches.suse/KVM-x86-Drop-kvm_x86_ops.set_dr6-in-favor-of-a-new-K.patch. - Refresh patches.suse/KVM-VMX-Preserve-host-s-DEBUGCTLMSR_FREEZE_IN_SMM-wh.patch. - commit 03cc358 - KVM: VMX: Define a VMX glue macro for kvm_complete_insn_gp() (git-fixes). - commit 2d0bc5c - KVM: VMX: Move vt_apicv_pre_state_restore() to posted_intr.c and tweak name (git-fixes). - Refresh patches.suse/KVM-Pass-new-routing-entries-and-irqfd-when-updating.patch. - commit 6b2a898 - nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes). - commit a1c2afd - amd/amdkfd: enhance kfd process check in switch partition (CVE-2025-68174 bsc#1255327). - commit 7117c37 - selftests/bpf: Test bpf_skb_check_mtu(BPF_MTU_CHK_SEGS) when transport_header is not set (CVE-2025-68363 bsc#1255552). - commit ed9cc2b - bpf: Check skb->transport_header is set in bpf_skb_check_mtu (CVE-2025-68363 bsc#1255552). - commit 8c412fd ++++ kernel-rt: - sched: Increase sched_tick_remote timeout (bsc#1254510). - commit 6c6193f - ice: fix PTP cleanup on driver removal in error path (CVE-2025-68215 bsc#1255226). - commit eb213a2 - KVM: VMX: Clean up and macrofy x86_ops (git-fixes). - Refresh patches.suse/KVM-x86-Drop-kvm_x86_ops.set_dr6-in-favor-of-a-new-K.patch. - Refresh patches.suse/KVM-VMX-Preserve-host-s-DEBUGCTLMSR_FREEZE_IN_SMM-wh.patch. - commit 03cc358 - KVM: VMX: Define a VMX glue macro for kvm_complete_insn_gp() (git-fixes). - commit 2d0bc5c - KVM: VMX: Move vt_apicv_pre_state_restore() to posted_intr.c and tweak name (git-fixes). - Refresh patches.suse/KVM-Pass-new-routing-entries-and-irqfd-when-updating.patch. - commit 6b2a898 - nvme: nvme-fc: move tagset removal to nvme_fc_delete_ctrl() (git-fixes). - commit a1c2afd - amd/amdkfd: enhance kfd process check in switch partition (CVE-2025-68174 bsc#1255327). - commit 7117c37 - selftests/bpf: Test bpf_skb_check_mtu(BPF_MTU_CHK_SEGS) when transport_header is not set (CVE-2025-68363 bsc#1255552). - commit ed9cc2b - bpf: Check skb->transport_header is set in bpf_skb_check_mtu (CVE-2025-68363 bsc#1255552). - commit 8c412fd ++++ libzypp: - Avoid libcurl-mini4 when building as it does not support ftp protocol. - Translation: updated .pot file. - version 17.38.1 (35) ------------------------------------------------------------------ ------------------ 2026-1-13 - Jan 13 2026 ------------------- ------------------------------------------------------------------ ++++ avahi: - Add avahi-CVE-2025-68276.patch: Backport 0c013e2 from upstream, refuse to create wide-area record browsers when wide-area is off. (CVE-2025-68276, bsc#1256498) - Add avahi-CVE-2025-68471.patch: Backport 9c6eb53 from upstream, fix DoS bug by changing assert to return. (CVE-2025-68471, bsc#1256500) - Add avahi-CVE-2025-68468.patch: Backport f66be13 from upstream, fix DoS bug by removing incorrect assertion. (CVE-2025-68468, bsc#1256499) ++++ kernel-default: - rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer (bsc#1254408 CVE-2025-38704) - commit 7bdb299 - sched_ext: Fix unsafe locking in the scx_dump_state() (bsc#1255223 CVE-2025-68202) - commit 22f9135 - btrfs: fix reservation leak in some error paths when inserting inline extent (git-fixes). - commit 362a620 - btrfs: do not free data reservation in fallback from inline due to -ENOSPC (git-fixes). - commit 38b35b2 - btrfs: fix the qgroup data free range for inline data extents (git-fixes). - commit 9d6cfa8 - btrfs: always detect conflicting inodes when logging inode refs (git-fixes). - commit 626d828 - btrfs: release path before initializing extent tree in btrfs_read_locked_inode() (git-fixes). - commit 78aa23f - ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378). - commit af9447d - supported.conf: Mark lan 743x supported (jsc#PED-14571) - commit b80b147 - Set HZ=1000 for ppc64 default configuration (jsc#PED-14344) Update based on upstream commit a206d2334012 ("powerpc/defconfigs: Set HZ=1000 on ppc64 and powernv defconfigs") and requested by jsc#PED-14344. - commit 031e354 - net: vxlan: prevent NULL deref in vxlan_xmit_one (CVE-2025-68353 bsc#1255533). - net/mlx5: Fix IPsec cleanup over MPV device (CVE-2025-40238 bsc#1254871). - net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (CVE-2025-40350 bsc#1255260). - commit 0edf819 - bpf: Fix invalid prog->stats access when update_effective_progs fails (CVE-2025-68742 bsc#1255707). - commit 4f8b390 ++++ kernel-rt: - rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer (bsc#1254408 CVE-2025-38704) - commit 7bdb299 - sched_ext: Fix unsafe locking in the scx_dump_state() (bsc#1255223 CVE-2025-68202) - commit 22f9135 - btrfs: fix reservation leak in some error paths when inserting inline extent (git-fixes). - commit 362a620 - btrfs: do not free data reservation in fallback from inline due to -ENOSPC (git-fixes). - commit 38b35b2 - btrfs: fix the qgroup data free range for inline data extents (git-fixes). - commit 9d6cfa8 - btrfs: always detect conflicting inodes when logging inode refs (git-fixes). - commit 626d828 - btrfs: release path before initializing extent tree in btrfs_read_locked_inode() (git-fixes). - commit 78aa23f - ext4: use optimized mballoc scanning regardless of inode format (bsc#1254378). - commit af9447d - supported.conf: Mark lan 743x supported (jsc#PED-14571) - commit b80b147 - Set HZ=1000 for ppc64 default configuration (jsc#PED-14344) Update based on upstream commit a206d2334012 ("powerpc/defconfigs: Set HZ=1000 on ppc64 and powernv defconfigs") and requested by jsc#PED-14344. - commit 031e354 - net: vxlan: prevent NULL deref in vxlan_xmit_one (CVE-2025-68353 bsc#1255533). - net/mlx5: Fix IPsec cleanup over MPV device (CVE-2025-40238 bsc#1254871). - net/mlx5e: RX, Fix generating skb from non-linear xdp_buff for striding RQ (CVE-2025-40350 bsc#1255260). - commit 0edf819 - bpf: Fix invalid prog->stats access when update_effective_progs fails (CVE-2025-68742 bsc#1255707). - commit 4f8b390 ++++ systemd: - Name libsystemd-{shared,core} based on the major version of systemd and the package release number (bsc#1228081 bsc#1256427) This way, both the old and new versions of the shared libraries will be present during the update. This should prevent issues during package updates when incompatible changes are introduced in the new versions of the shared libraries. ++++ nvidia-open-driver-G06-signed: - kernel-5.14.patch * fixes build for sle15-sp4 ++++ python-urllib3: - Add CVE-2026-21441.patch to fix excessive resource consumption during decompression of data in HTTP redirect responses (bsc#1256331, CVE-2026-21441) ------------------------------------------------------------------ ------------------ 2026-1-12 - Jan 12 2026 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20260112.8f614f3: * add ghost entries for the removed dirs * Revert list directories above all normal files. ++++ kernel-default: - perf/x86/intel: Fix KASAN global-out-of-bounds warning (CVE-2025-40359 bsc#1255087). - commit ed1e93a - mlx5: Fix default values in create CQ (CVE-2025-68209 bsc#1255230). - commit 02d60e0 - x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256495). - Refresh patches.suse/x86-microcode-AMD-Limit-Entrysign-signature-checking-to-kn.patch. - commit 6b04345 - x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256495). - x86/microcode/AMD: Select which microcode patch to load (bsc#1256495). - x86/microcode/AMD: Make __verify_patch_size() return bool (bsc#1256495). - x86/microcode/AMD: Remove bogus comment from parse_container() (bsc#1256495). - commit 9f14cfe - crash: fix crashkernel resource shrink (CVE-2025-68198 bsc#1255243) - commit 7e8f708 - bnxt_en: Fix null pointer dereference in bnxt_bs_trace_check_wrap() (CVE-2025-68197 bsc#1255242) - commit 766431f - lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes). - virtio_console: fix order of fields cols and rows (stable-fixes). - commit d55882c - drm/amdgpu: Forward VMID reservation errors (git-fixes). - commit 2373a9d - supported.conf: mark ksmbd unsupported Based on discussion with Enzo Matsumiya it has tuned out that ksmbd module is unsupported but the supported.conf entry is incorrect. Fix that. - commit 143566d - powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029). - commit 594b86e - Update patches.suse/ACPI-video-Fix-use-after-free-in-acpi_video_switch_b.patch (git-fixes CVE-2025-40211 bsc#1254126). - Update patches.suse/ALSA-dice-fix-buffer-overflow-in-detect_stream_forma.patch (git-fixes CVE-2025-68346 bsc#1255603). - Update patches.suse/ALSA-firewire-motu-add-bounds-check-in-put_user-loop.patch (git-fixes CVE-2025-68753 bsc#1256238). - Update patches.suse/ALSA-firewire-motu-fix-buffer-overflow-in-hwdep-read.patch (git-fixes CVE-2025-68347 bsc#1255706). - Update patches.suse/ALSA-hda-cs35l41-Fix-NULL-pointer-dereference-in-cs3-c34b04c.patch (git-fixes CVE-2025-68345 bsc#1255601). - Update patches.suse/ALSA-usb-audio-Fix-NULL-pointer-dereference-in-snd_u.patch (git-fixes CVE-2025-40275 bsc#1254829). - Update patches.suse/ALSA-usb-audio-Fix-potential-overflow-of-PCM-transfe.patch (stable-fixes CVE-2025-40269 bsc#1255035). - Update patches.suse/ALSA-wavefront-Fix-integer-overflow-in-sample-size-v.patch (git-fixes CVE-2025-68344 bsc#1255816). - Update patches.suse/ASoC-Intel-avs-Disable-periods-elapsed-work-when-clo.patch (git-fixes CVE-2025-40344 bsc#1254618). - Update patches.suse/Bluetooth-6lowpan-reset-link-local-header-on-ipv6-re.patch (git-fixes CVE-2025-40282 bsc#1254850). - Update patches.suse/Bluetooth-MGMT-Fix-OOB-access-in-parse_adv_monitor_p.patch (git-fixes CVE-2025-40294 bsc#1255181). - Update patches.suse/Bluetooth-MGMT-cancel-mesh-send-timer-when-hdev-remo.patch (git-fixes CVE-2025-40284 bsc#1254860). - Update patches.suse/Bluetooth-MGMT-fix-crash-in-set_mesh_sync-and-set_me.patch (git-fixes CVE-2025-40213 bsc#1253674). - Update patches.suse/Bluetooth-SCO-Fix-UAF-on-sco_conn_free.patch (stable-fixes CVE-2025-40309 bsc#1255065). - Update patches.suse/Bluetooth-bcsp-receive-data-only-if-registered.patch (stable-fixes CVE-2025-40308 bsc#1255064). - Update patches.suse/Bluetooth-btusb-mediatek-Avoid-btusb_mtk_claim_iso_i.patch (git-fixes CVE-2025-68298 bsc#1255124). - Update patches.suse/Bluetooth-btusb-mediatek-Fix-kernel-crash-when-relea.patch (git-fixes CVE-2025-68306 bsc#1255145). - Update patches.suse/Bluetooth-btusb-reorder-cleanup-in-btusb_disconnect-.patch (git-fixes CVE-2025-40283 bsc#1254858). - Update patches.suse/Bluetooth-hci_event-validate-skb-length-for-unknown-.patch (git-fixes CVE-2025-40301 bsc#1255193). - Update patches.suse/Bluetooth-hci_sock-Prevent-race-in-socket-write-iter.patch (git-fixes CVE-2025-68305 bsc#1255169). - Update patches.suse/Bluetooth-hci_sync-fix-race-in-hci_cmd_sync_dequeue_.patch (git-fixes CVE-2025-40318 bsc#1254798). - Update patches.suse/Input-cros_ec_keyb-fix-an-invalid-memory-access.patch (stable-fixes CVE-2025-40263 bsc#1255077). - Update patches.suse/Input-imx_sc_key-fix-memory-corruption-on-unload.patch (git-fixes CVE-2025-40262 bsc#1254840). - Update patches.suse/Input-pegasus-notetaker-fix-potential-out-of-bounds-.patch (git-fixes CVE-2025-68217 bsc#1255221). - Update patches.suse/KVM-arm64-Check-the-untrusted-offset-in-FF-A-memory-.patch (git-fixes CVE-2025-40266 bsc#1255040). - Update patches.suse/NFS-Fix-LTP-test-failures-when-timestamps-are-delegated.patch (git-fixes CVE-2025-68242 bsc#1255186). - Update patches.suse/NFSD-Fix-crash-in-nfsd4_read_release.patch (git-fixes CVE-2025-40324 bsc#1254791). - Update patches.suse/NFSD-free-copynotify-stateid-in-nfs4_free_ol_stateid.patch (git-fixes CVE-2025-40273 bsc#1254828). - Update patches.suse/PCI-IOV-Add-PCI-rescan-remove-locking-when-enabling-.patch (git-fixes CVE-2025-40219 bsc#1254518). - Update patches.suse/PCI-cadence-Check-for-the-existence-of-cdns_pcie-ops.patch (stable-fixes CVE-2025-68176 bsc#1255329). - Update patches.suse/accel-habanalabs-support-mapping-cb-with-vmalloc-bac.patch (stable-fixes CVE-2025-40311 bsc#1255068). - Update patches.suse/accel-ivpu-Fix-race-condition-when-unbinding-BOs.patch (git-fixes CVE-2025-68749 bsc#1255724). - Update patches.suse/amd-amdkfd-resolve-a-race-in-amdgpu_amdkfd_device_fi.patch (stable-fixes CVE-2025-40310 bsc#1255041). - Update patches.suse/arm64-mte-Do-not-warn-if-the-page-is-already-tagged-in-cop.patch (git-fixes CVE-2025-40353 bsc#1255312). - Update patches.suse/atm-fore200e-Fix-possible-data-race-in-fore200e_open.patch (git-fixes CVE-2025-68339 bsc#1255505). - Update patches.suse/backlight-led-bl-Add-devlink-to-supplier-LEDs.patch (git-fixes CVE-2025-68758 bsc#1255944). - Update patches.suse/btrfs-directly-free-partially-initialized-fs_info-in.patch (git-fixes CVE-2025-40235 bsc#1254808). - Update patches.suse/btrfs-ensure-no-dirty-metadata-is-written-back-for-a.patch (git-fix CVE-2025-40303 bsc#1255058). - Update patches.suse/btrfs-fix-memory-leak-of-qgroup_list-in-btrfs_add_qg.patch (git-fixes CVE-2025-40209 bsc#1254128). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-check-actual-395d988.patch (git-fixes CVE-2025-68342 bsc#1255508). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-check-actual.patch (git-fixes CVE-2025-68343 bsc#1255509). - Update patches.suse/can-gs_usb-gs_usb_xmit_callback-fix-handling-of-fail.patch (git-fixes CVE-2025-68307 bsc#1255146). - Update patches.suse/can-kvaser_usb-leaf-Fix-potential-infinite-loop-in-c.patch (git-fixes CVE-2025-68308 bsc#1255149). - Update patches.suse/comedi-c6xdigio-Fix-invalid-PNP-driver-unregistratio.patch (git-fixes CVE-2025-68332 bsc#1255483). - Update patches.suse/comedi-check-device-s-attached-status-in-compat-ioct.patch (git-fixes CVE-2025-68257 bsc#1255167). - Update patches.suse/comedi-multiq3-sanitize-config-options-in-multiq3_at.patch (git-fixes CVE-2025-68258 bsc#1255182). - Update patches.suse/comedi-pcl818-fix-null-ptr-deref-in-pcl818_ai_cancel.patch (git-fixes CVE-2025-68335 bsc#1255480). - Update patches.suse/crypto-aspeed-fix-double-free-caused-by-devm.patch (git-fixes CVE-2025-68172 bsc#1255253). - Update patches.suse/crypto-asymmetric_keys-prevent-overflow-in-asymmetri.patch (git-fixes CVE-2025-68724 bsc#1255550). - Update patches.suse/drm-amd-display-Check-NULL-before-accessing.patch (stable-fixes CVE-2025-68286 bsc#1255351). - Update patches.suse/drm-amd-display-Fix-NULL-deref-in-debugfs-odm_combin.patch (git-fixes CVE-2025-68180 bsc#1255252). - Update patches.suse/drm-amd-display-increase-max-link-count-and-fix-link.patch (stable-fixes CVE-2025-40354 bsc#1255316). - Update patches.suse/drm-amdgpu-Fix-NULL-pointer-dereference-in-VRAM-logi.patch (stable-fixes CVE-2025-40288 bsc#1255057). - Update patches.suse/drm-amdgpu-atom-Check-kcalloc-for-WS-buffer-in-amdgp.patch (stable-fixes CVE-2025-68190 bsc#1255131). - Update patches.suse/drm-amdgpu-fix-gpu-page-fault-after-hibernation-on-P.patch (stable-fixes CVE-2025-68230 bsc#1255134). - Update patches.suse/drm-amdgpu-fix-nullptr-err-of-vm_handle_moved.patch (stable-fixes CVE-2025-40339 bsc#1255428). - Update patches.suse/drm-amdgpu-hide-VRAM-sysfs-attributes-on-GPUs-withou.patch (stable-fixes CVE-2025-40289 bsc#1255042). - Update patches.suse/drm-amdgpu-remove-two-invalid-BUG_ON-s.patch (stable-fixes CVE-2025-68201 bsc#1255136). - Update patches.suse/drm-amdkfd-Fix-mmap-write-lock-not-release.patch (bsc#1243112 CVE-2025-40332 bsc#1255116). - Update patches.suse/drm-i915-Avoid-lock-inversion-when-pinning-to-GGTT-o.patch (git-fixes CVE-2025-68244 bsc#1255190). - Update patches.suse/drm-mediatek-Disable-AFBC-support-on-Mediatek-DRM-dr.patch (git-fixes CVE-2025-68184 bsc#1255220). - Update patches.suse/drm-mediatek-Fix-device-use-after-free-on-unbind.patch (git-fixes CVE-2025-40316 bsc#1254797). - Update patches.suse/drm-panthor-Fix-UAF-on-kernel-BO-VA-nodes.patch (git-fixes CVE-2025-68747 bsc#1255723). - Update patches.suse/drm-panthor-Fix-UAF-race-between-device-unplug-and-F.patch (git-fixes CVE-2025-68748 bsc#1255813). - Update patches.suse/drm-panthor-Fix-kernel-panic-on-partial-unmap-of-a-G.patch (git-fixes CVE-2025-40225 bsc#1254827). - Update patches.suse/drm-radeon-Do-not-kfree-devres-managed-rdev.patch (git-fixes CVE-2025-68170 bsc#1255256). - Update patches.suse/drm-radeon-Remove-calls-to-drm_put_dev.patch (git-fixes CVE-2025-68181 bsc#1255247). - Update patches.suse/drm-radeon-delete-radeon_fence_process-in-is_signale.patch (stable-fixes CVE-2025-68223 bsc#1255357). - Update patches.suse/drm-sched-Fix-deadlock-in-drm_sched_entity_kill_jobs.patch (git-fixes CVE-2025-40329 bsc#1254621). - Update patches.suse/drm-sysfb-Do-not-dereference-NULL-pointer-in-plane-r.patch (git-fixes CVE-2025-40360 bsc#1255095). - Update patches.suse/drm-tegra-Add-call-to-put_pid.patch (git-fixes CVE-2025-68233 bsc#1255206). - Update patches.suse/drm-vgem-fence-Fix-potential-deadlock-on-release.patch (git-fixes CVE-2025-68757 bsc#1255943). - Update patches.suse/drm-vmwgfx-Validate-command-header-size-against-SVGA.patch (git-fixes CVE-2025-40277 bsc#1254894). - Update patches.suse/drm-xe-Fix-oops-in-xe_gem_fault-when-running-core_ho.patch (stable-fixes CVE-2025-40340 bsc#1254996). - Update patches.suse/drm-xe-guc-Synchronize-Dead-CT-worker-with-unbind.patch (git-fixes CVE-2025-68207 bsc#1255234). - Update patches.suse/erofs-avoid-infinite-loop-due-to-incomplete-zstd-compressed-data.patch (git-fixes CVE-2025-68210 bsc#1255231). - Update patches.suse/exfat-fix-improper-check-of-dentry.stream.valid_size.patch (git-fixes CVE-2025-40287 bsc#1255030). - Update patches.suse/exfat-fix-refcount-leak-in-exfat_find.patch (git-fixes CVE-2025-68351 bsc#1255567). - Update patches.suse/exfat-validate-cluster-allocation-bits-of-the-allocation-bitmap.patch (git-fixes CVE-2025-40307 bsc#1255039). - Update patches.suse/fbcon-Set-fb_display-i-mode-to-NULL-when-the-mode-is.patch (stable-fixes CVE-2025-40323 bsc#1255094). - Update patches.suse/fbdev-Add-bounds-checking-in-bit_putcs-to-fix-vmallo.patch (stable-fixes CVE-2025-40304 bsc#1255034). - Update patches.suse/fbdev-bitblit-bound-check-glyph-index-in-bit_putcs.patch (stable-fixes CVE-2025-40322 bsc#1255092). - Update patches.suse/firmware-arm_scmi-Account-for-failed-debug-initializ.patch (git-fixes CVE-2025-40226 bsc#1254821). - Update patches.suse/firmware-stratix10-svc-fix-bug-in-saving-controller-.patch (git-fixes CVE-2025-68328 bsc#1255489). - Update patches.suse/gpiolib-fix-invalid-pointer-access-in-debugfs.patch (git-fixes CVE-2025-68167 bsc#1255099). - Update patches.suse/gpu-host1x-Fix-race-in-syncpt-alloc-free.patch (git-fixes CVE-2025-68732 bsc#1255688). - Update patches.suse/idpf-fix-possible-vport_config-NULL-pointer-deref-in.patch (git-fixes CVE-2025-68213 bsc#1255228). - Update patches.suse/iio-accel-bmc150-Fix-irq-assumption-regression.patch (stable-fixes CVE-2025-68330 bsc#1255493). - Update patches.suse/ima-Handle-error-code-returned-by-ima_filter_rule_ma.patch (git-fixes CVE-2025-68740 bsc#1255812). - Update patches.suse/ima-don-t-clear-IMA_DIGSIG-flag-when-setting-or-remo.patch (stable-fixes CVE-2025-68183 bsc#1255251). - Update patches.suse/irqchip-mchp-eic-Fix-error-code-in-mchp_eic_domain_a.patch (git-fixes CVE-2025-68766 bsc#1255932). - Update patches.suse/media-imon-make-send_packet-more-robust.patch (stable-fixes CVE-2025-68194 bsc#1255325). - Update patches.suse/media-pci-mg4b-fix-uninitialized-iio-scan-data.patch (git-fixes CVE-2025-40221 bsc#1254519). - Update patches.suse/media-videobuf2-forbid-remove_bufs-when-legacy-filei.patch (git-fixes CVE-2025-40302 bsc#1255196). - Update patches.suse/misc-fastrpc-Fix-dma_buf-object-leak-in-fastrpc_map_.patch (git-fixes CVE-2025-68252 bsc#1255197). - Update patches.suse/mm-secretmem-fix-use-after-free-race-in-fault-handle.patch (git-fixes CVE-2025-40272 bsc#1254832). - Update patches.suse/most-usb-Fix-use-after-free-in-hdm_disconnect.patch (git-fixes CVE-2025-40223 bsc#1254957). - Update patches.suse/most-usb-fix-double-free-on-late-probe-failure.patch (git-fixes CVE-2025-68290 bsc#1255154). - Update patches.suse/most-usb-hdm_probe-Fix-calling-put_device-before-dev.patch (git-fixes CVE-2025-68249 bsc#1255233). - Update patches.suse/mt76-mt7615-Fix-memory-leak-in-mt7615_mcu_wtbl_sta_a.patch (git-fixes CVE-2025-68765 bsc#1255931). - Update patches.suse/mtd-rawnand-cadence-fix-DMA-device-NULL-pointer-dere.patch (git-fixes CVE-2025-68238 bsc#1255202). - Update patches.suse/mtdchar-fix-integer-overflow-in-read-write-ioctls.patch (git-fixes CVE-2025-68237 bsc#1255203). - Update patches.suse/net-stmmac-Correctly-handle-Rx-checksum-offload-erro.patch (git-fixes CVE-2025-40337 bsc#1255081). - Update patches.suse/net-usb-qmi_wwan-initialize-MAC-header-offset-in-qmi.patch (git-fixes CVE-2025-68192 bsc#1255246). - Update patches.suse/nfs4_setup_readdir-insufficient-locking-for-d_parent-d_inode-dereferencing.patch (git-fixes CVE-2025-68185 bsc#1255135). - Update patches.suse/nfsd-fix-refcount-leak-in-nfsd_set_fh_dentry.patch (git-fixes CVE-2025-40212 bsc#1254195). - Update patches.suse/nouveau-firmware-Add-missing-kfree-of-nvkm_falcon_fw.patch (git-fixes CVE-2025-68235 bsc#1255209). - Update patches.suse/nvme-fc-use-lock-accessing-port_state-and-rport-stat.patch (bsc#1245193 bsc#1247500 CVE-2025-40342 bsc#1255274). - Update patches.suse/nvmet-fc-avoid-scheduling-association-deletion-twice.patch (bsc#1245193 bsc#1247500 CVE-2025-40343 bsc#1255276). - Update patches.suse/pinctrl-s32cc-fix-uninitialized-memory-in-s32_pinctr.patch (git-fixes CVE-2025-68222 bsc#1255218). - Update patches.suse/platform-x86-intel-punit_ipc-fix-memory-corruption.patch (git-fixes CVE-2025-68303 bsc#1255122). - Update patches.suse/regmap-slimbus-fix-bus_context-pointer-in-regmap-ini.patch (git-fixes CVE-2025-40317 bsc#1254796). - Update patches.suse/regulator-core-Protect-regulator_supply_alias_list-w.patch (git-fixes CVE-2025-68354 bsc#1255553). - Update patches.suse/sctp-avoid-NULL-dereference-when-chunk-data-buffer-i.patch (git-fixes CVE-2025-40240 bsc#1254869). - Update patches.suse/smb-client-fix-potential-cfid-UAF-in-smb2_query_info_compound.patch (git-fixes CVE-2025-40320 bsc#1254793). - Update patches.suse/spi-ch341-fix-out-of-bounds-memory-access-in-ch341_t.patch (git-fixes CVE-2025-68352 bsc#1255541). - Update patches.suse/spi-tegra210-quad-Fix-timeout-handling.patch (bsc#1253155 CVE-2025-68746 bsc#1255722). - Update patches.suse/staging-rtl8723bs-fix-out-of-bounds-read-in-OnBeacon.patch (stable-fixes CVE-2025-68254 bsc#1255140). - Update patches.suse/staging-rtl8723bs-fix-out-of-bounds-read-in-rtw_get_.patch (stable-fixes CVE-2025-68256 bsc#1255138). - Update patches.suse/staging-rtl8723bs-fix-stack-buffer-overflow-in-OnAss.patch (stable-fixes CVE-2025-68255 bsc#1255395). - Update patches.suse/tty-serial-ip22zilog-Use-platform-device-for-probing.patch (stable-fixes CVE-2025-68311 bsc#1255161). - Update patches.suse/usb-cdns3-gadget-Use-after-free-during-failed-initia.patch (stable-fixes CVE-2025-40314 bsc#1255072). - Update patches.suse/usb-dwc3-Fix-race-condition-between-concurrent-dwc3_.patch (git-fixes CVE-2025-68287 bsc#1255152). - Update patches.suse/usb-gadget-f_eem-Fix-memory-leak-in-eem_unwrap.patch (git-fixes CVE-2025-68289 bsc#1255155). - Update patches.suse/usb-gadget-f_fs-Fix-epfile-null-pointer-access-after.patch (stable-fixes CVE-2025-40315 bsc#1255083). - Update patches.suse/usb-potential-integer-overflow-in-usbg_make_tpg.patch (stable-fixes CVE-2025-68750 bsc#1255814). - Update patches.suse/usb-renesas_usbhs-Fix-synchronous-external-abort-on-.patch (git-fixes CVE-2025-68327 bsc#1255488). - Update patches.suse/usb-storage-sddr55-Reject-out-of-bound-new_pba.patch (stable-fixes CVE-2025-40345 bsc#1255279). - Update patches.suse/usb-uas-fix-urb-unmapping-issue-when-the-uas-device-.patch (git-fixes CVE-2025-68331 bsc#1255495). - Update patches.suse/usbnet-Prevents-free-active-kevent.patch (git-fixes CVE-2025-68312 bsc#1255171). - Update patches.suse/wifi-ath11k-fix-peer-HE-MCS-assignment.patch (git-fixes CVE-2025-68380 bsc#1255580). - Update patches.suse/wifi-brcmfmac-fix-crash-while-sending-Action-Frames-.patch (git-fixes CVE-2025-40321 bsc#1254795). - Update patches.suse/wifi-rtl818x-Fix-potential-memory-leaks-in-rtl8180_i.patch (git-fixes CVE-2025-68759 bsc#1255934). - Update patches.suse/wifi-rtl818x-rtl8187-Fix-potential-buffer-underflow-.patch (git-fixes CVE-2025-68362 bsc#1255611). - Update patches.suse/x86-CPU-AMD-Add-RDSEED-fix-for-Zen5.patch (git-fixes CVE-2025-68313 bsc#1255415). - Update patches.suse/x86-CPU-AMD-Add-missing-terminator-for-zen5_rdseed_m.patch (git-fixes CVE-2025-68195 bsc#1255259). - Update patches.suse/xfrm-also-call-xfrm_state_delete_tunnel-at-destroy-time-fo.patch (CVE-2025-40215 bsc#1254959 CVE-2025-40256 bsc#1254851). - commit c0f554e ++++ kernel-rt: - perf/x86/intel: Fix KASAN global-out-of-bounds warning (CVE-2025-40359 bsc#1255087). - commit ed1e93a - mlx5: Fix default values in create CQ (CVE-2025-68209 bsc#1255230). - commit 02d60e0 - x86/microcode/AMD: Use sha256() instead of init/update/final (bsc#1256495). - Refresh patches.suse/x86-microcode-AMD-Limit-Entrysign-signature-checking-to-kn.patch. - commit 6b04345 - x86/microcode/AMD: Fix Entrysign revision check for Zen5/Strix Halo (bsc#1256495). - x86/microcode/AMD: Select which microcode patch to load (bsc#1256495). - x86/microcode/AMD: Make __verify_patch_size() return bool (bsc#1256495). - x86/microcode/AMD: Remove bogus comment from parse_container() (bsc#1256495). - commit 9f14cfe - crash: fix crashkernel resource shrink (CVE-2025-68198 bsc#1255243) - commit 7e8f708 - bnxt_en: Fix null pointer dereference in bnxt_bs_trace_check_wrap() (CVE-2025-68197 bsc#1255242) - commit 766431f - lib/crypto: aes: Fix missing MMU protection for AES S-box (git-fixes). - virtio_console: fix order of fields cols and rows (stable-fixes). - commit d55882c - drm/amdgpu: Forward VMID reservation errors (git-fixes). - commit 2373a9d - supported.conf: mark ksmbd unsupported Based on discussion with Enzo Matsumiya it has tuned out that ksmbd module is unsupported but the supported.conf entry is incorrect. Fix that. - commit 143566d - powerpc/eeh: fix recursive pci_lock_rescan_remove locking in EEH event handling (bsc#1253262 ltc#216029). - commit 594b86e - Update patches.suse/ACPI-video-Fix-use-after-free-in-acpi_video_switch_b.patch (git-fixes CVE-2025-40211 bsc#1254126). - Update patches.suse/ALSA-dice-fix-buffer-overflow-in-detect_stream_forma.patch (git-fixes CVE-2025-68346 bsc#1255603). - Update patches.suse/ALSA-firewire-motu-add-bounds-check-in-put_user-loop.patch (git-fixes CVE-2025-68753 bsc#1256238). - Update patches.suse/ALSA-firewire-motu-fix-buffer-overflow-in-hwdep-read.patch (git-fixes CVE-2025-68347 bsc#1255706). - Update patches.suse/ALSA-hda-cs35l41-Fix-NULL-pointer-dereference-in-cs3-c34b04c.patch (git-fixes CVE-2025-68345 bsc#1255601). - Update patches.suse/ALSA-usb-audio-Fix-NULL-pointer-dereference-in-snd_u.patch (git-fixes CVE-2025-40275 bsc#1254829). - Update patches.suse/ALSA-usb-audio-Fix-potential-overflow-of-PCM-transfe.patch (stable-fixes CVE-2025-40269 bsc#1255035). - Update patches.suse/ALSA-wavefront-Fix-integer-overflow-in-sample-size-v.patch (git-fixes CVE-2025-68344 bsc#1255816). - Update patches.suse/ASoC-Intel-avs-Disable-periods-elapsed-work-when-clo.patch (git-fixes CVE-2025-40344 bsc#1254618). - Update patches.suse/Bluetooth-6lowpan-reset-link-local-header-on-ipv6-re.patch (git-fixes CVE-2025-40282 bsc#1254850). - Update patches.suse/Bluetooth-MGMT-Fix-OOB-access-in-parse_adv_monitor_p.patch (git-fixes CVE-2025-40294 bsc#1255181). - Update patches.suse/Bluetooth-MGMT-cancel-mesh-send-timer-when-hdev-remo.patch (git-fixes CVE-2025-40284 bsc#1254860). - Update patches.suse/Bluetooth-MGMT-fix-crash-in-set_mesh_sync-and-set_me.patch (git-fixes CVE-2025-40213 bsc#1253674). - Update patches.suse/Bluetooth-SCO-Fix-UAF-on-sco_conn_free.patch (stable-fixes CVE-2025-40309 bsc#1255065). - Update patches.suse/Bluetooth-bcsp-receive-data-only-if-registered.patch (stable-fixes CVE-2025-40308 bsc#1255064). - Update patches.suse/Bluetooth-btusb-mediatek-Avoid-btusb_mtk_claim_iso_i.patch (git-fixes CVE-2025-68298 bsc#1255124). - Update patches.suse/Bluetooth-btusb-mediatek-Fix-kernel-crash-when-relea.patch (git-fixes CVE-2025-68306 bsc#1255145). - Update patches.suse/Bluetooth-btusb-reorder-cleanup-in-btusb_disconnect-.patch (git-fixes CVE-2025-40283 bsc#1254858). - Update patches.suse/Bluetooth-hci_event-validate-skb-length-for-unknown-.patch (git-fixes CVE-2025-40301 bsc#1255193). - Update patches.suse/Bluetooth-hci_sock-Prevent-race-in-socket-write-iter.patch (git-fixes CVE-2025-68305 bsc#1255169). - Update patches.suse/Bluetooth-hci_sync-fix-race-in-hci_cmd_sync_dequeue_.patch (git-fixes CVE-2025-40318 bsc#1254798). - Update patches.suse/Input-cros_ec_keyb-fix-an-invalid-memory-access.patch (stable-fixes CVE-2025-40263 bsc#1255077). - Update patches.suse/Input-imx_sc_key-fix-memory-corruption-on-unload.patch (git-fixes CVE-2025-40262 bsc#1254840). - Update patches.suse/Input-pegasus-notetaker-fix-potential-out-of-bounds-.patch (git-fixes CVE-2025-68217 bsc#1255221). - Update patches.suse/KVM-arm64-Check-the-untrusted-offset-in-FF-A-memory-.patch (git-fixes CVE-2025-40266 bsc#1255040). - Update patches.suse/NFS-Fix-LTP-test-failures-when-timestamps-are-delegated.patch (git-fixes CVE-2025-68242 bsc#1255186). - Update patches.suse/NFSD-Fix-crash-in-nfsd4_read_release.patch (git-fixes CVE-2025-40324 bsc#1254791). - Update patches.suse/NFSD-free-copynotify-stateid-in-nfs4_free_ol_stateid.patch (git-fixes CVE-2025-40273 bsc#1254828). - Update patches.suse/PCI-IOV-Add-PCI-rescan-remove-locking-when-enabling-.patch (git-fixes CVE-2025-40219 bsc#1254518). - Update patches.suse/PCI-cadence-Check-for-the-existence-of-cdns_pcie-ops.patch (stable-fixes CVE-2025-68176 bsc#1255329). - Update patches.suse/accel-habanalabs-support-mapping-cb-with-vmalloc-bac.patch (stable-fixes CVE-2025-40311 bsc#1255068). - Update patches.suse/accel-ivpu-Fix-race-condition-when-unbinding-BOs.patch (git-fixes CVE-2025-68749 bsc#1255724). - Update patches.suse/amd-amdkfd-resolve-a-race-in-amdgpu_amdkfd_device_fi.patch (stable-fixes CVE-2025-40310 bsc#1255041). - Update patches.suse/arm64-mte-Do-not-warn-if-the-page-is-already-tagged-in-cop.patch (git-fixes CVE-2025-40353 bsc#1255312). - Update patches.suse/atm-fore200e-Fix-possible-data-race-in-fore200e_open.patch (git-fixes CVE-2025-68339 bsc#1255505). - Update patches.suse/backlight-led-bl-Add-devlink-to-supplier-LEDs.patch (git-fixes CVE-2025-68758 bsc#1255944). - Update patches.suse/btrfs-directly-free-partially-initialized-fs_info-in.patch (git-fixes CVE-2025-40235 bsc#1254808). - Update patches.suse/btrfs-ensure-no-dirty-metadata-is-written-back-for-a.patch (git-fix CVE-2025-40303 bsc#1255058). - Update patches.suse/btrfs-fix-memory-leak-of-qgroup_list-in-btrfs_add_qg.patch (git-fixes CVE-2025-40209 bsc#1254128). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-check-actual-395d988.patch (git-fixes CVE-2025-68342 bsc#1255508). - Update patches.suse/can-gs_usb-gs_usb_receive_bulk_callback-check-actual.patch (git-fixes CVE-2025-68343 bsc#1255509). - Update patches.suse/can-gs_usb-gs_usb_xmit_callback-fix-handling-of-fail.patch (git-fixes CVE-2025-68307 bsc#1255146). - Update patches.suse/can-kvaser_usb-leaf-Fix-potential-infinite-loop-in-c.patch (git-fixes CVE-2025-68308 bsc#1255149). - Update patches.suse/comedi-c6xdigio-Fix-invalid-PNP-driver-unregistratio.patch (git-fixes CVE-2025-68332 bsc#1255483). - Update patches.suse/comedi-check-device-s-attached-status-in-compat-ioct.patch (git-fixes CVE-2025-68257 bsc#1255167). - Update patches.suse/comedi-multiq3-sanitize-config-options-in-multiq3_at.patch (git-fixes CVE-2025-68258 bsc#1255182). - Update patches.suse/comedi-pcl818-fix-null-ptr-deref-in-pcl818_ai_cancel.patch (git-fixes CVE-2025-68335 bsc#1255480). - Update patches.suse/crypto-aspeed-fix-double-free-caused-by-devm.patch (git-fixes CVE-2025-68172 bsc#1255253). - Update patches.suse/crypto-asymmetric_keys-prevent-overflow-in-asymmetri.patch (git-fixes CVE-2025-68724 bsc#1255550). - Update patches.suse/drm-amd-display-Check-NULL-before-accessing.patch (stable-fixes CVE-2025-68286 bsc#1255351). - Update patches.suse/drm-amd-display-Fix-NULL-deref-in-debugfs-odm_combin.patch (git-fixes CVE-2025-68180 bsc#1255252). - Update patches.suse/drm-amd-display-increase-max-link-count-and-fix-link.patch (stable-fixes CVE-2025-40354 bsc#1255316). - Update patches.suse/drm-amdgpu-Fix-NULL-pointer-dereference-in-VRAM-logi.patch (stable-fixes CVE-2025-40288 bsc#1255057). - Update patches.suse/drm-amdgpu-atom-Check-kcalloc-for-WS-buffer-in-amdgp.patch (stable-fixes CVE-2025-68190 bsc#1255131). - Update patches.suse/drm-amdgpu-fix-gpu-page-fault-after-hibernation-on-P.patch (stable-fixes CVE-2025-68230 bsc#1255134). - Update patches.suse/drm-amdgpu-fix-nullptr-err-of-vm_handle_moved.patch (stable-fixes CVE-2025-40339 bsc#1255428). - Update patches.suse/drm-amdgpu-hide-VRAM-sysfs-attributes-on-GPUs-withou.patch (stable-fixes CVE-2025-40289 bsc#1255042). - Update patches.suse/drm-amdgpu-remove-two-invalid-BUG_ON-s.patch (stable-fixes CVE-2025-68201 bsc#1255136). - Update patches.suse/drm-amdkfd-Fix-mmap-write-lock-not-release.patch (bsc#1243112 CVE-2025-40332 bsc#1255116). - Update patches.suse/drm-i915-Avoid-lock-inversion-when-pinning-to-GGTT-o.patch (git-fixes CVE-2025-68244 bsc#1255190). - Update patches.suse/drm-mediatek-Disable-AFBC-support-on-Mediatek-DRM-dr.patch (git-fixes CVE-2025-68184 bsc#1255220). - Update patches.suse/drm-mediatek-Fix-device-use-after-free-on-unbind.patch (git-fixes CVE-2025-40316 bsc#1254797). - Update patches.suse/drm-panthor-Fix-UAF-on-kernel-BO-VA-nodes.patch (git-fixes CVE-2025-68747 bsc#1255723). - Update patches.suse/drm-panthor-Fix-UAF-race-between-device-unplug-and-F.patch (git-fixes CVE-2025-68748 bsc#1255813). - Update patches.suse/drm-panthor-Fix-kernel-panic-on-partial-unmap-of-a-G.patch (git-fixes CVE-2025-40225 bsc#1254827). - Update patches.suse/drm-radeon-Do-not-kfree-devres-managed-rdev.patch (git-fixes CVE-2025-68170 bsc#1255256). - Update patches.suse/drm-radeon-Remove-calls-to-drm_put_dev.patch (git-fixes CVE-2025-68181 bsc#1255247). - Update patches.suse/drm-radeon-delete-radeon_fence_process-in-is_signale.patch (stable-fixes CVE-2025-68223 bsc#1255357). - Update patches.suse/drm-sched-Fix-deadlock-in-drm_sched_entity_kill_jobs.patch (git-fixes CVE-2025-40329 bsc#1254621). - Update patches.suse/drm-sysfb-Do-not-dereference-NULL-pointer-in-plane-r.patch (git-fixes CVE-2025-40360 bsc#1255095). - Update patches.suse/drm-tegra-Add-call-to-put_pid.patch (git-fixes CVE-2025-68233 bsc#1255206). - Update patches.suse/drm-vgem-fence-Fix-potential-deadlock-on-release.patch (git-fixes CVE-2025-68757 bsc#1255943). - Update patches.suse/drm-vmwgfx-Validate-command-header-size-against-SVGA.patch (git-fixes CVE-2025-40277 bsc#1254894). - Update patches.suse/drm-xe-Fix-oops-in-xe_gem_fault-when-running-core_ho.patch (stable-fixes CVE-2025-40340 bsc#1254996). - Update patches.suse/drm-xe-guc-Synchronize-Dead-CT-worker-with-unbind.patch (git-fixes CVE-2025-68207 bsc#1255234). - Update patches.suse/erofs-avoid-infinite-loop-due-to-incomplete-zstd-compressed-data.patch (git-fixes CVE-2025-68210 bsc#1255231). - Update patches.suse/exfat-fix-improper-check-of-dentry.stream.valid_size.patch (git-fixes CVE-2025-40287 bsc#1255030). - Update patches.suse/exfat-fix-refcount-leak-in-exfat_find.patch (git-fixes CVE-2025-68351 bsc#1255567). - Update patches.suse/exfat-validate-cluster-allocation-bits-of-the-allocation-bitmap.patch (git-fixes CVE-2025-40307 bsc#1255039). - Update patches.suse/fbcon-Set-fb_display-i-mode-to-NULL-when-the-mode-is.patch (stable-fixes CVE-2025-40323 bsc#1255094). - Update patches.suse/fbdev-Add-bounds-checking-in-bit_putcs-to-fix-vmallo.patch (stable-fixes CVE-2025-40304 bsc#1255034). - Update patches.suse/fbdev-bitblit-bound-check-glyph-index-in-bit_putcs.patch (stable-fixes CVE-2025-40322 bsc#1255092). - Update patches.suse/firmware-arm_scmi-Account-for-failed-debug-initializ.patch (git-fixes CVE-2025-40226 bsc#1254821). - Update patches.suse/firmware-stratix10-svc-fix-bug-in-saving-controller-.patch (git-fixes CVE-2025-68328 bsc#1255489). - Update patches.suse/gpiolib-fix-invalid-pointer-access-in-debugfs.patch (git-fixes CVE-2025-68167 bsc#1255099). - Update patches.suse/gpu-host1x-Fix-race-in-syncpt-alloc-free.patch (git-fixes CVE-2025-68732 bsc#1255688). - Update patches.suse/idpf-fix-possible-vport_config-NULL-pointer-deref-in.patch (git-fixes CVE-2025-68213 bsc#1255228). - Update patches.suse/iio-accel-bmc150-Fix-irq-assumption-regression.patch (stable-fixes CVE-2025-68330 bsc#1255493). - Update patches.suse/ima-Handle-error-code-returned-by-ima_filter_rule_ma.patch (git-fixes CVE-2025-68740 bsc#1255812). - Update patches.suse/ima-don-t-clear-IMA_DIGSIG-flag-when-setting-or-remo.patch (stable-fixes CVE-2025-68183 bsc#1255251). - Update patches.suse/irqchip-mchp-eic-Fix-error-code-in-mchp_eic_domain_a.patch (git-fixes CVE-2025-68766 bsc#1255932). - Update patches.suse/media-imon-make-send_packet-more-robust.patch (stable-fixes CVE-2025-68194 bsc#1255325). - Update patches.suse/media-pci-mg4b-fix-uninitialized-iio-scan-data.patch (git-fixes CVE-2025-40221 bsc#1254519). - Update patches.suse/media-videobuf2-forbid-remove_bufs-when-legacy-filei.patch (git-fixes CVE-2025-40302 bsc#1255196). - Update patches.suse/misc-fastrpc-Fix-dma_buf-object-leak-in-fastrpc_map_.patch (git-fixes CVE-2025-68252 bsc#1255197). - Update patches.suse/mm-secretmem-fix-use-after-free-race-in-fault-handle.patch (git-fixes CVE-2025-40272 bsc#1254832). - Update patches.suse/most-usb-Fix-use-after-free-in-hdm_disconnect.patch (git-fixes CVE-2025-40223 bsc#1254957). - Update patches.suse/most-usb-fix-double-free-on-late-probe-failure.patch (git-fixes CVE-2025-68290 bsc#1255154). - Update patches.suse/most-usb-hdm_probe-Fix-calling-put_device-before-dev.patch (git-fixes CVE-2025-68249 bsc#1255233). - Update patches.suse/mt76-mt7615-Fix-memory-leak-in-mt7615_mcu_wtbl_sta_a.patch (git-fixes CVE-2025-68765 bsc#1255931). - Update patches.suse/mtd-rawnand-cadence-fix-DMA-device-NULL-pointer-dere.patch (git-fixes CVE-2025-68238 bsc#1255202). - Update patches.suse/mtdchar-fix-integer-overflow-in-read-write-ioctls.patch (git-fixes CVE-2025-68237 bsc#1255203). - Update patches.suse/net-stmmac-Correctly-handle-Rx-checksum-offload-erro.patch (git-fixes CVE-2025-40337 bsc#1255081). - Update patches.suse/net-usb-qmi_wwan-initialize-MAC-header-offset-in-qmi.patch (git-fixes CVE-2025-68192 bsc#1255246). - Update patches.suse/nfs4_setup_readdir-insufficient-locking-for-d_parent-d_inode-dereferencing.patch (git-fixes CVE-2025-68185 bsc#1255135). - Update patches.suse/nfsd-fix-refcount-leak-in-nfsd_set_fh_dentry.patch (git-fixes CVE-2025-40212 bsc#1254195). - Update patches.suse/nouveau-firmware-Add-missing-kfree-of-nvkm_falcon_fw.patch (git-fixes CVE-2025-68235 bsc#1255209). - Update patches.suse/nvme-fc-use-lock-accessing-port_state-and-rport-stat.patch (bsc#1245193 bsc#1247500 CVE-2025-40342 bsc#1255274). - Update patches.suse/nvmet-fc-avoid-scheduling-association-deletion-twice.patch (bsc#1245193 bsc#1247500 CVE-2025-40343 bsc#1255276). - Update patches.suse/pinctrl-s32cc-fix-uninitialized-memory-in-s32_pinctr.patch (git-fixes CVE-2025-68222 bsc#1255218). - Update patches.suse/platform-x86-intel-punit_ipc-fix-memory-corruption.patch (git-fixes CVE-2025-68303 bsc#1255122). - Update patches.suse/regmap-slimbus-fix-bus_context-pointer-in-regmap-ini.patch (git-fixes CVE-2025-40317 bsc#1254796). - Update patches.suse/regulator-core-Protect-regulator_supply_alias_list-w.patch (git-fixes CVE-2025-68354 bsc#1255553). - Update patches.suse/sctp-avoid-NULL-dereference-when-chunk-data-buffer-i.patch (git-fixes CVE-2025-40240 bsc#1254869). - Update patches.suse/smb-client-fix-potential-cfid-UAF-in-smb2_query_info_compound.patch (git-fixes CVE-2025-40320 bsc#1254793). - Update patches.suse/spi-ch341-fix-out-of-bounds-memory-access-in-ch341_t.patch (git-fixes CVE-2025-68352 bsc#1255541). - Update patches.suse/spi-tegra210-quad-Fix-timeout-handling.patch (bsc#1253155 CVE-2025-68746 bsc#1255722). - Update patches.suse/staging-rtl8723bs-fix-out-of-bounds-read-in-OnBeacon.patch (stable-fixes CVE-2025-68254 bsc#1255140). - Update patches.suse/staging-rtl8723bs-fix-out-of-bounds-read-in-rtw_get_.patch (stable-fixes CVE-2025-68256 bsc#1255138). - Update patches.suse/staging-rtl8723bs-fix-stack-buffer-overflow-in-OnAss.patch (stable-fixes CVE-2025-68255 bsc#1255395). - Update patches.suse/tty-serial-ip22zilog-Use-platform-device-for-probing.patch (stable-fixes CVE-2025-68311 bsc#1255161). - Update patches.suse/usb-cdns3-gadget-Use-after-free-during-failed-initia.patch (stable-fixes CVE-2025-40314 bsc#1255072). - Update patches.suse/usb-dwc3-Fix-race-condition-between-concurrent-dwc3_.patch (git-fixes CVE-2025-68287 bsc#1255152). - Update patches.suse/usb-gadget-f_eem-Fix-memory-leak-in-eem_unwrap.patch (git-fixes CVE-2025-68289 bsc#1255155). - Update patches.suse/usb-gadget-f_fs-Fix-epfile-null-pointer-access-after.patch (stable-fixes CVE-2025-40315 bsc#1255083). - Update patches.suse/usb-potential-integer-overflow-in-usbg_make_tpg.patch (stable-fixes CVE-2025-68750 bsc#1255814). - Update patches.suse/usb-renesas_usbhs-Fix-synchronous-external-abort-on-.patch (git-fixes CVE-2025-68327 bsc#1255488). - Update patches.suse/usb-storage-sddr55-Reject-out-of-bound-new_pba.patch (stable-fixes CVE-2025-40345 bsc#1255279). - Update patches.suse/usb-uas-fix-urb-unmapping-issue-when-the-uas-device-.patch (git-fixes CVE-2025-68331 bsc#1255495). - Update patches.suse/usbnet-Prevents-free-active-kevent.patch (git-fixes CVE-2025-68312 bsc#1255171). - Update patches.suse/wifi-ath11k-fix-peer-HE-MCS-assignment.patch (git-fixes CVE-2025-68380 bsc#1255580). - Update patches.suse/wifi-brcmfmac-fix-crash-while-sending-Action-Frames-.patch (git-fixes CVE-2025-40321 bsc#1254795). - Update patches.suse/wifi-rtl818x-Fix-potential-memory-leaks-in-rtl8180_i.patch (git-fixes CVE-2025-68759 bsc#1255934). - Update patches.suse/wifi-rtl818x-rtl8187-Fix-potential-buffer-underflow-.patch (git-fixes CVE-2025-68362 bsc#1255611). - Update patches.suse/x86-CPU-AMD-Add-RDSEED-fix-for-Zen5.patch (git-fixes CVE-2025-68313 bsc#1255415). - Update patches.suse/x86-CPU-AMD-Add-missing-terminator-for-zen5_rdseed_m.patch (git-fixes CVE-2025-68195 bsc#1255259). - Update patches.suse/xfrm-also-call-xfrm_state_delete_tunnel-at-destroy-time-fo.patch (CVE-2025-40215 bsc#1254959 CVE-2025-40256 bsc#1254851). - commit c0f554e ++++ net-snmp: - Fix snmptrapd buffer overflow (bsc#1255491, CVE-2025-68615). Add net-snmp-5.9.4-fix-out-of-bounds-trapOid-access.patch ++++ libsoup: - Add libsoup-CVE-2026-0716.patch: Fix out-of-bounds read for websocket (bsc#1256418, CVE-2026-0716, glgo#GNOME/libsoup!494). ------------------------------------------------------------------ ------------------ 2026-1-11 - Jan 11 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - docs: ABI: sysfs-devices-soc: Fix swapped sample values (git-fixes). - commit 8c83315 ++++ kernel-rt: - docs: ABI: sysfs-devices-soc: Fix swapped sample values (git-fixes). - commit 8c83315 ++++ libzypp: - zypp.conf: follow the UAPI configuration file specification (PED-14658) In short terms it means we will no longer ship an /etc/zypp/zypp.conf, but store our own defaults in /usr/etc/zypp/zypp.conf. The systems administrator may choose to keep a full copy in /etc/zypp/zypp.conf ignoring our config file settings completely, or - the preferred way - to overwrite specific settings via /etc/zypp/zypp.conf.d/*.conf overlay files. See the ZYPP.CONF(5) man page for details. - cmake: correctly detect rpm6 (fixes #689) - Use 'zypp.tmp' as temp directory component to ease setting up SELinux policies (bsc#1249435) - zyppng: Update Provider to current MediaCurl2 download approach, drop Metalink ( fixes #682 ) - version 17.38.0 (35) ------------------------------------------------------------------ ------------------ 2026-1-10 - Jan 10 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - gpio: rockchip: mark the GPIO controller as sleeping (git-fixes). - drm/pl111: Fix error handling in pl111_amba_probe (git-fixes). - crypto: qat - fix duplicate restarting msg during AER error (git-fixes). - commit f18c9f6 ++++ kernel-rt: - gpio: rockchip: mark the GPIO controller as sleeping (git-fixes). - drm/pl111: Fix error handling in pl111_amba_probe (git-fixes). - crypto: qat - fix duplicate restarting msg during AER error (git-fixes). - commit f18c9f6 ------------------------------------------------------------------ ------------------ 2026-1-9 - Jan 9 2026 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fixed ramdisk sysroot generator Do not use a custom _dev name and stick with the UUID representation of the disk image in RAM after deployment. Former versions of udev did not create a by-uuid device representation which now seems to have changed. This then leads to the device name RamDisk_rootfs not being created the and respective .device unit times out. In addition the timer unit for the standard device representation changed to infinity. This fixes bsc#1254116 ++++ kernel-default: - io_uring/zctx: check chained notif contexts (CVE-2025-68317 bsc#1255354). - commit b895dee - cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082, CVE-2025-40268). - commit 7120bdc - selftests/bpf: Add test to verify freeing the special fields in pcpu maps (CVE-2025-68744 bsc#1255709). - commit 763d99d - drm/amdkfd: Trap handler support for expert scheduling mode (stable-fixes). - commit 021ac24 - PCI: brcmstb: Reuse pcie_cfg_data structure (stable-fixes). - Refresh patches.suse/PCI-brcmstb-Set-generation-limit-before-PCIe-link-up.patch. - commit 0f681e6 - pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping (git-fixes). - wifi: mac80211: restore non-chanctx injection behaviour (git-fixes). - wifi: avoid kernel-infoleak from struct iw_point (git-fixes). - atm: Fix dma_free_coherent() size (git-fixes). - net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes). - net: wwan: iosm: Fix memory leak in ipc_mux_deinit() (git-fixes). - HID: quirks: work around VID/PID conflict for appledisplay (git-fixes). - ASoC: sun4i-spdif: Add missing kerneldoc fields for sun4i_spdif_quirks (git-fixes). - ALSA: ac97: fix a double free in snd_ac97_controller_register() (git-fixes). - usb: usb-storage: Maintain minimal modifications to the bcdDevice range (git-fixes). - serial: xilinx_uartps: fix rs485 delay_rts_after_send (git-fixes). - Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table (stable-fixes). - Input: lkkbd - disable pending work before freeing device (stable-fixes). - drm/amd/display: Fix scratch registers offsets for DCN351 (stable-fixes). - drm/amd/display: Fix scratch registers offsets for DCN35 (stable-fixes). - broadcom: b44: prevent uninitialized value usage (git-fixes). - Revert "drm/amd/display: Fix pbn to kbps Conversion" (stable-fixes). - drm/amdkfd: bump minimum vgpr size for gfx1151 (stable-fixes). - drm/amdkfd: Export the cwsr_size and ctl_stack_size to userspace (stable-fixes). - drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state() (stable-fixes). - i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware (stable-fixes). - platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks (stable-fixes). - clk: qcom: dispcc-sm7150: Fix dispcc_mdss_pclk0_clk_src (stable-fixes). - usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive (stable-fixes). - usb: xhci: limit run_graceperiod for only usb 3.0 devices (stable-fixes). - usb: typec: ucsi: Handle incorrect num_connectors capability (stable-fixes). - usbip: Fix locking bug in RT-enabled kernels (stable-fixes). - serial: sprd: Return -EPROBE_DEFER when uart clock is not ready (stable-fixes). - char: applicom: fix NULL pointer dereference in ac_ioctl (stable-fixes). - iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains (stable-fixes). - fbdev: gbefb: fix to use physical address instead of dma address (stable-fixes). - via_wdt: fix critical boot hang due to unnamed resource allocation (stable-fixes). - ipmi: Fix __scan_channels() failing to rescan channels (stable-fixes). - ipmi: Fix the race between __scan_channels() and deliver_response() (stable-fixes). - reset: fix BIT macro reference (stable-fixes). - ti-sysc: allow OMAP2 and OMAP4 timers to be reserved on AM33xx (stable-fixes). - firmware: imx: scu-irq: Init workqueue before request mbox channel (stable-fixes). - clk: mvebu: cp110 add CLK_IGNORE_UNUSED to pcie_x10, pcie_x11 & pcie_x4 (stable-fixes). - HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen (stable-fixes). - mmc: sdhci-msm: Avoid early clock doubling during HS400 transition (stable-fixes). - mtd: spi-nor: winbond: Add support for W25H02NWxxAM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25H01NWxxAM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25H512NWxxAM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25Q02NWxxIM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25Q01NWxxIM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25Q01NWxxIQ chips (stable-fixes). - ASoC: qcom: sdw: fix memory leak for sdw_stream_runtime (git-fixes). - drm/amdgpu/gmc12: add amdgpu_vm_handle_fault() handling (stable-fixes). - drm/amdgpu/gmc11: add amdgpu_vm_handle_fault() handling (stable-fixes). - drm/displayid: add quirk to ignore DisplayID checksum errors (stable-fixes). - drm/edid: add DRM_EDID_IDENT_INIT() to initialize struct drm_edid_ident (stable-fixes). - drm/displayid: pass iter to drm_find_displayid_extension() (stable-fixes). - media: amphion: Remove vpu_vb_is_codecconfig (git-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (stable-fixes). - Bluetooth: btusb: Add new VID/PID 0x0489/0xE12F for RTL8852BE-VT (stable-fixes). - Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (stable-fixes). - Bluetooth: btusb: MT7922: Add VID/PID 0489/e170 (stable-fixes). - Bluetooth: btusb: MT7920: Add VID/PID 0489/e135 (stable-fixes). - wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC load (stable-fixes). - wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet (stable-fixes). - wifi: cfg80211: stop radar detection in cfg80211_leave() (stable-fixes). - wifi: cfg80211: use cfg80211_leave() in iftype change (stable-fixes). - wifi: rtl8xxxu: Fix HT40 channel config for RTL8192CU, RTL8723AU (stable-fixes). - cpufreq: nforce2: fix reference count leak in nforce2 (git-fixes). - ACPI: fan: Workaround for 64-bit firmware bug (stable-fixes). - ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only (stable-fixes). - ACPICA: Avoid walking the Namespace if start_node is NULL (stable-fixes). - media: amphion: Make some vpu_v4l2 functions static (stable-fixes). - firmware: imx: Add stub functions for SCMI MISC API (git-fixes). - media: amphion: Add a frame flush mode for decoder (stable-fixes). - serial: xilinx_uartps: Use helper function hrtimer_update_function() (stable-fixes). - commit 52a2394 - net/smc: fix general protection fault in __smc_diag_dump (CVE-2025-40357 bsc#1255097). - commit ef3290b - KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (CVE-2025-68259 bsc#1255199). - commit 0428a24 - bpf: Free special fields when update [lru_,]percpu_hash maps (CVE-2025-68744 bsc#1255709). - commit ab66ed0 ++++ kernel-rt: - io_uring/zctx: check chained notif contexts (CVE-2025-68317 bsc#1255354). - commit b895dee - cifs: client: fix memory leak in smb3_fs_context_parse_param (bsc#1255082, CVE-2025-40268). - commit 7120bdc - selftests/bpf: Add test to verify freeing the special fields in pcpu maps (CVE-2025-68744 bsc#1255709). - commit 763d99d - drm/amdkfd: Trap handler support for expert scheduling mode (stable-fixes). - commit 021ac24 - PCI: brcmstb: Reuse pcie_cfg_data structure (stable-fixes). - Refresh patches.suse/PCI-brcmstb-Set-generation-limit-before-PCIe-link-up.patch. - commit 0f681e6 - pinctrl: qcom: lpass-lpi: mark the GPIO controller as sleeping (git-fixes). - wifi: mac80211: restore non-chanctx injection behaviour (git-fixes). - wifi: avoid kernel-infoleak from struct iw_point (git-fixes). - atm: Fix dma_free_coherent() size (git-fixes). - net: usb: pegasus: fix memory leak in update_eth_regs_async() (git-fixes). - net: wwan: iosm: Fix memory leak in ipc_mux_deinit() (git-fixes). - HID: quirks: work around VID/PID conflict for appledisplay (git-fixes). - ASoC: sun4i-spdif: Add missing kerneldoc fields for sun4i_spdif_quirks (git-fixes). - ALSA: ac97: fix a double free in snd_ac97_controller_register() (git-fixes). - usb: usb-storage: Maintain minimal modifications to the bcdDevice range (git-fixes). - serial: xilinx_uartps: fix rs485 delay_rts_after_send (git-fixes). - Input: i8042 - add TUXEDO InfinityBook Max Gen10 AMD to i8042 quirk table (stable-fixes). - Input: lkkbd - disable pending work before freeing device (stable-fixes). - drm/amd/display: Fix scratch registers offsets for DCN351 (stable-fixes). - drm/amd/display: Fix scratch registers offsets for DCN35 (stable-fixes). - broadcom: b44: prevent uninitialized value usage (git-fixes). - Revert "drm/amd/display: Fix pbn to kbps Conversion" (stable-fixes). - drm/amdkfd: bump minimum vgpr size for gfx1151 (stable-fixes). - drm/amdkfd: Export the cwsr_size and ctl_stack_size to userspace (stable-fixes). - drm/amd/display: Use GFP_ATOMIC in dc_create_plane_state() (stable-fixes). - i2c: designware: Disable SMBus interrupts to prevent storms from mis-configured firmware (stable-fixes). - platform/x86/intel/hid: Add Dell Pro Rugged 10/12 tablet to VGBS DMI quirks (stable-fixes). - clk: qcom: dispcc-sm7150: Fix dispcc_mdss_pclk0_clk_src (stable-fixes). - usb: usb-storage: No additional quirks need to be added to the EL-R12 optical drive (stable-fixes). - usb: xhci: limit run_graceperiod for only usb 3.0 devices (stable-fixes). - usb: typec: ucsi: Handle incorrect num_connectors capability (stable-fixes). - usbip: Fix locking bug in RT-enabled kernels (stable-fixes). - serial: sprd: Return -EPROBE_DEFER when uart clock is not ready (stable-fixes). - char: applicom: fix NULL pointer dereference in ac_ioctl (stable-fixes). - iio: adc: ti_am335x_adc: Limit step_avg to valid range for gcc complains (stable-fixes). - fbdev: gbefb: fix to use physical address instead of dma address (stable-fixes). - via_wdt: fix critical boot hang due to unnamed resource allocation (stable-fixes). - ipmi: Fix __scan_channels() failing to rescan channels (stable-fixes). - ipmi: Fix the race between __scan_channels() and deliver_response() (stable-fixes). - reset: fix BIT macro reference (stable-fixes). - ti-sysc: allow OMAP2 and OMAP4 timers to be reserved on AM33xx (stable-fixes). - firmware: imx: scu-irq: Init workqueue before request mbox channel (stable-fixes). - clk: mvebu: cp110 add CLK_IGNORE_UNUSED to pcie_x10, pcie_x11 & pcie_x4 (stable-fixes). - HID: input: map HID_GD_Z to ABS_DISTANCE for stylus/pen (stable-fixes). - mmc: sdhci-msm: Avoid early clock doubling during HS400 transition (stable-fixes). - mtd: spi-nor: winbond: Add support for W25H02NWxxAM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25H01NWxxAM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25H512NWxxAM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25Q02NWxxIM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25Q01NWxxIM chips (stable-fixes). - mtd: spi-nor: winbond: Add support for W25Q01NWxxIQ chips (stable-fixes). - ASoC: qcom: sdw: fix memory leak for sdw_stream_runtime (git-fixes). - drm/amdgpu/gmc12: add amdgpu_vm_handle_fault() handling (stable-fixes). - drm/amdgpu/gmc11: add amdgpu_vm_handle_fault() handling (stable-fixes). - drm/displayid: add quirk to ignore DisplayID checksum errors (stable-fixes). - drm/edid: add DRM_EDID_IDENT_INIT() to initialize struct drm_edid_ident (stable-fixes). - drm/displayid: pass iter to drm_find_displayid_extension() (stable-fixes). - media: amphion: Remove vpu_vb_is_codecconfig (git-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3533 for RTL8821CE (stable-fixes). - Bluetooth: btusb: Add new VID/PID 0x0489/0xE12F for RTL8852BE-VT (stable-fixes). - Bluetooth: btusb: Add new VID/PID 2b89/6275 for RTL8761BUV (stable-fixes). - Bluetooth: btusb: MT7922: Add VID/PID 0489/e170 (stable-fixes). - Bluetooth: btusb: MT7920: Add VID/PID 0489/e135 (stable-fixes). - wifi: mt76: mt792x: fix wifi init fail by setting MCU_RUNNING after CLC load (stable-fixes). - wifi: brcmfmac: Add DMI nvram filename quirk for Acer A1 840 tablet (stable-fixes). - wifi: cfg80211: stop radar detection in cfg80211_leave() (stable-fixes). - wifi: cfg80211: use cfg80211_leave() in iftype change (stable-fixes). - wifi: rtl8xxxu: Fix HT40 channel config for RTL8192CU, RTL8723AU (stable-fixes). - cpufreq: nforce2: fix reference count leak in nforce2 (git-fixes). - ACPI: fan: Workaround for 64-bit firmware bug (stable-fixes). - ACPI: property: Use ACPI functions in acpi_graph_get_next_endpoint() only (stable-fixes). - ACPICA: Avoid walking the Namespace if start_node is NULL (stable-fixes). - media: amphion: Make some vpu_v4l2 functions static (stable-fixes). - firmware: imx: Add stub functions for SCMI MISC API (git-fixes). - media: amphion: Add a frame flush mode for decoder (stable-fixes). - serial: xilinx_uartps: Use helper function hrtimer_update_function() (stable-fixes). - commit 52a2394 - net/smc: fix general protection fault in __smc_diag_dump (CVE-2025-40357 bsc#1255097). - commit ef3290b - KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced (CVE-2025-68259 bsc#1255199). - commit 0428a24 - bpf: Free special fields when update [lru_,]percpu_hash maps (CVE-2025-68744 bsc#1255709). - commit ab66ed0 ++++ openvswitch: - Update OVN to 25.03.2 - Bug fixes - Dynamic Routing: * Add the option "dynamic-routing-redistribute-local-only" to Logical Routers and Logical Router Ports which refines the way in which chassis-specific Advertised_Routes (e.g., for NAT and LB IPs) are advertised. * Add the option "dynamic-routing-vrf-id" to Logical Routers which allows CMS to specify the Linux routing table id for a given vrf. - Add ovn-nbctl lsp-add-router-port which will create router port on specified LS. - Add ovn-nbctl lsp-add-localnet-port which will create localnet port on specified LS. ++++ libsoup: - Add libsoup-CVE-2026-0719.patch: Fix overflow for password md4sum (bsc#1256399, CVE-2026-0719, glgo#GNOME/libsoup!493). ++++ systemd: - systemd-update-helper: clean up the flags immediately after they have been consumed (no functional changes). - systemd.spec: don't reexecute PID1 on transactional updates. - Drop most of the workarounds contained in the fixlets. These workarounds were hold to address old issues that no longer exist in recent versions of systemd. For systems upgrading to this version, we assume these issues have already been fixed by the fixlet scripts still shipped by the previous distribution. Only the logig warning users about the deprecated usage of the main configuration files (favoring drop-in files) is preserved. ++++ man: - Do not masked out the already existing %ghost file entry (Accordingly to Packaging for Immutable Mode - Best Practices) ------------------------------------------------------------------ ------------------ 2026-1-8 - Jan 8 2026 ------------------- ------------------------------------------------------------------ ++++ gpg2: - Security fix: [bsc#1255715, CVE-2025-68973] (gpg.fail/memcpy) * gpg: Fix possible memory corruption in the armor parser [T7906] * Add gnupg-CVE-2025-68973.patch - Security fix: [bsc#1256246] (gpg.fail/sha1) * gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures [T7904] * Add gnupg-gpg-Avoid-potential-downgrade-to-SHA1-in-3rd-party-keysig.patch - Security fix: [bsc#1256244] (gpg.fail/detached) * gpg: Error out on unverified output for non-detached signatures [T7903] * Add gnupg-gpg-Error-out-on-unverified-output-for-non-detached-signatures.patch - Security fix: [bsc#1256390] (gpg.fail/notdash) * gpg2: Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG * Add patch gnupg-notdash-escape.patch ++++ kernel-default: - cifs: reset iface weights when we cannot find a candidate (git-fixes). - commit 859fca4 - smb: client: fix warning when reconnecting channel (git-fixes). - commit 700befa - cifs: do not disable interface polling on failure (git-fixes). - commit 87a748d - cifs: deal with the channel loading lag while picking channels (git-fixes). - commit c445274 - cifs: serialize other channels when query server interfaces is pending (git-fixes). - commit 202c543 - cifs: dns resolution is needed only for primary channel (git-fixes). - commit 47e47ab - cifs: update dstaddr whenever channel iface is updated (git-fixes). - commit cd217a8 - cifs: reset connections for all channels when reconnect requested (git-fixes). - commit a324ea9 - smb: client: introduce close_cached_dir_locked() (git-fixes). - commit e15b950 - smb: client: fix potential UAF in smb2_close_cached_fid() (CVE-2025-40328 bsc#1254624). - commit f11d74a - binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272 CVE-2025-68239). - commit 2983172 - fs/proc: fix uaf in proc_readdir_de() (bsc#1255297 CVE-2025-40271). - commit 46250e7 - ext4: refresh inline data size before write operations (bsc#1255380 CVE-2025-68264). - commit c23012b - fs/notify: call exportfs_encode_fid with s_umount (bsc#1254809 CVE-2025-40237). - commit 70d7e44 - ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623 CVE-2025-40190). - commit 6c51c0b - mm/damon/vaddr: do not repeat pte_offset_map_lock() until success (CVE-2025-40218 bsc#1254964) - commit a3828d9 - arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (CVE-2025-40346 bsc#1255318) - commit 799eb50 - net: sxgbe: fix potential NULL dereference in sxgbe_rx() (CVE-2025-68302 bsc#1255121) - commit 15ce001 - net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (CVE-2025-40278 bsc#1254825). - commit a5a7e57 - Refresh patches.suse/perf-hwmon_pmu-Fix-uninitialized-variable-warning.patch. - Refresh patches.suse/scsi-lpfc-Add-capability-to-register-Platform-Name-I.patch. - Refresh patches.suse/scsi-lpfc-Allow-support-for-BB-credit-recovery-in-po.patch. - Refresh patches.suse/scsi-lpfc-Ensure-unregistration-of-rpis-for-received.patch. - Refresh patches.suse/scsi-lpfc-Fix-leaked-ndlp-krefs-when-in-point-to-poi.patch. - Refresh patches.suse/scsi-lpfc-Fix-reusing-an-ndlp-that-is-marked-NLP_DRO.patch. - Refresh patches.suse/scsi-lpfc-Modify-kref-handling-for-Fabric-Controller.patch. - Refresh patches.suse/scsi-lpfc-Remove-redundant-NULL-ptr-assignment-in-lp.patch. - Refresh patches.suse/scsi-lpfc-Revise-discovery-related-function-headers-.patch. - Refresh patches.suse/scsi-lpfc-Update-lpfc-version-to-14.4.0.12.patch. - Refresh patches.suse/scsi-lpfc-Update-various-NPIV-diagnostic-log-messagi.patch. - commit b565804 - mm/huge_memory: fix NULL pointer deference when splitting folio (CVE-2025-68293 bsc#1255150). - commit 1dd8abe - iommufd: Don't overflow during division for dirty tracking (CVE-2025-40293 bsc#1255179). - commit b6a4633 ++++ kernel-rt: - cifs: reset iface weights when we cannot find a candidate (git-fixes). - commit 859fca4 - smb: client: fix warning when reconnecting channel (git-fixes). - commit 700befa - cifs: do not disable interface polling on failure (git-fixes). - commit 87a748d - cifs: deal with the channel loading lag while picking channels (git-fixes). - commit c445274 - cifs: serialize other channels when query server interfaces is pending (git-fixes). - commit 202c543 - cifs: dns resolution is needed only for primary channel (git-fixes). - commit 47e47ab - cifs: update dstaddr whenever channel iface is updated (git-fixes). - commit cd217a8 - cifs: reset connections for all channels when reconnect requested (git-fixes). - commit a324ea9 - smb: client: introduce close_cached_dir_locked() (git-fixes). - commit e15b950 - smb: client: fix potential UAF in smb2_close_cached_fid() (CVE-2025-40328 bsc#1254624). - commit f11d74a - binfmt_misc: restore write access before closing files opened by open_exec() (bsc#1255272 CVE-2025-68239). - commit 2983172 - fs/proc: fix uaf in proc_readdir_de() (bsc#1255297 CVE-2025-40271). - commit 46250e7 - ext4: refresh inline data size before write operations (bsc#1255380 CVE-2025-68264). - commit c23012b - fs/notify: call exportfs_encode_fid with s_umount (bsc#1254809 CVE-2025-40237). - commit 70d7e44 - ext4: guard against EA inode refcount underflow in xattr update (bsc#1253623 CVE-2025-40190). - commit 6c51c0b - mm/damon/vaddr: do not repeat pte_offset_map_lock() until success (CVE-2025-40218 bsc#1254964) - commit a3828d9 - arch_topology: Fix incorrect error check in topology_parse_cpu_capacity() (CVE-2025-40346 bsc#1255318) - commit 799eb50 - net: sxgbe: fix potential NULL dereference in sxgbe_rx() (CVE-2025-68302 bsc#1255121) - commit 15ce001 - net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak (CVE-2025-40278 bsc#1254825). - commit a5a7e57 - Refresh patches.suse/perf-hwmon_pmu-Fix-uninitialized-variable-warning.patch. - Refresh patches.suse/scsi-lpfc-Add-capability-to-register-Platform-Name-I.patch. - Refresh patches.suse/scsi-lpfc-Allow-support-for-BB-credit-recovery-in-po.patch. - Refresh patches.suse/scsi-lpfc-Ensure-unregistration-of-rpis-for-received.patch. - Refresh patches.suse/scsi-lpfc-Fix-leaked-ndlp-krefs-when-in-point-to-poi.patch. - Refresh patches.suse/scsi-lpfc-Fix-reusing-an-ndlp-that-is-marked-NLP_DRO.patch. - Refresh patches.suse/scsi-lpfc-Modify-kref-handling-for-Fabric-Controller.patch. - Refresh patches.suse/scsi-lpfc-Remove-redundant-NULL-ptr-assignment-in-lp.patch. - Refresh patches.suse/scsi-lpfc-Revise-discovery-related-function-headers-.patch. - Refresh patches.suse/scsi-lpfc-Update-lpfc-version-to-14.4.0.12.patch. - Refresh patches.suse/scsi-lpfc-Update-various-NPIV-diagnostic-log-messagi.patch. - commit b565804 - mm/huge_memory: fix NULL pointer deference when splitting folio (CVE-2025-68293 bsc#1255150). - commit 1dd8abe - iommufd: Don't overflow during division for dirty tracking (CVE-2025-40293 bsc#1255179). - commit b6a4633 ++++ libsodium: - Security fix: [bsc#1256070, CVE-2025-15444] * check Y==Z in addition to X==0 * Add patch libsodium-CVE-2025-15444.patch ++++ libsoup: - Add libsoup-CVE-2025-14523.patch: Reject duplicated Host in headers (bsc#1254876, CVE-2025-14523, glgo#GNOME/libsoup!491). ------------------------------------------------------------------ ------------------ 2026-1-7 - Jan 7 2026 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fix: [bsc#1256105, CVE-2025-14017] * call ldap_init() before setting the options * Add patch curl-CVE-2025-14017.patch ++++ kernel-default: - libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (CVE-2025-68284 bsc#1255377). - commit 9132138 - libceph: replace BUG_ON with bounds check for map->max_osd (CVE-2025-68283 bsc#1255379). - commit 0f51ab5 - ceph: fix multifs mds auth caps issue (CVE-2025-40362 bsc#1255103). - commit 9fee071 - fuse: fix livelock in synchronous file put from fuseblk workers (CVE-2025-40220 bsc#1254520). - commit 9838be9 - ASoC: codecs: wcd937x: fix OF node leaks on probe failure (git-fixes). - ASoC: Intel: soc-acpi: arl: Correct order of cs42l43 matches (git-fixes). - commit 1cc2d04 ++++ kernel-rt: - libceph: prevent potential out-of-bounds writes in handle_auth_session_key() (CVE-2025-68284 bsc#1255377). - commit 9132138 - libceph: replace BUG_ON with bounds check for map->max_osd (CVE-2025-68283 bsc#1255379). - commit 0f51ab5 - ceph: fix multifs mds auth caps issue (CVE-2025-40362 bsc#1255103). - commit 9fee071 - fuse: fix livelock in synchronous file put from fuseblk workers (CVE-2025-40220 bsc#1254520). - commit 9838be9 - ASoC: codecs: wcd937x: fix OF node leaks on probe failure (git-fixes). - ASoC: Intel: soc-acpi: arl: Correct order of cs42l43 matches (git-fixes). - commit 1cc2d04 ++++ samba: - samba-ad-dc-libs packages are missing a DLZ plugin for bind 9.20; (bso#15790); (bsc#1249058). ++++ systemd: - Drop %filetriggers build flag. It was introduced to ease backport of Base:System to SLE distros where file-triggers were unreliable but that is no longer the case on the latest SLE distros. ++++ rust-keylime: - Use tmpfiles.d for /var directories (PED-14736) + tmpfiles.keylime renamed to rust-keylime.conf and extended - Update to version 0.2.8+96: * build(deps): bump wiremock from 0.6.4 to 0.6.5 * build(deps): bump actions/checkout from 5 to 6 * build(deps): bump chrono from 0.4.41 to 0.4.42 * packit: Get coverage from Fedora 43 runs * Fix issues pointed out by clippy * Replace mutex unwraps with proper error handling in TPM library * Remove unused session request methods from StructureFiller * Fix config panic on missing ek_handle in push model agent * build(deps): bump tempfile from 3.21.0 to 3.23.0 * build(deps): bump actions/upload-artifact from 4 to 6 (#1163) * Fix clippy warnings project-wide * Add KEYLIME_DIR support for verifier TLS certificates in push model agent * Thread privileged resources and use MeasurementList for IMA reading * Add privileged resource initialization and privilege dropping to push model agent * Fix privilege dropping order in run_as() * add documentation on FQDN hostnames * Remove confusing logs for push mode agent * Set correct default Verifier port (8891->8881) (#1159) * Add verifier_url to reference configuration file (#1158) * Add TLS support for Registrar communication (#1139) * Fix agent handling of 403 registration responses (#1154) * Add minor README.md rephrasing (#1151) * build(deps): bump actions/checkout from 5 to 6 (#1153) * ci: update spec files for packit COPR build * docs: improve challenge encoding and async TPM documentation * refactor: improve middleware and error handling * feat: add authentication client with middleware integration * docker: Include keylime_push_model_agent binary * Include attestation_interval configuration (#1146) * Persist payload keys to avoid attestation failure on restart * crypto: Implement the load or generate pattern for keys * Use simple algorithm specifiers in certification_keys object (#1140) * tests: Enable more tests in CI * Fix RSA2048 algorithm reporting in keylime agent * Remove disabled_signing_algorithms configuration * rpm: Fix metadata patches to apply to current code * workflows/rpm.yml: Use more strict patching * build(deps): bump uuid from 1.17.0 to 1.18.1 * Fix ECC algorithm selection and reporting for keylime agent * Improve logging consistency and coherency * Implement minimal RFC compliance for Location header and URI parsing (#1125) * Use separate keys for payload mechanism and mTLS * docker: update rust to 1.81 for distroless Dockerfile * Ensure UEFI log capabilities are set to false * build(deps): bump http from 1.1.0 to 1.3.1 * build(deps): bump log from 0.4.27 to 0.4.28 * build(deps): bump cfg-if from 1.0.1 to 1.0.3 * build(deps): bump actix-rt from 2.10.0 to 2.11.0 * build(deps): bump async-trait from 0.1.88 to 0.1.89 * build(deps): bump trybuild from 1.0.105 to 1.0.110 * Accept evidence handling structures null entries * workflows: Add test to check if RPM patches still apply * CI: Enable test add-agent-with-malformed-ek-cert * config: Fix singleton tests * FSM: Remove needless lifetime annotations (#1105) * rpm: Do not remove wiremock which is now available in Fedora * Use latest Fedora httpdate version (1.0.3) * Enhance coverage with parse_retry_after test * Fix issues reported by CI regarding unwrap() calls * Reuse max retries indicated to the ResilientClient * Include limit of retries to 5 for Retry-After * Add policy to handle Retry-After response headers * build(deps): bump wiremock from 0.6.3 to 0.6.4 * build(deps): bump serde_json from 1.0.140 to 1.0.143 * build(deps): bump pest_derive from 2.8.0 to 2.8.1 * build(deps): bump syn from 2.0.90 to 2.0.106 * build(deps): bump tempfile from 3.20.0 to 3.21.0 * build(deps): bump thiserror from 2.0.12 to 2.0.16 * rpm: Fix patches to apply to current master code * build(deps): bump anyhow from 1.0.98 to 1.0.99 * state_machine: Automatically clean config override during tests * config: Implement singleton and factory pattern * testing: Support overriding configuration during tests * feat: implement standalone challenge-response authentication module * structures: rename session structs for clarity and fix typos * tpm: refactor certify_credential_with_iak() into a more generic function * Add Push Model Agent Mermaid FSM chart (#1095) * Add state to avoid exiting on wrong attestation (#1093) * Add 6 alphanumeric lowercase X-Request-ID header * Enhance Evidence Handling response parsing * build(deps): bump quote from 1.0.35 to 1.0.40 * build(deps): bump libc from 0.2.172 to 0.2.175 * build(deps): bump glob from 0.3.2 to 0.3.3 * build(deps): bump actix-web from 4.10.2 to 4.11.0 ++++ selinux-policy: - Update to version 20250627+git345.3965b24b0: * Allow 'mysql-systemd-helper upgrade' to work correctly (bsc#1255024) ------------------------------------------------------------------ ------------------ 2026-1-6 - Jan 6 2026 ------------------- ------------------------------------------------------------------ ++++ dpdk: - Update to version 24.11.4 * LTS update with ~250 fixes, details here: https://doc.dpdk.org/guides-24.11/rel_notes/release_24_11.html#id10 - Update to version 24.11.3 * LTS release update contains ~180 fixes from main branch up to DPDK 25.07 - Fixes CVE-2025-23259 -- an attacker on a VM in the system can cause information disclosure and denial of service (bsc#1254161) * remove included patch 0001-dts-generate-random-capture_name-per-call.patch - Remove obsolete build option -Denable_kmods (upstream a52d472c5) - dpdk-tools requires "which" and is noarch - Drop pesign and needssslcertforbuild because we don't build a kmp anymore (boo#1247389) ++++ kernel-default: - devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251 bsc#1254856). - commit da56dba - net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() (bsc#1255156 CVE-2025-40255). - commit 57e1c6f - PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1255868). - commit 44c675f ++++ kernel-rt: - devlink: rate: Unset parent pointer in devl_rate_nodes_destroy (CVE-2025-40251 bsc#1254856). - commit da56dba - net: core: prevent NULL deref in generic_hwtstamp_ioctl_lower() (bsc#1255156 CVE-2025-40255). - commit 57e1c6f - PCI/DOE: Poll DOE Busy bit for up to 1 second in pci_doe_send_req() (bsc#1255868). - commit 44c675f ------------------------------------------------------------------ ------------------ 2026-1-5 - Jan 5 2026 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (CVE-2025-40279 bsc#1254846). - commit cb9f7bb - btrfs: do not skip logging new dentries when logging a new name (git-fixes). - commit ec916c6 - btrfs: don't log conflicting inode if it's a dir moved in the current transaction (git-fixes). - commit a690d41 - btrfs: fix changeset leak on mmap write after failure to reserve metadata (git-fixes). - commit 75e4299 - team: Move team device type change at the end of team_port_add (CVE-2025-68340 bsc#1255507). - net/mlx5: Clean up only new IRQ glue on request_irq() failure (CVE-2025-40250 bsc#1254854). - net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (CVE-2025-40252 bsc#1254849). - net: enetc: fix the deadlock of enetc_mdio_lock (CVE-2025-40347 bsc#1255262). - commit 085c913 - ASoC: Intel: avs: Do not share the name pointer between components (CVE-2025-40338 bsc#1255273). - commit fb15ec5 - usb: phy: isp1301: fix non-OF device reference imbalance (git-fixes). - usb: gadget: lpc32xx_udc: fix clock imbalance in error path (git-fixes). - serial: core: Fix serial device initialization (git-fixes). - commit 592ca99 - wifi: mac80211: do not use old MBSSID elements (git-fixes). - wifi: cfg80211: sme: store capped length in __cfg80211_connect_result() (git-fixes). - wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() (git-fixes). - wifi: rtw88: limit indirect IO under powered off for RTL8822CS (git-fixes). - usb: ohci-nxp: fix device leak on probe failure (git-fixes). - usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe (git-fixes). - USB: lpc32xx_udc: Fix error handling in probe (git-fixes). - usb: typec: altmodes/displayport: Drop the device reference in dp_altmode_probe() (git-fixes). - usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc() (git-fixes). - usb: dwc3: keep susphy enabled during exit to avoid controller faults (git-fixes). - usb: dwc2: fix hang during shutdown if set as peripheral (git-fixes). - wifi: ath10k: move recovery check logic into a new work (git-fixes). - wifi: ath10k: Add missing include of export.h (stable-fixes). - wifi: ath10k: Avoid vdev delete timeout when firmware is already down (stable-fixes). - commit 07af9a3 - of: unittest: Fix memory leak in unittest_data_add() (git-fixes). - drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer (git-fixes). - drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in prepare_fb (git-fixes). - platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing (git-fixes). - platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic (git-fixes). - platform/x86: msi-laptop: add missing sysfs_remove_group() (git-fixes). - platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names (git-fixes). - net: rose: fix invalid array index in rose_kill_by_device() (git-fixes). - net: usb: sr9700: fix incorrect command used to write single register (git-fixes). - net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write (git-fixes). - net: usb: rtl8150: fix memory leak on usb_submit_urb() failure (git-fixes). - net: mdio: aspeed: add dummy read to avoid read-after-write issue (git-fixes). - idr: fix idr_alloc() returning an ID out of range (git-fixes). - genalloc.h: fix htmldocs warning (git-fixes). - serial: sh-sci: Check that the DMA cookie is valid (git-fixes). - serial: core: Restore sysfs fwnode information (git-fixes). - firewire: nosy: Fix dma_free_coherent() size (git-fixes). - Input: ti_am335x_tsc - fix off-by-one error in wire_order validation (git-fixes). - Input: alps - fix use-after-free bugs caused by dev3_register_work (git-fixes). - Input: atkbd - skip deactivate for HONOR FMB-P's internal keyboard (git-fixes). - spi: cadence-quadspi: Fix clock disable on probe failure path (git-fixes). - spi: fsl-cpm: Check length parity before switching to 16 bit mode (git-fixes). - hwmon: (ltc4282): Fix reset_history file permissions (git-fixes). - hwmon: (tmp401) fix overflow caused by default conversion rate value (git-fixes). - hwmon: (ibmpex) fix use-after-free in high/low store (git-fixes). - hwmon: (dell-smm) Limit fan multiplier to avoid overflow (git-fixes). - mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig (git-fixes). - mmc: sdhci-of-arasan: Increase CD stable timeout to 2 seconds (git-fixes). - PM: runtime: Do not clear needs_force_resume with enabled runtime PM (git-fixes). - nfc: pn533: Fix error code in pn533_acr122_poweron_rdr() (git-fixes). - r8169: fix RTL8117 Wake-on-Lan in DASH mode (git-fixes). - net: phy: marvell-88q2xxx: Fix clamped value in mv88q2xxx_hwmon_write (git-fixes). - firmware_loader: make RUST_FW_LOADER_ABSTRACTIONS select FW_LOADER (git-fixes). - efi/cper: align ARM CPER type with UEFI 2.9A/2.10 specs (stable-fixes). - efi/cper: Add a new helper function to print bitmasks (stable-fixes). - efi/cper: Adjust infopfx size to accept an extra space (stable-fixes). - usb: dwc2: disable platform lowlevel hw resources during shutdown (stable-fixes). - resource: introduce is_type_match() helper and use it (stable-fixes). - resource: replace open coded resource_intersection() (stable-fixes). - commit 0273be1 - accel/ivpu: Prevent runtime suspend during context abort work (stable-fixes). - Refresh patches.suse/accel-ivpu-Trigger-device-recovery-on-engine-reset-r.patch. - commit 79c3327 - drm/imagination: Disallow exporting of PM/FW protected objects (git-fixes). - Bluetooth: btusb: revert use of devm_kzalloc in btusb (git-fixes). - crypto: seqiv - Do not use req->iv after crypto_aead_encrypt (git-fixes). - drm/msm/dpu: Add missing NULL pointer check for pingpong interface (git-fixes). - ASoC: ak4458: remove the reset operation in probe and remove (git-fixes). - ASoC: fsl_sai: Constrain sample rates from audio PLLs only in master mode (git-fixes). - ALSA: usb-mixer: us16x08: validate meter packet indices (git-fixes). - ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path (git-fixes). - ALSA: vxpocket: Fix resource leak in vxpocket_probe error path (git-fixes). - drm/xe: Use usleep_range for accurate long-running workload timeslicing (git-fixes). - drm/xe: Drop preempt-fences when destroying imported dma-bufs (git-fixes). - drm/xe/oa: Disallow 0 OA property values (git-fixes). - drm/xe: Adjust long-running workload timeslices to reasonable values (git-fixes). - drm/xe/oa: Limit num_syncs to prevent oversized allocations (git-fixes). - drm/xe: Limit num_syncs to prevent oversized allocations (git-fixes). - drm/xe: Restore engine registers before restarting schedulers after GT reset (git-fixes). - drm/xe/bo: Don't include the CCS metadata in the dma-buf sg-table (git-fixes). - drm/me/gsc: mei interrupt top half should be in irq disabled context (git-fixes). - drm/panel: sony-td4353-jdi: Enable prepare_prev_first (git-fixes). - ACPI: PCC: Fix race condition by removing static qualifier (git-fixes). - ACPI: CPPC: Fix missing PCC check for guaranteed_perf (git-fixes). - can: j1939: make j1939_sk_bind() fail if device is no longer registered (git-fixes). - can: gs_usb: gs_can_open(): fix error handling (git-fixes). - ASoC: codecs: nau8325: Silence uninitialized variables warnings (stable-fixes). - ASoC: nau8325: use simple i2c probe function (stable-fixes). - ALSA: wavefront: Fix integer overflow in sample size validation (git-fixes). - accel/ivpu: Ensure rpm_runtime_put in case of engine reset/resume fail (git-fixes). - commit bc5d2b7 - bpf: Fix stackmap overflow check in __bpf_get_stackid() (CVE-2025-68378 bsc#1255614). - commit 7a823bd - bpf: Refactor stack map trace depth calculation into helper function (CVE-2025-68378 bsc#1255614). - commit 296727b ++++ kernel-rt: - net: sched: act_connmark: initialize struct tc_ife to fix kernel leak (CVE-2025-40279 bsc#1254846). - commit cb9f7bb - btrfs: do not skip logging new dentries when logging a new name (git-fixes). - commit ec916c6 - btrfs: don't log conflicting inode if it's a dir moved in the current transaction (git-fixes). - commit a690d41 - btrfs: fix changeset leak on mmap write after failure to reserve metadata (git-fixes). - commit 75e4299 - team: Move team device type change at the end of team_port_add (CVE-2025-68340 bsc#1255507). - net/mlx5: Clean up only new IRQ glue on request_irq() failure (CVE-2025-40250 bsc#1254854). - net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (CVE-2025-40252 bsc#1254849). - net: enetc: fix the deadlock of enetc_mdio_lock (CVE-2025-40347 bsc#1255262). - commit 085c913 - ASoC: Intel: avs: Do not share the name pointer between components (CVE-2025-40338 bsc#1255273). - commit fb15ec5 - usb: phy: isp1301: fix non-OF device reference imbalance (git-fixes). - usb: gadget: lpc32xx_udc: fix clock imbalance in error path (git-fixes). - serial: core: Fix serial device initialization (git-fixes). - commit 592ca99 - wifi: mac80211: do not use old MBSSID elements (git-fixes). - wifi: cfg80211: sme: store capped length in __cfg80211_connect_result() (git-fixes). - wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc() (git-fixes). - wifi: rtw88: limit indirect IO under powered off for RTL8822CS (git-fixes). - usb: ohci-nxp: fix device leak on probe failure (git-fixes). - usb: dwc3: of-simple: fix clock resource leak in dwc3_of_simple_probe (git-fixes). - USB: lpc32xx_udc: Fix error handling in probe (git-fixes). - usb: typec: altmodes/displayport: Drop the device reference in dp_altmode_probe() (git-fixes). - usb: renesas_usbhs: Fix a resource leak in usbhs_pipe_malloc() (git-fixes). - usb: dwc3: keep susphy enabled during exit to avoid controller faults (git-fixes). - usb: dwc2: fix hang during shutdown if set as peripheral (git-fixes). - wifi: ath10k: move recovery check logic into a new work (git-fixes). - wifi: ath10k: Add missing include of export.h (stable-fixes). - wifi: ath10k: Avoid vdev delete timeout when firmware is already down (stable-fixes). - commit 07af9a3 - of: unittest: Fix memory leak in unittest_data_add() (git-fixes). - drm/i915/gem: Zero-initialize the eb.vma array in i915_gem_do_execbuffer (git-fixes). - drm/nouveau/dispnv50: Don't call drm_atomic_get_crtc_state() in prepare_fb (git-fixes). - platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing (git-fixes). - platform/x86: ibm_rtl: fix EBDA signature search pointer arithmetic (git-fixes). - platform/x86: msi-laptop: add missing sysfs_remove_group() (git-fixes). - platform/mellanox: mlxbf-pmc: Remove trailing whitespaces from event names (git-fixes). - net: rose: fix invalid array index in rose_kill_by_device() (git-fixes). - net: usb: sr9700: fix incorrect command used to write single register (git-fixes). - net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write (git-fixes). - net: usb: rtl8150: fix memory leak on usb_submit_urb() failure (git-fixes). - net: mdio: aspeed: add dummy read to avoid read-after-write issue (git-fixes). - idr: fix idr_alloc() returning an ID out of range (git-fixes). - genalloc.h: fix htmldocs warning (git-fixes). - serial: sh-sci: Check that the DMA cookie is valid (git-fixes). - serial: core: Restore sysfs fwnode information (git-fixes). - firewire: nosy: Fix dma_free_coherent() size (git-fixes). - Input: ti_am335x_tsc - fix off-by-one error in wire_order validation (git-fixes). - Input: alps - fix use-after-free bugs caused by dev3_register_work (git-fixes). - Input: atkbd - skip deactivate for HONOR FMB-P's internal keyboard (git-fixes). - spi: cadence-quadspi: Fix clock disable on probe failure path (git-fixes). - spi: fsl-cpm: Check length parity before switching to 16 bit mode (git-fixes). - hwmon: (ltc4282): Fix reset_history file permissions (git-fixes). - hwmon: (tmp401) fix overflow caused by default conversion rate value (git-fixes). - hwmon: (ibmpex) fix use-after-free in high/low store (git-fixes). - hwmon: (dell-smm) Limit fan multiplier to avoid overflow (git-fixes). - mmc: sdhci-esdhc-imx: add alternate ARCH_S32 dependency to Kconfig (git-fixes). - mmc: sdhci-of-arasan: Increase CD stable timeout to 2 seconds (git-fixes). - PM: runtime: Do not clear needs_force_resume with enabled runtime PM (git-fixes). - nfc: pn533: Fix error code in pn533_acr122_poweron_rdr() (git-fixes). - r8169: fix RTL8117 Wake-on-Lan in DASH mode (git-fixes). - net: phy: marvell-88q2xxx: Fix clamped value in mv88q2xxx_hwmon_write (git-fixes). - firmware_loader: make RUST_FW_LOADER_ABSTRACTIONS select FW_LOADER (git-fixes). - efi/cper: align ARM CPER type with UEFI 2.9A/2.10 specs (stable-fixes). - efi/cper: Add a new helper function to print bitmasks (stable-fixes). - efi/cper: Adjust infopfx size to accept an extra space (stable-fixes). - usb: dwc2: disable platform lowlevel hw resources during shutdown (stable-fixes). - resource: introduce is_type_match() helper and use it (stable-fixes). - resource: replace open coded resource_intersection() (stable-fixes). - commit 0273be1 - accel/ivpu: Prevent runtime suspend during context abort work (stable-fixes). - Refresh patches.suse/accel-ivpu-Trigger-device-recovery-on-engine-reset-r.patch. - commit 79c3327 - drm/imagination: Disallow exporting of PM/FW protected objects (git-fixes). - Bluetooth: btusb: revert use of devm_kzalloc in btusb (git-fixes). - crypto: seqiv - Do not use req->iv after crypto_aead_encrypt (git-fixes). - drm/msm/dpu: Add missing NULL pointer check for pingpong interface (git-fixes). - ASoC: ak4458: remove the reset operation in probe and remove (git-fixes). - ASoC: fsl_sai: Constrain sample rates from audio PLLs only in master mode (git-fixes). - ALSA: usb-mixer: us16x08: validate meter packet indices (git-fixes). - ALSA: pcmcia: Fix resource leak in snd_pdacf_probe error path (git-fixes). - ALSA: vxpocket: Fix resource leak in vxpocket_probe error path (git-fixes). - drm/xe: Use usleep_range for accurate long-running workload timeslicing (git-fixes). - drm/xe: Drop preempt-fences when destroying imported dma-bufs (git-fixes). - drm/xe/oa: Disallow 0 OA property values (git-fixes). - drm/xe: Adjust long-running workload timeslices to reasonable values (git-fixes). - drm/xe/oa: Limit num_syncs to prevent oversized allocations (git-fixes). - drm/xe: Limit num_syncs to prevent oversized allocations (git-fixes). - drm/xe: Restore engine registers before restarting schedulers after GT reset (git-fixes). - drm/xe/bo: Don't include the CCS metadata in the dma-buf sg-table (git-fixes). - drm/me/gsc: mei interrupt top half should be in irq disabled context (git-fixes). - drm/panel: sony-td4353-jdi: Enable prepare_prev_first (git-fixes). - ACPI: PCC: Fix race condition by removing static qualifier (git-fixes). - ACPI: CPPC: Fix missing PCC check for guaranteed_perf (git-fixes). - can: j1939: make j1939_sk_bind() fail if device is no longer registered (git-fixes). - can: gs_usb: gs_can_open(): fix error handling (git-fixes). - ASoC: codecs: nau8325: Silence uninitialized variables warnings (stable-fixes). - ASoC: nau8325: use simple i2c probe function (stable-fixes). - ALSA: wavefront: Fix integer overflow in sample size validation (git-fixes). - accel/ivpu: Ensure rpm_runtime_put in case of engine reset/resume fail (git-fixes). - commit bc5d2b7 - bpf: Fix stackmap overflow check in __bpf_get_stackid() (CVE-2025-68378 bsc#1255614). - commit 7a823bd - bpf: Refactor stack map trace depth calculation into helper function (CVE-2025-68378 bsc#1255614). - commit 296727b ++++ libpcap: - Security fix: [bsc#1255765, CVE-2025-11961] * Fix out-of-bound-write and out-of-bound-read in pcap_ether_aton() due to missing validation of provided MAC-48 address string * Add libpcap-CVE-2025-11961.patch ------------------------------------------------------------------ ------------------ 2026-1-3 - Jan 3 2026 ------------------- ------------------------------------------------------------------ ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to version 580.126.09 (boo#1255858) ------------------------------------------------------------------ ------------------ 2026-1-2 - Jan 2 2026 ------------------- ------------------------------------------------------------------ ++++ curl: - Security fixes: * [bsc#1255731, CVE-2025-14524] if redirected, require permission to use bearer * [bsc#1255734, CVE-2025-15224] require private key or user-agent for public key auth * [bsc#1255732, CVE-2025-14819] toggling CURLSSLOPT_NO_PARTIALCHAIN makes a different CA cache * [bsc#1255733, CVE-2025-15079] set both knownhosts options to the same file * Add patches: - curl-CVE-2025-14524.patch - curl-CVE-2025-15224.patch - curl-CVE-2025-14819.patch - curl-CVE-2025-15079.patch ++++ kernel-default: - powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496). - commit 2cae729 - ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct() (git-fixes). - commit fa39b88 - uprobe: Do not emulate/sstep original instruction when ip is changed (git-fixes). - commit d467aca ++++ kernel-rt: - powerpc/kexec: Enable SMT before waking offline CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes bsc#1253739 ltc#211493 bsc#1254244 ltc#216496). - commit 2cae729 - ftrace: bpf: Fix IPMODIFY + DIRECT in modify_ftrace_direct() (git-fixes). - commit fa39b88 - uprobe: Do not emulate/sstep original instruction when ip is changed (git-fixes). - commit d467aca ------------------------------------------------------------------ ------------------ 2025-12-31 - Dec 31 2025 ------------------- ------------------------------------------------------------------ ++++ fde-tools: - Add fde-tools.conf to create /var/log/fde with tmpfiles.d (jsc#PED-14754) ++++ kernel-default: - scsi: ufs: core: Fix PM QoS mutex initialization (git-fixes). - commit d4f8c1e - sysfs: check visibility before changing group attribute ownership (CVE-2025-40355 bsc#1255261). - commit 880a26c - kabi: fix struct ufs_hba changes (bsc#1253414 CVE-2025-40130). - commit fc77a12 - tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (CVE-2025-40042 bsc#1252861). - commit bdfa48f ++++ kernel-rt: - scsi: ufs: core: Fix PM QoS mutex initialization (git-fixes). - commit d4f8c1e - sysfs: check visibility before changing group attribute ownership (CVE-2025-40355 bsc#1255261). - commit 880a26c - kabi: fix struct ufs_hba changes (bsc#1253414 CVE-2025-40130). - commit fc77a12 - tracing: Fix race condition in kprobe initialization causing NULL pointer dereference (CVE-2025-40042 bsc#1252861). - commit bdfa48f ------------------------------------------------------------------ ------------------ 2025-12-30 - Dec 30 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it (bsc#1255672). - Refresh patches.suse/KVM-SEV-Enforce-minimum-GHCB-version-requirement-for.patch. - Refresh patches.suse/KVM-SEV-Rename-kvm_ghcb_get_sw_exit_code-to-kvm_get_.patch. - commit 24d45f1 - scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (CVE-2025-40130 bsc#1253414). - commit ebfcb5d ++++ kernel-rt: - KVM: SEV: Drop GHCB_VERSION_DEFAULT and open code it (bsc#1255672). - Refresh patches.suse/KVM-SEV-Enforce-minimum-GHCB-version-requirement-for.patch. - Refresh patches.suse/KVM-SEV-Rename-kvm_ghcb_get_sw_exit_code-to-kvm_get_.patch. - commit 24d45f1 - scsi: ufs: core: Fix data race in CPU latency PM QoS request handling (CVE-2025-40130 bsc#1253414). - commit ebfcb5d ------------------------------------------------------------------ ------------------ 2025-12-29 - Dec 29 2025 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 059+suse.717.g75494a30: Fix and update testsuite (bsc#1254873): * test(FULL-SYSTEMD): ignore errors in systemd-vconsole-setup.service * test: move /failed to /run/failed as rootfs might be read-only * test(FULL-SYSTEMD): use poweroff to shut down test * test(FULL SYSTEMD): no need to include dbus to the target rootfs * test: make the size of all test drives 512 MB * fix(systemd): move installation of libkmod to udev-rules module * test: switch to virtio for the QEMU drive * test: switch to virtio for the QEMU drive * test: increase test VM memory from 512M to 1024M to avoid OOM killer * test: move more common test code to test-functions * test: upgrade to ext4 Other: * fix(nfs): do not execute logic in nfs hooks if netroot is not nfs (bsc#1253960) ++++ kernel-default: - cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026). - commit 652c9d1 ++++ kernel-rt: - cpuidle: menu: Use residency threshold in polling state override decisions (bsc#1255026). - commit 652c9d1 ------------------------------------------------------------------ ------------------ 2025-12-28 - Dec 28 2025 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20251217.34fd7bc: * add tmpfiles template adm-backup.conf (jsc#PED-14803) * Revert ec7f00fa60f11d28b427f2e224822a7b81825806 * Fix old script to support copy mode as well * Support for XDG environment variables for the su, * adapted sugggestions * Patching nsswitch.conf only if it has not been generated by nsswitch-config (JIRA-#PED-13807). * Avoid nasty exceptions running tput ++++ kernel-default: - supported.conf: Update path for ufs drivers As part of bsc#1253414 CVE-2025-40130, which updates the ufs driver, it was discovered that the pathnames in the supported module list had the old ufs driver pathnames, which was drivers/scsi/ufs. But the ufs drivers are now in drivers/ufs. Also, the ti-j721e-ufs modules is now in the "host" subdirectory. - commit 0d9f529 ++++ kernel-rt: - supported.conf: Update path for ufs drivers As part of bsc#1253414 CVE-2025-40130, which updates the ufs driver, it was discovered that the pathnames in the supported module list had the old ufs driver pathnames, which was drivers/scsi/ufs. But the ufs drivers are now in drivers/ufs. Also, the ti-j721e-ufs modules is now in the "host" subdirectory. - commit 0d9f529 ------------------------------------------------------------------ ------------------ 2025-12-23 - Dec 23 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - selftests/bpf: Test widen_imprecise_scalars() with different stack depth (CVE-2025-68208 bsc#1255227). - commit cbc44e7 - bpf: account for current allocated stack depth in widen_imprecise_scalars() (CVE-2025-68208 bsc#1255227). - commit ac93c78 - gfs2: Fix unlikely race in gdlm_put_lock (CVE-2025-40242 bsc#1255075). - commit d162d45 ++++ kernel-rt: - selftests/bpf: Test widen_imprecise_scalars() with different stack depth (CVE-2025-68208 bsc#1255227). - commit cbc44e7 - bpf: account for current allocated stack depth in widen_imprecise_scalars() (CVE-2025-68208 bsc#1255227). - commit ac93c78 - gfs2: Fix unlikely race in gdlm_put_lock (CVE-2025-40242 bsc#1255075). - commit d162d45 ------------------------------------------------------------------ ------------------ 2025-12-22 - Dec 22 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - netfilter: nft_ct: add seqadj extension for natted connections (CVE-2025-68206 bsc#1255142). - commit c2d456f - sctp: Prevent TOCTOU out-of-bounds write (CVE-2025-40331 bsc#1254615). - commit cd21b6d - net: bridge: fix use-after-free due to MST port state bypass (CVE-2025-40297 bsc#1255187). - commit 656c4a6 - bpf: Sync pending IRQ work before freeing ring buffer (CVE-2025-40319 bsc#1254794). - commit 0031a97 ++++ kernel-rt: - netfilter: nft_ct: add seqadj extension for natted connections (CVE-2025-68206 bsc#1255142). - commit c2d456f - sctp: Prevent TOCTOU out-of-bounds write (CVE-2025-40331 bsc#1254615). - commit cd21b6d - net: bridge: fix use-after-free due to MST port state bypass (CVE-2025-40297 bsc#1255187). - commit 656c4a6 - bpf: Sync pending IRQ work before freeing ring buffer (CVE-2025-40319 bsc#1254794). - commit 0031a97 ++++ udisks2: - (CVE-2025-8067) VUL-0: missing bounds check can lead to out-of-bounds read in udisks daemon (bsc#1248502) + add 0001-udiskslinuxmanager-Add-lower-bounds-check-to-fd_inde.patch - Fix dbus daemon requires, it's dbus-service, not dbus-1 ++++ podman: - Add patch for CVE-2025-47914 (bsc#1253993), CVE-2025-47913 (bsc#1253542): * 0006-CVE-2025-47913-CVE-2025-47914-ssh-agent-fixes.patch - Rebase patches: * 0001-CVE-2025-22869-ssh-limit-the-size-of-the-internal-pa.patch * 0002-Fix-Remove-appending-rw-as-the-default-mount-option.patch * 0003-CVE-2025-6032-machine-init-fix-tls-check.patch * 0004-CVE-2025-9566-kube-play-don-t-follow-volume-symlinks.patch * 0005-CVE-2025-52881-backport-subset-of-patch-from-runc.patch ------------------------------------------------------------------ ------------------ 2025-12-21 - Dec 21 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ocfs2: clear extent cache after moving/defragmenting extents (CVE-2025-40233 bsc#1254813). - commit 852b35f - net: use dst_dev_rcu() in sk_setup_caps() (CVE-2025-40170 bsc#1253413). - commit 2787f89 ++++ kernel-rt: - ocfs2: clear extent cache after moving/defragmenting extents (CVE-2025-40233 bsc#1254813). - commit 852b35f - net: use dst_dev_rcu() in sk_setup_caps() (CVE-2025-40170 bsc#1253413). - commit 2787f89 ------------------------------------------------------------------ ------------------ 2025-12-19 - Dec 19 2025 ------------------- ------------------------------------------------------------------ ++++ busybox: - Fix tar hidden files via escape sequence (CVE-2025-46394, bsc#1241661) * 0001-archival-libarchive-sanitize-filenames-on-output-pre.patch - Fix HTTP request header injection in wget (CVE-2025-60876, bsc#1253245) * wget-don-t-allow-control-characters-in-url.patch - Set CONFIG_FIRST_SYSTEM_ID to 201 to avoid confclict (bsc#1236670) - Fix unshare -mrpf sh core dump on ppc64le (bsc#1249237) * 0001-nsenter-unshare-don-t-use-xvfork_parent_waits_and_ex.patch ++++ kernel-default: - tipc: Fix use-after-free in tipc_mon_reinit_self() (CVE-2025-40280 bsc#1254847). - commit 1a4ecc3 - cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated (bsc#1255434). - bpf: Do not limit bpf_cgroup_from_id to current's namespace (bsc#1255433). - commit f9dd89c - virtio-net: fix received length check in big packets (bsc#1255175, CVE-2025-40292). - commit d9c33d8 - af_unix: Initialise scc_index in unix_add_edge() (CVE-2025-40214 bsc#1254961). - commit f4d0234 - net: atlantic: fix fragment overflow handling in RX path (CVE-2025-68301 bsc#1255120). - net: openvswitch: remove never-working support for setting nsh fields (CVE-2025-40254 bsc#1254852). - commit ca34a4d - vsock: Ignore signal/timeout on connect() if already established (CVE-2025-40248, bsc#1254864). - commit 8f55c39 - vsock: fix lock inversion in vsock_assign_transport() (CVE-2025-40231, bsc#1254815). - commit 1f7e22a - xen/events: Return -EEXIST for bound VIRQs (CVE-2025-40160, bsc#1253400). - commit 3883ce8 - xen/events: Cleanup find_virq() return codes (CVE-2025-40160, bsc#1253400). - commit 8f641eb ++++ kernel-rt: - tipc: Fix use-after-free in tipc_mon_reinit_self() (CVE-2025-40280 bsc#1254847). - commit 1a4ecc3 - cgroup: rstat: use LOCK CMPXCHG in css_rstat_updated (bsc#1255434). - bpf: Do not limit bpf_cgroup_from_id to current's namespace (bsc#1255433). - commit f9dd89c - virtio-net: fix received length check in big packets (bsc#1255175, CVE-2025-40292). - commit d9c33d8 - af_unix: Initialise scc_index in unix_add_edge() (CVE-2025-40214 bsc#1254961). - commit f4d0234 - net: atlantic: fix fragment overflow handling in RX path (CVE-2025-68301 bsc#1255120). - net: openvswitch: remove never-working support for setting nsh fields (CVE-2025-40254 bsc#1254852). - commit ca34a4d - vsock: Ignore signal/timeout on connect() if already established (CVE-2025-40248, bsc#1254864). - commit 8f55c39 - vsock: fix lock inversion in vsock_assign_transport() (CVE-2025-40231, bsc#1254815). - commit 1f7e22a - xen/events: Return -EEXIST for bound VIRQs (CVE-2025-40160, bsc#1253400). - commit 3883ce8 - xen/events: Cleanup find_virq() return codes (CVE-2025-40160, bsc#1253400). - commit 8f641eb ++++ systemd: - Add 0001-Drop-or-soften-some-upstream-warnings.patch (bsc#1228728) (bsc#1251981) For now it just drops the 'unmerged-bin' taint flag. ------------------------------------------------------------------ ------------------ 2025-12-18 - Dec 18 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - selftests: net: fib-onlink-tests: Set high metric for default IPv6 route (bsc#1255346). - selftests: net: use slowwait to make sure IPv6 setup finished (bsc#1255349). - selftests: net: use slowwait to stabilize vrf_route_leaking test (bsc#1255349). - commit 18154f6 - kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959 CVE-2025-40215). - commit 23f1b71 - be2net: pass wrb_params in case of OS2BMC (CVE-2025-40264 bsc#1254835). - net: phy: micrel: always set shared->phydev for LAN8814 (CVE-2025-40239 bsc#1254868). - commit 48a9709 ++++ kernel-rt: - selftests: net: fib-onlink-tests: Set high metric for default IPv6 route (bsc#1255346). - selftests: net: use slowwait to make sure IPv6 setup finished (bsc#1255349). - selftests: net: use slowwait to stabilize vrf_route_leaking test (bsc#1255349). - commit 18154f6 - kABI: xfrm: delete x->tunnel as we delete x (bsc#1254959 CVE-2025-40215). - commit 23f1b71 - be2net: pass wrb_params in case of OS2BMC (CVE-2025-40264 bsc#1254835). - net: phy: micrel: always set shared->phydev for LAN8814 (CVE-2025-40239 bsc#1254868). - commit 48a9709 ++++ samba: - Adjust README.SUSE to reflect the new preferred location for '[printers]' share; (bsc#1254665). ------------------------------------------------------------------ ------------------ 2025-12-17 - Dec 17 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/panthor: Flush shmem writes before mapping buffers CPU-uncached (CVE-2025-40276 bsc#1254824). - commit a018fa4 - mptcp: fix race condition in mptcp_schedule_work() (CVE-2025-40258 bsc#1254843). - commit 37cfb37 - netdevsim: print human readable IP address (bsc#1255071). - commit f4d9e1a - selftests/bpf: Skip timer cases when bpf_timer is not supported (git-fixes). - commit 52f69d8 - bpf: Reject bpf_timer for PREEMPT_RT (git-fixes). - commit 772432b - xfs: fix out of bounds memory read error in symlink repair (CVE-2025-40246 bsc#1254861). - commit 520885a - xfs: Replace strncpy with memcpy (git-fixes). - commit d262779 - KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (CVE-2025-40274, bsc#1254830). - commit bf3055c - btrfs: handle aligned EOF truncation correctly for subpage cases (bsc#1253238). - commit abcc81c ++++ kernel-rt: - drm/panthor: Flush shmem writes before mapping buffers CPU-uncached (CVE-2025-40276 bsc#1254824). - commit a018fa4 - mptcp: fix race condition in mptcp_schedule_work() (CVE-2025-40258 bsc#1254843). - commit 37cfb37 - netdevsim: print human readable IP address (bsc#1255071). - commit f4d9e1a - selftests/bpf: Skip timer cases when bpf_timer is not supported (git-fixes). - commit 52f69d8 - bpf: Reject bpf_timer for PREEMPT_RT (git-fixes). - commit 772432b - xfs: fix out of bounds memory read error in symlink repair (CVE-2025-40246 bsc#1254861). - commit 520885a - xfs: Replace strncpy with memcpy (git-fixes). - commit d262779 - KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying (CVE-2025-40274, bsc#1254830). - commit bf3055c - btrfs: handle aligned EOF truncation correctly for subpage cases (bsc#1253238). - commit abcc81c ++++ samba: - Fix Samba printers reporting invalid sid during print jobs; (bsc#1234210); (bsc#1254926); (bso#15792). ++++ man: - Extend tmpfiles template man-db.conf (jsc#PED-14862) * Create cache directories with systemd tmpfiles service ++++ selinux-policy: - Update to version 20250627+git343.b66ec7135: * Allow snapper_tu_etc_plugin_t to connect to machined varlink socket (bsc#1254889) ------------------------------------------------------------------ ------------------ 2025-12-16 - Dec 16 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - tick/sched: Limit non-timekeeper CPUs calling jiffies update (bsc#1254477). - commit 5c0d7c3 - futex: Prevent use-after-free during requeue-PI (CVE-2025-39977 bsc#1252046). - commit 584a8ca - xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added (CVE-2025-40215 bsc#1254959). - commit e9b2533 ++++ kernel-rt: - tick/sched: Limit non-timekeeper CPUs calling jiffies update (bsc#1254477). - commit 5c0d7c3 - futex: Prevent use-after-free during requeue-PI (CVE-2025-39977 bsc#1252046). - commit 584a8ca - xfrm: also call xfrm_state_delete_tunnel at destroy time for states that were never added (CVE-2025-40215 bsc#1254959). - commit e9b2533 ++++ systemd: - Import commit 5701fd5fb409da99b6627b86d7839553079a73ab 5701fd5fb4 timer: rebase last_trigger timestamp if needed 4e76e74d0d timer: rebase the next elapse timestamp only if timer didn't already run ++++ shim: - shim-install: Add ca_string for SL Micro to update fallback loader The fallback loader, /boot/efi/EFI/BOOT/bootaa64.efi or bootx64.efi, cannot be upgraded by shim-install on SL Micro. The issue case is SL Micro 6.0. It causes that system gets regression bug because it's fallback to a old shim. So this patch adds ca_string to SL Micro. (bsc#1254336) ------------------------------------------------------------------ ------------------ 2025-12-15 - Dec 15 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - xfrm: delete x->tunnel as we delete x (CVE-2025-40215 bsc#1254959). - commit 2fc5164 - net: call cond_resched() less often in __release_sock() (git-fixes). - commit 38a2c24 - bnxt_en: Shutdown FW DMA in bnxt_shutdown() (CVE-2025-40330 bsc#1254616). - commit b08b65b - Update patches.kabi/devlink_hide_adding_u64_to_devlink_param_types.patch (jsc#PED-12745). - Refresh patches.suse/devlink-Add-support-for-u64-parameters.patch. - Delete patches.suse/devlink-avoid-param-type-value-translations.patch. Fix kABI breakage, caused by adding U64 type to DEVLINK_PARAM_TYPE (bsc#1254363) - commit 4d0e363 ++++ kernel-rt: - xfrm: delete x->tunnel as we delete x (CVE-2025-40215 bsc#1254959). - commit 2fc5164 - net: call cond_resched() less often in __release_sock() (git-fixes). - commit 38a2c24 - bnxt_en: Shutdown FW DMA in bnxt_shutdown() (CVE-2025-40330 bsc#1254616). - commit b08b65b - Update patches.kabi/devlink_hide_adding_u64_to_devlink_param_types.patch (jsc#PED-12745). - Refresh patches.suse/devlink-Add-support-for-u64-parameters.patch. - Delete patches.suse/devlink-avoid-param-type-value-translations.patch. Fix kABI breakage, caused by adding U64 type to DEVLINK_PARAM_TYPE (bsc#1254363) - commit 4d0e363 ++++ python-tornado6: - Add security patches: * CVE-2025-67724.patch (bsc#1254903) * CVE-2025-67725.patch (bsc#1254905) * CVE-2025-67726.patch (bsc#1254904) ++++ shim: - Add DER format certificate files for the pretrans script to verify that the necessary certificate is in the UEFI db - openSUSE Secure Boot CA, 2013-2035 openSUSE_Secure_Boot_CA_2013.crt - SUSE Linux Enterprise Secure Boot CA, 2013-2035 SUSE_Linux_Enterprise_Secure_Boot_CA_2013.crt - Microsoft Corporation UEFI CA 2011, 2011-2026 Microsoft_Corporation_UEFI_CA_2011.crt - Microsoft UEFI CA 2023, 2023-2038 Microsoft_UEFI_CA_2023.crt - shim.spec: Add a pretrans script to verify that the necessary certificate is in the UEFI db. - Always put SUSE Linux Enterprise Secure Boot CA to target array. (bsc#1254679) ++++ suse-module-tools: - Update to version 16.0.64: * udev rules: write block queue attributes only if necessary (bsc#1254928) ------------------------------------------------------------------ ------------------ 2025-12-14 - Dec 14 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() (git-fixes). - args: fix documentation to reflect the correct numbers (git-fixes). - drm/mgag200: Fix big-endian support (git-fixes). - drm/tilcdc: Fix removal actions in case of failed probe (git-fixes). - drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes). - drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes). - drm/nouveau: refactor deprecated strcpy (git-fixes). - drm/plane: Fix IS_ERR() vs NULL check in drm_plane_create_hotspot_properties() (git-fixes). - drm/i915: Fix format string truncation warning (git-fixes). - drm/amdkfd: Use huge page size to check split svm range alignment (git-fixes). - rtc: gamecube: Check the return value of ioremap() (git-fixes). - commit 26c9258 ++++ kernel-rt: - irqchip/mchp-eic: Fix error code in mchp_eic_domain_alloc() (git-fixes). - args: fix documentation to reflect the correct numbers (git-fixes). - drm/mgag200: Fix big-endian support (git-fixes). - drm/tilcdc: Fix removal actions in case of failed probe (git-fixes). - drm/ttm: Avoid NULL pointer deref for evicted BOs (git-fixes). - drm: nouveau: Replace sprintf() with sysfs_emit() (git-fixes). - drm/nouveau: refactor deprecated strcpy (git-fixes). - drm/plane: Fix IS_ERR() vs NULL check in drm_plane_create_hotspot_properties() (git-fixes). - drm/i915: Fix format string truncation warning (git-fixes). - drm/amdkfd: Use huge page size to check split svm range alignment (git-fixes). - rtc: gamecube: Check the return value of ioremap() (git-fixes). - commit 26c9258 ------------------------------------------------------------------ ------------------ 2025-12-13 - Dec 13 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ASoC: codecs: wcd939x: fix OF node leaks on probe failure (git-fixes). - ASoC: codecs: wcd938x: fix OF node leaks on probe failure (git-fixes). - ASoC: ak5558: Disable regulator when error happens (git-fixes). - ASoC: ak4458: Disable regulator when error happens (git-fixes). - ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure() (git-fixes). - ALSA: firewire-motu: add bounds check in put_user loop for DSP events (git-fixes). - ALSA: uapi: Fix typo in asound.h comment (git-fixes). - ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (git-fixes). - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() (git-fixes). - staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing (stable-fixes). - staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (stable-fixes). - staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser (stable-fixes). - USB: serial: option: move Telit 0x10c7 composition in the right place (stable-fixes). - USB: serial: option: add Telit Cinterion FE910C04 new compositions (stable-fixes). - USB: serial: option: add Foxconn T99W760 (stable-fixes). - USB: serial: ftdi_sio: match on interface number for jtag (stable-fixes). - serial: add support of CPCI cards (stable-fixes). - wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1 (stable-fixes). - wifi: rtl8xxxu: Add USB ID 2001:3328 for D-Link AN3U rev. A1 (stable-fixes). - pinctrl: qcom: msm: Fix deadlock in pinmux configuration (stable-fixes). - samples: work around glibc redefining some of our defines wrong (stable-fixes). - platform/x86: acer-wmi: Ignore backlight event (stable-fixes). - platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list (stable-fixes). - platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally (stable-fixes). - platform/x86: huawei-wmi: add keys for HONOR models (stable-fixes). - HID: elecom: Add support for ELECOM M-XT3URBK (018F) (stable-fixes). - HID: hid-input: Extend Elan ignore battery quirk to USB (stable-fixes). - HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list (stable-fixes). - drm/vmwgfx: Use kref in vmw_bo_dirty (stable-fixes). - drm/amdkfd: Fix GPU mappings for APU after prefetch (stable-fixes). - spi: xilinx: increase number of retries before declaring stall (stable-fixes). - spi: imx: keep dma request disabled before dma transfer setup (stable-fixes). - ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series (stable-fixes). - Bluetooth: btrtl: Avoid loading the config file on security chips (stable-fixes). - commit 5d984a6 ++++ kernel-rt: - ASoC: codecs: wcd939x: fix OF node leaks on probe failure (git-fixes). - ASoC: codecs: wcd938x: fix OF node leaks on probe failure (git-fixes). - ASoC: ak5558: Disable regulator when error happens (git-fixes). - ASoC: ak4458: Disable regulator when error happens (git-fixes). - ASoC: bcm: bcm63xx-pcm-whistler: Check return value of of_dma_configure() (git-fixes). - ALSA: firewire-motu: add bounds check in put_user loop for DSP events (git-fixes). - ALSA: uapi: Fix typo in asound.h comment (git-fixes). - ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events (git-fixes). - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_hda_read_acpi() (git-fixes). - staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing (stable-fixes). - staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing (stable-fixes). - staging: rtl8723bs: fix out-of-bounds read in rtw_get_ie() parser (stable-fixes). - USB: serial: option: move Telit 0x10c7 composition in the right place (stable-fixes). - USB: serial: option: add Telit Cinterion FE910C04 new compositions (stable-fixes). - USB: serial: option: add Foxconn T99W760 (stable-fixes). - USB: serial: ftdi_sio: match on interface number for jtag (stable-fixes). - serial: add support of CPCI cards (stable-fixes). - wifi: rtw88: Add USB ID 2001:3329 for D-Link AC13U rev. A1 (stable-fixes). - wifi: rtl8xxxu: Add USB ID 2001:3328 for D-Link AN3U rev. A1 (stable-fixes). - pinctrl: qcom: msm: Fix deadlock in pinmux configuration (stable-fixes). - samples: work around glibc redefining some of our defines wrong (stable-fixes). - platform/x86: acer-wmi: Ignore backlight event (stable-fixes). - platform/x86/amd: pmc: Add Lenovo Legion Go 2 to pmc quirk list (stable-fixes). - platform/x86/amd/pmc: Add spurious_8042 to Xbox Ally (stable-fixes). - platform/x86: huawei-wmi: add keys for HONOR models (stable-fixes). - HID: elecom: Add support for ELECOM M-XT3URBK (018F) (stable-fixes). - HID: hid-input: Extend Elan ignore battery quirk to USB (stable-fixes). - HID: apple: Add SONiX AK870 PRO to non_apple_keyboards quirk list (stable-fixes). - drm/vmwgfx: Use kref in vmw_bo_dirty (stable-fixes). - drm/amdkfd: Fix GPU mappings for APU after prefetch (stable-fixes). - spi: xilinx: increase number of retries before declaring stall (stable-fixes). - spi: imx: keep dma request disabled before dma transfer setup (stable-fixes). - ALSA: usb-audio: Add native DSD quirks for PureAudio DAC series (stable-fixes). - Bluetooth: btrtl: Avoid loading the config file on security chips (stable-fixes). - commit 5d984a6 ++++ qemu: - Update to version 10.0.7 Full backport list: https://lore.kernel.org/qemu-devel/1765037524.347582.2700543.nullmailer@tls.msk.ru/ Fixes: bsc#1253002 (CVE-2025-12464) bsc#1250984 (CVE-2025-11234) A selection of them is reported here below: kvm: Fix kvm_vm_ioctl() and kvm_device_ioctl() return value docs/devel: Update URL for make-pullreq script target/arm: Fix assert on BRA. hw/aspeed/{xdma, rtc, sdhci}: Fix endianness to DEVICE_LITTLE_ENDIAN hw/core/machine: Provide a description for aux-ram-share property hw/pci: Make msix_init take a uint32_t for nentries block/io_uring: avoid potentially getting stuck after resubmit at the end of ioq_submit() block-backend: Fix race when resuming queued requests ui/vnc: Fix qemu abort when query vnc info chardev/char-pty: Do not ignore chr_write() failures hw/display/exynos4210_fimd: Account for zero length in fimd_update_memory_section() hw/arm/armv7m: Disable reentrancy guard for v7m_sysreg_ns_ops MRs hw/arm/aspeed: Fix missing SPI IRQ connection causing DMA interrupt failure migration: Fix transition to COLO state from precopy - Other updates and bugfixes: * [openSUSE][RPM} spec: delete old specfile constructs * [openSUSE][RPM]: really fix *-virtio-gpu-pci dependency on ARM (bsc#1254286) * [openSUSE][RPM] spec: make glusterfs support conditional (bsc#1254494) ------------------------------------------------------------------ ------------------ 2025-12-12 - Dec 12 2025 ------------------- ------------------------------------------------------------------ ++++ openldap2_6: - jsc#PED-13833 - Add limited support for libldap-2.4 library compatibility ++++ selinux-policy: - Update to version 20250627+git341.4beeb2d65: * Allow virtlogd_t dac_override (bsc#1253389) * Introduce systemd_cryptsetup_generator_var_run_t file type (bsc#1244459) * Allow virtqemud_t to read/write device_t (bsc#1251789) * update support for polkit agent helper (bsc#1251931) * Allow system_mail_t read apache system content conditionally * Allow login_userdomain read lastlog * Allow sshd-net read and write to sshd vsock socket * Update ktls policy * Add comprehensive SELinux policy module for bwrap thumbnail generation * Revert "Allow thumb_t create permission in the user namespace" * Allow systemd-machined read svirt process state * Allow sshd_auth_t getopt/setopt on tcp_socket (bsc#1252992) * Allow sysadm access to TPM * Allow tlp get the attributes of the pidfs filesystem * Allow kmscon to read netlink_kobject_uevent_socket * Allow systemd-ssh-issue read kernel sysctls * fix: bz2279215 Allow speech-dispatcher access to user home/cache files * Allow create kerberos files in postgresql db home * Fix files_delete_boot_symlinks() to contain delete_lnk_files_pattern * Allow shell comamnds in locate systemd service (bsc#1246559) * Introduce initrc_nnp_daemon_domain interface * Label /var/lib/cosmic-greeter with xdm_var_lib_t * Allow setroubleshoot-fixit get attributes of xattr fs * Allow insights-client manage /etc symlinks * Allow insights-client get attributes of the rpm executable * Allow nfsidmapd search virt lib directories * Allow iotop stream connect to systemd-userdbd * Allow snapper_sdbootutil_plugin_t manage unlabeled_t files,dirs,symlinks (bsc#1252993) * Allow gnome-remote-desktop read sssd public files * Allow thumb_t stream connect to systemd-userdbd * Add auth_nnp_domtrans_chkpwd() * Allow sshd_auth_t getopt/setopt on tcp_socket (bsc#1252992) * Allow bluez dbus API passing unix domain sockets * Allow bluez dbus api pass sockets over dbus * Dontaudit systemd-generator connect to sssd over a unix stream socket * Allow init watch/watch_reads systemd-machined user ptys * Introduce sap_service_transition_to_unconfined_user boolean * allow init to read sap symlinks * Allow SAP domain to relocation text in all files - Switch internal tracking branch to slfo-1.2, we will start backporting from now on ++++ shim: - Update to 16.1 - RPMs shim-16.1-150300.4.31.1.x86_64.rpm shim-debuginfo-16.1-150300.4.31.1.x86_64.rpm shim-debugsource-16.1-150300.4.31.1.x86_64.rpm shim-16.1-150300.4.31.1.aarch64.rpm shim-debuginfo-16.1-150300.4.31.1.aarch64.rpm shim-debugsource-16.1-150300.4.31.1.aarch64.rpm - submitreq: https://build.suse.de/request/show/395247 - repo: https://build.suse.de/package/show/SUSE:Maintenance:39913/shim.SUSE_SLE-15-SP3_Update - Patches (git log --oneline --reverse 16.0..16.1) 4040ec4 shim_start_image(): fix guid/handle pairing when uninstalling protocols 39c0aa1 str2ip6(): parsing of "uncompressed" ipv6 addresses 3133d19 test-mock-variables: make our filter list entries safer. d44405e mock-variables: remove unused variable 0e8459f Update CI to use ubuntu-24.04 instead of ubuntu-20.04 d16a5a6 SbatLevel_Variable.txt: minor typo fix. 32804cf Realloc() needs one more byte for sprintf() 431d370 IPv6: Add more check to avoid multiple double colon and illegal char 5e4d93c Loader Proto: make freeing of bprop.buffer conditional. 33deac2 Prepare to move things from shim.c to verify.c 030e7df Move a bunch of stuff from shim.c to verify.c f3ddda7 handle_image(): make verification conditional 774f226 Cache sections of a loaded image and sub-images from them. eb0d20b loader-protocol: handle sub-section loading for UKIs 2f64bb9 loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages 1abc7ca loader-protocol: NULL output variable in load_image on failure fb77b44 Generate Authenticode for the entire PE file b86b909 README: mention new loader protocol and interaction with UKIs 8522612 ci: add mkosi configuration and CI 9ebab84 mkosi workflow: fix the branch name for main. 72a4c41 shim: change automatically enable MOK_POLICY_REQUIRE_NX a2f0dfa This is an organizational patch to move some things around in mok.c 54b9946 Update to the shim-16.1 branch of gnu-efi to get AsciiSPrint() a5a6922 get_max_var_sz(): add more debugging for apple platforms 77a2922 Add a "VariableInfo" variable to mok-variables. efc71c9 build: Avoid passing *FLAGS to sub-make 7670932 Fixes for 'make TOPDIR=... clean' 13ab598 add SbatLevel entry 2025051000 for PSA-2025-00012-1 617aed5 Update version to 16.1~rc1 d316ba8 format_variable_info(): fix wrong size test. f5fad0e _do_sha256_sum(): Fix missing error check. 3a9734d doc: add howto for running mkosi locally ced5f71 mkosi: remove spurious slashes from script 0076155 ci: update mkosi commit 5481105 fix http boot 121cddf loader-protocol: Handle UnloadImage after StartImage properly 6a1d1a9 loader-protocol: Fix memory leaks 27a5d22 gitignore: add more mkosi dirs and vscode dir 346ed15 mkosi: disable repository key check on Fedora afc4955 Update version to 16.1 - 16.1 release note https://github.com/rhboot/shim/releases shim_start_image(): fix guid/handle pairing when uninstalling protocols by @vathpela in #738 Fix uncompressed ipv6 netboot by @hrvach in #742 fix test segfaults caused by uninitialized memory by @Fabian-Gruenbichler in #739 Update CI to use ubuntu-24.04 instead of ubuntu-20.04 by @vathpela in #749 SbatLevel_Variable.txt: minor typo fix. by @vathpela in #751 Realloc() needs to allocate one more byte for sprintf() by @dennis-tseng99 in #746 IPv6: Add more check to avoid multiple double colon and illegal char by @dennis-tseng99 in #753 Loader proto v2 by @vathpela in #748 loader-protocol: add workaround for EDK2 2025.02 page fault on FreePages by @bluca in #750 Generate Authenticode for the entire PE file by @esnowberg in #604 README: mention new loader protocol and interaction with UKIs by @bluca in #755 ci: add mkosi configuration and CI by @bluca in #764 shim: change automatically enable MOK_POLICY_REQUIRE_NX by @vathpela in #761 Save var info by @vathpela in #763 build: Avoid passing *FLAGS to sub-make by @rosslagerwall in #758 Fixes for 'make TOPDIR=... clean' by @bluca in #762 add SbatLevel entry 2025051000 for PSA-2025-00012-1 by @Fabian-Gruenbichler in #766 Coverity fixes 20250804 by @vathpela in #767 ci: fixlets and docs for mkosi workflow by @bluca in #768 fix http boot by @jsetje in #770 Fix double free and leak in the loader protocol by @rosslagerwall in #769 gitignore: add more mkosi dirs and vscode dir by @bluca in #771 - Drop upstreamed patch: The following patches are merged to 16.1 - shim-alloc-one-more-byte-for-sprintf.patch - 32804cf5d9 Realloc() needs one more byte for sprintf() [16.1] - shim-change-automatically-enable-MOK_POLICY_REQUIRE_NX.patch (bsc#1205588) - 72a4c41877 shim: change automatically enable MOK_POLICY_REQUIRE_NX [16.1] - Building MokManager.efi and fallback.efi with POST_PROCESS_PE_FLAGS=-n (bsc#1205588) - Building with the latest version of gcc in the codebase: - The gcc13 can workaround dxe_get_mem_attrs() hsi_status problem - We prefer that building shim with the latest version of gcc in codebase. - Set the minimum version is gcc-13. (bsc#1247432) - SLE shim should includes vendor-dbx-sles.esl instead of vendor-dbx-opensuse.esl. Fixed it in shim.spec. ++++ supportutils: - Changes to version 3.2.12 + Optimized lsof usage and honors OPTION_OFILES (bsc#1232351, PR#274) + Run in containers without errors (bsc#1245667, PR#272) + Removed pmap PID from memory.txt (bsc#1246011, PR#263) + Added missing /proc/pagetypeinfo to memory.txt (bsc#1246025, PR#264) + Improved database perforce with kGraft patching (bsc#1249657, PR#273) + Using last boot for journalctl for optimization (bsc#1250224, PR#287) + Fixed extraction failures (bsc#1252318, PR#275) + Update supportconfig.conf path in docs (bsc#1254425, PR#281) + drm_sub_info: Catch error when dir doesn't exist (PR#265) + Replace remaining `egrep` with `grep -E` (PR#261, PR#266) + Add process affinity to slert logs (PR#269) + Reintroduce cgroup statistics (and v2) (PR#270) + Minor changes to basic-health-check: improve information level (PR#271) + Collect important machine health counters (PR#276) + powerpc: collect hot-pluggable PCI and PHB slots (PR#278) + podman: collect podman disk usage (PR#279) + Exclude binary files in crondir (PR#282) + kexec/kdump: collect everything under /sys/kernel/kexec dir (PR#284) + Use short-iso for journalctl (PR#288) ------------------------------------------------------------------ ------------------ 2025-12-11 - Dec 11 2025 ------------------- ------------------------------------------------------------------ ++++ glib2: - Add CVE fixes: + glib2-CVE-2025-13601-1.patch, glib2-CVE-2025-13601-2.patch (bsc#1254297 CVE-2025-13601 glgo#GNOME/glib#3827). + glib2-CVE-2025-14087-1.patch, glib2-CVE-2025-14087-2.patch, glib2-CVE-2025-14087-3.patch (bsc#1254662 CVE-2025-14087 glgo#GNOME/glib#3834). + glib2-CVE-2025-14512.patch (bsc#1254878 CVE-2025-14512 glgo#GNOME/glib#3845). ++++ kernel-default: - ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458 CVE-2025-40167). - commit 605db4d - ext4: align max orphan file size with e2fsprogs limit (bsc#1253442 CVE-2025-40179). - commit 26fd0f5 - ext4: free orphan info with kvfree (bsc#1253442 CVE-2025-40179). - commit 610e2f7 - ext4: verify orphan file size is not too big (bsc#1253442 CVE-2025-40179). - commit ab947ea - config.conf: add kernel-azure as additonal flavor The content is based on commit 55ebf5f2a4b and de2b7669cdd. This makes kernel-source-azure and kernel-syms-azure obsolete. - commit 8ce1bdd - kABI workaround for HCI_LE_ADV_0 addition (git-fixes). - commit 10199fc - regulator: fixed: Rely on the core freeing the enable GPIO (git-fixes). - commit 5011006 ++++ kernel-rt: - ext4: detect invalid INLINE_DATA + EXTENTS flag combination (bsc#1253458 CVE-2025-40167). - commit 605db4d - ext4: align max orphan file size with e2fsprogs limit (bsc#1253442 CVE-2025-40179). - commit 26fd0f5 - ext4: free orphan info with kvfree (bsc#1253442 CVE-2025-40179). - commit 610e2f7 - ext4: verify orphan file size is not too big (bsc#1253442 CVE-2025-40179). - commit ab947ea - config.conf: add kernel-azure as additonal flavor The content is based on commit 55ebf5f2a4b and de2b7669cdd. This makes kernel-source-azure and kernel-syms-azure obsolete. - commit 8ce1bdd - kABI workaround for HCI_LE_ADV_0 addition (git-fixes). - commit 10199fc - regulator: fixed: Rely on the core freeing the enable GPIO (git-fixes). - commit 5011006 ++++ python313-core: - Update to 3.13.11: - gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing (CVE-2025-12084, bsc#1254997). - gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (bsc#1254400, CVE-2025-13836). - gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes. - Library - gh-140797: Revert changes to the undocumented re.Scanner class. Capturing groups are still allowed for backward compatibility, although using them can lead to incorrect result. They will be forbidden in future Python versions. - gh-142206: The resource tracker in the multiprocessing module now uses the original communication protocol, as in Python 3.14.0 and below, by default. This avoids issues with upgrading Python while it is running. (Note that such ‘in-place’ upgrades are not tested.) The tracker remains compatible with subprocesses that use new protocol (that is, subprocesses using Python 3.13.10, 3.14.1 and 3.15). - Core and Builtins - gh-142218: Fix crash when inserting into a split table dictionary with a non str key that matches an existing key. - Update to 3.13.10: - Tools/Demos - gh-141442: The iOS testbed now correctly handles test arguments that contain spaces. - Tests - gh-140482: Preserve and restore the state of stty echo as part of the test environment. - gh-140082: Update python -m test to set FORCE_COLOR=1 when being run with color enabled so that unittest which is run by it with redirected output will output in color. - gh-136442: Use exitcode 1 instead of 5 if unittest.TestCase.setUpClass() raises an exception - Security - gh-139700: Check consistency of the zip64 end of central directory record. Support records with “zip64 extensible data” if there are no bytes prepended to the ZIP file. (CVE-2025-8291, bsc#1251305) - gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser. - gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran. - gh-136065: Fix quadratic complexity in os.path.expandvars() (CVE-2025-6075, bsc#1252974). - gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (CVE-2025-13837, bsc#1254401). - Library - gh-74389: When the stdin being used by a subprocess.Popen instance is closed, this is now ignored in subprocess.Popen.communicate() instead of leaving the class in an inconsistent state. - gh-87512: Fix subprocess.Popen.communicate() timeout handling on Windows when writing large input. Previously, the timeout was ignored during stdin writing, causing the method to block indefinitely if the child process did not consume input quickly. The stdin write is now performed in a background thread, allowing the timeout to be properly enforced. - gh-141473: When subprocess.Popen.communicate() was called with input and a timeout and is called for a second time after a TimeoutExpired exception before the process has died, it should no longer hang. - gh-59000: Fix pdb breakpoint resolution for class methods when the module defining the class is not imported. - gh-141570: Support file-like object raising OSError from fileno() in color detection (_colorize.can_colorize()). This can occur when sys.stdout is redirected. - gh-141659: Fix bad file descriptor errors from _posixsubprocess on AIX. - gh-141497: ipaddress: ensure that the methods IPv4Network.hosts() and IPv6Network.hosts() always return an iterator. - gh-140938: The statistics.stdev() and statistics.pstdev() functions now raise a ValueError when the input contains an infinity or a NaN. - gh-124111: Updated Tcl threading configuration in _tkinter to assume that threads are always available in Tcl 9 and later. - gh-137109: The os.fork and related forking APIs will no longer warn in the common case where Linux or macOS platform APIs return the number of threads in a process and find the answer to be 1 even when a os.register_at_fork() after_in_parent= callback (re)starts a thread. - gh-141314: Fix assertion failure in io.TextIOWrapper.tell() when reading files with standalone carriage return (\r) line endings. - gh-141311: Fix assertion failure in io.BytesIO.readinto() and undefined behavior arising when read position is above capcity in io.BytesIO. - gh-141141: Fix a thread safety issue with base64.b85decode(). Contributed by Benel Tayar. - gh-140911: collections: Ensure that the methods UserString.rindex() and UserString.index() accept collections.UserString instances as the sub argument. - gh-140797: The undocumented re.Scanner class now forbids regular expressions containing capturing groups in its lexicon patterns. Patterns using capturing groups could previously lead to crashes with segmentation fault. Use non-capturing groups (?:…) instead. - gh-140815: faulthandler now detects if a frame or a code object is invalid or freed. Patch by Victor Stinner. - gh-100218: Correctly set errno when socket.if_nametoindex() or socket.if_indextoname() raise an OSError. Patch by Bénédikt Tran. - gh-140875: Fix handling of unclosed character references (named and numerical) followed by the end of file in html.parser.HTMLParser with convert_charrefs=False. - gh-140734: multiprocessing: fix off-by-one error when checking the length of a temporary socket file path. Patch by Bénédikt Tran. - gh-140874: Bump the version of pip bundled in ensurepip to version 25.3 - gh-140691: In urllib.request, when opening a FTP URL fails because a data connection cannot be made, the control connection’s socket is now closed to avoid a ResourceWarning. - gh-103847: Fix hang when cancelling process created by asyncio.create_subprocess_exec() or asyncio.create_subprocess_shell(). Patch by Kumar Aditya. - gh-140590: Fix arguments checking for the functools.partial.__setstate__() that may lead to internal state corruption and crash. Patch by Sergey Miryanov. - gh-140634: Fix a reference counting bug in os.sched_param.__reduce__(). - gh-140633: Ignore AttributeError when setting a module’s __file__ attribute when loading an extension module packaged as Apple Framework. - gh-140593: xml.parsers.expat: Fix a memory leak that could affect users with ElementDeclHandler() set to a custom element declaration handler. Patch by Sebastian Pipping. - gh-140607: Inside io.RawIOBase.read(), validate that the count of bytes returned by io.RawIOBase.readinto() is valid (inside the provided buffer). - gh-138162: Fix logging.LoggerAdapter with merge_extra=True and without the extra argument. - gh-140474: Fix memory leak in array.array when creating arrays from an empty str and the u type code. - gh-140272: Fix memory leak in the clear() method of the dbm.gnu database. - gh-140041: Fix import of ctypes on Android and Cygwin when ABI flags are present. - gh-139905: Add suggestion to error message for typing.Generic subclasses when cls.__parameters__ is missing due to a parent class failing to call super().__init_subclass__() in its __init_subclass__. - gh-139845: Fix to not print KeyboardInterrupt twice in default asyncio REPL. - gh-139783: Fix inspect.getsourcelines() for the case when a decorator is followed by a comment or an empty line. - gh-70765: http.server: fix default handling of HTTP/0.9 requests in BaseHTTPRequestHandler. Previously, BaseHTTPRequestHandler.parse_request() incorrectly waited for headers in the request although those are not supported in HTTP/0.9. Patch by Bénédikt Tran. - gh-139391: Fix an issue when, on non-Windows platforms, it was not possible to gracefully exit a python -m asyncio process suspended by Ctrl+Z and later resumed by fg other than with kill. - gh-101828: Fix 'shift_jisx0213', 'shift_jis_2004', 'euc_jisx0213' and 'euc_jis_2004' codecs truncating null chars as they were treated as part of multi-character sequences. - gh-139246: fix: paste zero-width in default repl width is wrong. - gh-90949: Add SetAllocTrackerActivationThreshold() and SetAllocTrackerMaximumAmplification() to xmlparser objects to prevent use of disproportional amounts of dynamic memory from within an Expat parser. Patch by Bénédikt Tran. - gh-139065: Fix trailing space before a wrapped long word if the line length is exactly width in textwrap. - gh-138993: Dedent credits text. - gh-138859: Fix generic type parameterization raising a TypeError when omitting a ParamSpec that has a default which is not a list of types. - gh-138775: Use of python -m with base64 has been fixed to detect input from a terminal so that it properly notices EOF. - gh-98896: Fix a failure in multiprocessing resource_tracker when SharedMemory names contain colons. Patch by Rani Pinchuk. - gh-75989: tarfile.TarFile.extractall() and tarfile.TarFile.extract() now overwrite symlinks when extracting hardlinks. (Contributed by Alexander Enrique Urieles Nieto in gh-75989.) - gh-83424: Allows creating a ctypes.CDLL without name when passing a handle as an argument. - gh-136234: Fix asyncio.WriteTransport.writelines() to be robust to connection failure, by using the same behavior as write(). - gh-136057: Fixed the bug in pdb and bdb where next and step can’t go over the line if a loop exists in the line. - gh-135307: email: Fix exception in set_content() when encoding text and max_line_length is set to 0 or None (unlimited). - gh-134453: Fixed subprocess.Popen.communicate() input= handling of memoryview instances that were non-byte shaped on POSIX platforms. Those are now properly cast to a byte shaped view instead of truncating the input. Windows platforms did not have this bug. - gh-102431: Clarify constraints for “logical” arguments in methods of decimal.Context. - IDLE - gh-96491: Deduplicate version number in IDLE shell title bar after saving to a file. - Documentation - gh-141994: xml.sax.handler: Make Documentation of xml.sax.handler.feature_external_ges warn of opening up to external entity attacks. Patch by Sebastian Pipping. - gh-140578: Remove outdated sencence in the documentation for multiprocessing, that implied that concurrent.futures.ThreadPoolExecutor did not exist. - Core and Builtins - gh-142048: Fix quadratically increasing garbage collection delays in free-threaded build. - gh-141930: When importing a module, use Python’s regular file object to ensure that writes to .pyc files are complete or an appropriate error is raised. - gh-120158: Fix inconsistent state when enabling or disabling monitoring events too many times. - gh-141579: Fix sys.activate_stack_trampoline() to properly support the perf_jit backend. Patch by Pablo Galindo. - gh-141312: Fix the assertion failure in the __setstate__ method of the range iterator when a non-integer argument is passed. Patch by Sergey Miryanov. - gh-140939: Fix memory leak when bytearray or bytes is formated with the %*b format with a large width that results in %a MemoryError. - gh-140530: Fix a reference leak when raise exc from cause fails. Patch by Bénédikt Tran. - gh-140576: Fixed crash in tokenize.generate_tokens() in case of specific incorrect input. Patch by Mikhail Efimov. - gh-140551: Fixed crash in dict if dict.clear() is called at the lookup stage. Patch by Mikhail Efimov and Inada Naoki. - gh-140471: Fix potential buffer overflow in ast.AST node initialization when encountering malformed _fields containing non-str. - gh-140406: Fix memory leak when an object’s __hash__() method returns an object that isn’t an int. - gh-140306: Fix memory leaks in cross-interpreter channel operations and shared namespace handling. - gh-140301: Fix memory leak of PyConfig in subinterpreters. - gh-140000: Fix potential memory leak when a reference cycle exists between an instance of typing.TypeAliasType, typing.TypeVar, typing.ParamSpec, or typing.TypeVarTuple and its __name__ attribute. Patch by Mikhail Efimov. - gh-139748: Fix reference leaks in error branches of functions accepting path strings or bytes such as compile() and os.system(). Patch by Bénédikt Tran. - gh-139516: Fix lambda colon erroneously start format spec in f-string in tokenizer. - gh-139640: Fix swallowing some syntax warnings in different modules if they accidentally have the same message and are emitted from the same line. Fix duplicated warnings in the finally block. - gh-137400: Fix a crash in the free threading build when disabling profiling or tracing across all threads with PyEval_SetProfileAllThreads() or PyEval_SetTraceAllThreads() or their Python equivalents threading.settrace_all_threads() and threading.setprofile_all_threads(). - gh-133400: Fixed Ctrl+D (^D) behavior in _pyrepl module to match old pre-3.13 REPL behavior. - C API - gh-140042: Removed the sqlite3_shutdown call that could cause closing connections for sqlite when used with multiple sub interpreters. - gh-140487: Fix Py_RETURN_NOTIMPLEMENTED in limited C API 3.11 and older: don’t treat Py_NotImplemented as immortal. Patch by Victor Stinner. - Remove upstreamed patches: - CVE-2025-13836-http-resp-cont-len.patch - CVE-2025-8291-consistency-zip64.patch - CVE-2025-6075-expandvars-perf-degrad.patch ++++ nvidia-open-driver-G06-signed: - readded kernel-6.18.patch still needed for cuda driver version 580.105.08 - update non-CUDA variant to version 580.119.02 (boo#1254801) ++++ python313: - Update to 3.13.11: - gh-142145: Remove quadratic behavior in xml.minidom node ID cache clearing (CVE-2025-12084, bsc#1254997). - gh-119451: Fix a potential memory denial of service in the http.client module. When connecting to a malicious server, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (bsc#1254400, CVE-2025-13836). - gh-119452: Fix a potential memory denial of service in the http.server module. When a malicious user is connected to the CGI server on Windows, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes. - Library - gh-140797: Revert changes to the undocumented re.Scanner class. Capturing groups are still allowed for backward compatibility, although using them can lead to incorrect result. They will be forbidden in future Python versions. - gh-142206: The resource tracker in the multiprocessing module now uses the original communication protocol, as in Python 3.14.0 and below, by default. This avoids issues with upgrading Python while it is running. (Note that such ‘in-place’ upgrades are not tested.) The tracker remains compatible with subprocesses that use new protocol (that is, subprocesses using Python 3.13.10, 3.14.1 and 3.15). - Core and Builtins - gh-142218: Fix crash when inserting into a split table dictionary with a non str key that matches an existing key. - Update to 3.13.10: - Tools/Demos - gh-141442: The iOS testbed now correctly handles test arguments that contain spaces. - Tests - gh-140482: Preserve and restore the state of stty echo as part of the test environment. - gh-140082: Update python -m test to set FORCE_COLOR=1 when being run with color enabled so that unittest which is run by it with redirected output will output in color. - gh-136442: Use exitcode 1 instead of 5 if unittest.TestCase.setUpClass() raises an exception - Security - gh-139700: Check consistency of the zip64 end of central directory record. Support records with “zip64 extensible data” if there are no bytes prepended to the ZIP file. (CVE-2025-8291, bsc#1251305) - gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser. - gh-136063: email.message: ensure linear complexity for legacy HTTP parameters parsing. Patch by Bénédikt Tran. - gh-136065: Fix quadratic complexity in os.path.expandvars() (CVE-2025-6075, bsc#1252974). - gh-119342: Fix a potential memory denial of service in the plistlib module. When reading a Plist file received from untrusted source, it could cause an arbitrary amount of memory to be allocated. This could have led to symptoms including a MemoryError, swapping, out of memory (OOM) killed processes or containers, or even system crashes (CVE-2025-13837, bsc#1254401). - Library - gh-74389: When the stdin being used by a subprocess.Popen instance is closed, this is now ignored in subprocess.Popen.communicate() instead of leaving the class in an inconsistent state. - gh-87512: Fix subprocess.Popen.communicate() timeout handling on Windows when writing large input. Previously, the timeout was ignored during stdin writing, causing the method to block indefinitely if the child process did not consume input quickly. The stdin write is now performed in a background thread, allowing the timeout to be properly enforced. - gh-141473: When subprocess.Popen.communicate() was called with input and a timeout and is called for a second time after a TimeoutExpired exception before the process has died, it should no longer hang. - gh-59000: Fix pdb breakpoint resolution for class methods when the module defining the class is not imported. - gh-141570: Support file-like object raising OSError from fileno() in color detection (_colorize.can_colorize()). This can occur when sys.stdout is redirected. - gh-141659: Fix bad file descriptor errors from _posixsubprocess on AIX. - gh-141497: ipaddress: ensure that the methods IPv4Network.hosts() and IPv6Network.hosts() always return an iterator. - gh-140938: The statistics.stdev() and statistics.pstdev() functions now raise a ValueError when the input contains an infinity or a NaN. - gh-124111: Updated Tcl threading configuration in _tkinter to assume that threads are always available in Tcl 9 and later. - gh-137109: The os.fork and related forking APIs will no longer warn in the common case where Linux or macOS platform APIs return the number of threads in a process and find the answer to be 1 even when a os.register_at_fork() after_in_parent= callback (re)starts a thread. - gh-141314: Fix assertion failure in io.TextIOWrapper.tell() when reading files with standalone carriage return (\r) line endings. - gh-141311: Fix assertion failure in io.BytesIO.readinto() and undefined behavior arising when read position is above capcity in io.BytesIO. - gh-141141: Fix a thread safety issue with base64.b85decode(). Contributed by Benel Tayar. - gh-140911: collections: Ensure that the methods UserString.rindex() and UserString.index() accept collections.UserString instances as the sub argument. - gh-140797: The undocumented re.Scanner class now forbids regular expressions containing capturing groups in its lexicon patterns. Patterns using capturing groups could previously lead to crashes with segmentation fault. Use non-capturing groups (?:…) instead. - gh-140815: faulthandler now detects if a frame or a code object is invalid or freed. Patch by Victor Stinner. - gh-100218: Correctly set errno when socket.if_nametoindex() or socket.if_indextoname() raise an OSError. Patch by Bénédikt Tran. - gh-140875: Fix handling of unclosed character references (named and numerical) followed by the end of file in html.parser.HTMLParser with convert_charrefs=False. - gh-140734: multiprocessing: fix off-by-one error when checking the length of a temporary socket file path. Patch by Bénédikt Tran. - gh-140874: Bump the version of pip bundled in ensurepip to version 25.3 - gh-140691: In urllib.request, when opening a FTP URL fails because a data connection cannot be made, the control connection’s socket is now closed to avoid a ResourceWarning. - gh-103847: Fix hang when cancelling process created by asyncio.create_subprocess_exec() or asyncio.create_subprocess_shell(). Patch by Kumar Aditya. - gh-140590: Fix arguments checking for the functools.partial.__setstate__() that may lead to internal state corruption and crash. Patch by Sergey Miryanov. - gh-140634: Fix a reference counting bug in os.sched_param.__reduce__(). - gh-140633: Ignore AttributeError when setting a module’s __file__ attribute when loading an extension module packaged as Apple Framework. - gh-140593: xml.parsers.expat: Fix a memory leak that could affect users with ElementDeclHandler() set to a custom element declaration handler. Patch by Sebastian Pipping. - gh-140607: Inside io.RawIOBase.read(), validate that the count of bytes returned by io.RawIOBase.readinto() is valid (inside the provided buffer). - gh-138162: Fix logging.LoggerAdapter with merge_extra=True and without the extra argument. - gh-140474: Fix memory leak in array.array when creating arrays from an empty str and the u type code. - gh-140272: Fix memory leak in the clear() method of the dbm.gnu database. - gh-140041: Fix import of ctypes on Android and Cygwin when ABI flags are present. - gh-139905: Add suggestion to error message for typing.Generic subclasses when cls.__parameters__ is missing due to a parent class failing to call super().__init_subclass__() in its __init_subclass__. - gh-139845: Fix to not print KeyboardInterrupt twice in default asyncio REPL. - gh-139783: Fix inspect.getsourcelines() for the case when a decorator is followed by a comment or an empty line. - gh-70765: http.server: fix default handling of HTTP/0.9 requests in BaseHTTPRequestHandler. Previously, BaseHTTPRequestHandler.parse_request() incorrectly waited for headers in the request although those are not supported in HTTP/0.9. Patch by Bénédikt Tran. - gh-139391: Fix an issue when, on non-Windows platforms, it was not possible to gracefully exit a python -m asyncio process suspended by Ctrl+Z and later resumed by fg other than with kill. - gh-101828: Fix 'shift_jisx0213', 'shift_jis_2004', 'euc_jisx0213' and 'euc_jis_2004' codecs truncating null chars as they were treated as part of multi-character sequences. - gh-139246: fix: paste zero-width in default repl width is wrong. - gh-90949: Add SetAllocTrackerActivationThreshold() and SetAllocTrackerMaximumAmplification() to xmlparser objects to prevent use of disproportional amounts of dynamic memory from within an Expat parser. Patch by Bénédikt Tran. - gh-139065: Fix trailing space before a wrapped long word if the line length is exactly width in textwrap. - gh-138993: Dedent credits text. - gh-138859: Fix generic type parameterization raising a TypeError when omitting a ParamSpec that has a default which is not a list of types. - gh-138775: Use of python -m with base64 has been fixed to detect input from a terminal so that it properly notices EOF. - gh-98896: Fix a failure in multiprocessing resource_tracker when SharedMemory names contain colons. Patch by Rani Pinchuk. - gh-75989: tarfile.TarFile.extractall() and tarfile.TarFile.extract() now overwrite symlinks when extracting hardlinks. (Contributed by Alexander Enrique Urieles Nieto in gh-75989.) - gh-83424: Allows creating a ctypes.CDLL without name when passing a handle as an argument. - gh-136234: Fix asyncio.WriteTransport.writelines() to be robust to connection failure, by using the same behavior as write(). - gh-136057: Fixed the bug in pdb and bdb where next and step can’t go over the line if a loop exists in the line. - gh-135307: email: Fix exception in set_content() when encoding text and max_line_length is set to 0 or None (unlimited). - gh-134453: Fixed subprocess.Popen.communicate() input= handling of memoryview instances that were non-byte shaped on POSIX platforms. Those are now properly cast to a byte shaped view instead of truncating the input. Windows platforms did not have this bug. - gh-102431: Clarify constraints for “logical” arguments in methods of decimal.Context. - IDLE - gh-96491: Deduplicate version number in IDLE shell title bar after saving to a file. - Documentation - gh-141994: xml.sax.handler: Make Documentation of xml.sax.handler.feature_external_ges warn of opening up to external entity attacks. Patch by Sebastian Pipping. - gh-140578: Remove outdated sencence in the documentation for multiprocessing, that implied that concurrent.futures.ThreadPoolExecutor did not exist. - Core and Builtins - gh-142048: Fix quadratically increasing garbage collection delays in free-threaded build. - gh-141930: When importing a module, use Python’s regular file object to ensure that writes to .pyc files are complete or an appropriate error is raised. - gh-120158: Fix inconsistent state when enabling or disabling monitoring events too many times. - gh-141579: Fix sys.activate_stack_trampoline() to properly support the perf_jit backend. Patch by Pablo Galindo. - gh-141312: Fix the assertion failure in the __setstate__ method of the range iterator when a non-integer argument is passed. Patch by Sergey Miryanov. - gh-140939: Fix memory leak when bytearray or bytes is formated with the %*b format with a large width that results in %a MemoryError. - gh-140530: Fix a reference leak when raise exc from cause fails. Patch by Bénédikt Tran. - gh-140576: Fixed crash in tokenize.generate_tokens() in case of specific incorrect input. Patch by Mikhail Efimov. - gh-140551: Fixed crash in dict if dict.clear() is called at the lookup stage. Patch by Mikhail Efimov and Inada Naoki. - gh-140471: Fix potential buffer overflow in ast.AST node initialization when encountering malformed _fields containing non-str. - gh-140406: Fix memory leak when an object’s __hash__() method returns an object that isn’t an int. - gh-140306: Fix memory leaks in cross-interpreter channel operations and shared namespace handling. - gh-140301: Fix memory leak of PyConfig in subinterpreters. - gh-140000: Fix potential memory leak when a reference cycle exists between an instance of typing.TypeAliasType, typing.TypeVar, typing.ParamSpec, or typing.TypeVarTuple and its __name__ attribute. Patch by Mikhail Efimov. - gh-139748: Fix reference leaks in error branches of functions accepting path strings or bytes such as compile() and os.system(). Patch by Bénédikt Tran. - gh-139516: Fix lambda colon erroneously start format spec in f-string in tokenizer. - gh-139640: Fix swallowing some syntax warnings in different modules if they accidentally have the same message and are emitted from the same line. Fix duplicated warnings in the finally block. - gh-137400: Fix a crash in the free threading build when disabling profiling or tracing across all threads with PyEval_SetProfileAllThreads() or PyEval_SetTraceAllThreads() or their Python equivalents threading.settrace_all_threads() and threading.setprofile_all_threads(). - gh-133400: Fixed Ctrl+D (^D) behavior in _pyrepl module to match old pre-3.13 REPL behavior. - C API - gh-140042: Removed the sqlite3_shutdown call that could cause closing connections for sqlite when used with multiple sub interpreters. - gh-140487: Fix Py_RETURN_NOTIMPLEMENTED in limited C API 3.11 and older: don’t treat Py_NotImplemented as immortal. Patch by Victor Stinner. - Remove upstreamed patches: - CVE-2025-13836-http-resp-cont-len.patch - CVE-2025-8291-consistency-zip64.patch - CVE-2025-6075-expandvars-perf-degrad.patch ------------------------------------------------------------------ ------------------ 2025-12-10 - Dec 10 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Add 0010-add-onExpand-prop-to-ListingTable.patch to backport a feature ++++ kernel-default: - exfat: fix refcount leak in exfat_find (git-fixes). - commit eb1ffd0 - mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431 CVE-2025-38084 bsc#1245498). - commit ae3cd1c - i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes). - i2c: i2c.h: fix a bad kernel-doc line (git-fixes). - platform/x86: asus-wmi: use brightness_set_blocking() for kbd led (git-fixes). - platform/x86:intel/pmc: Update Arrow Lake telemetry GUID (git-fixes). - commit 73f17dd ++++ kernel-rt: - exfat: fix refcount leak in exfat_find (git-fixes). - commit eb1ffd0 - mm/hugetlb: unshare page tables during VMA split, not before (bsc#1245431 CVE-2025-38084 bsc#1245498). - commit ae3cd1c - i2c: amd-mp2: fix reference leak in MP2 PCI device (git-fixes). - i2c: i2c.h: fix a bad kernel-doc line (git-fixes). - platform/x86: asus-wmi: use brightness_set_blocking() for kbd led (git-fixes). - platform/x86:intel/pmc: Update Arrow Lake telemetry GUID (git-fixes). - commit 73f17dd ++++ selinux-policy: - Fix macros.selinux-policy to allow changing booleans when policy is not loaded. Previous logic was broken (bsc#1254395) ------------------------------------------------------------------ ------------------ 2025-12-9 - Dec 9 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256, CVE-2025-38728). - commit 0f61287 - mount: handle NULL values in mnt_ns_release() (bsc#1254308) - commit 08256f9 - smb: Log an error when close_all_cached_dirs fails (bsc#1246328, CVE-2025-38321). - commit c5a4d00 - mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431 CVE-2025-38085 bsc#1245499). - commit 50d9103 - arm64: mte: Do not warn if the page is already tagged in (git-fixes) - commit 52c9758 - arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes) - commit 2f61b01 - arm64: zynqmp: Disable coresight by default (git-fixes) - commit 11d63c1 - arm64: dts: broadcom: bcm2712: Add default GIC address cells (git-fixes) - commit 3096bdd - arm64: sysreg: Correct sign definitions for EIESB and DoubleLock (git-fixes) - commit 525b723 - dm-verity: fix unreliable memory allocation (git-fixes). - commit 75249b6 - spi: tegra210-quad: Check hardware status on timeout (bsc#1253155) - commit a1e793f - spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155) - commit 97a9820 - spi: tegra210-quad: Fix timeout handling (bsc#1253155) - commit c86dba3 - spi: tegra210-qspi: Remove cache operations (git-fixes) - commit 56b11a7 - spi: tegra210-quad: Add support for internal DMA (git-fixes) - commit 908f7ec - spi: tegra210-quad: Update dummy sequence configuration (git-fixes) - commit 3b335f9 - kABI workaround for hci_conn remote_id removal (git-fixes). - commit 426b083 - kABI workaround for mgmt_cp_set_mesh struct change (git-fixes). - commit 53230c4 - Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface (git-fixes). - Refresh patches.suse/Bluetooth-btusb-mediatek-Avoid-btusb_mtk_claim_iso_i.patch. - commit 94a2a40 - Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete (git-fixes). - Refresh patches.kabi/hci_dev-centralize-extra-lock.patch. - commit 5a62562 - Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00 (git-fixes). - Refresh patches.suse/Bluetooth-hci_core-Fix-tracking-of-periodic-advertis.patch. - commit a7f0549 - KVM: arm64: Check the untrusted offset in FF-A memory share (git-fixes). - commit eba1e78 - mm/hugetlb: fix folio is still mapped when deleted (CVE-2025-40006 bsc#1252342). - commit 8661a60 - EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (CVE-2025-40157 bsc#1253423). - commit bbd1520 - docs: hwmon: fix link to g762 devicetree binding (git-fixes). - hwmon: (w83791d) Convert macros to functions to avoid TOCTOU (git-fixes). - pinctrl: single: Fix incorrect type for error return variable (git-fixes). - pinctrl: renesas: rzg2l: Fix PMC restore (git-fixes). - pinctrl: stm32: fix hwspinlock resource leak in probe function (git-fixes). - phy: rockchip: samsung-hdptx: Prevent Inter-Pair Skew from exceeding the limits (git-fixes). - phy: rockchip: samsung-hdptx: Reduce ROPLL loop bandwidth (git-fixes). - phy: freescale: Initialize priv->lock (git-fixes). - phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe() (git-fixes). - phy: broadcom: bcm63xx-usbh: fix section mismatches (git-fixes). - commit 577e522 - kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (CVE-2025-40201 bsc#1253455). - commit 2e63b63 - Refresh patches.suse/sched-fair-Enable-scheduler-feature-NEXT_BUDDY.patch. - Refresh patches.suse/sched-fair-Have-SD_SERIALIZE-affect-newidle-balancing.patch. - Refresh patches.suse/sched-fair-Proportional-newidle-balance.patch. - Refresh patches.suse/sched-fair-Reimplement-NEXT_BUDDY-to-align-with-EEVDF-goals.patch. - Refresh patches.suse/sched-fair-Revert-max_newidle_lb_cost-bump.patch. - Refresh patches.suse/sched-fair-Skip-sched_balance_running-cmpxchg-when-balance-is-not-due.patch. - Refresh patches.suse/sched-fair-Small-cleanup-to-sched_balance_newidle.patch. - Refresh patches.suse/sched-fair-Small-cleanup-to-update_newidle_cost.patch. Update upstream status and move to sorted section. - commit 16fa696 - mm: hugetlb: avoid soft lockup when mprotect to large memory area (CVE-2025-40153 bsc#1253408). - commit 7bc4acd - perf list: Add IBM z17 event descriptions (jsc#PED-13611). - commit f62e448 ++++ kernel-rt: - smb3: fix for slab out of bounds on mount to ksmbd (bsc#1249256, CVE-2025-38728). - commit 0f61287 - mount: handle NULL values in mnt_ns_release() (bsc#1254308) - commit 08256f9 - smb: Log an error when close_all_cached_dirs fails (bsc#1246328, CVE-2025-38321). - commit c5a4d00 - mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (bsc#1245431 CVE-2025-38085 bsc#1245499). - commit 50d9103 - arm64: mte: Do not warn if the page is already tagged in (git-fixes) - commit 52c9758 - arm64: zynqmp: Revert usb node drive strength and slew rate for (git-fixes) - commit 2f61b01 - arm64: zynqmp: Disable coresight by default (git-fixes) - commit 11d63c1 - arm64: dts: broadcom: bcm2712: Add default GIC address cells (git-fixes) - commit 3096bdd - arm64: sysreg: Correct sign definitions for EIESB and DoubleLock (git-fixes) - commit 525b723 - dm-verity: fix unreliable memory allocation (git-fixes). - commit 75249b6 - spi: tegra210-quad: Check hardware status on timeout (bsc#1253155) - commit a1e793f - spi: tegra210-quad: Refactor error handling into helper functions (bsc#1253155) - commit 97a9820 - spi: tegra210-quad: Fix timeout handling (bsc#1253155) - commit c86dba3 - spi: tegra210-qspi: Remove cache operations (git-fixes) - commit 56b11a7 - spi: tegra210-quad: Add support for internal DMA (git-fixes) - commit 908f7ec - spi: tegra210-quad: Update dummy sequence configuration (git-fixes) - commit 3b335f9 - kABI workaround for hci_conn remote_id removal (git-fixes). - commit 426b083 - kABI workaround for mgmt_cp_set_mesh struct change (git-fixes). - commit 53230c4 - Bluetooth: btusb: mediatek: Fix kernel crash when releasing mtk iso interface (git-fixes). - Refresh patches.suse/Bluetooth-btusb-mediatek-Avoid-btusb_mtk_claim_iso_i.patch. - commit 94a2a40 - Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete (git-fixes). - Refresh patches.kabi/hci_dev-centralize-extra-lock.patch. - commit 5a62562 - Bluetooth: HCI: Fix tracking of advertisement set/instance 0x00 (git-fixes). - Refresh patches.suse/Bluetooth-hci_core-Fix-tracking-of-periodic-advertis.patch. - commit a7f0549 - KVM: arm64: Check the untrusted offset in FF-A memory share (git-fixes). - commit eba1e78 - mm/hugetlb: fix folio is still mapped when deleted (CVE-2025-40006 bsc#1252342). - commit 8661a60 - EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (CVE-2025-40157 bsc#1253423). - commit bbd1520 - docs: hwmon: fix link to g762 devicetree binding (git-fixes). - hwmon: (w83791d) Convert macros to functions to avoid TOCTOU (git-fixes). - pinctrl: single: Fix incorrect type for error return variable (git-fixes). - pinctrl: renesas: rzg2l: Fix PMC restore (git-fixes). - pinctrl: stm32: fix hwspinlock resource leak in probe function (git-fixes). - phy: rockchip: samsung-hdptx: Prevent Inter-Pair Skew from exceeding the limits (git-fixes). - phy: rockchip: samsung-hdptx: Reduce ROPLL loop bandwidth (git-fixes). - phy: freescale: Initialize priv->lock (git-fixes). - phy: renesas: rcar-gen3-usb2: Fix an error handling path in rcar_gen3_phy_usb2_probe() (git-fixes). - phy: broadcom: bcm63xx-usbh: fix section mismatches (git-fixes). - commit 577e522 - kernel/sys.c: fix the racy usage of task_lock(tsk->group_leader) in sys_prlimit64() paths (CVE-2025-40201 bsc#1253455). - commit 2e63b63 - Refresh patches.suse/sched-fair-Enable-scheduler-feature-NEXT_BUDDY.patch. - Refresh patches.suse/sched-fair-Have-SD_SERIALIZE-affect-newidle-balancing.patch. - Refresh patches.suse/sched-fair-Proportional-newidle-balance.patch. - Refresh patches.suse/sched-fair-Reimplement-NEXT_BUDDY-to-align-with-EEVDF-goals.patch. - Refresh patches.suse/sched-fair-Revert-max_newidle_lb_cost-bump.patch. - Refresh patches.suse/sched-fair-Skip-sched_balance_running-cmpxchg-when-balance-is-not-due.patch. - Refresh patches.suse/sched-fair-Small-cleanup-to-sched_balance_newidle.patch. - Refresh patches.suse/sched-fair-Small-cleanup-to-update_newidle_cost.patch. Update upstream status and move to sorted section. - commit 16fa696 - mm: hugetlb: avoid soft lockup when mprotect to large memory area (CVE-2025-40153 bsc#1253408). - commit 7bc4acd - perf list: Add IBM z17 event descriptions (jsc#PED-13611). - commit f62e448 ------------------------------------------------------------------ ------------------ 2025-12-8 - Dec 8 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - powerpc/64s/slb: Fix SLB multihit issue during SLB preload (bac#1236022 ltc#211187). - commit 9c0821c - idpf: cleanup remaining SKBs in PTP flows (CVE-2025-40175 bsc#1253426). - commit 659c3f9 - Update kvmsmall config files. disable more NET_VENDOR, no actual change AMD ASIX DAVICOM ENGLEDER FUNGIBLE I825XX LITEX META PENSANDO REALTEK VERTEXCOM WANGXUN - commit 7e6a292 - i3c: master: svc: Prevent incomplete IBI transaction (git-fixes). - i3c: fix refcount inconsistency in i3c_master_register (git-fixes). - clk: qcom: Mark camcc_sm7150_hws static (git-fixes). - clk: qcom: camcc-sm7150: Fix PLL config of PLL2 (git-fixes). - clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes). - clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other (git-fixes). - clk: qcom: camcc-sm8550: Specify Titan GDSC power domain as a parent to other (git-fixes). - clk: samsung: exynos-clkout: Assign .num before accessing .hws (git-fixes). - clk: renesas: r9a06g032: Fix memory leak in error path (git-fixes). - clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback (git-fixes). - commit 05a94b3 ++++ kernel-rt: - powerpc/64s/slb: Fix SLB multihit issue during SLB preload (bac#1236022 ltc#211187). - commit 9c0821c - idpf: cleanup remaining SKBs in PTP flows (CVE-2025-40175 bsc#1253426). - commit 659c3f9 - Update kvmsmall config files. disable more NET_VENDOR, no actual change AMD ASIX DAVICOM ENGLEDER FUNGIBLE I825XX LITEX META PENSANDO REALTEK VERTEXCOM WANGXUN - commit 7e6a292 - i3c: master: svc: Prevent incomplete IBI transaction (git-fixes). - i3c: fix refcount inconsistency in i3c_master_register (git-fixes). - clk: qcom: Mark camcc_sm7150_hws static (git-fixes). - clk: qcom: camcc-sm7150: Fix PLL config of PLL2 (git-fixes). - clk: qcom: camcc-sm6350: Fix PLL config of PLL2 (git-fixes). - clk: qcom: camcc-sm6350: Specify Titan GDSC power domain as a parent to other (git-fixes). - clk: qcom: camcc-sm8550: Specify Titan GDSC power domain as a parent to other (git-fixes). - clk: samsung: exynos-clkout: Assign .num before accessing .hws (git-fixes). - clk: renesas: r9a06g032: Fix memory leak in error path (git-fixes). - clk: renesas: cpg-mssr: Add missing 1ms delay into reset toggle callback (git-fixes). - commit 05a94b3 ++++ mdadm: - Update to version 4.4+31.g541b40d3: * fix crash with homehost=none (bsc#1254541) ------------------------------------------------------------------ ------------------ 2025-12-7 - Dec 7 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - staging: fbtft: core: fix potential memory leak in fbtft_probe_common() (git-fixes). - usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt (git-fixes). - USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes). - USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes). - usb: phy: Initialize struct usb_phy list_head (git-fixes). - usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE (git-fixes). - usb: dwc2: fix hang during suspend if set as peripheral (git-fixes). - usb: chaoskey: fix locking for O_NONBLOCK (git-fixes). - usb: dwc3: dwc3_power_off_all_roothub_ports: Use ioremap_np when required (git-fixes). - USB: Fix descriptor count when handling invalid MBIM extended descriptor (git-fixes). - intel_th: Fix error handling in intel_th_output_open (git-fixes). - comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() (git-fixes). - comedi: multiq3: sanitize config options in multiq3_attach() (git-fixes). - comedi: check device's attached status in compat ioctls (git-fixes). - comedi: c6xdigio: Fix invalid PNP driver unregistration (git-fixes). - mei: gsc: add dependency on Xe driver (git-fixes). - firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc (git-fixes). - interconnect: qcom: sdx75: Drop QPIC interconnect and BCM nodes (git-fixes). - interconnect: qcom: msm8996: add missing link to SLAVE_USB_HS (git-fixes). - interconnect: debugfs: Fix incorrect error handling for NULL path (git-fixes). - iio: core: Clean up device correctly on iio_device_alloc() failure (git-fixes). - iio: core: add missing mutex_destroy in iio_dev_release() (git-fixes). - iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member (git-fixes). - firmware: stratix10-svc: Add mutex in stratix10 memory management (git-fixes). - uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe (git-fixes). - fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() (git-fixes). - fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing (git-fixes). - fbdev: tcx.c fix mem_map to correct smem_start offset (git-fixes). - watchdog: starfive: Fix resource leak in probe error path (git-fixes). - watchdog: wdat_wdt: Fix ACPI table leak in probe function (git-fixes). - rpmsg: glink: fix rpmsg device leak (git-fixes). - iio: accel: bmc150: Fix irq assumption regression (stable-fixes). - usb: storage: sddr55: Reject out-of-bound new_pba (stable-fixes). - USB: serial: option: add support for Rolling RW101R-GL (stable-fixes). - USB: serial: ftdi_sio: add support for u-blox EVK-M101 (stable-fixes). - usb: dwc3: pci: Sort out the Intel device IDs (stable-fixes). - usb: dwc3: pci: add support for the Intel Nova Lake -S (stable-fixes). - thunderbolt: Add support for Intel Wildcat Lake (stable-fixes). - drm/amd/display: Don't change brightness for disabled connectors (stable-fixes). - drm/amd/display: Check NULL before accessing (stable-fixes). - drm/amd/amdgpu: reserve vm invalidation engine for uni_mes (stable-fixes). - ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230 (stable-fixes). - usb: udc: Add trace event for usb_gadget_set_state (stable-fixes). - drm/i915/dp: Initialize the source OUI write timestamp always (stable-fixes). - commit 2fc138c ++++ kernel-rt: - staging: fbtft: core: fix potential memory leak in fbtft_probe_common() (git-fixes). - usb: gadget: tegra-xudc: Always reinitialize data toggle when clear halt (git-fixes). - USB: serial: kobil_sct: fix TIOCMBIS and TIOCMBIC (git-fixes). - USB: serial: belkin_sa: fix TIOCMBIS and TIOCMBIC (git-fixes). - usb: phy: Initialize struct usb_phy list_head (git-fixes). - usb: raw-gadget: cap raw_io transfer length to KMALLOC_MAX_SIZE (git-fixes). - usb: dwc2: fix hang during suspend if set as peripheral (git-fixes). - usb: chaoskey: fix locking for O_NONBLOCK (git-fixes). - usb: dwc3: dwc3_power_off_all_roothub_ports: Use ioremap_np when required (git-fixes). - USB: Fix descriptor count when handling invalid MBIM extended descriptor (git-fixes). - intel_th: Fix error handling in intel_th_output_open (git-fixes). - comedi: pcl818: fix null-ptr-deref in pcl818_ai_cancel() (git-fixes). - comedi: multiq3: sanitize config options in multiq3_attach() (git-fixes). - comedi: check device's attached status in compat ioctls (git-fixes). - comedi: c6xdigio: Fix invalid PNP driver unregistration (git-fixes). - mei: gsc: add dependency on Xe driver (git-fixes). - firmware: stratix10-svc: fix make htmldocs warning for stratix10_svc (git-fixes). - interconnect: qcom: sdx75: Drop QPIC interconnect and BCM nodes (git-fixes). - interconnect: qcom: msm8996: add missing link to SLAVE_USB_HS (git-fixes). - interconnect: debugfs: Fix incorrect error handling for NULL path (git-fixes). - iio: core: Clean up device correctly on iio_device_alloc() failure (git-fixes). - iio: core: add missing mutex_destroy in iio_dev_release() (git-fixes). - iio: imu: st_lsm6dsx: Fix measurement unit for odr struct member (git-fixes). - firmware: stratix10-svc: Add mutex in stratix10 memory management (git-fixes). - uio: uio_fsl_elbc_gpcm:: Add null pointer check to uio_fsl_elbc_gpcm_probe (git-fixes). - fbdev: ssd1307fb: fix potential page leak in ssd1307fb_probe() (git-fixes). - fbdev: pxafb: Fix multiple clamped values in pxafb_adjust_timing (git-fixes). - fbdev: tcx.c fix mem_map to correct smem_start offset (git-fixes). - watchdog: starfive: Fix resource leak in probe error path (git-fixes). - watchdog: wdat_wdt: Fix ACPI table leak in probe function (git-fixes). - rpmsg: glink: fix rpmsg device leak (git-fixes). - iio: accel: bmc150: Fix irq assumption regression (stable-fixes). - usb: storage: sddr55: Reject out-of-bound new_pba (stable-fixes). - USB: serial: option: add support for Rolling RW101R-GL (stable-fixes). - USB: serial: ftdi_sio: add support for u-blox EVK-M101 (stable-fixes). - usb: dwc3: pci: Sort out the Intel device IDs (stable-fixes). - usb: dwc3: pci: add support for the Intel Nova Lake -S (stable-fixes). - thunderbolt: Add support for Intel Wildcat Lake (stable-fixes). - drm/amd/display: Don't change brightness for disabled connectors (stable-fixes). - drm/amd/display: Check NULL before accessing (stable-fixes). - drm/amd/amdgpu: reserve vm invalidation engine for uni_mes (stable-fixes). - ALSA: usb-audio: Add DSD quirk for LEAK Stereo 230 (stable-fixes). - usb: udc: Add trace event for usb_gadget_set_state (stable-fixes). - drm/i915/dp: Initialize the source OUI write timestamp always (stable-fixes). - commit 2fc138c ------------------------------------------------------------------ ------------------ 2025-12-6 - Dec 6 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - soc: samsung: exynos-pmu: fix device leak on regmap lookup (git-fixes). - soc: apple: mailbox: fix device leak on lookup (git-fixes). - soc: amlogic: canvas: fix device leak on lookup (git-fixes). - soc: qcom: smem: fix hwspinlock resource leak in probe error paths (git-fixes). - soc: qcom: pbs: fix device leak on lookup (git-fixes). - soc: qcom: ocmem: fix device leak on lookup (git-fixes). - firmware: qcom: tzmem: fix qcom_tzmem_policy kernel-doc (git-fixes). - firmware: imx: scu-irq: fix OF node leak in (git-fixes). - soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes). - soc/tegra: fuse: Do not register SoC device on ACPI boot (git-fixes). - sysctl: fix kernel-doc format warning (git-fixes). - commit f44d471 ++++ kernel-rt: - soc: samsung: exynos-pmu: fix device leak on regmap lookup (git-fixes). - soc: apple: mailbox: fix device leak on lookup (git-fixes). - soc: amlogic: canvas: fix device leak on lookup (git-fixes). - soc: qcom: smem: fix hwspinlock resource leak in probe error paths (git-fixes). - soc: qcom: pbs: fix device leak on lookup (git-fixes). - soc: qcom: ocmem: fix device leak on lookup (git-fixes). - firmware: qcom: tzmem: fix qcom_tzmem_policy kernel-doc (git-fixes). - firmware: imx: scu-irq: fix OF node leak in (git-fixes). - soc/tegra: fuse: speedo-tegra210: Update speedo IDs (git-fixes). - soc/tegra: fuse: Do not register SoC device on ACPI boot (git-fixes). - sysctl: fix kernel-doc format warning (git-fixes). - commit f44d471 ------------------------------------------------------------------ ------------------ 2025-12-5 - Dec 5 2025 ------------------- ------------------------------------------------------------------ ++++ librsvg: - Update to version 2.60.1 - (CVE-2024-12224 / bsc#1243867), (CVE-2024-43806 / bsc#1229950) + This is a security release for RUSTSEC-2024-0421, RUSTSEC-2024-0404, and GHSA-c827-hfw6-qwvm (CVE-2024-43806 / bsc#1229376). - glgo#GNOME/librsvg#1193 - RUSTSEC-2024-0421 - idna accepts Punycode labels that do not produce any non-ASCII when decoded. - RUSTSEC-2024-0404 - Unsoundness in anstream. - GHSA-c827-hfw6-qwvm - Memory explosion in rustix. Note that librsvg does not use rustix except in the test suite. ++++ kernel-default: - net: phy: realtek: add defines for shadowed c45 standard registers (jsc#PED-14353). - commit 9b6cda5 - net: phy: realtek: add helper RTL822X_VND2_C22_REG (jsc#PED-14353). - commit f06f507 - net: phy: realtek: switch from paged to MMD ops in rtl822x functions (jsc#PED-14353). - commit b4b9148 - net: phy: move realtek PHY driver to its own subdirectory (jsc#PED-14353). - Refresh patches.suse/net-phy-realtek-always-clear-NBase-T-lpa.patch. - Refresh patches.suse/net-phy-realtek-clear-1000Base-T-lpa-if-link-is-down.patch. - Refresh patches.suse/net-phy-realtek-clear-master_slave_state-if-link-is-.patch. - commit e3f95b1 - net: phy: realtek: always clear NBase-T lpa (git-fixes). - net: phy: realtek: clear master_slave_state if link is down (git-fixes). - commit 0dd31d0 - net: phy: realtek: clear 1000Base-T lpa if link is down (git-fixes). - commit 07367d4 - net: phy: realtek: improve mmd register access for internal PHY's (jsc#PED-14353). - net: phy: realtek: use string choices helpers (jsc#PED-14353). - commit 7ae9fe3 - net: phy: realtek: clear 1000Base-T link partner advertisement (jsc#PED-14353). - net: phy: realtek: change order of calls in C22 read_status() (jsc#PED-14353). - net: phy: realtek: read duplex and gbit master from PHYSR register (jsc#PED-14353). - commit 4e4fcb4 - r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (jsc#PED-14353). - r8169: switch away from deprecated pcim_iomap_table (jsc#PED-14353). - r8169: increase max jumbo packet size on RTL8125/RTL8126 (jsc#PED-14353). - r8169: add PHY c45 ops for MDIO_MMD_VENDOR2 registers (jsc#PED-14353). - r8169: add support for Intel Killer E5000 (jsc#PED-14353). - commit 1daed61 - r8169: adjust version numbering for RTL8126 (jsc#PED-14353). - Refresh patches.suse/r8169-set-EEE-speed-down-ratio-to-1.patch. - commit abf8121 - r8169: add support for RTL8125BP rev.b (jsc#PED-14353). - r8169: add support for RTL8125D rev.b (jsc#PED-14353). - r8169: remove support for chip version 11 (jsc#PED-14353). - r8169: remove unused flag RTL_FLAG_TASK_RESET_NO_QUEUE_WAKE (jsc#PED-14353). - r8169: use helper r8169_mod_reg8_cond to simplify rtl_jumbo_config (jsc#PED-14353). - r8169: align WAKE_PHY handling with r8125/r8126 vendor drivers (jsc#PED-14353). - r8169: improve rtl_set_d3_pll_down (jsc#PED-14353). - r8169: improve __rtl8169_set_wol (jsc#PED-14353). - r8169: remove leftover locks after reverted change (jsc#PED-14353). - r8169: improve initialization of RSS registers on RTL8125/RTL8126 (jsc#PED-14353). - r8169: align RTL8126 EEE config with vendor driver (jsc#PED-14353). - r8169: align RTL8125/RTL8126 PHY config with vendor driver (jsc#PED-14353). - r8169: align RTL8125 EEE config with vendor driver (jsc#PED-14353). - r8169: fix inconsistent indenting in rtl8169_get_eth_mac_stats (jsc#PED-14353). - r8169: enable EEE at 2.5G per default on RTL8125B (jsc#PED-14353). - r8169: remove rtl_dash_loop_wait_high/low (jsc#PED-14353). - r8169: avoid duplicated messages if loading firmware fails and switch to warn level (jsc#PED-14353). - r8169: replace custom flag with disable_work() et al (jsc#PED-14353). - r8169: don't take RTNL lock in rtl_task() (jsc#PED-14353). - r8169: implement additional ethtool stats ops (jsc#PED-14353). - r8169: remove original workaround for RTL8125 broken rx issue (jsc#PED-14353). - commit fd05f54 - Revert "drm/amd: Skip power ungate during suspend for VPE" (git-fixes). - commit 33847bb - PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2 (git-fixes). - PCI: keystone: Exit ks_pcie_probe() for invalid mode (git-fixes). - PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition (git-fixes). - PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths (git-fixes). - efi: stmm: fix kernel-doc "bad line" warnings (git-fixes). - power: supply: apm_power: only unset own apm_get_power_status (git-fixes). - power: supply: wm831x: Check wm831x_set_bits() return value (git-fixes). - power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges() (git-fixes). - power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges() (git-fixes). - power: supply: max17040: Check iio_read_channel_processed() return code (git-fixes). - power: supply: cw2015: Check devm_delayed_work_autocancel() return code (git-fixes). - power: supply: rt5033_charger: Fix device node reference leaks (git-fixes). - Documentation: hid-alps: Fix packet format section headings (git-fixes). - HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync() (git-fixes). - HID: logitech-dj: Add support for a new lightspeed receiver iteration (git-fixes). - HID: logitech-dj: Remove duplicate error logging (git-fixes). - backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes). - backlight: led-bl: Add devlink to supplier LEDs (git-fixes). - leds: rgb: leds-qcom-lpg: Don't enable TRILED when configuring PWM (git-fixes). - leds: netxbig: Fix GPIO descriptor leak in error paths (git-fixes). - leds: leds-lp50xx: Enable chip before any communication (git-fixes). - leds: Drop duplicate LEDS_EXPRESSWIRE config (git-fixes). - leds: leds-cros_ec: Skip LEDs without color components (git-fixes). - leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs (git-fixes). - leds: leds-lp50xx: Allow LED 0 to be added to module bank (git-fixes). - mfd: mt6358-irq: Fix missing irq_domain_remove() in error path (git-fixes). - mfd: mt6397-irq: Fix missing irq_domain_remove() in error path (git-fixes). - mfd: max77620: Fix potential IRQ chip conflict when probing two devices (git-fixes). - mfd: da9055: Fix missing regmap_del_irq_chip() in error path (git-fixes). - mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup (git-fixes). - platform/x86: intel: chtwc_int33fe: don't dereference swnode args (git-fixes). - hwmon: (max16065) Use local variable to avoid TOCTOU (git-fixes). - hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU (git-fixes). - hwmon: (max6697) fix regmap leak on probe failure (git-fixes). - hwmon: sy7636a: Fix regulator_enable resource leak on error path (git-fixes). - spi: ch341: fix out-of-bounds memory access in ch341_transfer_one (git-fixes). - spi: airoha-snfi: en7523: workaround flash damaging if UART_TXD was short to GND (git-fixes). - spi: bcm63xx: drop wrong casts in probe() (git-fixes). - spi: tegra210-quad: Fix timeout handling (git-fixes). - regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex (git-fixes). - regulator: core: disable supply if enabling main regulator fails (git-fixes). - mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors (git-fixes). - mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove (git-fixes). - mtd: nand: relax ECC parameter validation check (git-fixes). - Revert "mtd: rawnand: marvell: fix layouts" (git-fixes). - mtd: lpddr_cmds: fix signed shifts in lpddr_cmds (git-fixes). - mtd: mtdpart: ignore error -ENOENT from parsers on subpartitions (git-fixes). - mtd: maps: pcmciamtd: fix potential memory leak in pcmciamtd_detach() (git-fixes). - pwm: bcm2835: Make sure the channel is enabled after pwm_request() (git-fixes). - platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver (git-fixes). - ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes). - ASoC: codecs: wcd939x: fix regmap leak on probe failure (git-fixes). - ASoC: stm32: sai: fix OF node leak on probe (git-fixes). - ASoC: stm32: sai: fix clk prepare imbalance on probe failure (git-fixes). - ASoC: stm32: sai: fix device leak on probe (git-fixes). - ASoC: codecs: lpass-tx-macro: fix SM6115 support (git-fixes). - ASoC: qcom: q6asm-dai: perform correct state check before closing (git-fixes). - ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment (git-fixes). - ASoC: qcom: q6adm: the the copp device only during last instance (git-fixes). - ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr (git-fixes). - ALSA: dice: fix buffer overflow in detect_stream_formats() (git-fixes). - ASoC: fsl_xcvr: clear the channel status control memory (git-fixes). - ASoC: tas2781: correct the wrong period (git-fixes). - drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma (git-fixes). - drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1() (git-fixes). - drm/panthor: Avoid adding of kernel BOs to extobj list (git-fixes). - drm/nouveau: restrict the flush page to a 32-bit address (git-fixes). - drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl() (git-fixes). - drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse() (git-fixes). - drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue (git-fixes). - drm/mediatek: Fix probe device leaks (git-fixes). - drm/mediatek: Fix probe memory leak (git-fixes). - drm/mediatek: Fix probe resource leaks (git-fixes). - drm/msm/a6xx: Improve MX rail fallback in RPMH vote init (git-fixes). - drm/msm/a6xx: Fix the gemnoc workaround (git-fixes). - drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes). - drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers (git-fixes). - drm/msm/a2xx: stop over-complaining about the legacy firmware (git-fixes). - drm/msm/dpu: drop dpu_hw_dsc_destroy() prototype (git-fixes). - drm/msm/dpu: Remove dead-code in dpu_encoder_helper_reset_mixers() (git-fixes). - drm/panthor: Fix potential memleak of vma structure (git-fixes). - drm/panthor: Fix UAF on kernel BO VA nodes (git-fixes). - drm/panthor: Fix race with suspend during unplug (git-fixes). - drm/panthor: Fix UAF race between device unplug and FW event processing (git-fixes). - drm/panthor: Fix group_free_queue() for partially initialized queues (git-fixes). - drm/panthor: Handle errors returned by drm_sched_entity_init() (git-fixes). - drm/imagination: Fix reference to devm_platform_get_and_ioremap_resource() (git-fixes). - accel/ivpu: Fix race condition when unbinding BOs (git-fixes). - drm: atmel-hlcdc: fix atmel_xlcdc_plane_setup_scaler() (git-fixes). - drm/vgem-fence: Fix potential deadlock on release (git-fixes). - accel/ivpu: Fix DCT active percent format (git-fixes). - drm/panel: visionox-rm69299: Don't clear all mode flags (git-fixes). - drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg() (git-fixes). - gpu: host1x: Fix race in syncpt alloc/free (git-fixes). - media: rc: st_rc: Fix reset control resource leak (git-fixes). - media: videobuf2: Fix device reference leak in vb2_dc_alloc error path (git-fixes). - media: vpif_display: fix section mismatch (git-fixes). - media: vpif_capture: fix section mismatch (git-fixes). - media: samsung: exynos4-is: fix potential ABBA deadlock on init (git-fixes). - media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled (git-fixes). - media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init() (git-fixes). - media: amphion: Cancel message work before releasing the VPU core (git-fixes). - media: verisilicon: Protect G2 HEVC decoder against invalid DPB index (git-fixes). - media: verisilicon: Fix CPU stalls on G2 bus error (git-fixes). - media: platform: mtk-mdp3: fix device leaks at probe (git-fixes). - media: v4l2-mem2mem: Fix outdated documentation (git-fixes). - media: cec: Fix debugfs leak on bus_register() failure (git-fixes). - media: vidtv: initialize local pointers upon transfer of memory ownership (git-fixes). - media: pvrusb2: Fix incorrect variable used in trace message (git-fixes). - media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread() (git-fixes). - media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() (git-fixes). - media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe (git-fixes). - media: i2c: adv7842: Remove redundant cancel_delayed_work in probe (git-fixes). - media: TDA1997x: Remove redundant cancel_delayed_work in probe (git-fixes). - media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() (git-fixes). - commit 695e096 ++++ kernel-rt: - net: phy: realtek: add defines for shadowed c45 standard registers (jsc#PED-14353). - commit 9b6cda5 - net: phy: realtek: add helper RTL822X_VND2_C22_REG (jsc#PED-14353). - commit f06f507 - net: phy: realtek: switch from paged to MMD ops in rtl822x functions (jsc#PED-14353). - commit b4b9148 - net: phy: move realtek PHY driver to its own subdirectory (jsc#PED-14353). - Refresh patches.suse/net-phy-realtek-always-clear-NBase-T-lpa.patch. - Refresh patches.suse/net-phy-realtek-clear-1000Base-T-lpa-if-link-is-down.patch. - Refresh patches.suse/net-phy-realtek-clear-master_slave_state-if-link-is-.patch. - commit e3f95b1 - net: phy: realtek: always clear NBase-T lpa (git-fixes). - net: phy: realtek: clear master_slave_state if link is down (git-fixes). - commit 0dd31d0 - net: phy: realtek: clear 1000Base-T lpa if link is down (git-fixes). - commit 07367d4 - net: phy: realtek: improve mmd register access for internal PHY's (jsc#PED-14353). - net: phy: realtek: use string choices helpers (jsc#PED-14353). - commit 7ae9fe3 - net: phy: realtek: clear 1000Base-T link partner advertisement (jsc#PED-14353). - net: phy: realtek: change order of calls in C22 read_status() (jsc#PED-14353). - net: phy: realtek: read duplex and gbit master from PHYSR register (jsc#PED-14353). - commit 4e4fcb4 - r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (jsc#PED-14353). - r8169: switch away from deprecated pcim_iomap_table (jsc#PED-14353). - r8169: increase max jumbo packet size on RTL8125/RTL8126 (jsc#PED-14353). - r8169: add PHY c45 ops for MDIO_MMD_VENDOR2 registers (jsc#PED-14353). - r8169: add support for Intel Killer E5000 (jsc#PED-14353). - commit 1daed61 - r8169: adjust version numbering for RTL8126 (jsc#PED-14353). - Refresh patches.suse/r8169-set-EEE-speed-down-ratio-to-1.patch. - commit abf8121 - r8169: add support for RTL8125BP rev.b (jsc#PED-14353). - r8169: add support for RTL8125D rev.b (jsc#PED-14353). - r8169: remove support for chip version 11 (jsc#PED-14353). - r8169: remove unused flag RTL_FLAG_TASK_RESET_NO_QUEUE_WAKE (jsc#PED-14353). - r8169: use helper r8169_mod_reg8_cond to simplify rtl_jumbo_config (jsc#PED-14353). - r8169: align WAKE_PHY handling with r8125/r8126 vendor drivers (jsc#PED-14353). - r8169: improve rtl_set_d3_pll_down (jsc#PED-14353). - r8169: improve __rtl8169_set_wol (jsc#PED-14353). - r8169: remove leftover locks after reverted change (jsc#PED-14353). - r8169: improve initialization of RSS registers on RTL8125/RTL8126 (jsc#PED-14353). - r8169: align RTL8126 EEE config with vendor driver (jsc#PED-14353). - r8169: align RTL8125/RTL8126 PHY config with vendor driver (jsc#PED-14353). - r8169: align RTL8125 EEE config with vendor driver (jsc#PED-14353). - r8169: fix inconsistent indenting in rtl8169_get_eth_mac_stats (jsc#PED-14353). - r8169: enable EEE at 2.5G per default on RTL8125B (jsc#PED-14353). - r8169: remove rtl_dash_loop_wait_high/low (jsc#PED-14353). - r8169: avoid duplicated messages if loading firmware fails and switch to warn level (jsc#PED-14353). - r8169: replace custom flag with disable_work() et al (jsc#PED-14353). - r8169: don't take RTNL lock in rtl_task() (jsc#PED-14353). - r8169: implement additional ethtool stats ops (jsc#PED-14353). - r8169: remove original workaround for RTL8125 broken rx issue (jsc#PED-14353). - commit fd05f54 - Revert "drm/amd: Skip power ungate during suspend for VPE" (git-fixes). - commit 33847bb - PCI: rcar-gen2: Drop ARM dependency from PCI_RCAR_GEN2 (git-fixes). - PCI: keystone: Exit ks_pcie_probe() for invalid mode (git-fixes). - PCI: dwc: Fix wrong PORT_LOGIC_LTSSM_STATE_MASK definition (git-fixes). - PCI/PM: Reinstate clearing state_saved in legacy and !PM codepaths (git-fixes). - efi: stmm: fix kernel-doc "bad line" warnings (git-fixes). - power: supply: apm_power: only unset own apm_get_power_status (git-fixes). - power: supply: wm831x: Check wm831x_set_bits() return value (git-fixes). - power: supply: rt9467: Prevent using uninitialized local variable in rt9467_set_value_from_ranges() (git-fixes). - power: supply: rt9467: Return error on failure in rt9467_set_value_from_ranges() (git-fixes). - power: supply: max17040: Check iio_read_channel_processed() return code (git-fixes). - power: supply: cw2015: Check devm_delayed_work_autocancel() return code (git-fixes). - power: supply: rt5033_charger: Fix device node reference leaks (git-fixes). - Documentation: hid-alps: Fix packet format section headings (git-fixes). - HID: logitech-hidpp: Do not assume FAP in hidpp_send_message_sync() (git-fixes). - HID: logitech-dj: Add support for a new lightspeed receiver iteration (git-fixes). - HID: logitech-dj: Remove duplicate error logging (git-fixes). - backlight: lp855x: Fix lp855x.h kernel-doc warnings (git-fixes). - backlight: led-bl: Add devlink to supplier LEDs (git-fixes). - leds: rgb: leds-qcom-lpg: Don't enable TRILED when configuring PWM (git-fixes). - leds: netxbig: Fix GPIO descriptor leak in error paths (git-fixes). - leds: leds-lp50xx: Enable chip before any communication (git-fixes). - leds: Drop duplicate LEDS_EXPRESSWIRE config (git-fixes). - leds: leds-cros_ec: Skip LEDs without color components (git-fixes). - leds: leds-lp50xx: LP5009 supports 3 modules for a total of 9 LEDs (git-fixes). - leds: leds-lp50xx: Allow LED 0 to be added to module bank (git-fixes). - mfd: mt6358-irq: Fix missing irq_domain_remove() in error path (git-fixes). - mfd: mt6397-irq: Fix missing irq_domain_remove() in error path (git-fixes). - mfd: max77620: Fix potential IRQ chip conflict when probing two devices (git-fixes). - mfd: da9055: Fix missing regmap_del_irq_chip() in error path (git-fixes). - mfd: altera-sysmgr: Fix device leak on sysmgr regmap lookup (git-fixes). - platform/x86: intel: chtwc_int33fe: don't dereference swnode args (git-fixes). - hwmon: (max16065) Use local variable to avoid TOCTOU (git-fixes). - hwmon: (w83l786ng) Convert macros to functions to avoid TOCTOU (git-fixes). - hwmon: (max6697) fix regmap leak on probe failure (git-fixes). - hwmon: sy7636a: Fix regulator_enable resource leak on error path (git-fixes). - spi: ch341: fix out-of-bounds memory access in ch341_transfer_one (git-fixes). - spi: airoha-snfi: en7523: workaround flash damaging if UART_TXD was short to GND (git-fixes). - spi: bcm63xx: drop wrong casts in probe() (git-fixes). - spi: tegra210-quad: Fix timeout handling (git-fixes). - regulator: core: Protect regulator_supply_alias_list with regulator_list_mutex (git-fixes). - regulator: core: disable supply if enabling main regulator fails (git-fixes). - mtd: rawnand: renesas: Handle devm_pm_runtime_enable() errors (git-fixes). - mtd: rawnand: lpc32xx_slc: fix GPIO descriptor leak on probe error and remove (git-fixes). - mtd: nand: relax ECC parameter validation check (git-fixes). - Revert "mtd: rawnand: marvell: fix layouts" (git-fixes). - mtd: lpddr_cmds: fix signed shifts in lpddr_cmds (git-fixes). - mtd: mtdpart: ignore error -ENOENT from parsers on subpartitions (git-fixes). - mtd: maps: pcmciamtd: fix potential memory leak in pcmciamtd_detach() (git-fixes). - pwm: bcm2835: Make sure the channel is enabled after pwm_request() (git-fixes). - platform/chrome: cros_ec_ishtp: Fix UAF after unbinding driver (git-fixes). - ASoC: Intel: catpt: Fix error path in hw_params() (git-fixes). - ASoC: codecs: wcd939x: fix regmap leak on probe failure (git-fixes). - ASoC: stm32: sai: fix OF node leak on probe (git-fixes). - ASoC: stm32: sai: fix clk prepare imbalance on probe failure (git-fixes). - ASoC: stm32: sai: fix device leak on probe (git-fixes). - ASoC: codecs: lpass-tx-macro: fix SM6115 support (git-fixes). - ASoC: qcom: q6asm-dai: perform correct state check before closing (git-fixes). - ASoC: qcom: qdsp6: q6asm-dai: set 10 ms period and buffer alignment (git-fixes). - ASoC: qcom: q6adm: the the copp device only during last instance (git-fixes). - ASoC: qcom: q6apm-dai: set flags to reflect correct operation of appl_ptr (git-fixes). - ALSA: dice: fix buffer overflow in detect_stream_formats() (git-fixes). - ASoC: fsl_xcvr: clear the channel status control memory (git-fixes). - ASoC: tas2781: correct the wrong period (git-fixes). - drm/amdgpu: add missing lock to amdgpu_ttm_access_memory_sdma (git-fixes). - drm/amd/display: Fix logical vs bitwise bug in get_embedded_panel_info_v2_1() (git-fixes). - drm/panthor: Avoid adding of kernel BOs to extobj list (git-fixes). - drm/nouveau: restrict the flush page to a 32-bit address (git-fixes). - drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl() (git-fixes). - drm/mediatek: Fix device node reference leak in mtk_dp_dt_parse() (git-fixes). - drm/mediatek: Fix CCORR mtk_ctm_s31_32_to_s1_n function issue (git-fixes). - drm/mediatek: Fix probe device leaks (git-fixes). - drm/mediatek: Fix probe memory leak (git-fixes). - drm/mediatek: Fix probe resource leaks (git-fixes). - drm/msm/a6xx: Improve MX rail fallback in RPMH vote init (git-fixes). - drm/msm/a6xx: Fix the gemnoc workaround (git-fixes). - drm/msm/a6xx: Flush LRZ cache before PT switch (git-fixes). - drm/msm/a6xx: Fix out of bound IO access in a6xx_get_gmu_registers (git-fixes). - drm/msm/a2xx: stop over-complaining about the legacy firmware (git-fixes). - drm/msm/dpu: drop dpu_hw_dsc_destroy() prototype (git-fixes). - drm/msm/dpu: Remove dead-code in dpu_encoder_helper_reset_mixers() (git-fixes). - drm/panthor: Fix potential memleak of vma structure (git-fixes). - drm/panthor: Fix UAF on kernel BO VA nodes (git-fixes). - drm/panthor: Fix race with suspend during unplug (git-fixes). - drm/panthor: Fix UAF race between device unplug and FW event processing (git-fixes). - drm/panthor: Fix group_free_queue() for partially initialized queues (git-fixes). - drm/panthor: Handle errors returned by drm_sched_entity_init() (git-fixes). - drm/imagination: Fix reference to devm_platform_get_and_ioremap_resource() (git-fixes). - accel/ivpu: Fix race condition when unbinding BOs (git-fixes). - drm: atmel-hlcdc: fix atmel_xlcdc_plane_setup_scaler() (git-fixes). - drm/vgem-fence: Fix potential deadlock on release (git-fixes). - accel/ivpu: Fix DCT active percent format (git-fixes). - drm/panel: visionox-rm69299: Don't clear all mode flags (git-fixes). - drm/gma500: Remove unused helper psb_fbdev_fb_setcolreg() (git-fixes). - gpu: host1x: Fix race in syncpt alloc/free (git-fixes). - media: rc: st_rc: Fix reset control resource leak (git-fixes). - media: videobuf2: Fix device reference leak in vb2_dc_alloc error path (git-fixes). - media: vpif_display: fix section mismatch (git-fixes). - media: vpif_capture: fix section mismatch (git-fixes). - media: samsung: exynos4-is: fix potential ABBA deadlock on init (git-fixes). - media: renesas: rcar_drif: fix device node reference leak in rcar_drif_bond_enabled (git-fixes). - media: mediatek: vcodec: Fix a reference leak in mtk_vcodec_fw_vpu_init() (git-fixes). - media: amphion: Cancel message work before releasing the VPU core (git-fixes). - media: verisilicon: Protect G2 HEVC decoder against invalid DPB index (git-fixes). - media: verisilicon: Fix CPU stalls on G2 bus error (git-fixes). - media: platform: mtk-mdp3: fix device leaks at probe (git-fixes). - media: v4l2-mem2mem: Fix outdated documentation (git-fixes). - media: cec: Fix debugfs leak on bus_register() failure (git-fixes). - media: vidtv: initialize local pointers upon transfer of memory ownership (git-fixes). - media: pvrusb2: Fix incorrect variable used in trace message (git-fixes). - media: msp3400: Avoid possible out-of-bounds array accesses in msp3400c_thread() (git-fixes). - media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status() (git-fixes). - media: i2c: ADV7604: Remove redundant cancel_delayed_work in probe (git-fixes). - media: i2c: adv7842: Remove redundant cancel_delayed_work in probe (git-fixes). - media: TDA1997x: Remove redundant cancel_delayed_work in probe (git-fixes). - media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100_i2c_msg() (git-fixes). - commit 695e096 ++++ libpng16: - security update - added patches CVE-2025-66293 [bsc#1254480], LIBPNG out-of-bounds read in png_image_read_composite * libpng16-CVE-2025-66293.patch ------------------------------------------------------------------ ------------------ 2025-12-4 - Dec 4 2025 ------------------- ------------------------------------------------------------------ ++++ fde-tools: - Build with distro flags ++++ kernel-default: - net: phy: aquantia: check for NVMEM deferral (git-fixes). - wifi: nl80211: vendor-cmd: intel: fix a blank kernel-doc line warning (git-fixes). - wifi: ieee80211: correct FILS status codes (git-fixes). - mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() (git-fixes). - wifi: mt76: Fix DTS power-limits on little endian systems (git-fixes). - wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() (git-fixes). - wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() (git-fixes). - wifi: mac80211: fix CMAC functions not handling errors (git-fixes). - net: phy: adin1100: Fix software power-down ready condition (git-fixes). - wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper() (git-fixes). - wifi: ath12k: fix potential memory leak in ath12k_wow_arp_ns_offload() (git-fixes). - wifi: ath11k: fix peer HE MCS assignment (git-fixes). - wifi: ath11k: fix VHT MCS assignment (git-fixes). - wifi: ath11k: restore register window after global reset (git-fixes). - lib/vsprintf: Check pointer before dereferencing in time_and_date() (git-fixes). - Documentation/kernel-parameters: fix typo in retbleed= kernel parameter description (git-fixes). - Documentation: tps6594-pfsm: Fix macro cross-reference syntax (git-fixes). - Documentation: mrvl-cn10k-dpi: Fix macro cross-reference syntax (git-fixes). - Documentation: parport-lowlevel: Separate function listing code blocks (git-fixes). - docs: w1: fix w1-netlink invalid URL (git-fixes). - crypto: ccree - Correctly handle return of sg_nents_for_len (git-fixes). - crypto: iaa - Fix incorrect return value in save_iaa_wq() (git-fixes). - crypto: rockchip - drop redundant crypto_skcipher_ivsize() calls (git-fixes). - crypto: hisilicon/qm - restore original qos values (git-fixes). - crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (git-fixes). - crypto: authenc - Correctly pass EINPROGRESS back up to the caller (git-fixes). - crypto: af_alg - zero initialize memory allocated via sock_kmalloc (git-fixes). - crypto: caam - Add check for kcalloc() in test_len() (git-fixes). - ima: Handle error code returned by ima_filter_rule_match() (git-fixes). - KEYS: trusted: Fix a memory leak in tpm2_load_cmd (git-fixes). - commit 915eacb ++++ kernel-rt: - net: phy: aquantia: check for NVMEM deferral (git-fixes). - wifi: nl80211: vendor-cmd: intel: fix a blank kernel-doc line warning (git-fixes). - wifi: ieee80211: correct FILS status codes (git-fixes). - mt76: mt7615: Fix memory leak in mt7615_mcu_wtbl_sta_add() (git-fixes). - wifi: mt76: Fix DTS power-limits on little endian systems (git-fixes). - wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187_rx_cb() (git-fixes). - wifi: rtl818x: Fix potential memory leaks in rtl8180_init_rx_ring() (git-fixes). - wifi: mac80211: fix CMAC functions not handling errors (git-fixes). - net: phy: adin1100: Fix software power-down ready condition (git-fixes). - wifi: cw1200: Fix potential memory leak in cw1200_bh_rx_helper() (git-fixes). - wifi: ath12k: fix potential memory leak in ath12k_wow_arp_ns_offload() (git-fixes). - wifi: ath11k: fix peer HE MCS assignment (git-fixes). - wifi: ath11k: fix VHT MCS assignment (git-fixes). - wifi: ath11k: restore register window after global reset (git-fixes). - lib/vsprintf: Check pointer before dereferencing in time_and_date() (git-fixes). - Documentation/kernel-parameters: fix typo in retbleed= kernel parameter description (git-fixes). - Documentation: tps6594-pfsm: Fix macro cross-reference syntax (git-fixes). - Documentation: mrvl-cn10k-dpi: Fix macro cross-reference syntax (git-fixes). - Documentation: parport-lowlevel: Separate function listing code blocks (git-fixes). - docs: w1: fix w1-netlink invalid URL (git-fixes). - crypto: ccree - Correctly handle return of sg_nents_for_len (git-fixes). - crypto: iaa - Fix incorrect return value in save_iaa_wq() (git-fixes). - crypto: rockchip - drop redundant crypto_skcipher_ivsize() calls (git-fixes). - crypto: hisilicon/qm - restore original qos values (git-fixes). - crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (git-fixes). - crypto: authenc - Correctly pass EINPROGRESS back up to the caller (git-fixes). - crypto: af_alg - zero initialize memory allocated via sock_kmalloc (git-fixes). - crypto: caam - Add check for kcalloc() in test_len() (git-fixes). - ima: Handle error code returned by ima_filter_rule_match() (git-fixes). - KEYS: trusted: Fix a memory leak in tpm2_load_cmd (git-fixes). - commit 915eacb ++++ ucode-amd: - Update to version 20251203 (git commit a0f0e52138e5): * linux-firmware: Update amd-ucode copyright information * linux-firmware: Update AMD cpu microcode ------------------------------------------------------------------ ------------------ 2025-12-3 - Dec 3 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint() (git-fixes). - ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4 (git-fixes). - efi/libstub: Fix page table access in 5-level to 4-level paging transition (git-fixes). - commit 2215dd3 ++++ kernel-rt: - ACPI: property: Fix fwnode refcount leak in acpi_fwnode_graph_parse_endpoint() (git-fixes). - ACPI: processor_core: fix map_x2apic_id for amd-pstate on am4 (git-fixes). - efi/libstub: Fix page table access in 5-level to 4-level paging transition (git-fixes). - commit 2215dd3 ++++ nvidia-open-driver-G06-signed: - kernel-6.18.patch * fixed build against kernel 6.18 ------------------------------------------------------------------ ------------------ 2025-12-2 - Dec 2 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Input: cros_ec_keyb - fix an invalid memory access (stable-fixes). - Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes). - drm/xe: Prevent BIT() overflow when handling invalid prefetch region (git-fixes). - drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled (stable-fixes). - drm/amd: Skip power ungate during suspend for VPE (stable-fixes). - drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes). - drm/amd/display: Fix pbn to kbps Conversion (stable-fixes). - drm/amd/display: Clear the CUR_ENABLE register on DCN20 on DPP5 (stable-fixes). - drm/amd/display: Increase DPCD read retries (stable-fixes). - drm/amd/display: Move sleep into each retry for retrieve_link_cap() (stable-fixes). - drm/amd/display: Prevent Gating DTBCLK before It Is Properly Latched (git-fixes). - drm/i915/dp_mst: Disable Panel Replay (git-fixes). - drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (stable-fixes). - drm/amd/display: Insert dccg log for easy debug (stable-fixes). - drm/amd/display: disable DPP RCG before DPP CLK enable (stable-fixes). - drm/amd/display: avoid reset DTBCLK at clock init (stable-fixes). - commit c2e115d ++++ kernel-rt: - Input: cros_ec_keyb - fix an invalid memory access (stable-fixes). - Input: goodix - add support for ACPI ID GDIX1003 (stable-fixes). - drm/xe: Prevent BIT() overflow when handling invalid prefetch region (git-fixes). - drm/amdgpu: Skip emit de meta data on gfx11 with rs64 enabled (stable-fixes). - drm/amd: Skip power ungate during suspend for VPE (stable-fixes). - drm/radeon: delete radeon_fence_process in is_signaled, no deadlock (stable-fixes). - drm/amd/display: Fix pbn to kbps Conversion (stable-fixes). - drm/amd/display: Clear the CUR_ENABLE register on DCN20 on DPP5 (stable-fixes). - drm/amd/display: Increase DPCD read retries (stable-fixes). - drm/amd/display: Move sleep into each retry for retrieve_link_cap() (stable-fixes). - drm/amd/display: Prevent Gating DTBCLK before It Is Properly Latched (git-fixes). - drm/i915/dp_mst: Disable Panel Replay (git-fixes). - drm/amdgpu: fix gpu page fault after hibernation on PF passthrough (stable-fixes). - drm/amd/display: Insert dccg log for easy debug (stable-fixes). - drm/amd/display: disable DPP RCG before DPP CLK enable (stable-fixes). - drm/amd/display: avoid reset DTBCLK at clock init (stable-fixes). - commit c2e115d ------------------------------------------------------------------ ------------------ 2025-12-1 - Dec 1 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - NFS4: Fix state renewals missing after boot (git-fixes). - commit a5ed3d2 - NFS: check if suid/sgid was cleared after a write as needed (git-fixes). - commit dd862cb - simplify nfs_atomic_open_v23() (git-fixes). - commit 4eb518c - exfat: fix improper check of dentry.stream.valid_size (git-fixes). - commit 7c2b843 - cramfs: Verify inode mode when loading from disk (git-fixes). - commit 7bbff69 - rpm/mkspec: Exclude azure from kernel-syms dependencies Similar to rt azure was initially a separate kernel variant, and not all KMPs are built for it. kernel-azure-devel should be included as explicit build depedency to get a KMP for this kernel flavor. - commit c174e9b - Refresh patches.suse/wifi-iwlwifi-Add-missing-firmware-info-for-bz-b0-mod.patch. Fix backport for 6.12. Upstream's IWL_BZ_UCODE_CORE_MAX has to be changed to 6.12's IWL_BZ_UCODE_API_MAX. Otherwise we get the fw strings like: "firmware" "=" "iwlwifi-bz-b0-fm-c0" "-" "IWL_BZ_UCODE_CORE_MAX" ".ucode"; instead of upstream's: "firmware" "=" "iwlwifi-bz-b0-fm-c0" "-c" "99" ".ucode"; - commit 0609d52 ++++ kernel-rt: - NFS4: Fix state renewals missing after boot (git-fixes). - commit a5ed3d2 - NFS: check if suid/sgid was cleared after a write as needed (git-fixes). - commit dd862cb - simplify nfs_atomic_open_v23() (git-fixes). - commit 4eb518c - exfat: fix improper check of dentry.stream.valid_size (git-fixes). - commit 7c2b843 - cramfs: Verify inode mode when loading from disk (git-fixes). - commit 7bbff69 - rpm/mkspec: Exclude azure from kernel-syms dependencies Similar to rt azure was initially a separate kernel variant, and not all KMPs are built for it. kernel-azure-devel should be included as explicit build depedency to get a KMP for this kernel flavor. - commit c174e9b - Refresh patches.suse/wifi-iwlwifi-Add-missing-firmware-info-for-bz-b0-mod.patch. Fix backport for 6.12. Upstream's IWL_BZ_UCODE_CORE_MAX has to be changed to 6.12's IWL_BZ_UCODE_API_MAX. Otherwise we get the fw strings like: "firmware" "=" "iwlwifi-bz-b0-fm-c0" "-" "IWL_BZ_UCODE_CORE_MAX" ".ucode"; instead of upstream's: "firmware" "=" "iwlwifi-bz-b0-fm-c0" "-c" "99" ".ucode"; - commit 0609d52 ------------------------------------------------------------------ ------------------ 2025-11-29 - Nov 29 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - spi: nxp-fspi: Propagate fwnode in ACPI case as well (git-fixes). - spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors (git-fixes). - spi: bcm63xx: fix premature CS deassertion on RX-only transactions (git-fixes). - regulator: rtq2208: Correct LDO2 logic judgment bits (git-fixes). - regulator: rtq2208: Correct buck group2 phase mapping logic (git-fixes). - firmware: stratix10-svc: fix bug in saving controller data (git-fixes). - iio: st_lsm6dsx: Fixed calibrated timestamp calculation (git-fixes). - iio: humditiy: hdc3020: fix units for thresholds and hysteresis (git-fixes). - iio: humditiy: hdc3020: fix units for temperature and humidity measurement (git-fixes). - iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields (git-fixes). - iio: accel: fix ADXL355 startup race condition (git-fixes). - iio:common:ssp_sensors: Fix an error handling path ssp_probe() (git-fixes). - iio: adc: ad7280a: fix ad7280_store_balance_timer() (git-fixes). - iio: adc: stm32-dfsdm: fix st,adc-alt-channel property handling (git-fixes). - iio: adc: rtq6056: Correct the sign bit index (git-fixes). - most: usb: fix double free on late probe failure (git-fixes). - slimbus: ngd: Fix reference count leak in qcom_slim_ngd_notify_slaves (git-fixes). - serial: amba-pl011: prefer dma_mapping_error() over explicit address checking (git-fixes). - usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable() errors (git-fixes). - USB: storage: Remove subclass and protocol overrides from Novatek quirk (git-fixes). - usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (git-fixes). - usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths (git-fixes). - usb: typec: ucsi: psy: Set max current to zero when disconnected (git-fixes). - usb: gadget: f_eem: Fix memory leak in eem_unwrap (git-fixes). - drivers/usb/dwc3: fix PCI parent check (git-fixes). - usb: storage: Fix memory leak in USB bulk transport (git-fixes). - xhci: fix stale flag preventig URBs after link state error is cleared (git-fixes). - usb: cdns3: Fix double resource release in cdns3_pci_probe (git-fixes). - usb: renesas_usbhs: Fix synchronous external abort on unbind (git-fixes). - mailbox: mtk-cmdq: Refine DMA address handling for the command buffer (git-fixes). - mailbox: mailbox-test: Fix debugfs_create_dir error checking (git-fixes). - mmc: sdhci-of-dwcmshc: Promote the th1520 reset handling to ip level (git-fixes). - drm/xe: Fix conversion from clock ticks to milliseconds (git-fixes). - drm: sti: fix device leaks at component probe (git-fixes). - drm/amdgpu: fix cyan_skillfish2 gpu info fw handling (git-fixes). - Revert "drm/amd/display: Move setup_stream_attribute" (stable-fixes). - commit ded5020 - net: dlink: handle copy_thresh allocation failure (CVE-2025-40053 bsc#1252808) - commit 243bc04 ++++ kernel-rt: - spi: nxp-fspi: Propagate fwnode in ACPI case as well (git-fixes). - spi: amlogic-spifc-a1: Handle devm_pm_runtime_enable() errors (git-fixes). - spi: bcm63xx: fix premature CS deassertion on RX-only transactions (git-fixes). - regulator: rtq2208: Correct LDO2 logic judgment bits (git-fixes). - regulator: rtq2208: Correct buck group2 phase mapping logic (git-fixes). - firmware: stratix10-svc: fix bug in saving controller data (git-fixes). - iio: st_lsm6dsx: Fixed calibrated timestamp calculation (git-fixes). - iio: humditiy: hdc3020: fix units for thresholds and hysteresis (git-fixes). - iio: humditiy: hdc3020: fix units for temperature and humidity measurement (git-fixes). - iio: imu: st_lsm6dsx: fix array size for st_lsm6dsx_settings fields (git-fixes). - iio: accel: fix ADXL355 startup race condition (git-fixes). - iio:common:ssp_sensors: Fix an error handling path ssp_probe() (git-fixes). - iio: adc: ad7280a: fix ad7280_store_balance_timer() (git-fixes). - iio: adc: stm32-dfsdm: fix st,adc-alt-channel property handling (git-fixes). - iio: adc: rtq6056: Correct the sign bit index (git-fixes). - most: usb: fix double free on late probe failure (git-fixes). - slimbus: ngd: Fix reference count leak in qcom_slim_ngd_notify_slaves (git-fixes). - serial: amba-pl011: prefer dma_mapping_error() over explicit address checking (git-fixes). - usb: gadget: renesas_usbf: Handle devm_pm_runtime_enable() errors (git-fixes). - USB: storage: Remove subclass and protocol overrides from Novatek quirk (git-fixes). - usb: uas: fix urb unmapping issue when the uas device is remove during ongoing data transfer (git-fixes). - usb: dwc3: Fix race condition between concurrent dwc3_remove_requests() call paths (git-fixes). - usb: typec: ucsi: psy: Set max current to zero when disconnected (git-fixes). - usb: gadget: f_eem: Fix memory leak in eem_unwrap (git-fixes). - drivers/usb/dwc3: fix PCI parent check (git-fixes). - usb: storage: Fix memory leak in USB bulk transport (git-fixes). - xhci: fix stale flag preventig URBs after link state error is cleared (git-fixes). - usb: cdns3: Fix double resource release in cdns3_pci_probe (git-fixes). - usb: renesas_usbhs: Fix synchronous external abort on unbind (git-fixes). - mailbox: mtk-cmdq: Refine DMA address handling for the command buffer (git-fixes). - mailbox: mailbox-test: Fix debugfs_create_dir error checking (git-fixes). - mmc: sdhci-of-dwcmshc: Promote the th1520 reset handling to ip level (git-fixes). - drm/xe: Fix conversion from clock ticks to milliseconds (git-fixes). - drm: sti: fix device leaks at component probe (git-fixes). - drm/amdgpu: fix cyan_skillfish2 gpu info fw handling (git-fixes). - Revert "drm/amd/display: Move setup_stream_attribute" (stable-fixes). - commit ded5020 - net: dlink: handle copy_thresh allocation failure (CVE-2025-40053 bsc#1252808) - commit 243bc04 ------------------------------------------------------------------ ------------------ 2025-11-28 - Nov 28 2025 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 059+suse.703.g9c695861: * fix(kernel-modules-extra): remove stray \ before / (bsc#1253029) ++++ haproxy: - VUL-0: CVE-2025-11230: haproxy: issue in the mjson JSON decoder leads to excessive resource consumption when processing numbers with large exponents (bsc#1250983) Add upstream patch: 0001-BUG-CRITICAL-mjson-fix-possible-DoS-when-parsing-num.patch ++++ kernel-default: - pid: Add a judgment for ns null in pid_nr_ns (CVE-2025-40178 bsc#1253463) - commit 63794eb - wifi: mt76: mt7925: refine the txpower initialization flow (bsc#1254315). - wifi: mt76: mt7925: add pci restore for hibernate (bsc#1254315). - wifi: mt76: mt7925: extend MCU support for testmode (bsc#1254315). - wifi: mt76: mt7925: Fix logical vs bitwise typo (bsc#1254315). - wifi: mt76: mt7925: fix missing hdr_trans_tlv command for broadcast wtbl (bsc#1254315). - wifi: mt76: mt7925: update the channel usage when the regd domain changed (bsc#1254315). - wifi: mt76: mt7925: add EHT control support based on the CLC data (bsc#1254315). - commit b3a65bc - wifi: mt76: mt7925: Simplify HIF suspend handling to avoid suspend fail (bsc#1254315). - wifi: mt76: mt7925: Remove unnecessary if-check (bsc#1254315). - wifi: mt76: mt7925e: fix too long of wifi resume time (bsc#1254315). - wifi: mt76: mt7925: add handler to hif suspend/resume event (bsc#1254315). - wifi: mt76: mt7925: fix CLC command timeout when suspend/resume (bsc#1254315). - wifi: mt76: mt7925: fix the unfinished command of regd_notifier before suspend (bsc#1254315). - commit 7d10c9c - wifi: mt76: do not add wcid entries to sta poll list during MCU reset (bsc#1254315). - wifi: mt76: mt7925: replace zero-length array with flexible-array member (bsc#1254315). - wifi: mt76: mt7925: config the dwell time by firmware (bsc#1254315). - wifi: mt76: introduce mt792x_config_mac_addr_list routine (bsc#1254315). - commit 0881cd3 - can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header (git-fixes). - can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs (git-fixes). - can: sja1000: fix max irq loop handling (git-fixes). - can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (git-fixes). - net: phy: mxl-gpy: fix link properties on USXGMII and internal PHYs (git-fixes). - atm/fore200e: Fix possible data race in fore200e_open() (git-fixes). - Bluetooth: SMP: Fix not generating mackey and ltk when repairing (git-fixes). - Bluetooth: btusb: mediatek: Avoid btusb_mtk_claim_iso_intf() NULL deref (git-fixes). - Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (git-fixes). - Bluetooth: hci_core: Fix triggering cmd_timer for HCI_OP_NOP (git-fixes). - net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY (git-fixes). - platform/x86: intel: punit_ipc: fix memory corruption (git-fixes). - atm: idt77252: Add missing `dma_map_error()` (stable-fixes). - commit d903713 - powercap: intel_rapl: Add support for Panther Lake platform (jsc#PED-13949). - commit ec5339a ++++ kernel-rt: - pid: Add a judgment for ns null in pid_nr_ns (CVE-2025-40178 bsc#1253463) - commit 63794eb - wifi: mt76: mt7925: refine the txpower initialization flow (bsc#1254315). - wifi: mt76: mt7925: add pci restore for hibernate (bsc#1254315). - wifi: mt76: mt7925: extend MCU support for testmode (bsc#1254315). - wifi: mt76: mt7925: Fix logical vs bitwise typo (bsc#1254315). - wifi: mt76: mt7925: fix missing hdr_trans_tlv command for broadcast wtbl (bsc#1254315). - wifi: mt76: mt7925: update the channel usage when the regd domain changed (bsc#1254315). - wifi: mt76: mt7925: add EHT control support based on the CLC data (bsc#1254315). - commit b3a65bc - wifi: mt76: mt7925: Simplify HIF suspend handling to avoid suspend fail (bsc#1254315). - wifi: mt76: mt7925: Remove unnecessary if-check (bsc#1254315). - wifi: mt76: mt7925e: fix too long of wifi resume time (bsc#1254315). - wifi: mt76: mt7925: add handler to hif suspend/resume event (bsc#1254315). - wifi: mt76: mt7925: fix CLC command timeout when suspend/resume (bsc#1254315). - wifi: mt76: mt7925: fix the unfinished command of regd_notifier before suspend (bsc#1254315). - commit 7d10c9c - wifi: mt76: do not add wcid entries to sta poll list during MCU reset (bsc#1254315). - wifi: mt76: mt7925: replace zero-length array with flexible-array member (bsc#1254315). - wifi: mt76: mt7925: config the dwell time by firmware (bsc#1254315). - wifi: mt76: introduce mt792x_config_mac_addr_list routine (bsc#1254315). - commit 0881cd3 - can: sun4i_can: sun4i_can_interrupt(): fix max irq loop handling (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing data (git-fixes). - can: gs_usb: gs_usb_receive_bulk_callback(): check actual_length before accessing header (git-fixes). - can: gs_usb: gs_usb_xmit_callback(): fix handling of failed transmitted URBs (git-fixes). - can: sja1000: fix max irq loop handling (git-fixes). - can: kvaser_usb: leaf: Fix potential infinite loop in command parsers (git-fixes). - net: phy: mxl-gpy: fix link properties on USXGMII and internal PHYs (git-fixes). - atm/fore200e: Fix possible data race in fore200e_open() (git-fixes). - Bluetooth: SMP: Fix not generating mackey and ltk when repairing (git-fixes). - Bluetooth: btusb: mediatek: Avoid btusb_mtk_claim_iso_intf() NULL deref (git-fixes). - Bluetooth: hci_sock: Prevent race in socket write iter and sock bind (git-fixes). - Bluetooth: hci_core: Fix triggering cmd_timer for HCI_OP_NOP (git-fixes). - net: phy: mxl-gpy: fix bogus error on USXGMII and integrated PHY (git-fixes). - platform/x86: intel: punit_ipc: fix memory corruption (git-fixes). - atm: idt77252: Add missing `dma_map_error()` (stable-fixes). - commit d903713 - powercap: intel_rapl: Add support for Panther Lake platform (jsc#PED-13949). - commit ec5339a ++++ libpng16: - security update - added patches CVE-2025-64505 [bsc#1254157], heap buffer over-read in `png_do_quantize` via malformed palette index * libpng16-CVE-2025-64505.patch CVE-2025-64506 [bsc#1254158], heap buffer over-read in `png_write_image_8bit` with 8-bit input and `convert_to_8bit` enabled * libpng16-CVE-2025-64506.patch CVE-2025-64720 [bsc#1254159], buffer overflow in `png_image_read_composite` via incorrect palette premultiplication * libpng16-CVE-2025-64720.patch CVE-2025-65018 [bsc#1254160], heap buffer overflow in `png_combine_row` triggered via `png_image_finish_read` * libpng16-CVE-2025-65018.patch ++++ runc: - Update to runc v1.3.4. Upstream changelog is available from . bsc#1254362 ------------------------------------------------------------------ ------------------ 2025-11-27 - Nov 27 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (CVE-2025-40033 bsc#1252824) - commit 1f94f0d - dm: fix NULL pointer dereference in __dm_suspend() (CVE-2025-40134 bsc#1253386) - commit 58ac2ab - dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386) - commit b6bae55 - KVM: arm64: Prevent access to vCPU events before init (CVE-2025-40102 bsc#1252919) - commit 4b4bc9f - perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (CVE-2025-40081 bsc#1252776) - commit 81815d3 - Add dtb-spacemit SpacemiT boards include MilkV-Jupiter, Banana Pi F3 and Orange Pi RV2. - commit f2f396d - scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119). - scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119). - scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119). - scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119). - scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119). - scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119). - scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119). - scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119). - scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119). - scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119). - commit 35bb962 - dm error: mark as DM_TARGET_PASSES_INTEGRITY (git-fixes). - commit 2430a06 - nvmet-auth: update sc_c in target host hash calculation (git-fixes). - nvmet-auth: update sc_c in host response (git-fixes bsc#1249397). - nvme: Use non zero KATO for persistent discovery connections (git-fixes). - commit 6cc3f67 - dm-raid: don't set io_min and io_opt for raid1 (git-fixes). - commit 0efc26c - dm-integrity: limit MAX_TAG_SIZE to 255 (git-fixes). - commit 403c124 - s390/mm: Fix __ptep_rdp() inline assembly (bsc#1253643). - commit 0584e20 - KVM: s390: kABI backport for 'last_sleep_cpu' (bsc#1252352). - KVM: s390: improve interrupt cpu for wakeup (bsc#1235463). - commit 772f945 - kABI workaround for bpf: Enforce expected_attach_type for tailcall compatibility (CVE-2025-40123 bsc#1253365). - commit 71b6940 - ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes). - commit cab7bbf - selftests/bpf: Add test case for different expected_attach_type (CVE-2025-40123 bsc#1253365). - bpf: Enforce expected_attach_type for tailcall compatibility (CVE-2025-40123 bsc#1253365). - commit 9fe957a - sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1248792). - commit 64c9f81 - sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1248792). - commit 315148b - Delete patches.suse/sched-Skip-useless-sched_balance_running-acquisition-if-load-balance-is-not-due.patch. Will be replaced by final upstream version. - commit 0df2b8e ++++ kernel-rt: - remoteproc: pru: Fix potential NULL pointer dereference in pru_rproc_set_ctable() (CVE-2025-40033 bsc#1252824) - commit 1f94f0d - dm: fix NULL pointer dereference in __dm_suspend() (CVE-2025-40134 bsc#1253386) - commit 58ac2ab - dm: fix queue start/stop imbalance under suspend/load/resume races (bsc#1253386) - commit b6bae55 - KVM: arm64: Prevent access to vCPU events before init (CVE-2025-40102 bsc#1252919) - commit 4b4bc9f - perf: arm_spe: Prevent overflow in PERF_IDX2OFF() (CVE-2025-40081 bsc#1252776) - commit 81815d3 - Add dtb-spacemit SpacemiT boards include MilkV-Jupiter, Banana Pi F3 and Orange Pi RV2. - commit f2f396d - scsi: lpfc: Update lpfc version to 14.4.0.12 (bsc#1254119). - scsi: lpfc: Add capability to register Platform Name ID to fabric (bsc#1254119). - scsi: lpfc: Allow support for BB credit recovery in point-to-point topology (bsc#1254119). - scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (bsc#1254119). - scsi: lpfc: Modify kref handling for Fabric Controller ndlps (bsc#1254119). - scsi: lpfc: Fix leaked ndlp krefs when in point-to-point topology (bsc#1254119). - scsi: lpfc: Ensure unregistration of rpis for received PLOGIs (bsc#1254119). - scsi: lpfc: Remove redundant NULL ptr assignment in lpfc_els_free_iocb() (bsc#1254119). - scsi: lpfc: Revise discovery related function headers and comments (bsc#1254119). - scsi: lpfc: Update various NPIV diagnostic log messaging (bsc#1254119). - commit 35bb962 - dm error: mark as DM_TARGET_PASSES_INTEGRITY (git-fixes). - commit 2430a06 - nvmet-auth: update sc_c in target host hash calculation (git-fixes). - nvmet-auth: update sc_c in host response (git-fixes bsc#1249397). - nvme: Use non zero KATO for persistent discovery connections (git-fixes). - commit 6cc3f67 - dm-raid: don't set io_min and io_opt for raid1 (git-fixes). - commit 0efc26c - dm-integrity: limit MAX_TAG_SIZE to 255 (git-fixes). - commit 403c124 - s390/mm: Fix __ptep_rdp() inline assembly (bsc#1253643). - commit 0584e20 - KVM: s390: kABI backport for 'last_sleep_cpu' (bsc#1252352). - KVM: s390: improve interrupt cpu for wakeup (bsc#1235463). - commit 772f945 - kABI workaround for bpf: Enforce expected_attach_type for tailcall compatibility (CVE-2025-40123 bsc#1253365). - commit 71b6940 - ALSA: usb-audio: fix uac2 clock source at terminal parser (git-fixes). - commit cab7bbf - selftests/bpf: Add test case for different expected_attach_type (CVE-2025-40123 bsc#1253365). - bpf: Enforce expected_attach_type for tailcall compatibility (CVE-2025-40123 bsc#1253365). - commit 9fe957a - sched/fair: Have SD_SERIALIZE affect newidle balancing (bsc#1248792). - commit 64c9f81 - sched/fair: Skip sched_balance_running cmpxchg when balance is not due (bsc#1248792). - commit 315148b - Delete patches.suse/sched-Skip-useless-sched_balance_running-acquisition-if-load-balance-is-not-due.patch. Will be replaced by final upstream version. - commit 0df2b8e ++++ suse-module-tools: - Update to version 16.0.63: * 80-hotplug-cpu-mem.rules: remount tmpfs on "online" uevents (bsc#1254264) * udev: use systemd service to remount tmpfs (bsc#1253679) ------------------------------------------------------------------ ------------------ 2025-11-26 - Nov 26 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - vhost: Take a reference on the task in struct vhost_task (CVE-2025-40024 bsc#1252686) - commit b3a75c3 - net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work (CVE-2025-40003 bsc#1252301) - commit 0fea05a - fbnic: Move phylink resume out of service_task and into open/close (CVE-2025-39831 bsc#1249977) - commit bfb2b64 - ipv6: use RCU in ip6_output() (CVE-2025-40158 bsc#1253402). - commit e408492 - ipv6: use RCU in ip6_xmit() (CVE-2025-40135 bsc#1253342). - commit 7761cf8 - Delete patches.suse/sched-fair-Get-rid-of-sched_domains_curr_level-hack-for-tl-cpumask.patch. patches.suse/sched-topology-Refinement-to-topology_span_sane-speedup.patch. patches.suse/sched-topology-improve-topology_span_sane-speed.patch. (bsc#1246843) - commit cbe4772 - tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (CVE-2025-40149 bsc#1253355). - commit 952ca78 - mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable() (CVE-2025-40133 bsc#1253328). - mptcp: Call dst_release() in mptcp_active_enable() (CVE-2025-40133 bsc#1253328). - commit 995c058 - sched/fair: Get rid of sched_domains_curr_level hack for tl->cpumask() (bsc#1246843). - x86/smpboot: avoid SMT domain attach/destroy if SMT is not enabled (bsc#1246843). - x86/smpboot: moves x86_topology to static initialize and truncate (bsc#1246843). - x86/smpboot: remove redundant CONFIG_SCHED_SMT (bsc#1246843). - smpboot: introduce SDTL_INIT() helper to tidy sched topology setup (bsc#1246843). - commit ce47c32 - smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (CVE-2025-40168 bsc#1253427). - commit 53c7932 - smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (CVE-2025-40139 bsc#1253409). - commit e1e0529 - smc: Fix use-after-free in __pnet_find_base_ndev() (CVE-2025-40064 bsc#1252845). - commit 186d68e - tcp_metrics: use dst_dev_net_rcu() (CVE-2025-40075 bsc#1252795). - commit 771932c - Update patches.suse/ALSA-pcm-Disable-bottom-softirqs-as-part-of-spin_loc.patch (git-fixes CVE-2025-40142 bsc#1253348). - Update patches.suse/ASoC-Intel-bytcr_rt5640-Fix-invalid-quirk-input-mapp.patch (git-fixes CVE-2025-40154 bsc#1253431). - Update patches.suse/ASoC-Intel-bytcr_rt5651-Fix-invalid-quirk-input-mapp.patch (git-fixes CVE-2025-40121 bsc#1253367). - Update patches.suse/ASoC-Intel-sof_sdw-Prevent-jump-to-NULL-add_sidecar-.patch (git-fixes CVE-2025-40132 bsc#1253330). - Update patches.suse/ASoC-amd-sdw_utils-avoid-NULL-deref-when-devm_kaspri.patch (git-fixes CVE-2025-40162 bsc#1253422). - Update patches.suse/Bluetooth-ISO-Fix-possible-UAF-on-iso_conn_free.patch (git-fixes CVE-2025-40141 bsc#1253352). - Update patches.suse/PM-devfreq-mtk-cci-Fix-potential-error-pointer-deref.patch (git-fixes CVE-2025-40156 bsc#1253428). - Update patches.suse/Revert-ipmi-fix-msg-stack-when-IPMI-is-disconnected.patch (stable-fixes CVE-2025-40192 bsc#1253622). - Update patches.suse/Squashfs-reject-negative-file-sizes-in-squashfs_read_inode.patch (git-fixes CVE-2025-40200 bsc#1253448). - Update patches.suse/accel-qaic-Fix-bootlog-initialization-ordering.patch (git-fixes CVE-2025-40177 bsc#1253443). - Update patches.suse/accel-qaic-Treat-remaining-0-as-error-in-find_and_ma.patch (git-fixes CVE-2025-40172 bsc#1253424). - Update patches.suse/bpf-Fix-metadata_dst-leak-__bpf_redirect_neigh_v-4-6.patch (git-fixes CVE-2025-40183 bsc#1253441). - Update patches.suse/btrfs-avoid-potential-out-of-bounds-in-btrfs_encode_.patch (git-fixes CVE-2025-40205 bsc#1253456). - Update patches.suse/can-hi311x-fix-null-pointer-dereference-when-resumin.patch (stable-fixes CVE-2025-40107 bsc#1253018). - Update patches.suse/cpufreq-intel_pstate-Fix-object-lifecycle-issue-in-update_qos_request.patch (git-fixes CVE-2025-40194 bsc#1253445). - Update patches.suse/crypto-rng-Ensure-set_ent-is-always-present.patch (git-fixes CVE-2025-40109 bsc#1253176). - Update patches.suse/drm-vmwgfx-Fix-Use-after-free-in-validation.patch (git-fixes CVE-2025-40111 bsc#1253362). - Update patches.suse/drm-vmwgfx-Fix-a-null-ptr-access-in-the-cursor-snoop.patch (git-fixes CVE-2025-40110 bsc#1253275). - Update patches.suse/drm-xe-guc-Check-GuC-running-state-before-deregister.patch (git-fixes CVE-2025-40166 bsc#1253433). - Update patches.suse/ext4-avoid-potential-buffer-over-read-in-parse_apply.patch (git-fixes CVE-2025-40198 bsc#1253453). - Update patches.suse/fs-quota-create-dedicated-workqueue-for-quota_releas.patch (git-fixes CVE-2025-40196 bsc#1253624). - Update patches.suse/hwrng-ks-sa-fix-division-by-zero-in-ks_sa_rng_init.patch (git-fixes CVE-2025-40127 bsc#1253369). - Update patches.suse/ipmi-Rework-user-message-limit-handling.patch (git-fixes CVE-2025-40202 bsc#1253451). - Update patches.suse/mailbox-zynqmp-ipi-Fix-SGI-cleanup-on-unbind.patch (git-fixes CVE-2025-40161 bsc#1253410). - Update patches.suse/mailbox-zynqmp-ipi-Fix-out-of-bounds-access-in-mailb.patch (git-fixes CVE-2025-40180 bsc#1253440). - Update patches.suse/media-mc-Clear-minor-number-before-put-device.patch (git-fixes CVE-2025-40197 bsc#1253450). - Update patches.suse/media-nxp-imx8-isi-m2m-Fix-streaming-cleanup-on-rele.patch (git-fixes CVE-2025-40165 bsc#1253405). - Update patches.suse/media-v4l2-subdev-Fix-alloc-failure-check-in-v4l2_su.patch (git-fixes CVE-2025-40207 bsc#1253395). - Update patches.suse/net-sctp-fix-a-null-dereference-in-sctp_disposition-.patch (git-fixes CVE-2025-40187 bsc#1253647). - Update patches.suse/net-usb-Remove-disruptive-netif_wake_queue-in-rtl815.patch (git-fixes CVE-2025-40140 bsc#1253349). - Update patches.suse/net-usb-asix-hold-PM-usage-ref-to-avoid-PM-MDIO-RTNL.patch (git-fixes CVE-2025-40120 bsc#1253360). - Update patches.suse/nvmet-fc-move-lsop-put-work-to-nvmet_fc_ls_req_op.patch (bsc#1245193 bsc#1247500 CVE-2025-40171 bsc#1253412). - Update patches.suse/pwm-berlin-Fix-wrong-register-in-suspend-resume.patch (git-fixes CVE-2025-40188 bsc#1253449). - Update patches.suse/scsi-mpt3sas-Fix-crash-in-transport-port-remove-by-using-i.patch (git-fixes CVE-2025-40115 bsc#1253318). - Update patches.suse/scsi-pm80xx-Fix-array-index-out-of-of-bounds-on-rmmod.patch (git-fixes CVE-2025-40118 bsc#1253363). - Update patches.suse/sctp-Fix-MAC-comparison-to-be-constant-time.patch (git-fixes CVE-2025-40204 bsc#1253436). - Update patches.suse/sunrpc-fix-null-pointer-dereference-on-zero-length-checksum.patch (git-fixes CVE-2025-40129 bsc#1253472). - Update patches.suse/tcp-Don-t-call-reqsk_fastopen_remove-in-tcp_conn_request.patch (git-fixes CVE-2025-40186 bsc#1253438). - Update patches.suse/usb-host-max3421-hcd-Fix-error-pointer-dereference-i.patch (git-fixes CVE-2025-40116 bsc#1253324). - Update patches.suse/usbnet-Fix-using-smp_processor_id-in-preemptible-cod.patch (git-fixes CVE-2025-40164 bsc#1253407). - commit 6d826bc - iommu/amd/pgtbl: Fix possible race while increase page table level (bsc#1251817 CVE-2025-39961). - commit 1eb24e4 - Fix "drm/xe: Don't allow evicting of BOs in same VM in array of VM binds" (bsc#1252923) Fix the following compiler warning: * no semicolon at end of struct or union in ../drivers/gpu/drm/xe/xe_vm_types.h In file included from ../drivers/gpu/drm/xe/xe_bb.c:16:0: ../drivers/gpu/drm/xe/xe_vm_types.h:393:1: warning: no semicolon at end of struct or union - drm/xe: Don't allow evicting of BOs in same VM in array of VM binds (bsc#1252923 CVE-2025-40086) - commit 89cd9fa ++++ kernel-rt: - vhost: Take a reference on the task in struct vhost_task (CVE-2025-40024 bsc#1252686) - commit b3a75c3 - net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work (CVE-2025-40003 bsc#1252301) - commit 0fea05a - fbnic: Move phylink resume out of service_task and into open/close (CVE-2025-39831 bsc#1249977) - commit bfb2b64 - ipv6: use RCU in ip6_output() (CVE-2025-40158 bsc#1253402). - commit e408492 - ipv6: use RCU in ip6_xmit() (CVE-2025-40135 bsc#1253342). - commit 7761cf8 - Delete patches.suse/sched-fair-Get-rid-of-sched_domains_curr_level-hack-for-tl-cpumask.patch. patches.suse/sched-topology-Refinement-to-topology_span_sane-speedup.patch. patches.suse/sched-topology-improve-topology_span_sane-speed.patch. (bsc#1246843) - commit cbe4772 - tls: Use __sk_dst_get() and dst_dev_rcu() in get_netdev_for_sock() (CVE-2025-40149 bsc#1253355). - commit 952ca78 - mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable() (CVE-2025-40133 bsc#1253328). - mptcp: Call dst_release() in mptcp_active_enable() (CVE-2025-40133 bsc#1253328). - commit 995c058 - sched/fair: Get rid of sched_domains_curr_level hack for tl->cpumask() (bsc#1246843). - x86/smpboot: avoid SMT domain attach/destroy if SMT is not enabled (bsc#1246843). - x86/smpboot: moves x86_topology to static initialize and truncate (bsc#1246843). - x86/smpboot: remove redundant CONFIG_SCHED_SMT (bsc#1246843). - smpboot: introduce SDTL_INIT() helper to tidy sched topology setup (bsc#1246843). - commit ce47c32 - smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match() (CVE-2025-40168 bsc#1253427). - commit 53c7932 - smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set() (CVE-2025-40139 bsc#1253409). - commit e1e0529 - smc: Fix use-after-free in __pnet_find_base_ndev() (CVE-2025-40064 bsc#1252845). - commit 186d68e - tcp_metrics: use dst_dev_net_rcu() (CVE-2025-40075 bsc#1252795). - commit 771932c - Update patches.suse/ALSA-pcm-Disable-bottom-softirqs-as-part-of-spin_loc.patch (git-fixes CVE-2025-40142 bsc#1253348). - Update patches.suse/ASoC-Intel-bytcr_rt5640-Fix-invalid-quirk-input-mapp.patch (git-fixes CVE-2025-40154 bsc#1253431). - Update patches.suse/ASoC-Intel-bytcr_rt5651-Fix-invalid-quirk-input-mapp.patch (git-fixes CVE-2025-40121 bsc#1253367). - Update patches.suse/ASoC-Intel-sof_sdw-Prevent-jump-to-NULL-add_sidecar-.patch (git-fixes CVE-2025-40132 bsc#1253330). - Update patches.suse/ASoC-amd-sdw_utils-avoid-NULL-deref-when-devm_kaspri.patch (git-fixes CVE-2025-40162 bsc#1253422). - Update patches.suse/Bluetooth-ISO-Fix-possible-UAF-on-iso_conn_free.patch (git-fixes CVE-2025-40141 bsc#1253352). - Update patches.suse/PM-devfreq-mtk-cci-Fix-potential-error-pointer-deref.patch (git-fixes CVE-2025-40156 bsc#1253428). - Update patches.suse/Revert-ipmi-fix-msg-stack-when-IPMI-is-disconnected.patch (stable-fixes CVE-2025-40192 bsc#1253622). - Update patches.suse/Squashfs-reject-negative-file-sizes-in-squashfs_read_inode.patch (git-fixes CVE-2025-40200 bsc#1253448). - Update patches.suse/accel-qaic-Fix-bootlog-initialization-ordering.patch (git-fixes CVE-2025-40177 bsc#1253443). - Update patches.suse/accel-qaic-Treat-remaining-0-as-error-in-find_and_ma.patch (git-fixes CVE-2025-40172 bsc#1253424). - Update patches.suse/bpf-Fix-metadata_dst-leak-__bpf_redirect_neigh_v-4-6.patch (git-fixes CVE-2025-40183 bsc#1253441). - Update patches.suse/btrfs-avoid-potential-out-of-bounds-in-btrfs_encode_.patch (git-fixes CVE-2025-40205 bsc#1253456). - Update patches.suse/can-hi311x-fix-null-pointer-dereference-when-resumin.patch (stable-fixes CVE-2025-40107 bsc#1253018). - Update patches.suse/cpufreq-intel_pstate-Fix-object-lifecycle-issue-in-update_qos_request.patch (git-fixes CVE-2025-40194 bsc#1253445). - Update patches.suse/crypto-rng-Ensure-set_ent-is-always-present.patch (git-fixes CVE-2025-40109 bsc#1253176). - Update patches.suse/drm-vmwgfx-Fix-Use-after-free-in-validation.patch (git-fixes CVE-2025-40111 bsc#1253362). - Update patches.suse/drm-vmwgfx-Fix-a-null-ptr-access-in-the-cursor-snoop.patch (git-fixes CVE-2025-40110 bsc#1253275). - Update patches.suse/drm-xe-guc-Check-GuC-running-state-before-deregister.patch (git-fixes CVE-2025-40166 bsc#1253433). - Update patches.suse/ext4-avoid-potential-buffer-over-read-in-parse_apply.patch (git-fixes CVE-2025-40198 bsc#1253453). - Update patches.suse/fs-quota-create-dedicated-workqueue-for-quota_releas.patch (git-fixes CVE-2025-40196 bsc#1253624). - Update patches.suse/hwrng-ks-sa-fix-division-by-zero-in-ks_sa_rng_init.patch (git-fixes CVE-2025-40127 bsc#1253369). - Update patches.suse/ipmi-Rework-user-message-limit-handling.patch (git-fixes CVE-2025-40202 bsc#1253451). - Update patches.suse/mailbox-zynqmp-ipi-Fix-SGI-cleanup-on-unbind.patch (git-fixes CVE-2025-40161 bsc#1253410). - Update patches.suse/mailbox-zynqmp-ipi-Fix-out-of-bounds-access-in-mailb.patch (git-fixes CVE-2025-40180 bsc#1253440). - Update patches.suse/media-mc-Clear-minor-number-before-put-device.patch (git-fixes CVE-2025-40197 bsc#1253450). - Update patches.suse/media-nxp-imx8-isi-m2m-Fix-streaming-cleanup-on-rele.patch (git-fixes CVE-2025-40165 bsc#1253405). - Update patches.suse/media-v4l2-subdev-Fix-alloc-failure-check-in-v4l2_su.patch (git-fixes CVE-2025-40207 bsc#1253395). - Update patches.suse/net-sctp-fix-a-null-dereference-in-sctp_disposition-.patch (git-fixes CVE-2025-40187 bsc#1253647). - Update patches.suse/net-usb-Remove-disruptive-netif_wake_queue-in-rtl815.patch (git-fixes CVE-2025-40140 bsc#1253349). - Update patches.suse/net-usb-asix-hold-PM-usage-ref-to-avoid-PM-MDIO-RTNL.patch (git-fixes CVE-2025-40120 bsc#1253360). - Update patches.suse/nvmet-fc-move-lsop-put-work-to-nvmet_fc_ls_req_op.patch (bsc#1245193 bsc#1247500 CVE-2025-40171 bsc#1253412). - Update patches.suse/pwm-berlin-Fix-wrong-register-in-suspend-resume.patch (git-fixes CVE-2025-40188 bsc#1253449). - Update patches.suse/scsi-mpt3sas-Fix-crash-in-transport-port-remove-by-using-i.patch (git-fixes CVE-2025-40115 bsc#1253318). - Update patches.suse/scsi-pm80xx-Fix-array-index-out-of-of-bounds-on-rmmod.patch (git-fixes CVE-2025-40118 bsc#1253363). - Update patches.suse/sctp-Fix-MAC-comparison-to-be-constant-time.patch (git-fixes CVE-2025-40204 bsc#1253436). - Update patches.suse/sunrpc-fix-null-pointer-dereference-on-zero-length-checksum.patch (git-fixes CVE-2025-40129 bsc#1253472). - Update patches.suse/tcp-Don-t-call-reqsk_fastopen_remove-in-tcp_conn_request.patch (git-fixes CVE-2025-40186 bsc#1253438). - Update patches.suse/usb-host-max3421-hcd-Fix-error-pointer-dereference-i.patch (git-fixes CVE-2025-40116 bsc#1253324). - Update patches.suse/usbnet-Fix-using-smp_processor_id-in-preemptible-cod.patch (git-fixes CVE-2025-40164 bsc#1253407). - commit 6d826bc - iommu/amd/pgtbl: Fix possible race while increase page table level (bsc#1251817 CVE-2025-39961). - commit 1eb24e4 - Fix "drm/xe: Don't allow evicting of BOs in same VM in array of VM binds" (bsc#1252923) Fix the following compiler warning: * no semicolon at end of struct or union in ../drivers/gpu/drm/xe/xe_vm_types.h In file included from ../drivers/gpu/drm/xe/xe_bb.c:16:0: ../drivers/gpu/drm/xe/xe_vm_types.h:393:1: warning: no semicolon at end of struct or union - drm/xe: Don't allow evicting of BOs in same VM in array of VM binds (bsc#1252923 CVE-2025-40086) - commit 89cd9fa ++++ openvswitch: - Update OVN to 25.03.1 * Bug fixes - Update Openvswitch to 3.5.2 * Bug fixes ++++ salt: - Add minimum_auth_version to enforce security (CVE-2025-62349) - Backport security fixes for vendored tornado * BDSA-2024-3438 * BDSA-2024-3439 * BDSA-2024-9026 - Junos module yaml loader fix (CVE-2025-62348) - Added: * backport-3006.17-security-fixes-739.patch ++++ zypp-plugin: - Fix link to libzypp plugins documentation: https://opensuse.github.io/libzypp/zypp-plugins.html - version 0.6.6 ------------------------------------------------------------------ ------------------ 2025-11-25 - Nov 25 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ipv4: start using dst_dev_rcu() (CVE-2025-40074 bsc#1252794). - commit 6cfda9e - kabi: hide dst_entry::dev_rcu (CVE-2025-40074 bsc#1252794). - commit fdd7887 - net: dst: introduce dst->dev_rcu (CVE-2025-40074 bsc#1252794). - commit 13867db - net: Add locking to protect skb->dev access in ip_output (CVE-2025-40074 bsc#1252794). - commit 2cdabe8 - ipv6: ip6_mc_input() and ip6_mr_input() cleanups (CVE-2025-40074 bsc#1252794). - commit fa3386d - ipv6: adopt skb_dst_dev() and skb_dst_dev_net[_rcu]() helpers (CVE-2025-40074 bsc#1252794). - commit c2db144 - ipv6: adopt dst_dev() helper (CVE-2025-40074 bsc#1252794). - refresh patches.suse/net-ip6_tunnel-Prevent-perpetual-tunnel-growth.patch - commit c4ea44a - ipv4: adopt dst_dev, skb_dst_dev and skb_dst_dev_net[_rcu] (CVE-2025-40074 bsc#1252794). - commit 84f2b83 - net: dst: add four helpers to annotate data-races around dst->dev (CVE-2025-40074 bsc#1252794). - commit 641c10d - net: dst: annotate data-races around dst->output (CVE-2025-40074 bsc#1252794). - commit 0a67853 - net: dst: annotate data-races around dst->input (CVE-2025-40074 bsc#1252794). - commit bc1bb03 - net: dst: annotate data-races around dst->lastuse (CVE-2025-40074 bsc#1252794). - commit c73e633 - net: dst: annotate data-races around dst->expires (CVE-2025-40074 bsc#1252794). - commit 036fc25 - net: dst: annotate data-races around dst->obsolete (CVE-2025-40074 bsc#1252794). - commit e91bc82 - net: ipv4: ipmr: ipmr_queue_xmit(): Drop local variable `dev' (CVE-2025-40074 bsc#1252794). - commit b5b015d - net: gro: convert four dev_net() calls (CVE-2025-40074 bsc#1252794). - commit be8aee4 - tcp: convert to dev_net_rcu() (CVE-2025-40074 bsc#1252794). - commit 20ab1af - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (stable-fixes). - commit d8feafd - selftests/run_kselftest.sh: Add `--skip` argument option (bsc#1254221). - commit 8ddf4e6 - rpm/kernel-obs-build.spec.in: Add xt_addrtype module for docker Needed by docker meanwhile. - commit 1cd2f7d - wifi: ath11k: Add quirk entries for Thinkpad T14s Gen3 AMD (bsc#1254181). - commit 74b4608 - drm/amdkfd: relax checks for over allocation of save area (stable-fixes). - drm/amdgpu: disable peer-to-peer access for DCC-enabled GC12 VRAM surfaces (stable-fixes). - net: phy: micrel: lan8814 fix reset of the QSGMII interface (git-fixes). - drm/xe: Do clean shutdown also when using flr (git-fixes). - drm/xe: Move declarations under conditional branch (stable-fixes). - wifi: mac80211: use wiphy_hrtimer_work for csa.switch_work (git-fixes). - wifi: cfg80211: add an hrtimer based delayed work item (stable-fixes). - HID: logitech-hidpp: Add HIDPP_QUIRK_RESET_HI_RES_SCROLL (stable-fixes). - HID: nintendo: Wait longer for initial probe (stable-fixes). - HID: quirks: Add ALWAYS_POLL quirk for VRS R295 steering wheel (stable-fixes). - HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (stable-fixes). - ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (stable-fixes). - ALSA: hda: Fix missing pointer check in hda_component_manager_init function (git-fixes). - drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices (stable-fixes). - drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (stable-fixes). - drm/amdgpu: remove two invalid BUG_ON()s (stable-fixes). - drm/amd/pm: Disable MCLK switching on SI at high pixel clocks (stable-fixes). - net: phy: micrel: Fix lan8814_config_init (git-fixes). - net: phy: micrel: Replace hardcoded pages with defines (stable-fixes). - net: phy: micrel: Introduce lanphy_modify_page_reg (stable-fixes). - ktime: Add us_to_ktime() (stable-fixes). - commit bf8b937 - selftests/bpf: Fix flaky bpf_cookie selftest (git-fixes). - commit 49e49bc ++++ kernel-rt: - ipv4: start using dst_dev_rcu() (CVE-2025-40074 bsc#1252794). - commit 6cfda9e - kabi: hide dst_entry::dev_rcu (CVE-2025-40074 bsc#1252794). - commit fdd7887 - net: dst: introduce dst->dev_rcu (CVE-2025-40074 bsc#1252794). - commit 13867db - net: Add locking to protect skb->dev access in ip_output (CVE-2025-40074 bsc#1252794). - commit 2cdabe8 - ipv6: ip6_mc_input() and ip6_mr_input() cleanups (CVE-2025-40074 bsc#1252794). - commit fa3386d - ipv6: adopt skb_dst_dev() and skb_dst_dev_net[_rcu]() helpers (CVE-2025-40074 bsc#1252794). - commit c2db144 - ipv6: adopt dst_dev() helper (CVE-2025-40074 bsc#1252794). - refresh patches.suse/net-ip6_tunnel-Prevent-perpetual-tunnel-growth.patch - commit c4ea44a - ipv4: adopt dst_dev, skb_dst_dev and skb_dst_dev_net[_rcu] (CVE-2025-40074 bsc#1252794). - commit 84f2b83 - net: dst: add four helpers to annotate data-races around dst->dev (CVE-2025-40074 bsc#1252794). - commit 641c10d - net: dst: annotate data-races around dst->output (CVE-2025-40074 bsc#1252794). - commit 0a67853 - net: dst: annotate data-races around dst->input (CVE-2025-40074 bsc#1252794). - commit bc1bb03 - net: dst: annotate data-races around dst->lastuse (CVE-2025-40074 bsc#1252794). - commit c73e633 - net: dst: annotate data-races around dst->expires (CVE-2025-40074 bsc#1252794). - commit 036fc25 - net: dst: annotate data-races around dst->obsolete (CVE-2025-40074 bsc#1252794). - commit e91bc82 - net: ipv4: ipmr: ipmr_queue_xmit(): Drop local variable `dev' (CVE-2025-40074 bsc#1252794). - commit b5b015d - net: gro: convert four dev_net() calls (CVE-2025-40074 bsc#1252794). - commit be8aee4 - tcp: convert to dev_net_rcu() (CVE-2025-40074 bsc#1252794). - commit 20ab1af - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer (stable-fixes). - commit d8feafd - selftests/run_kselftest.sh: Add `--skip` argument option (bsc#1254221). - commit 8ddf4e6 - rpm/kernel-obs-build.spec.in: Add xt_addrtype module for docker Needed by docker meanwhile. - commit 1cd2f7d - wifi: ath11k: Add quirk entries for Thinkpad T14s Gen3 AMD (bsc#1254181). - commit 74b4608 - drm/amdkfd: relax checks for over allocation of save area (stable-fixes). - drm/amdgpu: disable peer-to-peer access for DCC-enabled GC12 VRAM surfaces (stable-fixes). - net: phy: micrel: lan8814 fix reset of the QSGMII interface (git-fixes). - drm/xe: Do clean shutdown also when using flr (git-fixes). - drm/xe: Move declarations under conditional branch (stable-fixes). - wifi: mac80211: use wiphy_hrtimer_work for csa.switch_work (git-fixes). - wifi: cfg80211: add an hrtimer based delayed work item (stable-fixes). - HID: logitech-hidpp: Add HIDPP_QUIRK_RESET_HI_RES_SCROLL (stable-fixes). - HID: nintendo: Wait longer for initial probe (stable-fixes). - HID: quirks: Add ALWAYS_POLL quirk for VRS R295 steering wheel (stable-fixes). - HID: quirks: avoid Cooler Master MM712 dongle wakeup bug (stable-fixes). - ASoC: max98090/91: fixed max98091 ALSA widget powering up/down (stable-fixes). - ALSA: hda: Fix missing pointer check in hda_component_manager_init function (git-fixes). - drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices (stable-fixes). - drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM (stable-fixes). - drm/amdgpu: remove two invalid BUG_ON()s (stable-fixes). - drm/amd/pm: Disable MCLK switching on SI at high pixel clocks (stable-fixes). - net: phy: micrel: Fix lan8814_config_init (git-fixes). - net: phy: micrel: Replace hardcoded pages with defines (stable-fixes). - net: phy: micrel: Introduce lanphy_modify_page_reg (stable-fixes). - ktime: Add us_to_ktime() (stable-fixes). - commit bf8b937 - selftests/bpf: Fix flaky bpf_cookie selftest (git-fixes). - commit 49e49bc ------------------------------------------------------------------ ------------------ 2025-11-24 - Nov 24 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Delete workflows conflicting with upstream ++++ kernel-default: - kernel-binary: Only skip brp-strip when debuginfo is enabled Fixes: 4fc8f912b4f2 ("kernel-binary: Do not change debuginfo config during build") - commit cd9963e - USB: serial: option: add Telit FN920C04 ECM compositions (stable-fixes). - USB: serial: option: add Quectel RG255C (stable-fixes). - commit b1c03da - octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (CVE-2025-39944 bsc#1251120) - commit d80dc54 - ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (CVE-2025-39859 bsc#1250252) - commit 6972595 - net: macb: fix unregister_netdev call order in macb_remove() (CVE-2025-39805 bsc#1249982) - commit 41ae930 - listmount: don't call path_put() under namespace semaphore (CVE-2025-40203 bsc#1253457) - commit 47742e9 - Disable CONFIG_CPU5_WDT The cpu5wdt driver doesn't implement a proper watchdog interface and has many code issues. It only handles obscure and obsolete hardware. Stop building and supporting this driver (jsc#PED-14062). - commit 97992f4 - idpf: fix possible vport_config NULL pointer deref in remove (git-fixes). - ice: ice_adapter: release xa entry on adapter allocation failure (CVE-2025-40185 bsc#1253394). - Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" (git-fixes). - net: stmmac: est: Drop frames causing HLBS error (git-fixes). - net/mlx5e: Don't query FEC statistics when FEC is disabled (git-fixes). - net: intel: fm10k: Fix parameter idx set but not used (git-fixes). - net: ethernet: microchip: sparx5: make it selectable for ARCH_LAN969X (git-fixes). - eth: 8139too: Make 8139TOO_PIO depend on !NO_IOPORT_MAP (git-fixes). - net: dsa: felix: support phy-mode = "10g-qxgmii" (git-fixes). - idpf: do not linearize big TSO packets (git-fixes). - bnxt_en: Add Hyper-V VF ID (git-fixes). - net: stmmac: Correctly handle Rx checksum offload errors (git-fixes). - Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" (git-fixes). - net: sfp: add quirk for FLYPRO copper SFP+ module (git-fixes). - commit a9efe5e - net/ip6_tunnel: Prevent perpetual tunnel growth (CVE-2025-40173 bsc#1253421). - commit aef1404 - net/smc: Remove validation of reserved bits in CLC Decline (bsc#1252357). - commit e959d95 - kernel-binary: Support building gendwarfksyms on SLE/Leap 15 - commit 940a186 - btrfs: do not clear read-only when adding sprout device (bsc#1253238). - commit 33d1fad ++++ kernel-rt: - kernel-binary: Only skip brp-strip when debuginfo is enabled Fixes: 4fc8f912b4f2 ("kernel-binary: Do not change debuginfo config during build") - commit cd9963e - USB: serial: option: add Telit FN920C04 ECM compositions (stable-fixes). - USB: serial: option: add Quectel RG255C (stable-fixes). - commit b1c03da - octeontx2-pf: Fix use-after-free bugs in otx2_sync_tstamp() (CVE-2025-39944 bsc#1251120) - commit d80dc54 - ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog (CVE-2025-39859 bsc#1250252) - commit 6972595 - net: macb: fix unregister_netdev call order in macb_remove() (CVE-2025-39805 bsc#1249982) - commit 41ae930 - listmount: don't call path_put() under namespace semaphore (CVE-2025-40203 bsc#1253457) - commit 47742e9 - Disable CONFIG_CPU5_WDT The cpu5wdt driver doesn't implement a proper watchdog interface and has many code issues. It only handles obscure and obsolete hardware. Stop building and supporting this driver (jsc#PED-14062). - commit 97992f4 - idpf: fix possible vport_config NULL pointer deref in remove (git-fixes). - ice: ice_adapter: release xa entry on adapter allocation failure (CVE-2025-40185 bsc#1253394). - Revert "net/mlx5e: Update and set Xon/Xoff upon MTU set" (git-fixes). - net: stmmac: est: Drop frames causing HLBS error (git-fixes). - net/mlx5e: Don't query FEC statistics when FEC is disabled (git-fixes). - net: intel: fm10k: Fix parameter idx set but not used (git-fixes). - net: ethernet: microchip: sparx5: make it selectable for ARCH_LAN969X (git-fixes). - eth: 8139too: Make 8139TOO_PIO depend on !NO_IOPORT_MAP (git-fixes). - net: dsa: felix: support phy-mode = "10g-qxgmii" (git-fixes). - idpf: do not linearize big TSO packets (git-fixes). - bnxt_en: Add Hyper-V VF ID (git-fixes). - net: stmmac: Correctly handle Rx checksum offload errors (git-fixes). - Revert "net/mlx5e: Update and set Xon/Xoff upon port speed set" (git-fixes). - net: sfp: add quirk for FLYPRO copper SFP+ module (git-fixes). - commit a9efe5e - net/ip6_tunnel: Prevent perpetual tunnel growth (CVE-2025-40173 bsc#1253421). - commit aef1404 - net/smc: Remove validation of reserved bits in CLC Decline (bsc#1252357). - commit e959d95 - kernel-binary: Support building gendwarfksyms on SLE/Leap 15 - commit 940a186 - btrfs: do not clear read-only when adding sprout device (bsc#1253238). - commit 33d1fad ------------------------------------------------------------------ ------------------ 2025-11-23 - Nov 23 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Input: imx_sc_key - fix memory corruption on unload (git-fixes). - Input: pegasus-notetaker - fix potential out-of-bounds access (git-fixes). - commit ca4fb1e - scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (CVE-2025-40001 bsc#1252303). - commit 73f1aad ++++ kernel-rt: - Input: imx_sc_key - fix memory corruption on unload (git-fixes). - Input: pegasus-notetaker - fix potential out-of-bounds access (git-fixes). - commit ca4fb1e - scsi: mvsas: Fix use-after-free bugs in mvs_work_queue (CVE-2025-40001 bsc#1252303). - commit 73f1aad ------------------------------------------------------------------ ------------------ 2025-11-22 - Nov 22 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ata: libata-scsi: Add missing scsi_device_put() in ata_scsi_dev_rescan() (git-fixes). - pinctrl: s32cc: initialize gpio_pin_config::list after kmalloc() (git-fixes). - pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc (git-fixes). - pinctrl: cirrus: Fix fwnode leak in cs42l43_pin_probe() (git-fixes). - pinctrl: realtek: Select REGMAP_MMIO for RTD driver (git-fixes). - drm/xe: Remove duplicate DRM_EXEC selection from Kconfig (git-fixes). - nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot (git-fixes). - Revert "drm/tegra: dsi: Clear enable register if powered by bootloader" (git-fixes). - drm/tegra: Add call to put_pid() (git-fixes). - drm/tegra: dc: Fix reference leak in tegra_dc_couple() (git-fixes). - commit 30ae56a ++++ kernel-rt: - ata: libata-scsi: Add missing scsi_device_put() in ata_scsi_dev_rescan() (git-fixes). - pinctrl: s32cc: initialize gpio_pin_config::list after kmalloc() (git-fixes). - pinctrl: s32cc: fix uninitialized memory in s32_pinctrl_desc (git-fixes). - pinctrl: cirrus: Fix fwnode leak in cs42l43_pin_probe() (git-fixes). - pinctrl: realtek: Select REGMAP_MMIO for RTD driver (git-fixes). - drm/xe: Remove duplicate DRM_EXEC selection from Kconfig (git-fixes). - nouveau/firmware: Add missing kfree() of nvkm_falcon_fw::boot (git-fixes). - Revert "drm/tegra: dsi: Clear enable register if powered by bootloader" (git-fixes). - drm/tegra: Add call to put_pid() (git-fixes). - drm/tegra: dc: Fix reference leak in tegra_dc_couple() (git-fixes). - commit 30ae56a ------------------------------------------------------------------ ------------------ 2025-11-21 - Nov 21 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - tls: wait for pending async decryptions if tls_strp_msg_hold fails (CVE-2025-40176 bsc#1253425). - commit c156a2c - platform/x86/intel/speed_select_if: Convert PCIBIOS_* return codes to errnos (git-fixes). - platform/x86: msi-wmi-platform: Fix typo in WMI GUID (git-fixes). - platform/x86: msi-wmi-platform: Only load on MSI devices (git-fixes). - commit a00f5ce ++++ kernel-rt: - tls: wait for pending async decryptions if tls_strp_msg_hold fails (CVE-2025-40176 bsc#1253425). - commit c156a2c - platform/x86/intel/speed_select_if: Convert PCIBIOS_* return codes to errnos (git-fixes). - platform/x86: msi-wmi-platform: Fix typo in WMI GUID (git-fixes). - platform/x86: msi-wmi-platform: Only load on MSI devices (git-fixes). - commit a00f5ce ++++ libmicrohttpd: - Fix for the following bugs: * bsc#1253177 CVE-2025-59777 * bsc#1253178 CVE-2025-62689 - Add patch: * CVE-2025-59777.patch * this same patch fixes both CVEs * git commit ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b ------------------------------------------------------------------ ------------------ 2025-11-20 - Nov 20 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - vfs: Don't leak disconnected dentries on umount (CVE-2025-40105 bsc#1252928). - commit 9ec7356 - tee: fix register_shm_helper() (CVE-2025-40031 bsc#1252779). - commit b6c7c1f - HID: uclogic: Fix potential memory leak in error path (git-fixes). - HID: playstation: Fix memory leak in dualshock4_get_calibration_data() (git-fixes). - HID: hid-ntrig: Prevent memory leak in ntrig_report_version() (git-fixes). - HID: amd_sfh: Stop sensor before starting (git-fixes). - HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (git-fixes). - commit 1cc7637 ++++ kernel-rt: - vfs: Don't leak disconnected dentries on umount (CVE-2025-40105 bsc#1252928). - commit 9ec7356 - tee: fix register_shm_helper() (CVE-2025-40031 bsc#1252779). - commit b6c7c1f - HID: uclogic: Fix potential memory leak in error path (git-fixes). - HID: playstation: Fix memory leak in dualshock4_get_calibration_data() (git-fixes). - HID: hid-ntrig: Prevent memory leak in ntrig_report_version() (git-fixes). - HID: amd_sfh: Stop sensor before starting (git-fixes). - HID: quirks: work around VID/PID conflict for 0x4c4a/0x4155 (git-fixes). - commit 1cc7637 ++++ mdadm: - Update to version 4.4+30.g9a59bf51: * mdcheck: work around bash 5.3 bug (bsc#1254087) ------------------------------------------------------------------ ------------------ 2025-11-19 - Nov 19 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Update SELinux module dir as macro to allow root path move from /var/lib/selinux to /etc/selinux (bsc#1221342) ++++ curl: - Security fix: [bsc#1253757, CVE-2025-11563] * curl: wcurl path traversal with percent-encoded slashes * Add curl-CVE-2025-11563.patch ++++ kernel-default: - tracing: dynevent: Add a missing lockdown check on dynevent (CVE-2025-40021 bsc#1252681). - commit fb8bc58 - Update patches.suse/netfilter-nft_objref-validate-objref-and-objrefmap-e.patch (bsc#1250237 CVE-2025-40206). Updated mainline and CVE reference and insert the series. - commit eb9ca6a - KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes). - commit b9e89cd - KVM: VMX: Fix check for valid GVA on an EPT violation (git-fixes). - commit b29274c - KVM: SVM: Initialize per-CPU svm_data at the end of hardware setup (git-fixes). - commit bf2f0c2 - KVM: x86: Don't treat ENTER and LEAVE as branches, because they aren't (git-fixes). - commit b77653d - KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 (git-fixes). - commit 16eb189 - KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest (git-fixes). - commit 1c49256 - KVM: x86: Add helper to retrieve current value of user return MSR (git-fixes). - commit cd171db - KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest (git-fixes). - commit 5727f0b - KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs (git-fixes). - commit ee1a2d6 - KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter (git-fixes). - commit d879306 - KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes). - commit a2f59ae - KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported (git-fixes). - commit 2968fd0 - KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag (git-fixes). - commit 39255f9 - s390/pci: Use pci_uevent_ers() in PCI recovery (git-fixes). - commit 0abe806 - bpf: Reject negative offsets for ALU ops (CVE-2025-40169 bsc#1253416). - commit c692c6c ++++ kernel-rt: - tracing: dynevent: Add a missing lockdown check on dynevent (CVE-2025-40021 bsc#1252681). - commit fb8bc58 - Update patches.suse/netfilter-nft_objref-validate-objref-and-objrefmap-e.patch (bsc#1250237 CVE-2025-40206). Updated mainline and CVE reference and insert the series. - commit eb9ca6a - KVM: SVM: Mark VMCB_LBR dirty when MSR_IA32_DEBUGCTLMSR is updated (git-fixes). - commit b9e89cd - KVM: VMX: Fix check for valid GVA on an EPT violation (git-fixes). - commit b29274c - KVM: SVM: Initialize per-CPU svm_data at the end of hardware setup (git-fixes). - commit bf2f0c2 - KVM: x86: Don't treat ENTER and LEAVE as branches, because they aren't (git-fixes). - commit b77653d - KVM: SVM: Emulate PERF_CNTR_GLOBAL_STATUS_SET for PerfMonV2 (git-fixes). - commit 16eb189 - KVM: SVM: Re-load current, not host, TSC_AUX on #VMEXIT from SEV-ES guest (git-fixes). - commit 1c49256 - KVM: x86: Add helper to retrieve current value of user return MSR (git-fixes). - commit cd171db - KVM: VMX: Preserve host's DEBUGCTLMSR_FREEZE_IN_SMM while running the guest (git-fixes). - commit 5727f0b - KVM: VMX: Wrap all accesses to IA32_DEBUGCTL with getter/setter APIs (git-fixes). - commit ee1a2d6 - KVM: nVMX: Check vmcs12->guest_ia32_debugctl on nested VM-Enter (git-fixes). - commit d879306 - KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes). - commit a2f59ae - KVM: VMX: Allow guest to set DEBUGCTL.RTM_DEBUG if RTM is supported (git-fixes). - commit 2968fd0 - KVM: x86: Drop kvm_x86_ops.set_dr6() in favor of a new KVM_RUN flag (git-fixes). - commit 39255f9 - s390/pci: Use pci_uevent_ers() in PCI recovery (git-fixes). - commit 0abe806 - bpf: Reject negative offsets for ALU ops (CVE-2025-40169 bsc#1253416). - commit c692c6c ++++ python313-core: - Add pass-test_write_read_limited_history.patch: Fix readline history truncation when length is reduced The `readline.set_history_length()` function did not previously truncate the in-memory history when the new length was set to a value smaller than the current number of history items. This could lead to unexpected behavior where `get_history_length()` would still report the old length and writing the history to a file would write more entries than the new limit. This patch modifies `set_history_length()` to explicitly remove the oldest history entries using `remove_history()` when the length is decreased, ensuring the in-memory history is correctly truncated to the new limit. This brings the function's behavior in line with expectations and fixes failures in `test_write_read_limited_history`. ++++ systemd: - Import commit 409c6ef1ea5cd4d11214648aabd34227aa058d79 (merge of v257.10) This merge includes the following fix: 08c1da70de timer: don't run service immediately after restart of a timer (bsc#1254563) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/aba474eeaac455ebe22b643ecdd856e5583094a1...409c6ef1ea5cd4d11214648aabd34227aa058d79 - Import commit aba474eeaac455ebe22b643ecdd856e5583094a1 aba474eeaa main: switch explicitly to tty1 on soft-reboot (bsc#1231986) a437bf2499 terminal-util: modernize vtnr_from_tty() a bit 2dbe9f5809 units: don't force the loading of the loop and dm_mod modules in systemd-repart.service (bsc#1248356) ++++ libvirt: - CVE-2025-13193: qemu: Set umask for 'qemu-img' when creating external inactive snapshots bsc#1253703 ++++ python313: - Add pass-test_write_read_limited_history.patch: Fix readline history truncation when length is reduced The `readline.set_history_length()` function did not previously truncate the in-memory history when the new length was set to a value smaller than the current number of history items. This could lead to unexpected behavior where `get_history_length()` would still report the old length and writing the history to a file would write more entries than the new limit. This patch modifies `set_history_length()` to explicitly remove the oldest history entries using `remove_history()` when the length is decreased, ensuring the in-memory history is correctly truncated to the new limit. This brings the function's behavior in line with expectations and fixes failures in `test_write_read_limited_history`. ------------------------------------------------------------------ ------------------ 2025-11-18 - Nov 18 2025 ------------------- ------------------------------------------------------------------ ++++ drbd-utils: - [SELinux] nfs_drbd: "fence-peer helper broken, returned 0" and nfs WRITE hang when power off the secondary node (bsc#1252991) * Update and rename patch - bsc-1233273_drbd.ocf-update-for-OCF-1.1.patch + bsc-1233273-1252991_drbd.ocf-update-for-OCF-1.1.patch ++++ kernel-default: - kernel-binary: Require libdw in Factory Libdw is required for gendwarfksyms - commit 0d3f66b - drm/ast: Blank with VGACR17 sync enable, always clear VGACRB6 sync off (git-fixes). - commit ec917da - ASoC: nau8821: Consistently clear interrupts before unmasking (git-fixes). - Refresh patches.suse/ASoC-nau8821-Add-DMI-quirk-to-bypass-jack-debounce-c.patch. - commit 26a2ff0 - Revert "ACPI: Suppress misleading SPCR console message when SPCR table is absent" (stable-fixes). - commit d03b19b - thunderbolt: Increase DPRX capabilities read timeout (git-fixes). - commit 555764d - thermal/drivers/mediatek/lvts: Disable low offset IRQ for minimum threshold (git-fixes). - Refresh patches.suse/thermal-drivers-mediatek-lvts-Start-sensor-interrupt.patch. - commit 3c59e7d - tty: serial: ip22zilog: Use platform device for probing (stable-fixes). - tty: serial: uartlite: register uart driver in init (stable-fixes). - commit 31331ea - wifi: rtw89: avoid possible TX wait initialization race (git-fixes). - commit 1cf0319 - PM: EM: Fix late boot with holes in CPU topology (git-fixes). - PM: EM: Move CPU capacity check to em_adjust_new_capacity() (stable-fixes). - PM: EM: Slightly reduce em_check_capacity_update() overhead (stable-fixes). - PM: EM: Drop unused parameter from em_adjust_new_capacity() (stable-fixes). - commit e9cac92 - platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (stable-fixes). - commit cbe0445 - mei: me: add wildcat lake P DID (stable-fixes). - pinctrl: check the return value of pinmux_ops::get_function_name() (stable-fixes). - commit 1b746a1 - media: mc: Clear minor number before put device (git-fixes). - media: verisilicon: Explicitly disable selection api ioctls for decoders (stable-fixes). - media: nxp: imx8-isi: m2m: Fix streaming cleanup on release (git-fixes). - commit c31f158 - kasan: fix GCC mem-intrinsic prefix with sw tags (git-fixes). - commit 3652fcf - ipmi: Fix handling of messages with provided receive message pointer (git-fixes). - commit a67a65e - ipmi: Rework user message limit handling (git-fixes). - Revert "ipmi: fix msg stack when IPMI is disconnected" (stable-fixes). - commit 15ee836 - Input: atmel_mxt_ts - allow reset GPIO to sleep (stable-fixes). - HID: simplify snto32() (stable-fixes). - commit 5536114 - HID: multitouch: fix sticky fingers (git-fixes). - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (git-fixes). - commit 7b1353d - drm/xe: Do not wake device during a GT reset (git-fixes). - drm/exynos: exynos7_drm_decon: remove ctx->suspended (git-fixes). - drm/msm/a6xx: Fix PDC sleep sequence (git-fixes). - commit 5296d1a - drm/amdgpu: Fix function header names in amdgpu_connectors.c (git-fixes). - drm/xe/guc: Add more GuC load error status codes (stable-fixes). - drm/amdgpu: Respect max pixel clock for HDMI and DVI-D (v2) (stable-fixes). - drm/amdgpu: Fix unintended error log in VCN5_0_0 (git-fixes). - commit 6c1d83f - drm/amdgpu: Check vcn sram load return value (stable-fixes). - commit 2a00bb4 - ASoC: codecs: wcd937x: make stub functions inline (git-fixes). - ASoC: codecs: wcd937x: set the comp soundwire port correctly (git-fixes). - ASoC: rsnd: adjust convert rate limitation (stable-fixes). - ASoC: rsnd: don't indicate warning on rsnd_kctrl_accept_runtime() (stable-fixes). - ASoC: rsnd: indicate unsupported clock rate (stable-fixes). - ASoC: renesas: rz-ssi: Add a check for negative sample_space (git-fixes). - ASoC: renesas: rz-ssi: Use only the proper amount of dividers (git-fixes). - ASoC: renesas: rz-ssi: Terminate all the DMA transactions (git-fixes). - commit 8a0b029 - ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes). - commit 97a0d09 - ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes). - commit 2423cdd - ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes). - Refresh patches.suse/ALSA-hda-Apply-volume-control-on-speaker-lineout-for.patch. - Refresh patches.suse/ALSA-hda-realtek-Add-quirk-for-Asus-GU605C.patch. - Refresh patches.suse/ALSA-hda-realtek-Fix-built-in-mic-on-ASUS-VivoBook-X.patch. - Refresh patches.suse/ALSA-hda-realtek-Support-mute-led-function-for-HP-pl.patch. - commit 652c005 - ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3247 (stable-fixes). - Refresh patches.suse/ALSA-hda-Apply-volume-control-on-speaker-lineout-for.patch. - Refresh patches.suse/ALSA-hda-realtek-Support-mute-led-function-for-HP-pl.patch. - commit 431b8c2 - ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3315 (stable-fixes). - Refresh patches.suse/ALSA-hda-Apply-volume-control-on-speaker-lineout-for.patch. - Refresh patches.suse/ALSA-hda-realtek-Add-mute-LED-support-for-HP-Victus--ce174b4.patch. - Refresh patches.suse/ALSA-hda-realtek-Add-quirk-for-Asus-GU605C.patch. - Refresh patches.suse/ALSA-hda-realtek-Fix-built-in-mic-on-ASUS-VivoBook-X.patch. - Refresh patches.suse/ALSA-hda-realtek-Support-mute-led-function-for-HP-pl.patch. - commit 4bc4bb8 - Refresh patches.suse/sched-fair-Enable-scheduler-feature-NEXT_BUDDY.patch. patches.suse/sched-fair-Reimplement-NEXT_BUDDY-to-align-with-EEVDF-goals.patch. Replace out-of-tree patches with upstream - commit 05723b9 - mtd: onenand: Pass correct pointer to IRQ handler (git-fixes). - mtd: rawnand: cadence: fix DMA device NULL pointer dereference (git-fixes). - mtdchar: fix integer overflow in read/write ioctls (git-fixes). - commit 9e717e0 - Update config files: enable zstd module decompression (jsc#PED-14115). Enable in-kernel decompression for modules compressed with zstd. This allows kmod to load these modules using the finit_module syscall, which provides better detection of idempotent modules compared to init_module. Additionally, it enables module loading with tools that do not natively support zstd decompression, such as busybox. - commit f0effe5 - ring-buffer: Update pages_touched to reflect persistent buffer content (git-fixes). - commit b413c4a - tracing: Have the error of __tracing_resize_ring_buffer() passed to user (git-fixes). - commit 780aa09 - ring-buffer: Unlock resize on mmap error (git-fixes). - commit cfd3a65 - tracing: gfp: Fix the GFP enum values shown for user space tracing tools (git-fixes). - commit 825ad23 - uprobes: Fix race in uprobe_free_utask (git-fixes). - commit 8b6b5fb - usb: acpi: fix device link removal (git-fixes). - commit 1f93244 - [PATCH] usb: hub: Fix flushing of delayed work used for post resume purposes (git-fixes). - commit 0d77330 ++++ kernel-rt: - kernel-binary: Require libdw in Factory Libdw is required for gendwarfksyms - commit 0d3f66b - drm/ast: Blank with VGACR17 sync enable, always clear VGACRB6 sync off (git-fixes). - commit ec917da - ASoC: nau8821: Consistently clear interrupts before unmasking (git-fixes). - Refresh patches.suse/ASoC-nau8821-Add-DMI-quirk-to-bypass-jack-debounce-c.patch. - commit 26a2ff0 - Revert "ACPI: Suppress misleading SPCR console message when SPCR table is absent" (stable-fixes). - commit d03b19b - thunderbolt: Increase DPRX capabilities read timeout (git-fixes). - commit 555764d - thermal/drivers/mediatek/lvts: Disable low offset IRQ for minimum threshold (git-fixes). - Refresh patches.suse/thermal-drivers-mediatek-lvts-Start-sensor-interrupt.patch. - commit 3c59e7d - tty: serial: ip22zilog: Use platform device for probing (stable-fixes). - tty: serial: uartlite: register uart driver in init (stable-fixes). - commit 31331ea - wifi: rtw89: avoid possible TX wait initialization race (git-fixes). - commit 1cf0319 - PM: EM: Fix late boot with holes in CPU topology (git-fixes). - PM: EM: Move CPU capacity check to em_adjust_new_capacity() (stable-fixes). - PM: EM: Slightly reduce em_check_capacity_update() overhead (stable-fixes). - PM: EM: Drop unused parameter from em_adjust_new_capacity() (stable-fixes). - commit e9cac92 - platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (stable-fixes). - commit cbe0445 - mei: me: add wildcat lake P DID (stable-fixes). - pinctrl: check the return value of pinmux_ops::get_function_name() (stable-fixes). - commit 1b746a1 - media: mc: Clear minor number before put device (git-fixes). - media: verisilicon: Explicitly disable selection api ioctls for decoders (stable-fixes). - media: nxp: imx8-isi: m2m: Fix streaming cleanup on release (git-fixes). - commit c31f158 - kasan: fix GCC mem-intrinsic prefix with sw tags (git-fixes). - commit 3652fcf - ipmi: Fix handling of messages with provided receive message pointer (git-fixes). - commit a67a65e - ipmi: Rework user message limit handling (git-fixes). - Revert "ipmi: fix msg stack when IPMI is disconnected" (stable-fixes). - commit 15ee836 - Input: atmel_mxt_ts - allow reset GPIO to sleep (stable-fixes). - HID: simplify snto32() (stable-fixes). - commit 5536114 - HID: multitouch: fix sticky fingers (git-fixes). - efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (git-fixes). - commit 7b1353d - drm/xe: Do not wake device during a GT reset (git-fixes). - drm/exynos: exynos7_drm_decon: remove ctx->suspended (git-fixes). - drm/msm/a6xx: Fix PDC sleep sequence (git-fixes). - commit 5296d1a - drm/amdgpu: Fix function header names in amdgpu_connectors.c (git-fixes). - drm/xe/guc: Add more GuC load error status codes (stable-fixes). - drm/amdgpu: Respect max pixel clock for HDMI and DVI-D (v2) (stable-fixes). - drm/amdgpu: Fix unintended error log in VCN5_0_0 (git-fixes). - commit 6c1d83f - drm/amdgpu: Check vcn sram load return value (stable-fixes). - commit 2a00bb4 - ASoC: codecs: wcd937x: make stub functions inline (git-fixes). - ASoC: codecs: wcd937x: set the comp soundwire port correctly (git-fixes). - ASoC: rsnd: adjust convert rate limitation (stable-fixes). - ASoC: rsnd: don't indicate warning on rsnd_kctrl_accept_runtime() (stable-fixes). - ASoC: rsnd: indicate unsupported clock rate (stable-fixes). - ASoC: renesas: rz-ssi: Add a check for negative sample_space (git-fixes). - ASoC: renesas: rz-ssi: Use only the proper amount of dividers (git-fixes). - ASoC: renesas: rz-ssi: Terminate all the DMA transactions (git-fixes). - commit 8a0b029 - ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes). - commit 97a0d09 - ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes). - commit 2423cdd - ALSA: hda/realtek: Add support for various HP Laptops using CS35L41 HDA (stable-fixes). - Refresh patches.suse/ALSA-hda-Apply-volume-control-on-speaker-lineout-for.patch. - Refresh patches.suse/ALSA-hda-realtek-Add-quirk-for-Asus-GU605C.patch. - Refresh patches.suse/ALSA-hda-realtek-Fix-built-in-mic-on-ASUS-VivoBook-X.patch. - Refresh patches.suse/ALSA-hda-realtek-Support-mute-led-function-for-HP-pl.patch. - commit 652c005 - ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3247 (stable-fixes). - Refresh patches.suse/ALSA-hda-Apply-volume-control-on-speaker-lineout-for.patch. - Refresh patches.suse/ALSA-hda-realtek-Support-mute-led-function-for-HP-pl.patch. - commit 431b8c2 - ALSA: hda/realtek: fix micmute LEDs on HP Laptops with ALC3315 (stable-fixes). - Refresh patches.suse/ALSA-hda-Apply-volume-control-on-speaker-lineout-for.patch. - Refresh patches.suse/ALSA-hda-realtek-Add-mute-LED-support-for-HP-Victus--ce174b4.patch. - Refresh patches.suse/ALSA-hda-realtek-Add-quirk-for-Asus-GU605C.patch. - Refresh patches.suse/ALSA-hda-realtek-Fix-built-in-mic-on-ASUS-VivoBook-X.patch. - Refresh patches.suse/ALSA-hda-realtek-Support-mute-led-function-for-HP-pl.patch. - commit 4bc4bb8 - Refresh patches.suse/sched-fair-Enable-scheduler-feature-NEXT_BUDDY.patch. patches.suse/sched-fair-Reimplement-NEXT_BUDDY-to-align-with-EEVDF-goals.patch. Replace out-of-tree patches with upstream - commit 05723b9 - mtd: onenand: Pass correct pointer to IRQ handler (git-fixes). - mtd: rawnand: cadence: fix DMA device NULL pointer dereference (git-fixes). - mtdchar: fix integer overflow in read/write ioctls (git-fixes). - commit 9e717e0 - Update config files: enable zstd module decompression (jsc#PED-14115). Enable in-kernel decompression for modules compressed with zstd. This allows kmod to load these modules using the finit_module syscall, which provides better detection of idempotent modules compared to init_module. Additionally, it enables module loading with tools that do not natively support zstd decompression, such as busybox. - commit f0effe5 - ring-buffer: Update pages_touched to reflect persistent buffer content (git-fixes). - commit b413c4a - tracing: Have the error of __tracing_resize_ring_buffer() passed to user (git-fixes). - commit 780aa09 - ring-buffer: Unlock resize on mmap error (git-fixes). - commit cfd3a65 - tracing: gfp: Fix the GFP enum values shown for user space tracing tools (git-fixes). - commit 825ad23 - uprobes: Fix race in uprobe_free_utask (git-fixes). - commit 8b6b5fb - usb: acpi: fix device link removal (git-fixes). - commit 1f93244 - [PATCH] usb: hub: Fix flushing of delayed work used for post resume purposes (git-fixes). - commit 0d77330 ++++ libsoup: - Add libsoup-CVE-2025-12105.patch: fix use after free caused by 'finishing' queue item twice (bsc#1252555 CVE-2025-12105 glgo#GNOME/libsoup!481). - Add i586 to the list of architectures where we re-run tests; hsts-db-test is timing out there as well. ++++ sssd: - Install file in krb5.conf.d to include sssd krb5 config snippets; (bsc#1244325); - Disable Kerberos localauth an2ln plugin for AD; (CVE-2025-11561); (bsc#1251827); Add patch 0005-krb5-disable-Kerberos-localauth-an2ln-plugin-for-AD-.patch ------------------------------------------------------------------ ------------------ 2025-11-17 - Nov 17 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fixed spec file requires The package requirement for binutils was set to TW (>=1650) only but is also required for SLES16/Leap16 which is 1600 This commit fixes the condition to match with all required distributions and fixes bsc#1253637 ++++ kernel-default: - cpuidle: Fail cpuidle device registration if there is one already (stable-fixes). - commit 774b422 - cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL writes (stable-fixes). - commit 3040a19 - cpufreq: ti: Add support for AM62D2 (stable-fixes). - commit aae5dea - net/sched: sch_qfq: Fix null-deref in agg_dequeue (CVE-2025-40083 bsc#1252912). - commit db525fd - RDMA/irdma: Remove unused struct irdma_cq fields (git-fixes) Refresh: patches.suse/RDMA-irdma-Set-irdma_cq-cq_num-field-during-CQ-creat.patch - commit 2bc40c7 - usb: hub: Fix flushing of delayed work used for post resume purposes (git-fixes). - commit 568c0c7 - sched/fair: Proportional newidle balance -KABI (bsc#1248792). - commit 2a30a31 - mm/secretmem: fix use-after-free race in fault handler (git-fixes). - commit 80f400e - mm/mm_init: fix hash table order logging in alloc_large_system_hash() (git-fixes). - commit 6277246 - mm/shmem: fix THP allocation and fallback loop (git-fixes). - commit 7df97a5 - sched/fair: Proportional newidle balance (bsc#1248792). - sched/fair: Small cleanup to update_newidle_cost() (bsc#1248792). - sched/fair: Small cleanup to sched_balance_newidle() (bsc#1248792). - sched/fair: Revert max_newidle_lb_cost bump (bsc#1248792). - commit 002bf3c - usb: acpi: fix device link removal (git-fixes). - commit 7da3956 - btrfs: fix COW handling in run_delalloc_nocow() (git-fixes). - commit 3658fcf - usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm (git-fixes). - commit 0e7a64a - NFS: Fix LTP test failures when timestamps are delegated (git-fixes). - commit a27c9b1 - NFSv4: Fix an incorrect parameter when calling nfs4_call_sync() (git-fixes). - commit 88b6f1a - NFS: sysfs: fix leak when nfs_client kobject add fails (git-fixes). - commit ba849e7 - pnfs: Set transport security policy to RPC_XPRTSEC_NONE unless using TLS (git-fixes). - commit 8f818b2 - pnfs: Fix TLS logic in _nfs4_pnfs_v4_ds_connect() (git-fixes). - commit 3e16694 - usb: hub: fix detection of high tier USB3 devices behind suspended hubs (git-fixes). - commit 3b2ca74 - x86/amd_node: Fix AMD root device caching (git-fixes). - commit e237c08 - Input: atmel_mxt_ts - allow reset GPIO to sleep (git-fixes). - commit 5b233b4 - x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes). - commit a215e89 - x86/cpu: Add CPU model number for Bartlett Lake CPUs with Raptor Cove cores (git-fixes). - commit 20898eb - x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes). - commit bc02028 - x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() (git-fixes). - commit 3176c31 - x86/traps: Initialize DR7 by writing its architectural reset value (git-fixes). - commit bd0c543 - x86/bugs: Fix reporting of LFENCE retpoline (git-fixes). - commit 5ec8592 - x86/bugs: Report correct retbleed mitigation status (git-fixes). - commit af3db49 - x86/fred: Remove ENDBR64 from FRED entry points (git-fixes). - commit 25fde52 - x86/CPU/AMD: Add additional fixed RDSEED microcode revisions (git-fixes). - Refresh patches.suse/x86-CPU-AMD-Add-missing-terminator-for-zen5_rdseed_m.patch. - commit 2043e4b - x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (git-fixes). - commit 58eb355 - x86/microcode/AMD: Add more known models to entry sign checking (git-fixes). - commit c6f2391 - x86/microcode: Fix Entrysign revision check for Zen1/Naples (git-fixes). - commit 0fef111 - x86/mm: Ensure clear_page() variants always have __kcfi_typeid_ symbols (git-fixes). - commit 8353963 - x86/vmscape: Add old Intel CPUs to affected list (git-fixes). - commit ab22902 - bpf: Check the helper function is valid in get_helper_proto (CVE-2025-39990 bsc#1252054). - commit 84dd981 - xsk: Harden userspace-supplied xdp_desc validation (CVE-2025-40159 bsc#1253403). - commit bdd6de1 ++++ kernel-rt: - cpuidle: Fail cpuidle device registration if there is one already (stable-fixes). - commit 774b422 - cpufreq: intel_pstate: Check IDA only before MSR_IA32_PERF_CTL writes (stable-fixes). - commit 3040a19 - cpufreq: ti: Add support for AM62D2 (stable-fixes). - commit aae5dea - net/sched: sch_qfq: Fix null-deref in agg_dequeue (CVE-2025-40083 bsc#1252912). - commit db525fd - RDMA/irdma: Remove unused struct irdma_cq fields (git-fixes) Refresh: patches.suse/RDMA-irdma-Set-irdma_cq-cq_num-field-during-CQ-creat.patch - commit 2bc40c7 - usb: hub: Fix flushing of delayed work used for post resume purposes (git-fixes). - commit 568c0c7 - sched/fair: Proportional newidle balance -KABI (bsc#1248792). - commit 2a30a31 - mm/secretmem: fix use-after-free race in fault handler (git-fixes). - commit 80f400e - mm/mm_init: fix hash table order logging in alloc_large_system_hash() (git-fixes). - commit 6277246 - mm/shmem: fix THP allocation and fallback loop (git-fixes). - commit 7df97a5 - sched/fair: Proportional newidle balance (bsc#1248792). - sched/fair: Small cleanup to update_newidle_cost() (bsc#1248792). - sched/fair: Small cleanup to sched_balance_newidle() (bsc#1248792). - sched/fair: Revert max_newidle_lb_cost bump (bsc#1248792). - commit 002bf3c - usb: acpi: fix device link removal (git-fixes). - commit 7da3956 - btrfs: fix COW handling in run_delalloc_nocow() (git-fixes). - commit 3658fcf - usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm (git-fixes). - commit 0e7a64a - NFS: Fix LTP test failures when timestamps are delegated (git-fixes). - commit a27c9b1 - NFSv4: Fix an incorrect parameter when calling nfs4_call_sync() (git-fixes). - commit 88b6f1a - NFS: sysfs: fix leak when nfs_client kobject add fails (git-fixes). - commit ba849e7 - pnfs: Set transport security policy to RPC_XPRTSEC_NONE unless using TLS (git-fixes). - commit 8f818b2 - pnfs: Fix TLS logic in _nfs4_pnfs_v4_ds_connect() (git-fixes). - commit 3e16694 - usb: hub: fix detection of high tier USB3 devices behind suspended hubs (git-fixes). - commit 3b2ca74 - x86/amd_node: Fix AMD root device caching (git-fixes). - commit e237c08 - Input: atmel_mxt_ts - allow reset GPIO to sleep (git-fixes). - commit 5b233b4 - x86/acpi: Fix LAPIC/x2APIC parsing order (git-fixes). - commit a215e89 - x86/cpu: Add CPU model number for Bartlett Lake CPUs with Raptor Cove cores (git-fixes). - commit 20898eb - x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (git-fixes). - commit bc02028 - x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() (git-fixes). - commit 3176c31 - x86/traps: Initialize DR7 by writing its architectural reset value (git-fixes). - commit bd0c543 - x86/bugs: Fix reporting of LFENCE retpoline (git-fixes). - commit 5ec8592 - x86/bugs: Report correct retbleed mitigation status (git-fixes). - commit af3db49 - x86/fred: Remove ENDBR64 from FRED entry points (git-fixes). - commit 25fde52 - x86/CPU/AMD: Add additional fixed RDSEED microcode revisions (git-fixes). - Refresh patches.suse/x86-CPU-AMD-Add-missing-terminator-for-zen5_rdseed_m.patch. - commit 2043e4b - x86/microcode/AMD: Add Zen5 model 0x44, stepping 0x1 minrev (git-fixes). - commit 58eb355 - x86/microcode/AMD: Add more known models to entry sign checking (git-fixes). - commit c6f2391 - x86/microcode: Fix Entrysign revision check for Zen1/Naples (git-fixes). - commit 0fef111 - x86/mm: Ensure clear_page() variants always have __kcfi_typeid_ symbols (git-fixes). - commit 8353963 - x86/vmscape: Add old Intel CPUs to affected list (git-fixes). - commit ab22902 - bpf: Check the helper function is valid in get_helper_proto (CVE-2025-39990 bsc#1252054). - commit 84dd981 - xsk: Harden userspace-supplied xdp_desc validation (CVE-2025-40159 bsc#1253403). - commit bdd6de1 ------------------------------------------------------------------ ------------------ 2025-11-15 - Nov 15 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (git-fixes). - drm/amd/display: Allow VRR params change if unsynced with the stream (git-fixes). - mmc: dw_mmc-rockchip: Fix wrong internal phase calculate (git-fixes). - mmc: sdhci-of-dwcmshc: Change DLL_STRBIN_TAPNUM_DEFAULT to 0x4 (git-fixes). - acpi/hmat: Fix lockdep warning for hmem_register_resource() (git-fixes). - acpi,srat: Fix incorrect device handle check for Generic Initiator (git-fixes). - spi: Try to get ACPI GPIO IRQ earlier (git-fixes). - regulator: fixed: fix GPIO descriptor leak on register failure (git-fixes). - ASoC: tas2781: fix getting the wrong device number (git-fixes). - ASoC: codecs: va-macro: fix resource leak in probe error path (git-fixes). - ASoC: cs4271: Fix regulator leak on probe failure (git-fixes). - ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (git-fixes). - crypto: hisilicon/qm - Fix device reference leak in qm_get_qos_value (git-fixes). - commit f615b8d ++++ kernel-rt: - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (git-fixes). - drm/amd/display: Allow VRR params change if unsynced with the stream (git-fixes). - mmc: dw_mmc-rockchip: Fix wrong internal phase calculate (git-fixes). - mmc: sdhci-of-dwcmshc: Change DLL_STRBIN_TAPNUM_DEFAULT to 0x4 (git-fixes). - acpi/hmat: Fix lockdep warning for hmem_register_resource() (git-fixes). - acpi,srat: Fix incorrect device handle check for Generic Initiator (git-fixes). - spi: Try to get ACPI GPIO IRQ earlier (git-fixes). - regulator: fixed: fix GPIO descriptor leak on register failure (git-fixes). - ASoC: tas2781: fix getting the wrong device number (git-fixes). - ASoC: codecs: va-macro: fix resource leak in probe error path (git-fixes). - ASoC: cs4271: Fix regulator leak on probe failure (git-fixes). - ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd (git-fixes). - crypto: hisilicon/qm - Fix device reference leak in qm_get_qos_value (git-fixes). - commit f615b8d ++++ libvirt: - spec: Adjust dbus dependency bsc#1253642 - CVE-2025-12748: Check ACLs before parsing the whole domain XML bsc#1253278 ------------------------------------------------------------------ ------------------ 2025-11-14 - Nov 14 2025 ------------------- ------------------------------------------------------------------ ++++ drbd-utils: - Allow domtrans from kernel_t to drbd_t (bsc#1252991) * add patch - 1252991-selinux-domtrans-from-kernel.patch ++++ kernel-default: - kernel-binary: Do not change debuginfo config during build Historically when debuginfo build was disabled in OBS kernel was configured to not generate the debuginfo at all saving space during build and making the build faster. More and more kernel features depend on debuginfo, and disabling it changes the kernel significantly disabling functionality that is otherwise available and causing ABI breakage. Recently genksyms was rewritten as gendwarfksyms to support more features but requires debuginfo to operate. With that kernel builds without deuginfo are not very useful anymore. Even if rpm eventually trashes the debuginfo it needs to be always generated. - commit 4fc8f91 - bpf/selftests: Fix test_tcpnotify_user (bsc#1253635). - commit 9374c78 - drm/amd/display: Reject modes with too high pixel clock on DCE6-10 (git-fixes). - commit 5c1955e - PM: hibernate: Use atomic64_t for compressed_size variable (git-fixes). - PM: hibernate: Emit an error when image writing fails (git-fixes). - wifi: mwl8k: inject DSSS Parameter Set element into beacons if missing (git-fixes). - wifi: mac80211: skip rate verification for not captured PSDUs (git-fixes). - wifi: ath11k: zero init info->status in wmi_process_mgmt_tx_comp() (git-fixes). - wifi: mac80211: reject address change while connecting (git-fixes). - strparser: Fix signed/unsigned mismatch bug (git-fixes). - tools: ynl: fix string attribute length to include null terminator (git-fixes). - wifi: mac80211: fix key tailroom accounting leak (git-fixes). - wifi: ath11k: avoid bit operation on key flags (git-fixes). - USB: serial: option: add UNISOC UIS7720 (stable-fixes). - usb/core/quirks: Add Huawei ME906S to wakeup quirk (stable-fixes). - usb: raw-gadget: do not limit transfer length (git-fixes). - usb: xhci-pci: Fix USB2-only root hub registration (git-fixes). - rtc: pcf2127: fix watchdog interrupt mask on pcf2131 (stable-fixes). - rtc: pcf2127: clear minute/second interrupt (stable-fixes). - tools bitmap: Add missing asm-generic/bitsperlong.h include (stable-fixes). - tools: lib: thermal: don't preserve owner in install (stable-fixes). - tools: lib: thermal: use pkg-config to locate libnl3 (stable-fixes). - watchdog: s3c2410_wdt: Fix max_timeout being calculated larger (stable-fixes). - PCI: cadence: Check for the existence of cdns_pcie::ops before using it (stable-fixes). - phy: rockchip: phy-rockchip-inno-csidphy: allow writes to grf register 0 (stable-fixes). - phy: cadence: cdns-dphy: Enable lower resolutions in dphy (stable-fixes). - phy: renesas: r8a779f0-ether-serdes: add new step added to latest datasheet (stable-fixes). - thunderbolt: Use is_pciehp instead of is_hotplug_bridge (stable-fixes). - usb: xhci-pci: add support for hosts with zero USB3 ports (stable-fixes). - usb: gadget: f_fs: Fix epfile null pointer access after ep enable (stable-fixes). - usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (stable-fixes). - usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (stable-fixes). - usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget (stable-fixes). - usb: gadget: f_hid: Fix zero length packet transfer (stable-fixes). - usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (stable-fixes). - tty/vt: Add missing return value for VT_RESIZE in vt_ioctl() (stable-fixes). - tty: serial: Modify the use of dev_err_probe() (stable-fixes). - platform/x86/intel-uncore-freq: Fix warning in partitioned system (stable-fixes). - wifi: ath12k: Increase DP_REO_CMD_RING_SIZE to 256 (stable-fixes). - wifi: ath10k: Fix connection after GTK rekeying (stable-fixes). - wifi: rtw89: renew a completion for each H2C command waiting C2H event (stable-fixes). - wifi: rtw89: obtain RX path from ppdu status IE00 (stable-fixes). - wifi: rtw89: fix BSSID comparison for non-transmitted BSSID (stable-fixes). - wifi: rtw89: wow: remove notify during WoWLAN net-detect (stable-fixes). - wifi: rtw89: print just once for unknown C2H events (stable-fixes). - wifi: rtw88: sdio: use indirect IO for device registers before power-on (stable-fixes). - wifi: mac80211: Track NAN interface start/stop (stable-fixes). - wifi: mt76: mt7996: fix memory leak on mt7996_mcu_sta_key_tlv error (stable-fixes). - wifi: mt76: mt76_eeprom_override to int (stable-fixes). - wifi: mt76: mt7996: Temporarily disable EPCS (stable-fixes). - wifi: mt76: mt7921: Add 160MHz beamformee capability for mt7922 device (stable-fixes). - r8169: set EEE speed down ratio to 1 (stable-fixes). - wifi: iwlwifi: fw: Add ASUS to PPAG and TAS list (stable-fixes). - wifi: mac80211: Fix HE capabilities element check (stable-fixes). - wifi: mac80211: Fix 6 GHz Band capabilities element advertisement in lower bands (stable-fixes). - smsc911x: add second read of EEPROM mac when possible corruption seen (stable-fixes). - soc: ti: pruss: don't use %pK through printk (stable-fixes). - soc/tegra: fuse: Add Tegra114 nvmem cells and fuse lookups (stable-fixes). - soc: qcom: smem: Fix endian-unaware access of num_entries (stable-fixes). - soc: aspeed: socinfo: Add AST27xx silicon IDs (stable-fixes). - thermal: intel: selftests: workload_hint: Mask unsupported types (stable-fixes). - thermal: gov_step_wise: Allow cooling level to be reduced earlier (stable-fixes). - tools/cpupower: Fix incorrect size in cpuidle_state_disable() (stable-fixes). - tools/cpupower: fix error return value in cpupower_write_sysfs() (stable-fixes). - tools/power x86_energy_perf_policy: Prefer driver HWP limits (stable-fixes). - tools/power x86_energy_perf_policy: Enhance HWP enable (stable-fixes). - tools/power x86_energy_perf_policy: Fix incorrect fopen mode usage (stable-fixes). - pinctrl: keembay: release allocated memory in detach path (stable-fixes). - pinctrl: single: fix bias pull up/down handling in pin_config_set (stable-fixes). - power: supply: qcom_battmgr: handle charging state change notifications (stable-fixes). - power: supply: sbs-charger: Support multiple devices (stable-fixes). - power: supply: qcom_battmgr: add OOI chemistry (stable-fixes). - video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (stable-fixes). - spi: rpc-if: Add resume support for RZ/G3E (stable-fixes). - spi: loopback-test: Don't use %pK through printk (stable-fixes). - pwm: pca9685: Use bulk write to atomicially update registers (stable-fixes). - wifi: mac80211: don't mark keys for inactive links as uploaded (stable-fixes). - wifi: ath11k: add support for MU EDCA (stable-fixes). - commit 0ec6ab7 - net: wwan: t7xx: add support for HP DRMR-H01 (stable-fixes). - PCI: imx6: Enable the Vaux supply if available (stable-fixes). - PCI: dwc: Verify the single eDMA IRQ in dw_pcie_edma_irq_verify() (stable-fixes). - PCI: endpoint: pci-epf-test: Limit PCIe BAR size for fixed BARs (stable-fixes). - PCI/PM: Skip resuming to D0 if device is disconnected (stable-fixes). - PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (stable-fixes). - PCI: Disable MSI on RDC PCI to PCIe bridges (stable-fixes). - PCI/ERR: Update device error_state already after reset (stable-fixes). - net: phy: clear link parameters on admin link down (stable-fixes). - net: phy: marvell: Fix 88e1510 downshift counter errata (stable-fixes). - net: phy: fixed_phy: let fixed_phy_unregister free the phy_device (stable-fixes). - mfd: intel-lpss: Add Intel Wildcat Lake LPSS PCI IDs (stable-fixes). - mfd: core: Increment of_node's refcount before linking it to the platform device (stable-fixes). - mfd: madera: Work around false-positive -Wininitialized warning (stable-fixes). - mfd: da9063: Split chip variant reading in two bus transactions (stable-fixes). - mfd: kempld: Switch back to earlier ->init() behavior (stable-fixes). - mfd: stmpe-i2c: Add missing MODULE_LICENSE (stable-fixes). - mfd: stmpe: Remove IRQ domain upon removal (stable-fixes). - mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (stable-fixes). - mmc: host: renesas_sdhi: Fix the actual clock (stable-fixes). - commit a9ec390 - kunit: test_dev_action: Correctly cast 'priv' pointer to long* (git-fixes). - ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (stable-fixes). - iio: adc: imx93_adc: load calibrated values even calibration failed (stable-fixes). - iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (stable-fixes). - media: redrat3: use int type to store negative error codes (stable-fixes). - media: ov08x40: Fix the horizontal flip control (stable-fixes). - media: i2c: og01a1b: Specify monochrome media bus format instead of Bayer (stable-fixes). - media: adv7180: Only validate format in querystd (stable-fixes). - media: adv7180: Do not write format to device in set_fmt (stable-fixes). - media: adv7180: Add missing lock in suspend callback (stable-fixes). - media: pci: mgb4: Fix timings comparison in VIDIOC_S_DV_TIMINGS (stable-fixes). - media: fix uninitialized symbol warnings (stable-fixes). - media: ipu6: isys: Set embedded data type correctly for metadata formats (stable-fixes). - media: imon: make send_packet() more robust (stable-fixes). - media: i2c: Kconfig: Ensure a dependency on HAVE_CLK for VIDEO_CAMERA_SENSOR (stable-fixes). - media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes). - i3c: mipi-i3c-hci-pci: Add support for Intel Wildcat Lake-U I3C (stable-fixes). - memstick: Add timeout to prevent indefinite waiting (stable-fixes). - hwmon: (asus-ec-sensors) increase timeout for locking ACPI mutex (stable-fixes). - commit 539916e - fbcon: Set fb_display[i]->mode to NULL when the mode is released (stable-fixes). - fbdev: bitblit: bound-check glyph index in bit_putcs* (stable-fixes). - fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (stable-fixes). - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (stable-fixes). - extcon: adc-jack: Cleanup wakeup source only if it was enabled (git-fixes). - extcon: adc-jack: Fix wakeup source leaks on device unbind (stable-fixes). - HID: pidff: PERMISSIVE_CONTROL quirk autodetection (stable-fixes). - HID: pidff: Use direction fix only for conditional effects (stable-fixes). - HID: asus: add Z13 folio to generic group for multitouch to work (stable-fixes). - Fix access to video_is_primary_device() when compiled without CONFIG_VIDEO (stable-fixes). - firmware: qcom: tzmem: disable sc7180 platform (stable-fixes). - firmware: qcom: scm: preserve assign_mem() error return value (stable-fixes). - firewire: ohci: move self_id_complete tracepoint after validating register (stable-fixes). - hwmon: (dell-smm) Remove Dell Precision 490 custom config data (stable-fixes). - hwmon: sy7636a: add alias (stable-fixes). - hwmon: (sbtsi_temp) AMD CPU extended temperature range support (stable-fixes). - hwmon: (lenovo-ec-sensors) Update P8 supprt (stable-fixes). - hwmon: (k10temp) Add device ID for Strix Halo (stable-fixes). - hwmon: (k10temp) Add thermal support for AMD Family 1Ah-based models (stable-fixes). - commit 666e545 - drm/amd/display: Disable VRR on DCE 6 (stable-fixes). - commit b765989 - drm/amdgpu/smu: Handle S0ix for vangogh (stable-fixes). - drm/amd/display: Fix black screen with HDMI outputs (git-fixes). - drm/sched: avoid killing parent entity on child SIGKILL (stable-fixes). - drm/amd/display: Fix incorrect return of vblank enable on unconfigured crtc (stable-fixes). - drm/amd: Check that VPE has reached DPM0 in idle handler (stable-fixes). - drm/amd/display: change dc stream color settings only in atomic commit (stable-fixes). - drm/amd/display: update color on atomic commit time (stable-fixes). - drm/amd/display: Fix for test crash due to power gating (stable-fixes). - drm/amd/display: Init dispclk from bootup clock for DCN314 (stable-fixes). - drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes). - drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() (stable-fixes). - drm/amdgpu: reject gang submissions under SRIOV (stable-fixes). - drm/amd/display/dml2: Guard dml21_map_dc_state_into_dml_display_cfg with DC_FP_START (stable-fixes). - drm/amd/display: Fix DVI-D/HDMI adapters (stable-fixes). - drm/amd/display: Add fallback path for YCBCR422 (stable-fixes). - drm/amd/display: Set up pixel encoding for YCBCR422 (stable-fixes). - drm/amd/display: fix dml ms order of operations (stable-fixes). - drm/amdgpu: Use memdup_array_user in amdgpu_cs_wait_fences_ioctl (stable-fixes). - drm/xe/guc: Return an error code if the GuC load fails (stable-fixes). - drm/xe/guc: Set upper limit of H2G retries over CTB (stable-fixes). - drm/xe/guc: Increase GuC crash dump buffer size (stable-fixes). - drm/msm/registers: Generate _HI/LO builders for reg64 (stable-fixes). - drm/msm: make sure to not queue up recovery more than once (stable-fixes). - drm/msm/dsi/phy_7nm: Fix missing initial VCO rate (stable-fixes). - drm/msm/dsi/phy: Toggle back buffer resync after preparing PLL (stable-fixes). - drm/amd/display: Fix pbn_div Calculation Error (stable-fixes). - drm/amdgpu: don't enable SMU on cyan skillfish (stable-fixes). - commit a6576e9 - drm/amdgpu: add support for cyan skillfish gpu_info (stable-fixes). - drm/amd: add more cyan skillfish PCI ids (stable-fixes). - drm/amdgpu: Allow kfd CRIU with no buffer objects (stable-fixes). - drm: panel-backlight-quirks: Make EDID match optional (stable-fixes). - drm/panthor: check bo offset alignment in vm bind (stable-fixes). - drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test (stable-fixes). - drm/amd/display: incorrect conditions for failing dto calculations (stable-fixes). - drm/amd/display: Increase minimum clock for TMDS 420 with pipe splitting (stable-fixes). - drm/amd/display: Support HW cursor 180 rot for any number of pipe splits (stable-fixes). - drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (stable-fixes). - drm/amdkfd: fix vram allocation failure for a special case (stable-fixes). - drm/amdgpu: Correct the counts of nr_banks and nr_errors (stable-fixes). - drm/amdkfd: Handle lack of READ permissions in SVM mapping (stable-fixes). - drm/amdgpu: fix nullptr err of vm_handle_moved (stable-fixes). - drm/amdkfd: return -ENOTTY for unsupported IOCTLs (stable-fixes). - drm/amd/display: Reset apply_eamless_boot_optimization when dpms_off (stable-fixes). - drm/amd/display: Wait until OTG enable state is cleared (stable-fixes). - drm/amdgpu/jpeg: Hold pg_lock before jpeg poweroff (stable-fixes). - drm/amd/pm: Use cached metrics data on arcturus (stable-fixes). - drm/amd/pm: Use cached metrics data on aldebaran (stable-fixes). - drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes). - drm/amdgpu: Skip poison aca bank from UE channel (stable-fixes). - drm/amd/display: add more cyan skillfish devices (stable-fixes). - drm/amd/amdgpu: Release xcp drm memory after unplug (stable-fixes). - drm/amd/display: Increase AUX Intra-Hop Done Max Wait Duration (stable-fixes). - drm/amd/display: Move setup_stream_attribute (stable-fixes). - drm/amdgpu: add range check for RAS bad page address (stable-fixes). - drm/amd/display: ensure committing streams is seamless (stable-fixes). - drm/amd/display: fix condition for setting timing_adjust_pending (stable-fixes). - drm/bridge: display-connector: don't set OP_DETECT for DisplayPorts (stable-fixes). - commit 6369e4e - dmaengine: dw-edma: Set status for callback_result (stable-fixes). - dmaengine: mv_xor: match alloc_wc and free_wc (stable-fixes). - drm/panthor: Serialize GPU cache flush operations (stable-fixes). - drm/tidss: Set crtc modesetting parameters with adjusted mode (stable-fixes). - drm/bridge: cdns-dsi: Don't fail on MIPI_DSI_MODE_VIDEO_BURST (stable-fixes). - drm/bridge: cdns-dsi: Fix REG_WAKEUP_TIME value (stable-fixes). - drm/tidss: Use the crtc_* timings when programming the HW (stable-fixes). - drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (stable-fixes). - drm/sched: Optimise drm_sched_entity_push_job (stable-fixes). - commit 088581e - char: Use list_del_init() in misc_deregister() to reinitialize list pointer (stable-fixes). - char: misc: Does not request module for miscdevice with dynamic minor (stable-fixes). - crypto: hisilicon/qm - clear all VF configurations in the hardware (stable-fixes). - crypto: hisilicon/qm - invalidate queues in use (stable-fixes). - crypto: caam - double the entropy delay interval for retry (stable-fixes). - crypto: ccp - Fix incorrect payload size calculation in psp_poulate_hsti() (stable-fixes). - crypto: qat - use kcalloc() in qat_uclo_map_objs_from_mof() (stable-fixes). - commit 88c75e8 - ACPI: CPPC: Limit perf ctrs in PCC check only to online CPUs (git-fixes). - ACPI: CPPC: Perform fast check switch only for online CPUs (git-fixes). - ACPI: CPPC: Check _CPC validity for only the online CPUs (git-fixes). - ACPI: CPPC: Detect preferred core availability on online CPUs (git-fixes). - Bluetooth: 6lowpan: add missing l2cap_chan_lock() (git-fixes). - Bluetooth: 6lowpan: Don't hold spin lock over sleeping functions (git-fixes). - Bluetooth: L2CAP: export l2cap_chan_hold for modules (stable-fixes). - Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (git-fixes). - Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (git-fixes). - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (git-fixes). - Bluetooth: MGMT: cancel mesh send timer when hdev removed (git-fixes). - ALSA: usb-audio: don't log messages meant for 1810c when initializing 1824c (git-fixes). - ACPI: fan: Use platform device for devres-related actions (git-fixes). - ACPI: fan: Use ACPI handle when retrieving _FST (stable-fixes). - ACPI: SPCR: Check for table version when using precise baudrate (git-fixes). - ASoC: meson: aiu-encoder-i2s: fix bit clock polarity (stable-fixes). - ACPI: property: Return present device nodes only on fwnode interface (stable-fixes). - bus: mhi: core: Improve mhi_sync_power_up handling for SYS_ERR state (stable-fixes). - char: misc: Make misc_register() reentry for miscdevice who wants dynamic minor (stable-fixes). - ACPI: scan: Update honor list for RPMI System MSI (stable-fixes). - Bluetooth: SCO: Fix UAF on sco_conn_free (stable-fixes). - Bluetooth: bcsp: receive data only if registered (stable-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3633 for MT7922 (stable-fixes). - Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (stable-fixes). - amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw (stable-fixes). - accel/habanalabs/gaudi2: read preboot status after recovering from dirty state (stable-fixes). - accel/habanalabs: support mapping cb with vmalloc-backed coherent memory (stable-fixes). - accel/habanalabs/gaudi2: fix BMON disable configuration (stable-fixes). - accel/habanalabs: return ENOMEM if less than requested pages were pinned (stable-fixes). - ASoC: tlv320aic3x: Fix class-D initialization for tlv320aic3007 (stable-fixes). - ASoC: stm32: sai: manage context in set_sysclk callback (stable-fixes). - ALSA: usb-audio: add mono main switch to Presonus S1824c (stable-fixes). - ASoC: qcom: sc8280xp: explicitly set S16LE format in sc8280xp_be_hw_params_fixup() (stable-fixes). - ASoC: SOF: ipc4-pcm: Add fixup for channels (stable-fixes). - ASoC: mediatek: Use SND_JACK_AVOUT for HDMI/DP jacks (stable-fixes). - ALSA: serial-generic: remove shared static buffer (stable-fixes). - ALSA: usb-audio: apply quirk for MOONDROP Quark2 (stable-fixes). - ALSA: usb-audio: Add validation of UAC2/UAC3 effect units (stable-fixes). - ACPI: PRM: Skip handlers with NULL handler_address or NULL VA (stable-fixes). - ACPI: video: force native for Lenovo 82K8 (stable-fixes). - ACPI: SPCR: Support Precise Baud Rate field (stable-fixes). - ACPI: resource: Skip IRQ override on ASUS Vivobook Pro N6506CU (stable-fixes). - ACPI: sysfs: Use ACPI_FREE() for freeing an ACPI object (stable-fixes). - ACPI: scan: Add Intel CVS ACPI HIDs to acpi_ignore_dep_ids[] (stable-fixes). - ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes). - ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (stable-fixes). - char: misc: restrict the dynamic range to exclude reserved minors (stable-fixes). - ACPI: fan: Add fan speed reporting for fans with only _FST (stable-fixes). - commit f52da15 - erofs: avoid infinite loop due to incomplete zstd-compressed data (git-fixes). - commit 7b42d7d - exfat: validate cluster allocation bits of the allocation bitmap (git-fixes). - commit f4032b9 - exfat: limit log print for IO error (git-fixes). - commit 1405b08 - nfs4_setup_readdir(): insufficient locking for - >d_parent->d_inode dereferencing (git-fixes). - commit 589935f - NFSv4.1: fix mount hang after CREATE_SESSION failure (git-fixes). - commit 76c7f5a - NFSv4: handle ERR_GRACE on delegation recalls (git-fixes). - commit cc6039d - IB/ipoib: Ignore L3 master device (git-fixes) - commit 117d08f - btrfs: ensure no dirty metadata is written back for an fs with errors (git-fix). - commit 17770b9 - io_uring/kbuf: fix signedness in this_len calculation (CVE-2025-39822 bsc#1250034). - Update patches.suse/io_uring-kbuf-always-use-READ_ONCE-to-read-ring-prov.patch - commit 40a2039 - io_uring/waitid: always prune wait queue entry in io_waitid_wait() (CVE-2025-40047 bsc#1252790). - commit 17b3d49 - io_uring/net: mark iov as dynamically allocated even for single segments (git-fixes). - commit d6cddb7 ++++ kernel-rt: - kernel-binary: Do not change debuginfo config during build Historically when debuginfo build was disabled in OBS kernel was configured to not generate the debuginfo at all saving space during build and making the build faster. More and more kernel features depend on debuginfo, and disabling it changes the kernel significantly disabling functionality that is otherwise available and causing ABI breakage. Recently genksyms was rewritten as gendwarfksyms to support more features but requires debuginfo to operate. With that kernel builds without deuginfo are not very useful anymore. Even if rpm eventually trashes the debuginfo it needs to be always generated. - commit 4fc8f91 - bpf/selftests: Fix test_tcpnotify_user (bsc#1253635). - commit 9374c78 - drm/amd/display: Reject modes with too high pixel clock on DCE6-10 (git-fixes). - commit 5c1955e - PM: hibernate: Use atomic64_t for compressed_size variable (git-fixes). - PM: hibernate: Emit an error when image writing fails (git-fixes). - wifi: mwl8k: inject DSSS Parameter Set element into beacons if missing (git-fixes). - wifi: mac80211: skip rate verification for not captured PSDUs (git-fixes). - wifi: ath11k: zero init info->status in wmi_process_mgmt_tx_comp() (git-fixes). - wifi: mac80211: reject address change while connecting (git-fixes). - strparser: Fix signed/unsigned mismatch bug (git-fixes). - tools: ynl: fix string attribute length to include null terminator (git-fixes). - wifi: mac80211: fix key tailroom accounting leak (git-fixes). - wifi: ath11k: avoid bit operation on key flags (git-fixes). - USB: serial: option: add UNISOC UIS7720 (stable-fixes). - usb/core/quirks: Add Huawei ME906S to wakeup quirk (stable-fixes). - usb: raw-gadget: do not limit transfer length (git-fixes). - usb: xhci-pci: Fix USB2-only root hub registration (git-fixes). - rtc: pcf2127: fix watchdog interrupt mask on pcf2131 (stable-fixes). - rtc: pcf2127: clear minute/second interrupt (stable-fixes). - tools bitmap: Add missing asm-generic/bitsperlong.h include (stable-fixes). - tools: lib: thermal: don't preserve owner in install (stable-fixes). - tools: lib: thermal: use pkg-config to locate libnl3 (stable-fixes). - watchdog: s3c2410_wdt: Fix max_timeout being calculated larger (stable-fixes). - PCI: cadence: Check for the existence of cdns_pcie::ops before using it (stable-fixes). - phy: rockchip: phy-rockchip-inno-csidphy: allow writes to grf register 0 (stable-fixes). - phy: cadence: cdns-dphy: Enable lower resolutions in dphy (stable-fixes). - phy: renesas: r8a779f0-ether-serdes: add new step added to latest datasheet (stable-fixes). - thunderbolt: Use is_pciehp instead of is_hotplug_bridge (stable-fixes). - usb: xhci-pci: add support for hosts with zero USB3 ports (stable-fixes). - usb: gadget: f_fs: Fix epfile null pointer access after ep enable (stable-fixes). - usb: mon: Increase BUFF_MAX to 64 MiB to support multi-MB URBs (stable-fixes). - usb: xhci: plat: Facilitate using autosuspend for xhci plat devices (stable-fixes). - usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget (stable-fixes). - usb: gadget: f_hid: Fix zero length packet transfer (stable-fixes). - usb: gadget: f_ncm: Fix MAC assignment NCM ethernet (stable-fixes). - tty/vt: Add missing return value for VT_RESIZE in vt_ioctl() (stable-fixes). - tty: serial: Modify the use of dev_err_probe() (stable-fixes). - platform/x86/intel-uncore-freq: Fix warning in partitioned system (stable-fixes). - wifi: ath12k: Increase DP_REO_CMD_RING_SIZE to 256 (stable-fixes). - wifi: ath10k: Fix connection after GTK rekeying (stable-fixes). - wifi: rtw89: renew a completion for each H2C command waiting C2H event (stable-fixes). - wifi: rtw89: obtain RX path from ppdu status IE00 (stable-fixes). - wifi: rtw89: fix BSSID comparison for non-transmitted BSSID (stable-fixes). - wifi: rtw89: wow: remove notify during WoWLAN net-detect (stable-fixes). - wifi: rtw89: print just once for unknown C2H events (stable-fixes). - wifi: rtw88: sdio: use indirect IO for device registers before power-on (stable-fixes). - wifi: mac80211: Track NAN interface start/stop (stable-fixes). - wifi: mt76: mt7996: fix memory leak on mt7996_mcu_sta_key_tlv error (stable-fixes). - wifi: mt76: mt76_eeprom_override to int (stable-fixes). - wifi: mt76: mt7996: Temporarily disable EPCS (stable-fixes). - wifi: mt76: mt7921: Add 160MHz beamformee capability for mt7922 device (stable-fixes). - r8169: set EEE speed down ratio to 1 (stable-fixes). - wifi: iwlwifi: fw: Add ASUS to PPAG and TAS list (stable-fixes). - wifi: mac80211: Fix HE capabilities element check (stable-fixes). - wifi: mac80211: Fix 6 GHz Band capabilities element advertisement in lower bands (stable-fixes). - smsc911x: add second read of EEPROM mac when possible corruption seen (stable-fixes). - soc: ti: pruss: don't use %pK through printk (stable-fixes). - soc/tegra: fuse: Add Tegra114 nvmem cells and fuse lookups (stable-fixes). - soc: qcom: smem: Fix endian-unaware access of num_entries (stable-fixes). - soc: aspeed: socinfo: Add AST27xx silicon IDs (stable-fixes). - thermal: intel: selftests: workload_hint: Mask unsupported types (stable-fixes). - thermal: gov_step_wise: Allow cooling level to be reduced earlier (stable-fixes). - tools/cpupower: Fix incorrect size in cpuidle_state_disable() (stable-fixes). - tools/cpupower: fix error return value in cpupower_write_sysfs() (stable-fixes). - tools/power x86_energy_perf_policy: Prefer driver HWP limits (stable-fixes). - tools/power x86_energy_perf_policy: Enhance HWP enable (stable-fixes). - tools/power x86_energy_perf_policy: Fix incorrect fopen mode usage (stable-fixes). - pinctrl: keembay: release allocated memory in detach path (stable-fixes). - pinctrl: single: fix bias pull up/down handling in pin_config_set (stable-fixes). - power: supply: qcom_battmgr: handle charging state change notifications (stable-fixes). - power: supply: sbs-charger: Support multiple devices (stable-fixes). - power: supply: qcom_battmgr: add OOI chemistry (stable-fixes). - video: backlight: lp855x_bl: Set correct EPROM start for LP8556 (stable-fixes). - spi: rpc-if: Add resume support for RZ/G3E (stable-fixes). - spi: loopback-test: Don't use %pK through printk (stable-fixes). - pwm: pca9685: Use bulk write to atomicially update registers (stable-fixes). - wifi: mac80211: don't mark keys for inactive links as uploaded (stable-fixes). - wifi: ath11k: add support for MU EDCA (stable-fixes). - commit 0ec6ab7 - net: wwan: t7xx: add support for HP DRMR-H01 (stable-fixes). - PCI: imx6: Enable the Vaux supply if available (stable-fixes). - PCI: dwc: Verify the single eDMA IRQ in dw_pcie_edma_irq_verify() (stable-fixes). - PCI: endpoint: pci-epf-test: Limit PCIe BAR size for fixed BARs (stable-fixes). - PCI/PM: Skip resuming to D0 if device is disconnected (stable-fixes). - PCI/P2PDMA: Fix incorrect pointer usage in devm_kfree() call (stable-fixes). - PCI: Disable MSI on RDC PCI to PCIe bridges (stable-fixes). - PCI/ERR: Update device error_state already after reset (stable-fixes). - net: phy: clear link parameters on admin link down (stable-fixes). - net: phy: marvell: Fix 88e1510 downshift counter errata (stable-fixes). - net: phy: fixed_phy: let fixed_phy_unregister free the phy_device (stable-fixes). - mfd: intel-lpss: Add Intel Wildcat Lake LPSS PCI IDs (stable-fixes). - mfd: core: Increment of_node's refcount before linking it to the platform device (stable-fixes). - mfd: madera: Work around false-positive -Wininitialized warning (stable-fixes). - mfd: da9063: Split chip variant reading in two bus transactions (stable-fixes). - mfd: kempld: Switch back to earlier ->init() behavior (stable-fixes). - mfd: stmpe-i2c: Add missing MODULE_LICENSE (stable-fixes). - mfd: stmpe: Remove IRQ domain upon removal (stable-fixes). - mmc: sdhci-msm: Enable tuning for SDR50 mode for SD card (stable-fixes). - mmc: host: renesas_sdhi: Fix the actual clock (stable-fixes). - commit a9ec390 - kunit: test_dev_action: Correctly cast 'priv' pointer to long* (git-fixes). - ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr (stable-fixes). - iio: adc: imx93_adc: load calibrated values even calibration failed (stable-fixes). - iio: adc: spear_adc: mask SPEAR_ADC_STATUS channel and avg sample before setting register (stable-fixes). - media: redrat3: use int type to store negative error codes (stable-fixes). - media: ov08x40: Fix the horizontal flip control (stable-fixes). - media: i2c: og01a1b: Specify monochrome media bus format instead of Bayer (stable-fixes). - media: adv7180: Only validate format in querystd (stable-fixes). - media: adv7180: Do not write format to device in set_fmt (stable-fixes). - media: adv7180: Add missing lock in suspend callback (stable-fixes). - media: pci: mgb4: Fix timings comparison in VIDIOC_S_DV_TIMINGS (stable-fixes). - media: fix uninitialized symbol warnings (stable-fixes). - media: ipu6: isys: Set embedded data type correctly for metadata formats (stable-fixes). - media: imon: make send_packet() more robust (stable-fixes). - media: i2c: Kconfig: Ensure a dependency on HAVE_CLK for VIDEO_CAMERA_SENSOR (stable-fixes). - media: amphion: Delete v4l2_fh synchronously in .release() (stable-fixes). - i3c: mipi-i3c-hci-pci: Add support for Intel Wildcat Lake-U I3C (stable-fixes). - memstick: Add timeout to prevent indefinite waiting (stable-fixes). - hwmon: (asus-ec-sensors) increase timeout for locking ACPI mutex (stable-fixes). - commit 539916e - fbcon: Set fb_display[i]->mode to NULL when the mode is released (stable-fixes). - fbdev: bitblit: bound-check glyph index in bit_putcs* (stable-fixes). - fbdev: pvr2fb: Fix leftover reference to ONCHIP_NR_DMA_CHANNELS (stable-fixes). - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (stable-fixes). - extcon: adc-jack: Cleanup wakeup source only if it was enabled (git-fixes). - extcon: adc-jack: Fix wakeup source leaks on device unbind (stable-fixes). - HID: pidff: PERMISSIVE_CONTROL quirk autodetection (stable-fixes). - HID: pidff: Use direction fix only for conditional effects (stable-fixes). - HID: asus: add Z13 folio to generic group for multitouch to work (stable-fixes). - Fix access to video_is_primary_device() when compiled without CONFIG_VIDEO (stable-fixes). - firmware: qcom: tzmem: disable sc7180 platform (stable-fixes). - firmware: qcom: scm: preserve assign_mem() error return value (stable-fixes). - firewire: ohci: move self_id_complete tracepoint after validating register (stable-fixes). - hwmon: (dell-smm) Remove Dell Precision 490 custom config data (stable-fixes). - hwmon: sy7636a: add alias (stable-fixes). - hwmon: (sbtsi_temp) AMD CPU extended temperature range support (stable-fixes). - hwmon: (lenovo-ec-sensors) Update P8 supprt (stable-fixes). - hwmon: (k10temp) Add device ID for Strix Halo (stable-fixes). - hwmon: (k10temp) Add thermal support for AMD Family 1Ah-based models (stable-fixes). - commit 666e545 - drm/amd/display: Disable VRR on DCE 6 (stable-fixes). - commit b765989 - drm/amdgpu/smu: Handle S0ix for vangogh (stable-fixes). - drm/amd/display: Fix black screen with HDMI outputs (git-fixes). - drm/sched: avoid killing parent entity on child SIGKILL (stable-fixes). - drm/amd/display: Fix incorrect return of vblank enable on unconfigured crtc (stable-fixes). - drm/amd: Check that VPE has reached DPM0 in idle handler (stable-fixes). - drm/amd/display: change dc stream color settings only in atomic commit (stable-fixes). - drm/amd/display: update color on atomic commit time (stable-fixes). - drm/amd/display: Fix for test crash due to power gating (stable-fixes). - drm/amd/display: Init dispclk from bootup clock for DCN314 (stable-fixes). - drm/amd/display: Add AVI infoframe copy in copy_stream_update_to_stream (stable-fixes). - drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked() (stable-fixes). - drm/amdgpu: reject gang submissions under SRIOV (stable-fixes). - drm/amd/display/dml2: Guard dml21_map_dc_state_into_dml_display_cfg with DC_FP_START (stable-fixes). - drm/amd/display: Fix DVI-D/HDMI adapters (stable-fixes). - drm/amd/display: Add fallback path for YCBCR422 (stable-fixes). - drm/amd/display: Set up pixel encoding for YCBCR422 (stable-fixes). - drm/amd/display: fix dml ms order of operations (stable-fixes). - drm/amdgpu: Use memdup_array_user in amdgpu_cs_wait_fences_ioctl (stable-fixes). - drm/xe/guc: Return an error code if the GuC load fails (stable-fixes). - drm/xe/guc: Set upper limit of H2G retries over CTB (stable-fixes). - drm/xe/guc: Increase GuC crash dump buffer size (stable-fixes). - drm/msm/registers: Generate _HI/LO builders for reg64 (stable-fixes). - drm/msm: make sure to not queue up recovery more than once (stable-fixes). - drm/msm/dsi/phy_7nm: Fix missing initial VCO rate (stable-fixes). - drm/msm/dsi/phy: Toggle back buffer resync after preparing PLL (stable-fixes). - drm/amd/display: Fix pbn_div Calculation Error (stable-fixes). - drm/amdgpu: don't enable SMU on cyan skillfish (stable-fixes). - commit a6576e9 - drm/amdgpu: add support for cyan skillfish gpu_info (stable-fixes). - drm/amd: add more cyan skillfish PCI ids (stable-fixes). - drm/amdgpu: Allow kfd CRIU with no buffer objects (stable-fixes). - drm: panel-backlight-quirks: Make EDID match optional (stable-fixes). - drm/panthor: check bo offset alignment in vm bind (stable-fixes). - drm/xe: Fix oops in xe_gem_fault when running core_hotunplug test (stable-fixes). - drm/amd/display: incorrect conditions for failing dto calculations (stable-fixes). - drm/amd/display: Increase minimum clock for TMDS 420 with pipe splitting (stable-fixes). - drm/amd/display: Support HW cursor 180 rot for any number of pipe splits (stable-fixes). - drm/amdkfd: Tie UNMAP_LATENCY to queue_preemption (stable-fixes). - drm/amdkfd: fix vram allocation failure for a special case (stable-fixes). - drm/amdgpu: Correct the counts of nr_banks and nr_errors (stable-fixes). - drm/amdkfd: Handle lack of READ permissions in SVM mapping (stable-fixes). - drm/amdgpu: fix nullptr err of vm_handle_moved (stable-fixes). - drm/amdkfd: return -ENOTTY for unsupported IOCTLs (stable-fixes). - drm/amd/display: Reset apply_eamless_boot_optimization when dpms_off (stable-fixes). - drm/amd/display: Wait until OTG enable state is cleared (stable-fixes). - drm/amdgpu/jpeg: Hold pg_lock before jpeg poweroff (stable-fixes). - drm/amd/pm: Use cached metrics data on arcturus (stable-fixes). - drm/amd/pm: Use cached metrics data on aldebaran (stable-fixes). - drm/amd/display: update dpp/disp clock from smu clock table (stable-fixes). - drm/amdgpu: Skip poison aca bank from UE channel (stable-fixes). - drm/amd/display: add more cyan skillfish devices (stable-fixes). - drm/amd/amdgpu: Release xcp drm memory after unplug (stable-fixes). - drm/amd/display: Increase AUX Intra-Hop Done Max Wait Duration (stable-fixes). - drm/amd/display: Move setup_stream_attribute (stable-fixes). - drm/amdgpu: add range check for RAS bad page address (stable-fixes). - drm/amd/display: ensure committing streams is seamless (stable-fixes). - drm/amd/display: fix condition for setting timing_adjust_pending (stable-fixes). - drm/bridge: display-connector: don't set OP_DETECT for DisplayPorts (stable-fixes). - commit 6369e4e - dmaengine: dw-edma: Set status for callback_result (stable-fixes). - dmaengine: mv_xor: match alloc_wc and free_wc (stable-fixes). - drm/panthor: Serialize GPU cache flush operations (stable-fixes). - drm/tidss: Set crtc modesetting parameters with adjusted mode (stable-fixes). - drm/bridge: cdns-dsi: Don't fail on MIPI_DSI_MODE_VIDEO_BURST (stable-fixes). - drm/bridge: cdns-dsi: Fix REG_WAKEUP_TIME value (stable-fixes). - drm/tidss: Use the crtc_* timings when programming the HW (stable-fixes). - drm/nouveau: replace snprintf() with scnprintf() in nvkm_snprintbf() (stable-fixes). - drm/sched: Optimise drm_sched_entity_push_job (stable-fixes). - commit 088581e - char: Use list_del_init() in misc_deregister() to reinitialize list pointer (stable-fixes). - char: misc: Does not request module for miscdevice with dynamic minor (stable-fixes). - crypto: hisilicon/qm - clear all VF configurations in the hardware (stable-fixes). - crypto: hisilicon/qm - invalidate queues in use (stable-fixes). - crypto: caam - double the entropy delay interval for retry (stable-fixes). - crypto: ccp - Fix incorrect payload size calculation in psp_poulate_hsti() (stable-fixes). - crypto: qat - use kcalloc() in qat_uclo_map_objs_from_mof() (stable-fixes). - commit 88c75e8 - ACPI: CPPC: Limit perf ctrs in PCC check only to online CPUs (git-fixes). - ACPI: CPPC: Perform fast check switch only for online CPUs (git-fixes). - ACPI: CPPC: Check _CPC validity for only the online CPUs (git-fixes). - ACPI: CPPC: Detect preferred core availability on online CPUs (git-fixes). - Bluetooth: 6lowpan: add missing l2cap_chan_lock() (git-fixes). - Bluetooth: 6lowpan: Don't hold spin lock over sleeping functions (git-fixes). - Bluetooth: L2CAP: export l2cap_chan_hold for modules (stable-fixes). - Bluetooth: 6lowpan: fix BDADDR_LE vs ADDR_LE_DEV address type confusion (git-fixes). - Bluetooth: 6lowpan: reset link-local header on ipv6 recv path (git-fixes). - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (git-fixes). - Bluetooth: MGMT: cancel mesh send timer when hdev removed (git-fixes). - ALSA: usb-audio: don't log messages meant for 1810c when initializing 1824c (git-fixes). - ACPI: fan: Use platform device for devres-related actions (git-fixes). - ACPI: fan: Use ACPI handle when retrieving _FST (stable-fixes). - ACPI: SPCR: Check for table version when using precise baudrate (git-fixes). - ASoC: meson: aiu-encoder-i2s: fix bit clock polarity (stable-fixes). - ACPI: property: Return present device nodes only on fwnode interface (stable-fixes). - bus: mhi: core: Improve mhi_sync_power_up handling for SYS_ERR state (stable-fixes). - char: misc: Make misc_register() reentry for miscdevice who wants dynamic minor (stable-fixes). - ACPI: scan: Update honor list for RPMI System MSI (stable-fixes). - Bluetooth: SCO: Fix UAF on sco_conn_free (stable-fixes). - Bluetooth: bcsp: receive data only if registered (stable-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3633 for MT7922 (stable-fixes). - Bluetooth: btusb: Check for unexpected bytes when defragmenting HCI frames (stable-fixes). - amd/amdkfd: resolve a race in amdgpu_amdkfd_device_fini_sw (stable-fixes). - accel/habanalabs/gaudi2: read preboot status after recovering from dirty state (stable-fixes). - accel/habanalabs: support mapping cb with vmalloc-backed coherent memory (stable-fixes). - accel/habanalabs/gaudi2: fix BMON disable configuration (stable-fixes). - accel/habanalabs: return ENOMEM if less than requested pages were pinned (stable-fixes). - ASoC: tlv320aic3x: Fix class-D initialization for tlv320aic3007 (stable-fixes). - ASoC: stm32: sai: manage context in set_sysclk callback (stable-fixes). - ALSA: usb-audio: add mono main switch to Presonus S1824c (stable-fixes). - ASoC: qcom: sc8280xp: explicitly set S16LE format in sc8280xp_be_hw_params_fixup() (stable-fixes). - ASoC: SOF: ipc4-pcm: Add fixup for channels (stable-fixes). - ASoC: mediatek: Use SND_JACK_AVOUT for HDMI/DP jacks (stable-fixes). - ALSA: serial-generic: remove shared static buffer (stable-fixes). - ALSA: usb-audio: apply quirk for MOONDROP Quark2 (stable-fixes). - ALSA: usb-audio: Add validation of UAC2/UAC3 effect units (stable-fixes). - ACPI: PRM: Skip handlers with NULL handler_address or NULL VA (stable-fixes). - ACPI: video: force native for Lenovo 82K8 (stable-fixes). - ACPI: SPCR: Support Precise Baud Rate field (stable-fixes). - ACPI: resource: Skip IRQ override on ASUS Vivobook Pro N6506CU (stable-fixes). - ACPI: sysfs: Use ACPI_FREE() for freeing an ACPI object (stable-fixes). - ACPI: scan: Add Intel CVS ACPI HIDs to acpi_ignore_dep_ids[] (stable-fixes). - ACPICA: Update dsmethod.c to get rid of unused variable warning (stable-fixes). - ACPICA: dispatcher: Use acpi_ds_clear_operands() in acpi_ds_call_control_method() (stable-fixes). - char: misc: restrict the dynamic range to exclude reserved minors (stable-fixes). - ACPI: fan: Add fan speed reporting for fans with only _FST (stable-fixes). - commit f52da15 - erofs: avoid infinite loop due to incomplete zstd-compressed data (git-fixes). - commit 7b42d7d - exfat: validate cluster allocation bits of the allocation bitmap (git-fixes). - commit f4032b9 - exfat: limit log print for IO error (git-fixes). - commit 1405b08 - nfs4_setup_readdir(): insufficient locking for - >d_parent->d_inode dereferencing (git-fixes). - commit 589935f - NFSv4.1: fix mount hang after CREATE_SESSION failure (git-fixes). - commit 76c7f5a - NFSv4: handle ERR_GRACE on delegation recalls (git-fixes). - commit cc6039d - IB/ipoib: Ignore L3 master device (git-fixes) - commit 117d08f - btrfs: ensure no dirty metadata is written back for an fs with errors (git-fix). - commit 17770b9 - io_uring/kbuf: fix signedness in this_len calculation (CVE-2025-39822 bsc#1250034). - Update patches.suse/io_uring-kbuf-always-use-READ_ONCE-to-read-ring-prov.patch - commit 40a2039 - io_uring/waitid: always prune wait queue entry in io_waitid_wait() (CVE-2025-40047 bsc#1252790). - commit 17b3d49 - io_uring/net: mark iov as dynamically allocated even for single segments (git-fixes). - commit d6cddb7 ++++ ucode-amd: - Update to version 20251113 (git commit fb0dbcd30118): * linux-firmware: Update AMD cpu microcode ------------------------------------------------------------------ ------------------ 2025-11-13 - Nov 13 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Update to 351 * Changes since 349 - 351 * Firewall ports can be deleted individually - 350 * networking: fix renaming of bridges and other groups (RHEL-117883) * bridge: fix OpenSSH_10.2p1 host key detection ++++ cockpit-machines: - Update to 344 * 344 - Port forwarding for user session VMs - "Shutdown and restart" action - Faster startup * 343 - Memory usage now shows numbers reported by the guest (RHEL-116731) ++++ cockpit-podman: - Update to 117 * 117 - Performance and stability improvements * 116 - Support stopping/starting/restart quadlets ++++ kernel-default: - io_uring/net: fix sendzc double notif flush (git-fixes). - commit 39ada15 - bpf: make sure skb->len != 0 when redirecting to a tunneling device (CVE-2022-50253 bsc#1249912) - commit f8c850b - net: xilinx: axienet: Add error handling for RX metadata pointer retrieval (CVE-2025-39897 bsc#1250746) - commit 7a69552 - net: xilinx: axienet: Fix RX skb ring management in DMAengine mode (bsc#1250746) - commit 3b07625 - net: xilinx: axienet: Fix Tx skb circular buffer occupancy check in dmaengine xmit (bsc#1250746) - commit f3dd19b - net: xilinx: axienet: Fix IRQ coalescing packet count overflow (bsc#1250746) - commit 342b7c5 - NFSD: Never cache a COMPOUND when the SEQUENCE operation fails (git-fixes). - commit 9760aee - NFSD: Skip close replay processing if XDR encoding fails (git-fixes). - commit c1a2a70 - NFSD: free copynotify stateid in nfs4_free_ol_stateid() (git-fixes). - commit 402584f - nfsd: add missing FATTR4_WORD2_CLONE_BLKSIZE from supported attributes (git-fixes). - commit 5236ad9 - nfsd: fix refcount leak in nfsd_set_fh_dentry() (git-fixes). - commit 958cf9b ++++ kernel-rt: - io_uring/net: fix sendzc double notif flush (git-fixes). - commit 39ada15 - bpf: make sure skb->len != 0 when redirecting to a tunneling device (CVE-2022-50253 bsc#1249912) - commit f8c850b - net: xilinx: axienet: Add error handling for RX metadata pointer retrieval (CVE-2025-39897 bsc#1250746) - commit 7a69552 - net: xilinx: axienet: Fix RX skb ring management in DMAengine mode (bsc#1250746) - commit 3b07625 - net: xilinx: axienet: Fix Tx skb circular buffer occupancy check in dmaengine xmit (bsc#1250746) - commit f3dd19b - net: xilinx: axienet: Fix IRQ coalescing packet count overflow (bsc#1250746) - commit 342b7c5 - NFSD: Never cache a COMPOUND when the SEQUENCE operation fails (git-fixes). - commit 9760aee - NFSD: Skip close replay processing if XDR encoding fails (git-fixes). - commit c1a2a70 - NFSD: free copynotify stateid in nfs4_free_ol_stateid() (git-fixes). - commit 402584f - nfsd: add missing FATTR4_WORD2_CLONE_BLKSIZE from supported attributes (git-fixes). - commit 5236ad9 - nfsd: fix refcount leak in nfsd_set_fh_dentry() (git-fixes). - commit 958cf9b ++++ python313-core: - Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple quadratic complexity vulnerabilities of os.path.expandvars() (CVE-2025-6075, bsc#1252974). ++++ nvidia-open-driver-G06-signed: - introduced extra %gfx_aarch64_version and appropriate tarball/pci_id file in the hope that build service will no longer complain - update CUDA variant to 580.105.08 ++++ python313: - Add CVE-2025-6075-expandvars-perf-degrad.patch avoid simple quadratic complexity vulnerabilities of os.path.expandvars() (CVE-2025-6075, bsc#1252974). ++++ salt: - Require Python dependencies only for used Python version ------------------------------------------------------------------ ------------------ 2025-11-12 - Nov 12 2025 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix CVE-2025-54771 (bsc#1252931) * 0001-kern-file-Call-grub_dl_unref-after-fs-fs_close.patch - Fix CVE-2025-54770 (bsc#1252930) * 0002-net-net-Unregister-net_set_vlan-command-on-unload.patch - Fix CVE-2025-61662 (bsc#1252933) * 0003-gettext-gettext-Unregister-gettext-command-on-module.patch - Fix CVE-2025-61663 (bsc#1252934) - Fix CVE-2025-61664 (bsc#1252935) * 0004-normal-main-Unregister-commands-on-module-unload.patch * 0005-tests-lib-functional_test-Unregister-commands-on-mod.patch - Fix CVE-2025-61661 (bsc#1252932) * 0006-commands-usbtest-Use-correct-string-length-field.patch * 0007-commands-usbtest-Ensure-string-length-is-sufficient-.patch - Bump upstream SBAT generation to 6 ++++ kernel-default: - Rename kABI-fix-for-struct-devlink_port_attrs-move-new-memb.patch Use the name of the patch being fixed. - commit 6298d1e - btrfs: release root after error in data_reloc_print_warning_inode() (git-fixes). - commit c634c60 - btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fixes). - commit 9ef6fe3 - btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes). - commit da7f4a2 - Refresh patches.suse/devlink-let-driver-opt-out-of-automatic-phys_port_na.patch. Use the upstream patch as is. Don't drop the hunk adding no_phys_port_name - Refresh patches.kabi/kABI-fix-for-struct-devlink_port_attrs-move-new-memb.patch No need to add a new member. Use the existing bit-field - commit 623c177 ++++ kernel-rt: - Rename kABI-fix-for-struct-devlink_port_attrs-move-new-memb.patch Use the name of the patch being fixed. - commit 6298d1e - btrfs: release root after error in data_reloc_print_warning_inode() (git-fixes). - commit c634c60 - btrfs: scrub: put bio after errors in scrub_raid56_parity_stripe() (git-fixes). - commit 9ef6fe3 - btrfs: do not update last_log_commit when logging inode due to a new name (git-fixes). - commit da7f4a2 - Refresh patches.suse/devlink-let-driver-opt-out-of-automatic-phys_port_na.patch. Use the upstream patch as is. Don't drop the hunk adding no_phys_port_name - Refresh patches.kabi/kABI-fix-for-struct-devlink_port_attrs-move-new-memb.patch No need to add a new member. Use the existing bit-field - commit 623c177 ++++ ucode-intel: - Intel CPU Microcode was updated to the 20251111 release (bsc#1253319) - Update for functional issues. New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | GNR-D | B0/B1 | 06-ae-01/97 | | 01000273 | Xeon 6700P-B/6500P-B Series SoC with P-Cores Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 0000003a | 0000003d | Core Gen12 | ADL | H0 | 06-97-05/07 | 0000003a | 0000003d | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000437 | 0000043a | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000437 | 0000043a | Core Gen12 | ADL-N | N0 | 06-be-00/19 | 0000001d | 0000001e | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E | ARL-H | A1 | 06-c5-02/82 | 00000119 | 0000011a | Core Ultra Processor (Series 2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000119 | 0000011a | Core Ultra Processor (Series 2) | AZB | A0/R0 | 06-9a-04/40 | 0000000a | 0000000b | Atom C1100 | EMR-SP | A1 | 06-cf-02/87 | 210002b3 | 210002c0 | Xeon Scalable Gen5 | GNR-AP/SP | Bx/Hx/Lx | 06-ad-01/95 | 010003d0 | 010003f0 | Xeon 6900-6700/6500-Series Processors with P-Cores | GNR-SP R1S | Bx/Hx/Lx | 06-ad-01/20 | 0a000100 | 0a000124 | Xeon 6700/6500-Series Processors with P-Cores | LNL | B0 | 06-bd-01/80 | 00000123 | 00000125 | Core Ultra 200 V Series Processor | RPL-E/HX/S | B0 | 06-b7-01/32 | 0000012f | 00000132 | Core Gen13/Gen14 | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004129 | 00006133 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 0000003a | 0000003d | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 0000003a | 0000003d | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004129 | 00006133 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c000401 | 2c000410 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000643 | 2b000650 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000643 | 2b000650 | Xeon Scalable Gen4 | SRF-AP/SP | C0 | 06-af-03/01 | 03000362 | 03000382 | Xeon 6900/6700-Series Processors with E-Cores | TWL | N0 | 06-be-00/19 | 0000001d | 0000001e | Core i3-N305/N300, N50/N97/N100/N200, Atom x7211E/x7213E/x7425E ------------------------------------------------------------------ ------------------ 2025-11-11 - Nov 11 2025 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20251111.509a363: * Avoid escape sequences on dump terminal of s390 - Update to version 84.87+git20251111.16d9d43: * Set XDG environment variables consistently without trailing slash ++++ cloud-init: - Fix dependency replace -serial with -pyserial ++++ kernel-default: - Rename to patches.kabi/kabi-fix-dm-fix-dm_blk_report_zones.patch. - commit 911b752 - KVM: SEV: Validate XCR0 provided by guest in GHCB (git-fixes). - commit 7df395e - KVM: SEV: Read save fields from GHCB exactly once (git-fixes). - commit 035bf6d - KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to kvm_get_cached_sw_exit_code() (git-fixes). - commit fb01ff1 - KVM: SEV: Enforce minimum GHCB version requirement for SEV-SNP guests (git-fixes). - commit 924cf52 - KVM: TDX: Do not retry locally when the retry is caused by invalid memslot (git-fixes). - commit 1ee08a7 - KVM: x86/mmu: Return -EAGAIN if userspace deletes/moves memslot during prefault (git-fixes). - commit ebc80d5 - KVM: x86: Have all vendor neutral sub-configs depend on KVM_X86, not just KVM (git-fixes). - commit 77fc3c5 - KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes). - commit b1ea66f - KVM: SVM: Pass through GHCB MSR if and only if VM is an SEV-ES guest (git-fixes). - commit a848ce9 - Refresh patches.suse/drm-amd-display-Default-IPS-to-RCG_IN_ACTIVE_IPS2_IN.patch. - Refresh patches.suse/drm-amdgpu-discovery-fix-fw-based-ip-discovery.patch. - Refresh patches.suse/drm-i915-dp-Fix-2.7-Gbps-DP_LINK_BW-value-on-g4x.patch. - Refresh patches.suse/drm-xe-Allow-dropping-kunit-dependency-as-built-in.patch. - Refresh patches.suse/drm-xe-Carve-out-wopcm-portion-from-the-stolen-memor.patch. - Refresh patches.suse/drm-xe-Ensure-fixed_slice_mode-gets-set-after-ccs_mo.patch. - Refresh patches.suse/drm-xe-Move-page-fault-init-after-topology-init.patch. - Refresh patches.suse/drm-xe-bmg-Update-Wa_22019338487.patch. - Refresh patches.suse/drm-xe-gsc-do-not-flush-the-GSC-worker-from-the-rese.patch. - Refresh patches.suse/drm-xe-guc_submit-fix-race-around-pending_disable.patch. - commit ce19d99 - io_uring/rsrc: don't rely on user vaddr alignment (git-fixes). - io_uring: make fallocate be hashed work (git-fixes). - commit 4b7f18b - io_uring: fix task leak issue in io_wq_create() (git-fixes). - io_uring/kbuf: don't truncate end buffer for multiple buffer peeks (git-fixes). - commit 6eac1e4 - io_uring/kbuf: account ring io_buffer_list memory (git-fixes). - commit f9b2eed - io_uring: account drain memory to cgroup (git-fixes). - io_uring: fix overflow resched cqe reordering (git-fixes). - commit 14d2bfa - io_uring: ensure deferred completions are flushed for multishot (git-fixes). - commit 9ec928d - io_uring/fdinfo: annotate racy sq/cq head/tail reads (git-fixes). - io_uring: fix 'sync' handling of io_fallback_tw() (git-fixes). - commit c501028 - io_uring: don't duplicate flushing in io_req_post_cqe (git-fixes). - io_uring/kbuf: reject zero sized provided buffers (git-fixes). - commit add5ee3 - io_uring/msg: initialise msg request opcode (git-fixes). - commit 78239f9 - io_uring/net: account memory for zc sendmsg (git-fixes). - commit 1a819c2 ++++ kernel-rt: - Rename to patches.kabi/kabi-fix-dm-fix-dm_blk_report_zones.patch. - commit 911b752 - KVM: SEV: Validate XCR0 provided by guest in GHCB (git-fixes). - commit 7df395e - KVM: SEV: Read save fields from GHCB exactly once (git-fixes). - commit 035bf6d - KVM: SEV: Rename kvm_ghcb_get_sw_exit_code() to kvm_get_cached_sw_exit_code() (git-fixes). - commit fb01ff1 - KVM: SEV: Enforce minimum GHCB version requirement for SEV-SNP guests (git-fixes). - commit 924cf52 - KVM: TDX: Do not retry locally when the retry is caused by invalid memslot (git-fixes). - commit 1ee08a7 - KVM: x86/mmu: Return -EAGAIN if userspace deletes/moves memslot during prefault (git-fixes). - commit ebc80d5 - KVM: x86: Have all vendor neutral sub-configs depend on KVM_X86, not just KVM (git-fixes). - commit 77fc3c5 - KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes). - commit b1ea66f - KVM: SVM: Pass through GHCB MSR if and only if VM is an SEV-ES guest (git-fixes). - commit a848ce9 - Refresh patches.suse/drm-amd-display-Default-IPS-to-RCG_IN_ACTIVE_IPS2_IN.patch. - Refresh patches.suse/drm-amdgpu-discovery-fix-fw-based-ip-discovery.patch. - Refresh patches.suse/drm-i915-dp-Fix-2.7-Gbps-DP_LINK_BW-value-on-g4x.patch. - Refresh patches.suse/drm-xe-Allow-dropping-kunit-dependency-as-built-in.patch. - Refresh patches.suse/drm-xe-Carve-out-wopcm-portion-from-the-stolen-memor.patch. - Refresh patches.suse/drm-xe-Ensure-fixed_slice_mode-gets-set-after-ccs_mo.patch. - Refresh patches.suse/drm-xe-Move-page-fault-init-after-topology-init.patch. - Refresh patches.suse/drm-xe-bmg-Update-Wa_22019338487.patch. - Refresh patches.suse/drm-xe-gsc-do-not-flush-the-GSC-worker-from-the-rese.patch. - Refresh patches.suse/drm-xe-guc_submit-fix-race-around-pending_disable.patch. - commit ce19d99 - io_uring/rsrc: don't rely on user vaddr alignment (git-fixes). - io_uring: make fallocate be hashed work (git-fixes). - commit 4b7f18b - io_uring: fix task leak issue in io_wq_create() (git-fixes). - io_uring/kbuf: don't truncate end buffer for multiple buffer peeks (git-fixes). - commit 6eac1e4 - io_uring/kbuf: account ring io_buffer_list memory (git-fixes). - commit f9b2eed - io_uring: account drain memory to cgroup (git-fixes). - io_uring: fix overflow resched cqe reordering (git-fixes). - commit 14d2bfa - io_uring: ensure deferred completions are flushed for multishot (git-fixes). - commit 9ec928d - io_uring/fdinfo: annotate racy sq/cq head/tail reads (git-fixes). - io_uring: fix 'sync' handling of io_fallback_tw() (git-fixes). - commit c501028 - io_uring: don't duplicate flushing in io_req_post_cqe (git-fixes). - io_uring/kbuf: reject zero sized provided buffers (git-fixes). - commit add5ee3 - io_uring/msg: initialise msg request opcode (git-fixes). - commit 78239f9 - io_uring/net: account memory for zc sendmsg (git-fixes). - commit 1a819c2 ++++ multipath-tools: - Update to version 0.11.3+184+suse.e1501732: - Fixes from upstream 0.11.3 (see also NEWS.md) (bsc#1253260) * Improved the communication with **udev** and **systemd** by triggering uevents when path devices are added to or removed from multipath maps, or when `multipathd reconfigure` is executed after changing blacklist directives in `multipath.conf`. * Failed paths should be checked every `polling_interval`. In certain cases, this wouldn't happen, because the check interval wasn't reset by multipathd. * It could happen that multipathd would accidentally release a SCSI persistent reservation held by another node. Fix it. * After manually failing some paths and then reinstating them, sometimes the reinstated paths were immediately failed again by multipathd. Fix it. * Various minor fixes reported by coverity. ++++ salt: - Fix TLS and x509 modules for OSes with older cryptography module - Require python-legacy-cgi only for Python > 3.12 - Builds with py >=3.13 require python-legacy-cgi - Fix Salt for Python > 3.11 (bsc#1252285) (bsc#1252244) * Use external tornado on Python > 3.11 * Make tls and x509 to use python-cryptography * Remove usage of spwd - Added: * fix-tls-and-x509-modules-for-older-cryptography-modu.patch * fix-salt-for-python-3.11.patch ++++ selinux-policy: - Update to version 20250627+git293.3432d4834: * Allow pcscd_t to search cgroup (bsc#1253098) * Fix syntax error in userdomain.if * Allow nnp_transition for OpenSMTPD (bsc#1252431) * Allow ras-mc-ctl get attributes of the kmod executable * Define file equivalency for /var/opt * Allow virtnodedev_t the perfmon capability * Allow nut_upsdrvctl_t the sys_ptrace capability * Label /usr/lib/systemd/user/graphical-session-pre.target with xdm_unit_file_t * Allow snapper sdbootutil plugin read emmc devices (bsc#1231354) * Allow pcrlock to delete pid entries * Allow systemd_pcrlock_t to manage its pid files * Mark snapper_sdbootutil_plugin_t as permissive * Drop unnamed filetrans, should be done upstream (bsc#1241964) * Label pcrlock pid file correctly (bsc#1241964) * Allow snapper sdbootutil plugin send msg to system bus (bsc#1241964) * snapper takes output from stdout/err, allow pcrlock to write * Add tpm2_getcap permissions to snapper sdbootutil (bsc#1244573) * Allow snapper sdbootutil plugin to read snapper data and conf * Allow snapper sdbootutil plugin to grep /proc/stat (bsc#1241964) * Replace snapper tmp file access for pcrlock (bsc#1241964) * Allow snapper sdbootutil read kernel module dirs (bsc#1241964) * Allow snapper sdbootutil plugin use bootctl (bsc#1241964) * Allow snapper sdbootutil plugin to list and read sysfs (bsc#1241964) * Allow snapper sdbootutil sys_admin (bsc#1241964) * Allow snapper sdbootutils plugin to findmnt (bsc#1241964) * Allow snapper sdbootutil plugin rw tpm (bsc#1233358) * Move manage dos permissions and dontaudit execmem to snapper sdbootutils plugin (bsc#1241964) * Move snapper domtrans to sdbootutil to plugin (bsc#1241964) * Revert snapper access to keys, move to sdbootutils plugin policy (bsc#1241964) * Add initial seperate policy for sdbootutil called by snapper (bsc#1233358) * Allow sort in snapper_grub_plugin_t read cpu.max (bsc#1252095) * systemd-sysctl: allow rw on binfm_misc_fs_t to set binfmt_misc status * Allow cupsd to manage cupsd_rw_etc_t lnk_files * Set temporary no-stub resolv.conf file from NetworkManager as net_conf_t * Allow spamc read aliases file * Mark configfs_t as mountpoint (bsc#1246080) * Allow systemd-machined watch cgroup files * Allow sshd-auth read generic proc files * Allow sshd-auth read and write user domain ptys * Allow logwatch read and write sendmail unix stream sockets * Allow logwatch domain transition on rpm execution * Allow thumb_t mounton its private tmpfs files * Allow thumb_t create permission in the user namespace * Allow corenet_unconfined_type name_bind to icmp_socket * Allow systemd-networkd to manage systemd_networkd_var_lib_t files * Allow sshd-session get attributes of sshd vsock socket ------------------------------------------------------------------ ------------------ 2025-11-10 - Nov 10 2025 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20251110.af063e6: * Avoid escape sequences on dump terminal of s390 * Set erase character from kbs entry of terminfo ++++ cyrus-sasl: - Python3 error log upon importing pycurl (bsc#1233529) Remove senceless log message. * add remove-senceless-log.patch ++++ kernel-default: - io_uring/net: fix accept multishot handling (git-fixes). - commit 8f56af6 - io_uring: check for iowq alloc_workqueue failure (git-fixes). - commit 1158052 - io_uring/io-wq: do not use bogus hash value (git-fixes). - io_uring/io-wq: cache work->flags in variable (git-fixes). - io_uring/io-wq: move worker lists to struct io_wq_acct (git-fixes). - io_uring/io-wq: add io_worker.acct pointer (git-fixes). - io_uring/io-wq: eliminate redundant io_work_get_acct() calls (git-fixes). - commit 53c8977 - io_uring/net: don't clear REQ_F_NEED_CLEANUP unconditionally (git-fixes). - commit 4936341 - io_uring/net: save msg_control for compat (git-fixes). - commit 09c50d3 - btrfs: send: fix duplicated rmdir operations when using extrefs (git-fixes). - commit 4f3cd5c - btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (git-fixes). - commit 2b2b6a8 - btrfs: mark dirty extent range for out of bound prealloc extents (git-fixes). - commit b68eaa8 - btrfs: set inode flag BTRFS_INODE_COPY_EVERYTHING when logging new name (git-fixes). - commit 36dafa0 - btrfs: simplify error handling logic for btrfs_link() (git-fixes). - commit d00c25e - btrfs: fix inode leak on failure to add link to inode (git-fixes). - commit 722b72e - btrfs: abort transaction on failure to add link to inode (git-fixes). - commit b280fd3 - btrfs: rename err to ret in btrfs_link() (git-fixes). - commit bccf104 - btrfs: fix memory leak of qgroup_list in btrfs_add_qgroup_relation (git-fixes). - commit db8578f - x86/CPU/AMD: Add missing terminator for zen5_rdseed_microcode (git-fixes). - commit 3ad5c25 - pds_core: remove write-after-free of client_id (CVE-2025-37916 bsc#1243474) - commit 5e9a8d2 - coresight: Fix incorrect handling for return value of devm_kzalloc (CVE-2025-40059 bsc#1252809) - commit 855baa1 - btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST (CVE-2025-40101 bsc#1252901) - commit 6c5e13d - bpf: Fix out-of-bounds dynptr write in bpf_crypto_crypt (CVE-2025-39917 bsc#1250723) - commit c537a65 - ocfs2: fix double free in user_cluster_connect() (CVE-2025-40055 bsc#1252821) - commit 233260e - pps: fix warning in pps_register_cdev when register device fail (CVE-2025-40070 bsc#1252836). - commit 5d93ed8 - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (CVE-2025-40098 bsc#1252917). - commit 014dce4 - nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (git-fixes). - commit 0452526 - rtc: rx8025: fix incorrect register reference (git-fixes). - drm/xe/guc: Synchronize Dead CT worker with unbind (git-fixes). - drm/mediatek: Add pm_runtime support for GCE power control (git-fixes). - drm/mediatek: Disable AFBC support on Mediatek DRM driver (git-fixes). - drm/amd/display: Enable mst when it's detected but yet to be initialized (git-fixes). - drm/amd: Fix suspend failure with secure display TA (git-fixes). - drm/amd/display: Fix NULL deref in debugfs odm_combine_segments (git-fixes). - drm/i915: Fix conversion between clock ticks and nanoseconds (git-fixes). - drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (git-fixes). - drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb (git-fixes). - gpiolib: fix invalid pointer access in debugfs (git-fixes). - gpio: swnode: don't use the swnode's name as the key for GPIO lookup (git-fixes). - Documentation: ACPI: i2c-muxes: fix I2C device references (git-fixes). - ACPI: SBS: Fix present test in acpi_battery_read() (git-fixes). - lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC (git-fixes). - wifi: mac80211_hwsim: Limit destroy_on_close radio removal to netgroup (git-fixes). - net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (git-fixes). - Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern() (git-fixes). - Bluetooth: btrtl: Fix memory leak in rtlbt_parse_firmware_v2() (git-fixes). - Bluetooth: hci_event: validate skb length for unknown CC opcode (git-fixes). - wifi: zd1211rw: fix potential memory leak in __zd_usb_enable_rx() (git-fixes). - Revert "wifi: ath10k: avoid unnecessary wait for service ready message" (git-fixes). - media: videobuf2: forbid remove_bufs when legacy fileio is active (git-fixes). - media: uvcvideo: Use heuristic to find stream entity (git-fixes). - drm/amd/display: increase max link count and fix link->enc NULL pointer access (stable-fixes). - Documentation: w1: Fix SPDX comment syntax on masters and slaves toctree index (git-fixes). - commit b161491 ++++ kernel-rt: - io_uring/net: fix accept multishot handling (git-fixes). - commit 8f56af6 - io_uring: check for iowq alloc_workqueue failure (git-fixes). - commit 1158052 - io_uring/io-wq: do not use bogus hash value (git-fixes). - io_uring/io-wq: cache work->flags in variable (git-fixes). - io_uring/io-wq: move worker lists to struct io_wq_acct (git-fixes). - io_uring/io-wq: add io_worker.acct pointer (git-fixes). - io_uring/io-wq: eliminate redundant io_work_get_acct() calls (git-fixes). - commit 53c8977 - io_uring/net: don't clear REQ_F_NEED_CLEANUP unconditionally (git-fixes). - commit 4936341 - io_uring/net: save msg_control for compat (git-fixes). - commit 09c50d3 - btrfs: send: fix duplicated rmdir operations when using extrefs (git-fixes). - commit 4f3cd5c - btrfs: use smp_mb__after_atomic() when forcing COW in create_pending_snapshot() (git-fixes). - commit 2b2b6a8 - btrfs: mark dirty extent range for out of bound prealloc extents (git-fixes). - commit b68eaa8 - btrfs: set inode flag BTRFS_INODE_COPY_EVERYTHING when logging new name (git-fixes). - commit 36dafa0 - btrfs: simplify error handling logic for btrfs_link() (git-fixes). - commit d00c25e - btrfs: fix inode leak on failure to add link to inode (git-fixes). - commit 722b72e - btrfs: abort transaction on failure to add link to inode (git-fixes). - commit b280fd3 - btrfs: rename err to ret in btrfs_link() (git-fixes). - commit bccf104 - btrfs: fix memory leak of qgroup_list in btrfs_add_qgroup_relation (git-fixes). - commit db8578f - x86/CPU/AMD: Add missing terminator for zen5_rdseed_microcode (git-fixes). - commit 3ad5c25 - pds_core: remove write-after-free of client_id (CVE-2025-37916 bsc#1243474) - commit 5e9a8d2 - coresight: Fix incorrect handling for return value of devm_kzalloc (CVE-2025-40059 bsc#1252809) - commit 855baa1 - btrfs: fix memory leaks when rejecting a non SINGLE data profile without an RST (CVE-2025-40101 bsc#1252901) - commit 6c5e13d - bpf: Fix out-of-bounds dynptr write in bpf_crypto_crypt (CVE-2025-39917 bsc#1250723) - commit c537a65 - ocfs2: fix double free in user_cluster_connect() (CVE-2025-40055 bsc#1252821) - commit 233260e - pps: fix warning in pps_register_cdev when register device fail (CVE-2025-40070 bsc#1252836). - commit 5d93ed8 - ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41_get_acpi_mute_state() (CVE-2025-40098 bsc#1252917). - commit 014dce4 - nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (git-fixes). - commit 0452526 - rtc: rx8025: fix incorrect register reference (git-fixes). - drm/xe/guc: Synchronize Dead CT worker with unbind (git-fixes). - drm/mediatek: Add pm_runtime support for GCE power control (git-fixes). - drm/mediatek: Disable AFBC support on Mediatek DRM driver (git-fixes). - drm/amd/display: Enable mst when it's detected but yet to be initialized (git-fixes). - drm/amd: Fix suspend failure with secure display TA (git-fixes). - drm/amd/display: Fix NULL deref in debugfs odm_combine_segments (git-fixes). - drm/i915: Fix conversion between clock ticks and nanoseconds (git-fixes). - drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD (git-fixes). - drm/sched: Fix deadlock in drm_sched_entity_kill_jobs_cb (git-fixes). - gpiolib: fix invalid pointer access in debugfs (git-fixes). - gpio: swnode: don't use the swnode's name as the key for GPIO lookup (git-fixes). - Documentation: ACPI: i2c-muxes: fix I2C device references (git-fixes). - ACPI: SBS: Fix present test in acpi_battery_read() (git-fixes). - lib/crypto: curve25519-hacl64: Fix older clang KASAN workaround for GCC (git-fixes). - wifi: mac80211_hwsim: Limit destroy_on_close radio removal to netgroup (git-fixes). - net: usb: qmi_wwan: initialize MAC header offset in qmimux_rx_fixup (git-fixes). - Bluetooth: MGMT: Fix OOB access in parse_adv_monitor_pattern() (git-fixes). - Bluetooth: btrtl: Fix memory leak in rtlbt_parse_firmware_v2() (git-fixes). - Bluetooth: hci_event: validate skb length for unknown CC opcode (git-fixes). - wifi: zd1211rw: fix potential memory leak in __zd_usb_enable_rx() (git-fixes). - Revert "wifi: ath10k: avoid unnecessary wait for service ready message" (git-fixes). - media: videobuf2: forbid remove_bufs when legacy fileio is active (git-fixes). - media: uvcvideo: Use heuristic to find stream entity (git-fixes). - drm/amd/display: increase max link count and fix link->enc NULL pointer access (stable-fixes). - Documentation: w1: Fix SPDX comment syntax on masters and slaves toctree index (git-fixes). - commit b161491 ------------------------------------------------------------------ ------------------ 2025-11-7 - Nov 7 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - io_uring/rw: forbid multishot async reads (git-fixes). - commit b8ee47f - io-wq: backoff when retrying worker creation (git-fixes). - commit ed7c8cc - io_uring/waitid: setup async data in the prep handler (git-fixes). - commit c823259 - io_uring/uring_cmd: remove dead req_has_async_data() check (git-fixes). - commit bbe13e2 - KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes). - commit e2a2287 - KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes). - commit 39eaa4c - KVM: SVM: Track per-vCPU IRTEs using kvm_kernel_irqfd structure (git-fixes). - commit 5da1bc9 - KVM: Pass new routing entries and irqfd when updating IRTEs (git-fixes). - commit 613b778 - x86/CPU/AMD: Add RDSEED fix for Zen5 (git-fixes). - commit 7dd7ddd - fs/smb: Fix inconsistent refcnt update (bsc#1250176, CVE-2025-39819). - commit 22b6cc8 - KVM: SVM: WARN if an invalid posted interrupt IRTE entry is added (git-fixes). - commit a8ef915 - Refresh patches.suse/x86-microcode-AMD-Limit-Entrysign-signature-checking-to-kn.patch. - commit ec68be1 - iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (git-fixes). - commit e7a1195 - net/9p: fix double req put in p9_fd_cancelled (CVE-2025-40027 bsc#1252763). - commit 2c3c104 - KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (CVE-2025-40038 bsc#1252817). - commit d41e9f1 - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705). - commit f8c7e99 ++++ kernel-rt: - io_uring/rw: forbid multishot async reads (git-fixes). - commit b8ee47f - io-wq: backoff when retrying worker creation (git-fixes). - commit ed7c8cc - io_uring/waitid: setup async data in the prep handler (git-fixes). - commit c823259 - io_uring/uring_cmd: remove dead req_has_async_data() check (git-fixes). - commit bbe13e2 - KVM: SVM: Delete IRTE link from previous vCPU irrespective of new routing (git-fixes). - commit e2a2287 - KVM: SVM: Delete IRTE link from previous vCPU before setting new IRTE (git-fixes). - commit 39eaa4c - KVM: SVM: Track per-vCPU IRTEs using kvm_kernel_irqfd structure (git-fixes). - commit 5da1bc9 - KVM: Pass new routing entries and irqfd when updating IRTEs (git-fixes). - commit 613b778 - x86/CPU/AMD: Add RDSEED fix for Zen5 (git-fixes). - commit 7dd7ddd - fs/smb: Fix inconsistent refcnt update (bsc#1250176, CVE-2025-39819). - commit 22b6cc8 - KVM: SVM: WARN if an invalid posted interrupt IRTE entry is added (git-fixes). - commit a8ef915 - Refresh patches.suse/x86-microcode-AMD-Limit-Entrysign-signature-checking-to-kn.patch. - commit ec68be1 - iommu/amd: Return an error if vCPU affinity is set for non-vCPU IRTE (git-fixes). - commit e7a1195 - net/9p: fix double req put in p9_fd_cancelled (CVE-2025-40027 bsc#1252763). - commit 2c3c104 - KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid (CVE-2025-40038 bsc#1252817). - commit d41e9f1 - tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork (bsc#1250705). - commit f8c7e99 ++++ openssh: - Add openssh-cve-2025-61984-username-validation.patch (bsc#1251198, CVE-2025-61984). - Add openssh-cve-2025-61985-nul-url-encode.patch (bsc#1251199, CVE-2025-61985). ++++ qemu: - Update to version 10.0.6 Full backport list: https://lore.kernel.org/qemu-devel/1761022287.744330.6357.nullmailer@tls.msk.ru/ A selection of them is reported below: linux-user/microblaze: Fix little-endianness binary target/hppa: correct size bit parity for fmpyadd target/i386: user: do not set up a valid LDT on reset async: access bottom half flags with qatomic_read target/i386: fix x86_64 pushw op i386/tcg/smm_helper: Properly apply DR values on SMM entry / exit i386/cpu: Prevent delivering SIPI during SMM in TCG mode i386/kvm: Expose ARCH_CAP_FB_CLEAR when invulnerable to MDS target/i386: Fix CR2 handling for non-canonical addresses block/curl.c: Use explicit long constants in curl_easy_setopt calls pcie_sriov: Fix broken MMIO accesses from SR-IOV VFs target/riscv: rvv: Fix vslide1[up|down].vx unexpected result when XLEN2 and SEWd target/riscv: Fix ssamoswap error handling - Update to version 10.0.5: Full backport list: https://lore.kernel.org/qemu-devel/1759986125.676506.643525.nullmailer@tls.msk.ru/ A selection of them is reported below: tests/functional/test_aarch64_sbsaref_freebsd: Fix the URL of the ISO image tests/functional/test_ppc_bamboo: Replace broken link with working assets physmem: Destroy all CPU AddressSpaces on unrealize memory: New AS helper to serialize destroy+free include/system/memory.h: Clarify address_space_destroy() behaviour migration: Fix state transition in postcopy_start() error handling target/riscv: rvv: Modify minimum VLEN according to enabled vector extensions target/riscv: rvv: Replace checking V by checking Zve32x target/riscv: Fix endianness swap on compressed instructions hw/riscv/riscv-iommu: Fixup PDT Nested Walk ... - Fix bsc#1230042 - Support for Intel TDX (jsc#PED-9266) A list of backported patches (so far) is: i386/tdx: Build TDX only for 64-bit target i386/tdx: Clarify the error message of mrconfigid/mrowner/mrownerconfig i386/tdx: Fix the typo of the comment of struct TdxGuest i386/cpu: Rename enable_cpuid_0x1f to force_cpuid_0x1f i386/tdx: Error and exit when named cpu model is requested i386/cpu: Warn about why CPUID_EXT_PDCM is not available i386/tdvf: Fix build on 32-bit host i386/tdx: Fix build on 32-bit host x86/loader: Don't update kernel header for CoCo VMs docs: Add TDX documentation i386/tdx: Validate phys_bits against host value i386/tdx: Make invtsc default on i386/tdx: Don't treat SYSCALL as unavailable i386/tdx: Fetch and validate CPUID of TD guest target/i386: Print CPUID subleaf info for unsupported feature i386: Remove unused parameter "uint32_t bit" in feature_word_description() i386/cgs: Introduce x86_confidential_guest_check_features() i386/tdx: Define supported KVM features for TDX i386/tdx: Add XFD to supported bit of TDX i386/tdx: Add supported CPUID bits relates to XFAM i386/tdx: Add supported CPUID bits related to TD Attributes i386/tdx: Add TDX fixed1 bits to supported CPUIDs i386/tdx: Implement adjust_cpuid_features() for TDX i386/cgs: Rename *mask_cpuid_features() to *adjust_cpuid_features() cpu: Don't set vcpu_dirty when guest_state_protected i386/apic: Skip kvm_apic_put() for TDX i386/tdx: Only configure MSR_IA32_UCODE_REV in kvm_init_msrs() for TDs i386/tdx: Don't synchronize guest tsc for TDs i386/tdx: Set and check kernel_irqchip mode for TDX i386/tdx: Disable PIC for TDX VMs i386/tdx: Disable SMM for TDX VMs i386/tdx: Set kvm_readonly_mem_enabled to false for TDX VM i386/tdx: Force exposing CPUID 0x1f i386/cpu: Introduce enable_cpuid_0x1f to force exposing CPUID 0x1f i386/tdx: implement tdx_cpu_instance_init() i386/cpu: introduce x86_confidential_guest_cpu_instance_init() kvm: Check KVM_CAP_MAX_VCPUS at vm level i386/tdx: Wire TDX_REPORT_FATAL_ERROR with GuestPanic facility i386/tdx: Handle KVM_SYSTEM_EVENT_TDX_FATAL i386/tdx: Enable user exit on KVM_HC_MAP_GPA_RANGE i386/tdx: Finalize TDX VM i386/tdx: Call KVM_TDX_INIT_VCPU to initialize TDX vcpu i386/tdx: Add TDVF memory via KVM_TDX_INIT_MEM_REGION i386/tdx: Setup the TD HOB list headers: Add definitions from UEFI spec for volumes, resources, etc... i386/tdx: Track RAM entries for TDX VM i386/tdx: Track mem_ptr for each firmware entry of TDVF i386/tdx: Don't initialize pc.rom for TDX VMs i386/tdx: Parse TDVF metadata for TDX VM i386/tdvf: Introduce function to parse TDVF metadata i386/tdx: load TDVF for TD guest i386/tdx: Implement user specified tsc frequency i386/tdx: Set APIC bus rate to match with what TDX module enforces i386/tdx: Support user configurable mrconfigid/mrowner/mrownerconfig i386/tdx: Validate TD attributes i386/tdx: Wire CPU features up with attributes of TD guest i386/tdx: Make sept_ve_disable set by default i386/tdx: Add property sept-ve-disable for tdx-guest object i386/tdx: Initialize TDX before creating TD vcpus kvm: Introduce kvm_arch_pre_create_vcpu() i386/tdx: Introduce is_tdx_vm() helper and cache tdx_guest object i386/tdx: Get tdx_capabilities via KVM_TDX_CAPABILITIES i386/tdx: Implement tdx_kvm_init() to initialize TDX VM context i386/tdx: Implement tdx_kvm_type() for TDX i386: Introduce tdx-guest object linux-headers: update from 6.15 + kvm/next linux-headers: Update to Linux v6.15-rc3 ------------------------------------------------------------------ ------------------ 2025-11-6 - Nov 6 2025 ------------------- ------------------------------------------------------------------ ++++ ipw-firmware: - mark LICENSE.ipw2x00 as %license [bsc#1252153] ++++ kernel-default: - nexthop: Forbid FDB status change while nexthop is in a group (CVE-2025-39980 bsc#1252063). - commit dada308 - mm/ksm: fix flag-dropping behavior in ksm_madvise (CVE-2025-40040 bsc#1252780). - commit 095dc3d - serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 (git-fixes). - PCI: qcom: Add equalization settings for 8.0 GT/s and 32.0 GT/s (git-fixes). - kABI: PCI: qcom: Add equalization settings for 8.0 GT/s and 32.0 GT/s (kabi git-fixes). - kabi/severities: add qcom_pcie_common_set_16gt_equalization() It's internal to dwc, noone is supposed to rely on it. Fixes: Export 'qcom_pcie_common_set_16gt_equalization' has been removed - PCI: Ensure relaxed tail alignment does not increase min_align (git-fixes). - PCI: Test for bit underflow in pcie_set_readrq() (git-fixes). - PCI: Add pci_resource_num() helper (git-fixes). - PCI: Use min_align, not unrelated add_align, for size0 (git-fixes). - commit d635c02 ++++ kernel-rt: - nexthop: Forbid FDB status change while nexthop is in a group (CVE-2025-39980 bsc#1252063). - commit dada308 - mm/ksm: fix flag-dropping behavior in ksm_madvise (CVE-2025-40040 bsc#1252780). - commit 095dc3d - serial: 8250_exar: add support for Advantech 2 port card with Device ID 0x0018 (git-fixes). - PCI: qcom: Add equalization settings for 8.0 GT/s and 32.0 GT/s (git-fixes). - kABI: PCI: qcom: Add equalization settings for 8.0 GT/s and 32.0 GT/s (kabi git-fixes). - kabi/severities: add qcom_pcie_common_set_16gt_equalization() It's internal to dwc, noone is supposed to rely on it. Fixes: Export 'qcom_pcie_common_set_16gt_equalization' has been removed - PCI: Ensure relaxed tail alignment does not increase min_align (git-fixes). - PCI: Test for bit underflow in pcie_set_readrq() (git-fixes). - PCI: Add pci_resource_num() helper (git-fixes). - PCI: Use min_align, not unrelated add_align, for size0 (git-fixes). - commit d635c02 ++++ mdadm: - Split off the Software RAID HOWTO into a -doc package - Update to version 4.4+29.gf8bb524b: * fix race between mdcheck_start.service and mdcheck_continue.service (bsc#1243443, bsc#1248097) * various fixes for mdcheck (bsc#1248097) * mdadm_env.sh: ignore MDADM_RAIDDEVICES if MDADM_SCAN is set (bsc#1229997) - Upstream bug fixes since 4.4 (bsc#1253060) * mdadm: add attribute nonstring for signature * super-ddf: Prevent crash when handling DDF metadata * platform-intel: Disable legacy option ROM scan on UEFI machines * mdadm: fix --grow with --add for linear * mdadm/raid6check: add xmalloc.h to raid6check.c * Coverity fixes resources leaks * udev: persist properties of MD devices after switch_root - _service: switch to tar_scm for better interoperabity with SLFO. ------------------------------------------------------------------ ------------------ 2025-11-5 - Nov 5 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - cpuset: Use new excpus for nocpu error check when enabling root partition (bsc#1241166). - cgroup/cpuset: Remove remote_partition_check() & make update_cpumasks_hier() handle remote partition (bsc#1241166). - commit d4c3a1b - cpuset: fix failure to enable isolated partition when containing isolcpus (bsc#1241166). - commit 9093c25 - nbd: restrict sockets to TCP and UDP (bsc#1252774 CVE-2025-40080). - commit 3fbbb49 - kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930). - commit 0f034b6 - RDMA/hns: Fix wrong WQE data when QP wraps around (git-fixes) - commit 6ea0097 - RDMA/hns: Fix the modification of max_send_sge (git-fixes) - commit f143d8d - RDMA/hns: Fix recv CQ and QP cache affinity (git-fixes) - commit 61f6ae6 - RDMA/irdma: Set irdma_cq cq_num field during CQ create (git-fixes) - commit be2c8f8 - RDMA/irdma: Fix SD index calculation (git-fixes) - commit 0aad166 - RDMA/bnxt_re: Fix a potential memory leak in destroy_gsi_sqp (git-fixes) - commit 0f46cf0 ++++ kernel-rt: - cpuset: Use new excpus for nocpu error check when enabling root partition (bsc#1241166). - cgroup/cpuset: Remove remote_partition_check() & make update_cpumasks_hier() handle remote partition (bsc#1241166). - commit d4c3a1b - cpuset: fix failure to enable isolated partition when containing isolcpus (bsc#1241166). - commit 9093c25 - nbd: restrict sockets to TCP and UDP (bsc#1252774 CVE-2025-40080). - commit 3fbbb49 - kernel-subpackage-spec: Do not doubly-sign modules (bsc#1251930). - commit 0f034b6 - RDMA/hns: Fix wrong WQE data when QP wraps around (git-fixes) - commit 6ea0097 - RDMA/hns: Fix the modification of max_send_sge (git-fixes) - commit f143d8d - RDMA/hns: Fix recv CQ and QP cache affinity (git-fixes) - commit 61f6ae6 - RDMA/irdma: Set irdma_cq cq_num field during CQ create (git-fixes) - commit be2c8f8 - RDMA/irdma: Fix SD index calculation (git-fixes) - commit 0aad166 - RDMA/bnxt_re: Fix a potential memory leak in destroy_gsi_sqp (git-fixes) - commit 0f46cf0 ++++ lz4: - CVE-2025-62813 was rejected [bsc#1252557] - deleted patches * lz4-CVE-2025-62813.patch ++++ podman: - Add patch for CVE-2025-31133,CVE-2025-52565,CVE-2025-52881 (bsc#1252376): * 0005-CVE-2025-52881-backport-subset-of-patch-from-runc.patch - Rebase patches: * 0001-CVE-2025-22869-ssh-limit-the-size-of-the-internal-pa.patch * 0002-Fix-Remove-appending-rw-as-the-default-mount-option.patch * 0003-CVE-2025-6032-machine-init-fix-tls-check.patch * 0004-CVE-2025-9566-kube-play-don-t-follow-volume-symlinks.patch ++++ salt: - Fix payload signature verification on Tumbleweed (bsc#1251776) - Fix broken symlink on migration to Leap 16.0 (bsc#1250755) - Use versioned python interpreter for salt-ssh - Fix known_hosts error on gitfs (bsc#1250520) (bsc#1227207) - Add python3.11 as preferable for salt-ssh to avoid tests fails - Make test_pillar_timeout test more reliable - Modify README and other doc files for openSUSE - Set python-CherryPy as required for python-salt-testsuite (#115) - Revert require M2Crypto >= 0.44.0 for SUSE Family distros - This reverts commit aa40615dcf7a15325ef71bbc09a5423ce512491d. - Improve SL Micro 6.2 detection with grains - Fix functional.states.test_user for SLES 16 and Micro systems - Fix the tests failing on AlmaLinux 10 and other clones - Added: * do-not-break-signature-verification-on-latest-m2cryp.patch * use-versioned-python-interpreter-for-salt-ssh.patch * allow-libgit2-to-guess-sysdir-homedir-successfully-b.patch * add-python3.11-as-preferable-for-salt-ssh-to-avoid-t.patch * even-more-reliable-pillar-timeout-test.patch * modify-readme-for-opensuse-728.patch * improve-sl-micro-6.2-detection-with-grains.patch * fix-functional.states.test_user-for-sles-16-and-micr.patch * fix-the-tests-failing-on-almalinux-10-and-other-clon.patch ++++ runc: - Update to runc v1.3.3. Upstream changelog is available from . bsc#1252232 * CVE-2025-31133 * CVE-2025-52565 * CVE-2025-52881 - Remove upstreamed patches for bsc#1252232: - 2025-11-05-CVEs.patch ------------------------------------------------------------------ ------------------ 2025-11-4 - Nov 4 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Revert "e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898" This reverts commit c8a67ee47d80a407b3a0277b35ca59f2d01f3488. - commit 379dc19 - vhost: vringh: Modify the return value check (CVE-2025-40051 bsc#1252858). - commit 0f5b967 - btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() (git-fixes). - commit 6669879 ++++ kernel-rt: - Revert "e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898" This reverts commit c8a67ee47d80a407b3a0277b35ca59f2d01f3488. - commit 379dc19 - vhost: vringh: Modify the return value check (CVE-2025-40051 bsc#1252858). - commit 0f5b967 - btrfs: fix the incorrect max_bytes value for find_lock_delalloc_range() (git-fixes). - commit 6669879 ++++ python313-core: - Add CVE-2025-8291-consistency-zip64.patch which checks consistency of the zip64 end of central directory record, and preventing obfuscation of the payload, i.e., you scanning for malicious content in a ZIP file with one ZIP parser (let's say a Rust one) then unpack it in production with another (e.g., the Python one) and get malicious content that the other parser did not see (CVE-2025-8291, bsc#1251305) - Readjust patches while synchronizing between openSUSE and SLE trees: - F00251-change-user-install-location.patch - doc-py38-to-py36.patch - gh126985-mv-pyvenv.cfg2getpath.patch ++++ mdadm: - _service: pull from github.com/openSUSE/mdadm, patches now managed in git * delete 0010-mdopen-add-sbin-path-to-env-PATH-when-call-system-mo.patch * delete 1000-Revert-mdmonitor-Abandon-custom-configuration-files.patch * delete 1001-display-timeout-status.patch * delete 1002-OnCalendar-format-fix-of-mdcheck_start-timer.patch * delete 1003-mdadm-treat-the-Dell-softraid-array-as-local-array.patch * delete 1004-call-mdadm_env.sh-from-usr-libexec-mdadm.patch * delete 1005-mdadm-enable-Intel-Alderlake-RSTe-configuration.patch * delete 1006-imsm-Fix-RAID0-to-RAID10-migration.patch * delete 1007-mdadm-allow-any-valid-minor-number-in-md-device-name.patch * delete 1008-mdmonitor-use-MAILFROM-to-set-sendmail-envelope-send.patch - New versioning scheme: add tag offset and git commit from openSUSE/mdadm repo ++++ nvidia-open-driver-G06-signed: - back to 580.95.05 on aarch64, since userspace drivers have not been updated for this platform ++++ python313: - Add CVE-2025-8291-consistency-zip64.patch which checks consistency of the zip64 end of central directory record, and preventing obfuscation of the payload, i.e., you scanning for malicious content in a ZIP file with one ZIP parser (let's say a Rust one) then unpack it in production with another (e.g., the Python one) and get malicious content that the other parser did not see (CVE-2025-8291, bsc#1251305) - Readjust patches while synchronizing between openSUSE and SLE trees: - F00251-change-user-install-location.patch - doc-py38-to-py36.patch - gh126985-mv-pyvenv.cfg2getpath.patch ------------------------------------------------------------------ ------------------ 2025-11-3 - Nov 3 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update patches.suse/ALSA-usb-audio-Fix-NULL-pointer-deference-in-try_to_.patch (git-fixes CVE-2025-40085 bsc#1252873). - Update patches.suse/ALSA-usb-audio-fix-race-condition-to-UAF-in-snd_usbm.patch (git-fixes CVE-2025-39997 bsc#1252056). - Update patches.suse/ASoC-qcom-audioreach-fix-potential-null-pointer-dere.patch (git-fixes CVE-2025-40013 bsc#1252348). - Update patches.suse/Bluetooth-MGMT-Fix-possible-UAFs.patch (git-fixes CVE-2025-39981 bsc#1252060). - Update patches.suse/Bluetooth-hci_event-Fix-UAF-in-hci_acl_create_conn_s.patch (git-fixes CVE-2025-39982 bsc#1252083). - Update patches.suse/Input-uinput-zero-initialize-uinput_ff_upload_compat.patch (git-fixes CVE-2025-40035 bsc#1252866). - Update patches.suse/NFSD-Define-a-proc_layoutcommit-for-the-FlexFiles-layout-type.patch (git-fixes CVE-2025-40087 bsc#1252909). - Update patches.suse/PCI-endpoint-pci-epf-test-Add-NULL-check-for-DMA-cha.patch (git-fixes CVE-2025-40032 bsc#1252841). - Update patches.suse/RDMA-rxe-Fix-race-in-do_task-when-draining.patch (git-fixes CVE-2025-40061 bsc#1252849). - Update patches.suse/Squashfs-fix-uninit-value-in-squashfs_get_parent.patch (git-fixes CVE-2025-40049 bsc#1252822). - Update patches.suse/bus-fsl-mc-Check-return-value-of-platform_get_resour.patch (git-fixes CVE-2025-40029 bsc#1252772). - Update patches.suse/can-etas_es58x-populate-ndo_change_mtu-to-prevent-bu.patch (git-fixes CVE-2025-39988 bsc#1252074). - Update patches.suse/can-hi311x-populate-ndo_change_mtu-to-prevent-buffer.patch (git-fixes CVE-2025-39987 bsc#1252079). - Update patches.suse/can-mcba_usb-populate-ndo_change_mtu-to-prevent-buff.patch (git-fixes CVE-2025-39985 bsc#1252082). - Update patches.suse/can-peak_usb-fix-shift-out-of-bounds-issue.patch (git-fixes CVE-2025-40020 bsc#1252679). - Update patches.suse/can-sun4i_can-populate-ndo_change_mtu-to-prevent-buf.patch (git-fixes CVE-2025-39986 bsc#1252078). - Update patches.suse/crypto-essiv-Check-ssize-for-decryption-and-in-place.patch (git-fixes CVE-2025-40019 bsc#1252678). - Update patches.suse/crypto-hisilicon-qm-set-NULL-to-qm-debug.qm_diff_reg.patch (git-fixes CVE-2025-40062 bsc#1252850). - Update patches.suse/drm-gma500-Fix-null-dereference-in-hdmi-teardown.patch (git-fixes CVE-2025-40011 bsc#1252336). - Update patches.suse/drm-sched-Fix-potential-double-free-in-drm_sched_job.patch (git-fixes CVE-2025-40096 bsc#1252902). - Update patches.suse/fbcon-fix-integer-overflow-in-fbcon_do_set_font.patch (git-fixes CVE-2025-39967 bsc#1252033). - Update patches.suse/fbdev-simplefb-Fix-use-after-free-in-simplefb_detach.patch (git-fixes CVE-2025-40037 bsc#1252819). - Update patches.suse/fs-proc-task_mmu-check-p-vec_buf-for-NULL.patch (git-fixes CVE-2025-40009 bsc#1252333). - Update patches.suse/fs-udf-fix-OOB-read-in-lengthAllocDescs-handling.patch (git-fixes CVE-2025-40044 bsc#1252785). - Update patches.suse/io_uring-fix-multishots-with-selected-buffers.patch (git-fixes CVE-2025-40364 bsc#1241637). - Update patches.suse/iommu-vt-d-Disallow-dirty-tracking-if-incoherent-pag.patch (git-fixes CVE-2025-40058 bsc#1252854). - Update patches.suse/ixgbe-fix-too-early-devlink_free-in-ixgbe_remove.patch (git-fixes CVE-2025-40091 bsc#1252915). - Update patches.suse/ixgbevf-fix-mailbox-API-compatibility-by-negotiating.patch (bsc#1247222 CVE-2025-40104 bsc#1252921). - Update patches.suse/media-b2c2-Fix-use-after-free-causing-by-irq_check_w.patch (git-fixes CVE-2025-39996 bsc#1252065). - Update patches.suse/media-i2c-tc358743-Fix-use-after-free-bugs-caused-by.patch (git-fixes CVE-2025-39995 bsc#1252064). - Update patches.suse/media-rc-fix-races-with-imon_disconnect.patch (git-fixes CVE-2025-39993 bsc#1252070). - Update patches.suse/media-tuner-xc5000-Fix-use-after-free-in-xc5000_rele.patch (git-fixes CVE-2025-39994 bsc#1252072). - Update patches.suse/media-uvcvideo-Mark-invalid-entities-with-id-UVC_INV.patch (git-fixes CVE-2025-40016 bsc#1252346). - Update patches.suse/misc-fastrpc-fix-possible-map-leak-in-fastrpc_put_ar.patch (git-fixes CVE-2025-40036 bsc#1252865). - Update patches.suse/msft-hv-3336-uio_hv_generic-Let-userspace-take-care-of-interrupt-.patch (git-fixes CVE-2025-40048 bsc#1252862). - Update patches.suse/net-nfc-nci-Add-parameter-validation-for-packet-data.patch (git-fixes CVE-2025-40043 bsc#1252787). - Update patches.suse/smb-client-fix-crypto-buffers-in-non-linear-memory.patch (bsc#1250491 boo#1239206 CVE-2025-40052 bsc#1252851). - Update patches.suse/tty-n_gsm-Don-t-block-input-queue-by-waiting-MSC.patch (git-fixes CVE-2025-40071 bsc#1252797). - Update patches.suse/wifi-ath11k-fix-NULL-dereference-in-ath11k_qmi_m3_lo.patch (git-fixes CVE-2025-39991 bsc#1252075). - Update patches.suse/xfrm-xfrm_alloc_spi-shouldn-t-use-0-as-SPI.patch (CVE-2025-39797 bsc#1249608 CVE-2025-39965 bsc#1251967). - commit 0209f26 - coresight: trbe: Return NULL pointer for allocation failures (CVE-2025-40060 bsc#1252848). - commit f6a5f19 ++++ kernel-rt: - Update patches.suse/ALSA-usb-audio-Fix-NULL-pointer-deference-in-try_to_.patch (git-fixes CVE-2025-40085 bsc#1252873). - Update patches.suse/ALSA-usb-audio-fix-race-condition-to-UAF-in-snd_usbm.patch (git-fixes CVE-2025-39997 bsc#1252056). - Update patches.suse/ASoC-qcom-audioreach-fix-potential-null-pointer-dere.patch (git-fixes CVE-2025-40013 bsc#1252348). - Update patches.suse/Bluetooth-MGMT-Fix-possible-UAFs.patch (git-fixes CVE-2025-39981 bsc#1252060). - Update patches.suse/Bluetooth-hci_event-Fix-UAF-in-hci_acl_create_conn_s.patch (git-fixes CVE-2025-39982 bsc#1252083). - Update patches.suse/Input-uinput-zero-initialize-uinput_ff_upload_compat.patch (git-fixes CVE-2025-40035 bsc#1252866). - Update patches.suse/NFSD-Define-a-proc_layoutcommit-for-the-FlexFiles-layout-type.patch (git-fixes CVE-2025-40087 bsc#1252909). - Update patches.suse/PCI-endpoint-pci-epf-test-Add-NULL-check-for-DMA-cha.patch (git-fixes CVE-2025-40032 bsc#1252841). - Update patches.suse/RDMA-rxe-Fix-race-in-do_task-when-draining.patch (git-fixes CVE-2025-40061 bsc#1252849). - Update patches.suse/Squashfs-fix-uninit-value-in-squashfs_get_parent.patch (git-fixes CVE-2025-40049 bsc#1252822). - Update patches.suse/bus-fsl-mc-Check-return-value-of-platform_get_resour.patch (git-fixes CVE-2025-40029 bsc#1252772). - Update patches.suse/can-etas_es58x-populate-ndo_change_mtu-to-prevent-bu.patch (git-fixes CVE-2025-39988 bsc#1252074). - Update patches.suse/can-hi311x-populate-ndo_change_mtu-to-prevent-buffer.patch (git-fixes CVE-2025-39987 bsc#1252079). - Update patches.suse/can-mcba_usb-populate-ndo_change_mtu-to-prevent-buff.patch (git-fixes CVE-2025-39985 bsc#1252082). - Update patches.suse/can-peak_usb-fix-shift-out-of-bounds-issue.patch (git-fixes CVE-2025-40020 bsc#1252679). - Update patches.suse/can-sun4i_can-populate-ndo_change_mtu-to-prevent-buf.patch (git-fixes CVE-2025-39986 bsc#1252078). - Update patches.suse/crypto-essiv-Check-ssize-for-decryption-and-in-place.patch (git-fixes CVE-2025-40019 bsc#1252678). - Update patches.suse/crypto-hisilicon-qm-set-NULL-to-qm-debug.qm_diff_reg.patch (git-fixes CVE-2025-40062 bsc#1252850). - Update patches.suse/drm-gma500-Fix-null-dereference-in-hdmi-teardown.patch (git-fixes CVE-2025-40011 bsc#1252336). - Update patches.suse/drm-sched-Fix-potential-double-free-in-drm_sched_job.patch (git-fixes CVE-2025-40096 bsc#1252902). - Update patches.suse/fbcon-fix-integer-overflow-in-fbcon_do_set_font.patch (git-fixes CVE-2025-39967 bsc#1252033). - Update patches.suse/fbdev-simplefb-Fix-use-after-free-in-simplefb_detach.patch (git-fixes CVE-2025-40037 bsc#1252819). - Update patches.suse/fs-proc-task_mmu-check-p-vec_buf-for-NULL.patch (git-fixes CVE-2025-40009 bsc#1252333). - Update patches.suse/fs-udf-fix-OOB-read-in-lengthAllocDescs-handling.patch (git-fixes CVE-2025-40044 bsc#1252785). - Update patches.suse/io_uring-fix-multishots-with-selected-buffers.patch (git-fixes CVE-2025-40364 bsc#1241637). - Update patches.suse/iommu-vt-d-Disallow-dirty-tracking-if-incoherent-pag.patch (git-fixes CVE-2025-40058 bsc#1252854). - Update patches.suse/ixgbe-fix-too-early-devlink_free-in-ixgbe_remove.patch (git-fixes CVE-2025-40091 bsc#1252915). - Update patches.suse/ixgbevf-fix-mailbox-API-compatibility-by-negotiating.patch (bsc#1247222 CVE-2025-40104 bsc#1252921). - Update patches.suse/media-b2c2-Fix-use-after-free-causing-by-irq_check_w.patch (git-fixes CVE-2025-39996 bsc#1252065). - Update patches.suse/media-i2c-tc358743-Fix-use-after-free-bugs-caused-by.patch (git-fixes CVE-2025-39995 bsc#1252064). - Update patches.suse/media-rc-fix-races-with-imon_disconnect.patch (git-fixes CVE-2025-39993 bsc#1252070). - Update patches.suse/media-tuner-xc5000-Fix-use-after-free-in-xc5000_rele.patch (git-fixes CVE-2025-39994 bsc#1252072). - Update patches.suse/media-uvcvideo-Mark-invalid-entities-with-id-UVC_INV.patch (git-fixes CVE-2025-40016 bsc#1252346). - Update patches.suse/misc-fastrpc-fix-possible-map-leak-in-fastrpc_put_ar.patch (git-fixes CVE-2025-40036 bsc#1252865). - Update patches.suse/msft-hv-3336-uio_hv_generic-Let-userspace-take-care-of-interrupt-.patch (git-fixes CVE-2025-40048 bsc#1252862). - Update patches.suse/net-nfc-nci-Add-parameter-validation-for-packet-data.patch (git-fixes CVE-2025-40043 bsc#1252787). - Update patches.suse/smb-client-fix-crypto-buffers-in-non-linear-memory.patch (bsc#1250491 boo#1239206 CVE-2025-40052 bsc#1252851). - Update patches.suse/tty-n_gsm-Don-t-block-input-queue-by-waiting-MSC.patch (git-fixes CVE-2025-40071 bsc#1252797). - Update patches.suse/wifi-ath11k-fix-NULL-dereference-in-ath11k_qmi_m3_lo.patch (git-fixes CVE-2025-39991 bsc#1252075). - Update patches.suse/xfrm-xfrm_alloc_spi-shouldn-t-use-0-as-SPI.patch (CVE-2025-39797 bsc#1249608 CVE-2025-39965 bsc#1251967). - commit 0209f26 - coresight: trbe: Return NULL pointer for allocation failures (CVE-2025-40060 bsc#1252848). - commit f6a5f19 ++++ suse-module-tools: - Update to version 16.0.62: * spec file: remove %udev_rules_update call (bsc#1250664) ++++ systemd-presets-branding-ALP-transactional: - disable cockpit.socket (to override SUSE default) (bsc#1252729) ------------------------------------------------------------------ ------------------ 2025-11-2 - Nov 2 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Delete patches.suse/cpuidle-menu-Avoid-discarding-useful-information.patch. - commit 8ddc500 - regulator: bd718x7: Fix voltages scaled by resistor divider (git-fixes). - regmap: slimbus: fix bus_context pointer in regmap init calls (git-fixes). - commit 8599172 ++++ kernel-rt: - Delete patches.suse/cpuidle-menu-Avoid-discarding-useful-information.patch. - commit 8ddc500 - regulator: bd718x7: Fix voltages scaled by resistor divider (git-fixes). - regmap: slimbus: fix bus_context pointer in regmap init calls (git-fixes). - commit 8599172 ++++ ucode-amd: - Update to version 20251031 (git commit 04b323bb64f9): * linux-firmware: Update AMD cpu microcode ------------------------------------------------------------------ ------------------ 2025-11-1 - Nov 1 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/ast: Clear preserved bits from register output value (git-fixes). - drm/panel: kingdisplay-kd097d04: Disable EoTp (git-fixes). - drm/panel: sitronix-st7789v: fix sync flags for t28cp45tn89 (git-fixes). - drm/etnaviv: fix flush sequence logic (git-fixes). - drm/nouveau: Fix race in nouveau_sched_fini() (git-fixes). - drm/sysfb: Do not dereference NULL pointer in plane reset (git-fixes). - drm/msm/dpu: Require linear modifier for writeback framebuffers (git-fixes). - drm/msm/dpu: Fix pixel extension sub-sampling (git-fixes). - drm/msm/a6xx: Fix GMU firmware parser (git-fixes). - drm/amdgpu: fix SPDX header on cyan_skillfish_reg_init.c (git-fixes). - drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Iceland (git-fixes). - drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Fiji (git-fixes). - drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes). - drm/radeon: Remove calls to drm_put_dev() (git-fixes). - drm/radeon: Do not kfree() devres managed rdev (git-fixes). - drm/mediatek: Fix device use-after-free on unbind (git-fixes). - ASoC: fsl_sai: Fix sync error in consumer mode (git-fixes). - ASoC: fsl_sai: fix bit order for DSD format (git-fixes). - ASoC: Intel: avs: Disable periods-elapsed work when closing PCM (git-fixes). - ASoC: Intel: avs: Unprepare a stream when XRUN occurs (git-fixes). - ASoC: mediatek: Fix double pm_runtime_disable in remove functions (git-fixes). - ASoC: qdsp6: q6asm: do not sleep while atomic (git-fixes). - ALSA: usb-audio: fix control pipe direction (git-fixes). - crypto: aspeed - fix double free caused by devm (git-fixes). - commit cd0d1a8 ++++ kernel-rt: - drm/ast: Clear preserved bits from register output value (git-fixes). - drm/panel: kingdisplay-kd097d04: Disable EoTp (git-fixes). - drm/panel: sitronix-st7789v: fix sync flags for t28cp45tn89 (git-fixes). - drm/etnaviv: fix flush sequence logic (git-fixes). - drm/nouveau: Fix race in nouveau_sched_fini() (git-fixes). - drm/sysfb: Do not dereference NULL pointer in plane reset (git-fixes). - drm/msm/dpu: Require linear modifier for writeback framebuffers (git-fixes). - drm/msm/dpu: Fix pixel extension sub-sampling (git-fixes). - drm/msm/a6xx: Fix GMU firmware parser (git-fixes). - drm/amdgpu: fix SPDX header on cyan_skillfish_reg_init.c (git-fixes). - drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Iceland (git-fixes). - drm/amd/pm/powerplay/smumgr: Fix PCIeBootLinkLevel value on Fiji (git-fixes). - drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes). - drm/radeon: Remove calls to drm_put_dev() (git-fixes). - drm/radeon: Do not kfree() devres managed rdev (git-fixes). - drm/mediatek: Fix device use-after-free on unbind (git-fixes). - ASoC: fsl_sai: Fix sync error in consumer mode (git-fixes). - ASoC: fsl_sai: fix bit order for DSD format (git-fixes). - ASoC: Intel: avs: Disable periods-elapsed work when closing PCM (git-fixes). - ASoC: Intel: avs: Unprepare a stream when XRUN occurs (git-fixes). - ASoC: mediatek: Fix double pm_runtime_disable in remove functions (git-fixes). - ASoC: qdsp6: q6asm: do not sleep while atomic (git-fixes). - ALSA: usb-audio: fix control pipe direction (git-fixes). - crypto: aspeed - fix double free caused by devm (git-fixes). - commit cd0d1a8 ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to version 580.105.08 (boo#1252978) ------------------------------------------------------------------ ------------------ 2025-10-31 - Oct 31 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - smb: client: fix potential cfid UAF in smb2_query_info_compound (git-fixes). - commit ae8c7ce - vhost: vringh: Fix copy_to_iter return value check (CVE-2025-40056 bsc#1252826) - commit 2460f9a - net: tun: Update napi->skb after XDP process (CVE-2025-39984 bsc#1252081) - commit e3933a9 - btrfs: don't allow adding block device of less than 1 MB (git-fixes). - commit 568a3e3 - btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots() (git-fixes). - commit 348f92c - btrfs: do not assert we found block group item when creating free space tree (bsc#1252918 CVE-2025-40100). - commit ec19be1 - btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl (git-fixes). - commit 84fb697 - btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (git-fixes). - commit 2ab85fb - btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (git-fixes). - commit 754a7d0 - Bluetooth: hci_core: Fix tracking of periodic advertisement (git-fixes). - commit e160131 - mm/mremap: correctly account old mapping after MREMAP_DONTUNMAP remap (git-fixes). - commit a874d3d - tmpfs: preserve SB_I_VERSION on remount (git-fixes). - commit 16a0fb3 - mm: shmem: fix the shmem large folio allocation for the i915 driver (git-fixes). - commit 3b07e73 - mm: fix finish_fault() handling for large folios (git-fixes). - commit 1f5c347 - mm: don't skip arch_sync_kernel_mappings() in error paths (git-fixes). - commit aab904b - coredump: Only sort VMAs when core_sort_vma sysctl is set (git-fixes). - commit 2a877a6 - net: sctp: fix KMSAN uninit-value in sctp_inq_pop (git-fixes). - commit 3c3210d - sctp: avoid NULL dereference when chunk data buffer is missing (git-fixes). - commit de09ec4 - net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (git-fixes). - commit 0da23a3 - inet: ping: check sock_net() in ping_get_port() and ping_lookup() (git-fixes). - commit acb0bb7 - sctp: Fix MAC comparison to be constant-time (git-fixes). - commit 2363529 - ipv4: Fix NULL vs error pointer check in inet_blackhole_dev_init() (git-fixes). - commit 9c6ff53 - sctp: Do not wake readers in __sctp_write_space() (git-fixes). - commit 9974f7a - ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (git-fixes). - ACPI: button: Call input_free_device() on failing input device registration (git-fixes). - fbdev: atyfb: Check if pll_ops->init_pll failed (git-fixes). - fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (git-fixes). - net: phy: dp83869: fix STRAP_OPMODE bitmask (git-fixes). - net: usb: asix_devices: Check return value of usbnet_get_endpoints (git-fixes). - Bluetooth: rfcomm: fix modem control handling (git-fixes). - Bluetooth: btintel_pcie: Fix event packet loss issue (git-fixes). - Bluetooth: ISO: Fix another instance of dst_type handling (git-fixes). - Revert "Bluetooth: L2CAP: convert timeouts to secs_to_jiffies()" (git-fixes). - Bluetooth: btmtksdio: Add pmctrl handling for BT closed state during reset (git-fixes). - Bluetooth: ISO: Fix BIS connection dst_type handling (git-fixes). - Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once (git-fixes). - usbnet: Prevents free active kevent (git-fixes). - wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (git-fixes). - wifi: ath12k: free skb during idr cleanup callback (git-fixes). - wifi: ath11k: Add missing platform IDs for quirk table (git-fixes). - wifi: ath10k: Fix memory leak on unsupported WMI command (git-fixes). - wifi: mac80211: reset FILS discovery and unsol probe resp intervals (git-fixes). - usbnet: Fix using smp_processor_id() in preemptible code warnings (git-fixes). - commit 02b30ff ++++ kernel-rt: - smb: client: fix potential cfid UAF in smb2_query_info_compound (git-fixes). - commit ae8c7ce - vhost: vringh: Fix copy_to_iter return value check (CVE-2025-40056 bsc#1252826) - commit 2460f9a - net: tun: Update napi->skb after XDP process (CVE-2025-39984 bsc#1252081) - commit e3933a9 - btrfs: don't allow adding block device of less than 1 MB (git-fixes). - commit 568a3e3 - btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots() (git-fixes). - commit 348f92c - btrfs: do not assert we found block group item when creating free space tree (bsc#1252918 CVE-2025-40100). - commit ec19be1 - btrfs: fix memory leak on duplicated memory in the qgroup assign ioctl (git-fixes). - commit 84fb697 - btrfs: fix clearing of BTRFS_FS_RELOC_RUNNING if relocation already running (git-fixes). - commit 2ab85fb - btrfs: avoid potential out-of-bounds in btrfs_encode_fh() (git-fixes). - commit 754a7d0 - Bluetooth: hci_core: Fix tracking of periodic advertisement (git-fixes). - commit e160131 - mm/mremap: correctly account old mapping after MREMAP_DONTUNMAP remap (git-fixes). - commit a874d3d - tmpfs: preserve SB_I_VERSION on remount (git-fixes). - commit 16a0fb3 - mm: shmem: fix the shmem large folio allocation for the i915 driver (git-fixes). - commit 3b07e73 - mm: fix finish_fault() handling for large folios (git-fixes). - commit 1f5c347 - mm: don't skip arch_sync_kernel_mappings() in error paths (git-fixes). - commit aab904b - coredump: Only sort VMAs when core_sort_vma sysctl is set (git-fixes). - commit 2a877a6 - net: sctp: fix KMSAN uninit-value in sctp_inq_pop (git-fixes). - commit 3c3210d - sctp: avoid NULL dereference when chunk data buffer is missing (git-fixes). - commit de09ec4 - net/sctp: fix a null dereference in sctp_disposition sctp_sf_do_5_1D_ce() (git-fixes). - commit 0da23a3 - inet: ping: check sock_net() in ping_get_port() and ping_lookup() (git-fixes). - commit acb0bb7 - sctp: Fix MAC comparison to be constant-time (git-fixes). - commit 2363529 - ipv4: Fix NULL vs error pointer check in inet_blackhole_dev_init() (git-fixes). - commit 9c6ff53 - sctp: Do not wake readers in __sctp_write_space() (git-fixes). - commit 9974f7a - ACPI: video: Fix use-after-free in acpi_video_switch_brightness() (git-fixes). - ACPI: button: Call input_free_device() on failing input device registration (git-fixes). - fbdev: atyfb: Check if pll_ops->init_pll failed (git-fixes). - fbdev: valkyriefb: Fix reference count leak in valkyriefb_init (git-fixes). - net: phy: dp83869: fix STRAP_OPMODE bitmask (git-fixes). - net: usb: asix_devices: Check return value of usbnet_get_endpoints (git-fixes). - Bluetooth: rfcomm: fix modem control handling (git-fixes). - Bluetooth: btintel_pcie: Fix event packet loss issue (git-fixes). - Bluetooth: ISO: Fix another instance of dst_type handling (git-fixes). - Revert "Bluetooth: L2CAP: convert timeouts to secs_to_jiffies()" (git-fixes). - Bluetooth: btmtksdio: Add pmctrl handling for BT closed state during reset (git-fixes). - Bluetooth: ISO: Fix BIS connection dst_type handling (git-fixes). - Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once (git-fixes). - usbnet: Prevents free active kevent (git-fixes). - wifi: brcmfmac: fix crash while sending Action Frames in standalone AP Mode (git-fixes). - wifi: ath12k: free skb during idr cleanup callback (git-fixes). - wifi: ath11k: Add missing platform IDs for quirk table (git-fixes). - wifi: ath10k: Fix memory leak on unsupported WMI command (git-fixes). - wifi: mac80211: reset FILS discovery and unsol probe resp intervals (git-fixes). - usbnet: Fix using smp_processor_id() in preemptible code warnings (git-fixes). - commit 02b30ff ++++ samba: - Update [printers] location to /var/samba/spool; (bsc#1249179). ------------------------------------------------------------------ ------------------ 2025-10-30 - Oct 30 2025 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20251030.441f926: * Add systemd to /etc/nsswitch.conf [bsc#1250513] * Add group-directories-first option * prevent normal users from accessing dmesg (bsc#1249686) * Use explicit defaults for XDG environment variables ++++ kernel-default: - bpf: Explicitly check accesses to bpf_sock_addr (CVE-2025-40078 bsc#1252789). - commit 3153aa7 - mm: swap: check for stable address space before operating on the VMA (CVE-2025-39992 bsc#1252076). - commit cb5a00c - kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939). - commit 2f5c813 - Refresh patches.suse/perf-hwmon_pmu-Fix-uninitialized-variable-warning.patch. - commit 88b2431 ++++ kernel-rt: - bpf: Explicitly check accesses to bpf_sock_addr (CVE-2025-40078 bsc#1252789). - commit 3153aa7 - mm: swap: check for stable address space before operating on the VMA (CVE-2025-39992 bsc#1252076). - commit cb5a00c - kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939). - commit 2f5c813 - Refresh patches.suse/perf-hwmon_pmu-Fix-uninitialized-variable-warning.patch. - commit 88b2431 ------------------------------------------------------------------ ------------------ 2025-10-29 - Oct 29 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ipvs: Defer ip_vs_ftp unregister during netns cleanup (CVE-2025-40018 bsc#1252688). - commit 64026d5 - NFSD: Fix crash in nfsd4_read_release() (git-fixes). - commit e00ae91 - x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1252725). - commit 8983a77 ++++ kernel-rt: - ipvs: Defer ip_vs_ftp unregister during netns cleanup (CVE-2025-40018 bsc#1252688). - commit 64026d5 - NFSD: Fix crash in nfsd4_read_release() (git-fixes). - commit e00ae91 - x86/microcode/AMD: Limit Entrysign signature checking to known generations (bsc#1252725). - commit 8983a77 ++++ lz4: - security update - added patches CVE-2025-62813 [bsc#1252557], incorrect error handling when passing a NULL pointer to lz4frame functions allows for application crash when processing untrusted LZ4 frames * lz4-CVE-2025-62813.patch ++++ ucode-amd: - Update to version 20251028 (git commit 4f72031fc195): * linux-firmware: Update AMD cpu microcode ------------------------------------------------------------------ ------------------ 2025-10-28 - Oct 28 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: x86: Don't load/put vCPU when unloading its MMU during teardown (git-fixes). - commit 625c23b - md/raid1: fix data lost for writemostly rdev (git-fixes). - commit 9711ae3 - timers: Add missing READ_ONCE() in __run_timer_base() (git-fixes). - commit 01edf7f - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID (bsc#1252734). - commit bcfb9ac - x86/resctrl: Refactor resctrl_arch_rmid_read() (bsc#1252734). - commit 47cb871 - Update patches.suse/nvme-auth-update-bi_directional-flag.patch (git-fixes bsc#1249735). - Update patches.suse/nvme-tcp-send-only-permitted-commands-for-secure-con.patch (git-fixes bsc#1249397 bsc#1249398). - commit a032b7d - net/smc: fix warning in smc_rx_splice() when calling get_page() (CVE-2025-40012 bsc#1252330). - commit 75584c2 - KVM: x86: move vm_destroy callback at end of kvm_arch_destroy_vm (git-fixes). - commit e564cdc - Update patches.suse/nvme-auth-update-bi_directional-flag.patch (git-fixes bsc#1249735). - Update patches.suse/nvme-tcp-send-only-permitted-commands-for-secure-con.patch (git-fixes bsc#1249397). - commit b5375ad - nvme/tcp: handle tls partially sent records in write_space() (git-fixes). - nvme-auth: update sc_c in host response (git-fixes bsc#1249397). - nvme-multipath: Skip nr_active increments in RETRY disposition (git-fixes). - nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk (git-fixes). - commit 988d439 - i40e: add max boundary check for VF filters (CVE-2025-39968 bsc#1252047). - i40e: fix validation of VF state in get resources (CVE-2025-39969 bsc#1252044). - i40e: fix idx validation in i40e_validate_queue_map (CVE-2025-39972 bsc#1252039). - i40e: add validation for ring_len param (CVE-2025-39973 bsc#1252035). - igc: don't fail igc_probe() on LED setup error (CVE-2025-39956 bsc#1251809). - ice: fix Rx page leak on multi-buffer frames (CVE-2025-39948 bsc#1251233). - qed: Don't collect too many protection override GRC elements (CVE-2025-39949 bsc#1251177). - commit fd8c4e7 - drm/xe/guc_submit: fix race around pending_disable (git-fixes). - commit 4c4892e - drm/xe/guc: Adding steering info support for GuC register lists (git-fixes). - commit 3d70978 - drm/xe/guc: Prepare GuC register list and update ADS size for error capture (stable-fixes). - Refresh patches.suse/drm-xe-Set-LRC-addresses-before-guc-load.patch. - commit b0f889f - Remove unnecessary firmware version check for gc v9_4_2 (stable-fixes). - commit f08b376 - KVM: TDX: Fix uninitialized error code for __tdx_bringup() (git-fixes). - commit 91d2e64 - KVM: TDX: Remove redundant __GFP_ZERO (git-fixes). - commit d028109 - x86/tdx: Skip clearing reclaimed pages unless X86_BUG_TDX_PW_MCE is present (git-fixes). - commit 99576da - x86/tdx: Tidy reset_pamt functions (git-fixes). - commit 39b4875 - x86/tdx: Eliminate duplicate code in tdx_clear_page() (git-fixes). - commit b1d3c98 - KVM: TDX: Move TDX hardware setup from main.c to tdx.c (git-fixes). - commit f5a7c5b - cpufreq/amd-pstate: Avoid shadowing ret in amd_pstate_ut_check_driver() (git-fixes). - commit f494d60 ++++ kernel-rt: - KVM: x86: Don't load/put vCPU when unloading its MMU during teardown (git-fixes). - commit 625c23b - md/raid1: fix data lost for writemostly rdev (git-fixes). - commit 9711ae3 - timers: Add missing READ_ONCE() in __run_timer_base() (git-fixes). - commit 01edf7f - x86/resctrl: Fix miscount of bandwidth event when reactivating previously unavailable RMID (bsc#1252734). - commit bcfb9ac - x86/resctrl: Refactor resctrl_arch_rmid_read() (bsc#1252734). - commit 47cb871 - Update patches.suse/nvme-auth-update-bi_directional-flag.patch (git-fixes bsc#1249735). - Update patches.suse/nvme-tcp-send-only-permitted-commands-for-secure-con.patch (git-fixes bsc#1249397 bsc#1249398). - commit a032b7d - net/smc: fix warning in smc_rx_splice() when calling get_page() (CVE-2025-40012 bsc#1252330). - commit 75584c2 - KVM: x86: move vm_destroy callback at end of kvm_arch_destroy_vm (git-fixes). - commit e564cdc - Update patches.suse/nvme-auth-update-bi_directional-flag.patch (git-fixes bsc#1249735). - Update patches.suse/nvme-tcp-send-only-permitted-commands-for-secure-con.patch (git-fixes bsc#1249397). - commit b5375ad - nvme/tcp: handle tls partially sent records in write_space() (git-fixes). - nvme-auth: update sc_c in host response (git-fixes bsc#1249397). - nvme-multipath: Skip nr_active increments in RETRY disposition (git-fixes). - nvme-pci: Add TUXEDO IBS Gen8 to Samsung sleep quirk (git-fixes). - commit 988d439 - i40e: add max boundary check for VF filters (CVE-2025-39968 bsc#1252047). - i40e: fix validation of VF state in get resources (CVE-2025-39969 bsc#1252044). - i40e: fix idx validation in i40e_validate_queue_map (CVE-2025-39972 bsc#1252039). - i40e: add validation for ring_len param (CVE-2025-39973 bsc#1252035). - igc: don't fail igc_probe() on LED setup error (CVE-2025-39956 bsc#1251809). - ice: fix Rx page leak on multi-buffer frames (CVE-2025-39948 bsc#1251233). - qed: Don't collect too many protection override GRC elements (CVE-2025-39949 bsc#1251177). - commit fd8c4e7 - drm/xe/guc_submit: fix race around pending_disable (git-fixes). - commit 4c4892e - drm/xe/guc: Adding steering info support for GuC register lists (git-fixes). - commit 3d70978 - drm/xe/guc: Prepare GuC register list and update ADS size for error capture (stable-fixes). - Refresh patches.suse/drm-xe-Set-LRC-addresses-before-guc-load.patch. - commit b0f889f - Remove unnecessary firmware version check for gc v9_4_2 (stable-fixes). - commit f08b376 - KVM: TDX: Fix uninitialized error code for __tdx_bringup() (git-fixes). - commit 91d2e64 - KVM: TDX: Remove redundant __GFP_ZERO (git-fixes). - commit d028109 - x86/tdx: Skip clearing reclaimed pages unless X86_BUG_TDX_PW_MCE is present (git-fixes). - commit 99576da - x86/tdx: Tidy reset_pamt functions (git-fixes). - commit 39b4875 - x86/tdx: Eliminate duplicate code in tdx_clear_page() (git-fixes). - commit b1d3c98 - KVM: TDX: Move TDX hardware setup from main.c to tdx.c (git-fixes). - commit f5a7c5b - cpufreq/amd-pstate: Avoid shadowing ret in amd_pstate_ut_check_driver() (git-fixes). - commit f494d60 ------------------------------------------------------------------ ------------------ 2025-10-27 - Oct 27 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Enable SELinux in default daemon.json config (--selinux-enabled). This has no practical impact on non-SELinux systems. bsc#1252290 ++++ kernel-default: - scsi: libfc: Prevent integer overflow in fc_fcp_recv_data() (git-fixes). - md: fix mssing blktrace bio split events (git-fixes). - commit 8af9b0e - scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267). - hyperv: Remove the spurious null directive line (git-fixes). - Drivers: hv: vmbus: Fix typos in vmbus_drv.c (git-fixes). - Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git-fixes). - Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes). - mshv: Handle NEED_RESCHED_LAZY before transferring to guest (git-fixes). - x86/hyperv: Add kexec/kdump support on Azure CVMs (git-fixes). - Drivers: hv: util: Cosmetic changes for hv_utils_transport.c (git-fixes). - clocksource: hyper-v: Skip unnecessary checks for the root partition (git-fixes). - hyperv: Add missing field to hv_output_map_device_interrupt (git-fixes). - uio_hv_generic: Let userspace take care of interrupt mask (git-fixes). - scsi: storvsc: Remove redundant ternary operators (git-fixes). - net: mana: Reduce waiting time if HWC not responding (git-fixes). - commit dc5fea5 - amd-pstate-ut: Reset amd-pstate driver mode after running selftests (bsc#1249226). - commit 62def1a - cpufreq/amd-pstate: Fix a regression leading to EPP 0 after hibernate (git-fixes). - commit 60d54b4 - ACPI: platform-profile: Fix CFI violation when accessing sysfs files (git-fixes). - commit 6a68087 - tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (git-fixes). - commit 9b6914d - octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (CVE-2025-39978 bsc#1252069). - tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (CVE-2025-39955 bsc#1251804). - commit 63120f8 - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (CVE-2025-40000 bsc#1252062). - commit 247f800 - most: usb: hdm_probe: Fix calling put_device() before device initialization (git-fixes). - most: usb: Fix use-after-free in hdm_disconnect (git-fixes). - misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup (git-fixes). - serial: 8250_mtk: Enable baud clock and manage in runtime PM (git-fixes). - serial: 8250_dw: handle reset control deassert error (git-fixes). - serial: sc16is7xx: remove useless enable of enhanced features (git-fixes). - xhci: dbc: enable back DbC in resume if it was enabled before suspend (git-fixes). - xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event (git-fixes). - spi: airoha: fix reading/writing of flashes with more than one plane per lun (git-fixes). - spi: airoha: add support of dual/quad wires spi modes to exec_op() handler (git-fixes). - spi: airoha: return an error for continuous mode dirmap creation cases (git-fixes). - spi: spi-nxp-fspi: add extra delay after dll locked (git-fixes). - net: usb: rtl8150: Fix frame padding (git-fixes). - net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset (git-fixes). - r8152: add error handling in rtl8152_driver_init (git-fixes). - r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H (git-fixes). - rtc: interface: Ensure alarm irq is enabled when UIE is enabled (stable-fixes). - rtc: interface: Fix long-standing race when setting alarm (stable-fixes). - PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release (git-fixes). - PCI/AER: Support errors introduced by PCIe r6.0 (stable-fixes). - phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes). - phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling (git-fixes). - phy: cdns-dphy: Store hs_clk_rate and return it (stable-fixes). - mtd: rawnand: fsmc: Default to autodetect buswidth (stable-fixes). - wifi: mt76: mt7921u: Add VID/PID for Netgear A7500 (stable-fixes). - wifi: mt76: mt7925u: Add VID/PID for Netgear A9000 (stable-fixes). - media: vivid: fix disappearing messages (git-fixes). - media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (git-fixes). - mmc: mmc_spi: multiple block read remove read crc ack (stable-fixes). - mmc: core: SPI mode remove cmd7 (stable-fixes). - lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older (stable-fixes). - PM: runtime: Add new devm functions (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (stable-fixes). - net: usb: lan78xx: Add error handling to lan78xx_init_mac_address (stable-fixes). - PCI: endpoint: Remove surplus return statement from pci_epf_test_clean_dma_chan() (stable-fixes). - commit 7cc4d1c - drm/panic: Fix qr_code, ensure vmargin is positive (git-fixes). - firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode (git-fixes). - firmware: arm_scmi: Account for failed debug initialization (git-fixes). - hwmon: (sht3x) Fix error handling (git-fixes). - gpio: ljca: Fix duplicated IRQ mapping (git-fixes). - gpio: pci-idio-16: Define maximum valid register address offset (git-fixes). - gpio: 104-idio-16: Define maximum valid register address offset (git-fixes). - HID: multitouch: fix name of Stylus input devices (git-fixes). - HID: hid-input: only ignore 0 battery events for digitizers (git-fixes). - commit 07ce516 - ASoC: SOF: ipc4-pcm: Enable delay reporting for ChainDMA streams (stable-fixes). - Refresh patches.suse/ASoC-SOF-ipc4-topology-Correct-the-minimum-host-DMA-.patch. - commit fc33a6f - drm/panic: Fix drawing the logo on a small narrow screen (git-fixes). - drm/panthor: Fix kernel panic on partial unmap of a GPU VA region (git-fixes). - drm/amd/display: use GFP_NOWAIT for allocation in interrupt handler (git-fixes). - can: netlink: can_changelink(): allow disabling of automatic restart (git-fixes). - can: rockchip-canfd: rkcanfd_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes). - can: esd: acc_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes). - can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes). - ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit (git-fixes). - ASoC: nau8821: Generalize helper to clear IRQ status (git-fixes). - ASoC: nau8821: Cancel jdet_work before handling jack ejection (git-fixes). - ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails (git-fixes). - ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec (git-fixes). - ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card (git-fixes). - ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (git-fixes). - drm/xe/guc: Check GuC running state before deregistering exec queue (git-fixes). - drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (git-fixes). - accel/qaic: Synchronize access to DBC request queue head & tail pointer (git-fixes). - accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() (git-fixes). - accel/qaic: Fix bootlog initialization ordering (git-fixes). - drm/rockchip: vop2: use correct destination rectangle height check (git-fixes). - drm/bridge: lt9211: Drop check for last nibble of version register (git-fixes). - drm/panthor: Ensure MCU is disabled on suspend (git-fixes). - drm/amdgpu: fix gfx12 mes packet status return check (stable-fixes). - drm/amd/powerplay: Fix CIK shutdown temperature (git-fixes). - drm/amdgpu: use atomic functions with memory barriers for vm fault info (git-fixes). - drm/amdgpu: fix handling of harvesting for ip_discovery firmware (git-fixes). - drm/i915/guc: Skip communication warning on reset in progress (git-fixes). - can: m_can: m_can_chip_config(): bring up interface in correct state (git-fixes). - can: m_can: m_can_handle_state_errors(): fix CAN state transition to Error Active (git-fixes). - can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() (git-fixes). - can: gs_usb: gs_make_candev(): populate net_device->dev_port (git-fixes). - can: gs_usb: increase max interface to U8_MAX (git-fixes). - ASoC: SOF: ipc4-pcm: fix start offset calculation for chain DMA (git-fixes). - ASoC: SOF: ipc4-pcm: fix delay calculation when DSP resamples (git-fixes). - clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver (git-fixes). - clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() (stable-fixes). - drm/amdgpu: add support for cyan skillfish without IP discovery (stable-fixes). - drm/amdgpu: add ip offset support for cyan skillfish (stable-fixes). - ACPI: property: Do not pass NULL handles to acpi_attach_data() (git-fixes). - ACPI: property: Add code comments explaining what is going on (stable-fixes). - ACPI: property: Disregard references in data-only subnode lists (stable-fixes). - ACPICA: Allow to skip Global Lock initialization (stable-fixes). - drm/exynos: exynos7_drm_decon: properly clear channels during bind (stable-fixes). - drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions (stable-fixes). - commit fba5dbc - spi: cadence-quadspi: Implement refcount to handle unbind during busy (CVE-2025-40005 bsc#1252349). - commit 3246504 ++++ kernel-rt: - scsi: libfc: Prevent integer overflow in fc_fcp_recv_data() (git-fixes). - md: fix mssing blktrace bio split events (git-fixes). - commit 8af9b0e - scsi: storvsc: Prefer returning channel with the same CPU as on the I/O issuing CPU (bsc#1252267). - hyperv: Remove the spurious null directive line (git-fixes). - Drivers: hv: vmbus: Fix typos in vmbus_drv.c (git-fixes). - Drivers: hv: vmbus: Fix sysfs output format for ring buffer index (git-fixes). - Drivers: hv: vmbus: Clean up sscanf format specifier in target_cpu_store() (git-fixes). - mshv: Handle NEED_RESCHED_LAZY before transferring to guest (git-fixes). - x86/hyperv: Add kexec/kdump support on Azure CVMs (git-fixes). - Drivers: hv: util: Cosmetic changes for hv_utils_transport.c (git-fixes). - clocksource: hyper-v: Skip unnecessary checks for the root partition (git-fixes). - hyperv: Add missing field to hv_output_map_device_interrupt (git-fixes). - uio_hv_generic: Let userspace take care of interrupt mask (git-fixes). - scsi: storvsc: Remove redundant ternary operators (git-fixes). - net: mana: Reduce waiting time if HWC not responding (git-fixes). - commit dc5fea5 - amd-pstate-ut: Reset amd-pstate driver mode after running selftests (bsc#1249226). - commit 62def1a - cpufreq/amd-pstate: Fix a regression leading to EPP 0 after hibernate (git-fixes). - commit 60d54b4 - ACPI: platform-profile: Fix CFI violation when accessing sysfs files (git-fixes). - commit 6a68087 - tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request() (git-fixes). - commit 9b6914d - octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (CVE-2025-39978 bsc#1252069). - tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (CVE-2025-39955 bsc#1251804). - commit 63120f8 - wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (CVE-2025-40000 bsc#1252062). - commit 247f800 - most: usb: hdm_probe: Fix calling put_device() before device initialization (git-fixes). - most: usb: Fix use-after-free in hdm_disconnect (git-fixes). - misc: fastrpc: Fix dma_buf object leak in fastrpc_map_lookup (git-fixes). - serial: 8250_mtk: Enable baud clock and manage in runtime PM (git-fixes). - serial: 8250_dw: handle reset control deassert error (git-fixes). - serial: sc16is7xx: remove useless enable of enhanced features (git-fixes). - xhci: dbc: enable back DbC in resume if it was enabled before suspend (git-fixes). - xhci: dbc: fix bogus 1024 byte prefix if ttyDBC read races with stall event (git-fixes). - spi: airoha: fix reading/writing of flashes with more than one plane per lun (git-fixes). - spi: airoha: add support of dual/quad wires spi modes to exec_op() handler (git-fixes). - spi: airoha: return an error for continuous mode dirmap creation cases (git-fixes). - spi: spi-nxp-fspi: add extra delay after dll locked (git-fixes). - net: usb: rtl8150: Fix frame padding (git-fixes). - net: usb: lan78xx: fix use of improperly initialized dev->chipid in lan78xx_reset (git-fixes). - r8152: add error handling in rtl8152_driver_init (git-fixes). - r8169: fix packet truncation after S4 resume on RTL8168H/RTL8111H (git-fixes). - rtc: interface: Ensure alarm irq is enabled when UIE is enabled (stable-fixes). - rtc: interface: Fix long-standing race when setting alarm (stable-fixes). - PCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release (git-fixes). - PCI/AER: Support errors introduced by PCIe r6.0 (stable-fixes). - phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes). - phy: cadence: cdns-dphy: Fix PLL lock and O_CMN_READY polling (git-fixes). - phy: cdns-dphy: Store hs_clk_rate and return it (stable-fixes). - mtd: rawnand: fsmc: Default to autodetect buswidth (stable-fixes). - wifi: mt76: mt7921u: Add VID/PID for Netgear A7500 (stable-fixes). - wifi: mt76: mt7925u: Add VID/PID for Netgear A9000 (stable-fixes). - media: vivid: fix disappearing messages (git-fixes). - media: nxp: imx8-isi: Drop unused argument to mxc_isi_channel_chain() (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Set use_single_read regmap_config flag (git-fixes). - mmc: mmc_spi: multiple block read remove read crc ack (stable-fixes). - mmc: core: SPI mode remove cmd7 (stable-fixes). - lib/crypto/curve25519-hacl64: Disable KASAN with clang-17 and older (stable-fixes). - PM: runtime: Add new devm functions (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Drop unneeded assignment for cache_type (stable-fixes). - mfd: intel_soc_pmic_chtdc_ti: Fix invalid regmap-config max_register value (stable-fixes). - net: usb: lan78xx: Add error handling to lan78xx_init_mac_address (stable-fixes). - PCI: endpoint: Remove surplus return statement from pci_epf_test_clean_dma_chan() (stable-fixes). - commit 7cc4d1c - drm/panic: Fix qr_code, ensure vmargin is positive (git-fixes). - firmware: arm_scmi: Fix premature SCMI_XFER_FLAG_IS_RAW clearing in raw mode (git-fixes). - firmware: arm_scmi: Account for failed debug initialization (git-fixes). - hwmon: (sht3x) Fix error handling (git-fixes). - gpio: ljca: Fix duplicated IRQ mapping (git-fixes). - gpio: pci-idio-16: Define maximum valid register address offset (git-fixes). - gpio: 104-idio-16: Define maximum valid register address offset (git-fixes). - HID: multitouch: fix name of Stylus input devices (git-fixes). - HID: hid-input: only ignore 0 battery events for digitizers (git-fixes). - commit 07ce516 - ASoC: SOF: ipc4-pcm: Enable delay reporting for ChainDMA streams (stable-fixes). - Refresh patches.suse/ASoC-SOF-ipc4-topology-Correct-the-minimum-host-DMA-.patch. - commit fc33a6f - drm/panic: Fix drawing the logo on a small narrow screen (git-fixes). - drm/panthor: Fix kernel panic on partial unmap of a GPU VA region (git-fixes). - drm/amd/display: use GFP_NOWAIT for allocation in interrupt handler (git-fixes). - can: netlink: can_changelink(): allow disabling of automatic restart (git-fixes). - can: rockchip-canfd: rkcanfd_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes). - can: esd: acc_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes). - can: bxcan: bxcan_start_xmit(): use can_dev_dropped_skb() instead of can_dropped_invalid_skb() (git-fixes). - ASoC: nau8821: Add DMI quirk to bypass jack debounce circuit (git-fixes). - ASoC: nau8821: Generalize helper to clear IRQ status (git-fixes). - ASoC: nau8821: Cancel jdet_work before handling jack ejection (git-fixes). - ASoC: amd/sdw_utils: avoid NULL deref when devm_kasprintf() fails (git-fixes). - ASoC: codecs: Fix gain setting ranges for Renesas IDT821034 codec (git-fixes). - ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card (git-fixes). - ALSA: firewire: amdtp-stream: fix enum kernel-doc warnings (git-fixes). - drm/xe/guc: Check GuC running state before deregistering exec queue (git-fixes). - drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (git-fixes). - accel/qaic: Synchronize access to DBC request queue head & tail pointer (git-fixes). - accel/qaic: Treat remaining == 0 as error in find_and_map_user_pages() (git-fixes). - accel/qaic: Fix bootlog initialization ordering (git-fixes). - drm/rockchip: vop2: use correct destination rectangle height check (git-fixes). - drm/bridge: lt9211: Drop check for last nibble of version register (git-fixes). - drm/panthor: Ensure MCU is disabled on suspend (git-fixes). - drm/amdgpu: fix gfx12 mes packet status return check (stable-fixes). - drm/amd/powerplay: Fix CIK shutdown temperature (git-fixes). - drm/amdgpu: use atomic functions with memory barriers for vm fault info (git-fixes). - drm/amdgpu: fix handling of harvesting for ip_discovery firmware (git-fixes). - drm/i915/guc: Skip communication warning on reset in progress (git-fixes). - can: m_can: m_can_chip_config(): bring up interface in correct state (git-fixes). - can: m_can: m_can_handle_state_errors(): fix CAN state transition to Error Active (git-fixes). - can: m_can: m_can_plat_remove(): add missing pm_runtime_disable() (git-fixes). - can: gs_usb: gs_make_candev(): populate net_device->dev_port (git-fixes). - can: gs_usb: increase max interface to U8_MAX (git-fixes). - ASoC: SOF: ipc4-pcm: fix start offset calculation for chain DMA (git-fixes). - ASoC: SOF: ipc4-pcm: fix delay calculation when DSP resamples (git-fixes). - clk: nxp: Fix pll0 rate check condition in LPC18xx CGU driver (git-fixes). - clk: nxp: lpc18xx-cgu: convert from round_rate() to determine_rate() (stable-fixes). - drm/amdgpu: add support for cyan skillfish without IP discovery (stable-fixes). - drm/amdgpu: add ip offset support for cyan skillfish (stable-fixes). - ACPI: property: Do not pass NULL handles to acpi_attach_data() (git-fixes). - ACPI: property: Add code comments explaining what is going on (stable-fixes). - ACPI: property: Disregard references in data-only subnode lists (stable-fixes). - ACPICA: Allow to skip Global Lock initialization (stable-fixes). - drm/exynos: exynos7_drm_decon: properly clear channels during bind (stable-fixes). - drm/exynos: exynos7_drm_decon: fix uninitialized crtc reference in functions (stable-fixes). - commit fba5dbc - spi: cadence-quadspi: Implement refcount to handle unbind during busy (CVE-2025-40005 bsc#1252349). - commit 3246504 ++++ ucode-amd: - Update to version 20251024 (git commit 9b899c779b8a): * amd-ucode: Fix minimum revisions in README ------------------------------------------------------------------ ------------------ 2025-10-26 - Oct 26 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - i40e: fix idx validation in config queues msg (CVE-2025-39971 bsc#1252052) - commit 61648b1 - i40e: fix input validation logic for action_meta (CVE-2025-39970 bsc#1252051) - commit 333e729 ++++ kernel-rt: - i40e: fix idx validation in config queues msg (CVE-2025-39971 bsc#1252052) - commit 61648b1 - i40e: fix input validation logic for action_meta (CVE-2025-39970 bsc#1252051) - commit 333e729 ------------------------------------------------------------------ ------------------ 2025-10-25 - Oct 25 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (git-fixes). - scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (git-fixes). - scsi: pm80xx: Fix pm8001_abort_task() for chip_8006 when using an expander (git-fixes). - scsi: pm80xx: Add helper function to get the local phy id (git-fixes). - scsi: pm80xx: Use dev_parent_is_expander() helper (git-fixes). - scsi: libsas: Add dev_parent_is_expander() helper (git-fixes). - scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (git-fixes). - scsi: core: sysfs: Correct sysfs attributes access rights (git-fixes). - scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans (git-fixes). - scsi: aacraid: Stop using PCI_IRQ_AFFINITY (git-fixes). - commit 3570466 - arm64, mm: avoid always making PTE dirty in pte_mkwrite() (git-fixes) - commit da7d611 - arm64: errata: Apply workarounds for Neoverse-V3AE (git-fixes) - commit 986e15f - arm64: cputype: Add Neoverse-V3AE definitions (git-fixes) - commit 47240ca ++++ kernel-rt: - scsi: mpt3sas: Fix crash in transport port remove by using ioc_info() (git-fixes). - scsi: hpsa: Fix potential memory leak in hpsa_big_passthru_ioctl() (git-fixes). - scsi: pm80xx: Fix pm8001_abort_task() for chip_8006 when using an expander (git-fixes). - scsi: pm80xx: Add helper function to get the local phy id (git-fixes). - scsi: pm80xx: Use dev_parent_is_expander() helper (git-fixes). - scsi: libsas: Add dev_parent_is_expander() helper (git-fixes). - scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod (git-fixes). - scsi: core: sysfs: Correct sysfs attributes access rights (git-fixes). - scsi: Fix sas_user_scan() to handle wildcard and multi-channel scans (git-fixes). - scsi: aacraid: Stop using PCI_IRQ_AFFINITY (git-fixes). - commit 3570466 - arm64, mm: avoid always making PTE dirty in pte_mkwrite() (git-fixes) - commit da7d611 - arm64: errata: Apply workarounds for Neoverse-V3AE (git-fixes) - commit 986e15f - arm64: cputype: Add Neoverse-V3AE definitions (git-fixes) - commit 47240ca ------------------------------------------------------------------ ------------------ 2025-10-24 - Oct 24 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers (git-fixes). - Refresh patches.suse/scsi-mpi3mr-Serialize-admin-queue-BAR-writes-on-32-bit-sys.patch. - commit 51bb9bc - scsi: mpt3sas: Correctly handle ATA device errors (git-fixes). - scsi: mpi3mr: Correctly handle ATA device errors (git-fixes). - commit 38e545b - kABI: fix for struct hrtimer_cpu_base (CVE-2025-21816 bsc#1238472) - commit 0177587 - xfs: rename the old_crc variable in xlog_recover_process (git-fixes). - commit a33e036 - NFSD: Minor cleanup in layoutcommit processing (git-fixes). - commit 0111c00 - NFSD: Rework encoding and decoding of nfsd4_deviceid (git-fixes). - commit 9c6f966 - nfsd: Drop dprintk in blocklayout xdr functions (git-fixes). - commit 6cb9aff - nfsd: Use correct error code when decoding extents (git-fixes). - commit 080ee5e ++++ kernel-rt: - scsi: mpi3mr: Drop unnecessary volatile from __iomem pointers (git-fixes). - Refresh patches.suse/scsi-mpi3mr-Serialize-admin-queue-BAR-writes-on-32-bit-sys.patch. - commit 51bb9bc - scsi: mpt3sas: Correctly handle ATA device errors (git-fixes). - scsi: mpi3mr: Correctly handle ATA device errors (git-fixes). - commit 38e545b - kABI: fix for struct hrtimer_cpu_base (CVE-2025-21816 bsc#1238472) - commit 0177587 - xfs: rename the old_crc variable in xlog_recover_process (git-fixes). - commit a33e036 - NFSD: Minor cleanup in layoutcommit processing (git-fixes). - commit 0111c00 - NFSD: Rework encoding and decoding of nfsd4_deviceid (git-fixes). - commit 9c6f966 - nfsd: Drop dprintk in blocklayout xdr functions (git-fixes). - commit 6cb9aff - nfsd: Use correct error code when decoding extents (git-fixes). - commit 080ee5e ------------------------------------------------------------------ ------------------ 2025-10-23 - Oct 23 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - blk-zoned: Fix a lockdep complaint about recursive locking (git-fixes). - block: fix kobject double initialization in add_disk (git-fixes). - lib/sbitmap: convert shallow_depth from one word to the whole sbitmap (git-fixes). - block: avoid possible overflow for chunk_sectors check in blk_stack_limits() (git-fixes). - commit 213ae89 - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (CVE-2025-39876 bsc#1250400) - commit 3be7e1e - proc: fix type confusion in pde_set_flags() (bsc#1248630) - commit 12ef5f2 - proc: fix missing pde_set_flags() for net proc files (bsc#1248630) - commit 9aac12e - proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CVE-2025-38653 bsc#1248630) - commit 038e313 - add bug reference to existing hv_netvsc change (bsc#1252265) - commit bded92b - fs/xattr.c: fix simple_xattr_list() (git-fixes). - commit 0c27ee1 ++++ kernel-rt: - blk-zoned: Fix a lockdep complaint about recursive locking (git-fixes). - block: fix kobject double initialization in add_disk (git-fixes). - lib/sbitmap: convert shallow_depth from one word to the whole sbitmap (git-fixes). - block: avoid possible overflow for chunk_sectors check in blk_stack_limits() (git-fixes). - commit 213ae89 - net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (CVE-2025-39876 bsc#1250400) - commit 3be7e1e - proc: fix type confusion in pde_set_flags() (bsc#1248630) - commit 12ef5f2 - proc: fix missing pde_set_flags() for net proc files (bsc#1248630) - commit 9aac12e - proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (CVE-2025-38653 bsc#1248630) - commit 038e313 - add bug reference to existing hv_netvsc change (bsc#1252265) - commit bded92b - fs/xattr.c: fix simple_xattr_list() (git-fixes). - commit 0c27ee1 ++++ unbound: - Update to 1.24.1: Security Fixes: * Fix CVE-2025-11411 (possible domain hijacking attack) [bsc#1252525] Features: * Increase default to num-queries-per-thread: 2048, when unbound is compiled with libevent. It makes saturation of the task queue more resource intensive and less practical. * Auto-configure '-slabs' values. * Change default for so-sndbuf to 1m, to mitigate a cross-layer issue where the UDP socket send buffers are exhausted waiting for ARP/NDP resolution. * Adjusted so-sndbuf default to 4m. * Add extra statistic to track the number of signature validation operations. Adds 'num.valops' to extended statistics. * [FR] Disable TLSv1.2. * unbound-control cache_lookup prints the cached rrsets and messages for those. * unbound-control cache_lookup +t allows tld and root names. And subnet cache contents are printed. * [FR] zone status for Unbound auth-zones. Bug Fixes: * Fix assertion failure testcode/unitverify.c:202. * Use macros for the fr_check_changed* functions. * Fix for parallel build of dnstap protoc-c output. * Fix dnstap to use protoc. * Sync unbound and unbound-checkconf log output for unknown modules. * Fix forward-zone "name: ." conflicts with auth-zone "name: ." in 1.23.0, but worked in 1.22.0. * Fix unsafe usage of atoi() while parsing the configuration file. * Fix auth nsec3 code. Fixes NSEC3 code to not break on broken auth zones that include unsigned out of zone (above apex) data. Could lead to hang while trying to prove a wildcard answer. * Fix NULL pointer deref in az_find_nsec_cover() (latent bug) by adding a log_assert() to safeguard future development. * Fix log-destaddr fail on long ipv6 addresses. * Fix config of slab values when there is no config file. * Fix for cname chain length with qtype ANY and qname minimisation. * RST man pages. It introduces restructuredText man pages to sync the online and source code man page documentation. The templated man pages (*.in) are still part of the repo but generated with docutils from their .rst counterpart. Documentation on how to generate those (mainly for core developers) is in README.man. * Add more checks about respip in unbound-checkconf. Also fixes unbound-checkconf not reporting RPZ configuration error. * [FR] Improve fuzzing of unbound by adapting the netbound program. * Small manpage corrections for the 'disable-dnssec-lame-check' option. * Fix unbound-anchor certificate file read for line ends and end of file. * Fix comment for the dname_remove_label_limit_len function. * iana portlist updated. * Fix bitwise operators in conditional expressions with parentheses. * Fix conditional expressions with parentheses for bitwise and. * Fix header return value description for skip_pkt_rrs and parse_edns_from_query_pkt. * Fix to check control-interface addresses in unbound-checkconf. * Fix Windows 32-bit binaries download seems to be missing dll dependency. * Fix for consistent use of local zone CNAME alias for configured auth zones. Now it also applies to downstream configured auth zones. * Fix DNS over QUIC depends on a very outdated version of ngtcp2. Fixed so it works with ngtcp2 1.13.0 and OpenSSL 3.5.0. * edns-subnet: fix NULL_AFTER_DEREF on subnetmod. * Fix rrset cache create allocation failure case. * Fix EDE 6 is attached to insecure cached answers when client sends the CD bit. * Fix forward-first: ssl handshake failed on root nameservers. * Turn off fetch-policy for delegation when looking into parent side name servers that may not update the addresses and hit NXNS limits. * Replay test (added tcp_transport to outnet_serviced_query). * Generate ltmain.sh and configure again. * Fix is 'sock-queue-timeout' a linux only feature. * Implement sock-queue-timeout for FreeBSD as well. * Fix layout of comm_point_udp_ancil_callback. * Fix to improve dnstap discovery on Fedora. * Fix detection of SSL_CTX_set_tmp_ecdh function. * Fix configure cant find SSL_is_quic in OpenSSL 3.5.1. * Test num.valops in existing stat_values.tdir. * Add num.valops in the unbound-control man page. * Add unit tests for non-ecs aggregation. * Fix to not set rlimits in the unit tests. * iana portlist updated. * Redis checks for server down and throttles reconnects. * Fix redis cachedb module gettimeofday init failure. * Fix testbound test program to accurately output packets from hex. * Fix incorrectly reclaimed tcp handler can cause data corruption and segfault. * Fix to use assertions for consistency checks in reclaimed tcp handlers. * Fix edns subnet, so that the subquery without subnet is stored in global cache if the querier used 0.0.0.0/0 and the name and address do not receive subnet treatment. If the name and address are configured for subnet, it is stored in the subnet cache. * Fix dname_str for printout of long names. * Fix that edns-subnet failure to create a subquery errors as servfail, and not formerror. * Fix to whitespace in dname_str. * Fix that unbound-control dump_cache releases the cache locks every so often, so that the server stays responsive. * Fix to remove debug from cache_lookup. * Fix to unlock cache_lookup message for malformed records. * Fix to increase responsiveness of dump_cache. * Fix to decouple file descriptor activity and cache lookups in dump_cache. * Fix cache_lookup subnet printout to wipe zero part of the prefix. * Fix cache_lookup subnet print to not print messages without rrsets and perform in-depth check on node in the addrtree. * Fix to check for extraneous command arguments for unbound-control, when the command takes no arguments but there are arguments present. * Fix contrib/unbound.service comment path for systemd network configuration. * Fix compile warnings for DoH compile on windows. * Fix sha1 enable environment variable in test code on windows. * Fix that the zone acquired timestamp is set after the zonefile is read. * Fix unbound-control dump_cache for double unlock of lruhash table. * Fix setup_listen_sslctx warning for nettle compile. * Limit the number of consecutive reads on an HTTP/2 session. * Fix to free edns options scratch in ratelimit case. * Fix outdated Python2 code in unbound/pythonmod/examples/log.py. * Fix memory leak in 'msgparse.c' in 'parse_edns_options_from_query(...)'. * Fix indentation in tcp-mss option parsing. * Fix make depend. * Update documentation for using "SET ... EX" in Redis. * Document max buffer sizes for Redis commands. * Update man pages. * Fix CNAME chains are sometimes not followed when RPZs add a local CNAME rewrite. * Update contrib/aaaa-filter-iterator.patch so it applies on 1.24.0. * Small debug output improvement when attaching an EDE. * Fix to print warning for when so-sndbuf setsockopt is not granted. * Too many quotes for the EDE message debug printout. ++++ osinfo-db: - bsc#1252429 - virt-manager does not detect Leap 16.0 offline ISO add-opensuse-leap-16.0-support.patch ------------------------------------------------------------------ ------------------ 2025-10-22 - Oct 22 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR (CVE-2025-39950 bsc#1251176). - commit cf7da46 - x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL (jsc#PED-348). - Delete patches.suse/x86-virt-tdx-Mark-memory-cache-state-incoherent-when-making-seamcall.patch. - commit 4525f45 - perf hwmon_pmu: Fix uninitialized variable warning (perf-sle16-v6.13-userspace-update, git-fixes). - commit ce493c8 ++++ kernel-rt: - net/tcp: Fix a NULL pointer dereference when using TCP-AO with TCP_REPAIR (CVE-2025-39950 bsc#1251176). - commit cf7da46 - x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL (jsc#PED-348). - Delete patches.suse/x86-virt-tdx-Mark-memory-cache-state-incoherent-when-making-seamcall.patch. - commit 4525f45 - perf hwmon_pmu: Fix uninitialized variable warning (perf-sle16-v6.13-userspace-update, git-fixes). - commit ce493c8 ++++ gpgme: - Treat empty DISPLAY variable as unset. [bsc#1252425, bsc#1231055] * To avoid gpgme constructing an invalid gpg command line when the DISPLAY variable is empty it can be treated as unset. * Add gpgme-Treat-empty-DISPLAY-variable-as-unset.patch * Reported upstream: dev.gnupg.org/T7919 ++++ pciutils: - pciutils.spec: Add a strict dependency to libpci. [bsc#1252338] Mixing different versions of pciutils and libpci could result in a segmentation fault due to incompatible ABI. ------------------------------------------------------------------ ------------------ 2025-10-21 - Oct 21 2025 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 059+suse.700.g40f7c5c4: Additional fixes for PXE boot with filled-in NBFT (bsc#1238848): * fix(74nvmf): make sure autoconnect script is run at least once * fix(74nvmf): only set netroot if it's yet empty ++++ kernel-default: - kbuild/modfinal: Link livepatches with module-common.o (bsc#1218644, bsc#1252270). - commit 6e2ca7b - ixgbe: fix too early devlink_free() in ixgbe_remove() (git-fixes). - ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd (bsc#1247222). - ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1247222). - ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation (bsc#1247222). - ixgbevf: fix getting link speed data for E610 devices (bsc#1247222). - commit 350b510 - btrfs: subpage: keep TOWRITE tag until folio is cleaned (bsc#1249495 CVE-2025-39779). - commit 27527fb - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (CVE-2025-39911 bsc#1250704) - commit 963571a - sched: Fix sched_numa_find_nth_cpu() if mask offline (CVE-2025-39895 bsc#1250721) - commit 6265695 - sctp: initialize more fields in sctp_v6_from_sk() (CVE-2025-39812 bsc#1250202) - commit faea944 - of_numa: fix uninitialized memory nodes causing kernel panic (CVE-2025-39903 bsc#1250749) - commit 8722073 ++++ kernel-rt: - kbuild/modfinal: Link livepatches with module-common.o (bsc#1218644, bsc#1252270). - commit 6e2ca7b - ixgbe: fix too early devlink_free() in ixgbe_remove() (git-fixes). - ixgbe: handle IXGBE_VF_FEATURES_NEGOTIATE mbox cmd (bsc#1247222). - ixgbevf: fix mailbox API compatibility by negotiating supported features (bsc#1247222). - ixgbe: handle IXGBE_VF_GET_PF_LINK_STATE mailbox operation (bsc#1247222). - ixgbevf: fix getting link speed data for E610 devices (bsc#1247222). - commit 350b510 - btrfs: subpage: keep TOWRITE tag until folio is cleaned (bsc#1249495 CVE-2025-39779). - commit 27527fb - i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (CVE-2025-39911 bsc#1250704) - commit 963571a - sched: Fix sched_numa_find_nth_cpu() if mask offline (CVE-2025-39895 bsc#1250721) - commit 6265695 - sctp: initialize more fields in sctp_v6_from_sk() (CVE-2025-39812 bsc#1250202) - commit faea944 - of_numa: fix uninitialized memory nodes causing kernel panic (CVE-2025-39903 bsc#1250749) - commit 8722073 ++++ samba: - Update to 4.22.6 * macOS Finder client DFS broken on 4.22.0; (bso#15843). * Samba 4.22 breaks Time Machine; (bso#15926). * Spotlight search restriction for shares incomplete and default search searches in too many attributes; (bso#15927). * rpcd_mdssvc may crash because name mangling is not initialized; (bso#15931). * Only increment lease epoch if a lease was granted; (bso#15933). * samba-4.21 fails to join AD when multiple DCs are returned; (bso#15905). * 'net ads group' failed to list domain groups; (bso#15900). * vfs_ceph_new should not use ceph_ll_nonblocking_readv_writev for fsync_send; (bso#15919). * CTDB_SOCKET can be used even when CTDB_TEST_MODE is not set; (bso#15921). ------------------------------------------------------------------ ------------------ 2025-10-20 - Oct 20 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit-machines: - Update to 342 * 342 - Bug fixes and translation updates * 341 - Improved UX for Disks and Network interface tables - Bug fixes and translation updates * 340 - Use exclusive VNC connections with "Remote resizing" - Drop hostadd-allow-device-form-to-overflow-on-X-axis.patch as this has been upstreamed ++++ cockpit-podman: - Update to 115 * 115 - List stopped quadlets - Translations and dependency updates * 114 - Bug fixes and translation updates * 113 - Sortable Images table ++++ kernel-default: - ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702 bsc#1249317) - commit 01c4905 - sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718 bsc#1249161) - commit dadd6c3 - scsi: qla4xxx: Prevent a potential error pointer dereference (CVE-2025-39676 bsc#1249302) - commit 7b25b2e - io_uring: fix incorrect io_kiocb reference in io_link_skb (CVE-2025-39963 bsc#1251819) - commit 69302e5 - dpll: zl3073x: Handle missing or corrupted flash configuration (bsc#1252253). - dpll: zl3073x: Increase maximum size of flash utility (bsc#1252253). - dpll: zl3073x: Fix double free in zl3073x_devlink_flash_update() (bsc#1252253). - dpll: zl3073x: Implement devlink flash callback (bsc#1252253). - dpll: zl3073x: Refactor DPLL initialization (bsc#1252253). - dpll: zl3073x: Add firmware loading functionality (bsc#1252253). - dpll: zl3073x: Add low-level flash functions (bsc#1252253). - dpll: zl3073x: Add functions to access hardware registers (bsc#1252253). - net/mlx5: fs, fix UAF in flow counter release (CVE-2025-39979 bsc#1252067). - net/mlx5e: Harden uplink netdev access against device unbind (CVE-2025-39947 bsc#1251232). - dpll: zl3073x: Add support to get fractional frequency offset (bsc#1252253). - dpll: zl3073x: Add support to get phase offset on connected input pin (bsc#1252253). - dpll: zl3073x: Add support to get/set esync on pins (bsc#1252253). - net/mlx5: fs, add API for sharing HWS action by refcount (CVE-2025-39979 bsc#1252067). - commit fe6aeff - powerpc/fadump: skip parameter area allocation when fadump is disabled (jsc#PED-9891 git-fixes). - commit bdb01f7 - nfsd: refine and rename NFSD_MAY_LOCK (git-fixes). - commit c7caa62 - NFSD: Replace use of NFSD_MAY_LOCK in nfsd4_lock() (git-fixes). - commit 3a34ceb ++++ kernel-rt: - ipv6: sr: Fix MAC comparison to be constant-time (CVE-2025-39702 bsc#1249317) - commit 01c4905 - sctp: linearize cloned gso packets in sctp_rcv (CVE-2025-38718 bsc#1249161) - commit dadd6c3 - scsi: qla4xxx: Prevent a potential error pointer dereference (CVE-2025-39676 bsc#1249302) - commit 7b25b2e - io_uring: fix incorrect io_kiocb reference in io_link_skb (CVE-2025-39963 bsc#1251819) - commit 69302e5 - dpll: zl3073x: Handle missing or corrupted flash configuration (bsc#1252253). - dpll: zl3073x: Increase maximum size of flash utility (bsc#1252253). - dpll: zl3073x: Fix double free in zl3073x_devlink_flash_update() (bsc#1252253). - dpll: zl3073x: Implement devlink flash callback (bsc#1252253). - dpll: zl3073x: Refactor DPLL initialization (bsc#1252253). - dpll: zl3073x: Add firmware loading functionality (bsc#1252253). - dpll: zl3073x: Add low-level flash functions (bsc#1252253). - dpll: zl3073x: Add functions to access hardware registers (bsc#1252253). - net/mlx5: fs, fix UAF in flow counter release (CVE-2025-39979 bsc#1252067). - net/mlx5e: Harden uplink netdev access against device unbind (CVE-2025-39947 bsc#1251232). - dpll: zl3073x: Add support to get fractional frequency offset (bsc#1252253). - dpll: zl3073x: Add support to get phase offset on connected input pin (bsc#1252253). - dpll: zl3073x: Add support to get/set esync on pins (bsc#1252253). - net/mlx5: fs, add API for sharing HWS action by refcount (CVE-2025-39979 bsc#1252067). - commit fe6aeff - powerpc/fadump: skip parameter area allocation when fadump is disabled (jsc#PED-9891 git-fixes). - commit bdb01f7 - nfsd: refine and rename NFSD_MAY_LOCK (git-fixes). - commit c7caa62 - NFSD: Replace use of NFSD_MAY_LOCK in nfsd4_lock() (git-fixes). - commit 3a34ceb ++++ selinux-policy: - Update to version 20250627+git239.fcbf2d509: * fail2ban: bump module version * fail2ban: allow fail2ban to watch all log files and dirs (bsc#1251952) * fail2ban: fix typos in interface descriptions * fail2ban: tweak file context regex for /run/fail2ban * fail2ban: drop file context for old rc.d file * Allow wicket to manage its proc directories (bsc#1235731) * Allow NM to manage wicked pid files (bsc#1235731) * Allow NM to reach systemd unit files (bsc#1235731) * Make wicked script backwards compatible (bsc#1251923) * Allow snapper grub plugin to domtrans to bootloader_t (bsc#1251862) * Allow salt_t transition to rpm_script_t (bsc#1250696) * grub snapper plugin is now named 00-grub (bsc#1251793) * Assign alts_exec_t exec_file attribute (bsc#1250974) * Add equivalency between /srv/tomcat and /var/lib/tomcat (bsc#1251227) * Allow sshd_session_t write to wtmpdb * Support /usr/libexec/ssh as well as openssh folder * Set xenstored_use_store_type_domain boolean true(bsc#1247875) * Adjust guest and xguest users policy for sshd-session * Allow valkey-server create and use netlink_rdma_socket * Allow blueman get attributes of filesystems with extended attributes * Update files_search_base_file_types() * Introduce unconfined wicked_script_t (bsc#1205770, bsc#1250661) * Allow geoclue get attributes of the /dev/shm filesystem * Allow apcupsd get attributes of the /dev/shm filesystem * Allow sshd-session read cockpit pid files * Add /opt/.snapshots to the snapper file context (bsc#1232226) * Allow nfs generator create and use netlink sockets * Conditionally allow virt guests to read certificates in user home directories * xenstored_t needs CAP_SYS_ADMIN for XENSTORETYPE=domain (bsc#1247875) * Allow nfs-generator create and use udp sockets * Allow kdump search kdumpctl_tmp_t directories * Allow init open and read user tmp files * Fix the systemd_logind_stream_connect() interface * Allow staff and sysadm execute iotop using sudo * Allow sudodomains connect to systemd-logind over a unix socket * /boot/efi is dosfs_t and kdump needs to access it (bsc#1249370) * Add default contexts for sshd-seesion * Define types for new openssh executables * Fix systemd_manage_unit_symlinks() interface definition * Support coreos installation methods * Add a new type for systemd-ssh-issue PID files * Allow gnome-remote-desktop connect to unreserved ports * Zypper moves files in /var/tmp to /var/cache (bsc#1249052, bsc#1249435) * Allow mdadm the CAP_SYS_PTRACE capability * Allow iptables manage its private fifo_files in /tmp * Allow auditd manage its private run dirs * Revert "Allow virt_domain write to virt_image_t files" * Allow gdm create /etc/.pwd.lock with a file transition * Allow gdm bind a socket in the /run/systemd/userdbd directory * Allow nsswitch_domain connect to xdm over a unix domain socket * Allow systemd homed getattr all tmpfs files (bsc#1240883) * Allow systemd (PID 1) create lastlog entries * Allow systemd_homework_t transition pid files to lvm_var_run_t (bsc#1240883) * Allow gnome-remote-desktop speak with tabrmd over dbus (bsc#1244573) * Allow nm-dispatcher iscsi and sendmail plugins get pidfs attributes * Allow systemd-oomd watch tmpfs dirs * Allow chronyc the setgid and setuid capabilities * Label /usr/lib/systemd/systemd-ssh-issue with systemd_ssh_issue_exec_t * Allow stalld map sysfs files * Allow NetworkManager-dispatcher-winbind get pidfs attributes * Allow openvpn create and use generic netlink socket * policy_capabilities: remove estimated from released versions * policy_capabilities: add stub for userspace_initial_context * add netlink_xperm policy capability and nlmsg permission definitions * policy_capabilities: add ioctl_skip_cloexec * selinux-policy: add allow rule for tuned_ppd_t * selinux-policy: add allow rule for switcheroo_control_t * Label /run/audit with auditd_var_run_t * Allow virtqemud start a vm which uses nbdkit * Add nbdkit_signal() and nbdkit_signull() interfaces * Fix insights_client interfaces names * Add insights_core and insights_client interfaces * Fix selinux-autorelabel-generator label after upstream changes * Revert "Remove the mysql module sources" * Revert "Allow rasdaemon write access to sysfs (bsc#1229587)" * Reset postfix.fc to upstream, add alias instead * dist/targeted/modules.conf: enable slrnpull module * Allow bootupd delete symlinks in the /boot directory * Allow systemd-coredumpd capabilities in the user namespace * Allow openvswitch read virtqemud process state * Allow systemd-networkd to create leases directory * Apply generator template to selinux-autorelabel generator * Support virtqemud handle hotplug hostdev devices * Allow virtstoraged create qemu /var/run files * Allow unconfined_domain_type cap2_userns capabilities * Label /usr/libexec/postfix/tlsproxy with postfix_smtp_exec_t * Remove the mysql module sources * dist/targeted/modules.conf: Enable kmscon module (bsc#1238137) * Update kmscon policy module to kmscon version 9 (bsc#1238137) * Allow login to getattr pidfs * Allow systemd to map files under /sys * systemd: drop duplicate init_nnp_daemon_domain lines * Fix typo * Allow logwatch stream connect to opensmtpd * Allow geoclue read NetworkManager pid files * Allow unconfined user a file transition for creating sudo log directory * Allow virtqemud read/write inherited dri devices * Allow xdm_t create user namespaces * Update policy for login_userdomain * Add ppd_base_profile to file transition to get tuned_rw_etc_t type * Update policy for bootupd * Allow logwatch work with opensmtpd * Update dovecot policy for dovecot 2.4.1 * Allow ras-mc-ctl write to sysfs files * Allow anaconda-generator get attributes of all filesystems * Add the rhcd_rw_fifo_files() interface * Allow systemd-coredump the sys_chroot capability * Allow hostapd write to socket files in /tmp * Recognize /var/home as an alternate path for /home * Label /var/lib/lastlog with lastlog_t * Allow virtqemud write to sysfs files * Allow irqbalance search sssd lib directories * Allow samba-dcerpcd send sigkills to passwd * Allow systemd-oomd watch dbus pid sock files * Allow some confined users read and map generic log files * Allow login_userdomain watch the /run/log/journal directory * Allow login_userdomain dbus chat with tuned-ppd * Allow login_userdomain dbus chat with switcheroo-control * Allow userdomain to connect to systemd-oomd over a unix socket * Add insights_client_delete_lib_dirs() interface * Allow virtqemud_t use its private tmpfs files (bsc#1242998) * Allow virtqemud_t setattr to /dev/userfaultfd (bsc#1242998) * Allow virtqemud_t read and write /dev/ptmx (bsc#1242998) * Extend virtqemud_t tcp_socket permissions (bsc#1242998) * Allow virtqemud_t to read and write generic pty (bsc#1242998) * Allow systemd-importd create and unlink init pid socket * Allow virtqemud handle virt_content_t chr files * Allow svirt read virtqemud fifo files * All sblim-sfcbd the dac_read_search capability * Allow sblim domain read systemd session files * Allow sblim-sfcbd execute dnsdomainname * Confine nfs-server generator * Allow systemd-timedated start/stop timemaster services * Allow "hostapd_cli ping" run as a systemd service * Allow power-profiles-daemon get attributes of filesystems with extended attributes * Allow 'oomctl dump' to interact with systemd-oomd * Basic functionality for systemd-oomd * Basic enablement for systemd-oomd * Allow samba-bgqd send to smbd over a unix datagram socket * Update kernel_secretmem_use() * Add the file/watch_mountns permission * Update systemd-generators policy * Allow plymouthd_t read proc files of systemd_passwd_agent (bsc#1245470) * Allow insights-client file transition for files in /var/tmp * Allow tuned-ppd manage tuned log files * Allow systemd-coredump mount on tmpfs filesystems * Update sssd_dontaudit_read_public_files() * Allow zram-generator raw read fixed disk device * Add fs_write_cgroup_dirs() and fs_setattr_cgroup_dirs() interfaces ------------------------------------------------------------------ ------------------ 2025-10-17 - Oct 17 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Update to 349 * Changes since 346 - 349 * Package manifests: add any test * Bug fixes and translation updates - 348 * Bug fixes and translation updates - 347 * Site-specific branding support ++++ kernel-default: - doc/README.SUSE: Correct the character used for TAINT_NO_SUPPORT The character was previously 'N', but upstream used it for TAINT_TEST, which prompted the change of TAINT_NO_SUPPORT to 'n'. This occurred in commit c35dc3823d08 ("Update to 6.0-rc1") on master and in d016c04d731d ("Bump to 6.4 kernel (jsc#PED-4593)") for SLE15-SP6 (and onwards). Update the documentation to reflect this change. - commit f42ecf5 - cpufreq: Make drivers using CPUFREQ_ETERNAL specify transition latency (stable-fixes git-fixes). - commit 41821ef - cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay (stable-fixes). - commit 4f5afab - cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() (git-fixes). - commit e9a9ed4 - cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() (stable-fixes). - commit 1b00366 - cpufreq: armada-8k: make both cpu masks static (git-fixes). - commit 3ab6135 - cpufreq: sun50i: prevent out-of-bounds access (git-fixes). - commit 815165b - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (git-fixes). - commit 330c599 - skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650). - commit 6650ce1 ++++ kernel-rt: - doc/README.SUSE: Correct the character used for TAINT_NO_SUPPORT The character was previously 'N', but upstream used it for TAINT_TEST, which prompted the change of TAINT_NO_SUPPORT to 'n'. This occurred in commit c35dc3823d08 ("Update to 6.0-rc1") on master and in d016c04d731d ("Bump to 6.4 kernel (jsc#PED-4593)") for SLE15-SP6 (and onwards). Update the documentation to reflect this change. - commit f42ecf5 - cpufreq: Make drivers using CPUFREQ_ETERNAL specify transition latency (stable-fixes git-fixes). - commit 41821ef - cpufreq: CPPC: Avoid using CPUFREQ_ETERNAL as transition delay (stable-fixes). - commit 4f5afab - cpufreq: scmi: Account for malformed DT in scmi_dev_used_by_cpus() (git-fixes). - commit e9a9ed4 - cpufreq: armada-8k: Fix off by one in armada_8k_cpufreq_free_table() (stable-fixes). - commit 1b00366 - cpufreq: armada-8k: make both cpu masks static (git-fixes). - commit 3ab6135 - cpufreq: sun50i: prevent out-of-bounds access (git-fixes). - commit 815165b - cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (git-fixes). - commit 330c599 - skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650). - commit 6650ce1 ++++ virt-manager: - bsc#1252105 - Unable to create an SEV-SNP enabled guest with virt-manager. This simplifies the code from what used to be required for sev while adding initial tdx support. virtman-add-launch-security-support.patch - Dropped patches rolled into above the patch. virtman-add-sev-memory-support.patch virtinst-dont-require-uefi-for-sev-snp.patch ------------------------------------------------------------------ ------------------ 2025-10-16 - Oct 16 2025 ------------------- ------------------------------------------------------------------ ++++ gstreamer: - Update to version 1.26.7: + Highlighted bugfixes in 1.26.7: - cea608overlay: improve handling of non-system memory - cuda: Fix runtime kernel compile with CUDA 13.0 - d3d12: Fix crop meta support in converter and passthrough handling in deinterlacer - fallbacksrc: source handling improvements; no-more-pads signal for streams-unaware parents - inter: add properties to fine tune the inner elements - qtdemux: surround sound channel layout handling fixes and performance improvements for GoPro videos - rtp: Add linear audio (L8, L16, L24) RTP payloaders / depayloaders - rtspsrc: Send RTSP keepalives in TCP/interleaved modes - rtpamrpay2: frame quality indicator flag related fixes - rtpbasepay2: reuse last PTS when possible, to work around problems with NVIDIA Jetson AV1 encoder - mpegtsmux, tsdemux: Opus audio handling fixes - threadshare: latency related improvements and many other fixes - matroskamux, tsmux, flvmux, cea608mux: Best pad determination fixes at EOS - unixfd: support buffers with a big payload - videorate unknown buffer duration assertion failure with variable framerates - editing services: Make GESTimeline respect SELECT_ELEMENT_TRACK signal discard decision; memory leak fixes - gobject-introspection annotation fixes - cerbero: Update meson to 1.9.0 to enable Xcode 26 compatibility - Various bug fixes, build fixes, memory leak fixes, and other stability and reliability improvements + gstreamer: - controller: Fix get_all() return type annotation - gst-launch: Do not assume error messages have a src element - multiqueue: Fix object reference handling in signal callbacks - netclientclock: Fix memory leak in error paths ++++ gstreamer-plugins-base: - Update to version 1.26.7: + discoverer: Mark gst_discoverer_stream_info_list_free() as transfer full + riff: Add channel reorder maps for 3 and 7 channel audio + sdp: proper usage of gst_buffer_append + videorate: fix assert fail due to invalid buffer duration + Fix build error with glib < 2.68 ++++ kernel-default: - scsi: mpi3mr: Update driver version to 8.15.0.5.50 (bsc#1251186). - scsi: mpi3mr: Fix premature TM timeouts on virtual drives (bsc#1251186). - scsi: mpi3mr: Update MPI headers to revision 37 (bsc#1251186). - scsi: mpi3mr: Fix I/O failures during controller reset (bsc#1251186). - scsi: mpi3mr: Fix controller init failure on fault during queue creation (bsc#1251186). - scsi: mpi3mr: Fix device loss during enclosure reboot due to zero link speed (bsc#1251186). - scsi: mpi3mr: Event processing debug improvement (bsc#1251186). - commit 15f7129 - iommu/amd: Fix alias device DTE setting (git-fixes). - iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement (git-fixes). - iommu/amd: Enable PASID and ATS capabilities in the correct order (git-fixes). - commit 6e3bf58 - tls: make sure to abort the stream if headers are bogus (CVE-2025-39946 bsc#1251114). - commit 97adb08 - selftests/bpf: Add test for unpinning htab with internal timer struct (git-fixes). - commit 54bbdc7 - bpf: Avoid RCU context warning when unpinning htab with internal structs (git-fixes). - commit 6cf3a66 - bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (git-fixes). - commit 939b57e ++++ kernel-rt: - scsi: mpi3mr: Update driver version to 8.15.0.5.50 (bsc#1251186). - scsi: mpi3mr: Fix premature TM timeouts on virtual drives (bsc#1251186). - scsi: mpi3mr: Update MPI headers to revision 37 (bsc#1251186). - scsi: mpi3mr: Fix I/O failures during controller reset (bsc#1251186). - scsi: mpi3mr: Fix controller init failure on fault during queue creation (bsc#1251186). - scsi: mpi3mr: Fix device loss during enclosure reboot due to zero link speed (bsc#1251186). - scsi: mpi3mr: Event processing debug improvement (bsc#1251186). - commit 15f7129 - iommu/amd: Fix alias device DTE setting (git-fixes). - iommu/arm-smmu-v3: Fix smmu_domain->nr_ats_masters decrement (git-fixes). - iommu/amd: Enable PASID and ATS capabilities in the correct order (git-fixes). - commit 6e3bf58 - tls: make sure to abort the stream if headers are bogus (CVE-2025-39946 bsc#1251114). - commit 97adb08 - selftests/bpf: Add test for unpinning htab with internal timer struct (git-fixes). - commit 54bbdc7 - bpf: Avoid RCU context warning when unpinning htab with internal structs (git-fixes). - commit 6cf3a66 - bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (git-fixes). - commit 939b57e ++++ libsoup: - Update libsoup-CVE-2025-11021.patch: Add NULL check for soup_date_time_to_string() (bsc#1250562, CVE-2025-11021, glgo#GNOME/libsoup!483). ++++ nvidia-open-driver-G06-signed: - renamed check to %name-check package ++++ runc: [ This update was only released for SLE 12 and 15. ] - Backport patches for three CVEs. All three vulnerabilities ultimately allow (through different methods) for full container breakouts by bypassing runc's restrictions for writing to arbitrary /proc files. bsc#1252232 * CVE-2025-31133 * CVE-2025-52565 * CVE-2025-52881 + 2025-11-05-CVEs.patch ------------------------------------------------------------------ ------------------ 2025-10-15 - Oct 15 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update patches.suse/ASoC-qcom-q6apm-lpass-dais-Fix-NULL-pointer-derefere.patch (git-fixes CVE-2025-39938 bsc#1251134). - Update patches.suse/crypto-af_alg-Set-merge-to-zero-early-in-af_alg_send.patch (git-fixes CVE-2025-39931 bsc#1251100). - Update patches.suse/drm-bridge-anx7625-Fix-NULL-pointer-dereference-with.patch (git-fixes CVE-2025-39934 bsc#1251146). - Update patches.suse/net-rfkill-gpio-Fix-crash-due-to-dereferencering-uni.patch (git-fixes CVE-2025-39937 bsc#1251143). - Update patches.suse/wifi-mac80211-increase-scan_ies_len-for-S1G.patch (stable-fixes CVE-2025-39957 bsc#1251810). - Update patches.suse/wifi-wilc1000-avoid-buffer-overflow-in-WID-string-co.patch (stable-fixes CVE-2025-39952 bsc#1251216). - commit 6d21f77 - iommu/vt-d: Disallow dirty tracking if incoherent page walk (git-fixes). - iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes). - commit 9da8433 - wifi: iwlwifi: Add missing firmware info for bz-b0-* models (bsc#1252084). - commit 7b5c81c - wifi: iwlwifi: config: unify fw/pnvm MODULE_FIRMWARE (bsc#1252084). - commit 2e309d0 - mm/page_alloc: fix race condition in unaccepted memory handling (CVE-2025-38008 bsc#1244939). - commit c480181 - mm/slub: avoid accessing metadata when pointer is invalid in object_err() (CVE-2025-39902 bsc#1250702). - commit 507e4ea - NFSD: Define a proc_layoutcommit for the FlexFiles layout type (git-fixes). - commit d3322a8 - selftests/tracing: Fix false failure of subsystem event test (git-fixes). - commit 95dc965 - tracing: Fix filter string testing (git-fixes). - commit aca40c5 - tracing: fprobe events: Fix possible UAF on modules (git-fixes). - commit afb00f2 - tracing: tprobe-events: Fix leakage of module refcount (git-fixes). - commit c1d1f90 - powerpc/ftrace: ensure ftrace record ops are always set for NOPs (git-fixes). - commit afe3ecd - bpf: Check link_create.flags parameter for multi_kprobe (git-fixes). - commit 0da9eff - bpf: Check link_create.flags parameter for multi_uprobe (git-fixes). - commit 5ee2013 - ftrace: fix incorrect hash size in register_ftrace_direct() (git-fixes). - commit 7b2465b - bpf: Use preempt_count() directly in bpf_send_signal_common() (git-fixes). - commit 840bc07 - tracing: Correct the refcount if the hist/hist_debug file fails to open (git-fixes). - commit 66499d7 - module: Prevent silent truncation of module name in delete_module(2) (git-fixes). - commit 97db76c - tracing: Add down_write(trace_event_sem) when adding trace event (bsc#1248211 CVE-2025-38539). - commit 7396877 - tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286 CVE-2025-39683). - tracing: Remove unneeded goto out logic (bsc#1249286). - commit 1685cce ++++ kernel-rt: - Update patches.suse/ASoC-qcom-q6apm-lpass-dais-Fix-NULL-pointer-derefere.patch (git-fixes CVE-2025-39938 bsc#1251134). - Update patches.suse/crypto-af_alg-Set-merge-to-zero-early-in-af_alg_send.patch (git-fixes CVE-2025-39931 bsc#1251100). - Update patches.suse/drm-bridge-anx7625-Fix-NULL-pointer-dereference-with.patch (git-fixes CVE-2025-39934 bsc#1251146). - Update patches.suse/net-rfkill-gpio-Fix-crash-due-to-dereferencering-uni.patch (git-fixes CVE-2025-39937 bsc#1251143). - Update patches.suse/wifi-mac80211-increase-scan_ies_len-for-S1G.patch (stable-fixes CVE-2025-39957 bsc#1251810). - Update patches.suse/wifi-wilc1000-avoid-buffer-overflow-in-WID-string-co.patch (stable-fixes CVE-2025-39952 bsc#1251216). - commit 6d21f77 - iommu/vt-d: Disallow dirty tracking if incoherent page walk (git-fixes). - iommu/vt-d: PRS isn't usable if PDS isn't supported (git-fixes). - commit 9da8433 - wifi: iwlwifi: Add missing firmware info for bz-b0-* models (bsc#1252084). - commit 7b5c81c - wifi: iwlwifi: config: unify fw/pnvm MODULE_FIRMWARE (bsc#1252084). - commit 2e309d0 - mm/page_alloc: fix race condition in unaccepted memory handling (CVE-2025-38008 bsc#1244939). - commit c480181 - mm/slub: avoid accessing metadata when pointer is invalid in object_err() (CVE-2025-39902 bsc#1250702). - commit 507e4ea - NFSD: Define a proc_layoutcommit for the FlexFiles layout type (git-fixes). - commit d3322a8 - selftests/tracing: Fix false failure of subsystem event test (git-fixes). - commit 95dc965 - tracing: Fix filter string testing (git-fixes). - commit aca40c5 - tracing: fprobe events: Fix possible UAF on modules (git-fixes). - commit afb00f2 - tracing: tprobe-events: Fix leakage of module refcount (git-fixes). - commit c1d1f90 - powerpc/ftrace: ensure ftrace record ops are always set for NOPs (git-fixes). - commit afe3ecd - bpf: Check link_create.flags parameter for multi_kprobe (git-fixes). - commit 0da9eff - bpf: Check link_create.flags parameter for multi_uprobe (git-fixes). - commit 5ee2013 - ftrace: fix incorrect hash size in register_ftrace_direct() (git-fixes). - commit 7b2465b - bpf: Use preempt_count() directly in bpf_send_signal_common() (git-fixes). - commit 840bc07 - tracing: Correct the refcount if the hist/hist_debug file fails to open (git-fixes). - commit 66499d7 - module: Prevent silent truncation of module name in delete_module(2) (git-fixes). - commit 97db76c - tracing: Add down_write(trace_event_sem) when adding trace event (bsc#1248211 CVE-2025-38539). - commit 7396877 - tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286 CVE-2025-39683). - tracing: Remove unneeded goto out logic (bsc#1249286). - commit 1685cce ++++ libxslt: - security update - added patches CVE-2025-11731 [bsc#1251979], type confusion in exsltFuncResultCompfunction leading to denial of service * libxslt-CVE-2025-11731.patch ++++ samba: - Update to 4.22.5 * CVE-2025-10230: Command injection via WINS server hook script (bso#15903); (bsc#1251280). * CVE-2025-9640: uninitialized memory disclosure via vfs_streams_xattr; (bso#15885); (bsc#1251279). ++++ python313-core: - Update to 3.13.9: - Library - gh-139783: Fix inspect.getsourcelines() for the case when a decorator is followed by a comment or an empty line. - Update to 3.13.8: - macOS - gh-124111: Update macOS installer to use Tcl/Tk 8.6.17. - gh-139573: Updated bundled version of OpenSSL to 3.0.18. - Windows - gh-139573: Updated bundled version of OpenSSL to 3.0.18. - gh-138896: Fix error installing C runtime on non-updated Windows machines - Tools/Demos - gh-139330: SBOM generation tool didn’t cross-check the version and checksum values against the Modules/expat/refresh.sh script, leading to the values becoming out-of-date during routine updates. - gh-137873: The iOS test runner has been simplified, resolving some issues that have been observed using the runner in GitHub Actions and Azure Pipelines test environments. - Tests - gh-139208: Fix regrtest --fast-ci --verbose: don’t ignore the - -verbose option anymore. Patch by Victor Stinner. - Security - gh-139400: xml.parsers.expat: Make sure that parent Expat parsers are only garbage-collected once they are no longer referenced by subparsers created by ExternalEntityParserCreate(). Patch by Sebastian Pipping. - gh-139283: sqlite3: correctly handle maximum number of rows to fetch in Cursor.fetchmany and reject negative values for Cursor.arraysize. Patch by Bénédikt Tran. - gh-135661: Fix CDATA section parsing in html.parser.HTMLParser according to the HTML5 standard: ] ]> and ]] > no longer end the CDATA section. Add private method _set_support_cdata() which can be used to specify how to parse <[CDATA[ — as a CDATA section in foreign content (SVG or MathML) or as a bogus comment in the HTML namespace. - Library - gh-139312: Upgrade bundled libexpat to 2.7.3 - gh-139289: Do a real lazy-import on rlcompleter in pdb and restore the existing completer after importing rlcompleter. - gh-139210: Fix use-after-free when reporting unknown event in xml.etree.ElementTree.iterparse(). Patch by Ken Jin. - gh-138860: Lazy import rlcompleter in pdb to avoid deadlock in subprocess. - gh-112729: Fix crash when calling _interpreters.create when the process is out of memory. - gh-139076: Fix a bug in the pydoc module that was hiding functions in a Python module if they were implemented in an extension module and the module did not have __all__. - gh-138998: Update bundled libexpat to 2.7.2 - gh-130567: Fix possible crash in locale.strxfrm() due to a platform bug on macOS. - gh-138779: Support device numbers larger than 2**63-1 for the st_rdev field of the os.stat_result structure. - gh-128636: Fix crash in PyREPL when os.environ is overwritten with an invalid value for mac - gh-88375: Fix normalization of the robots.txt rules and URLs in the urllib.robotparser module. No longer ignore trailing ?. Distinguish raw special characters ?, = and & from the percent-encoded ones. - gh-138515: email is added to Emscripten build. - gh-111788: Fix parsing errors in the urllib.robotparser module. Don’t fail trying to parse weird paths. Don’t fail trying to decode non-UTF-8 robots.txt files. - gh-138432: zoneinfo.reset_tzpath() will now convert any os.PathLike objects it receives into strings before adding them to TZPATH. It will raise TypeError if anything other than a string is found after this conversion. If given an os.PathLike object that represents a relative path, it will now raise ValueError instead of TypeError, and present a more informative error message. - gh-138008: Fix segmentation faults in the ctypes module due to invalid argtypes. Patch by Dung Nguyen. - gh-60462: Fix locale.strxfrm() on Solaris (and possibly other platforms). - gh-138204: Forbid expansion of shared anonymous memory maps on Linux, which caused a bus error. - gh-138010: Fix an issue where defining a class with a @warnings.deprecated-decorated base class may not invoke the correct __init_subclass__() method in cases involving multiple inheritance. Patch by Brian Schubert. - gh-138133: Prevent infinite traceback loop when sending CTRL^C to Python through strace. - gh-134869: Fix an issue where pressing Ctrl+C during tab completion in the REPL would leave the autocompletion menu in a corrupted state. - gh-137317: inspect.signature() now correctly handles classes that use a descriptor on a wrapped __init__() or __new__() method. Contributed by Yongyu Yan. - gh-137754: Fix import of the zoneinfo module if the C implementation of the datetime module is not available. - gh-137490: Handle ECANCELED in the same way as EINTR in signal.sigwaitinfo() on NetBSD. - gh-137477: Fix inspect.getblock(), inspect.getsourcelines() and inspect.getsource() for generator expressions. - gh-137017: Fix threading.Thread.is_alive to remain True until the underlying OS thread is fully cleaned up. This avoids false negatives in edge cases involving thread monitoring or premature threading.Thread.is_alive calls. - gh-136134: SMTP.auth_cram_md5() now raises an SMTPException instead of a ValueError if Python has been built without MD5 support. In particular, SMTP clients will not attempt to use this method even if the remote server is assumed to support it. Patch by Bénédikt Tran. - gh-136134: IMAP4.login_cram_md5 now raises an IMAP4.error if CRAM-MD5 authentication is not supported. Patch by Bénédikt Tran. - gh-135386: Fix opening a dbm.sqlite3 database for reading from read-only file or directory. - gh-126631: Fix multiprocessing forkserver bug which prevented __main__ from being preloaded. - gh-123085: In a bare call to importlib.resources.files(), ensure the caller’s frame is properly detected when importlib.resources is itself available as a compiled module only (no source). - gh-118981: Fix potential hang in multiprocessing.popen_spawn_posix that can happen when the child proc dies early by closing the child fds right away. - gh-78319: UTF8 support for the IMAP APPEND command has been made RFC compliant. - bpo-38735: Fix failure when importing a module from the root directory on unix-like platforms with sys.pycache_prefix set. - bpo-41839: Allow negative priority values from os.sched_get_priority_min() and os.sched_get_priority_max() functions. - Core and Builtins - gh-134466: Don’t run PyREPL in a degraded environment where setting termios attributes is not allowed. - gh-71810: Raise OverflowError for (-1).to_bytes() for signed conversions when bytes count is zero. Patch by Sergey B Kirpichev. - gh-105487: Remove non-existent __copy__(), __deepcopy__(), and __bases__ from the __dir__() entries of types.GenericAlias. - gh-134163: Fix a hang when the process is out of memory inside an exception handler. - gh-138479: Fix a crash when a generic object’s __typing_subst__ returns an object that isn’t a tuple. - gh-137576: Fix for incorrect source code being shown in tracebacks from the Basic REPL when PYTHONSTARTUP is given. Patch by Adam Hartz. - gh-132744: Certain calls now check for runaway recursion and respect the system recursion limit. - C API - gh-87135: Attempting to acquire the GIL after runtime finalization has begun in a different thread now causes the thread to hang rather than terminate, which avoids potential crashes or memory corruption caused by attempting to terminate a thread that is running code not specifically designed to support termination. In most cases this hanging is harmless since the process will soon exit anyway. While not officially marked deprecated until 3.14, PyThread_exit_thread is no longer called internally and remains solely for interface compatibility. Its behavior is inconsistent across platforms, and it can only be used safely in the unlikely case that every function in the entire call stack has been designed to support the platform-dependent termination mechanism. It is recommended that users of this function change their design to not require thread termination. In the unlikely case that thread termination is needed and can be done safely, users may migrate to calling platform-specific APIs such as pthread_exit (POSIX) or _endthreadex (Windows) directly. - Build - gh-135734: Python can correctly be configured and built with ./configure --enable-optimizations --disable-test-modules. Previously, the profile data generation step failed due to PGO tests where immortalization couldn’t be properly suppressed. Patch by Bénédikt Tran. ++++ python313: - Update to 3.13.9: - Library - gh-139783: Fix inspect.getsourcelines() for the case when a decorator is followed by a comment or an empty line. - Update to 3.13.8: - macOS - gh-124111: Update macOS installer to use Tcl/Tk 8.6.17. - gh-139573: Updated bundled version of OpenSSL to 3.0.18. - Windows - gh-139573: Updated bundled version of OpenSSL to 3.0.18. - gh-138896: Fix error installing C runtime on non-updated Windows machines - Tools/Demos - gh-139330: SBOM generation tool didn’t cross-check the version and checksum values against the Modules/expat/refresh.sh script, leading to the values becoming out-of-date during routine updates. - gh-137873: The iOS test runner has been simplified, resolving some issues that have been observed using the runner in GitHub Actions and Azure Pipelines test environments. - Tests - gh-139208: Fix regrtest --fast-ci --verbose: don’t ignore the - -verbose option anymore. Patch by Victor Stinner. - Security - gh-139400: xml.parsers.expat: Make sure that parent Expat parsers are only garbage-collected once they are no longer referenced by subparsers created by ExternalEntityParserCreate(). Patch by Sebastian Pipping. - gh-139283: sqlite3: correctly handle maximum number of rows to fetch in Cursor.fetchmany and reject negative values for Cursor.arraysize. Patch by Bénédikt Tran. - gh-135661: Fix CDATA section parsing in html.parser.HTMLParser according to the HTML5 standard: ] ]> and ]] > no longer end the CDATA section. Add private method _set_support_cdata() which can be used to specify how to parse <[CDATA[ — as a CDATA section in foreign content (SVG or MathML) or as a bogus comment in the HTML namespace. - Library - gh-139312: Upgrade bundled libexpat to 2.7.3 - gh-139289: Do a real lazy-import on rlcompleter in pdb and restore the existing completer after importing rlcompleter. - gh-139210: Fix use-after-free when reporting unknown event in xml.etree.ElementTree.iterparse(). Patch by Ken Jin. - gh-138860: Lazy import rlcompleter in pdb to avoid deadlock in subprocess. - gh-112729: Fix crash when calling _interpreters.create when the process is out of memory. - gh-139076: Fix a bug in the pydoc module that was hiding functions in a Python module if they were implemented in an extension module and the module did not have __all__. - gh-138998: Update bundled libexpat to 2.7.2 - gh-130567: Fix possible crash in locale.strxfrm() due to a platform bug on macOS. - gh-138779: Support device numbers larger than 2**63-1 for the st_rdev field of the os.stat_result structure. - gh-128636: Fix crash in PyREPL when os.environ is overwritten with an invalid value for mac - gh-88375: Fix normalization of the robots.txt rules and URLs in the urllib.robotparser module. No longer ignore trailing ?. Distinguish raw special characters ?, = and & from the percent-encoded ones. - gh-138515: email is added to Emscripten build. - gh-111788: Fix parsing errors in the urllib.robotparser module. Don’t fail trying to parse weird paths. Don’t fail trying to decode non-UTF-8 robots.txt files. - gh-138432: zoneinfo.reset_tzpath() will now convert any os.PathLike objects it receives into strings before adding them to TZPATH. It will raise TypeError if anything other than a string is found after this conversion. If given an os.PathLike object that represents a relative path, it will now raise ValueError instead of TypeError, and present a more informative error message. - gh-138008: Fix segmentation faults in the ctypes module due to invalid argtypes. Patch by Dung Nguyen. - gh-60462: Fix locale.strxfrm() on Solaris (and possibly other platforms). - gh-138204: Forbid expansion of shared anonymous memory maps on Linux, which caused a bus error. - gh-138010: Fix an issue where defining a class with a @warnings.deprecated-decorated base class may not invoke the correct __init_subclass__() method in cases involving multiple inheritance. Patch by Brian Schubert. - gh-138133: Prevent infinite traceback loop when sending CTRL^C to Python through strace. - gh-134869: Fix an issue where pressing Ctrl+C during tab completion in the REPL would leave the autocompletion menu in a corrupted state. - gh-137317: inspect.signature() now correctly handles classes that use a descriptor on a wrapped __init__() or __new__() method. Contributed by Yongyu Yan. - gh-137754: Fix import of the zoneinfo module if the C implementation of the datetime module is not available. - gh-137490: Handle ECANCELED in the same way as EINTR in signal.sigwaitinfo() on NetBSD. - gh-137477: Fix inspect.getblock(), inspect.getsourcelines() and inspect.getsource() for generator expressions. - gh-137017: Fix threading.Thread.is_alive to remain True until the underlying OS thread is fully cleaned up. This avoids false negatives in edge cases involving thread monitoring or premature threading.Thread.is_alive calls. - gh-136134: SMTP.auth_cram_md5() now raises an SMTPException instead of a ValueError if Python has been built without MD5 support. In particular, SMTP clients will not attempt to use this method even if the remote server is assumed to support it. Patch by Bénédikt Tran. - gh-136134: IMAP4.login_cram_md5 now raises an IMAP4.error if CRAM-MD5 authentication is not supported. Patch by Bénédikt Tran. - gh-135386: Fix opening a dbm.sqlite3 database for reading from read-only file or directory. - gh-126631: Fix multiprocessing forkserver bug which prevented __main__ from being preloaded. - gh-123085: In a bare call to importlib.resources.files(), ensure the caller’s frame is properly detected when importlib.resources is itself available as a compiled module only (no source). - gh-118981: Fix potential hang in multiprocessing.popen_spawn_posix that can happen when the child proc dies early by closing the child fds right away. - gh-78319: UTF8 support for the IMAP APPEND command has been made RFC compliant. - bpo-38735: Fix failure when importing a module from the root directory on unix-like platforms with sys.pycache_prefix set. - bpo-41839: Allow negative priority values from os.sched_get_priority_min() and os.sched_get_priority_max() functions. - Core and Builtins - gh-134466: Don’t run PyREPL in a degraded environment where setting termios attributes is not allowed. - gh-71810: Raise OverflowError for (-1).to_bytes() for signed conversions when bytes count is zero. Patch by Sergey B Kirpichev. - gh-105487: Remove non-existent __copy__(), __deepcopy__(), and __bases__ from the __dir__() entries of types.GenericAlias. - gh-134163: Fix a hang when the process is out of memory inside an exception handler. - gh-138479: Fix a crash when a generic object’s __typing_subst__ returns an object that isn’t a tuple. - gh-137576: Fix for incorrect source code being shown in tracebacks from the Basic REPL when PYTHONSTARTUP is given. Patch by Adam Hartz. - gh-132744: Certain calls now check for runaway recursion and respect the system recursion limit. - C API - gh-87135: Attempting to acquire the GIL after runtime finalization has begun in a different thread now causes the thread to hang rather than terminate, which avoids potential crashes or memory corruption caused by attempting to terminate a thread that is running code not specifically designed to support termination. In most cases this hanging is harmless since the process will soon exit anyway. While not officially marked deprecated until 3.14, PyThread_exit_thread is no longer called internally and remains solely for interface compatibility. Its behavior is inconsistent across platforms, and it can only be used safely in the unlikely case that every function in the entire call stack has been designed to support the platform-dependent termination mechanism. It is recommended that users of this function change their design to not require thread termination. In the unlikely case that thread termination is needed and can be done safely, users may migrate to calling platform-specific APIs such as pthread_exit (POSIX) or _endthreadex (Windows) directly. - Build - gh-135734: Python can correctly be configured and built with ./configure --enable-optimizations --disable-test-modules. Previously, the profile data generation step failed due to PGO tests where immortalization couldn’t be properly suppressed. Patch by Bénédikt Tran. ------------------------------------------------------------------ ------------------ 2025-10-14 - Oct 14 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ftrace: Also allocate and copy hash for reading of filter files (bsc#1250032 CVE-2025-39813). - commit cef7211 - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (git-fixes). - commit a1733f5 - Disable CET before shutdown by tboot (bsc#1247950). Tboot isn't compatible with CET (yet). So use an out-of-tree patch provided by Intel to disable CET before jumping into tboot as part of the shutdown sequence. - commit 25a6f98 - drm/amd/display: Enable Dynamic DTBCLK Switch (bsc#1243112). - drm/amdgpu: Report individual reset error (bsc#1243112). - drm/amd: Check whether secure display TA loaded successfully (bsc#1243112). - drm/amdkfd: Fix mmap write lock not release (bsc#1243112). - drm/amdgpu: Fix for GPU reset being blocked by KIQ I/O (bsc#1243112). - drm/amd: Avoid evicting resources at S5 (bsc#1243112). - drm/amdgpu/mes12: implement detect and reset callback (bsc#1243112). - drm/amdgpu/mes11: implement detect and reset callback (bsc#1243112). - drm/amdgpu/mes: add front end for detect and reset hung queue (bsc#1243112). - drm/amd/amdgpu: Implement MES suspend/resume gang functionality for v12 (bsc#1243112). - drm/amdgpu/vpe: cancel delayed work in hw_fini (bsc#1243112). - commit d1679a6 - ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032 CVE-2025-39813). - commit 596515e - x86/bugs: Fix GDS mitigation selecting when mitigation is off (git-fixes). - commit 75fb73f - x86/bugs: Add attack vector controls for SSB (git-fixes). - commit ae652b4 - drm/amd: Only restore cached manual clock settings in restore if OD enabled (bsc#1243112). - drm/amd/display: Add NULL check for stream before dereference in 'dm_vupdate_high_irq' (bsc#1243112). - drm/amd/display: Fix vupdate_offload_work doc (bsc#1243112). - drm/amdgpu: fix link error for !PM_SLEEP (bsc#1243112). - commit 5e5cc07 - drm/amd/display: more liberal vmin/vmax update for freesync (bsc#1243112). - drm/amd/display: fix dmub access race condition (bsc#1243112). - commit 3d8614e - Drop bogus AMDGPU backport patch from 6.12.y stable Deleted: patches.suse/drm-amdgpu-VCN-v5_0_1-to-prevent-FW-checking-RB-duri.patch The backport was a mess, and the added code wasn't actually used at all. - commit 4e052cc - drm/amdgpu: Avoid rma causes GPU duplicate reset (bsc#1243112). - drm/amd: Restore cached manual clock settings during resume (bsc#1243112). - PM: hibernate: Fix pm_hibernation_mode_is_suspend() build breakage (bsc#1243112). - drm/amd: Fix hybrid sleep (bsc#1243112). - PM: hibernate: Add pm_hibernation_mode_is_suspend() (bsc#1243112). - PM: hibernate: Add stub for pm_hibernate_is_recovering() (bsc#1243112). - drm/amdgpu: do not resume device in thaw for normal hibernation (bsc#1243112). - PM: hibernate: add new api pm_hibernate_is_recovering() (bsc#1243112). - commit f6582d3 - mm: memory-tiering: fix PGPROMOTE_CANDIDATE counting - kabi (bsc#1245630). - commit cf64417 - trace/fgraph: Fix error handling (git-fixes). - commit 96a9de8 - trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211 CVE-2025-38539). - commit 0901700 - x86/bugs: Select best SRSO mitigation (git-fixes). - commit b4f33d4 - x86/bugs: Print enabled attack vectors (git-fixes). - commit b08aa53 - x86/bugs: Add attack vector controls for TSA (git-fixes). - commit 7acc191 - cpu: Define attack vectors (git-fixes). - commit c8fa133 - x86/pti: Add attack vector controls for PTI (git-fixes). - commit 78147b6 - x86/bugs: Add attack vector controls for ITS (git-fixes). - commit 3b568ea - x86/bugs: Add attack vector controls for SRSO (git-fixes). - commit 0e4f2f2 - x86/bugs: Add attack vector controls for L1TF (git-fixes). - commit 987b389 - x86/bugs: Add attack vector controls for spectre_v2 (git-fixes). - commit dd53eb3 - x86/bugs: Add attack vector controls for BHI (git-fixes). - commit 5656bb2 - x86/bugs: Add attack vector controls for spectre_v2_user (git-fixes). - commit 16df3c7 - x86/bugs: Add attack vector controls for retbleed (git-fixes). - commit 5580d6e - x86/bugs: Add attack vector controls for spectre_v1 (git-fixes). - commit cc85e5a - x86/bugs: Add attack vector controls for GDS (git-fixes). - commit 6711126 - x86/bugs: Add attack vector controls for SRBDS (git-fixes). - commit 1fea28a - x86/bugs: Add attack vector controls for RFDS (git-fixes). - commit 9771c45 - x86/bugs: Add attack vector controls for MMIO (git-fixes). - commit 2753f65 - x86/bugs: Add attack vector controls for TAA (git-fixes). - commit c1e124c - x86/bugs: Add attack vector controls for MDS (git-fixes). - commit 052575a - x86/bugs: Define attack vectors relevant for each bug (git-fixes). - commit 83936cf - x86/Kconfig: Add arch attack vector support (git-fixes). - commit bb7b76d - Documentation/x86: Document new attack vector controls (git-fixes). - commit 507712f - RDMA/mana_ib: Extend modify QP (bsc#1251135). - RDMA/mana_ib: Drain send wrs of GSI QP (bsc#1251135). - net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754). - cnic: Fix use-after-free bugs in cnic_delete_task (CVE-2025-39945 bsc#1251230). - commit b1cda45 ++++ kernel-rt: - ftrace: Also allocate and copy hash for reading of filter files (bsc#1250032 CVE-2025-39813). - commit cef7211 - media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe (git-fixes). - commit a1733f5 - Disable CET before shutdown by tboot (bsc#1247950). Tboot isn't compatible with CET (yet). So use an out-of-tree patch provided by Intel to disable CET before jumping into tboot as part of the shutdown sequence. - commit 25a6f98 - drm/amd/display: Enable Dynamic DTBCLK Switch (bsc#1243112). - drm/amdgpu: Report individual reset error (bsc#1243112). - drm/amd: Check whether secure display TA loaded successfully (bsc#1243112). - drm/amdkfd: Fix mmap write lock not release (bsc#1243112). - drm/amdgpu: Fix for GPU reset being blocked by KIQ I/O (bsc#1243112). - drm/amd: Avoid evicting resources at S5 (bsc#1243112). - drm/amdgpu/mes12: implement detect and reset callback (bsc#1243112). - drm/amdgpu/mes11: implement detect and reset callback (bsc#1243112). - drm/amdgpu/mes: add front end for detect and reset hung queue (bsc#1243112). - drm/amd/amdgpu: Implement MES suspend/resume gang functionality for v12 (bsc#1243112). - drm/amdgpu/vpe: cancel delayed work in hw_fini (bsc#1243112). - commit d1679a6 - ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032 CVE-2025-39813). - commit 596515e - x86/bugs: Fix GDS mitigation selecting when mitigation is off (git-fixes). - commit 75fb73f - x86/bugs: Add attack vector controls for SSB (git-fixes). - commit ae652b4 - drm/amd: Only restore cached manual clock settings in restore if OD enabled (bsc#1243112). - drm/amd/display: Add NULL check for stream before dereference in 'dm_vupdate_high_irq' (bsc#1243112). - drm/amd/display: Fix vupdate_offload_work doc (bsc#1243112). - drm/amdgpu: fix link error for !PM_SLEEP (bsc#1243112). - commit 5e5cc07 - drm/amd/display: more liberal vmin/vmax update for freesync (bsc#1243112). - drm/amd/display: fix dmub access race condition (bsc#1243112). - commit 3d8614e - Drop bogus AMDGPU backport patch from 6.12.y stable Deleted: patches.suse/drm-amdgpu-VCN-v5_0_1-to-prevent-FW-checking-RB-duri.patch The backport was a mess, and the added code wasn't actually used at all. - commit 4e052cc - drm/amdgpu: Avoid rma causes GPU duplicate reset (bsc#1243112). - drm/amd: Restore cached manual clock settings during resume (bsc#1243112). - PM: hibernate: Fix pm_hibernation_mode_is_suspend() build breakage (bsc#1243112). - drm/amd: Fix hybrid sleep (bsc#1243112). - PM: hibernate: Add pm_hibernation_mode_is_suspend() (bsc#1243112). - PM: hibernate: Add stub for pm_hibernate_is_recovering() (bsc#1243112). - drm/amdgpu: do not resume device in thaw for normal hibernation (bsc#1243112). - PM: hibernate: add new api pm_hibernate_is_recovering() (bsc#1243112). - commit f6582d3 - mm: memory-tiering: fix PGPROMOTE_CANDIDATE counting - kabi (bsc#1245630). - commit cf64417 - trace/fgraph: Fix error handling (git-fixes). - commit 96a9de8 - trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211 CVE-2025-38539). - commit 0901700 - x86/bugs: Select best SRSO mitigation (git-fixes). - commit b4f33d4 - x86/bugs: Print enabled attack vectors (git-fixes). - commit b08aa53 - x86/bugs: Add attack vector controls for TSA (git-fixes). - commit 7acc191 - cpu: Define attack vectors (git-fixes). - commit c8fa133 - x86/pti: Add attack vector controls for PTI (git-fixes). - commit 78147b6 - x86/bugs: Add attack vector controls for ITS (git-fixes). - commit 3b568ea - x86/bugs: Add attack vector controls for SRSO (git-fixes). - commit 0e4f2f2 - x86/bugs: Add attack vector controls for L1TF (git-fixes). - commit 987b389 - x86/bugs: Add attack vector controls for spectre_v2 (git-fixes). - commit dd53eb3 - x86/bugs: Add attack vector controls for BHI (git-fixes). - commit 5656bb2 - x86/bugs: Add attack vector controls for spectre_v2_user (git-fixes). - commit 16df3c7 - x86/bugs: Add attack vector controls for retbleed (git-fixes). - commit 5580d6e - x86/bugs: Add attack vector controls for spectre_v1 (git-fixes). - commit cc85e5a - x86/bugs: Add attack vector controls for GDS (git-fixes). - commit 6711126 - x86/bugs: Add attack vector controls for SRBDS (git-fixes). - commit 1fea28a - x86/bugs: Add attack vector controls for RFDS (git-fixes). - commit 9771c45 - x86/bugs: Add attack vector controls for MMIO (git-fixes). - commit 2753f65 - x86/bugs: Add attack vector controls for TAA (git-fixes). - commit c1e124c - x86/bugs: Add attack vector controls for MDS (git-fixes). - commit 052575a - x86/bugs: Define attack vectors relevant for each bug (git-fixes). - commit 83936cf - x86/Kconfig: Add arch attack vector support (git-fixes). - commit bb7b76d - Documentation/x86: Document new attack vector controls (git-fixes). - commit 507712f - RDMA/mana_ib: Extend modify QP (bsc#1251135). - RDMA/mana_ib: Drain send wrs of GSI QP (bsc#1251135). - net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754). - cnic: Fix use-after-free bugs in cnic_delete_task (CVE-2025-39945 bsc#1251230). - commit b1cda45 ++++ nvidia-open-driver-G06-signed: - changed Requires to * nvidia-modprobe = %version * nvidia-persitenced = %version it has been >= before ... ------------------------------------------------------------------ ------------------ 2025-10-13 - Oct 13 2025 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix "sparse file not allowed" error after grub2-reboot (bsc#1245738) * grub2-grubenv-in-btrfs-header.patch - Fix PowerPC network boot prefix to correctly locate grub.cfg (bsc#1249385) * 0001-ieee1275-Use-net-config-for-boot-location-instead-of.patch ++++ kernel-default: - powerpc/ftrace: ensure ftrace record ops are always set for NOPs (jsc#PED-10909 git-fixes). - commit 27e3939 - powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199). - powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199). - powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199). - KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199). - powerpc: floppy: Add missing checks after DMA map (bsc#1215199). - commit 1ed7d5a - powerpc64/modules: correctly iterate over stubs in setup_ftrace_ool_stubs (jsc#PED-10909 git-fixes). - commit 5325db8 - USB: serial: option: add SIMCom 8230C compositions (stable-fixes). - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 (stable-fixes). - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188 (stable-fixes). - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 (stable-fixes). - drm/amdgpu: Enable MES lr_compute_wa by default (stable-fixes). - driver core/PM: Set power.no_callbacks along with power.no_pm (stable-fixes). - platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (stable-fixes). - can: rcar_canfd: Fix controller mode setting (stable-fixes). - can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled (stable-fixes). - ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue (stable-fixes). - ASoC: amd: acp: Adjust pdm gain value (stable-fixes). - platform/x86/amd/pmf: Support new ACPI ID AMDI0108 (stable-fixes). - platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (stable-fixes). - hid: fix I2C read buffer overflow in raw_event() for mcp2221 (stable-fixes). - drm/amd/include : Update MES v12 API for fence update (stable-fixes). - drm/amd/include : MES v11 and v12 API header update (stable-fixes). - drm/amd : Update MES API header file for v11 & v12 (stable-fixes). - commit 0f46bd5 ++++ kernel-rt: - powerpc/ftrace: ensure ftrace record ops are always set for NOPs (jsc#PED-10909 git-fixes). - commit 27e3939 - powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199). - powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199). - powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199). - KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199). - powerpc: floppy: Add missing checks after DMA map (bsc#1215199). - commit 1ed7d5a - powerpc64/modules: correctly iterate over stubs in setup_ftrace_ool_stubs (jsc#PED-10909 git-fixes). - commit 5325db8 - USB: serial: option: add SIMCom 8230C compositions (stable-fixes). - Bluetooth: btusb: Add USB ID 2001:332a for D-Link AX9U rev. A1 (stable-fixes). - wifi: rtl8xxxu: Don't claim USB ID 07b8:8188 (stable-fixes). - wifi: rtlwifi: rtl8192cu: Don't claim USB ID 07b8:8188 (stable-fixes). - drm/amdgpu: Enable MES lr_compute_wa by default (stable-fixes). - driver core/PM: Set power.no_callbacks along with power.no_pm (stable-fixes). - platform/x86/amd/pmc: Add Stellaris Slim Gen6 AMD to spurious 8042 quirks list (stable-fixes). - can: rcar_canfd: Fix controller mode setting (stable-fixes). - can: hi311x: fix null pointer dereference when resuming from sleep before interface was enabled (stable-fixes). - ASoC: rt5682s: Adjust SAR ADC button mode to fix noise issue (stable-fixes). - ASoC: amd: acp: Adjust pdm gain value (stable-fixes). - platform/x86/amd/pmf: Support new ACPI ID AMDI0108 (stable-fixes). - platform/x86/amd/pmc: Add MECHREVO Yilong15Pro to spurious_8042 list (stable-fixes). - hid: fix I2C read buffer overflow in raw_event() for mcp2221 (stable-fixes). - drm/amd/include : Update MES v12 API for fence update (stable-fixes). - drm/amd/include : MES v11 and v12 API header update (stable-fixes). - drm/amd : Update MES API header file for v11 & v12 (stable-fixes). - commit 0f46bd5 ++++ libvirt: - qemu: Add support for Intel TDX jsc#PED-9265 ------------------------------------------------------------------ ------------------ 2025-10-12 - Oct 12 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rtc: optee: fix memory leak on driver removal (git-fixes). - rtc: x1205: Fix Xicor X1205 vendor prefix (git-fixes). - commit b6c4ddb ++++ kernel-rt: - rtc: optee: fix memory leak on driver removal (git-fixes). - rtc: x1205: Fix Xicor X1205 vendor prefix (git-fixes). - commit b6c4ddb ------------------------------------------------------------------ ------------------ 2025-10-11 - Oct 11 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/amd/display: Disable scaling on DCE6 for now (git-fixes). - drm/amd/display: Properly disable scaling on DCE6 (git-fixes). - drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 (git-fixes). - drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs (git-fixes). - drm/amdgpu: Add additional DCE6 SCL registers (git-fixes). - drm/xe/hw_engine_group: Fix double write lock release in error path (git-fixes). - drm/xe/uapi: loosen used tracking restriction (git-fixes). - drm/nouveau: fix bad ret code in nouveau_bo_move_prep (git-fixes). - drm/vmwgfx: Fix copy-paste typo in validation (git-fixes). - drm/vmwgfx: Fix Use-after-free in validation (git-fixes). - drm/vmwgfx: Fix a null-ptr access in the cursor snooper (git-fixes). - of: unittest: Fix device reference count leak in of_unittest_pci_node_verify (git-fixes). - ASoC: SOF: Intel: Read the LLP via the associated Link DMA channel (git-fixes). - ASoC: SOF: Intel: hda-pcm: Place the constraint on period time instead of buffer time (git-fixes). - ASoC: SOF: ipc4-topology: Account for different ChainDMA host buffer size (git-fixes). - ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer size (git-fixes). - ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down (git-fixes). - fbdev: Fix logic error in "offb" name match (git-fixes). - fbdev: simplefb: Fix use after free in simplefb_detach_genpds() (git-fixes). - gpio: wcd934x: mark the GPIO controller as sleeping (git-fixes). - crypto: essiv - Check ssize for decryption and in-place encryption (git-fixes). - tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (git-fixes). - commit 850e21e ++++ kernel-rt: - drm/amd/display: Disable scaling on DCE6 for now (git-fixes). - drm/amd/display: Properly disable scaling on DCE6 (git-fixes). - drm/amd/display: Properly clear SCL_*_FILTER_CONTROL on DCE6 (git-fixes). - drm/amd/display: Add missing DCE6 SCL_HORZ_FILTER_INIT* SRIs (git-fixes). - drm/amdgpu: Add additional DCE6 SCL registers (git-fixes). - drm/xe/hw_engine_group: Fix double write lock release in error path (git-fixes). - drm/xe/uapi: loosen used tracking restriction (git-fixes). - drm/nouveau: fix bad ret code in nouveau_bo_move_prep (git-fixes). - drm/vmwgfx: Fix copy-paste typo in validation (git-fixes). - drm/vmwgfx: Fix Use-after-free in validation (git-fixes). - drm/vmwgfx: Fix a null-ptr access in the cursor snooper (git-fixes). - of: unittest: Fix device reference count leak in of_unittest_pci_node_verify (git-fixes). - ASoC: SOF: Intel: Read the LLP via the associated Link DMA channel (git-fixes). - ASoC: SOF: Intel: hda-pcm: Place the constraint on period time instead of buffer time (git-fixes). - ASoC: SOF: ipc4-topology: Account for different ChainDMA host buffer size (git-fixes). - ASoC: SOF: ipc4-topology: Correct the minimum host DMA buffer size (git-fixes). - ASoC: SOF: ipc3-topology: Fix multi-core and static pipelines tear down (git-fixes). - fbdev: Fix logic error in "offb" name match (git-fixes). - fbdev: simplefb: Fix use after free in simplefb_detach_genpds() (git-fixes). - gpio: wcd934x: mark the GPIO controller as sleeping (git-fixes). - crypto: essiv - Check ssize for decryption and in-place encryption (git-fixes). - tpm_tis: Fix incorrect arguments in tpm_tis_probe_irq_single (git-fixes). - commit 850e21e ++++ libsoup: - Add libsoup-CVE-2025-11021.patch: Ignore invalid date when processing cookies to prevent out-of-bounds read (bsc#1250562, CVE-2025-11021, glgo#GNOME/libsoup!482). ------------------------------------------------------------------ ------------------ 2025-10-10 - Oct 10 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/topology: Implement topology_is_core_online() to address SMT regression (jsc#PED-13815). - commit 13d76d5 - x86/smp: Fix mwait_play_dead() and acpi_processor_ffh_play_dead() noreturn behavior (jsc#PED-13815). - commit 24aa526 - ACPI/processor_idle: Export acpi_processor_ffh_play_dead() (jsc#PED-13815). - commit 7d8dbc7 - drm/amd/display: update sequential pg logic DCN35 (CVE-2025-38360 bsc#1247078). - Refresh patches.suse/drm-amd-display-Add-more-checks-for-DSC-HUBP-ONO-gua.patch. - commit ad27636 - drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes). - commit 61c6ea5 - Refresh patches.suse/drm-amdgpu-Fix-Circular-Locking-Dependency-in-AMDGPU.patch Correct the wrong bool arguments, to align with the upstream behavior - commit 8db2492 - mm: memory-tiering: fix PGPROMOTE_CANDIDATE counting (bsc#1245630). - commit 0cbd971 - Reapply "x86/smp: Eliminate mwait_play_dead_cpuid_hint()" (jsc#PED-13815). - commit 5f6e3a3 - ACPI: processor: Rescan "dead" SMT siblings during initialization (jsc#PED-13815). - commit 6cf1b0e - intel_idle: Rescan "dead" SMT siblings during initialization (jsc#PED-13815). - commit 19451cd - x86/smp: PM/hibernate: Split arch_resume_nosmt() (jsc#PED-13815). - commit 88ac4d0 - intel_idle: Use subsys_initcall_sync() for initialization (jsc#PED-13815). - commit 05a8782 - intel_idle: Provide the default enter_dead() handler (jsc#PED-13815). - commit 3fe4d1d - ACPI/processor_idle: Add FFH state handling (jsc#PED-13815). - commit bbf694a - x86/smp: Allow calling mwait_play_dead with an arbitrary hint (jsc#PED-13815). - commit ce38e7e - net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock (git-fixes). - commit 377678d ++++ kernel-rt: - x86/topology: Implement topology_is_core_online() to address SMT regression (jsc#PED-13815). - commit 13d76d5 - x86/smp: Fix mwait_play_dead() and acpi_processor_ffh_play_dead() noreturn behavior (jsc#PED-13815). - commit 24aa526 - ACPI/processor_idle: Export acpi_processor_ffh_play_dead() (jsc#PED-13815). - commit 7d8dbc7 - drm/amd/display: update sequential pg logic DCN35 (CVE-2025-38360 bsc#1247078). - Refresh patches.suse/drm-amd-display-Add-more-checks-for-DSC-HUBP-ONO-gua.patch. - commit ad27636 - drm/amd/display: add workaround flag to link to force FFE preset (stable-fixes). - commit 61c6ea5 - Refresh patches.suse/drm-amdgpu-Fix-Circular-Locking-Dependency-in-AMDGPU.patch Correct the wrong bool arguments, to align with the upstream behavior - commit 8db2492 - mm: memory-tiering: fix PGPROMOTE_CANDIDATE counting (bsc#1245630). - commit 0cbd971 - Reapply "x86/smp: Eliminate mwait_play_dead_cpuid_hint()" (jsc#PED-13815). - commit 5f6e3a3 - ACPI: processor: Rescan "dead" SMT siblings during initialization (jsc#PED-13815). - commit 6cf1b0e - intel_idle: Rescan "dead" SMT siblings during initialization (jsc#PED-13815). - commit 19451cd - x86/smp: PM/hibernate: Split arch_resume_nosmt() (jsc#PED-13815). - commit 88ac4d0 - intel_idle: Use subsys_initcall_sync() for initialization (jsc#PED-13815). - commit 05a8782 - intel_idle: Provide the default enter_dead() handler (jsc#PED-13815). - commit 3fe4d1d - ACPI/processor_idle: Add FFH state handling (jsc#PED-13815). - commit bbf694a - x86/smp: Allow calling mwait_play_dead with an arbitrary hint (jsc#PED-13815). - commit ce38e7e - net: usb: asix: hold PM usage ref to avoid PM/MDIO + RTNL deadlock (git-fixes). - commit 377678d ++++ runc: [ This update was only released for SLE 12 and 15. ] - Update to runc v1.2.7. Upstream changelog is available from . ------------------------------------------------------------------ ------------------ 2025-10-9 - Oct 9 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (CVE-2025-38700 bsc#1249182). - commit b82e3fc - Update patches.suse/scsi-lpfc-Fix-buffer-free-clear-order-in-deferred-re.patch (bsc#1250519 bsc#1250247/CVE-2025-39841). Added in new bug number and CVE number. - commit 778e5da - netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237). No CVE available yet, please see the bugzilla ticket referenced. - commit d6e82ec - README.BRANCH: mfranc@suse.cz leaving SUSE - commit 29cd3a3 - ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (git-fixes). - commit d186b30 - ext4: fix an off-by-one issue during moving extents (git-fixes). - commit 176d807 - ext4: add ext4_sb_bread_nofail() helper function for ext4_free_branches() (git-fixes). - commit 9860491 - ext4: fix hole length calculation overflow in non-extent inodes (git-fixes). - commit b7d6d21 - ext4: don't try to clear the orphan_present feature block device is r/o (git-fixes). - commit 3758b29 - ext4: fix reserved gdt blocks handling in fsmap (git-fixes). - commit 82855aa - ext4: fix fsmap end of range reporting with bigalloc (git-fixes). - commit f381d1b - ext4: check fast symlink for ea_inode correctly (git-fixes). - commit 720dc5d - ext4: preserve SB_I_VERSION on remount (git-fixes). - commit 4cf6f00 - ext4: fix largest free orders lists corruption on mb_optimize_scan switch (git-fixes). - commit 6f98372 - ext4: fix zombie groups in average fragment size lists (git-fixes). - commit 8313998 - ext4: Make sure BH_New bit is cleared in ->write_end handler (git-fixes). - commit 8eb04f9 - ext4: ensure i_size is smaller than maxbytes (git-fixes). - commit f9c6d79 - ext4: factor out ext4_get_maxbytes() (git-fixes). - commit a0eb116 - ext4: fix calculation of credits for extent tree modification (git-fixes). - commit 3858fc4 - ext4: reorder capability check last (git-fixes). - commit 05df3ba - jbd2: do not try to recover wiped journal (git-fixes). - commit 72ca0c0 - ext4: do not convert the unwritten extents if data writeback fails (git-fixes). - commit 27c9400 - drm/amdgpu: Fix allocating extra dwords for rings (v2) (git-fixes). - drm/amd/display: remove output_tf_change flag (git-fixes). - drm/amd/display: Init DCN35 clocks from pre-os HW values (git-fixes). - drm/amd/amdgpu: Declare isp firmware binary file (stable-fixes). - drm/amd/display: Don't warn when missing DCE encoder caps (stable-fixes). - drm/amdgpu/gfx10: fix KGQ reset sequence (git-fixes). - drm/amd/display: Don't check for NULL divisor in fixpt code (git-fixes). - drm/amdgpu/mes: enable compute pipes across all MEC (git-fixes). - drm/amdgpu/mes: optimize compute loop handling (stable-fixes). - drm/amdgpu/vcn: fix ref counting for ring based profile handling (git-fixes). - commit 328f37b - fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455 CVE-2025-39866). - commit dacb491 - kernfs: Fix UAF in polling when open file is released (bsc#1250379 CVE-2025-39881). - commit debfec6 - fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512 CVE-2025-39756). - commit e9788bc - fs/xattr.c: fix simple_xattr_list to always include security.* xattrs (git-fixes). - commit eabd40a - fs: Remove redundant errseq_set call in mark_buffer_write_io_error (git-fixes). - commit 26efe8f - fs: udf: fix OOB read in lengthAllocDescs handling (git-fixes). - commit e4638c4 - udf: Verify partition map count (git-fixes). - commit 19b7cc7 - udf: Make sure i_lenExtents is uptodate on inode eviction (git-fixes). - commit eba6a22 - readahead: fix return value of page_cache_next_miss() when no hole is found (git-fixes). - commit 17edc41 - fix a leak in fcntl_dirnotify() (git-fixes). - commit 8ed0d88 - fs: quota: create dedicated workqueue for quota_release_work (git-fixes). - commit 13c6f86 - isofs: Verify inode mode when loading from disk (git-fixes). - commit 9fe2789 - isofs: fix Y2038 and Y2156 issues in Rock Ridge TF entry (git-fixes). - commit 6d45c5a - mailbox: mtk-cmdq: Remove pm_runtime APIs from cmdq_mbox_send_data() (git-fixes). - mailbox: zynqmp-ipi: Fix SGI cleanup on unbind (git-fixes). - mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop (git-fixes). - mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (git-fixes). - mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (git-fixes). - Input: psxpad-spi - add a check for the return value of spi_setup() (git-fixes). - Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (git-fixes). - crypto: rng - Ensure set_ent is always present (git-fixes). - commit 342754b - net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y (CVE-2025-39900 bsc#1250758). - commit b0580b7 - arm64: mte: Do not flag the zero page as PG_mte_tagged (git-fixes) - commit a6bcfac ++++ kernel-rt: - scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (CVE-2025-38700 bsc#1249182). - commit b82e3fc - Update patches.suse/scsi-lpfc-Fix-buffer-free-clear-order-in-deferred-re.patch (bsc#1250519 bsc#1250247/CVE-2025-39841). Added in new bug number and CVE number. - commit 778e5da - netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237). No CVE available yet, please see the bugzilla ticket referenced. - commit d6e82ec - README.BRANCH: mfranc@suse.cz leaving SUSE - commit 29cd3a3 - ext4: avoid potential buffer over-read in parse_apply_sb_mount_options() (git-fixes). - commit d186b30 - ext4: fix an off-by-one issue during moving extents (git-fixes). - commit 176d807 - ext4: add ext4_sb_bread_nofail() helper function for ext4_free_branches() (git-fixes). - commit 9860491 - ext4: fix hole length calculation overflow in non-extent inodes (git-fixes). - commit b7d6d21 - ext4: don't try to clear the orphan_present feature block device is r/o (git-fixes). - commit 3758b29 - ext4: fix reserved gdt blocks handling in fsmap (git-fixes). - commit 82855aa - ext4: fix fsmap end of range reporting with bigalloc (git-fixes). - commit f381d1b - ext4: check fast symlink for ea_inode correctly (git-fixes). - commit 720dc5d - ext4: preserve SB_I_VERSION on remount (git-fixes). - commit 4cf6f00 - ext4: fix largest free orders lists corruption on mb_optimize_scan switch (git-fixes). - commit 6f98372 - ext4: fix zombie groups in average fragment size lists (git-fixes). - commit 8313998 - ext4: Make sure BH_New bit is cleared in ->write_end handler (git-fixes). - commit 8eb04f9 - ext4: ensure i_size is smaller than maxbytes (git-fixes). - commit f9c6d79 - ext4: factor out ext4_get_maxbytes() (git-fixes). - commit a0eb116 - ext4: fix calculation of credits for extent tree modification (git-fixes). - commit 3858fc4 - ext4: reorder capability check last (git-fixes). - commit 05df3ba - jbd2: do not try to recover wiped journal (git-fixes). - commit 72ca0c0 - ext4: do not convert the unwritten extents if data writeback fails (git-fixes). - commit 27c9400 - drm/amdgpu: Fix allocating extra dwords for rings (v2) (git-fixes). - drm/amd/display: remove output_tf_change flag (git-fixes). - drm/amd/display: Init DCN35 clocks from pre-os HW values (git-fixes). - drm/amd/amdgpu: Declare isp firmware binary file (stable-fixes). - drm/amd/display: Don't warn when missing DCE encoder caps (stable-fixes). - drm/amdgpu/gfx10: fix KGQ reset sequence (git-fixes). - drm/amd/display: Don't check for NULL divisor in fixpt code (git-fixes). - drm/amdgpu/mes: enable compute pipes across all MEC (git-fixes). - drm/amdgpu/mes: optimize compute loop handling (stable-fixes). - drm/amdgpu/vcn: fix ref counting for ring based profile handling (git-fixes). - commit 328f37b - fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455 CVE-2025-39866). - commit dacb491 - kernfs: Fix UAF in polling when open file is released (bsc#1250379 CVE-2025-39881). - commit debfec6 - fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512 CVE-2025-39756). - commit e9788bc - fs/xattr.c: fix simple_xattr_list to always include security.* xattrs (git-fixes). - commit eabd40a - fs: Remove redundant errseq_set call in mark_buffer_write_io_error (git-fixes). - commit 26efe8f - fs: udf: fix OOB read in lengthAllocDescs handling (git-fixes). - commit e4638c4 - udf: Verify partition map count (git-fixes). - commit 19b7cc7 - udf: Make sure i_lenExtents is uptodate on inode eviction (git-fixes). - commit eba6a22 - readahead: fix return value of page_cache_next_miss() when no hole is found (git-fixes). - commit 17edc41 - fix a leak in fcntl_dirnotify() (git-fixes). - commit 8ed0d88 - fs: quota: create dedicated workqueue for quota_release_work (git-fixes). - commit 13c6f86 - isofs: Verify inode mode when loading from disk (git-fixes). - commit 9fe2789 - isofs: fix Y2038 and Y2156 issues in Rock Ridge TF entry (git-fixes). - commit 6d45c5a - mailbox: mtk-cmdq: Remove pm_runtime APIs from cmdq_mbox_send_data() (git-fixes). - mailbox: zynqmp-ipi: Fix SGI cleanup on unbind (git-fixes). - mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop (git-fixes). - mailbox: zynqmp-ipi: Remove dev.parent check in zynqmp_ipi_free_mboxes (git-fixes). - mailbox: zynqmp-ipi: Remove redundant mbox_controller_unregister() call (git-fixes). - Input: psxpad-spi - add a check for the return value of spi_setup() (git-fixes). - Input: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak (git-fixes). - crypto: rng - Ensure set_ent is always present (git-fixes). - commit 342754b - net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y (CVE-2025-39900 bsc#1250758). - commit b0580b7 - arm64: mte: Do not flag the zero page as PG_mte_tagged (git-fixes) - commit a6bcfac ------------------------------------------------------------------ ------------------ 2025-10-8 - Oct 8 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update to Docker 28.5.1-ce. See upstream changelog online at - Rebased patches: * 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch * 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch * cli-0001-openSUSE-point-users-to-docker-buildx-package.patch * cli-0002-SECRETS-SUSE-default-to-DOCKER_BUILDKIT-0-for-docker.patch - Remove upstreamed patch: - 0007-Add-back-vendor.sum.patch ++++ kernel-default: - ext4: fix checks for orphan inodes (bsc#1250119). - commit c65de7e - smc: Fix lockdep false-positive for IPPROTO_SMC (git-fixes). - Refresh patches.suse/smc-Fix-various-oops-due-to-inet_sock-type-confusion.patch. - commit d87b439 - kABI: add back tx_stopped to kcm_sock struct (bsc#1249167 CVE-2025-38717). The upstream commit 52565a935213 ("net: kcm: Fix race condition in kcm_unattach()") removed the tx_stopped field from the kcm_sock structure. Bring it back to preserve kABI, even though it isn't used. - commit dfccc64 - net: kcm: Fix race condition in kcm_unattach() (CVE-2025-38717 bsc#1249167). - commit e60fdb9 - usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes). - commit edc8bfe - misc: fastrpc: Skip reference for DMA handles (git-fixes). - misc: fastrpc: fix possible map leak in fastrpc_put_args (git-fixes). - misc: fastrpc: Fix fastrpc_map_lookup operation (git-fixes). - misc: fastrpc: Save actual DMA size in fastrpc_map structure (git-fixes). - staging: axis-fifo: flush RX FIFO on read errors (git-fixes). - staging: axis-fifo: fix TX handling on copy_from_user() failure (git-fixes). - staging: axis-fifo: fix maximum TX packet length check (git-fixes). - ACPI: battery: Add synchronization between interface updates (git-fixes). - cpufreq: tegra186: Set target frequency for all cpus in policy (git-fixes). - cpufreq: mediatek: fix device leak on probe failure (git-fixes). - clk: at91: peripheral: fix return value (git-fixes). - clk: mediatek: clk-mux: Do not pass flags to clk_mux_determine_rate_flags() (git-fixes). - clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m (git-fixes). - clk: qcom: tcsrcc-x1e80100: Set the bi_tcxo as parent to eDP refclk (git-fixes). - clk: qcom: common: Fix NULL vs IS_ERR() check in qcom_cc_icc_register() (git-fixes). - clk: renesas: cpg-mssr: Fix memory leak in cpg_mssr_reserved_init() (git-fixes). - clk: tegra: do not overallocate memory for bpmp clocks (git-fixes). - commit bba55ef ++++ kernel-rt: - ext4: fix checks for orphan inodes (bsc#1250119). - commit c65de7e - smc: Fix lockdep false-positive for IPPROTO_SMC (git-fixes). - Refresh patches.suse/smc-Fix-various-oops-due-to-inet_sock-type-confusion.patch. - commit d87b439 - kABI: add back tx_stopped to kcm_sock struct (bsc#1249167 CVE-2025-38717). The upstream commit 52565a935213 ("net: kcm: Fix race condition in kcm_unattach()") removed the tx_stopped field from the kcm_sock structure. Bring it back to preserve kABI, even though it isn't used. - commit dfccc64 - net: kcm: Fix race condition in kcm_unattach() (CVE-2025-38717 bsc#1249167). - commit e60fdb9 - usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes). - commit edc8bfe - misc: fastrpc: Skip reference for DMA handles (git-fixes). - misc: fastrpc: fix possible map leak in fastrpc_put_args (git-fixes). - misc: fastrpc: Fix fastrpc_map_lookup operation (git-fixes). - misc: fastrpc: Save actual DMA size in fastrpc_map structure (git-fixes). - staging: axis-fifo: flush RX FIFO on read errors (git-fixes). - staging: axis-fifo: fix TX handling on copy_from_user() failure (git-fixes). - staging: axis-fifo: fix maximum TX packet length check (git-fixes). - ACPI: battery: Add synchronization between interface updates (git-fixes). - cpufreq: tegra186: Set target frequency for all cpus in policy (git-fixes). - cpufreq: mediatek: fix device leak on probe failure (git-fixes). - clk: at91: peripheral: fix return value (git-fixes). - clk: mediatek: clk-mux: Do not pass flags to clk_mux_determine_rate_flags() (git-fixes). - clk: mediatek: mt8195-infra_ao: Fix parent for infra_ao_hdmi_26m (git-fixes). - clk: qcom: tcsrcc-x1e80100: Set the bi_tcxo as parent to eDP refclk (git-fixes). - clk: qcom: common: Fix NULL vs IS_ERR() check in qcom_cc_icc_register() (git-fixes). - clk: renesas: cpg-mssr: Fix memory leak in cpg_mssr_reserved_init() (git-fixes). - clk: tegra: do not overallocate memory for bpmp clocks (git-fixes). - commit bba55ef ++++ nvidia-open-driver-G06-signed: - Check4WrongSupplements.sh * check for wrong Supplements in generated KMPs after build by misusing %post of a dummy "check" subpackage ------------------------------------------------------------------ ------------------ 2025-10-7 - Oct 7 2025 ------------------- ------------------------------------------------------------------ ++++ glibc: - abort-msg-s-underallocation.patch: Fix underallocation of abort_msg_s struct (CVE-2025-0395, bsc#1236282, BZ #32582) ++++ kernel-default: - ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset (jsc#PED-13728). - commit 4569920 - idpf: set mac type when adding and removing MAC filters (jsc#PED-13728). - idpf: fix UAF in RDMA core aux dev deinitialization (jsc#PED-13728). - idpf: remove obsolete stashing code (jsc#PED-13728). - idpf: stop Tx if there are insufficient buffer resources (jsc#PED-13728). - idpf: replace flow scheduling buffer ring with buffer pool (jsc#PED-13728). - idpf: simplify and fix splitq Tx packet rollback error path (jsc#PED-13728). - idpf: improve when to set RE bit logic (jsc#PED-13728). - idpf: add support for Tx refillqs in flow scheduling mode (jsc#PED-13728). - idpf: preserve coalescing settings across resets (jsc#PED-13728). - idpf: add cross timestamping (jsc#PED-13728). - idpf: add flow steering support (jsc#PED-13728). - virtchnl2: add flow steering support (jsc#PED-13728). - virtchnl2: rename enum virtchnl2_cap_rss (jsc#PED-13728). - idpf: implement get LAN MMIO memory regions (jsc#PED-13728 jsc#PED-13762). - idpf: implement IDC vport aux driver MTU change handler (jsc#PED-13728 jsc#PED-13762). - idpf: implement remaining IDC RDMA core callbacks and handlers (jsc#PED-13728 jsc#PED-13762). - idpf: implement RDMA vport auxiliary dev create, init, and destroy (jsc#PED-13728 jsc#PED-13762). - idpf: implement core RDMA auxiliary dev create, init, and destroy (jsc#PED-13728 jsc#PED-13762). - idpf: use reserved RDMA vectors from control plane (jsc#PED-13728 jsc#PED-13762). - idpf: add support for Rx timestamping (jsc#PED-13728 jsc#PED-13762). - idpf: add Tx timestamp flows (jsc#PED-13728 jsc#PED-13762). - idpf: add Tx timestamp capabilities negotiation (jsc#PED-13728 jsc#PED-13762). - idpf: add PTP clock configuration (jsc#PED-13728 jsc#PED-13762). - idpf: add mailbox access to read PTP clock time (jsc#PED-13728 jsc#PED-13762). - idpf: negotiate PTP capabilities and get PTP clock (jsc#PED-13728 jsc#PED-13762). - idpf: move virtchnl structures to the header file (jsc#PED-13728 jsc#PED-13762). - virtchnl: add PTP virtchnl definitions (jsc#PED-13728 jsc#PED-13762). - idpf: add initial PTP support (jsc#PED-13728 jsc#PED-13762). - idpf: change the method for mailbox workqueue allocation (jsc#PED-13728 jsc#PED-13762). - iidc/ice/irdma: Update IDC to support multiple consumers (jsc#PED-13728 jsc#PED-13762). - ice: Replace ice specific DSCP mapping num with a kernel define (jsc#PED-13728 jsc#PED-13762). - iidc/ice/irdma: Break iidc.h into two headers (jsc#PED-13728 jsc#PED-13762). - iidc/ice/irdma: Rename to iidc_* convention (jsc#PED-13728 jsc#PED-13762). - iidc/ice/irdma: Rename IDC header file (jsc#PED-13728 jsc#PED-13762). - idpf: remove unreachable code from setting mailbox (jsc#PED-13728 jsc#PED-13762). - idpf: assign extracted ptype to struct libeth_rqe_info field (jsc#PED-13728 jsc#PED-13762). - libeth: move idpf_rx_csum_decoded and idpf_rx_extracted (jsc#PED-13728 jsc#PED-13762). - resource: Add resource set range and size helpers (jsc#PED-13728 jsc#PED-13762). - commit 7610740 - smb: client: fix crypto buffers in non-linear memory (bsc#1250491, boo#1239206). - commit 95451c8 - tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650). - commit 458b7be - Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running" (git-fixes). - commit 888e234 - kABI workaround for struct atmdev_ops extension (CVE-2025-39828 bsc#1250205). - commit e17abcd - atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (CVE-2025-39828 bsc#1250205). - commit a33e596 - nfsd: fix access checking for NLM under XPRTSEC policies (git-fixes). - commit 373e2d2 - nfsd: Fix NFSD_MAY_BYPASS_GSS and NFSD_MAY_BYPASS_GSS_ON_ROOT (git-fixes). - commit 8f7d330 - NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() (git-fixes). - commit f2f0b4c - sunrpc: fix null pointer dereference on zero-length checksum (git-fixes). - commit 77680ce - kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime (CVE-2025-38470 bsc#1247288). - commit 872debf - genetlink: fix genl_bind() invoking bind() after -EPERM (CVE-2025-39926 bsc#1250737). - e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898 bsc#1250742). - vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (CVE-2025-39851 bsc#1250296). - commit b1c6264 - ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes). - watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes). - PCI/ACPI: Fix pci_acpi_preserve_config() memory leak (git-fixes). - PCI: xilinx-nwl: Fix ECAM programming (git-fixes). - PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes). - PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes). - PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes). - PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock (git-fixes). - PCI: rcar-host: Drop PMSR spinlock (git-fixes). - PCI: rcar-gen4: Fix inverted break condition in PHY initialization (git-fixes). - PCI: rcar-gen4: Assure reset occurs before DBI access (git-fixes). - PCI: rcar-gen4: Add missing 1ms delay after PWR reset assertion (git-fixes). - PCI: rcar-gen4: Fix PHY initialization (git-fixes). - PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (git-fixes). - PCI: j721e: Fix incorrect error message in probe() (git-fixes). - PCI: j721e: Fix programming sequence of "strap" settings (git-fixes). - PCI: tegra194: Handle errors in BPMP response (git-fixes). - PCI: tegra194: Reset BARs when running in PCIe endpoint mode (git-fixes). - PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes). - PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes). - PCI/pwrctrl: Fix device leak at registration (git-fixes). - PCI/sysfs: Ensure devices are powered for config reads (git-fixes). - PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes). - PCI/ERR: Fix uevent on failure to recover (git-fixes). - dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes). - phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes). - media: rc: fix races with imon_disconnect() (git-fixes). - commit 89c34cb - arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes) - commit bf06513 - arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes) - commit d06126a - arm64: dts: imx95: Correct the lpuart7 and lpuart8 srcid (git-fixes) - commit d730190 - arm64: dts: imx93-kontron: Fix USB port assignment (git-fixes) - commit 986b7b9 - arm64: dts: imx93-kontron: Fix GPIO for panel regulator (git-fixes) - commit 2c413ce - bpf, arm64: Call bpf_jit_binary_pack_finalize() in bpf_jit_free() (git-fixes) - commit e47726c - arm64: map [_text, _stext) virtual address range (git-fixes) - commit 10168ba - arm64: dts: imx8mp: Correct thermal sensor index (git-fixes) - commit 7d86bf9 - arm64: dts: marvell: cn9132-clearfog: fix multi-lane pci x2 and x4 (git-fixes) - commit da906fa - arm64: dts: marvell: cn9132-clearfog: disable eMMC high-speed modes (git-fixes) - commit 8fbea30 - Refresh new ".init.text.ftrace_trampoline" kABI fix. First version made modules build before patch [1] fail to load. [1] a7ed7b9d0ebb0 "arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module with CONFIG_DYNAMIC_FTRACE" - commit 6910b1a ++++ kernel-rt: - ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset (jsc#PED-13728). - commit 4569920 - idpf: set mac type when adding and removing MAC filters (jsc#PED-13728). - idpf: fix UAF in RDMA core aux dev deinitialization (jsc#PED-13728). - idpf: remove obsolete stashing code (jsc#PED-13728). - idpf: stop Tx if there are insufficient buffer resources (jsc#PED-13728). - idpf: replace flow scheduling buffer ring with buffer pool (jsc#PED-13728). - idpf: simplify and fix splitq Tx packet rollback error path (jsc#PED-13728). - idpf: improve when to set RE bit logic (jsc#PED-13728). - idpf: add support for Tx refillqs in flow scheduling mode (jsc#PED-13728). - idpf: preserve coalescing settings across resets (jsc#PED-13728). - idpf: add cross timestamping (jsc#PED-13728). - idpf: add flow steering support (jsc#PED-13728). - virtchnl2: add flow steering support (jsc#PED-13728). - virtchnl2: rename enum virtchnl2_cap_rss (jsc#PED-13728). - idpf: implement get LAN MMIO memory regions (jsc#PED-13728 jsc#PED-13762). - idpf: implement IDC vport aux driver MTU change handler (jsc#PED-13728 jsc#PED-13762). - idpf: implement remaining IDC RDMA core callbacks and handlers (jsc#PED-13728 jsc#PED-13762). - idpf: implement RDMA vport auxiliary dev create, init, and destroy (jsc#PED-13728 jsc#PED-13762). - idpf: implement core RDMA auxiliary dev create, init, and destroy (jsc#PED-13728 jsc#PED-13762). - idpf: use reserved RDMA vectors from control plane (jsc#PED-13728 jsc#PED-13762). - idpf: add support for Rx timestamping (jsc#PED-13728 jsc#PED-13762). - idpf: add Tx timestamp flows (jsc#PED-13728 jsc#PED-13762). - idpf: add Tx timestamp capabilities negotiation (jsc#PED-13728 jsc#PED-13762). - idpf: add PTP clock configuration (jsc#PED-13728 jsc#PED-13762). - idpf: add mailbox access to read PTP clock time (jsc#PED-13728 jsc#PED-13762). - idpf: negotiate PTP capabilities and get PTP clock (jsc#PED-13728 jsc#PED-13762). - idpf: move virtchnl structures to the header file (jsc#PED-13728 jsc#PED-13762). - virtchnl: add PTP virtchnl definitions (jsc#PED-13728 jsc#PED-13762). - idpf: add initial PTP support (jsc#PED-13728 jsc#PED-13762). - idpf: change the method for mailbox workqueue allocation (jsc#PED-13728 jsc#PED-13762). - iidc/ice/irdma: Update IDC to support multiple consumers (jsc#PED-13728 jsc#PED-13762). - ice: Replace ice specific DSCP mapping num with a kernel define (jsc#PED-13728 jsc#PED-13762). - iidc/ice/irdma: Break iidc.h into two headers (jsc#PED-13728 jsc#PED-13762). - iidc/ice/irdma: Rename to iidc_* convention (jsc#PED-13728 jsc#PED-13762). - iidc/ice/irdma: Rename IDC header file (jsc#PED-13728 jsc#PED-13762). - idpf: remove unreachable code from setting mailbox (jsc#PED-13728 jsc#PED-13762). - idpf: assign extracted ptype to struct libeth_rqe_info field (jsc#PED-13728 jsc#PED-13762). - libeth: move idpf_rx_csum_decoded and idpf_rx_extracted (jsc#PED-13728 jsc#PED-13762). - resource: Add resource set range and size helpers (jsc#PED-13728 jsc#PED-13762). - commit 7610740 - smb: client: fix crypto buffers in non-linear memory (bsc#1250491, boo#1239206). - commit 95451c8 - tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650). - commit 458b7be - Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running" (git-fixes). - commit 888e234 - kABI workaround for struct atmdev_ops extension (CVE-2025-39828 bsc#1250205). - commit e17abcd - atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control() (CVE-2025-39828 bsc#1250205). - commit a33e596 - nfsd: fix access checking for NLM under XPRTSEC policies (git-fixes). - commit 373e2d2 - nfsd: Fix NFSD_MAY_BYPASS_GSS and NFSD_MAY_BYPASS_GSS_ON_ROOT (git-fixes). - commit 8f7d330 - NFSD: Fix destination buffer size in nfsd4_ssc_setup_dul() (git-fixes). - commit f2f0b4c - sunrpc: fix null pointer dereference on zero-length checksum (git-fixes). - commit 77680ce - kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime (CVE-2025-38470 bsc#1247288). - commit 872debf - genetlink: fix genl_bind() invoking bind() after -EPERM (CVE-2025-39926 bsc#1250737). - e1000e: fix heap overflow in e1000_set_eeprom (CVE-2025-39898 bsc#1250742). - vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (CVE-2025-39851 bsc#1250296). - commit b1c6264 - ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes). - watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes). - PCI/ACPI: Fix pci_acpi_preserve_config() memory leak (git-fixes). - PCI: xilinx-nwl: Fix ECAM programming (git-fixes). - PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes). - PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes). - PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes). - PCI: rcar-host: Convert struct rcar_msi mask_lock into raw spinlock (git-fixes). - PCI: rcar-host: Drop PMSR spinlock (git-fixes). - PCI: rcar-gen4: Fix inverted break condition in PHY initialization (git-fixes). - PCI: rcar-gen4: Assure reset occurs before DBI access (git-fixes). - PCI: rcar-gen4: Add missing 1ms delay after PWR reset assertion (git-fixes). - PCI: rcar-gen4: Fix PHY initialization (git-fixes). - PCI: keystone: Use devm_request_irq() to free "ks-pcie-error-irq" on exit (git-fixes). - PCI: j721e: Fix incorrect error message in probe() (git-fixes). - PCI: j721e: Fix programming sequence of "strap" settings (git-fixes). - PCI: tegra194: Handle errors in BPMP response (git-fixes). - PCI: tegra194: Reset BARs when running in PCIe endpoint mode (git-fixes). - PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes). - PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes). - PCI/pwrctrl: Fix device leak at registration (git-fixes). - PCI/sysfs: Ensure devices are powered for config reads (git-fixes). - PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes). - PCI/ERR: Fix uevent on failure to recover (git-fixes). - dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes). - phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes). - media: rc: fix races with imon_disconnect() (git-fixes). - commit 89c34cb - arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes) - commit bf06513 - arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes) - commit d06126a - arm64: dts: imx95: Correct the lpuart7 and lpuart8 srcid (git-fixes) - commit d730190 - arm64: dts: imx93-kontron: Fix USB port assignment (git-fixes) - commit 986b7b9 - arm64: dts: imx93-kontron: Fix GPIO for panel regulator (git-fixes) - commit 2c413ce - bpf, arm64: Call bpf_jit_binary_pack_finalize() in bpf_jit_free() (git-fixes) - commit e47726c - arm64: map [_text, _stext) virtual address range (git-fixes) - commit 10168ba - arm64: dts: imx8mp: Correct thermal sensor index (git-fixes) - commit 7d86bf9 - arm64: dts: marvell: cn9132-clearfog: fix multi-lane pci x2 and x4 (git-fixes) - commit da906fa - arm64: dts: marvell: cn9132-clearfog: disable eMMC high-speed modes (git-fixes) - commit 8fbea30 - Refresh new ".init.text.ftrace_trampoline" kABI fix. First version made modules build before patch [1] fail to load. [1] a7ed7b9d0ebb0 "arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module with CONFIG_DYNAMIC_FTRACE" - commit 6910b1a ++++ pcr-oracle: - Update to 0.5.8 + Fix unsealing failure when using non default PCR bank + Extra checks for TPM self-test (bsc#1249079) ++++ suse-module-tools: - Update to version 16.0.61: * weak-modules2: skip livepatch dir when checking for unresolved symbols (bsc#1250655) ------------------------------------------------------------------ ------------------ 2025-10-6 - Oct 6 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952). - commit 2e6fdfd - scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes). - scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes). - scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes). - scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes). - scsi: qla2xxx: Remove firmware URL (git-fixes). - scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes). - commit f40dfff - scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519). - scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519). - scsi: lpfc: Convert debugfs directory counts from atomic to unsigned int (bsc#1250519). - scsi: lpfc: Clean up extraneous phba dentries (bsc#1250519). - scsi: lpfc: Use switch case statements in DIF debugfs handlers (bsc#1250519). - scsi: lpfc: Define size of debugfs entry for xri rebalancing (bsc#1250519). - scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519). - scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519). - scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519). - scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519). - scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519). - scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519). - scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519). - scsi: lpfc: Use int type to store negative error codes (bsc#1250519). - scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519). - scsi: lpfc: use min() to improve code (bsc#1250519). - scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519). - scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519). - scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519). - lpfc: don't use file->f_path.dentry for comparisons (bsc#1250519). - commit 833345a - nvme-tcp: send only permitted commands for secure concat (git-fixes). - nvme-auth: update bi_directional flag (git-fixes). - nvme: fix PI insert on write (git-fixes). - commit bfff0fa - nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500). - nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500). - nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500). - nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500). - commit 343e69e - ppp: fix memory leak in pad_compress_skb (CVE-2025-39847 bsc#1250292). - ixgbe: fix incorrect map used in eee linkmode (CVE-2025-39922 bsc#1250722). - ice: fix NULL access of tx->in_use in ice_ll_ts_intr (CVE-2025-39854 bsc#1250297). - vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (CVE-2025-39850 bsc#1250276). - commit bb7194b - NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes). - commit 875c2e0 - igb: Fix NULL pointer dereference in ethtool loopback test (CVE-2025-39875 bsc#1250398) - commit 42c851b - sched/deadline: Initialize dl_servers after SMP (git-fixes) - commit 6da3701 - sched_ext, sched/core: Don't call scx_group_set_weight() (git-fixes) - commit ea277bd - cpufreq/sched: Explicitly synchronize limits_changed flag (git-fixes) - commit aa9d54c - cpufreq/sched: Fix the usage of CPUFREQ_NEED_UPDATE_LIMITS (git-fixes) - commit 74fd037 - sched_ext: Fix invalid irq restore in scx_ops_bypass() (bsc#1235953 CVE-2024-57891) - commit 9fe8fce - Update patches.suse/ACPI-APEI-send-SIGBUS-to-current-task-if-synchronous.patch (stable-fixes CVE-2025-39763 bsc#1249615). - Update patches.suse/ACPI-pfr_update-Fix-the-driver-update-version-check.patch (git-fixes CVE-2025-39701 bsc#1249308). - Update patches.suse/ALSA-hda-ca0132-Fix-buffer-overflow-in-add_tuning_co.patch (stable-fixes CVE-2025-39751 bsc#1249538). - Update patches.suse/ALSA-timer-fix-ida_free-call-while-not-allocated.patch (git-fixes CVE-2025-39765 bsc#1249509). - Update patches.suse/ALSA-usb-audio-Validate-UAC3-cluster-segment-descrip.patch (git-fixes CVE-2025-39757 bsc#1249515). - Update patches.suse/ALSA-usb-audio-Validate-UAC3-power-domain-descriptor.patch (git-fixes CVE-2025-38729 bsc#1249164). - Update patches.suse/ASoC-core-Check-for-rtd-NULL-in-snd_soc_remove_pcm_r.patch (stable-fixes CVE-2025-38706 bsc#1249195). - Update patches.suse/Bluetooth-Fix-use-after-free-in-l2cap_sock_cleanup_l.patch (git-fixes CVE-2025-39860 bsc#1250247). - Update patches.suse/Bluetooth-l2cap-Check-encryption-key-size-on-incomin.patch (git-fixes CVE-2025-39889 bsc#1249833). - Update patches.suse/Bluetooth-vhci-Prevent-use-after-free-by-removing-de.patch (git-fixes CVE-2025-39861 bsc#1250249). - Update patches.suse/HID-asus-fix-UAF-via-HID_CLAIMED_INPUT-validation.patch (git-fixes CVE-2025-39824 bsc#1250007). - Update patches.suse/HID-hid-ntrig-fix-unable-to-handle-page-fault-in-ntr.patch (stable-fixes CVE-2025-39808 bsc#1250088). - Update patches.suse/HID-multitouch-fix-slab-out-of-bounds-access-in-mt_r.patch (git-fixes CVE-2025-39806 bsc#1249888). - Update patches.suse/NFS-Fix-a-race-when-updating-an-existing-write.patch (git-fixes CVE-2025-39697 bsc#1249319). - Update patches.suse/NFS-Fix-filehandle-bounds-checking-in-nfs_fh_to_dentry.patch (git-fixes CVE-2025-39730 bsc#1249296). - Update patches.suse/NFS-Fix-the-setting-of-capabilities-when-automounting-a-new-filesystem.patch (git-fixes CVE-2025-39798 bsc#1249774). - Update patches.suse/PCI-endpoint-Fix-configfs-group-list-head-handling.patch (git-fixes CVE-2025-39783 bsc#1249486). - Update patches.suse/RDMA-hfi1-fix-possible-divide-by-zero-in-find_hw_thr.patch (git-fixes CVE-2025-39742 bsc#1249479). - Update patches.suse/RDMA-rxe-Flush-delayed-SKBs-while-releasing-RXE-reso.patch (git-fixes CVE-2025-39695 bsc#1249306). - Update patches.suse/RDMA-siw-Fix-the-sendmsg-byte-count-in-siw_tcp_sendp.patch (git-fixes CVE-2025-39758 bsc#1249490). - Update patches.suse/accel-ivpu-Prevent-recovery-work-from-being-queued-d.patch (git-fixes CVE-2025-39896 bsc#1250716). - Update patches.suse/ax25-properly-unshare-skbs-in-ax25_kiss_rcv.patch (git-fixes CVE-2025-39848 bsc#1250298). - Update patches.suse/batman-adv-fix-OOB-read-write-in-network-coding-deco.patch (git-fixes CVE-2025-39839 bsc#1250291). - Update patches.suse/bnxt_en-Fix-memory-corruption-when-FW-resources-chan.patch (git-fixes CVE-2025-39810 bsc#1249975). - Update patches.suse/bpf-Forget-ranges-when-refining-tnum-after-JSET.patch (git-fixes CVE-2025-39748 bsc#1249587). - Update patches.suse/btrfs-abort-transaction-on-unexpected-eb-generation-.patch (git-fixes CVE-2025-39800 bsc#1250177). - Update patches.suse/btrfs-do-not-allow-relocation-of-partially-dropped-s.patch (bsc#1249540 CVE-2025-39738). - Update patches.suse/btrfs-fix-subvolume-deletion-lockup-caused-by-inodes.patch (git-fixes CVE-2025-39884 bsc#1250386). - Update patches.suse/btrfs-qgroup-fix-race-between-quota-disable-and-quot.patch (git-fixes CVE-2025-39759 bsc#1249522). - Update patches.suse/bus-mhi-host-Detect-events-pointing-to-unexpected-TR.patch (git-fixes CVE-2025-39790 bsc#1249548). - Update patches.suse/can-j1939-implement-NETDEV_UNREGISTER-notification-h.patch (git-fixes CVE-2025-39925 bsc#1250736). - Update patches.suse/can-xilinx_can-xcan_write_frame-fix-use-after-free-o.patch (git-fixes CVE-2025-39873 bsc#1250371). - Update patches.suse/comedi-Fix-use-of-uninitialized-memory-in-do_insn_io.patch (git-fixes CVE-2025-39684 bsc#1249281). - Update patches.suse/comedi-Make-insn_rw_emulate_bits-do-insn-n-samples.patch (git-fixes CVE-2025-39686 bsc#1249312). - Update patches.suse/comedi-fix-race-between-polling-and-detaching.patch (git-fixes CVE-2025-38687 bsc#1249177). - Update patches.suse/comedi-pcl726-Prevent-invalid-irq-number.patch (git-fixes CVE-2025-39685 bsc#1249282). - Update patches.suse/crypto-caam-Prevent-crash-on-suspend-with-iMX8QM-iMX.patch (git-fixes CVE-2025-39722 bsc#1249301). - Update patches.suse/crypto-qat-flush-misc-workqueue-during-device-shutdo.patch (git-fixes CVE-2025-39721 bsc#1249323). - Update patches.suse/dmaengine-idxd-Fix-double-free-in-idxd_setup_wqs.patch (git-fixes CVE-2025-39870 bsc#1250402). - Update patches.suse/dmaengine-idxd-Remove-improper-idxd_free.patch (git-fixes CVE-2025-39871 bsc#1250377). - Update patches.suse/dmaengine-qcom-bam_dma-Fix-DT-error-handling-for-num.patch (git-fixes CVE-2025-39923 bsc#1250741). - Update patches.suse/dmaengine-ti-edma-Fix-memory-allocation-size-for-que.patch (git-fixes CVE-2025-39869 bsc#1250406). - Update patches.suse/drm-amd-display-Add-null-pointer-check-in-mod_hdcp_h.patch (git-fixes CVE-2025-39675 bsc#1249263). - Update patches.suse/drm-amd-display-Avoid-a-NULL-pointer-dereference.patch (stable-fixes CVE-2025-39693 bsc#1249279). - Update patches.suse/drm-amd-display-fix-a-Null-pointer-dereference-vulne.patch (stable-fixes CVE-2025-39705 bsc#1249295). - Update patches.suse/drm-amd-pm-fix-null-pointer-access.patch (stable-fixes CVE-2025-38705 bsc#1249334). - Update patches.suse/drm-amdgpu-check-if-hubbub-is-NULL-in-debugfs-amdgpu.patch (stable-fixes CVE-2025-39707 bsc#1249333). - Update patches.suse/drm-amdkfd-Destroy-KFD-debugfs-after-destroy-KFD-wq.patch (stable-fixes CVE-2025-39706 bsc#1249413). - Update patches.suse/drm-hisilicon-hibmc-fix-the-hibmc-loaded-failed-bug.patch (git-fixes CVE-2025-39772 bsc#1249506). - Update patches.suse/drm-mediatek-Add-error-handling-for-old-state-CRTC-i.patch (git-fixes CVE-2025-39807 bsc#1249887). - Update patches.suse/drm-mediatek-fix-potential-OF-node-use-after-free.patch (git-fixes CVE-2025-39882 bsc#1250389). - Update patches.suse/drm-msm-Add-error-handling-for-krealloc-in-metadata-.patch (stable-fixes CVE-2025-39747 bsc#1249566). - Update patches.suse/drm-nouveau-nvif-Fix-potential-memory-leak-in-nvif_v.patch (git-fixes CVE-2025-39679 bsc#1249338). - Update patches.suse/drm-xe-Make-dma-fences-compliant-with-the-safe-acces.patch (stable-fixes CVE-2025-38703 bsc#1249193). - Update patches.suse/drm-xe-vm-Clear-the-scratch_pt-pointer-on-error.patch (git-fixes CVE-2025-39811 bsc#1249915). - Update patches.suse/efi-stmm-Fix-incorrect-buffer-allocation-method.patch (git-fixes CVE-2025-39836 bsc#1249904). - Update patches.suse/exfat-add-cluster-chain-loop-check-for-dir.patch (git-fixes CVE-2025-38692 bsc#1249221). - Update patches.suse/fbdev-Fix-vmalloc-out-of-bounds-write-in-fast_imageb.patch (stable-fixes CVE-2025-38685 bsc#1249220). - Update patches.suse/fbdev-fix-potential-buffer-overflow-in-do_register_f.patch (stable-fixes CVE-2025-38702 bsc#1249254). - Update patches.suse/gve-prevent-ethtool-ops-after-shutdown.patch (git-fixes CVE-2025-38735 bsc#1249288). - Update patches.suse/habanalabs-fix-UAF-in-export_dmabuf.patch (git-fixes CVE-2025-38722 bsc#1249163). - Update patches.suse/iio-imu-bno055-fix-OOB-access-of-hw_xlate-array.patch (git-fixes CVE-2025-39719 bsc#1249271). - Update patches.suse/iio-light-as73211-Ensure-buffer-holes-are-zeroed.patch (git-fixes CVE-2025-39687 bsc#1249316). - Update patches.suse/iommu-arm-smmu-qcom-Add-SM6115-MDSS-compatible.patch (git-fixes CVE-2025-39739 bsc#1249542). - Update patches.suse/mISDN-hfcpci-Fix-warning-when-deleting-uninitialized.patch (git-fixes CVE-2025-39833 bsc#1250028). - Update patches.suse/media-dvb-frontends-dib7090p-fix-null-ptr-deref-in-d.patch (stable-fixes CVE-2025-38694 bsc#1249272). - Update patches.suse/media-dvb-frontends-w7090p-fix-null-ptr-deref-in-w70.patch (stable-fixes CVE-2025-38693 bsc#1249190). - Update patches.suse/media-ivsc-Fix-crash-at-shutdown-due-to-missing-mei_.patch (git-fixes CVE-2025-39711 bsc#1249274). - Update patches.suse/media-mt9m114-Fix-deadlock-in-get_frame_interval-set.patch (git-fixes CVE-2025-39712 bsc#1249269). - Update patches.suse/media-rainshadow-cec-fix-TOCTOU-race-condition-in-ra.patch (git-fixes CVE-2025-39713 bsc#1249321). - Update patches.suse/media-usbtv-Lock-resolution-while-streaming.patch (git-fixes CVE-2025-39714 bsc#1249273). - Update patches.suse/media-uvcvideo-Fix-1-byte-out-of-bounds-read-in-uvc_.patch (git-fixes CVE-2025-38680 bsc#1249203). - Update patches.suse/media-venus-Add-a-check-for-packet-size-after-readin.patch (git-fixes CVE-2025-39710 bsc#1249304). - Update patches.suse/media-venus-Fix-OOB-read-due-to-missing-payload-boun.patch (git-fixes CVE-2025-38679 bsc#1249202). - Update patches.suse/media-venus-protect-against-spurious-interrupts-duri.patch (git-fixes CVE-2025-39709 bsc#1249278). - Update patches.suse/mm-damon-lru_sort-avoid-divide-by-zero-in-damon_lru_.patch (git-fixes CVE-2025-39909 bsc#1250711). - Update patches.suse/mm-damon-ops-common-ignore-migration-request-to-inva.patch (git-fixes CVE-2025-39700 bsc#1249309). - Update patches.suse/mm-damon-reclaim-avoid-divide-by-zero-in-damon_recla.patch (git-fixes CVE-2025-39916 bsc#1250719). - Update patches.suse/mm-damon-sysfs-fix-use-after-free-in-state_show.patch (git-fixes CVE-2025-39877 bsc#1250408). - Update patches.suse/mm-move-page-table-sync-declarations-to-linux-pgtabl.patch (git-fixes CVE-2025-39844 bsc#1250268). - Update patches.suse/mm-ptdump-take-the-memory-hotplug-lock-inside-ptdump_walk_.patch (git-fixes CVE-2025-38681 bsc#1249204). - Update patches.suse/mm-swap-fix-potential-buffer-overflow-in-setup_clust.patch (git-fixes CVE-2025-39727 bsc#1249297). - Update patches.suse/mm-userfaultfd-fix-kmap_local-LIFO-ordering-for-CONF.patch (git-fixes CVE-2025-39899 bsc#1250739). - Update patches.suse/msft-hv-3329-hv_netvsc-Fix-panic-during-namespace-deletion-with-V.patch (bsc#1248111 CVE-2025-38683 bsc#1249159). - Update patches.suse/mtd-rawnand-stm32_fmc2-avoid-overlapping-mappings-on.patch (git-fixes CVE-2025-39907 bsc#1250713). - Update patches.suse/net-mlx5-Fix-lockdep-assertion-on-sync-reset-unload-.patch (git-fixes CVE-2025-39832 bsc#1249901). - Update patches.suse/net-mlx5-HWS-Fix-memory-leak-in-hws_action_get_share.patch (git-fixes CVE-2025-39834 bsc#1250021). - Update patches.suse/net-rose-convert-use-field-to-refcount_t.patch (git-fixes CVE-2025-39826 bsc#1250203). - Update patches.suse/net-rose-include-node-references-in-rose_neigh-refco.patch (git-fixes CVE-2025-39827 bsc#1250204). - Update patches.suse/net-usb-asix_devices-Fix-PHY-address-mask-in-MDIO-bu.patch (git-fixes CVE-2025-38736 bsc#1249318). - Update patches.suse/net-usb-asix_devices-add-phy_mask-for-ax88772-mdio-b.patch (git-fixes CVE-2025-38725 bsc#1249170). - Update patches.suse/netfilter-ctnetlink-fix-refcount-leak-on-table-dump.patch (git-fixes CVE-2025-38721 bsc#1249176). - Update patches.suse/netlink-avoid-infinite-retry-looping-in-netlink_unic.patch (CVE-2025-38465 bsc#1247118 CVE-2025-38727 bsc#1249166). - Update patches.suse/nfsd-handle-get_client_locked-failure-in-nfsd4_setclientid_confirm.patch (git-fixes CVE-2025-38724 bsc#1249169). - Update patches.suse/pNFS-Fix-uninited-ptr-deref-in-block-scsi-layout.patch (git-fixes CVE-2025-38691 bsc#1249215). - Update patches.suse/platform-x86-amd-hsmp-Ensure-sock-metric_tbl_addr-is.patch (git-fixes CVE-2025-39678 bsc#1249290). - Update patches.suse/s390-ism-fix-concurrency-management-in-ism_cmd.patch (git-fixes bsc#1247372 CVE-2025-39726 bsc#1249266). - Update patches.suse/s390-mm-Do-not-map-lowcore-with-identity-mapping.patch (git-fixes bsc#1249066 CVE-2025-38733 bsc#1249313). - Update patches.suse/s390-sclp-Fix-SCCB-present-check.patch (git-fixes bsc#1249065 CVE-2025-39694 bsc#1249299). - Update patches.suse/scsi-lpfc-Check-for-hdwq-null-ptr-when-cleaning-up-l.patch (bsc#1245260 bsc#1243100 bsc#1246125 CVE-2025-38695 bsc#1249285). - Update patches.suse/scsi-ufs-exynos-Fix-programming-of-HCI_UTRL_NEXUS_TYPE.patch (git-fixes CVE-2025-39788 bsc#1249547). - Update patches.suse/serial-8250-fix-panic-due-to-PSLVERR.patch (git-fixes CVE-2025-39724 bsc#1249265). - Update patches.suse/soc-qcom-mdt_loader-Ensure-we-don-t-read-past-the-EL.patch (git-fixes CVE-2025-39787 bsc#1249545). - Update patches.suse/usb-core-config-Prevent-OOB-read-in-SS-endpoint-comp.patch (stable-fixes CVE-2025-39760 bsc#1249598). - Update patches.suse/usb-dwc3-Remove-WARN_ON-for-device-endpoint-command-.patch (stable-fixes CVE-2025-39801 bsc#1250450). - Update patches.suse/vsock-virtio-Validate-length-in-packet-header-before.patch (git-fixes CVE-2025-39718 bsc#1249305). - Update patches.suse/wifi-ath10k-shutdown-driver-when-hardware-is-unrelia.patch (stable-fixes CVE-2025-39746 bsc#1249516). - Update patches.suse/wifi-ath11k-fix-sleeping-in-atomic-in-ath11k_mac_op_.patch (git-fixes CVE-2025-39732 bsc#1249292). - Update patches.suse/wifi-ath12k-Correct-tid-cleanup-when-tid-setup-fails.patch (stable-fixes CVE-2025-39750 bsc#1249523). - Update patches.suse/wifi-ath12k-Decrement-TID-on-RX-peer-frag-setup-erro.patch (stable-fixes CVE-2025-39761 bsc#1249554). - Update patches.suse/wifi-ath12k-fix-memory-leak-in-ath12k_service_ready_.patch (git-fixes CVE-2025-39890 bsc#1250334). - Update patches.suse/wifi-brcmfmac-fix-use-after-free-when-rescheduling-b.patch (git-fixes CVE-2025-39863 bsc#1250281). - Update patches.suse/wifi-cfg80211-fix-use-after-free-in-cmp_bss.patch (git-fixes CVE-2025-39864 bsc#1250242). - Update patches.suse/wifi-cfg80211-sme-cap-SSID-length-in-__cfg80211_conn.patch (git-fixes CVE-2025-39849 bsc#1250266). - Update patches.suse/wifi-mt76-fix-linked-list-corruption.patch (git-fixes CVE-2025-39918 bsc#1250729). - Update patches.suse/wifi-mwifiex-Initialize-the-chan_stats-array-to-zero.patch (git-fixes CVE-2025-39891 bsc#1250712). - Update patches.suse/x86-mm-64-define-ARCH_PAGE_TABLE_SYNC_MASK-and-arch_.patch (git-fixes CVE-2025-39845 bsc#1250262). - Update patches.suse/xfs-do-not-propagate-ENODATA-disk-errors-into-xattr-code.patch (git-fixes CVE-2025-39835 bsc#1250025). - commit ccb1ac6 - i40e: Fix potential invalid access when MAC list is empty (CVE-2025-39853 bsc#1250275) - commit eaef03f - RDMA/siw: Always report immediate post SQ errors (git-fixes) - commit 6353dba - RDMA/rxe: Fix race in do_task() when draining (git-fixes) - commit b9fe6cd - IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes) - commit d793b3b - RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes) - commit 5f77a41 - RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes) - commit 8c45dbb - RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes) - commit d3a8859 - RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes) - commit d4e0310 ++++ kernel-rt: - wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952). - commit 2e6fdfd - scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes). - scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes). - scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes). - scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes). - scsi: qla2xxx: Remove firmware URL (git-fixes). - scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes). - commit f40dfff - scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519). - scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519). - scsi: lpfc: Convert debugfs directory counts from atomic to unsigned int (bsc#1250519). - scsi: lpfc: Clean up extraneous phba dentries (bsc#1250519). - scsi: lpfc: Use switch case statements in DIF debugfs handlers (bsc#1250519). - scsi: lpfc: Define size of debugfs entry for xri rebalancing (bsc#1250519). - scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519). - scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519). - scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519). - scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519). - scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519). - scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519). - scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519). - scsi: lpfc: Use int type to store negative error codes (bsc#1250519). - scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519). - scsi: lpfc: use min() to improve code (bsc#1250519). - scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519). - scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519). - scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519). - lpfc: don't use file->f_path.dentry for comparisons (bsc#1250519). - commit 833345a - nvme-tcp: send only permitted commands for secure concat (git-fixes). - nvme-auth: update bi_directional flag (git-fixes). - nvme: fix PI insert on write (git-fixes). - commit bfff0fa - nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500). - nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500). - nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500). - nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500). - commit 343e69e - ppp: fix memory leak in pad_compress_skb (CVE-2025-39847 bsc#1250292). - ixgbe: fix incorrect map used in eee linkmode (CVE-2025-39922 bsc#1250722). - ice: fix NULL access of tx->in_use in ice_ll_ts_intr (CVE-2025-39854 bsc#1250297). - vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (CVE-2025-39850 bsc#1250276). - commit bb7194b - NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes). - commit 875c2e0 - igb: Fix NULL pointer dereference in ethtool loopback test (CVE-2025-39875 bsc#1250398) - commit 42c851b - sched/deadline: Initialize dl_servers after SMP (git-fixes) - commit 6da3701 - sched_ext, sched/core: Don't call scx_group_set_weight() (git-fixes) - commit ea277bd - cpufreq/sched: Explicitly synchronize limits_changed flag (git-fixes) - commit aa9d54c - cpufreq/sched: Fix the usage of CPUFREQ_NEED_UPDATE_LIMITS (git-fixes) - commit 74fd037 - sched_ext: Fix invalid irq restore in scx_ops_bypass() (bsc#1235953 CVE-2024-57891) - commit 9fe8fce - Update patches.suse/ACPI-APEI-send-SIGBUS-to-current-task-if-synchronous.patch (stable-fixes CVE-2025-39763 bsc#1249615). - Update patches.suse/ACPI-pfr_update-Fix-the-driver-update-version-check.patch (git-fixes CVE-2025-39701 bsc#1249308). - Update patches.suse/ALSA-hda-ca0132-Fix-buffer-overflow-in-add_tuning_co.patch (stable-fixes CVE-2025-39751 bsc#1249538). - Update patches.suse/ALSA-timer-fix-ida_free-call-while-not-allocated.patch (git-fixes CVE-2025-39765 bsc#1249509). - Update patches.suse/ALSA-usb-audio-Validate-UAC3-cluster-segment-descrip.patch (git-fixes CVE-2025-39757 bsc#1249515). - Update patches.suse/ALSA-usb-audio-Validate-UAC3-power-domain-descriptor.patch (git-fixes CVE-2025-38729 bsc#1249164). - Update patches.suse/ASoC-core-Check-for-rtd-NULL-in-snd_soc_remove_pcm_r.patch (stable-fixes CVE-2025-38706 bsc#1249195). - Update patches.suse/Bluetooth-Fix-use-after-free-in-l2cap_sock_cleanup_l.patch (git-fixes CVE-2025-39860 bsc#1250247). - Update patches.suse/Bluetooth-l2cap-Check-encryption-key-size-on-incomin.patch (git-fixes CVE-2025-39889 bsc#1249833). - Update patches.suse/Bluetooth-vhci-Prevent-use-after-free-by-removing-de.patch (git-fixes CVE-2025-39861 bsc#1250249). - Update patches.suse/HID-asus-fix-UAF-via-HID_CLAIMED_INPUT-validation.patch (git-fixes CVE-2025-39824 bsc#1250007). - Update patches.suse/HID-hid-ntrig-fix-unable-to-handle-page-fault-in-ntr.patch (stable-fixes CVE-2025-39808 bsc#1250088). - Update patches.suse/HID-multitouch-fix-slab-out-of-bounds-access-in-mt_r.patch (git-fixes CVE-2025-39806 bsc#1249888). - Update patches.suse/NFS-Fix-a-race-when-updating-an-existing-write.patch (git-fixes CVE-2025-39697 bsc#1249319). - Update patches.suse/NFS-Fix-filehandle-bounds-checking-in-nfs_fh_to_dentry.patch (git-fixes CVE-2025-39730 bsc#1249296). - Update patches.suse/NFS-Fix-the-setting-of-capabilities-when-automounting-a-new-filesystem.patch (git-fixes CVE-2025-39798 bsc#1249774). - Update patches.suse/PCI-endpoint-Fix-configfs-group-list-head-handling.patch (git-fixes CVE-2025-39783 bsc#1249486). - Update patches.suse/RDMA-hfi1-fix-possible-divide-by-zero-in-find_hw_thr.patch (git-fixes CVE-2025-39742 bsc#1249479). - Update patches.suse/RDMA-rxe-Flush-delayed-SKBs-while-releasing-RXE-reso.patch (git-fixes CVE-2025-39695 bsc#1249306). - Update patches.suse/RDMA-siw-Fix-the-sendmsg-byte-count-in-siw_tcp_sendp.patch (git-fixes CVE-2025-39758 bsc#1249490). - Update patches.suse/accel-ivpu-Prevent-recovery-work-from-being-queued-d.patch (git-fixes CVE-2025-39896 bsc#1250716). - Update patches.suse/ax25-properly-unshare-skbs-in-ax25_kiss_rcv.patch (git-fixes CVE-2025-39848 bsc#1250298). - Update patches.suse/batman-adv-fix-OOB-read-write-in-network-coding-deco.patch (git-fixes CVE-2025-39839 bsc#1250291). - Update patches.suse/bnxt_en-Fix-memory-corruption-when-FW-resources-chan.patch (git-fixes CVE-2025-39810 bsc#1249975). - Update patches.suse/bpf-Forget-ranges-when-refining-tnum-after-JSET.patch (git-fixes CVE-2025-39748 bsc#1249587). - Update patches.suse/btrfs-abort-transaction-on-unexpected-eb-generation-.patch (git-fixes CVE-2025-39800 bsc#1250177). - Update patches.suse/btrfs-do-not-allow-relocation-of-partially-dropped-s.patch (bsc#1249540 CVE-2025-39738). - Update patches.suse/btrfs-fix-subvolume-deletion-lockup-caused-by-inodes.patch (git-fixes CVE-2025-39884 bsc#1250386). - Update patches.suse/btrfs-qgroup-fix-race-between-quota-disable-and-quot.patch (git-fixes CVE-2025-39759 bsc#1249522). - Update patches.suse/bus-mhi-host-Detect-events-pointing-to-unexpected-TR.patch (git-fixes CVE-2025-39790 bsc#1249548). - Update patches.suse/can-j1939-implement-NETDEV_UNREGISTER-notification-h.patch (git-fixes CVE-2025-39925 bsc#1250736). - Update patches.suse/can-xilinx_can-xcan_write_frame-fix-use-after-free-o.patch (git-fixes CVE-2025-39873 bsc#1250371). - Update patches.suse/comedi-Fix-use-of-uninitialized-memory-in-do_insn_io.patch (git-fixes CVE-2025-39684 bsc#1249281). - Update patches.suse/comedi-Make-insn_rw_emulate_bits-do-insn-n-samples.patch (git-fixes CVE-2025-39686 bsc#1249312). - Update patches.suse/comedi-fix-race-between-polling-and-detaching.patch (git-fixes CVE-2025-38687 bsc#1249177). - Update patches.suse/comedi-pcl726-Prevent-invalid-irq-number.patch (git-fixes CVE-2025-39685 bsc#1249282). - Update patches.suse/crypto-caam-Prevent-crash-on-suspend-with-iMX8QM-iMX.patch (git-fixes CVE-2025-39722 bsc#1249301). - Update patches.suse/crypto-qat-flush-misc-workqueue-during-device-shutdo.patch (git-fixes CVE-2025-39721 bsc#1249323). - Update patches.suse/dmaengine-idxd-Fix-double-free-in-idxd_setup_wqs.patch (git-fixes CVE-2025-39870 bsc#1250402). - Update patches.suse/dmaengine-idxd-Remove-improper-idxd_free.patch (git-fixes CVE-2025-39871 bsc#1250377). - Update patches.suse/dmaengine-qcom-bam_dma-Fix-DT-error-handling-for-num.patch (git-fixes CVE-2025-39923 bsc#1250741). - Update patches.suse/dmaengine-ti-edma-Fix-memory-allocation-size-for-que.patch (git-fixes CVE-2025-39869 bsc#1250406). - Update patches.suse/drm-amd-display-Add-null-pointer-check-in-mod_hdcp_h.patch (git-fixes CVE-2025-39675 bsc#1249263). - Update patches.suse/drm-amd-display-Avoid-a-NULL-pointer-dereference.patch (stable-fixes CVE-2025-39693 bsc#1249279). - Update patches.suse/drm-amd-display-fix-a-Null-pointer-dereference-vulne.patch (stable-fixes CVE-2025-39705 bsc#1249295). - Update patches.suse/drm-amd-pm-fix-null-pointer-access.patch (stable-fixes CVE-2025-38705 bsc#1249334). - Update patches.suse/drm-amdgpu-check-if-hubbub-is-NULL-in-debugfs-amdgpu.patch (stable-fixes CVE-2025-39707 bsc#1249333). - Update patches.suse/drm-amdkfd-Destroy-KFD-debugfs-after-destroy-KFD-wq.patch (stable-fixes CVE-2025-39706 bsc#1249413). - Update patches.suse/drm-hisilicon-hibmc-fix-the-hibmc-loaded-failed-bug.patch (git-fixes CVE-2025-39772 bsc#1249506). - Update patches.suse/drm-mediatek-Add-error-handling-for-old-state-CRTC-i.patch (git-fixes CVE-2025-39807 bsc#1249887). - Update patches.suse/drm-mediatek-fix-potential-OF-node-use-after-free.patch (git-fixes CVE-2025-39882 bsc#1250389). - Update patches.suse/drm-msm-Add-error-handling-for-krealloc-in-metadata-.patch (stable-fixes CVE-2025-39747 bsc#1249566). - Update patches.suse/drm-nouveau-nvif-Fix-potential-memory-leak-in-nvif_v.patch (git-fixes CVE-2025-39679 bsc#1249338). - Update patches.suse/drm-xe-Make-dma-fences-compliant-with-the-safe-acces.patch (stable-fixes CVE-2025-38703 bsc#1249193). - Update patches.suse/drm-xe-vm-Clear-the-scratch_pt-pointer-on-error.patch (git-fixes CVE-2025-39811 bsc#1249915). - Update patches.suse/efi-stmm-Fix-incorrect-buffer-allocation-method.patch (git-fixes CVE-2025-39836 bsc#1249904). - Update patches.suse/exfat-add-cluster-chain-loop-check-for-dir.patch (git-fixes CVE-2025-38692 bsc#1249221). - Update patches.suse/fbdev-Fix-vmalloc-out-of-bounds-write-in-fast_imageb.patch (stable-fixes CVE-2025-38685 bsc#1249220). - Update patches.suse/fbdev-fix-potential-buffer-overflow-in-do_register_f.patch (stable-fixes CVE-2025-38702 bsc#1249254). - Update patches.suse/gve-prevent-ethtool-ops-after-shutdown.patch (git-fixes CVE-2025-38735 bsc#1249288). - Update patches.suse/habanalabs-fix-UAF-in-export_dmabuf.patch (git-fixes CVE-2025-38722 bsc#1249163). - Update patches.suse/iio-imu-bno055-fix-OOB-access-of-hw_xlate-array.patch (git-fixes CVE-2025-39719 bsc#1249271). - Update patches.suse/iio-light-as73211-Ensure-buffer-holes-are-zeroed.patch (git-fixes CVE-2025-39687 bsc#1249316). - Update patches.suse/iommu-arm-smmu-qcom-Add-SM6115-MDSS-compatible.patch (git-fixes CVE-2025-39739 bsc#1249542). - Update patches.suse/mISDN-hfcpci-Fix-warning-when-deleting-uninitialized.patch (git-fixes CVE-2025-39833 bsc#1250028). - Update patches.suse/media-dvb-frontends-dib7090p-fix-null-ptr-deref-in-d.patch (stable-fixes CVE-2025-38694 bsc#1249272). - Update patches.suse/media-dvb-frontends-w7090p-fix-null-ptr-deref-in-w70.patch (stable-fixes CVE-2025-38693 bsc#1249190). - Update patches.suse/media-ivsc-Fix-crash-at-shutdown-due-to-missing-mei_.patch (git-fixes CVE-2025-39711 bsc#1249274). - Update patches.suse/media-mt9m114-Fix-deadlock-in-get_frame_interval-set.patch (git-fixes CVE-2025-39712 bsc#1249269). - Update patches.suse/media-rainshadow-cec-fix-TOCTOU-race-condition-in-ra.patch (git-fixes CVE-2025-39713 bsc#1249321). - Update patches.suse/media-usbtv-Lock-resolution-while-streaming.patch (git-fixes CVE-2025-39714 bsc#1249273). - Update patches.suse/media-uvcvideo-Fix-1-byte-out-of-bounds-read-in-uvc_.patch (git-fixes CVE-2025-38680 bsc#1249203). - Update patches.suse/media-venus-Add-a-check-for-packet-size-after-readin.patch (git-fixes CVE-2025-39710 bsc#1249304). - Update patches.suse/media-venus-Fix-OOB-read-due-to-missing-payload-boun.patch (git-fixes CVE-2025-38679 bsc#1249202). - Update patches.suse/media-venus-protect-against-spurious-interrupts-duri.patch (git-fixes CVE-2025-39709 bsc#1249278). - Update patches.suse/mm-damon-lru_sort-avoid-divide-by-zero-in-damon_lru_.patch (git-fixes CVE-2025-39909 bsc#1250711). - Update patches.suse/mm-damon-ops-common-ignore-migration-request-to-inva.patch (git-fixes CVE-2025-39700 bsc#1249309). - Update patches.suse/mm-damon-reclaim-avoid-divide-by-zero-in-damon_recla.patch (git-fixes CVE-2025-39916 bsc#1250719). - Update patches.suse/mm-damon-sysfs-fix-use-after-free-in-state_show.patch (git-fixes CVE-2025-39877 bsc#1250408). - Update patches.suse/mm-move-page-table-sync-declarations-to-linux-pgtabl.patch (git-fixes CVE-2025-39844 bsc#1250268). - Update patches.suse/mm-ptdump-take-the-memory-hotplug-lock-inside-ptdump_walk_.patch (git-fixes CVE-2025-38681 bsc#1249204). - Update patches.suse/mm-swap-fix-potential-buffer-overflow-in-setup_clust.patch (git-fixes CVE-2025-39727 bsc#1249297). - Update patches.suse/mm-userfaultfd-fix-kmap_local-LIFO-ordering-for-CONF.patch (git-fixes CVE-2025-39899 bsc#1250739). - Update patches.suse/msft-hv-3329-hv_netvsc-Fix-panic-during-namespace-deletion-with-V.patch (bsc#1248111 CVE-2025-38683 bsc#1249159). - Update patches.suse/mtd-rawnand-stm32_fmc2-avoid-overlapping-mappings-on.patch (git-fixes CVE-2025-39907 bsc#1250713). - Update patches.suse/net-mlx5-Fix-lockdep-assertion-on-sync-reset-unload-.patch (git-fixes CVE-2025-39832 bsc#1249901). - Update patches.suse/net-mlx5-HWS-Fix-memory-leak-in-hws_action_get_share.patch (git-fixes CVE-2025-39834 bsc#1250021). - Update patches.suse/net-rose-convert-use-field-to-refcount_t.patch (git-fixes CVE-2025-39826 bsc#1250203). - Update patches.suse/net-rose-include-node-references-in-rose_neigh-refco.patch (git-fixes CVE-2025-39827 bsc#1250204). - Update patches.suse/net-usb-asix_devices-Fix-PHY-address-mask-in-MDIO-bu.patch (git-fixes CVE-2025-38736 bsc#1249318). - Update patches.suse/net-usb-asix_devices-add-phy_mask-for-ax88772-mdio-b.patch (git-fixes CVE-2025-38725 bsc#1249170). - Update patches.suse/netfilter-ctnetlink-fix-refcount-leak-on-table-dump.patch (git-fixes CVE-2025-38721 bsc#1249176). - Update patches.suse/netlink-avoid-infinite-retry-looping-in-netlink_unic.patch (CVE-2025-38465 bsc#1247118 CVE-2025-38727 bsc#1249166). - Update patches.suse/nfsd-handle-get_client_locked-failure-in-nfsd4_setclientid_confirm.patch (git-fixes CVE-2025-38724 bsc#1249169). - Update patches.suse/pNFS-Fix-uninited-ptr-deref-in-block-scsi-layout.patch (git-fixes CVE-2025-38691 bsc#1249215). - Update patches.suse/platform-x86-amd-hsmp-Ensure-sock-metric_tbl_addr-is.patch (git-fixes CVE-2025-39678 bsc#1249290). - Update patches.suse/s390-ism-fix-concurrency-management-in-ism_cmd.patch (git-fixes bsc#1247372 CVE-2025-39726 bsc#1249266). - Update patches.suse/s390-mm-Do-not-map-lowcore-with-identity-mapping.patch (git-fixes bsc#1249066 CVE-2025-38733 bsc#1249313). - Update patches.suse/s390-sclp-Fix-SCCB-present-check.patch (git-fixes bsc#1249065 CVE-2025-39694 bsc#1249299). - Update patches.suse/scsi-lpfc-Check-for-hdwq-null-ptr-when-cleaning-up-l.patch (bsc#1245260 bsc#1243100 bsc#1246125 CVE-2025-38695 bsc#1249285). - Update patches.suse/scsi-ufs-exynos-Fix-programming-of-HCI_UTRL_NEXUS_TYPE.patch (git-fixes CVE-2025-39788 bsc#1249547). - Update patches.suse/serial-8250-fix-panic-due-to-PSLVERR.patch (git-fixes CVE-2025-39724 bsc#1249265). - Update patches.suse/soc-qcom-mdt_loader-Ensure-we-don-t-read-past-the-EL.patch (git-fixes CVE-2025-39787 bsc#1249545). - Update patches.suse/usb-core-config-Prevent-OOB-read-in-SS-endpoint-comp.patch (stable-fixes CVE-2025-39760 bsc#1249598). - Update patches.suse/usb-dwc3-Remove-WARN_ON-for-device-endpoint-command-.patch (stable-fixes CVE-2025-39801 bsc#1250450). - Update patches.suse/vsock-virtio-Validate-length-in-packet-header-before.patch (git-fixes CVE-2025-39718 bsc#1249305). - Update patches.suse/wifi-ath10k-shutdown-driver-when-hardware-is-unrelia.patch (stable-fixes CVE-2025-39746 bsc#1249516). - Update patches.suse/wifi-ath11k-fix-sleeping-in-atomic-in-ath11k_mac_op_.patch (git-fixes CVE-2025-39732 bsc#1249292). - Update patches.suse/wifi-ath12k-Correct-tid-cleanup-when-tid-setup-fails.patch (stable-fixes CVE-2025-39750 bsc#1249523). - Update patches.suse/wifi-ath12k-Decrement-TID-on-RX-peer-frag-setup-erro.patch (stable-fixes CVE-2025-39761 bsc#1249554). - Update patches.suse/wifi-ath12k-fix-memory-leak-in-ath12k_service_ready_.patch (git-fixes CVE-2025-39890 bsc#1250334). - Update patches.suse/wifi-brcmfmac-fix-use-after-free-when-rescheduling-b.patch (git-fixes CVE-2025-39863 bsc#1250281). - Update patches.suse/wifi-cfg80211-fix-use-after-free-in-cmp_bss.patch (git-fixes CVE-2025-39864 bsc#1250242). - Update patches.suse/wifi-cfg80211-sme-cap-SSID-length-in-__cfg80211_conn.patch (git-fixes CVE-2025-39849 bsc#1250266). - Update patches.suse/wifi-mt76-fix-linked-list-corruption.patch (git-fixes CVE-2025-39918 bsc#1250729). - Update patches.suse/wifi-mwifiex-Initialize-the-chan_stats-array-to-zero.patch (git-fixes CVE-2025-39891 bsc#1250712). - Update patches.suse/x86-mm-64-define-ARCH_PAGE_TABLE_SYNC_MASK-and-arch_.patch (git-fixes CVE-2025-39845 bsc#1250262). - Update patches.suse/xfs-do-not-propagate-ENODATA-disk-errors-into-xattr-code.patch (git-fixes CVE-2025-39835 bsc#1250025). - commit ccb1ac6 - i40e: Fix potential invalid access when MAC list is empty (CVE-2025-39853 bsc#1250275) - commit eaef03f - RDMA/siw: Always report immediate post SQ errors (git-fixes) - commit 6353dba - RDMA/rxe: Fix race in do_task() when draining (git-fixes) - commit b9fe6cd - IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes) - commit d793b3b - RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes) - commit 5f77a41 - RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes) - commit 8c45dbb - RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes) - commit d3a8859 - RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes) - commit d4e0310 ++++ libnvme: - Update to version 1.11+17.g6d55624d: * linux: use EVP_PKEY_CTX_add1_hkdf_info only once in compat function (bsc#1246914) * nvme/linux: check for empty digest in gen_tls_identity() (bsc#1246914) * nvme/linux: add fallback implementation for nvme_insert_tls_key_compat() (bsc#1246914) * linux: fix HKDF TLS key derivation back to OpenSSL 3.0.8 (bsc#1246914) * libnvme: TLS PSK derivation fixes (bsc#1246914) * linux: rename __nvme_insert_tls_key_versioned() to __nvme_insert_tls_key() (bsc#1246914) * linux: rename __nvme_insert_tls_key() to __nvme_import_tls_key() (bsc#1246914) * test/psk: add testcase for TLS identity derivation (bsc#1246914) * linux: set errno when nvme_generate_tls_key_identity() fails (bsc#1246914) * tree: do not try to strdup NULL pointer (bsc#1247225) * tree: always set the host key (bsc#1246560) * tree: add routine to fetch subsys firmware rev (bsc#1240518) * tree: add routine to fetch subsys model (bsc#1240518) ++++ nvidia-open-driver-G06-signed: - update CUDA variant to 580.95.05 ++++ nvme-cli: - Update to version 2.11+29.g35e62868: * nvme: add --compat flag for 'gen-tls-key' and 'check-tls-key' (bsc#1246914) * netapp-ontapdev: update invalid device handling (bsc#1247017) * netapp-smdev: update invalid device handling (bsc#1247017) * nvme-print: display fw-rev in list-subsys output (bsc#1240518) * nvme-print: display model in list-subsys output (bsc#1240518) * netapp-ontapdev: add subsysname to regular output (bsc#1240518) * netapp-ontapdev: add subsysname to the verbose output (bsc#1240518) * Revert "nvme-print-json: display only verbose output" * nvme: check for valid output format (bsc#1237275) * nvme: make get-feature JSON output print everything (bsc#1237275) * nvme: make -v output consistent with -H output for nvme get-feature (bsc#1237275) * nvme: make -v output consistent with -H output for nvme get-property (bsc#1237275) * nvme-print-stdout: add details in list-ns verbose output (bsc#1237275) * nvme-print-stdout: add descriptions for nsze, ncap & nuse (bsc#1237275) * netapp-ontapdev: correct the basestr header (bsc#1237275) * netapp-smdev: update err msg for no smdevices (bsc#1237275) * netapp-ontapdev: update err msg for no ontapdevices (bsc#1237275) * netapp-smdev: update basestr header in verbose output (bsc#1237275) * netapp-ontapdev: update basestr headers in verbose output * netapp-smdev: add verbose output * netapp-smdev: remove redundant code * nvme-netapp: update err messages * netapp-ontapdev: fix JSON output for nsze & nuse * netapp-ontapdev: fix fw version handling * netapp-ontapdev: add verbose output ------------------------------------------------------------------ ------------------ 2025-10-5 - Oct 5 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - bus: mhi: ep: Fix chained transfer handling in read path (git-fixes). - bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes). - iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes). - iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes). - iio: consumers: Fix handling of negative channel scale in iio_convert_raw_to_processed() (git-fixes). - iio: dac: ad5421: use int type to store negative error codes (git-fixes). - iio: dac: ad5360: use int type to store negative error codes (git-fixes). - iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes). - iio: frequency: adf4350: Fix prescaler usage (git-fixes). - iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes). - iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes). - iio/adc/pac1934: fix channel disable configuration (git-fixes). - misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes). - uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes). - usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes). - thunderbolt: Compare HMAC values in constant time (git-fixes). - Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running" (git-fixes). - usb: typec: tipd: Clear interrupts first (git-fixes). - usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call (git-fixes). - usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes). - usb: phy: twl6030: Fix incorrect type for ret (git-fixes). - usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes). - usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes). - tty: n_gsm: Don't block input queue by waiting MSC (git-fixes). - serial: max310x: Add error checking in probe() (git-fixes). - mtd: rawnand: omap2: fix device leak on probe failure (git-fixes). - mtd: rawnand: atmel: Fix error handling path in atmel_nand_controller_add_nands (git-fixes). - HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes). - HID: hidraw: tighten ioctl command parsing (git-fixes). - KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes). - hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes). - KEYS: X.509: Fix Basic Constraints CA flag parsing (git-fixes). - crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes). - crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes). - crypto: atmel - Fix dma_unmap_sg() direction (git-fixes). - crypto: rockchip - Fix dma_unmap_sg() nents value (git-fixes). - crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes). - crypto: hisilicon - re-enable address prefetch after device resuming (git-fixes). - crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations (git-fixes). - crypto: octeontx2 - Call strscpy() with correct size argument (git-fixes). - hwrng: nomadik - add ARM_AMBA dependency (git-fixes). - crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes). - commit 619851e ++++ kernel-rt: - bus: mhi: ep: Fix chained transfer handling in read path (git-fixes). - bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes). - iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes). - iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes). - iio: consumers: Fix handling of negative channel scale in iio_convert_raw_to_processed() (git-fixes). - iio: dac: ad5421: use int type to store negative error codes (git-fixes). - iio: dac: ad5360: use int type to store negative error codes (git-fixes). - iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes). - iio: frequency: adf4350: Fix prescaler usage (git-fixes). - iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes). - iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes). - iio/adc/pac1934: fix channel disable configuration (git-fixes). - misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes). - uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes). - usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes). - thunderbolt: Compare HMAC values in constant time (git-fixes). - Revert "usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running" (git-fixes). - usb: typec: tipd: Clear interrupts first (git-fixes). - usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call (git-fixes). - usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes). - usb: phy: twl6030: Fix incorrect type for ret (git-fixes). - usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes). - usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes). - tty: n_gsm: Don't block input queue by waiting MSC (git-fixes). - serial: max310x: Add error checking in probe() (git-fixes). - mtd: rawnand: omap2: fix device leak on probe failure (git-fixes). - mtd: rawnand: atmel: Fix error handling path in atmel_nand_controller_add_nands (git-fixes). - HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes). - HID: hidraw: tighten ioctl command parsing (git-fixes). - KEYS: trusted_tpm1: Compare HMAC values in constant time (git-fixes). - hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes). - KEYS: X.509: Fix Basic Constraints CA flag parsing (git-fixes). - crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes). - crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes). - crypto: atmel - Fix dma_unmap_sg() direction (git-fixes). - crypto: rockchip - Fix dma_unmap_sg() nents value (git-fixes). - crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes). - crypto: hisilicon - re-enable address prefetch after device resuming (git-fixes). - crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations (git-fixes). - crypto: octeontx2 - Call strscpy() with correct size argument (git-fixes). - hwrng: nomadik - add ARM_AMBA dependency (git-fixes). - crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes). - commit 619851e ------------------------------------------------------------------ ------------------ 2025-10-4 - Oct 4 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946) CONFIG_SCHED_PROXY_EXEC is set only when the debug is off, exclusive to CONFIG_SCHED_CLASS_EXT. - commit ac06fa9 - drivers/base/node: fix double free in register_one_node() (git-fixes). - commit 3766861 - net: nfc: nci: Add parameter validation for packet data (git-fixes). - net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes). - wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize again (git-fixes). - wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes). - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes). - wifi: ath12k: fix wrong logging ID used for CE (git-fixes). - wifi: ath12k: fix the fetching of combined rssi (git-fixes). - wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes). - wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes). - wifi: mt76: mt7915: fix mt7981 pre-calibration (git-fixes). - wifi: mt76: mt7996: Convert mt7996_wed_rro_addr to LE (git-fixes). - wifi: mt76: mt7996: Fix RX packets configuration for primary WED device (git-fixes). - wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes). - wifi: iwlwifi: Remove redundant header files (git-fixes). - wifi: mwifiex: send world regulatory domain to driver (git-fixes). - wifi: virt_wifi: Fix page fault on connect (stable-fixes). - net: phy: fix phy_uses_state_machine() (git-fixes). - mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes). - usb: core: Add 0x prefix to quirks debug output (stable-fixes). - commit 5a62af8 - media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes). - media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes). - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes). - media: i2c: mt9v111: fix incorrect type for ret (git-fixes). - media: venus: firmware: Use correct reset sequence for IRIS2 (git-fixes). - media: s5p-mfc: remove an unused/uninitialized variable (git-fixes). - media: cec: extron-da-hd-4k-plus: drop external-module make commands (git-fixes). - media: pci: mg4b: fix uninitialized iio scan data (git-fixes). - media: pci: ivtv: Add missing check after DMA map (git-fixes). - media: cx18: Add missing check after DMA map (git-fixes). - media: st-delta: avoid excessive stack usage (git-fixes). - media: mc: Fix MUST_CONNECT handling for pads with no links (git-fixes). - media: ti: j721e-csi2rx: Fix source subdev link creation (git-fixes). - media: ti: j721e-csi2rx: Use devm_of_platform_populate (git-fixes). - media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes). - media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes). - media: lirc: Fix error handling in lirc_register() (git-fixes). - media: zoran: Remove zoran_fh structure (git-fixes). - commit 776580e - docs: admin-guide: update to current minimum pipe size default (git-fixes). - maple_tree: fix testing for 32 bit builds (git-fixes). - maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes). - Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements (git-fixes). - Bluetooth: ISO: don't leak skb in ISO_CONT RX (git-fixes). - drm/amdgpu: remove the redeclaration of variable i (git-fixes). - drm/msm/dpu: fix incorrect type for ret (git-fixes). - drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes). - drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes). - drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes). - drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes). - drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes). - drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes). - drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes). - drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes). - drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes). - drm/amd/display: Remove redundant semicolons (git-fixes). - drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes). - drm/bridge: it6505: select REGMAP_I2C (git-fixes). - drm/panel: novatek-nt35560: Fix invalid return value (git-fixes). - drm/panthor: Fix memory leak in panthor_ioctl_group_create() (git-fixes). - firmware: firmware: meson-sm: fix compile-test default (git-fixes). - HID: asus: add support for missing PX series fn keys (stable-fixes). - can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes). - i2c: designware: Add quirk for Intel Xe (stable-fixes). - drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes). - commit 5415587 - drivers/base/node: handle error properly in register_one_node() (git-fixes). - Bluetooth: ISO: free rx_skb if not consumed (git-fixes). - Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes). - Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes). - ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes). - ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback (git-fixes). - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes). - ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes). - ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes). - ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes). - ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes). - ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes). - ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT (git-fixes). - ALSA: lx_core: use int type to store negative error codes (git-fixes). - ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes). - ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes). - ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes). - ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes). - ALSA: hda/realtek: Add support for ASUS NUC using CS35L41 HDA (stable-fixes). - ALSA: usb-audio: Convert comma to semicolon (git-fixes). - ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes). - ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes). - ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes). - ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes). - ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes). - ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes). - ALSA: usb-audio: Fix code alignment in mixer_quirks (stable-fixes). - commit 3e06154 ++++ kernel-rt: - rpm/check-for-config-changes: ignore CONFIG_SCHED_PROXY_EXEC, too (bsc#1250946) CONFIG_SCHED_PROXY_EXEC is set only when the debug is off, exclusive to CONFIG_SCHED_CLASS_EXT. - commit ac06fa9 - drivers/base/node: fix double free in register_one_node() (git-fixes). - commit 3766861 - net: nfc: nci: Add parameter validation for packet data (git-fixes). - net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes). - wifi: ath11k: HAL SRNG: don't deinitialize and re-initialize again (git-fixes). - wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes). - wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes). - wifi: ath12k: fix wrong logging ID used for CE (git-fixes). - wifi: ath12k: fix the fetching of combined rssi (git-fixes). - wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes). - wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes). - wifi: mt76: mt7915: fix mt7981 pre-calibration (git-fixes). - wifi: mt76: mt7996: Convert mt7996_wed_rro_addr to LE (git-fixes). - wifi: mt76: mt7996: Fix RX packets configuration for primary WED device (git-fixes). - wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes). - wifi: iwlwifi: Remove redundant header files (git-fixes). - wifi: mwifiex: send world regulatory domain to driver (git-fixes). - wifi: virt_wifi: Fix page fault on connect (stable-fixes). - net: phy: fix phy_uses_state_machine() (git-fixes). - mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes). - usb: core: Add 0x prefix to quirks debug output (stable-fixes). - commit 5a62af8 - media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes). - media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes). - media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes). - media: i2c: mt9v111: fix incorrect type for ret (git-fixes). - media: venus: firmware: Use correct reset sequence for IRIS2 (git-fixes). - media: s5p-mfc: remove an unused/uninitialized variable (git-fixes). - media: cec: extron-da-hd-4k-plus: drop external-module make commands (git-fixes). - media: pci: mg4b: fix uninitialized iio scan data (git-fixes). - media: pci: ivtv: Add missing check after DMA map (git-fixes). - media: cx18: Add missing check after DMA map (git-fixes). - media: st-delta: avoid excessive stack usage (git-fixes). - media: mc: Fix MUST_CONNECT handling for pads with no links (git-fixes). - media: ti: j721e-csi2rx: Fix source subdev link creation (git-fixes). - media: ti: j721e-csi2rx: Use devm_of_platform_populate (git-fixes). - media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes). - media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes). - media: lirc: Fix error handling in lirc_register() (git-fixes). - media: zoran: Remove zoran_fh structure (git-fixes). - commit 776580e - docs: admin-guide: update to current minimum pipe size default (git-fixes). - maple_tree: fix testing for 32 bit builds (git-fixes). - maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes). - Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements (git-fixes). - Bluetooth: ISO: don't leak skb in ISO_CONT RX (git-fixes). - drm/amdgpu: remove the redeclaration of variable i (git-fixes). - drm/msm/dpu: fix incorrect type for ret (git-fixes). - drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes). - drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes). - drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes). - drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes). - drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes). - drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes). - drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes). - drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes). - drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes). - drm/amd/display: Remove redundant semicolons (git-fixes). - drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes). - drm/bridge: it6505: select REGMAP_I2C (git-fixes). - drm/panel: novatek-nt35560: Fix invalid return value (git-fixes). - drm/panthor: Fix memory leak in panthor_ioctl_group_create() (git-fixes). - firmware: firmware: meson-sm: fix compile-test default (git-fixes). - HID: asus: add support for missing PX series fn keys (stable-fixes). - can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes). - i2c: designware: Add quirk for Intel Xe (stable-fixes). - drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes). - commit 5415587 - drivers/base/node: handle error properly in register_one_node() (git-fixes). - Bluetooth: ISO: free rx_skb if not consumed (git-fixes). - Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes). - Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes). - ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes). - ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback (git-fixes). - ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes). - ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes). - ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes). - ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes). - ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes). - ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes). - ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT (git-fixes). - ALSA: lx_core: use int type to store negative error codes (git-fixes). - ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes). - ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes). - ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes). - ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes). - ALSA: hda/realtek: Add support for ASUS NUC using CS35L41 HDA (stable-fixes). - ALSA: usb-audio: Convert comma to semicolon (git-fixes). - ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes). - ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes). - ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes). - ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes). - ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes). - ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes). - ALSA: usb-audio: Fix code alignment in mixer_quirks (stable-fixes). - commit 3e06154 ++++ runc: - Update to runc v1.3.2. Upstream changelog is available from bsc#1252110 - Includes an important fix for the CPUSet translation for cgroupv2. ------------------------------------------------------------------ ------------------ 2025-10-3 - Oct 3 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update to Docker 28.5.0-ce. See upstream changelog online at - Backport to re-add vendor.sum, fixing our builds. + 0007-Add-back-vendor.sum.patch - Rebased patches: * 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch * 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch * cli-0001-openSUSE-point-users-to-docker-buildx-package.patch * cli-0002-SECRETS-SUSE-default-to-DOCKER_BUILDKIT-0-for-docker.patch ++++ kernel-default: - scsi: smartpqi: Update driver version to 2.1.34-035 (bsc#1246631). - scsi: smartpqi: Enhance WWID logging logic (bsc#1246631). - scsi: smartpqi: Take drives offline when controller is offline (bsc#1246631). - commit 64644a2 - Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes). - commit 1c9018f - Squashfs: add additional inode sanity checking (git-fixes). - commit 1064852 - Squashfs: fix uninit-value in squashfs_get_parent (git-fixes). - commit fa0095c - hrtimers: Force migrate away hrtimers queued after (bsc#1238472 CVE-2025-21816) - commit 9e989a9 - kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655). - commit 4741268 ++++ kernel-rt: - scsi: smartpqi: Update driver version to 2.1.34-035 (bsc#1246631). - scsi: smartpqi: Enhance WWID logging logic (bsc#1246631). - scsi: smartpqi: Take drives offline when controller is offline (bsc#1246631). - commit 64644a2 - Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes). - commit 1c9018f - Squashfs: add additional inode sanity checking (git-fixes). - commit 1064852 - Squashfs: fix uninit-value in squashfs_get_parent (git-fixes). - commit fa0095c - hrtimers: Force migrate away hrtimers queued after (bsc#1238472 CVE-2025-21816) - commit 9e989a9 - kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655). - commit 4741268 ++++ podman: - Add patch for CVE-2025-9566 (bsc#1249154): * 0004-CVE-2025-9566-kube-play-don-t-follow-volume-symlinks.patch - Rebase patches: * 0001-CVE-2025-22869-ssh-limit-the-size-of-the-internal-pa.patch * 0002-Fix-Remove-appending-rw-as-the-default-mount-option.patch * 0003-CVE-2025-6032-machine-init-fix-tls-check.patch ------------------------------------------------------------------ ------------------ 2025-10-2 - Oct 2 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - fs/proc/task_mmu: check p->vec_buf for NULL (git-fixes). - commit 98a15a1 - Update patches.suse/HID-asus-fix-UAF-via-HID_CLAIMED_INPUT-validation.patch (CVE-2025-39824 bsc#1250007). Added CVE reference - commit abe8096 - smb: client: fix race with concurrent opens in rename(2) (bsc#1250179, CVE-2025-39825). - commit 37c11fc - bus: fsl-mc: Check return value of platform_get_resource() (git-fixes). - memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes). - firmware: meson_sm: fix device leak at probe (git-fixes). - soc: mediatek: mtk-svs: fix device leaks on mt8192 probe failure (git-fixes). - soc: mediatek: mtk-svs: fix device leaks on mt8183 probe failure (git-fixes). - firmware: arm_scmi: Mark VirtIO ready before registering scmi_virtio_driver (git-fixes). - soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes). - thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes). - ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes). - ACPI: property: Fix buffer properties extraction for subnodes (git-fixes). - ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes). - ACPICA: Fix largest possible resource descriptor index (git-fixes). - ACPI: debug: fix signedness issues in read/write helpers (git-fixes). - PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes). - PM / devfreq: rockchip-dfi: double count on RK3588 (git-fixes). - PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes). - i3c: master: svc: Recycle unused IBI slot (git-fixes). - i3c: master: svc: Use manual response for IBI events (git-fixes). - i3c: Fix default I2C adapter timeout value (git-fixes). - i2c: designware: Add disabling clocks when probe fails (git-fixes). - i2c: designware: Fix clock issue when PM is disabled (git-fixes). - i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes). - pinctrl: renesas: Use int type to store negative error codes (git-fixes). - pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes). - pinctrl: renesas: rzg2l: Fix invalid unsigned return in rzg3s_oen_read() (git-fixes). - pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes). - pinctrl: equilibrium: Remove redundant semicolons (git-fixes). - power: supply: max77976_charger: fix constant current reporting (git-fixes). - power: supply: cw2015: Fix a alignment coding style issue (git-fixes). - leds: leds-lp55xx: Use correct address for memory programming (git-fixes). - leds: flash: leds-qcom-flash: Update torch current clamp setting (git-fixes). - mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes). - mmc: core: Fix variable shadowing in mmc_route_rpmb_frames() (git-fixes). - spi: fix return code when spi device has too many chipselects (git-fixes). - spi: cadence-quadspi: Fix cqspi_setup_flash() (git-fixes). - spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes). - spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes). - spi: mtk-snfi: Remove redundant semicolons (git-fixes). - spi: bcm2835: Remove redundant semicolons (git-fixes). - regulator: scmi: Use int type to store negative error codes (git-fixes). - regmap: Remove superfluous check for !config in __regmap_init() (git-fixes). - mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes). - pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes). - pwm: tiehrpwm: Fix various off-by-one errors in duty-cycle calculation (git-fixes). - pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes). - pwm: tiehrpwm: Don't drop runtime PM reference in .free() (git-fixes). - pwm: berlin: Fix wrong register in suspend/resume (git-fixes). - hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes). - soc: qcom: mdt_loader: Deal with zero e_shentsize (git-fixes). - commit faf07bc - Drop patches.suse/drm-amd-display-Disable-PSR-SU-on-eDP-panels.patch (bsc#1243112) The patch caused a regression wrt s2idle on AMD laptops - commit d42f41f - net/smc: fix UAF on smcsk after smc_listen_out() (CVE-2025-38734 bsc#1249324). - commit 4a22467 - net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (CVE-2025-39770 bsc#1249508). - commit 6df7556 - Update patches.suse/dmaengine-ti-edma-Fix-memory-allocation-size-for-que.patch (CVE-2025-39869 bsc#1250406). Added CVE reference - commit 464897c - writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776). - commit f7f2303 - Fix bugzilla and CVE references (CVE-2025-38552 bsc#1248230) Patches patches.suse/mptcp-plug-races-between-subflow-fail-and-subflow-cr.patch patches.kabi/kabi-hide-new-member-allow_subflows-in-struct-mptcp_.patch had wrong bugzilla and CVE references (belonging to previous CVE bug related to similar code). Replace them with the correct ones. - commit f5079d3 - net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 (CVE-2025-39852 bsc#1250258). - commit c9b08eb ++++ kernel-rt: - fs/proc/task_mmu: check p->vec_buf for NULL (git-fixes). - commit 98a15a1 - Update patches.suse/HID-asus-fix-UAF-via-HID_CLAIMED_INPUT-validation.patch (CVE-2025-39824 bsc#1250007). Added CVE reference - commit abe8096 - smb: client: fix race with concurrent opens in rename(2) (bsc#1250179, CVE-2025-39825). - commit 37c11fc - bus: fsl-mc: Check return value of platform_get_resource() (git-fixes). - memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes). - firmware: meson_sm: fix device leak at probe (git-fixes). - soc: mediatek: mtk-svs: fix device leaks on mt8192 probe failure (git-fixes). - soc: mediatek: mtk-svs: fix device leaks on mt8183 probe failure (git-fixes). - firmware: arm_scmi: Mark VirtIO ready before registering scmi_virtio_driver (git-fixes). - soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes). - thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes). - ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes). - ACPI: property: Fix buffer properties extraction for subnodes (git-fixes). - ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes). - ACPICA: Fix largest possible resource descriptor index (git-fixes). - ACPI: debug: fix signedness issues in read/write helpers (git-fixes). - PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes). - PM / devfreq: rockchip-dfi: double count on RK3588 (git-fixes). - PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes). - i3c: master: svc: Recycle unused IBI slot (git-fixes). - i3c: master: svc: Use manual response for IBI events (git-fixes). - i3c: Fix default I2C adapter timeout value (git-fixes). - i2c: designware: Add disabling clocks when probe fails (git-fixes). - i2c: designware: Fix clock issue when PM is disabled (git-fixes). - i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes). - pinctrl: renesas: Use int type to store negative error codes (git-fixes). - pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes). - pinctrl: renesas: rzg2l: Fix invalid unsigned return in rzg3s_oen_read() (git-fixes). - pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes). - pinctrl: equilibrium: Remove redundant semicolons (git-fixes). - power: supply: max77976_charger: fix constant current reporting (git-fixes). - power: supply: cw2015: Fix a alignment coding style issue (git-fixes). - leds: leds-lp55xx: Use correct address for memory programming (git-fixes). - leds: flash: leds-qcom-flash: Update torch current clamp setting (git-fixes). - mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes). - mmc: core: Fix variable shadowing in mmc_route_rpmb_frames() (git-fixes). - spi: fix return code when spi device has too many chipselects (git-fixes). - spi: cadence-quadspi: Fix cqspi_setup_flash() (git-fixes). - spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes). - spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes). - spi: mtk-snfi: Remove redundant semicolons (git-fixes). - spi: bcm2835: Remove redundant semicolons (git-fixes). - regulator: scmi: Use int type to store negative error codes (git-fixes). - regmap: Remove superfluous check for !config in __regmap_init() (git-fixes). - mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes). - pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes). - pwm: tiehrpwm: Fix various off-by-one errors in duty-cycle calculation (git-fixes). - pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes). - pwm: tiehrpwm: Don't drop runtime PM reference in .free() (git-fixes). - pwm: berlin: Fix wrong register in suspend/resume (git-fixes). - hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes). - soc: qcom: mdt_loader: Deal with zero e_shentsize (git-fixes). - commit faf07bc - Drop patches.suse/drm-amd-display-Disable-PSR-SU-on-eDP-panels.patch (bsc#1243112) The patch caused a regression wrt s2idle on AMD laptops - commit d42f41f - net/smc: fix UAF on smcsk after smc_listen_out() (CVE-2025-38734 bsc#1249324). - commit 4a22467 - net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (CVE-2025-39770 bsc#1249508). - commit 6df7556 - Update patches.suse/dmaengine-ti-edma-Fix-memory-allocation-size-for-que.patch (CVE-2025-39869 bsc#1250406). Added CVE reference - commit 464897c - writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776). - commit f7f2303 - Fix bugzilla and CVE references (CVE-2025-38552 bsc#1248230) Patches patches.suse/mptcp-plug-races-between-subflow-fail-and-subflow-cr.patch patches.kabi/kabi-hide-new-member-allow_subflows-in-struct-mptcp_.patch had wrong bugzilla and CVE references (belonging to previous CVE bug related to similar code). Replace them with the correct ones. - commit f5079d3 - net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 (CVE-2025-39852 bsc#1250258). - commit c9b08eb ++++ libxslt: - security update - added patches CVE-2025-10911 [bsc#1250553], use-after-free with key data stored cross-RVT * libxslt-CVE-2025-10911.patch ------------------------------------------------------------------ ------------------ 2025-10-1 - Oct 1 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update to docker-buildx v0.29.0. Upstream changelog: ++++ kernel-default: - Update patches.suse/netfilter-ctnetlink-remove-refcounting-in-expectation-dump.patch references (add CVE-2025-39764 bsc#1249513). - commit 8f60b19 - net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CVE-2025-39766 bsc#1249510). - commit b1cb568 - net/sched: Fix backlog accounting in qdisc_dequeue_internal (CVE-2025-39677 bsc#1249300). - commit 910f097 - tls: handle data disappearing from under the TLS ULP (CVE-2025-38616 bsc#1248512). - commit ac9ae3e - cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365, CVE-2025-39838). - commit 759c64b - writeback: Avoid excessively long inode switching times (bsc#1237776). - commit b26feb2 - writeback: Avoid softlockup when switching many inodes (bsc#1237776). - commit a8e4925 - writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776). - commit 02a1b52 - btrfs: return any hit error from extent_writepage_io() (git-fixes). - commit b307677 ++++ kernel-rt: - Update patches.suse/netfilter-ctnetlink-remove-refcounting-in-expectation-dump.patch references (add CVE-2025-39764 bsc#1249513). - commit 8f60b19 - net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CVE-2025-39766 bsc#1249510). - commit b1cb568 - net/sched: Fix backlog accounting in qdisc_dequeue_internal (CVE-2025-39677 bsc#1249300). - commit 910f097 - tls: handle data disappearing from under the TLS ULP (CVE-2025-38616 bsc#1248512). - commit ac9ae3e - cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365, CVE-2025-39838). - commit 759c64b - writeback: Avoid excessively long inode switching times (bsc#1237776). - commit b26feb2 - writeback: Avoid softlockup when switching many inodes (bsc#1237776). - commit a8e4925 - writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776). - commit 02a1b52 - btrfs: return any hit error from extent_writepage_io() (git-fixes). - commit b307677 ++++ samba: - Relax samba-gpupdate requirement for cepces, certmonger, and sscep to a recommends. They are only required if utilizing certificate auto enrollment (bsc#1249087). ++++ openssl-3: - Security fix: [bsc#1250232 CVE-2025-9230] * Fix out-of-bounds read & write in RFC 3211 KEK unwrap * Add patch openssl3-CVE-2025-9230.patch - Security fix: [bsc#1250233 CVE-2025-9231] * Fix timing side-channel in SM2 algorithm on 64 bit ARM * Add patch openssl3-CVE-2025-9231.patch - Security fix: [bsc#1250234 CVE-2025-9232] * Fix out-of-bounds read in HTTP client no_proxy handling * Add patch openssl3-CVE-2025-9232.patch ++++ open-vm-tools: - Update to open-vm-tools 13.0.5 based on build 24915695. (boo#1250692): Please refer to the Release Notes at https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/ReleaseNotes.md. The granular changes that have gone into the open-vm-tools 13.0.5 release are in the ChangeLog at https://github.com/vmware/open-vm-tools/blob/stable-13.0.5/open-vm-tools/ChangeLog. There are no new features in the open-vm-tools 13.0.5 release. This is primarily a maintenance release that addresses a security issue. This release resolves and includes the patch for CVE-2025-41244. For more information on this vulnerability and its impact on Broadcom products, see VMSA-2025-0015. A patch to address CVE-2025-41244 on earlier open-vm-tools releases is provided to the Linux community at CVE-2025-41244.patch. A minor enhancement has been made for Guest OS Customization. The DeployPkg plugin has been updated to use "systemctl reboot", if available. For a more complete list of issues addressed in this release, see the What's New and Resolved Issues section of the Release Notes. - Drop patch now contained in 13.0.5: 0001-GOSC-Update-Guest-OS-Customization-to-utilize-system.patch CVE-2025-41244-1240-1300-SDMP.patch ++++ nvidia-open-driver-G06-signed: - fixed 'osc service run download_files' ------------------------------------------------------------------ ------------------ 2025-9-30 - Sep 30 2025 ------------------- ------------------------------------------------------------------ ++++ cloud-init: - Drop unneeded test dependency on httpretty, fixed long ago * https://github.com/canonical/cloud-init/pull/1720 ++++ kernel-default: - x86/microcode: Update the Intel processor flag scan check (git-fixes). - commit b729bda - x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes). - commit 2fbcb40 - kabi/severities: ignore asus-wmi kABI breakage The recent fix for asus WMI drivers (commit 132bfcd24925 backport) breaks kABI. As the symbols are used only internally for asus WMI drivers and the kABI workaround isn't trivial, let's just ignore kABI breakage. - commit d543a77 - erofs: avoid reading more for fragment maps (git-fixes). - commit a9573c6 - ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407 CVE-2025-39885). - ocfs2: prevent release journal inode after journal shutdown (bsc#1250267 CVE-2025-39842). - commit aeb8389 - seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes bsc#1250671). - commit 1ea074e - mm/smaps: fix race between smaps_hugetlb_range and migration (CVE-2025-39754 bsc#1249524). - commit 8df5ff7 - tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062). - commit 544e413 ++++ kernel-rt: - x86/microcode: Update the Intel processor flag scan check (git-fixes). - commit b729bda - x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes). - commit 2fbcb40 - kabi/severities: ignore asus-wmi kABI breakage The recent fix for asus WMI drivers (commit 132bfcd24925 backport) breaks kABI. As the symbols are used only internally for asus WMI drivers and the kABI workaround isn't trivial, let's just ignore kABI breakage. - commit d543a77 - erofs: avoid reading more for fragment maps (git-fixes). - commit a9573c6 - ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407 CVE-2025-39885). - ocfs2: prevent release journal inode after journal shutdown (bsc#1250267 CVE-2025-39842). - commit aeb8389 - seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes bsc#1250671). - commit 1ea074e - mm/smaps: fix race between smaps_hugetlb_range and migration (CVE-2025-39754 bsc#1249524). - commit 8df5ff7 - tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062). - commit 544e413 ++++ qemu: - Update to version 10.0.4: Full backport list: https://lore.kernel.org/qemu-devel/1748499690.323471.13081.nullmailer@localhost/ A selection of them is reported below: hvf: arm: Emulate ICC_RPR_EL1 accesses properly target/arm: Correct encoding of Debug Communications Channel registers ui: fix setting client_endian field defaults hw/net/npcm_gmac.c: Send the right data for second packet in a row target/i386: do not expose ARCH_CAPABILITIES on AMD CPU i386/cpu: Honor maximum value for CPUID.8000001DH.EAX[25:14] i386/cpu: Fix overflow of cache topology fields in CPUID.04H i386/cpu: Fix cpu number overflow in CPUID.01H.EBX[23:16] ui/vnc: Do not copy z_stream vhost: Fix used memslot tracking when destroying a vhost device roms: re-remove execute bit from hppa-firmware* file-posix: Fix aio=threads performance regression after enablign FUA amd_iommu: Fix truncation of oldval in amdvi_writeq amd_iommu: Remove duplicated definitions amd_iommu: Fix the calculation for Device Table size amd_iommu: Fix mask to retrieve Interrupt Table Root Pointer from DTE amd_iommu: Fix masks for various IOMMU MMIO Registers amd_iommu: Update bitmasks representing DTE reserved fields amd_iommu: Fix Device ID decoding for INVALIDATE_IOTLB_PAGES command amd_iommu: Fix Miscellaneous Information Register 0 encoding virtio-net: Add queues for RSS during migration net: fix buffer overflow in af_xdp_umem_create() accel/kvm: Adjust the note about the minimum required kernel version linux-user: Use qemu_set_cloexec() to mark pidfd as FD_CLOEXEC migration: Don't sync volatile memory after migration completes linux-user: Hold the fd-trans lock across fork linux-user: Check for EFAULT failure in nanosleep linux-user: Implement fchmodat2 syscall hw/arm/fsl-imx8mp: Wire VIRQ and VFIQ target/arm: Don't enforce NSE,NS check for EL3->EL3 returns target/i386: fix TB exit logic in gen_movl_seg() when writing to SS target/arm: Fix bfdotadd_ebf vs nan selection target/arm: Fix f16_dotadd vs nan selection target/arm: Fix PSEL size operands to tcg_gen_gvec_ands target/arm: Fix 128-bit element ZIP, UZP, TRN target/arm: Fix sve_access_check for SME target/arm: Fix SME vs AdvSIMD exception priority hw/s390x/ccw-device: Fix memory leak in loadparm setter virtio-gpu: support context init multiple timeline target/arm: Correct KVM & HVF dtb_compatible value target/arm: Make RETA[AB] UNDEF when pauth is not implemented tcg: Fix constant propagation in tcg_reg_alloc_dup target/loongarch: fix vldi/xvldi raise wrong error target/loongarch: add check for fcond linux-user/arm: Fix return value of SYS_cacheflush hw/arm/mps2: Configure the AN500 CPU with 16 MPU regions qemu-options.hx: Fix reversed description of icount sleep behavior hw/arm/virt: Check bypass iommu is not set for iommu-map DT property hw/loongarch/virt: Fix big endian support with MCFG table hw/core/qdev-properties-system: Add missing return in set_drive_helper() iotests: fix 240 target/i386: Remove FRED dependency on WRMSRNS hw/audio/asc: fix SIGSEGV in asc_realize() audio: fix size calculation in AUD_get_buffer_size_out() audio: fix SIGSEGV in AUD_get_buffer_size_out() hw/i386/amd_iommu: Fix xtsup when vcpus < 255 hw/i386/amd_iommu: Fix device setup failure when PT is on. ------------------------------------------------------------------ ------------------ 2025-9-29 - Sep 29 2025 ------------------- ------------------------------------------------------------------ ++++ afterburn: - Add bugzilla references to past changelog ++++ docker: - Remove git-core recommends also on openSUSE: the below argument is valid for those users too. - Remove git-core recommends on SLE. Most SLE systems have installRecommends=yes by default and thus end up installing git with Docker. bsc#1250508 This feature is mostly intended for developers ("docker build git://") so most users already have the dependency installed, and the error when git is missing is fairly straightforward (so they can easily figure out what they need to install). ++++ kernel-default: - net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (CVE-2025-39857 bsc#1250251) - commit a9b3df4 - net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path (CVE-2025-39830 bsc#1249974) - commit 163399c - platform/x86: asus-wmi: Re-add extra keys to ignore_key_wlan quirk (git-fixes). - platform/x86: asus-wmi: Fix ROG button mapping, tablet mode on ASUS ROG Z13 (stable-fixes). - commit 20f9cff - i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes). - commit 43a1dc1 - kABI workaround for amd_sfh (git-fixes). - commit 2e4b180 - HID: amd_sfh: Add sync across amd sfh work functions (git-fixes). - commit ba93a25 - selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344). - commit a092a13 - hv_netvsc: Link queues to NAPIs (git-fixes). - commit c52cbb3 - KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782 CVE-2025-38351). - commit 28ac15f - net/sched: ets: use old 'nbands' while purging unused classes (CVE-2025-38684 bsc#1249156). - commit ecd1ae5 - tee: fix NULL pointer dereference in tee_shm_put (CVE-2025-39865 bsc#1250294). - commit 5275cd3 - cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes). - commit 378dc28 - PM: cpufreq: powernv/tracing: Move powernv_throttle trace event (git-fixes). Allow kabi breakage: declaring powernv_throttle moved from global to local powernv only header file. - commit 28a4607 - cpufreq: Add SM8650 to cpufreq-dt-platdev blocklist (stable-fixes). - commit fab468d - cpufreq: tegra186: Share policy per cluster (stable-fixes). - commit a730531 - x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (CVE-2025-39681 bsc#1249303). - commit ecf77f1 ++++ kernel-rt: - net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (CVE-2025-39857 bsc#1250251) - commit a9b3df4 - net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path (CVE-2025-39830 bsc#1249974) - commit 163399c - platform/x86: asus-wmi: Re-add extra keys to ignore_key_wlan quirk (git-fixes). - platform/x86: asus-wmi: Fix ROG button mapping, tablet mode on ASUS ROG Z13 (stable-fixes). - commit 20f9cff - i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes). - commit 43a1dc1 - kABI workaround for amd_sfh (git-fixes). - commit 2e4b180 - HID: amd_sfh: Add sync across amd sfh work functions (git-fixes). - commit ba93a25 - selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344). - commit a092a13 - hv_netvsc: Link queues to NAPIs (git-fixes). - commit c52cbb3 - KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782 CVE-2025-38351). - commit 28ac15f - net/sched: ets: use old 'nbands' while purging unused classes (CVE-2025-38684 bsc#1249156). - commit ecd1ae5 - tee: fix NULL pointer dereference in tee_shm_put (CVE-2025-39865 bsc#1250294). - commit 5275cd3 - cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes). - commit 378dc28 - PM: cpufreq: powernv/tracing: Move powernv_throttle trace event (git-fixes). Allow kabi breakage: declaring powernv_throttle moved from global to local powernv only header file. - commit 28a4607 - cpufreq: Add SM8650 to cpufreq-dt-platdev blocklist (stable-fixes). - commit fab468d - cpufreq: tegra186: Share policy per cluster (stable-fixes). - commit a730531 - x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (CVE-2025-39681 bsc#1249303). - commit ecf77f1 ++++ expat: - Fix CVE-2025-59375 / bsc#1249584. - Add patch file: * CVE-2025-59375.patch ++++ python313-core: - Add gh139257-Support-docutils-0.22.patch to fix build with latest docutils (>=0.22) gh#python/cpython#139257 ++++ patterns-base: - Bump to 6.2 - Micro 6.2 Thunderbolt enablement code-o-o#leap/features#242 ++++ python313: - Add gh139257-Support-docutils-0.22.patch to fix build with latest docutils (>=0.22) gh#python/cpython#139257 ++++ qemu: - Resolve a repo-has-moved service running issue: * .gitmodules: move u-boot mirrors to qemu-project-mirrors ------------------------------------------------------------------ ------------------ 2025-9-28 - Sep 28 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Bluetooth: MGMT: Fix possible UAFs (git-fixes). - Refresh patches.kabi/hci_dev-centralize-extra-lock.patch. - commit 40462f6 - fbcon: Fix OOB access in font allocation (git-fixes). - commit 3d28b38 - platform/x86: lg-laptop: Fix WMAB call in fan_mode_store() (git-fixes). - gpiolib: Extend software-node support to support secondary software-nodes (git-fixes). - drm/panthor: Defer scheduler entitiy destruction to queue release (git-fixes). - fbcon: fix integer overflow in fbcon_do_set_font (git-fixes). - drm/gma500: Fix null dereference in hdmi teardown (git-fixes). - drm/ast: Use msleep instead of mdelay for edid read (git-fixes). - can: peak_usb: fix shift-out-of-bounds issue (git-fixes). - can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes). - can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes). - can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes). - can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes). - Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes). - Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes). - reset: eyeq: fix OF node leak (git-fixes). - firewire: core: fix overlooked update of subsystem ABI version (git-fixes). - ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes). - net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes). - wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes). - wifi: mac80211: increase scan_ies_len for S1G (stable-fixes). - wifi: mac80211: fix incorrect type for ret (stable-fixes). - ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes). - commit a203b7e ++++ kernel-rt: - Bluetooth: MGMT: Fix possible UAFs (git-fixes). - Refresh patches.kabi/hci_dev-centralize-extra-lock.patch. - commit 40462f6 - fbcon: Fix OOB access in font allocation (git-fixes). - commit 3d28b38 - platform/x86: lg-laptop: Fix WMAB call in fan_mode_store() (git-fixes). - gpiolib: Extend software-node support to support secondary software-nodes (git-fixes). - drm/panthor: Defer scheduler entitiy destruction to queue release (git-fixes). - fbcon: fix integer overflow in fbcon_do_set_font (git-fixes). - drm/gma500: Fix null dereference in hdmi teardown (git-fixes). - drm/ast: Use msleep instead of mdelay for edid read (git-fixes). - can: peak_usb: fix shift-out-of-bounds issue (git-fixes). - can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes). - can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes). - can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes). - can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes). - Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes). - Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes). - reset: eyeq: fix OF node leak (git-fixes). - firewire: core: fix overlooked update of subsystem ABI version (git-fixes). - ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes). - net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes). - wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes). - wifi: mac80211: increase scan_ies_len for S1G (stable-fixes). - wifi: mac80211: fix incorrect type for ret (stable-fixes). - ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes). - commit a203b7e ------------------------------------------------------------------ ------------------ 2025-9-26 - Sep 26 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes). - commit 1d0bd57 - mm/mremap: fix WARN with uffd that has remap events disabled (CVE-2025-39775 bsc#1249500). - commit ec812cb - kabi: Restore layout of parallel_data (bsc1248343). - commit 3819e36 - padata: Fix pd UAF once and for all (CVE-2025-38584 bsc1248343). - commit 0631965 - x86/CPU/AMD: Add CPUID faulting support (jsc#PED-13704). - commit f69b3f2 - xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (CVE-2025-39797 bsc#1249608). - commit 169508a - xfrm: Duplicate SPI Handling (CVE-2025-39797 bsc#1249608). - commit 05dc0f3 - kernel-source.spec: Depend on python3-base for build Both kernel-binary and kernel-docs already have this dependency. Adding it to kernel-source makes it possible to use python in shared build scripts. - commit 72fdedd - kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522). This excludes the files from the src.rpm. The next step is to remove these files in tar-up so that they do not get uploaded to OBS either. As there is only one version of tar-up these files need to be removed from all kernels. - commit e72b8a2 ++++ kernel-rt: - iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes). - commit 1d0bd57 - mm/mremap: fix WARN with uffd that has remap events disabled (CVE-2025-39775 bsc#1249500). - commit ec812cb - kabi: Restore layout of parallel_data (bsc1248343). - commit 3819e36 - padata: Fix pd UAF once and for all (CVE-2025-38584 bsc1248343). - commit 0631965 - x86/CPU/AMD: Add CPUID faulting support (jsc#PED-13704). - commit f69b3f2 - xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (CVE-2025-39797 bsc#1249608). - commit 169508a - xfrm: Duplicate SPI Handling (CVE-2025-39797 bsc#1249608). - commit 05dc0f3 - kernel-source.spec: Depend on python3-base for build Both kernel-binary and kernel-docs already have this dependency. Adding it to kernel-source makes it possible to use python in shared build scripts. - commit 72fdedd - kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522). This excludes the files from the src.rpm. The next step is to remove these files in tar-up so that they do not get uploaded to OBS either. As there is only one version of tar-up these files need to be removed from all kernels. - commit e72b8a2 ------------------------------------------------------------------ ------------------ 2025-9-25 - Sep 25 2025 ------------------- ------------------------------------------------------------------ ++++ afterburn: - Update to version 5.9.0.git21.a73f509: * docs/release-notes: update for release 5.10.0 * cargo: update dependencies * microsoft/azure: Add XML attribute alias for serde-xml-rs Fedora compat * docs/release-notes: Add entry for Azure SharedConfig XML parsing fix * microsoft/azure: Fix SharedConfig parsing of XML attributes * microsoft/azure: Mock goalstate.SharedConfig output in tests * providers/azure: switch SSH key retrieval from certs endpoint to IMDS as azure stopped providing keys in the old one, fixes bsc#1250471 * build(deps): bump the build group with 8 updates * build(deps): bump slab from 0.4.10 to 0.4.11 * build(deps): bump actions/checkout from 4 to 5 * upcloud: implement UpCloud provider * build(deps): bump the build group with 4 updates * Sync repo templates ⚙ ++++ kernel-default: - rpm: Link arch-symbols script from scripts directory. - commit 90b2abb - mm/rmap: avoid -EBUSY from make_device_exclusive() (CVE-2025-22034 bsc#1241435). - commit 3fde912 - cgroup: llist: avoid memory tears for llist_node (bsc#1247963). - commit c443f2f - mm/rmap: keep mapcount untouched for device-exclusive entries (CVE-2025-22034 bsc#1241435). - commit 1f6e890 - mm/damon: handle device-exclusive entries correctly in damon_folio_mkold_one() (CVE-2025-22034 bsc#1241435). - commit 51352f5 - mm/damon: handle device-exclusive entries correctly in damon_folio_young_one() (CVE-2025-22034 bsc#1241435). - commit ece262f - mm/page_idle: handle device-exclusive entries correctly in page_idle_clear_pte_refs_one() (CVE-2025-22034 bsc#1241435). - commit f9cfa84 - mm/rmap: handle device-exclusive entries correctly in page_vma_mkclean_one() (CVE-2025-22034 bsc#1241435). - commit dfbbdbb - mm/rmap: handle device-exclusive entries correctly in try_to_migrate_one() (CVE-2025-22034 bsc#1241435). - commit 622f2ca - mm/rmap: handle device-exclusive entries correctly in try_to_unmap_one() (CVE-2025-22034 bsc#1241435). - commit 6ce6bcc - mm/ksm: handle device-exclusive entries correctly in write_protect_page() (CVE-2025-22034 bsc#1241435). - commit 36a9f94 - kernel/events/uprobes: handle device-exclusive entries correctly in __replace_page() (CVE-2025-22034 bsc#1241435). - commit 2b51ee2 - mm/page_vma_mapped: device-exclusive entries are not migration entries (CVE-2025-22034 bsc#1241435). - commit 3e96420 - mm: use single SWP_DEVICE_EXCLUSIVE entry type (CVE-2025-22034 bsc#1241435). - commit 4f438a1 - mm/memory: detect writability in restore_exclusive_pte() through can_change_pte_writable() (CVE-2025-22034 bsc#1241435). - commit 2cf7b2d - mm/rmap: implement make_device_exclusive() using folio_walk instead of rmap walk (CVE-2025-22034 bsc#1241435). - commit f6443ef - mm/rmap: convert make_device_exclusive_range() to make_device_exclusive() (CVE-2025-22034 bsc#1241435). - commit a8eb13b - mm/rmap: reject hugetlb folios in folio_make_device_exclusive() (CVE-2025-22034 bsc#1241435). - commit 147fff4 - mm/gup: reject FOLL_SPLIT_PMD with hugetlb VMAs (CVE-2025-22034 bsc#1241435). - commit a005761 ++++ kernel-rt: - rpm: Link arch-symbols script from scripts directory. - commit 90b2abb - mm/rmap: avoid -EBUSY from make_device_exclusive() (CVE-2025-22034 bsc#1241435). - commit 3fde912 - cgroup: llist: avoid memory tears for llist_node (bsc#1247963). - commit c443f2f - mm/rmap: keep mapcount untouched for device-exclusive entries (CVE-2025-22034 bsc#1241435). - commit 1f6e890 - mm/damon: handle device-exclusive entries correctly in damon_folio_mkold_one() (CVE-2025-22034 bsc#1241435). - commit 51352f5 - mm/damon: handle device-exclusive entries correctly in damon_folio_young_one() (CVE-2025-22034 bsc#1241435). - commit ece262f - mm/page_idle: handle device-exclusive entries correctly in page_idle_clear_pte_refs_one() (CVE-2025-22034 bsc#1241435). - commit f9cfa84 - mm/rmap: handle device-exclusive entries correctly in page_vma_mkclean_one() (CVE-2025-22034 bsc#1241435). - commit dfbbdbb - mm/rmap: handle device-exclusive entries correctly in try_to_migrate_one() (CVE-2025-22034 bsc#1241435). - commit 622f2ca - mm/rmap: handle device-exclusive entries correctly in try_to_unmap_one() (CVE-2025-22034 bsc#1241435). - commit 6ce6bcc - mm/ksm: handle device-exclusive entries correctly in write_protect_page() (CVE-2025-22034 bsc#1241435). - commit 36a9f94 - kernel/events/uprobes: handle device-exclusive entries correctly in __replace_page() (CVE-2025-22034 bsc#1241435). - commit 2b51ee2 - mm/page_vma_mapped: device-exclusive entries are not migration entries (CVE-2025-22034 bsc#1241435). - commit 3e96420 - mm: use single SWP_DEVICE_EXCLUSIVE entry type (CVE-2025-22034 bsc#1241435). - commit 4f438a1 - mm/memory: detect writability in restore_exclusive_pte() through can_change_pte_writable() (CVE-2025-22034 bsc#1241435). - commit 2cf7b2d - mm/rmap: implement make_device_exclusive() using folio_walk instead of rmap walk (CVE-2025-22034 bsc#1241435). - commit f6443ef - mm/rmap: convert make_device_exclusive_range() to make_device_exclusive() (CVE-2025-22034 bsc#1241435). - commit a8eb13b - mm/rmap: reject hugetlb folios in folio_make_device_exclusive() (CVE-2025-22034 bsc#1241435). - commit 147fff4 - mm/gup: reject FOLL_SPLIT_PMD with hugetlb VMAs (CVE-2025-22034 bsc#1241435). - commit a005761 ++++ samba: - Disable timeouts for smb.service so that possibly slow running ExecStartPre script 'update-samba-security-profile' doesn't cause service start to fail due to timeouts;(bsc#1249181). - Ensure semanage is pulled in as a requirement when samba in installed when selinux security access mechanism that is used; (bsc#1249180). - don't attempt to label paths that don't exist, also remove unecessary evaluation of semange & restorecon cmds;(bsc#1249179). - Update to 4.22.4 * netr_LogonSamLogonEx returns NR_STATUS_ACCESS_DENIED with SysvolReady=0; (bso#14981). * getpwuid does not shift to new DC when current DC is down; (bso#15844). * Windows security hardening locks out schannel'ed netlogon dc calls like netr_DsRGetDCName-; (bso#15876). * Unresponsive second DC can cause idmapping failure when using idmap_ad-; (bso#15881). * kinit command is failing with Missing cache Error; (bso#15840). * Figuring out the DC name from IP address fails and breaks fork_domain_child(); (bso#15891). * vfs_streams_depot fstatat broken; (bso#15816). * Delayed leader broadcast can block ctdb forever; (bso#15892). * Apparently there is a conflict between shadow_copy2 module and virusfilter (action quarantine); (bso#15663). * Fix handling of empty GPO link; (bso#15877). * SMB ACL inheritance doesn't work for files created; (bso#15880). ++++ nvidia-open-driver-G06-signed: - update to version 580.95.05 (boo#1250536) ++++ qemu: - Fix bsc#1230042: * [openSUSE] rpm/spec: qemu-vgabios is required on ppc (bsc#1230042) ------------------------------------------------------------------ ------------------ 2025-9-24 - Sep 24 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes) - commit d2a13f5 - rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494 CVE-2025-39744) - commit 765c8d9 - rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533 CVE-2025-39749) - commit 5fd1692 - use uniform permission checks for all mount propagation changes (git-fixes). - commit f53ccd0 - rpm: Link guards script from scripts directory. - commit e19a893 - Update patches.suse/netfilter-nf_reject-don-t-leak-dst-refcount-for-loopback-p.patch (git-fixes bsc#1249262 CVE-2025-38732). Update references to include bsc#1249262 and CVE-2025-38732. - commit 760e804 - KVM: x86: use array_index_nospec with indices that come from guest (CVE-2025-39823 bsc#1250002). - commit 6411ad9 - btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540). - commit 84e3cf7 - perf test: Fix a build error in x86 topdown test (git-fixes). - commit 4e90429 ++++ kernel-rt: - rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes) - commit d2a13f5 - rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494 CVE-2025-39744) - commit 765c8d9 - rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533 CVE-2025-39749) - commit 5fd1692 - use uniform permission checks for all mount propagation changes (git-fixes). - commit f53ccd0 - rpm: Link guards script from scripts directory. - commit e19a893 - Update patches.suse/netfilter-nf_reject-don-t-leak-dst-refcount-for-loopback-p.patch (git-fixes bsc#1249262 CVE-2025-38732). Update references to include bsc#1249262 and CVE-2025-38732. - commit 760e804 - KVM: x86: use array_index_nospec with indices that come from guest (CVE-2025-39823 bsc#1250002). - commit 6411ad9 - btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540). - commit 84e3cf7 - perf test: Fix a build error in x86 topdown test (git-fixes). - commit 4e90429 ------------------------------------------------------------------ ------------------ 2025-9-23 - Sep 23 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - add requirement on python3-pcp if pcp is installed bsc#1239759 ++++ grub2: - turn off page flipping for i386-pc using VBE video backend (bsc#1245636) * grub2-i386-pc-no-pageflipping.patch ++++ kernel-default: - nfs/localio: add direct IO enablement with sync and async IO support (git-fixes). - commit 2e09183 - fs/nfs/io: make nfs_start_io_*() killable (git-fixes). - commit da6c18a - nfs/localio: remove extra indirect nfs_to call to check {read,write}_iter (git-fixes). - commit 66b491e - kabi: drop kvm_x86_ops from kabi relevant symbols Since upstream commit dfc4e6ca04113 ("KVM: x86: Unexport kvm_x86_ops") v5.18-rc1~139^2~153 kvm_x86_ops is no longer exported, so it can be dropped from kabi checks. - commit 436eb7a - btrfs: initialize inode::file_extent_tree after i_mode has been set (git-fixes). - commit ba7d857 - btrfs: fix the inode leak in btrfs_iget() (git-fixes). - commit 86df556 - btrfs: fix invalid inode pointer after failure to create reloc inode (git-fixes). - commit 195186f - btrfs: make btrfs_iget_path() return a btrfs inode instead (git-fixes). - commit 5c2fa5a - btrfs: make btrfs_iget() return a btrfs inode instead (git-fixes). - Refresh patches.suse/btrfs-fix-inode-lookup-error-handling-during-log-rep.patch. - commit f577da7 - btrfs: pass a btrfs_inode to fixup_inode_link_count() (git-fixes). - commit 0a542a8 - btrfs: send: remove unnecessary inode lookup at send_encoded_inline_extent() (git-fixes). - commit 4b03a51 - btrfs: use struct btrfs_inode inside btrfs_get_name() (git-fixes). - commit 9e54445 - btrfs: use struct btrfs_inode inside btrfs_get_parent() (git-fixes). - commit f8234ff - btrfs: use struct btrfs_inode inside btrfs_remap_file_range_prep() (git-fixes). - commit 7cd3ceb - btrfs: use struct btrfs_inode inside btrfs_remap_file_range() (git-fixes). - commit 7bd3156 - btrfs: pass struct btrfs_inode to btrfs_extent_same_range() (git-fixes). - commit 7f4ce8b - btrfs: pass struct btrfs_inode to btrfs_double_mmap_unlock() (git-fixes). - commit 6e85b98 - btrfs: pass struct btrfs_inode to btrfs_double_mmap_lock() (git-fixes). - commit 7a41133 - btrfs: pass struct btrfs_inode to clone_copy_inline_extent() (git-fixes). - commit c5e9fe5 - btrfs: props: switch prop_handler::extract to struct btrfs_inode (git-fixes). - commit c7faedf - btrfs: props: switch prop_handler::apply to struct btrfs_inode (git-fixes). - commit a007bab - btrfs: pass struct btrfs_inode to btrfs_inode_inherit_props() (git-fixes). - commit da6d69a - btrfs: pass struct btrfs_inode to btrfs_load_inode_props() (git-fixes). - commit 0b464f7 - btrfs: pass struct btrfs_inode to btrfs_fill_inode() (git-fixes). - commit 3bafa62 - btrfs: pass struct btrfs_inode to fill_stack_inode_item() (git-fixes). - commit 74968ef - btrfs: use struct btrfs_inode inside create_pending_snapshot() (git-fixes). - commit eb860e0 - btrfs: pass struct btrfs_inode to btrfs_defrag_file() (git-fixes). - commit 66d00cf - btrfs: pass struct btrfs_inode to btrfs_inode_type() (git-fixes). - commit 0cf8d55 - btrfs: pass struct btrfs_inode to new_simple_dir() (git-fixes). - commit d0fd694 - btrfs: pass struct btrfs_inode to btrfs_iget_locked() (git-fixes). - commit abfb73d - btrfs: pass struct btrfs_inode to btrfs_read_locked_inode() (git-fixes). - commit 7580ad2 - btrfs: pass struct btrfs_inode to extent_range_clear_dirty_for_io() (git-fixes). - commit 5bffc21 - btrfs: pass struct btrfs_inode to can_nocow_extent() (git-fixes). - commit 3883a42 - btrfs: unify ordering of btrfs_key initializations (git-fixes). - Refresh patches.suse/btrfs-simplify-error-detection-flow-during-log-repla.patch. - commit 33fd53f - btrfs: add assertions and comment about path expectations to btrfs_cross_ref_exist() (git-fixes). - commit 00d3657 - btrfs: add function comment for check_committed_ref() (git-fixes). - commit e6f6ede - btrfs: simplify arguments for btrfs_cross_ref_exist() (git-fixes). - commit 95ec2cf - btrfs: simplify return logic at check_committed_ref() (git-fixes). - commit 13f3e6d - btrfs: avoid redundant call to get inline ref type at check_committed_ref() (git-fixes). - commit 4676cb7 - btrfs: remove the snapshot check from check_committed_ref() (git-fixes). - commit 8aa9a59 - btrfs: remove no longer needed strict argument from can_nocow_extent() (git-fixes). - commit c8b943a - btrfs: remove conditional path allocation in btrfs_read_locked_inode() (git-fixes). - commit 653c0e7 - btrfs: push cleanup into btrfs_read_locked_inode() (git-fixes). - commit 7e4da3e - btrfs: use filemap_get_folio() helper (git-fixes). - Refresh patches.suse/btrfs-remove-the-unused-locked_folio-parameter-from-.patch. - commit 28ed9e4 - IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes) - commit 8085078 - btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes). - commit 0cdf433 - btrfs: fix corruption reading compressed range when block size is smaller than page size (git-fixes). - commit cbb42db ++++ kernel-rt: - nfs/localio: add direct IO enablement with sync and async IO support (git-fixes). - commit 2e09183 - fs/nfs/io: make nfs_start_io_*() killable (git-fixes). - commit da6c18a - nfs/localio: remove extra indirect nfs_to call to check {read,write}_iter (git-fixes). - commit 66b491e - kabi: drop kvm_x86_ops from kabi relevant symbols Since upstream commit dfc4e6ca04113 ("KVM: x86: Unexport kvm_x86_ops") v5.18-rc1~139^2~153 kvm_x86_ops is no longer exported, so it can be dropped from kabi checks. - commit 436eb7a - btrfs: initialize inode::file_extent_tree after i_mode has been set (git-fixes). - commit ba7d857 - btrfs: fix the inode leak in btrfs_iget() (git-fixes). - commit 86df556 - btrfs: fix invalid inode pointer after failure to create reloc inode (git-fixes). - commit 195186f - btrfs: make btrfs_iget_path() return a btrfs inode instead (git-fixes). - commit 5c2fa5a - btrfs: make btrfs_iget() return a btrfs inode instead (git-fixes). - Refresh patches.suse/btrfs-fix-inode-lookup-error-handling-during-log-rep.patch. - commit f577da7 - btrfs: pass a btrfs_inode to fixup_inode_link_count() (git-fixes). - commit 0a542a8 - btrfs: send: remove unnecessary inode lookup at send_encoded_inline_extent() (git-fixes). - commit 4b03a51 - btrfs: use struct btrfs_inode inside btrfs_get_name() (git-fixes). - commit 9e54445 - btrfs: use struct btrfs_inode inside btrfs_get_parent() (git-fixes). - commit f8234ff - btrfs: use struct btrfs_inode inside btrfs_remap_file_range_prep() (git-fixes). - commit 7cd3ceb - btrfs: use struct btrfs_inode inside btrfs_remap_file_range() (git-fixes). - commit 7bd3156 - btrfs: pass struct btrfs_inode to btrfs_extent_same_range() (git-fixes). - commit 7f4ce8b - btrfs: pass struct btrfs_inode to btrfs_double_mmap_unlock() (git-fixes). - commit 6e85b98 - btrfs: pass struct btrfs_inode to btrfs_double_mmap_lock() (git-fixes). - commit 7a41133 - btrfs: pass struct btrfs_inode to clone_copy_inline_extent() (git-fixes). - commit c5e9fe5 - btrfs: props: switch prop_handler::extract to struct btrfs_inode (git-fixes). - commit c7faedf - btrfs: props: switch prop_handler::apply to struct btrfs_inode (git-fixes). - commit a007bab - btrfs: pass struct btrfs_inode to btrfs_inode_inherit_props() (git-fixes). - commit da6d69a - btrfs: pass struct btrfs_inode to btrfs_load_inode_props() (git-fixes). - commit 0b464f7 - btrfs: pass struct btrfs_inode to btrfs_fill_inode() (git-fixes). - commit 3bafa62 - btrfs: pass struct btrfs_inode to fill_stack_inode_item() (git-fixes). - commit 74968ef - btrfs: use struct btrfs_inode inside create_pending_snapshot() (git-fixes). - commit eb860e0 - btrfs: pass struct btrfs_inode to btrfs_defrag_file() (git-fixes). - commit 66d00cf - btrfs: pass struct btrfs_inode to btrfs_inode_type() (git-fixes). - commit 0cf8d55 - btrfs: pass struct btrfs_inode to new_simple_dir() (git-fixes). - commit d0fd694 - btrfs: pass struct btrfs_inode to btrfs_iget_locked() (git-fixes). - commit abfb73d - btrfs: pass struct btrfs_inode to btrfs_read_locked_inode() (git-fixes). - commit 7580ad2 - btrfs: pass struct btrfs_inode to extent_range_clear_dirty_for_io() (git-fixes). - commit 5bffc21 - btrfs: pass struct btrfs_inode to can_nocow_extent() (git-fixes). - commit 3883a42 - btrfs: unify ordering of btrfs_key initializations (git-fixes). - Refresh patches.suse/btrfs-simplify-error-detection-flow-during-log-repla.patch. - commit 33fd53f - btrfs: add assertions and comment about path expectations to btrfs_cross_ref_exist() (git-fixes). - commit 00d3657 - btrfs: add function comment for check_committed_ref() (git-fixes). - commit e6f6ede - btrfs: simplify arguments for btrfs_cross_ref_exist() (git-fixes). - commit 95ec2cf - btrfs: simplify return logic at check_committed_ref() (git-fixes). - commit 13f3e6d - btrfs: avoid redundant call to get inline ref type at check_committed_ref() (git-fixes). - commit 4676cb7 - btrfs: remove the snapshot check from check_committed_ref() (git-fixes). - commit 8aa9a59 - btrfs: remove no longer needed strict argument from can_nocow_extent() (git-fixes). - commit c8b943a - btrfs: remove conditional path allocation in btrfs_read_locked_inode() (git-fixes). - commit 653c0e7 - btrfs: push cleanup into btrfs_read_locked_inode() (git-fixes). - commit 7e4da3e - btrfs: use filemap_get_folio() helper (git-fixes). - Refresh patches.suse/btrfs-remove-the-unused-locked_folio-parameter-from-.patch. - commit 28ed9e4 - IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes) - commit 8085078 - btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes). - commit 0cdf433 - btrfs: fix corruption reading compressed range when block size is smaller than page size (git-fixes). - commit cbb42db ++++ open-vm-tools: - Fix (bsc#1250373 (CVE-2025-41244) - VUL-0: contains a local privilege escalation vulnerability. + Add patch: - CVE-2025-41244-1240-1300-SDMP.patch ++++ nvidia-open-driver-G06-signed: - get rid of multiversion for the KMPs, since it only brought/brings us trouble and no benefit at all (jsc#PED-12049) * remove any ^Conflicts and ^Provides: multiversion from /usr/lib/rpm/kernel-module-subpackage * set INSTALL_MOD_DIR back to %{kernel_module_package_moddir}, i.e. updates/ subdir ++++ ovmf: - Add backported patch to enable iSCSI boot support by default (bsc#1245454) - ovmf-OvmfPkg-Add-NETWORK_ISCSI_DEFAULT_ENABLE-build-flag.patch 502f0dfda4 OvmfPkg: Add NETWORK_ISCSI_DEFAULT_ENABLE build flag - Add build flag NETWORK_ISCSI_DEFAULT_ENABLE for x64 OVMF to enable iSCSI boot support by default ++++ zypper: - Fixed `bash-completion`: `zypper refresh` now ignores repository priority lines. - Changes to support building against restructured libzypp in stack build (bsc#1230267) - version 1.14.94 ------------------------------------------------------------------ ------------------ 2025-9-22 - Sep 22 2025 ------------------- ------------------------------------------------------------------ ++++ NetworkManager: - Move dispatcher.d/pre-up.d/90-nm-cloud-setup.sh to cloud-setup subpackage(bsc#1250086). ++++ grub2: - Fix boot hangs in setting up serial console when ACPI SPCR table is present and redirection is disabled (bsc#1249088) * 0001-term-ns8250-spcr-Return-if-redirection-is-disabled.patch ++++ kernel-default: - io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths (CVE-2025-39816 bsc#1249906). - commit 5f1b3b6 - perf bpf-utils: Harden get_bpf_prog_info_linear (git-fixes). - perf bpf-utils: Constify bpil_array_desc (git-fixes). - perf bpf-event: Fix use-after-free in synthesis (git-fixes). - perf symbol-minimal: Fix ehdr reading in filename__read_build_id (git-fixes). - perf record: Cache build-ID of hit DSOs only (git-fixes). - perf tools: Remove libtraceevent in .gitignore (git-fixes). - perf topdown: Use attribute to see an event is a topdown metic or slots (git-fixes). - perf hwmon_pmu: Avoid shortening hwmon PMU name (git-fixes). - perf tests bp_account: Fix leaked file descriptor (git-fixes). - perf sched: Fix memory leaks in 'perf sched latency' (git-fixes). - perf sched: Use RC_CHK_EQUAL() to compare pointers (git-fixes). - perf sched: Fix memory leaks for evsel->priv in timehist (git-fixes). - perf sched: Fix thread leaks in 'perf sched timehist' (git-fixes). - perf sched: Fix memory leaks in 'perf sched map' (git-fixes). - perf sched: Free thread->priv using priv_destructor (git-fixes). - perf sched: Make sure it frees the usage string (git-fixes). - perf dso: Add missed dso__put to dso__load_kcore (git-fixes). - perf parse-events: Set default GH modifier properly (git-fixes). - perf trace: Remove --map-dump documentation (git-fixes). - commit ab29dec - kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963). - commit 4968d41 - cgroup: remove per-cpu per-subsystem locks (bsc#1247963). - cgroup: make css_rstat_updated nmi safe (bsc#1247963). - cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963). - commit 8bebd47 - KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes). - commit 3e87b0e - Refresh patches.suse/net-usb-qmi_wwan-add-Telit-Cinterion-LE910C4-WWX-new.patch. Adding alt commit ID - commit 620e1f8 - Refresh patches.suse/net-usb-qmi_wwan-add-Telit-Cinterion-FN990A-w-audio-.patch. Add alt commit ID - commit ce1eebe - KVM: arm64: Mark freed S2 MMUs as invalid (git-fixes). - commit 7df42be ++++ kernel-rt: - io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths (CVE-2025-39816 bsc#1249906). - commit 5f1b3b6 - perf bpf-utils: Harden get_bpf_prog_info_linear (git-fixes). - perf bpf-utils: Constify bpil_array_desc (git-fixes). - perf bpf-event: Fix use-after-free in synthesis (git-fixes). - perf symbol-minimal: Fix ehdr reading in filename__read_build_id (git-fixes). - perf record: Cache build-ID of hit DSOs only (git-fixes). - perf tools: Remove libtraceevent in .gitignore (git-fixes). - perf topdown: Use attribute to see an event is a topdown metic or slots (git-fixes). - perf hwmon_pmu: Avoid shortening hwmon PMU name (git-fixes). - perf tests bp_account: Fix leaked file descriptor (git-fixes). - perf sched: Fix memory leaks in 'perf sched latency' (git-fixes). - perf sched: Use RC_CHK_EQUAL() to compare pointers (git-fixes). - perf sched: Fix memory leaks for evsel->priv in timehist (git-fixes). - perf sched: Fix thread leaks in 'perf sched timehist' (git-fixes). - perf sched: Fix memory leaks in 'perf sched map' (git-fixes). - perf sched: Free thread->priv using priv_destructor (git-fixes). - perf sched: Make sure it frees the usage string (git-fixes). - perf dso: Add missed dso__put to dso__load_kcore (git-fixes). - perf parse-events: Set default GH modifier properly (git-fixes). - perf trace: Remove --map-dump documentation (git-fixes). - commit ab29dec - kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963). - commit 4968d41 - cgroup: remove per-cpu per-subsystem locks (bsc#1247963). - cgroup: make css_rstat_updated nmi safe (bsc#1247963). - cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963). - commit 8bebd47 - KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes). - commit 3e87b0e - Refresh patches.suse/net-usb-qmi_wwan-add-Telit-Cinterion-LE910C4-WWX-new.patch. Adding alt commit ID - commit 620e1f8 - Refresh patches.suse/net-usb-qmi_wwan-add-Telit-Cinterion-FN990A-w-audio-.patch. Add alt commit ID - commit ce1eebe - KVM: arm64: Mark freed S2 MMUs as invalid (git-fixes). - commit 7df42be ++++ python313-core: - Drop AppStream: this results in a different cycle than appstream-glib. As the appdata.xml is controlled by ourselves, we can get away with just manually validating it when changing it. ++++ libzypp: - runposttrans: strip root prefix from tmppath (bsc#1250343) - fixup! Make ld.so ignore the subarch packages during install (bsc#1246912) - version 17.37.18 (35) ++++ python313: - Drop AppStream: this results in a different cycle than appstream-glib. As the appdata.xml is controlled by ourselves, we can get away with just manually validating it when changing it. ++++ ucode-intel: - switch the supplements to use supplements + kernel to allow moving a installation to Intel hardware (bsc#1249138) ------------------------------------------------------------------ ------------------ 2025-9-20 - Sep 20 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - NFSv4/flexfiles: Fix layout merge mirror check (git-fixes). - commit d3e4ea4 - SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes). - commit e20ec8c - Revert "SUNRPC: Don't allow waiting for exiting tasks" (git-fixes). - commit d3bd385 - NFS: nfs_invalidate_folio() must observe the offset and size arguments (git-fixes). - commit 3067280 - flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes). - commit fba14d9 - NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes). - commit 59365a8 - NFSv4: Clear NFS_CAP_OPEN_XOR and NFS_CAP_DELEGTIME if not supported (git-fixes). - commit 1bfae45 - NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes). - commit 36a8789 - NFSv4: Don't clear capabilities that won't be reset (git-fixes). - commit e82d989 - xfs: fix scrub trace with null pointer in quotacheck (git-fixes). - commit df9ef9b - Delete patches.suse/drm-amd-display-Optimize-cursor-position-updates.patch (git-fixes) reverted in the upstream - commit fb65ee4 - mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes). - crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes). - ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes). - ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes). - ASoC: Intel: catpt: Expose correct bit depth to userspace (git-fixes). - ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes). - ASoC: wm8974: Correct PLL rate rounding (git-fixes). - ASoC: wm8940: Correct typo in control name (git-fixes). - ASoC: wm8940: Correct PLL rate rounding (git-fixes). - ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes). - ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes). - ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes). - drm/amd/display: Allow RX6xxx & RX7700 to invoke amdgpu_irq_get/put (git-fixes). - drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() (git-fixes). - drm/xe/tile: Release kobject for the failure path (git-fixes). - drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes). - drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes). - USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes). - USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes). - Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes). - Input: iqs7222 - avoid enabling unused interrupts (stable-fixes). - drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes). - drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes). - compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes). - i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes). - commit 65f2bb8 ++++ kernel-rt: - NFSv4/flexfiles: Fix layout merge mirror check (git-fixes). - commit d3e4ea4 - SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes). - commit e20ec8c - Revert "SUNRPC: Don't allow waiting for exiting tasks" (git-fixes). - commit d3bd385 - NFS: nfs_invalidate_folio() must observe the offset and size arguments (git-fixes). - commit 3067280 - flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes). - commit fba14d9 - NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes). - commit 59365a8 - NFSv4: Clear NFS_CAP_OPEN_XOR and NFS_CAP_DELEGTIME if not supported (git-fixes). - commit 1bfae45 - NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes). - commit 36a8789 - NFSv4: Don't clear capabilities that won't be reset (git-fixes). - commit e82d989 - xfs: fix scrub trace with null pointer in quotacheck (git-fixes). - commit df9ef9b - Delete patches.suse/drm-amd-display-Optimize-cursor-position-updates.patch (git-fixes) reverted in the upstream - commit fb65ee4 - mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes). - crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes). - ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes). - ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes). - ASoC: Intel: catpt: Expose correct bit depth to userspace (git-fixes). - ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes). - ASoC: wm8974: Correct PLL rate rounding (git-fixes). - ASoC: wm8940: Correct typo in control name (git-fixes). - ASoC: wm8940: Correct PLL rate rounding (git-fixes). - ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes). - ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes). - ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes). - drm/amd/display: Allow RX6xxx & RX7700 to invoke amdgpu_irq_get/put (git-fixes). - drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() (git-fixes). - drm/xe/tile: Release kobject for the failure path (git-fixes). - drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes). - drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes). - USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes). - USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes). - Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes). - Input: iqs7222 - avoid enabling unused interrupts (stable-fixes). - drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes). - drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes). - compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes). - i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes). - commit 65f2bb8 ------------------------------------------------------------------ ------------------ 2025-9-19 - Sep 19 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: fix invalid extref key setup when replaying dentry (git-fixes). - commit d3ba0e7 - mm/memory-failure: fix redundant updates for already poisoned pages (bsc#1250087). - commit 2742d4a - KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250123). - KVM: s390: Fix access to unavailable adapter indicator pages during postcopy (git-fixes bsc#1250124). - commit 4b89509 - kabi: hide new member allow_subflows in struct mptcp_sock (CVE-2025-38491 bsc#1247280). - commit 0d82424 - mptcp: plug races between subflow fail and subflow creation (CVE-2025-38491 bsc#1247280). - Refresh patches.kabi/kabi-hide-new-member-fallback_lock-in-struct-mptcp_s.patch. - commit 7b433f3 - Update patches.kabi/kabi-hide-new-member-fallback_lock-in-struct-mptcp_s.patch. Original kABI workaround relied on the fact that struct mptcp has a 4-byte padding which the new member fallback_lock (of type spinlock_t) can fit into. Unfortunately this is not true in realtime builds where spinlock_t is 32 bytes long. Thankfully we do not have to preserve the length of struct mptcp_sock as explained in the patch commit message. - commit 7542a84 - gfs2: Validate i_depth for exhash directories (bsc#1249201 CVE-2025-38710). - commit 1cd54df ++++ kernel-rt: - btrfs: fix invalid extref key setup when replaying dentry (git-fixes). - commit d3ba0e7 - mm/memory-failure: fix redundant updates for already poisoned pages (bsc#1250087). - commit 2742d4a - KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250123). - KVM: s390: Fix access to unavailable adapter indicator pages during postcopy (git-fixes bsc#1250124). - commit 4b89509 - kabi: hide new member allow_subflows in struct mptcp_sock (CVE-2025-38491 bsc#1247280). - commit 0d82424 - mptcp: plug races between subflow fail and subflow creation (CVE-2025-38491 bsc#1247280). - Refresh patches.kabi/kabi-hide-new-member-fallback_lock-in-struct-mptcp_s.patch. - commit 7b433f3 - Update patches.kabi/kabi-hide-new-member-fallback_lock-in-struct-mptcp_s.patch. Original kABI workaround relied on the fact that struct mptcp has a 4-byte padding which the new member fallback_lock (of type spinlock_t) can fit into. Unfortunately this is not true in realtime builds where spinlock_t is 32 bytes long. Thankfully we do not have to preserve the length of struct mptcp_sock as explained in the patch commit message. - commit 7542a84 - gfs2: Validate i_depth for exhash directories (bsc#1249201 CVE-2025-38710). - commit 1cd54df ++++ read-only-root-fs: - Add additional check in %post to prevent generating the btrfs /etc subvolume during a KIWI run [bsc#1250133] [gh#openSUSE/read-only-root-fs#27] ------------------------------------------------------------------ ------------------ 2025-9-18 - Sep 18 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Rewrite hide-pcp.patch to apply to SLFO based versions of micro ++++ kernel-default: - Refresh patches.kabi/kabi-hide-new-member-allow_subflows-in-struct-mptcp_.patch - Refresh patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch Automated edit git grep -l static_assert patches.kabi/ | xargs sed -i '/^+/s/static_assert/suse_kabi_static_assert/' plus modified guards in kabi-hide-new-member-allow_subflows-in-struct-mptcp_.patch. - commit ee20154 - Revert "Refresh patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch" This reverts commit e7bb4bfabf763f6feebe9b971c01a1746b67afc6. - commit d1ce41e - Update config files. (bsc#1249186) Enable where we define KABI refs + rely on Kconfig deps. - commit 2bf74df - Update config files. Run run_oldconfig. Re-unset CONFIG_DRM_MSM_VALIDATE_XML, disappeared in 9ca53363a24bc40dd0bda686354dfa6687847f48. - commit 269a088 - jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526 CVE-2025-39782). - commit 7f18cbf - ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258 CVE-2025-38701). - commit 364a60b - loop: Avoid updating block size under exclusive owner (bsc#1249199 CVE-2025-38709). - commit 4262a77 - eventpoll: Fix semi-unbounded recursion (bsc#1248392 CVE-2025-38614). - commit 7646f9d - fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374 CVE-2025-39691). - commit 632fdc7 - net: bridge: fix soft lockup in br_multicast_query_expired() (CVE-2025-39773 bsc#1249504). - commit 69dfa3b ++++ kernel-rt: - Refresh patches.kabi/kabi-hide-new-member-allow_subflows-in-struct-mptcp_.patch - Refresh patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch Automated edit git grep -l static_assert patches.kabi/ | xargs sed -i '/^+/s/static_assert/suse_kabi_static_assert/' plus modified guards in kabi-hide-new-member-allow_subflows-in-struct-mptcp_.patch. - commit ee20154 - Revert "Refresh patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch" This reverts commit e7bb4bfabf763f6feebe9b971c01a1746b67afc6. - commit d1ce41e - Update config files. (bsc#1249186) Enable where we define KABI refs + rely on Kconfig deps. - commit 2bf74df - Update config files. Run run_oldconfig. Re-unset CONFIG_DRM_MSM_VALIDATE_XML, disappeared in 9ca53363a24bc40dd0bda686354dfa6687847f48. - commit 269a088 - jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526 CVE-2025-39782). - commit 7f18cbf - ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258 CVE-2025-38701). - commit 364a60b - loop: Avoid updating block size under exclusive owner (bsc#1249199 CVE-2025-38709). - commit 4262a77 - eventpoll: Fix semi-unbounded recursion (bsc#1248392 CVE-2025-38614). - commit 7646f9d - fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374 CVE-2025-39691). - commit 632fdc7 - net: bridge: fix soft lockup in br_multicast_query_expired() (CVE-2025-39773 bsc#1249504). - commit 69dfa3b ++++ python313-core: - Require AppStream to validate appdata file instead of deprecated appstream-glib. - Update idle3.appdata.xml to pass the more pedantic appstreamcli. ++++ tiff: - Update to 4.7.1: Software configuration changes: * Define HAVE_JPEGTURBO_DUAL_MODE_8_12 and LERC_STATIC in tif_config.h. * CMake: define WORDS_BIGENDIAN via tif_config.h * doc/CMakeLists.txt: remove useless cmake_minimum_required() * CMake: fix build with LLVM/Clang 17 (fixes issue #651) * CMake: set CMP0074 new policy * Set LINKER_LANGUAGE for C targets with C deps * Export tiffxx cmake target (fixes issue #674) * autogen.sh: Enable verbose wget. * configure.ac: Syntax updates for Autoconf 2.71 * autogen.sh: Re-implement based on autoreconf. Failure to update config.guess/config.sub does not return error (fixes issue #672) * CMake: fix CMake 4.0 warning when minimum required version is < 3.10. * CMake: Add build option tiff-static (fixes issue #709) Library changes: * Add TIFFOpenOptionsSetWarnAboutUnknownTags() for explicit control about emitting warnings for unknown tags. No longer emit warnings about unknown tags by default * tif_predict.c: speed-up decompression in some cases. Bug fixes: * tif_fax3: For fax group 3 data if no EOL is detected, reading is retried without synchronisation for EOLs. (fixes issue #54) * Updating TIFFMergeFieldInfo() with read_count=write_count=0 for FIELD_IGNORE. Updating TIFFMergeFieldInfo() with read_count=write_count=0 for FIELD_IGNORE. Improving handling when field_name = NULL. (fixes issue #532) * tiff.h: add COMPRESSION_JXL_DNG_1_7=52546 as used for JPEGXL compression in the DNG 1.7 specification * TIFFWriteDirectorySec: Increment string length for ASCII tags for codec tags defined with FIELD_xxx bits, as it is done for FIELD_CUSTOM tags. (fixes issue #648) * Do not error out on a tag whose tag count value is zero, just issue a warning. Fix parsing a private tag 0x80a6 (fixes issue #647) * TIFFDefaultTransferFunction(): give up beyond td_bitspersample = 24 Fixes https://github.com/OSGeo/gdal/issues/10875) * tif_getimage.c: Remove unnecessary calls to TIFFRGBAImageOK() (fixes issue #175) * Fix writing a Predictor=3 file with non-native endianness * _TIFFVSetField(): fix potential use of unallocated memory (out-of-bounds * read / nullptr dereference) in case of out-of-memory situation when dealing with custom tags (fixes issue #663) * tif_fax3.c: Error out for CCITT fax encoding if SamplesPerPixel is not equal 1 and PlanarConfiguration = Contiguous (fixes issue #26) * tif_fax3.c: error out after a number of times end-of-line or unexpected bad code words have been reached. (fixes issue #670) * Fix memory leak in TIFFSetupStrips() (fixes issue #665) * tif_zip.c: Provide zlib allocation functions. Otherwise for zlib built with - DZ_SOLO inflating will fail. * Fix memory leak in _TIFFSetDefaultCompressionState. (fixes issue #676) * tif_predict.c: Don’t overwrite input buffer of TIFFWriteScanline() if "prediction" is enabled. Use extra working buffer in PredictorEncodeRow(). (fixes issue #5) * tif_getimage.c: update some integer overflow checks (fixes issue #79) * tif_getimage.c: Fix buffer underflow crash for less raster rows at TIFFReadRGBAImageOriented() (fixes issue #704, bsc#1250413, CVE-2025-9900) * TIFFReadRGBAImage(): several fixes to avoid buffer overflows. * Correct passing arguments to TIFFCvtIEEEFloatToNative() and TIFFCvtIEEEDoubleToNative() if HAVE_IEEEFP is not defined. (fixes issue #699) * LZWDecode(): avoid nullptr dereference when trying to read again after EOI marker has been found with remaining output bytes (fixes issue #698) * TIFFSetSubDirectory(): check _TIFFCheckDirNumberAndOffset() return. * TIFFUnlinkDirectory() and TIFFWriteDirectorySec(): clear tif_rawcp when clearing tif_rawdata (fixes issue #711) * JPEGEncodeRaw(): error out if a previous scanline failed to be written, to avoid out-of-bounds access (fixes issue #714) * tif_jpeg: Fix bug in JPEGDecodeRaw() if JPEG_LIB_MK1_OR_12BIT is defined for 8/12bit dual mode, introduced in libjpeg-turbo 2.2, which was actually released as 3.0. Fixes issue #717 * add assert for TIFFReadCustomDirectory infoarray check. * ppm2tiff: Fix bug in pack_words trailing bytes, where last two bytes of each line were written wrongly. (fixes issue #467) * fax2ps: fix regression of commit 28c38d648b64a66c3218778c4745225fe3e3a06d where TIFFTAG_FAXFILLFUNC is being used rather than an output buffer (fixes issue #649) * tiff2pdf: Check TIFFTAG_TILELENGTH and TIFFTAGTILEWIDTH (fixes issue #650) * tiff2pdf: check h_samp and v_samp for range 1 to 4 to avoid division by zero. Fixes issue #654 * tiff2pdf: avoid null pointer dereference. (fixes issue #741) * Improve non-secure integer overflow check (comparison of division result with multiplicant) at compiler optimisation in tiffcp, rgb2ycbcr and tiff2rgba. Fixes issue #546 * tiff2rgba: fix some "a partial expression can generate an overflow before it is assigned to a broader type" warnings. (fixes issue #682) * tiffdither/tiffmedian: Don't skip the first line of the input image. (fixes issue #703) * tiffdither: avoid out-of-bounds read identified in issue #733 * tiffmedian: error out if TIFFReadScanline() fails (fixes issue #707) * tiffmedian: close input file. (fixes issue #735) * thumbail: avoid potential out of bounds access (fixes issue #715) * tiffcrop: close open TIFF files and release allocated buffers before exiting in case of error to avoid memory leaks. (fixes issue #716) * tiffcrop: fix double-free and memory leak exposed by issue #721 * tiffcrop: avoid buffer overflow. (fixes issue #740) * tiffcrop: avoid nullptr dereference. (fixes issue #734) * tiffdump: Fix coverity scan issue CID 1373365: Passing tainted expression *datamem to PrintData, which uses it as a divisor or modulus. * tiff2ps: check return of TIFFGetFiled() for TIFFTAG_STRIPBYTECOUNTS and TIFFTAG_TILEBYTECOUNTS to avoid NULL pointer dereference. (fixes issue #718) * tiffcmp: fix memory leak when second file cannot be opened. (fixes issue #718 and issue #729) * tiffcp: fix setting compression level for lossless codecs. (fixes issue #730) * raw2tiff: close input file before exit (fixes issue #742) Tools changes: * tiffinfo: add a -W switch to warn about unknown tags. * tiffdither: process all pages in input TIFF file. Documentation: * TIFFRGBAImage.rst note added for incorrect saving of images with TIFF orientation from 5 (LeftTop) to 8 (LeftBottom) in the raster. * TIFFRGBAImage.rst note added about un-associated alpha handling (fixes issue #67) * Update "Defining New TIFF Tags" description. (fixes issue #642) * Fix return type of TIFFReadEncodedTile() * Update the documentation to reflect deprecated typedefs. * TIFFWriteDirectory.rst: Clarify TIFFSetWriteOffset() only sets offset for image data and not for IFD data. * Update documentation on re-entrancy and thread safety. * Remove dead links to no more existing Awaresystems web-site. * Updating BigTIFF specification and some miscelaneous editions. * Replace some last links and remove last todos. * Added hints for correct allocation of TIFFYCbCrtoRGB structure and its associated buffers. (fixes issue #681) * Added chapter to "Using the TIFF Library" with links to handling multi-page TIFF and custom directories. (fixes issue #43) * update TIFFOpen.rst with the return values of mapproc and unmapproc. (fixes issue #12) - Drop upstreamed patches: * tiff-4.7.0-test_directory.patch * tiff-CVE-2025-8176.patch * tiff-CVE-2025-8177.patch * tiff-4.7.0-bsc1243503.patch * tiff-CVE-2025-8534.patch * tiff-CVE-2025-9165.patch * tiff-CVE-2024-13978.patch * tiff-CVE-2025-8961.patch ++++ python313: - Require AppStream to validate appdata file instead of deprecated appstream-glib. - Update idle3.appdata.xml to pass the more pedantic appstreamcli. ------------------------------------------------------------------ ------------------ 2025-9-17 - Sep 17 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit-machines: - Don't set UEFI as default firmware for ppc64le and s390x * Fixes bsc#1249828 and bsc#1249830 ++++ cups: - Version upgrade to 2.4.14: See https://github.com/openprinting/cups/releases The hotfix release brings fix for installation process of localized templates and CUPS web UI home pages. - Version upgrade to 2.4.13: See https://github.com/openprinting/cups/releases The release 2.4.13 brings two CVE fixes fix for important CVE-2025-58060 "Authentication bypass with AuthType Negotiate" (bsc#1249049) and fix for moderate CVE-2025-58364 "Remote DoS via null dereference" (bsc#1249128) together with several bug fixes. The release includes a new feature - new attribute for printer and job objects - print-as-raster - which allows enforce rasterization of the file for IPP Everywhere/AirPrint printers, which supports PDF and raster document formats. The feature is useful for working around internal PDF issues in the printer firmware, for example missing diacritic when printing a PDF. Detailed list (from CHANGES.md): * Blocked authentication using alternate methods in cupsd (CVE-2025-58060) * Fixed extension tag handling in 'ipp_read_io()' in libcups (CVE-2025-58364) * Added 'print-as-raster' printer and job attributes for forcing rasterization (Issue #1282) * Updated documentation (Issue #1086) * Updated IPP backend to try a sanitized user name if the printer/server does not like the value (Issue #1145) * Updated the scheduler to send the "printer-added" or "printer-modified" events whenever an IPP Everywhere PPD is installed (Issue #1244) * Updated the scheduler to send the "printer-modified" event whenever the system default printer is changed (Issue #1246) * Fixed a memory leak in 'httpClose' (Issue #1223) * Fixed missing commas in 'ippCreateRequestedArray' (Issue #1234) * Fixed subscription issues in the scheduler and D-Bus notifier (Issue #1235) * Fixed media-default reporting for custom sizes (Issue #1238) * Fixed support for IPP/PPD options with periods or underscores (Issue #1249) * Fixed parsing of real numbers in PPD compiler source files (Issue #1263) * Fixed scheduler freezing with zombie clients (Issue #1264) * Fixed support for the server name in the ErrorLog filename (Issue #1277) * Fixed job cleanup after daemon restart (Issue #1315) * Fixed handling of buggy DYMO USB printer serial numbers (Issue #1338) * Fixed unreachable block in IPP backend (Issue #1351) * Fixed memory leak in _cupsConvertOptions (Issue #1354) Issues are those at https://github.com/OpenPrinting/cups/issues - Adapted downgrade-autoconf-requirement.patch for CUPS 2.4.14 ++++ kernel-default: - rpm/config.sh: SLFO 1.2 is now synced to OBS as well - commit a1cec7e - ACPI: RISC-V: Fix FFH_CPPC_CSR error handling (git-fixes). - commit 29541f6 - ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path (stable-fixes). - commit 3cb3b40 - io_uring/net: commit partial buffers on retry (CVE-2025-38730 bsc#1249172). - commit 6c3c764 - io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1249322 CVE-2025-39698). - commit 6b74cde - userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry (CVE-2025-38686 bsc#1249160). - commit a942b8d - kABI: netfs: handle new netfs_io_stream flag (bsc#1249314 CVE-2025-39723). - commit b79d24b - btrfs: fix subvolume deletion lockup caused by inodes xarray race (git-fixes). - commit d8d3b1e - btrfs: fix squota compressed stats leak (git-fixes). - commit f4489c7 - btrfs: fix wrong length parameter for btrfs_cleanup_ordered_extents() (git-fixes). - commit 73f12d4 - netfs: Fix unbuffered write error handling (stable-fixes bsc#1249314 CVE-2025-39723). - commit de949a4 - ppp: fix race conditions in ppp_fill_forward_path (CVE-2025-39673 bsc#1249320). - commit 835095c ++++ kernel-rt: - rpm/config.sh: SLFO 1.2 is now synced to OBS as well - commit a1cec7e - ACPI: RISC-V: Fix FFH_CPPC_CSR error handling (git-fixes). - commit 29541f6 - ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path (stable-fixes). - commit 3cb3b40 - io_uring/net: commit partial buffers on retry (CVE-2025-38730 bsc#1249172). - commit 6c3c764 - io_uring/futex: ensure io_futex_wait() cleans up properly on failure (bsc#1249322 CVE-2025-39698). - commit 6b74cde - userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry (CVE-2025-38686 bsc#1249160). - commit a942b8d - kABI: netfs: handle new netfs_io_stream flag (bsc#1249314 CVE-2025-39723). - commit b79d24b - btrfs: fix subvolume deletion lockup caused by inodes xarray race (git-fixes). - commit d8d3b1e - btrfs: fix squota compressed stats leak (git-fixes). - commit f4489c7 - btrfs: fix wrong length parameter for btrfs_cleanup_ordered_extents() (git-fixes). - commit 73f12d4 - netfs: Fix unbuffered write error handling (stable-fixes bsc#1249314 CVE-2025-39723). - commit de949a4 - ppp: fix race conditions in ppp_fill_forward_path (CVE-2025-39673 bsc#1249320). - commit 835095c ++++ systemd: - systemd.spec: use %sysusers_generate_pre so that some systemd users are already available in %pre. This is important because D-Bus automatically reloads its configuration whenever new configuration files are installed, i.e. between %pre and %post. (bsc#1248501) No needs for systemd and udev packages as they are always installed during the initial installation. - Import commit c139debf2c6e9556df8ee6eca77ae18d5b98f027 (merge of v257.9) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/835af70f4e4fab4746319145d9fdb1a01e33f4c8...c139debf2c6e9556df8ee6eca77ae18d5b98f027 - Rebase 5001-Revert-udev-update-devlink-with-the-newer-device-nod.patch - Import commit 835af70f4e4fab4746319145d9fdb1a01e33f4c8 835af70f4e core/cgroup: Properly handle aborting a pending freeze operation 1f96f9da13 detect-virt: add bare-metal support for GCE (bsc#1244449) c3bcfc9558 uki.conf is used by the ukify tool to create an Unified Kernel Image[...] - Make sure that the ordering trick used to update the udev package as close as as possible to the update of the systemd package also works with zypper. We also need to add "Suggests: udev", which serves the same purpose as "OrderWithRequires: udev" but is part of the repository metadata. It should therefore hint zypper to install systemd and udev as close together as possible (see bsc#1228659) ++++ nvidia-open-driver-G06-signed: - pesign-spec-macros: added definition for %__kernel_supplements, which replaced %__kmp_supplements with latest RPM used on TW now, in order to fix PCI HW Supplements for TW (boo#1249814) ------------------------------------------------------------------ ------------------ 2025-9-16 - Sep 16 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit-machines: - Add a hard require on libvirt bsc#1236149 - add hostadd-allow-device-form-to-overflow-on-X-axis.patch fixes bsc#1248250 ++++ kernel-default: - mm/damon/sysfs: fix use-after-free in state_show() (git-fixes). - commit 97c6157 - percpu: fix race on alloc failed warning limit (git-fixes). - commit df7089c - mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() (git-fixes). - commit 7f118fd - mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() (git-fixes). - commit a721c93 - mm/damon/core: set quota->charged_from to jiffies at first charge window (git-fixes). - commit 8cc5d6c - mm: fault in complete folios instead of individual pages for tmpfs (git-fixes). - commit 72eb4d6 - mm: close theoretical race where stale TLB entries could linger (git-fixes). - commit 43ddf98 - mm/damon/core: avoid destroyed target reference from DAMOS quota (git-fixes). - commit b8f858b - execmem: enforce allocation size aligment to PAGE_SIZE (git-fixes). - commit ed49080 - coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes). - commit dfdab4e - mm: khugepaged: fix call hpage_collapse_scan_file() for anonymous vma (git-fixes). - commit debc2cc - pptp: fix pptp_xmit() error path (git-fixes). - commit bf03393 - net, hsr: reject HSR frame if skb can't hold tag (CVE-2025-39703 bsc#1249315). - commit 31af9c5 - power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes). - power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes). - commit ca0a722 - drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121). - kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access probe" (bsc#1248121). - Refresh patches.suse/drm-Add-kabi-placeholders-to-commonly-used-structs.patch. - commit 8284f72 - kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes). - commit cb06f32 - arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes) - commit a64c583 - arm64: dts: rockchip: Fix Bluetooth interrupts flag on Neardi LBA3368 (git-fixes) - commit 78938d3 - arm64: dts: rockchip: Fix the headphone detection on the orangepi 5 (git-fixes) - commit ba5fe5b - arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes) - commit 8dd21d2 - arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes) - commit 7fdd334 - arm64: dts: rockchip: Add cd-gpios for sdcard detect on Cool Pi 4B (git-fixes). - commit bc5a89e - arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes) - commit 607b715 - arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma (git-fixes) - commit d20c924 - arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes) - commit f84cc30 - arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes) - commit 627de8c - arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes) - commit e690dcc - arm64: Mark kernel as tainted on SAE and SError panic (git-fixes) - commit 5a4a449 - arm64: stacktrace: Check kretprobe_find_ret_addr() return value (git-fixes) - commit f7313d0 - arm64: Handle KCOV __init vs inline mismatches (git-fixes) - commit 8a132f8 - i2c: tegra: Use internal reset when reset property is not available (bsc#1249143) - commit 9c0b7e3 ++++ kernel-rt: - mm/damon/sysfs: fix use-after-free in state_show() (git-fixes). - commit 97c6157 - percpu: fix race on alloc failed warning limit (git-fixes). - commit df7089c - mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() (git-fixes). - commit 7f118fd - mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() (git-fixes). - commit a721c93 - mm/damon/core: set quota->charged_from to jiffies at first charge window (git-fixes). - commit 8cc5d6c - mm: fault in complete folios instead of individual pages for tmpfs (git-fixes). - commit 72eb4d6 - mm: close theoretical race where stale TLB entries could linger (git-fixes). - commit 43ddf98 - mm/damon/core: avoid destroyed target reference from DAMOS quota (git-fixes). - commit b8f858b - execmem: enforce allocation size aligment to PAGE_SIZE (git-fixes). - commit ed49080 - coredump: Fixes core_pipe_limit sysctl proc_handler (git-fixes). - commit dfdab4e - mm: khugepaged: fix call hpage_collapse_scan_file() for anonymous vma (git-fixes). - commit debc2cc - pptp: fix pptp_xmit() error path (git-fixes). - commit bf03393 - net, hsr: reject HSR frame if skb can't hold tag (CVE-2025-39703 bsc#1249315). - commit 31af9c5 - power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes). - power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes). - commit ca0a722 - drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121). - kABI workaround for "drm/dp: Add an EDID quirk for the DPCD register access probe" (bsc#1248121). - Refresh patches.suse/drm-Add-kabi-placeholders-to-commonly-used-structs.patch. - commit 8284f72 - kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes). - commit cb06f32 - arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes) - commit a64c583 - arm64: dts: rockchip: Fix Bluetooth interrupts flag on Neardi LBA3368 (git-fixes) - commit 78938d3 - arm64: dts: rockchip: Fix the headphone detection on the orangepi 5 (git-fixes) - commit ba5fe5b - arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes) - commit 8dd21d2 - arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes) - commit 7fdd334 - arm64: dts: rockchip: Add cd-gpios for sdcard detect on Cool Pi 4B (git-fixes). - commit bc5a89e - arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes) - commit 607b715 - arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma (git-fixes) - commit d20c924 - arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes) - commit f84cc30 - arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes) - commit 627de8c - arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes) - commit e690dcc - arm64: Mark kernel as tainted on SAE and SError panic (git-fixes) - commit 5a4a449 - arm64: stacktrace: Check kretprobe_find_ret_addr() return value (git-fixes) - commit f7313d0 - arm64: Handle KCOV __init vs inline mismatches (git-fixes) - commit 8a132f8 - i2c: tegra: Use internal reset when reset property is not available (bsc#1249143) - commit 9c0b7e3 ------------------------------------------------------------------ ------------------ 2025-9-15 - Sep 15 2025 ------------------- ------------------------------------------------------------------ ++++ avahi: - Add avahi-CVE-2024-52615.patch: Backport 4e2e1ea from upstream, Resolve fixed source ports for wide-area DNS queries cause DNS responses be injected. (CVE-2024-52615, bsc#1233421) ++++ gstreamer: - Update to version 1.26.6: + Highlighted bugfixes in 1.26.6: - analytics GstTensorMeta handling changes (see note below) - closed caption combiner and transcriberbin stability fixes - decklinkvideosrc: fix unrecoverable state after failing to start streaming because device is busy - decodebin3 tag handling improvements - fallbacksrc: Fix sources only being restarted once, as well as some deadlocks and race conditions on shutdown - gtk4paintablesink: Try importing dmabufs withouth DMA_DRM caps - hlsdemux2: Fix parsing of byterange and init map directives - rtpmp4gdepay2: allow only constantduration with neither constantsize nor sizelength set - spotifysrc: update to librespot 0.7 to make work after recent Spotify changes - threadshare: new blocking adapter element for use in front of block elements such as sinks that sync to the clock - threadshare: various other threadshare element fixes and improvements - v4l2: Add support for WVC1 and WMV3 - videorate: possible performance improvements when operating in drop-only mode - GstBaseParse fixes - Vulkan video decoder fixes - Fix gst-device-monitor-1.0 tool device-path regression on Windows - Monorepo development environment builds fewer plugins using subprojects by default, those require explicit enablement now - Python bindings: Handle buffer PTS, DTS, duration, offset, and offset-end as unsigned long long (regression fix) - Cerbero: Reduce recipe parallelism in various cases and dump cerbero and recipe versions into datadir during packaging - Various bug fixes, build fixes, memory leak fixes, and other stability and reliability improvements + Possibly breaking behavioural changes: - Previously it was guaranteed that there is only ever up to one GstTensorMeta per buffer. This is no longer true and code working with GstTensorMeta must be able to handle multiple GstTensorMeta now. + gstreamer: - baseparse: Try harder to fixate caps based on upstream in default negotiation - gst-discoverer reports 1x1 dimensions for "valid" MP4 files - baseparse: don't clear most sticky events after a FLUSH_STOP event - gstreamer: Disable miniobject inline functions for gobject-introspection for non-subprojects too - gstreamer: Make sure to zero-initialize the GValue before G_VALUE_COLLECT_INIT - ptp: Fix a new Rust 1.89 compiler warning on Windows - ptp: Fix new compiler warning with Rust 1.89 - Segmentation fault when compiled with "-ftrivial-auto-var-init=pattern". Use of unitialized GValue ++++ gstreamer-plugins-base: - Update to version 1.26.6: + decodebin3: Update stream tags + rtpbasedepayload: Avoid potential use-after free + rtspconnection: Add get_url and get_ip return value annotation + gst_rtsp_connection_get_url return value transfer annotation missing + videometa: Fix valgrind warning when deserializing video meta + videorate: don't hold the reference to the buffer in drop-only mode + gst-device-monitor-1.0: Fix device-path regression on Windows + gst-device-monitor-1.0: Add quoting for powershell and cmd + Monorepo: opengl, vorbis, plugins require explicit enablement now for a build using the Meson subproject fallback ++++ kernel-default: - cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes). - commit fc53d59 - cpufreq: Exit governor when failed to start old governor (stable-fixes). - commit e935313 - cpufreq: Init policy->rwsem before it may be possibly used (git-fixes). - commit fdf9d91 - drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121). - commit b441892 - tls: fix handling of zero-length records on the rx_list (CVE-2025-39682 bsc#1249284). - commit dae1b00 - drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121). - commit 05496be - Update patches.suse/drm-dp-Change-AUX-DPCD-probe-address-from-DPCD_REV-t.patch (bsc#1248121) Move to the cherry-picked 6.16-rc patch, to be applied earlier - commit c2137da - drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121). - commit 3f7be89 - drm/edid: Define the quirks in an enum list (bsc#1248121). - commit f72505b - netfilter: nf_tables: reject duplicate device on updates (CVE-2025-38678 bsc#1249126). - commit fa3b4ce - ptp: fix breakage after ptp_vclock_in_use() rework (git-fixes). - commit c4393a1 - iommu/amd: Avoid stack buffer overflow from kernel cmdline (CVE-2025-38676 bsc#1248775). - commit b6650d7 - phy: ti-pipe3: fix device leak at unbind (git-fixes). - phy: ti: omap-usb2: fix device leak at unbind (git-fixes). - phy: tegra: xusb: fix device and OF node leak at probe (git-fixes). - phy: qualcomm: phy-qcom-eusb2-repeater: fix override properties (git-fixes). - dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes). - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes). - dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes). - dmaengine: idxd: Fix refcount underflow on module unload (git-fixes). - dmaengine: idxd: Remove improper idxd_free (git-fixes). - dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes). - serial: sc16is7xx: fix bug in flow control levels init (git-fixes). - usb: gadget: midi2: Fix MIDI2 IN EP max packet size (git-fixes). - usb: gadget: midi2: Fix missing UMP group attributes initialization (git-fixes). - usb: typec: tcpm: properly deliver cable vdms to altmode drivers (git-fixes). - USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes). - xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes). - xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes). - xhci: dbc: decouple endpoint allocation from initialization (git-fixes). - commit 8847945 ++++ kernel-rt: - cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes). - commit fc53d59 - cpufreq: Exit governor when failed to start old governor (stable-fixes). - commit e935313 - cpufreq: Init policy->rwsem before it may be possibly used (git-fixes). - commit fdf9d91 - drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121). - commit b441892 - tls: fix handling of zero-length records on the rx_list (CVE-2025-39682 bsc#1249284). - commit dae1b00 - drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121). - commit 05496be - Update patches.suse/drm-dp-Change-AUX-DPCD-probe-address-from-DPCD_REV-t.patch (bsc#1248121) Move to the cherry-picked 6.16-rc patch, to be applied earlier - commit c2137da - drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121). - commit 3f7be89 - drm/edid: Define the quirks in an enum list (bsc#1248121). - commit f72505b - netfilter: nf_tables: reject duplicate device on updates (CVE-2025-38678 bsc#1249126). - commit fa3b4ce - ptp: fix breakage after ptp_vclock_in_use() rework (git-fixes). - commit c4393a1 - iommu/amd: Avoid stack buffer overflow from kernel cmdline (CVE-2025-38676 bsc#1248775). - commit b6650d7 - phy: ti-pipe3: fix device leak at unbind (git-fixes). - phy: ti: omap-usb2: fix device leak at unbind (git-fixes). - phy: tegra: xusb: fix device and OF node leak at probe (git-fixes). - phy: qualcomm: phy-qcom-eusb2-repeater: fix override properties (git-fixes). - dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes). - dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes). - dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes). - dmaengine: idxd: Fix refcount underflow on module unload (git-fixes). - dmaengine: idxd: Remove improper idxd_free (git-fixes). - dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes). - serial: sc16is7xx: fix bug in flow control levels init (git-fixes). - usb: gadget: midi2: Fix MIDI2 IN EP max packet size (git-fixes). - usb: gadget: midi2: Fix missing UMP group attributes initialization (git-fixes). - usb: typec: tcpm: properly deliver cable vdms to altmode drivers (git-fixes). - USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes). - xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes). - xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes). - xhci: dbc: decouple endpoint allocation from initialization (git-fixes). - commit 8847945 ------------------------------------------------------------------ ------------------ 2025-9-14 - Sep 14 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - regulator: sy7636a: fix lifecycle of power good gpio (git-fixes). - commit 3cf2f7b ++++ kernel-rt: - regulator: sy7636a: fix lifecycle of power good gpio (git-fixes). - commit 3cf2f7b ------------------------------------------------------------------ ------------------ 2025-9-13 - Sep 13 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - struct cdc_ncm_ctx: move new member to end (git-fixes). - commit 0696383 - drm/xe: Attempt to bring bos back to VRAM after eviction (git-fixes). - drm/panthor: validate group queue count (git-fixes). - drm/mediatek: fix potential OF node use-after-free (git-fixes). - drm/amd/display: use udelay rather than fsleep (git-fixes). - drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes). - drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes). - commit 28aeb21 - net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes). - commit d37f2a9 - net: usb: cdc-ncm: check for filtering capability (git-fixes). - commit 024c467 ++++ kernel-rt: - struct cdc_ncm_ctx: move new member to end (git-fixes). - commit 0696383 - drm/xe: Attempt to bring bos back to VRAM after eviction (git-fixes). - drm/panthor: validate group queue count (git-fixes). - drm/mediatek: fix potential OF node use-after-free (git-fixes). - drm/amd/display: use udelay rather than fsleep (git-fixes). - drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes). - drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes). - commit 28aeb21 - net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes). - commit d37f2a9 - net: usb: cdc-ncm: check for filtering capability (git-fixes). - commit 024c467 ------------------------------------------------------------------ ------------------ 2025-9-12 - Sep 12 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Update config files: Disable UBLK (PED-13686) - commit 32a5a8b - Refresh patches.suse/sched-Don-t-define-sched_clock_irqtime-as-static-key.patch. - commit ccab819 - iommu/vt-d: Restore context entry setup order for aliased devices (CVE-2025-38216 bsc#1245963). - commit 9397573 - pidfs: Fix memory leak in pidfd_info() (jsc#PED-13113). - pidfs: raise SB_I_NODEV and SB_I_NOEXEC (bsc#1249562). - commit 7f76e12 - cgroup/cpuset: Fix a partition error with CPU hotplug (bsc#1241166). - cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166). - commit 403a981 - sched/deadline: Don't count nr_running for dl_server proxy tasks (git-fixes, bsc#1247936). - sched/deadline: Fix RT task potential starvation when expiry time passed (git-fixes, bsc#1247936). - sched/deadline: Always stop dl-server before changing parameters (bsc#1247936). - sched/deadline: Fix dl_server_stopped() (bsc#1247936). - commit ef2b61d - Limit patch filenames to 100 characters (bsc#1249604). - commit 6aa47a1 - cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes). - commit 4cd57b7 - s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249477). - s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249478). - commit 9debf1a - mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes). - mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes). - mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes). - can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes). - can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes). - can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes). - can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes). - cpufreq/amd-pstate: Fix a regression leading to EPP 0 after resume (git-fixes). - cpufreq/amd-pstate: Fix setting of CPPC.min_perf in active mode for performance governor (git-fixes). - commit f4059fc ++++ kernel-rt: - Update config files: Disable UBLK (PED-13686) - commit 32a5a8b - Refresh patches.suse/sched-Don-t-define-sched_clock_irqtime-as-static-key.patch. - commit ccab819 - iommu/vt-d: Restore context entry setup order for aliased devices (CVE-2025-38216 bsc#1245963). - commit 9397573 - pidfs: Fix memory leak in pidfd_info() (jsc#PED-13113). - pidfs: raise SB_I_NODEV and SB_I_NOEXEC (bsc#1249562). - commit 7f76e12 - cgroup/cpuset: Fix a partition error with CPU hotplug (bsc#1241166). - cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166). - commit 403a981 - sched/deadline: Don't count nr_running for dl_server proxy tasks (git-fixes, bsc#1247936). - sched/deadline: Fix RT task potential starvation when expiry time passed (git-fixes, bsc#1247936). - sched/deadline: Always stop dl-server before changing parameters (bsc#1247936). - sched/deadline: Fix dl_server_stopped() (bsc#1247936). - commit ef2b61d - Limit patch filenames to 100 characters (bsc#1249604). - commit 6aa47a1 - cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes). - commit 4cd57b7 - s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249477). - s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249478). - commit 9debf1a - mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes). - mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes). - mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes). - can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes). - can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes). - can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes). - can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes). - cpufreq/amd-pstate: Fix a regression leading to EPP 0 after resume (git-fixes). - cpufreq/amd-pstate: Fix setting of CPPC.min_perf in active mode for performance governor (git-fixes). - commit f4059fc ------------------------------------------------------------------ ------------------ 2025-9-11 - Sep 11 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit-machines: - Update to 339 * 339 - Serial consoles now keep their content and stay alive - No longer copies qemu.conf values into VM definitions * 338 - Translation and dependency updates - Detachable VNC console - removed nic-domain-not-found.patch that is now part of upstream ++++ python-kiwi: - Bump version: 10.2.32 → 10.2.33 ++++ kernel-default: - s390/mm: Fix in_atomic() handling in do_secure_storage_access() (git-fixes CVE-2025-38359 bsc#1247076). - commit ad2ef8d - cpufreq: intel_pstate: Add Granite Rapids support in no-HWP mode (stable-fixes). - commit 688ba83 - cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes). - commit 93b10c9 - cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs (stable-fixes). - commit 8228e62 - pptp: ensure minimal skb length in pptp_xmit() (CVE-2025-38574 bsc#1248365). - commit 5a47a7a - cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes). - commit 8c79560 - io_uring: expose read/write attribute capability (jsc#PED-12882 bsc#1237542). - io_uring/rw: don't mask in f_iocb_flags (jsc#PED-12882 bsc#1237542). Drop blacklisting. - commit c90a02f ++++ kernel-rt: - s390/mm: Fix in_atomic() handling in do_secure_storage_access() (git-fixes CVE-2025-38359 bsc#1247076). - commit ad2ef8d - cpufreq: intel_pstate: Add Granite Rapids support in no-HWP mode (stable-fixes). - commit 688ba83 - cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes). - commit 93b10c9 - cpufreq: scmi: Skip SCMI devices that aren't used by the CPUs (stable-fixes). - commit 8228e62 - pptp: ensure minimal skb length in pptp_xmit() (CVE-2025-38574 bsc#1248365). - commit 5a47a7a - cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes). - commit 8c79560 - io_uring: expose read/write attribute capability (jsc#PED-12882 bsc#1237542). - io_uring/rw: don't mask in f_iocb_flags (jsc#PED-12882 bsc#1237542). Drop blacklisting. - commit c90a02f ++++ virt-manager: - Fix issues with detection of openSUSE Leap 16. virtinst-add-sle16-detection-support.patch ------------------------------------------------------------------ ------------------ 2025-9-10 - Sep 10 2025 ------------------- ------------------------------------------------------------------ ++++ curl: - tool_operate: fix return code when --retry is used but not triggered [bsc#1249367] * Add curl-tool_operate-fix-return-code-when-retry-is-used.patch ++++ python-kiwi: - Run grub mkconfig with os-prober disabled Set GRUB_DISABLE_OS_PROBER=true to the caller environment such that it gets consumed via /etc/grub.d/30_os-prober This Fixes #2883 - Fixed typo in documentation Invalid XML syntax, missing end tag. This Fixes #2882 ++++ kernel-default: - smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199, CVE-2025-38527). - commit a3059e7 - Drop PCI patches that broke kdump capture boot (bsc#1246509) Deleted: patches.suse/PCI-Explicitly-put-devices-into-D0-when-initializing.patch patches.suse/PCI-PM-Set-up-runtime-PM-even-for-devices-without-PC.patch Refreshed: patches.suse/PCI-Support-Immediate-Readiness-on-devices-without-PM.patch - commit b491bf9 - platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes). - drm/amd/display: Clear the CUR_ENABLE register on DCN314 w/out DPP PG (stable-fixes). - drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes). - ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes). - ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes). - ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes). - mmc: sdhci-of-arasan: Ensure CD logic stabilization before power-up (stable-fixes). - cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes). - cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes). - Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes). - net: usb: qmi_wwan: add Telit Cinterion FN990A w/audio composition (stable-fixes). - dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes). - net: usb: qmi_wwan: fix Telit Cinterion FE990A name (stable-fixes). - net: usb: qmi_wwan: fix Telit Cinterion FN990A name (stable-fixes). - mmc: sdhci-of-arasan: Support for emmc hardware reset (stable-fixes). - commit 67865ae ++++ kernel-rt: - smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199, CVE-2025-38527). - commit a3059e7 - Drop PCI patches that broke kdump capture boot (bsc#1246509) Deleted: patches.suse/PCI-Explicitly-put-devices-into-D0-when-initializing.patch patches.suse/PCI-PM-Set-up-runtime-PM-even-for-devices-without-PC.patch Refreshed: patches.suse/PCI-Support-Immediate-Readiness-on-devices-without-PM.patch - commit b491bf9 - platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes). - drm/amd/display: Clear the CUR_ENABLE register on DCN314 w/out DPP PG (stable-fixes). - drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes). - ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes). - ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes). - ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes). - mmc: sdhci-of-arasan: Ensure CD logic stabilization before power-up (stable-fixes). - cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes). - cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes). - Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes). - net: usb: qmi_wwan: add Telit Cinterion FN990A w/audio composition (stable-fixes). - dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes). - net: usb: qmi_wwan: fix Telit Cinterion FE990A name (stable-fixes). - net: usb: qmi_wwan: fix Telit Cinterion FN990A name (stable-fixes). - mmc: sdhci-of-arasan: Support for emmc hardware reset (stable-fixes). - commit 67865ae ++++ osinfo-db: - Fix the definition of Leap 16.0 to match the current names of the Leap 16.0 ISOs and the Volume IDs contained within those ISOs. (bsc#1236401) add-opensuse-leap-16.0-support.patch ------------------------------------------------------------------ ------------------ 2025-9-9 - Sep 9 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit-podman: - Update to 113 * Sortable Images table ++++ curl: - Security fixes: * [bsc#1249191, CVE-2025-9086] Out of bounds read for cookie path * [bsc#1249348, CVE-2025-10148] Predictable WebSocket mask * Add patches: - curl-CVE-2025-9086.patch - curl-CVE-2025-10148.patch ++++ kernel-default: - cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes). - commit 0113318 - cpufreq: Reference count policy in cpufreq_update_limits() (git-fixes). - commit fc0d863 - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes). - commit 5082177 - cpufreq: scpi: compare kHz instead of Hz (git-fixes). - commit f23b3de - kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346) - commit 40606b5 - PCI: pnv_php: Fix surprise plug detection and recovery (CVE-2025-38623 bsc#1248610). - commit a87ddcb - selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes). - selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes). - bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes). - commit 07f73b3 - supported.conf: mark hyperv_drm as external - net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes). - hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111). - RDMA/mana_ib: add support of multiple ports (git-fixes). - RDMA/mana_ib: add additional port counters (git-fixes). - net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes). - commit 27fd758 - drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (CVE-2025-38597 bsc#1248378). - commit 3361c8b - bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622 CVE-2025-38640). - commit ea00555 ++++ kernel-rt: - cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes). - commit 0113318 - cpufreq: Reference count policy in cpufreq_update_limits() (git-fixes). - commit fc0d863 - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes). - commit 5082177 - cpufreq: scpi: compare kHz instead of Hz (git-fixes). - commit f23b3de - kernel-subpackage-build: Decompress ghost file when compressed version exists (bsc#1249346) - commit 40606b5 - PCI: pnv_php: Fix surprise plug detection and recovery (CVE-2025-38623 bsc#1248610). - commit a87ddcb - selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes). - selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes). - bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes). - commit 07f73b3 - supported.conf: mark hyperv_drm as external - net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes). - hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111). - RDMA/mana_ib: add support of multiple ports (git-fixes). - RDMA/mana_ib: add additional port counters (git-fixes). - net: mana: fix spelling for mana_gd_deregiser_irq() (git-fixes). - commit 27fd758 - drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (CVE-2025-38597 bsc#1248378). - commit 3361c8b - bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622 CVE-2025-38640). - commit ea00555 ++++ python313-core: - Add gh138131-exclude-pycache-from-digest.patch fixing reproducible build for python-nogil. (bsc#1244680, gh#python/cpython#138131) ++++ liburing: - Add upstream patch to fix test on ppc64le * 0001-test-recvsend_bundle-enlarge-recv-buf-ring-to-2-MiB-.patch ++++ python313: - Add gh138131-exclude-pycache-from-digest.patch fixing reproducible build for python-nogil. (bsc#1244680, gh#python/cpython#138131) ------------------------------------------------------------------ ------------------ 2025-9-8 - Sep 8 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Update to 346 * Changes since 344 - 346 * Support branding Cockpit pages * Storage: Support for Stratis "V2" pools - 345 * Translation and dependency updates * Shorter IPv6 addresses * IPv6 addresses for WireGuard ++++ kernel-default: - btrfs: codify pattern for adding block_group to bg_list (git-fixes). - commit 28d12b0 - isolcpus: add missing hunk back (bsc#1236897 bsc#1249206). Update patches.suse/blk-mq-use-hk-cpus-only-when-isolcpus-managed_irq-is-enabled.patch (bsc#1236897 bsc#1249206). - commit 9d2b796 - btrfs: fix printing of mount info messages for NODATACOW/NODATASUM (git-fixes). - commit ba5bcd7 - btrfs: restore mount option info messages during mount (git-fixes). - commit 802999a - btrfs: fix incorrect log message for nobarrier mount option (git-fixes). - commit e3e34d3 - btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes). - commit 05dbe91 - btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes). - commit 87677ec - btrfs: fix race between logging inode and checking if it was logged before (git-fixes). - commit dd428a8 - btrfs: always abort transaction on failure to add block group to free space tree (git-fixes). - btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes). - commit 66017bd - netfilter: xt_nfacct: don't assume acct name is null-terminated (CVE-2025-38639 bsc#1248674) - commit 6246696 - btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes). - commit 7a86e25 - btrfs: qgroup: remove no longer used fs_info->qgroup_ulist (git-fixes). - btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes). - commit cbd92f9 - x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes). - commit 1ff0ea2 - mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes). - commit 98f7021 - mm: move page table sync declarations to linux/pgtable.h (git-fixes). - commit 57bad67 - mm/damon/core: prevent unnecessary overflow in damos_set_effective_quota() (git-fixes). - commit 760f69c - mm/userfaultfd: fix kmap_local LIFO ordering for CONFIG_HIGHPTE (git-fixes). - commit a1213be - mm/damon/ops-common: ignore migration request to invalid nodes (git-fixes). - commit 0aae268 - mm: swap: fix potential buffer overflow in setup_clusters() (git-fixes). - commit ba72e08 - PCI: pnv_php: Fix surprise plug detection and recovery (CVE-2025-38623 bsc#1248610). - commit 72424b3 - kABI workaround for bluetooth discovery_state change (CVE-2025-38593 bsc#1248357). - commit 12620c5 - Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()' (CVE-2025-38593 bsc#1248357). - Refresh patches.kabi/bluetooth-hci_dev-kabi-workaround.patch. - commit 1bb3148 - Fix OOB access in "drm/amdgpu: read back register after written for VCN v4.0.5" (bsc#1249251) - commit 3545bbd ++++ kernel-rt: - btrfs: codify pattern for adding block_group to bg_list (git-fixes). - commit 28d12b0 - isolcpus: add missing hunk back (bsc#1236897 bsc#1249206). Update patches.suse/blk-mq-use-hk-cpus-only-when-isolcpus-managed_irq-is-enabled.patch (bsc#1236897 bsc#1249206). - commit 9d2b796 - btrfs: fix printing of mount info messages for NODATACOW/NODATASUM (git-fixes). - commit ba5bcd7 - btrfs: restore mount option info messages during mount (git-fixes). - commit 802999a - btrfs: fix incorrect log message for nobarrier mount option (git-fixes). - commit e3e34d3 - btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes). - commit 05dbe91 - btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes). - commit 87677ec - btrfs: fix race between logging inode and checking if it was logged before (git-fixes). - commit dd428a8 - btrfs: always abort transaction on failure to add block group to free space tree (git-fixes). - btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes). - commit 66017bd - netfilter: xt_nfacct: don't assume acct name is null-terminated (CVE-2025-38639 bsc#1248674) - commit 6246696 - btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes). - commit 7a86e25 - btrfs: qgroup: remove no longer used fs_info->qgroup_ulist (git-fixes). - btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes). - commit cbd92f9 - x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes). - commit 1ff0ea2 - mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes). - commit 98f7021 - mm: move page table sync declarations to linux/pgtable.h (git-fixes). - commit 57bad67 - mm/damon/core: prevent unnecessary overflow in damos_set_effective_quota() (git-fixes). - commit 760f69c - mm/userfaultfd: fix kmap_local LIFO ordering for CONFIG_HIGHPTE (git-fixes). - commit a1213be - mm/damon/ops-common: ignore migration request to invalid nodes (git-fixes). - commit 0aae268 - mm: swap: fix potential buffer overflow in setup_clusters() (git-fixes). - commit ba72e08 - PCI: pnv_php: Fix surprise plug detection and recovery (CVE-2025-38623 bsc#1248610). - commit 72424b3 - kABI workaround for bluetooth discovery_state change (CVE-2025-38593 bsc#1248357). - commit 12620c5 - Bluetooth: hci_sync: fix double free in 'hci_discovery_filter_clear()' (CVE-2025-38593 bsc#1248357). - Refresh patches.kabi/bluetooth-hci_dev-kabi-workaround.patch. - commit 1bb3148 - Fix OOB access in "drm/amdgpu: read back register after written for VCN v4.0.5" (bsc#1249251) - commit 3545bbd ++++ tiff: - security update: * CVE-2025-8961 [bsc#1248117] Fix segmentation fault via main function of tiffcrop utility + tiff-CVE-2025-8961.patch ++++ nvidia-open-driver-G06-signed: - let conflict CUDA and non-CUDA -devel packages; this is needed if both have the same version ------------------------------------------------------------------ ------------------ 2025-9-7 - Sep 7 2025 ------------------- ------------------------------------------------------------------ ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to 580.82.07 (boo#1249235) ------------------------------------------------------------------ ------------------ 2025-9-6 - Sep 6 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - spi: spi-fsl-lpspi: Clear status register after disabling the module (git-fixes). - spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes). - spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes). - spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes). - ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes). - hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes). - platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (git-fixes). - platform/x86: asus-wmi: Remove extra keys from ignore_key_wlan quirk (git-fixes). - drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes). - drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes). - accel/ivpu: Prevent recovery work from being queued during device removal (git-fixes). - nouveau: fix disabling the nonstall irq due to storm code (git-fixes). - commit 10f191d ++++ kernel-rt: - spi: spi-fsl-lpspi: Clear status register after disabling the module (git-fixes). - spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes). - spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes). - spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes). - ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes). - hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes). - platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (git-fixes). - platform/x86: asus-wmi: Remove extra keys from ignore_key_wlan quirk (git-fixes). - drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes). - drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes). - accel/ivpu: Prevent recovery work from being queued during device removal (git-fixes). - nouveau: fix disabling the nonstall irq due to storm code (git-fixes). - commit 10f191d ++++ nvidia-open-driver-G06-signed: - update CUDA variant to 580.82.07 ------------------------------------------------------------------ ------------------ 2025-9-5 - Sep 5 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes). - commit 672e366 - net: drop UFO packets in udp_rcv_segment() (CVE-2025-38622 bsc#1248619). - commit 48c98b8 - smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239, CVE-2025-38488). - commit 09784fa - wifi: mt76: mt7925: fix the wrong bss cleanup for SAP (git-fixes). - commit aed2258 - ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes). - wifi: ath11k: fix group data packet drops during rekey (git-fixes). - wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes). - wifi: libertas: cap SSID len in lbs_associate() (git-fixes). - wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes). - batman-adv: fix OOB read/write in network-coding decode (git-fixes). - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes). - Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes). - microchip: lan865x: Fix LAN8651 autoloading (git-fixes). - microchip: lan865x: Fix module autoloading (git-fixes). - mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes). - xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes). - wifi: iwlwifi: uefi: check DSM item validity (git-fixes). - wifi: mt76: fix linked list corruption (git-fixes). - wifi: mt76: free pending offchannel tx frames on wcid cleanup (git-fixes). - wifi: mt76: prevent non-offchannel mgmt tx during scan/roc (git-fixes). - wifi: mt76: mt7925u: use connac3 tx aggr check in tx complete (git-fixes). - wifi: mt76: mt7925: fix locking in mt7925_change_vif_links() (git-fixes). - wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes). - wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes). - wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes). - wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes). - HID: quirks: add support for Legion Go dual dinput modes (stable-fixes). - HID: logitech: Add ids for G PRO 2 LIGHTSPEED (stable-fixes). - HID: input: report battery status changes immediately (git-fixes). - HID: input: rename hidinput_set_battery_charge_status() (stable-fixes). - HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes). - HID: wacom: Add a new Art Pen 2 (stable-fixes). - drm/amd/amdgpu: disable hwmon power1_cap* for gfx 11.0.3 on vf mode (stable-fixes). - Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes). - net: rose: fix a typo in rose_clear_routes() (git-fixes). - net: rose: include node references in rose_neigh refcount (git-fixes). - net: rose: convert 'use' field to refcount_t (git-fixes). - net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes). - mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes). - dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes). - ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes). - PCI: dwc: Ensure that dw_pcie_wait_for_link() waits 100 ms after link up (stable-fixes). - thermal/drivers/mediatek/lvts_thermal: Add mt7988 lvts commands (stable-fixes). - thermal/drivers/mediatek/lvts_thermal: Add lvts commands and their sizes to driver data (stable-fixes). - thermal/drivers/mediatek/lvts_thermal: Change lvts commands array to static const (stable-fixes). - ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes). - commit 605bae8 - Refresh patches.suse/selftests-bpf-Range-analysis-test-case-for-JSET.patch. Fix BPF selftest failure in the "verifier_bounds/dead branch on jset, does not result in invariants violation error" case. - commit 906c64e ++++ kernel-rt: - erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes). - commit 672e366 - net: drop UFO packets in udp_rcv_segment() (CVE-2025-38622 bsc#1248619). - commit 48c98b8 - smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239, CVE-2025-38488). - commit 09784fa - wifi: mt76: mt7925: fix the wrong bss cleanup for SAP (git-fixes). - commit aed2258 - ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes). - wifi: ath11k: fix group data packet drops during rekey (git-fixes). - wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes). - wifi: libertas: cap SSID len in lbs_associate() (git-fixes). - wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes). - batman-adv: fix OOB read/write in network-coding decode (git-fixes). - Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes). - Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes). - microchip: lan865x: Fix LAN8651 autoloading (git-fixes). - microchip: lan865x: Fix module autoloading (git-fixes). - mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes). - xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes). - wifi: iwlwifi: uefi: check DSM item validity (git-fixes). - wifi: mt76: fix linked list corruption (git-fixes). - wifi: mt76: free pending offchannel tx frames on wcid cleanup (git-fixes). - wifi: mt76: prevent non-offchannel mgmt tx during scan/roc (git-fixes). - wifi: mt76: mt7925u: use connac3 tx aggr check in tx complete (git-fixes). - wifi: mt76: mt7925: fix locking in mt7925_change_vif_links() (git-fixes). - wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes). - wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes). - wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes). - wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes). - HID: quirks: add support for Legion Go dual dinput modes (stable-fixes). - HID: logitech: Add ids for G PRO 2 LIGHTSPEED (stable-fixes). - HID: input: report battery status changes immediately (git-fixes). - HID: input: rename hidinput_set_battery_charge_status() (stable-fixes). - HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes). - HID: wacom: Add a new Art Pen 2 (stable-fixes). - drm/amd/amdgpu: disable hwmon power1_cap* for gfx 11.0.3 on vf mode (stable-fixes). - Revert "drm/amdgpu: fix incorrect vm flags to map bo" (stable-fixes). - net: rose: fix a typo in rose_clear_routes() (git-fixes). - net: rose: include node references in rose_neigh refcount (git-fixes). - net: rose: convert 'use' field to refcount_t (git-fixes). - net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes). - mISDN: hfcpci: Fix warning when deleting uninitialized timer (git-fixes). - dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes). - ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes). - PCI: dwc: Ensure that dw_pcie_wait_for_link() waits 100 ms after link up (stable-fixes). - thermal/drivers/mediatek/lvts_thermal: Add mt7988 lvts commands (stable-fixes). - thermal/drivers/mediatek/lvts_thermal: Add lvts commands and their sizes to driver data (stable-fixes). - thermal/drivers/mediatek/lvts_thermal: Change lvts commands array to static const (stable-fixes). - ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes). - commit 605bae8 - Refresh patches.suse/selftests-bpf-Range-analysis-test-case-for-JSET.patch. Fix BPF selftest failure in the "verifier_bounds/dead branch on jset, does not result in invariants violation error" case. - commit 906c64e ------------------------------------------------------------------ ------------------ 2025-9-4 - Sep 4 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update to docker-buildx v0.28.0. Upstream changelog: - Update to Docker 28.4.0-ce. See upstream changelog online at * Fixes a nil pointer panic in "docker push". bsc#1248373 - Rebased patches: * 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch * 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch * cli-0001-openSUSE-point-users-to-docker-buildx-package.patch * cli-0002-SECRETS-SUSE-default-to-DOCKER_BUILDKIT-0-for-docker.patch ++++ kernel-default: - wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (CVE-2025-38643 bsc#1248681) - commit 34311cc - mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices (CVE-2025-38019 bsc#1245000) - commit a85ff92 - Refresh patches.suse/Revert-mm-page_alloc.c-don-t-show-protection-in-zone.patch. Update patch metadata and move to sorted section. - commit 625f5ae - [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634 CVE-2025-38660). - commit ab3a29c - kABI: netfilter: supress warnings for nft_set_ops (git-fixes). - commit 27ce688 - tracepoint: Print the function symbol when tracepoint_debug is set (jsc#PED-13631). - commit a74d4fb - s390/ap: Unmask SLCF bit in card and queue ap functions sysfs (git-fixes bsc#1247837). - commit 288d9b8 - igc: fix disabling L1.2 PCI-E link substate on I226 on init (git-fixes). - commit 8d32f7d ++++ kernel-rt: - wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (CVE-2025-38643 bsc#1248681) - commit 34311cc - mlxsw: spectrum_router: Fix use-after-free when deleting GRE net devices (CVE-2025-38019 bsc#1245000) - commit a85ff92 - Refresh patches.suse/Revert-mm-page_alloc.c-don-t-show-protection-in-zone.patch. Update patch metadata and move to sorted section. - commit 625f5ae - [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634 CVE-2025-38660). - commit ab3a29c - kABI: netfilter: supress warnings for nft_set_ops (git-fixes). - commit 27ce688 - tracepoint: Print the function symbol when tracepoint_debug is set (jsc#PED-13631). - commit a74d4fb - s390/ap: Unmask SLCF bit in card and queue ap functions sysfs (git-fixes bsc#1247837). - commit 288d9b8 - igc: fix disabling L1.2 PCI-E link substate on I226 on init (git-fixes). - commit 8d32f7d ++++ runc: - Update to runc v1.3.1. Upstream changelog is available from - Fix runc 1.3.x builds on SLE-12 by enabling --std=gnu11. ------------------------------------------------------------------ ------------------ 2025-9-3 - Sep 3 2025 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20250903.33e5ba4: * Correct fix for boo#1247495 (boo#1248158) ++++ kernel-default: - scsi: ufs: core: Set default runtime/system PM levels before ufshcd_hba_init() (git-fixes). - commit 6c09a41 - net/mlx5e: Set local Xoff after FW update (git-fixes). - net/mlx5e: Update and set Xon/Xoff upon port speed set (git-fixes). - net/mlx5e: Update and set Xon/Xoff upon MTU set (git-fixes). - net/mlx5: Prevent flow steering mode changes in switchdev mode (git-fixes). - net/mlx5: Nack sync reset when SFs are present (git-fixes). - net/mlx5: Fix lockdep assertion on sync reset unload event (git-fixes). - net/mlx5: Reload auxiliary drivers on fw_activate (git-fixes). - net/mlx5: HWS, Fix pattern destruction in mlx5hws_pat_get_pattern error path (git-fixes). - net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow (git-fixes). - ice: fix incorrect counter for buffer allocation failures (git-fixes). - ice: use fixed adapter index for E825C embedded devices (git-fixes). - ice: don't leave device non-functional if Tx scheduler config fails (git-fixes). - bnxt_en: Fix stats context reservation logic (git-fixes). - bnxt_en: Adjust TX rings if reservation is less than requested (git-fixes). - bnxt_en: Fix memory corruption when FW resources change during ifdown (git-fixes). - net/mlx5e: Preserve shared buffer capacity during headroom updates (git-fixes). - net/mlx5: Base ECVF devlink port attrs from 0 (git-fixes). - Octeontx2-af: Skip overlap check for SPI field (git-fixes). - ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc (git-fixes). - net/mlx5: CT: Use the correct counter offset (git-fixes). - net/mlx5: HWS, fix bad parameter in CQ creation (git-fixes). - gve: prevent ethtool ops after shutdown (git-fixes). - net: page_pool: allow enabling recycling late, fix false positive warning (git-fixes). - benet: fix BUG when creating VFs (git-fixes). - net/mlx5: Correctly set gso_segs when LRO is used (git-fixes). - vdpa: Fix IDR memory leak in VDUSE module exit (git-fixes). - vdpa/mlx5: Fix release of uninitialized resources on error path (CVE-2025-38628 bsc#1248616). - vdpa/mlx5: Fix needs_teardown flag calculation (git-fixes). - RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes). - igb: xsk: solve negative overflow of nb_pkts in zerocopy mode (git-fixes). - neighbour: Fix null-ptr-deref in neigh_flush_dev() (git-fixes). - net/mlx5e: Remove skb secpath if xfrm state is not found (git-fixes). - net/mlx5e: Clear Read-Only port buffer size in PBMC before update (git-fixes). - net/mlx5: Check device memory pointer before usage (git-fixes). - e1000e: ignore uninitialized checksum word on tgp (git-fixes). - e1000e: disregard NVM checksum on tgp when valid checksum bit is not set (git-fixes). - i40e: When removing VF MAC filters, only check PF-set MAC (git-fixes). - i40e: report VF tx_dropped with tx_errors instead of tx_discards (git-fixes). - gve: Fix stuck TX queue for DQ queue format (git-fixes). - net/mlx5: E-Switch, Fix peer miss rules to use peer eswitch (git-fixes). - net/mlx5: Fix memory leak in cmd_exec() (git-fixes). - ice: check correct pointer in fwlog debugfs (git-fixes). - net/mlx5: Correctly set gso_size when LRO is used (git-fixes). - bnxt_en: Flush FW trace before copying to the coredump (git-fixes). - bnxt_en: Fix DCB ETS validation (git-fixes). - net/mlx5e: Add new prio for promiscuous mode (git-fixes). - ibmvnic: Fix hardcoded NUM_RX_STATS/NUM_TX_STATS with dynamic sizeof (git-fixes). - bnxt_en: eliminate the compile warning in bnxt_request_irq due to CONFIG_RFS_ACCEL (git-fixes). - igc: disable L1.2 PCI-E link substate to avoid performance issue (git-fixes). - bnxt_en: Update MRU and RSS table of RSS contexts on queue reset (git-fixes). - bnxt_en: Add a helper function to configure MRU and RSS (git-fixes). - ice/ptp: fix crosstimestamp reporting (git-fixes). - commit d4ae4ee - Drop ath12k patch that was reverted in the upstream (git-fixes) - commit 0ebe805 - netfilter: nf_reject: don't leak dst refcount for loopback packets (git-fixes). - commit c98a78c - netfilter: ctnetlink: remove refcounting in expectation dumpers (git-fixes). - commit 180b1da - netfilter: ctnetlink: fix refcount leak on table dump (git-fixes). - commit 144df33 - Revert "wifi: mt76: mt7925: Update mt7925_mcu_uni_[tx,rx]_ba for MLO" (git-fixes). - Refresh patches.suse/wifi-mt76-mt7925-load-the-appropriate-CLC-data-based.patch. - commit 022c9d4 - wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (git-fixes). - wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes). - wifi: mt76: mt7925: adjust rm BSS flow to prevent next connection failure (git-fixes). - wifi: ath12k: fix memory leak in ath12k_pci_remove() (stable-fixes). - commit d6dfa86 - netfilter: nft_set_pipapo: prefer kvmalloc for scratch maps (git-fixes). - commit 30511a6 - netfilter: nf_tables: adjust lockdep assertions handling (git-fixes). - commit 4eac73e - netfilter: nf_tables: Drop dead code from fill_*_info routines (git-fixes). - commit 0985889 - netfilter: nf_nat: also check reverse tuple to obtain clashing entry (git-fixes). - commit e8b9b42 - netfilter: nft_tunnel: fix geneve_opt dump (git-fixes). - commit e8ff1b8 - usb: dwc3: qcom: Don't leave BCR asserted (git-fixes). - commit d02e75f - netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds (git-fixes). - commit 9973f5b - netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap around (git-fixes). - commit 840672d - soundwire: amd: fix for handling slave alerts after link is down (git-fixes). - tools/power turbostat: Clustered Uncore MHz counters should honor show/hide options (stable-fixes). - commit 2b28a91 - netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template (git-fixes). - commit d759ad6 - selinux: change security_compute_sid to return the ssid or tsid on match (git-fixes). - selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (stable-fixes). - commit 67b27c3 - xfrm: replay: Fix the update of replay_esn->oseq_hi for GSO (git-fixes). - commit 384833b - r8169: disable RTL8126 ZRX-DC timeout (stable-fixes). - r8169: don't scan PHY addresses > 0 (stable-fixes). - r8169: add support for RTL8125D (stable-fixes). - commit 5a5406a - phy: mscc: Fix timestamping for vsc8584 (git-fixes). - phy: mscc: Fix parsing of unicast frames (git-fixes). - phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes). - commit cef652d - mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1 (git-fixes). - mfd: exynos-lpass: Fix another error handling path in exynos_lpass_probe() (git-fixes). - mtd: rawnand: qcom: Fix last codeword read in qcom_param_page_type_exec() (git-fixes). - misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (git-fixes). - misc: pci_endpoint_test: Give disabled BARs a distinct error code (stable-fixes). - commit 265f979 - media: uvcvideo: Rollback non processed entities on error (git-fixes). - commit 77fe556 - Revert "mac80211: Dynamically set CoDel parameters per station" (stable-fixes). - commit a3f9ef1 - iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read() (git-fixes). - iio: adc: ad7173: fix setting ODR in probe (git-fixes). - commit c345d74 - kabi/severities: ignore kABI compatibility in iio inv_icm42600 drivers They are used only locally - commit 4b6ea02 - iio: imu: inv_icm42600: Convert to uXX and sXX integer types (stable-fixes). - Refresh patches.suse/iio-imu-inv_icm42600-change-invalid-data-error-to-EB.patch. - commit b49ad7a - iio: accel: fxls8962af: Fix temperature calculation (git-fixes). - iio: hid-sensor-prox: Fix incorrect OFFSET calculation (git-fixes). - iio: hid-sensor-prox: Restore lost scale assignments (git-fixes). - iio: imu: inv_icm42600: fix spi burst write not supported (git-fixes). - commit d725fa5 - i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes). - commit 422bc10 - i2c: designware: Use temporary variable for struct device (stable-fixes). - Refresh patches.suse/i2c-designware-Fix-an-error-handling-path-in-i2c_dw_.patch. - commit 572df73 - HID: magicmouse: avoid setting up battery timer when not needed (git-fixes). - HID: apple: avoid setting up battery timer for devices without battery (git-fixes). - commit 60e95b8 - drm/i915/icl+/tc: Convert AUX powered WARN to a debug message (stable-fixes). - drm/i915/icl+/tc: Cache the max lane count value (stable-fixes). - drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x (git-fixes). - drm/xe: Move page fault init after topology init (git-fixes). - drm/nouveau/gsp: fix potential leak of memory used during acpi init (git-fixes). - drm/xe: Allow dropping kunit dependency as built-in (git-fixes). - commit e6e09dd - drm/amdgpu/discovery: fix fw based ip discovery (git-fixes). - drm/xe/bmg: Update Wa_22019338487 (git-fixes). - drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause (stable-fixes). - drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13 (stable-fixes). - drm/amdgpu/mes: add missing locking in helper functions (stable-fixes). - commit 7e9890a - drm/simpledrm: Do not upcast in release helpers (git-fixes). - drm/cirrus-qemu: Fix pitch programming (git-fixes). - commit b624f85 - drm/xe/gsc: do not flush the GSC worker from the reset path (git-fixes). - drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF (git-fixes). - drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change (git-fixes). - drm/xe/bmg: Add one additional PCI ID (stable-fixes). - commit c2190df - netfilter: nf_tables: fix set size with rbtree backend (git-fixes). - commit 80c4ea7 - drm/amdgpu/discovery: optionally use fw based ip discovery (stable-fixes). - commit 4e56fa6 - drm/amd/display: Fix mismatch type comparison (stable-fixes). - drm/xe/bmg: Add new PCI IDs (stable-fixes). - commit 8b6d86b - net: hsr: fix fill_frame_info() regression vs VLAN packets (git-fixes). - commit 8901b13 - Refresh patches.suse/drm-amd-display-Request-HW-cursor-on-DCN3.2-with-Sub.patch The partial revert in the upstream 6.12.y is folded into the patch - commit 8be4958 - ipv6: reject malicious packets in ipv6_gso_segment() (CVE-2025-38572 bsc#1248399). - net: add debug check in skb_reset_transport_header() (CVE-2025-38572 bsc#1248399). - commit 1c3093c - drm/msm/dp: account for widebus and yuv420 during mode validation (git-fixes). - drm/xe: Carve out wopcm portion from the stolen memory (git-fixes). - commit 4792a43 - Drop a few Xe patches that have been reverted in 6.12.y stable The upstream already reverted a few patches due to regressions, and we also follow (and blacklist them). Deleted: patches.suse/drm-xe-devcoredump-Update-handling-of-xe_force_wake_.patch patches.suse/drm-xe-forcewake-Add-a-helper-xe_force_wake_ref_has_.patch patches.suse/drm-xe-gt-Update-handling-of-xe_force_wake_get-retur.patch patches.suse/drm-xe-tests-mocs-Hold-XE_FORCEWAKE_ALL-for-LNCF-reg.patch patches.suse/drm-xe-tests-mocs-Update-xe_force_wake_get-return-ha.patch Refreshed: patches.suse/drm-xe-Fix-GT-for-each-engine-workarounds.patch patches.suse/drm-xe-Move-the-coredump-registration-to-the-worker-.patch patches.suse/drm-xe-Take-PM-ref-in-delayed-snapshot-capture-worke.patch patches.suse/drm-xe-bmg-Update-Wa_16023588340.patch patches.suse/drm-xe-pf-Prepare-to-stop-SR-IOV-support-prior-GT-re.patch - commit 019c4d3 - kABI workaround for struct mtk_base_afe changes (git-fixes). - commit bfb1140 - ASoC: mediatek: use reserved memory or enable buffer pre-allocation (git-fixes). - commit 8fbb8b5 - ASoC: codecs: wcd9375: Fix double free of regulator supplies (git-fixes). - ASoC: codecs: wcd937x: Drop unused buck_supply (git-fixes). - commit 428fcda - mctp: no longer rely on net->dev_index_head (git-fixes). - Refresh patches.suse/net-mctp-Don-t-access-ifa_index-when-missing.patch. - commit b5bc0f2 - rpm: Configure KABI checkingness macro (bsc#1249186) The value of the config should match presence of KABI reference data. If it mismatches: - !CONFIG & reference -> this is bug, immediate fail - CONFIG & no reference -> OK temporarily, must be resolved eventually - commit 23c1536 - mptcp: fix spurious wake-up on under memory pressure (git-fixes). - commit c782ac7 - Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186) The motivation: there are patches.kabi/ patches that restore KABI and they check validity of the approach with static_assert()s to prevent accidental KABI breakage. These asserts are invoked on each arch-flavor and they may signal false negatives -- that is KABI restoration patch could break KABI but the given arch-flavor defines no KABI. The intended use is to disable the compile time checks in patches.kabi/ (but not to be confused with __GENKSYMS__ that affects how reference is calculated). The name is chosen so that it mimics HAVE_* macros that are not configured manually (but is selected by an arch). In our case it's (un)selected by build script depending on whether KABI reference is defined for given arch-flavor and whether check is really requested by the user. Default value is 'n' so that people building merely via Makefile (not RPM with KABI checking) obtain consistent config. - commit a317d04 - net: 802: LLC+SNAP OID:PID lookup on start of skb data (git-fixes). - commit c23ea46 - net: llc: reset skb->transport_header (git-fixes). - commit 487d90f - net: mctp: handle skb cleanup on sock_queue failures (git-fixes). - Refresh patches.suse/net-mctp-unshare-packets-when-reassembling.patch. - commit 5e65ce2 - ipvs: Fix clamp() of ip_vs_conn_tab on small memory systems (git-fixes). - commit 3d1de0f - psample: adjust size if rate_as_probability is set (git-fixes). - commit 2508d32 - net: dsa: restore dsa_software_vlan_untag() ability to operate on VLAN-untagged traffic (git-fixes). - commit b8cbb32 - net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (git-fixes). - commit e07bfa8 - net: dsa: tag_ocelot_8021q: fix broken reception (git-fixes). - commit 680a61f - net: hsr: fix hsr_init_sk() vs network/transport headers (git-fixes). - commit 9b32d20 - btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes). - commit 2ef27b3 - btrfs: do not output error message if a qgroup has been already cleaned up (git-fixes). - commit 9ca239b - btrfs: subpage: fix the bitmap dump of the locked flags (git-fixes). - commit 7983818 - btrfs: handle unaligned EOF truncation correctly for subpage cases (bsc#1249038). - commit 56bc678 - btrfs: convert ASSERT(0) with handled errors to DEBUG_WARN() (bsc#1249038). - commit a1589a9 - btrfs: add debug build only WARN (bsc#1249038). - commit 97bc3a6 - btrfs: use verbose ASSERT() in volumes.c (bsc#1249038). - commit e2a342d - gfs2: No more self recovery (bsc#1248639 CVE-2025-38659). - commit f21f207 - btrfs: enhance ASSERT() to take optional format string (bsc#1249038). - commit 038fb2a - ALSA: usb-audio: Allow Focusrite devices to use low samplerates (git-fixes). - commit 8cb030f ++++ kernel-rt: - scsi: ufs: core: Set default runtime/system PM levels before ufshcd_hba_init() (git-fixes). - commit 6c09a41 - net/mlx5e: Set local Xoff after FW update (git-fixes). - net/mlx5e: Update and set Xon/Xoff upon port speed set (git-fixes). - net/mlx5e: Update and set Xon/Xoff upon MTU set (git-fixes). - net/mlx5: Prevent flow steering mode changes in switchdev mode (git-fixes). - net/mlx5: Nack sync reset when SFs are present (git-fixes). - net/mlx5: Fix lockdep assertion on sync reset unload event (git-fixes). - net/mlx5: Reload auxiliary drivers on fw_activate (git-fixes). - net/mlx5: HWS, Fix pattern destruction in mlx5hws_pat_get_pattern error path (git-fixes). - net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow (git-fixes). - ice: fix incorrect counter for buffer allocation failures (git-fixes). - ice: use fixed adapter index for E825C embedded devices (git-fixes). - ice: don't leave device non-functional if Tx scheduler config fails (git-fixes). - bnxt_en: Fix stats context reservation logic (git-fixes). - bnxt_en: Adjust TX rings if reservation is less than requested (git-fixes). - bnxt_en: Fix memory corruption when FW resources change during ifdown (git-fixes). - net/mlx5e: Preserve shared buffer capacity during headroom updates (git-fixes). - net/mlx5: Base ECVF devlink port attrs from 0 (git-fixes). - Octeontx2-af: Skip overlap check for SPI field (git-fixes). - ixgbe: xsk: resolve the negative overflow of budget in ixgbe_xmit_zc (git-fixes). - net/mlx5: CT: Use the correct counter offset (git-fixes). - net/mlx5: HWS, fix bad parameter in CQ creation (git-fixes). - gve: prevent ethtool ops after shutdown (git-fixes). - net: page_pool: allow enabling recycling late, fix false positive warning (git-fixes). - benet: fix BUG when creating VFs (git-fixes). - net/mlx5: Correctly set gso_segs when LRO is used (git-fixes). - vdpa: Fix IDR memory leak in VDUSE module exit (git-fixes). - vdpa/mlx5: Fix release of uninitialized resources on error path (CVE-2025-38628 bsc#1248616). - vdpa/mlx5: Fix needs_teardown flag calculation (git-fixes). - RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes). - igb: xsk: solve negative overflow of nb_pkts in zerocopy mode (git-fixes). - neighbour: Fix null-ptr-deref in neigh_flush_dev() (git-fixes). - net/mlx5e: Remove skb secpath if xfrm state is not found (git-fixes). - net/mlx5e: Clear Read-Only port buffer size in PBMC before update (git-fixes). - net/mlx5: Check device memory pointer before usage (git-fixes). - e1000e: ignore uninitialized checksum word on tgp (git-fixes). - e1000e: disregard NVM checksum on tgp when valid checksum bit is not set (git-fixes). - i40e: When removing VF MAC filters, only check PF-set MAC (git-fixes). - i40e: report VF tx_dropped with tx_errors instead of tx_discards (git-fixes). - gve: Fix stuck TX queue for DQ queue format (git-fixes). - net/mlx5: E-Switch, Fix peer miss rules to use peer eswitch (git-fixes). - net/mlx5: Fix memory leak in cmd_exec() (git-fixes). - ice: check correct pointer in fwlog debugfs (git-fixes). - net/mlx5: Correctly set gso_size when LRO is used (git-fixes). - bnxt_en: Flush FW trace before copying to the coredump (git-fixes). - bnxt_en: Fix DCB ETS validation (git-fixes). - net/mlx5e: Add new prio for promiscuous mode (git-fixes). - ibmvnic: Fix hardcoded NUM_RX_STATS/NUM_TX_STATS with dynamic sizeof (git-fixes). - bnxt_en: eliminate the compile warning in bnxt_request_irq due to CONFIG_RFS_ACCEL (git-fixes). - igc: disable L1.2 PCI-E link substate to avoid performance issue (git-fixes). - bnxt_en: Update MRU and RSS table of RSS contexts on queue reset (git-fixes). - bnxt_en: Add a helper function to configure MRU and RSS (git-fixes). - ice/ptp: fix crosstimestamp reporting (git-fixes). - commit d4ae4ee - Drop ath12k patch that was reverted in the upstream (git-fixes) - commit 0ebe805 - netfilter: nf_reject: don't leak dst refcount for loopback packets (git-fixes). - commit c98a78c - netfilter: ctnetlink: remove refcounting in expectation dumpers (git-fixes). - commit 180b1da - netfilter: ctnetlink: fix refcount leak on table dump (git-fixes). - commit 144df33 - Revert "wifi: mt76: mt7925: Update mt7925_mcu_uni_[tx,rx]_ba for MLO" (git-fixes). - Refresh patches.suse/wifi-mt76-mt7925-load-the-appropriate-CLC-data-based.patch. - commit 022c9d4 - wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (git-fixes). - wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes). - wifi: mt76: mt7925: adjust rm BSS flow to prevent next connection failure (git-fixes). - wifi: ath12k: fix memory leak in ath12k_pci_remove() (stable-fixes). - commit d6dfa86 - netfilter: nft_set_pipapo: prefer kvmalloc for scratch maps (git-fixes). - commit 30511a6 - netfilter: nf_tables: adjust lockdep assertions handling (git-fixes). - commit 4eac73e - netfilter: nf_tables: Drop dead code from fill_*_info routines (git-fixes). - commit 0985889 - netfilter: nf_nat: also check reverse tuple to obtain clashing entry (git-fixes). - commit e8b9b42 - netfilter: nft_tunnel: fix geneve_opt dump (git-fixes). - commit e8ff1b8 - usb: dwc3: qcom: Don't leave BCR asserted (git-fixes). - commit d02e75f - netfilter: xtables: support arpt_mark and ipv6 optstrip for iptables-nft only builds (git-fixes). - commit 9973f5b - netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap around (git-fixes). - commit 840672d - soundwire: amd: fix for handling slave alerts after link is down (git-fixes). - tools/power turbostat: Clustered Uncore MHz counters should honor show/hide options (stable-fixes). - commit 2b28a91 - netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template (git-fixes). - commit d759ad6 - selinux: change security_compute_sid to return the ssid or tsid on match (git-fixes). - selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len (stable-fixes). - commit 67b27c3 - xfrm: replay: Fix the update of replay_esn->oseq_hi for GSO (git-fixes). - commit 384833b - r8169: disable RTL8126 ZRX-DC timeout (stable-fixes). - r8169: don't scan PHY addresses > 0 (stable-fixes). - r8169: add support for RTL8125D (stable-fixes). - commit 5a5406a - phy: mscc: Fix timestamping for vsc8584 (git-fixes). - phy: mscc: Fix parsing of unicast frames (git-fixes). - phy: rockchip-pcie: Properly disable TEST_WRITE strobe signal (stable-fixes). - commit cef652d - mmc: sdhci_am654: Disable HS400 for AM62P SR1.0 and SR1.1 (git-fixes). - mfd: exynos-lpass: Fix another error handling path in exynos_lpass_probe() (git-fixes). - mtd: rawnand: qcom: Fix last codeword read in qcom_param_page_type_exec() (git-fixes). - misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (git-fixes). - misc: pci_endpoint_test: Give disabled BARs a distinct error code (stable-fixes). - commit 265f979 - media: uvcvideo: Rollback non processed entities on error (git-fixes). - commit 77fe556 - Revert "mac80211: Dynamically set CoDel parameters per station" (stable-fixes). - commit a3f9ef1 - iio: temperature: maxim_thermocouple: use DMA-safe buffer for spi_read() (git-fixes). - iio: adc: ad7173: fix setting ODR in probe (git-fixes). - commit c345d74 - kabi/severities: ignore kABI compatibility in iio inv_icm42600 drivers They are used only locally - commit 4b6ea02 - iio: imu: inv_icm42600: Convert to uXX and sXX integer types (stable-fixes). - Refresh patches.suse/iio-imu-inv_icm42600-change-invalid-data-error-to-EB.patch. - commit b49ad7a - iio: accel: fxls8962af: Fix temperature calculation (git-fixes). - iio: hid-sensor-prox: Fix incorrect OFFSET calculation (git-fixes). - iio: hid-sensor-prox: Restore lost scale assignments (git-fixes). - iio: imu: inv_icm42600: fix spi burst write not supported (git-fixes). - commit d725fa5 - i3c: master: Initialize ret in i3c_i2c_notifier_call() (stable-fixes). - commit 422bc10 - i2c: designware: Use temporary variable for struct device (stable-fixes). - Refresh patches.suse/i2c-designware-Fix-an-error-handling-path-in-i2c_dw_.patch. - commit 572df73 - HID: magicmouse: avoid setting up battery timer when not needed (git-fixes). - HID: apple: avoid setting up battery timer for devices without battery (git-fixes). - commit 60e95b8 - drm/i915/icl+/tc: Convert AUX powered WARN to a debug message (stable-fixes). - drm/i915/icl+/tc: Cache the max lane count value (stable-fixes). - drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x (git-fixes). - drm/xe: Move page fault init after topology init (git-fixes). - drm/nouveau/gsp: fix potential leak of memory used during acpi init (git-fixes). - drm/xe: Allow dropping kunit dependency as built-in (git-fixes). - commit e6e09dd - drm/amdgpu/discovery: fix fw based ip discovery (git-fixes). - drm/xe/bmg: Update Wa_22019338487 (git-fixes). - drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause (stable-fixes). - drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13 (stable-fixes). - drm/amdgpu/mes: add missing locking in helper functions (stable-fixes). - commit 7e9890a - drm/simpledrm: Do not upcast in release helpers (git-fixes). - drm/cirrus-qemu: Fix pitch programming (git-fixes). - commit b624f85 - drm/xe/gsc: do not flush the GSC worker from the reset path (git-fixes). - drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF (git-fixes). - drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change (git-fixes). - drm/xe/bmg: Add one additional PCI ID (stable-fixes). - commit c2190df - netfilter: nf_tables: fix set size with rbtree backend (git-fixes). - commit 80c4ea7 - drm/amdgpu/discovery: optionally use fw based ip discovery (stable-fixes). - commit 4e56fa6 - drm/amd/display: Fix mismatch type comparison (stable-fixes). - drm/xe/bmg: Add new PCI IDs (stable-fixes). - commit 8b6d86b - net: hsr: fix fill_frame_info() regression vs VLAN packets (git-fixes). - commit 8901b13 - Refresh patches.suse/drm-amd-display-Request-HW-cursor-on-DCN3.2-with-Sub.patch The partial revert in the upstream 6.12.y is folded into the patch - commit 8be4958 - ipv6: reject malicious packets in ipv6_gso_segment() (CVE-2025-38572 bsc#1248399). - net: add debug check in skb_reset_transport_header() (CVE-2025-38572 bsc#1248399). - commit 1c3093c - drm/msm/dp: account for widebus and yuv420 during mode validation (git-fixes). - drm/xe: Carve out wopcm portion from the stolen memory (git-fixes). - commit 4792a43 - Drop a few Xe patches that have been reverted in 6.12.y stable The upstream already reverted a few patches due to regressions, and we also follow (and blacklist them). Deleted: patches.suse/drm-xe-devcoredump-Update-handling-of-xe_force_wake_.patch patches.suse/drm-xe-forcewake-Add-a-helper-xe_force_wake_ref_has_.patch patches.suse/drm-xe-gt-Update-handling-of-xe_force_wake_get-retur.patch patches.suse/drm-xe-tests-mocs-Hold-XE_FORCEWAKE_ALL-for-LNCF-reg.patch patches.suse/drm-xe-tests-mocs-Update-xe_force_wake_get-return-ha.patch Refreshed: patches.suse/drm-xe-Fix-GT-for-each-engine-workarounds.patch patches.suse/drm-xe-Move-the-coredump-registration-to-the-worker-.patch patches.suse/drm-xe-Take-PM-ref-in-delayed-snapshot-capture-worke.patch patches.suse/drm-xe-bmg-Update-Wa_16023588340.patch patches.suse/drm-xe-pf-Prepare-to-stop-SR-IOV-support-prior-GT-re.patch - commit 019c4d3 - kABI workaround for struct mtk_base_afe changes (git-fixes). - commit bfb1140 - ASoC: mediatek: use reserved memory or enable buffer pre-allocation (git-fixes). - commit 8fbb8b5 - ASoC: codecs: wcd9375: Fix double free of regulator supplies (git-fixes). - ASoC: codecs: wcd937x: Drop unused buck_supply (git-fixes). - commit 428fcda - mctp: no longer rely on net->dev_index_head (git-fixes). - Refresh patches.suse/net-mctp-Don-t-access-ifa_index-when-missing.patch. - commit b5bc0f2 - rpm: Configure KABI checkingness macro (bsc#1249186) The value of the config should match presence of KABI reference data. If it mismatches: - !CONFIG & reference -> this is bug, immediate fail - CONFIG & no reference -> OK temporarily, must be resolved eventually - commit 23c1536 - mptcp: fix spurious wake-up on under memory pressure (git-fixes). - commit c782ac7 - Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186) The motivation: there are patches.kabi/ patches that restore KABI and they check validity of the approach with static_assert()s to prevent accidental KABI breakage. These asserts are invoked on each arch-flavor and they may signal false negatives -- that is KABI restoration patch could break KABI but the given arch-flavor defines no KABI. The intended use is to disable the compile time checks in patches.kabi/ (but not to be confused with __GENKSYMS__ that affects how reference is calculated). The name is chosen so that it mimics HAVE_* macros that are not configured manually (but is selected by an arch). In our case it's (un)selected by build script depending on whether KABI reference is defined for given arch-flavor and whether check is really requested by the user. Default value is 'n' so that people building merely via Makefile (not RPM with KABI checking) obtain consistent config. - commit a317d04 - net: 802: LLC+SNAP OID:PID lookup on start of skb data (git-fixes). - commit c23ea46 - net: llc: reset skb->transport_header (git-fixes). - commit 487d90f - net: mctp: handle skb cleanup on sock_queue failures (git-fixes). - Refresh patches.suse/net-mctp-unshare-packets-when-reassembling.patch. - commit 5e65ce2 - ipvs: Fix clamp() of ip_vs_conn_tab on small memory systems (git-fixes). - commit 3d1de0f - psample: adjust size if rate_as_probability is set (git-fixes). - commit 2508d32 - net: dsa: restore dsa_software_vlan_untag() ability to operate on VLAN-untagged traffic (git-fixes). - commit b8cbb32 - net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (git-fixes). - commit e07bfa8 - net: dsa: tag_ocelot_8021q: fix broken reception (git-fixes). - commit 680a61f - net: hsr: fix hsr_init_sk() vs network/transport headers (git-fixes). - commit 9b32d20 - btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes). - commit 2ef27b3 - btrfs: do not output error message if a qgroup has been already cleaned up (git-fixes). - commit 9ca239b - btrfs: subpage: fix the bitmap dump of the locked flags (git-fixes). - commit 7983818 - btrfs: handle unaligned EOF truncation correctly for subpage cases (bsc#1249038). - commit 56bc678 - btrfs: convert ASSERT(0) with handled errors to DEBUG_WARN() (bsc#1249038). - commit a1589a9 - btrfs: add debug build only WARN (bsc#1249038). - commit 97bc3a6 - btrfs: use verbose ASSERT() in volumes.c (bsc#1249038). - commit e2a342d - gfs2: No more self recovery (bsc#1248639 CVE-2025-38659). - commit f21f207 - btrfs: enhance ASSERT() to take optional format string (bsc#1249038). - commit 038fb2a - ALSA: usb-audio: Allow Focusrite devices to use low samplerates (git-fixes). - commit 8cb030f ------------------------------------------------------------------ ------------------ 2025-9-2 - Sep 2 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - References #2474 and #2475 poweroff instead of halt on oem shutdown ++++ kernel-default: - scsi: ufs: ufs-pci: Fix default runtime and system PM levels (git-fixes). - scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers (git-fixes). - scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume (git-fixes). - scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (git-fixes). - scsi: ufs: core: Fix spelling of a sysfs attribute name (git-fixes). - scsi: ufs: core: Fix clk scaling to be conditional in reset and restore (git-fixes). - scsi: ufs: core: Don't perform UFS clkscaling during host async scan (git-fixes). - scsi: ufs: mcq: Delete ufshcd_release_scsi_cmd() in ufshcd_mcq_abort() (git-fixes). - scsi: ufs: core: Remove redundant query_complete trace (git-fixes). - scsi: ufs: Introduce quirk to extend PA_HIBERN8TIME for UFS devices (git-fixes). - scsi: ufs: exynos: gs101: Put UFS device in reset on .suspend() (git-fixes). - scsi: ufs: exynos: Move phy calls to .exit() callback (git-fixes). - scsi: ufs: exynos: Enable PRDT pre-fetching with UFSHCD_CAP_CRYPTO (git-fixes). - scsi: ufs: exynos: Ensure consistent phy reference counts (git-fixes). - scsi: ufs: exynos: Move UFS shareability value to drvdata (git-fixes). - scsi: ufs: exynos: Ensure pre_link() executes before exynos_ufs_phy_init() (git-fixes). - scsi: ufs: qcom: fix dev reference leaked through of_qcom_ice_get (git-fixes). - scsi: ufs: core: Fix ufshcd_is_ufs_dev_busy() and ufshcd_eh_timed_out() (git-fixes). - scsi: ufs: core: Fix error return with query response (git-fixes). - scsi: ufs: Fix toggling of clk_gating.state when clock gating is not allowed (git-fixes). - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (git-fixes). - scsi: ufs: qcom: Fix crypto key eviction (git-fixes). - scsi: ufs: core: Prepare to introduce a new clock_gating lock (git-fixes). - scsi: ufs: core: Introduce ufshcd_has_pending_tasks() (git-fixes). - scsi: ufs: core: Honor runtime/system PM levels if set by host controller drivers (git-fixes). - scsi: ufs: core: Update compl_time_stamp_local_clock after completing a cqe (git-fixes). - scsi: ufs: core: Add missing post notify for power mode change (git-fixes). - scsi: ufs: pltfrm: Drop PM runtime reference count after ufshcd_remove() (git-fixes). - scsi: ufs: pltfrm: Disable runtime PM during removal of glue drivers (git-fixes). - scsi: ufs: core: Add ufshcd_send_bsg_uic_cmd() for UFS BSG (git-fixes). - scsi: ufs: exynos: Fix hibern8 notify callbacks (git-fixes). - scsi: ufs: exynos: Add gs101_ufs_drv_init() hook and enable WriteBooster (git-fixes). - scsi: ufs: exynos: Add check inside exynos_ufs_config_smu() (git-fixes). - scsi: ufs: exynos: Remove superfluous function parameter (git-fixes). - scsi: ufs: exynos: Remove empty drv_init method (git-fixes). - scsi: ufs: core: Improve ufshcd_mcq_sq_cleanup() (git-fixes). - scsi: ufs: core: Always initialize the UIC done completion (git-fixes). - commit 80e8ae3 - atm: atmtcp: Free invalid length skb in atmtcp_c_send() (CVE-2025-38185 bsc#1246012) - commit 481542d - s390/mm: Do not map lowcore with identity mapping (git-fixes bsc#1249066). - commit 8621600 - s390/sclp: Fix SCCB present check (git-fixes bsc#1249065). - commit a696cb0 - s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249064). - commit d681db3 - s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249062). - commit 599898d - s390/early: Copy last breaking event address to pt_regs (git-fixes bsc#1249061). - commit 75fe912 - Update config files: revive pwc driver for Leap (bsc#1249060) - commit 3eb97c1 - ext4: remove writable userspace mappings before truncating page cache (bsc#1247223). - commit f42a012 - mm: fix the inaccurate memory statistics issue for users (bsc#1244723). - commit cfde4ca - Refresh patches.suse/cpuidle-menu-Bias-selection-of-a-shallower-c-state-when-CPU-idles-for-IO.patch (bsc#1247935). - commit 1c15b68 - nvmet: exit debugfs after discovery subsystem exits (git-fixes). - commit 12678fa - nvmet: initialize discovery subsys after debugfs is initialized (git-fixes). - nvme-pci: try function level reset on init failure (git-fixes). - nvme-tcp: log TLS handshake failures at error level (git-fixes). - commit b6c5818 - ipv6: prevent infinite loop in rt6_nlmsg_size() (CVE-2025-38588 bsc#1248368). - commit 5b48674 - ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (CVE-2025-38664 bsc#1248628). - commit c056165 ++++ kernel-rt: - scsi: ufs: ufs-pci: Fix default runtime and system PM levels (git-fixes). - scsi: ufs: ufs-pci: Fix hibernate state transition for Intel MTL-like host controllers (git-fixes). - scsi: ufs: core: Use link recovery when h8 exit fails during runtime resume (git-fixes). - scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE (git-fixes). - scsi: ufs: core: Fix spelling of a sysfs attribute name (git-fixes). - scsi: ufs: core: Fix clk scaling to be conditional in reset and restore (git-fixes). - scsi: ufs: core: Don't perform UFS clkscaling during host async scan (git-fixes). - scsi: ufs: mcq: Delete ufshcd_release_scsi_cmd() in ufshcd_mcq_abort() (git-fixes). - scsi: ufs: core: Remove redundant query_complete trace (git-fixes). - scsi: ufs: Introduce quirk to extend PA_HIBERN8TIME for UFS devices (git-fixes). - scsi: ufs: exynos: gs101: Put UFS device in reset on .suspend() (git-fixes). - scsi: ufs: exynos: Move phy calls to .exit() callback (git-fixes). - scsi: ufs: exynos: Enable PRDT pre-fetching with UFSHCD_CAP_CRYPTO (git-fixes). - scsi: ufs: exynos: Ensure consistent phy reference counts (git-fixes). - scsi: ufs: exynos: Move UFS shareability value to drvdata (git-fixes). - scsi: ufs: exynos: Ensure pre_link() executes before exynos_ufs_phy_init() (git-fixes). - scsi: ufs: qcom: fix dev reference leaked through of_qcom_ice_get (git-fixes). - scsi: ufs: core: Fix ufshcd_is_ufs_dev_busy() and ufshcd_eh_timed_out() (git-fixes). - scsi: ufs: core: Fix error return with query response (git-fixes). - scsi: ufs: Fix toggling of clk_gating.state when clock gating is not allowed (git-fixes). - scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (git-fixes). - scsi: ufs: qcom: Fix crypto key eviction (git-fixes). - scsi: ufs: core: Prepare to introduce a new clock_gating lock (git-fixes). - scsi: ufs: core: Introduce ufshcd_has_pending_tasks() (git-fixes). - scsi: ufs: core: Honor runtime/system PM levels if set by host controller drivers (git-fixes). - scsi: ufs: core: Update compl_time_stamp_local_clock after completing a cqe (git-fixes). - scsi: ufs: core: Add missing post notify for power mode change (git-fixes). - scsi: ufs: pltfrm: Drop PM runtime reference count after ufshcd_remove() (git-fixes). - scsi: ufs: pltfrm: Disable runtime PM during removal of glue drivers (git-fixes). - scsi: ufs: core: Add ufshcd_send_bsg_uic_cmd() for UFS BSG (git-fixes). - scsi: ufs: exynos: Fix hibern8 notify callbacks (git-fixes). - scsi: ufs: exynos: Add gs101_ufs_drv_init() hook and enable WriteBooster (git-fixes). - scsi: ufs: exynos: Add check inside exynos_ufs_config_smu() (git-fixes). - scsi: ufs: exynos: Remove superfluous function parameter (git-fixes). - scsi: ufs: exynos: Remove empty drv_init method (git-fixes). - scsi: ufs: core: Improve ufshcd_mcq_sq_cleanup() (git-fixes). - scsi: ufs: core: Always initialize the UIC done completion (git-fixes). - commit 80e8ae3 - atm: atmtcp: Free invalid length skb in atmtcp_c_send() (CVE-2025-38185 bsc#1246012) - commit 481542d - s390/mm: Do not map lowcore with identity mapping (git-fixes bsc#1249066). - commit 8621600 - s390/sclp: Fix SCCB present check (git-fixes bsc#1249065). - commit a696cb0 - s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249064). - commit d681db3 - s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249062). - commit 599898d - s390/early: Copy last breaking event address to pt_regs (git-fixes bsc#1249061). - commit 75fe912 - Update config files: revive pwc driver for Leap (bsc#1249060) - commit 3eb97c1 - ext4: remove writable userspace mappings before truncating page cache (bsc#1247223). - commit f42a012 - mm: fix the inaccurate memory statistics issue for users (bsc#1244723). - commit cfde4ca - Refresh patches.suse/cpuidle-menu-Bias-selection-of-a-shallower-c-state-when-CPU-idles-for-IO.patch (bsc#1247935). - commit 1c15b68 - nvmet: exit debugfs after discovery subsystem exits (git-fixes). - commit 12678fa - nvmet: initialize discovery subsys after debugfs is initialized (git-fixes). - nvme-pci: try function level reset on init failure (git-fixes). - nvme-tcp: log TLS handshake failures at error level (git-fixes). - commit b6c5818 - ipv6: prevent infinite loop in rt6_nlmsg_size() (CVE-2025-38588 bsc#1248368). - commit 5b48674 - ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (CVE-2025-38664 bsc#1248628). - commit c056165 ++++ python-maturin: - Update vendor tarball to fix CVE-2025-58160 (bsc#1249011) ------------------------------------------------------------------ ------------------ 2025-9-1 - Sep 1 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update warnings and errors related to "docker buildx ..." so that they reference our openSUSE docker-buildx packages. + cli-0001-openSUSE-point-users-to-docker-buildx-package.patch - Enable building docker-buildx for SLE15 systems with SUSEConnect secret injection enabled. PED-12534 PED-8905 bsc#1247594 As docker-buildx does not support our SUSEConnect secret injection (and some users depend "docker build" working transparently), patch the docker CLI so that "docker build" will no longer automatically call "docker buildx build", effectively making DOCKER_BUILDKIT=0 the default configuration. Users can manually use "docker buildx ..." commands or set DOCKER_BUILDKIT=1 in order to opt-in to using docker-buildx. Users can silence the "docker build" warning by setting DOCKER_BUILDKIT=0 explicitly. In order to inject SCC credentials with docker-buildx, users should use RUN --mount=type=secret,id=SCCcredentials zypper -n ... in their Dockerfiles, and docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file . when doing their builds. + cli-0002-SECRETS-SUSE-default-to-DOCKER_BUILDKIT-0-for-docker.patch ++++ python-kiwi: - Fix rawhide integration test The package shim-ia32 got dropped - Add test for profiled overlays kiwi supports overlay files per profile, but we didn't had a proper integration test for it. This commit adds one - Mount proc when needed Using cp -a might lookup in proc/self/.. under certain conditions. Make sure to mount proc for config/function that might trigger this condition. This Fixes #2876 - Update test-image-custom-partitions test build Fix patch files to match with new dracut module dirs - Update dracut version compat runtime check Update check_dracut_module_versions_compatible_to_kiwi to match with new dracut module dirs which have changed due to recommended dracut module ordering for out-of-tree modules. - Fix dracut Makefile install target module dir names have changed due to recommended dracut module ordering for out-of-tree modules. - Update pacman spec to dract changed module dirs Follow up change for the fix of the recommended dracut module ordering for out-of-tree modules. - Update spec file due to dract changed module dirs Follow up change for the fix of the recommended dracut module ordering for out-of-tree modules. ++++ kernel-default: - ring-buffer: Do not trigger WARN_ON() due to a commit_overrun (CVE-2025-38267 bsc#1246245) - commit 5cf9510 - net: drv: netdevsim: don't napi_complete() from netpoll (CVE-2025-38270 bsc#1246252) - commit 42d34e9 - HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556 bsc#1248296) - commit 69d7c6e - rxrpc: Fix bug due to prealloc collision (CVE-2025-38544 bsc#1248225) - commit c9a2e2d - net: libwx: fix the using of Rx buffer DMA (CVE-2025-38533 bsc#1248200) - commit 492149c - ice: add NULL check in eswitch lag check (CVE-2025-38526 bsc#1248192) - commit b5741b4 - rxrpc: Fix oops due to non-existence of prealloc backlog struct (CVE-2025-38514 bsc#1248202) - commit b9aa197 - idpf: return 0 size for RSS key if not supported (CVE-2025-38402 bsc#1247262) - commit 684be88 - remoteproc: core: Release rproc->clean_table after rproc_attach() fails (CVE-2025-38418 bsc#1247137) - commit fcf59c8 - remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (CVE-2025-38419 bsc#1247136) - commit 081aa19 - genirq/irq_sim: Initialize work context pointers properly (CVE-2025-38408 bsc#1247126) - commit e434c9f - ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (CVE-2025-38456 bsc#1247099) - commit 411d2f8 - perf: arm-ni: Fix missing platform_set_drvdata() (CVE-2025-38318 bsc#1246444) - commit a77d803 - nvmem: zynqmp_nvmem: unbreak driver after cleanup (CVE-2025-38301 bsc#1246351) - commit cd1ecf3 - perf: arm-ni: Unregister PMUs on probe failure (CVE-2025-38168 bsc#1245763) - commit b4e90d7 - bcache: fix NULL pointer in cache_set_flush() (CVE-2025-38263 bsc#1246248) - commit 3f952c1 - Update reference in patches.suse/lib-group_cpus-fix-NULL-pointer-dereference-from-gro.patch (CVE-2025-38255 bsc#1246190 bsc#1236897) - commit a85a300 - xfs: do not propagate ENODATA disk errors into xattr code (git-fixes). - commit 15bf037 - sunrpc: fix handling of server side tls alerts (bsc#1248374 CVE-2025-38566). - commit c831a16 - sunrpc: fix client side handling of tls alerts (bsc#1248401 CVE-2025-38571). - commit a14a1e5 - tracing/osnoise: Fix crash in timerlat_dump_stack() (CVE-2025-38493 bsc#1247283). - commit 5cbec5a - wifi: mac80211: reject TDLS operations when station is not associated (CVE-2025-38644 bsc#1248748). - commit f32351b - x86/bugs: Clean up SRSO microcode handling (git-fixes). - commit b9aaf6a - x86/bugs: Use IBPB for retbleed if used by SRSO (git-fixes). - commit 0f67ae1 - x86/bugs: Add SRSO_MITIGATION_NOSMT (git-fixes). - commit 1d54073 - EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693). - Refresh patches.suse/EDAC-skx_common-i10nm-Fix-some-missing-error-reports.patch. - commit fd6b8c8 - slab: Decouple slab_debug and no_hash_pointers (bsc#1249022). - commit 3da3d78 - kABI fix after KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes). - commit f1ae006 - KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes). - commit 59df1fc - s390/pci: Allow automatic recovery with minimal driver support (bsc#1248728 git-fixes). - commit de86836 - s390/hypfs: Enable limited access during lockdown (bsc#1248727 git-fixes). - s390/hypfs: Avoid unnecessary ioctl registration in debugfs (bsc#1248727 git-fixes). - commit 6f1ae11 - kABI fix after KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes). - commit f94bea5 - KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes). - commit d93b5c1 - KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE (git-fixes). - commit b70d87b - RAS/AMD/FMPM: Get masked address (bsc#1242034). - commit e9e5ffb - RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034). - commit 9ccbbc5 - vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes). - commit 61f61a5 - vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes). - commit b1b2e0f - ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410). - commit 16234f6 - vhost: fail early when __vhost_add_used() fails (git-fixes). - commit 49782c5 - vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511 CVE-2025-38618). - commit e04e292 - compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes). - commit 470eca8 - xen/netfront: Fix TX response spurious interrupts (git-fixes). - commit 1a84d61 - PCI: Extend isolated function probing to LoongArch (git-fixes). - commit 0d2add0 - vhost: Fix ioctl # for VHOST_[GS]ET_FORK_FROM_OWNER (git-fixes). - commit 6ddd657 - gfs2: skip if we cannot defer delete (bsc#1247220). - gfs2: minor evict fix (bsc#1247220). - commit 24ae034 - gfs2: Prevent inode creation race (2) (bsc#1247220). - gfs2: Replace GIF_DEFER_DELETE with GLF_DEFER_DELETE (bsc#1247220). - gfs2: Prevent inode creation race (bsc#1247220). - gfs2: Only defer deletes when we have an iopen glock (bsc#1247220). - gfs2: Simplify DLM_LKF_QUECVT use (bsc#1247220). - gfs2: gfs2_evict_inode clarification (bsc#1247220). - gfs2: Randomize GLF_VERIFY_DELETE work delay (bsc#1247220). - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (bsc#1247220). - gfs2: Update to the evict / remote delete documentation (bsc#1247220). - gfs2: Call gfs2_queue_verify_delete from gfs2_evict_inode (bsc#1247220). - gfs2: Clean up delete work processing (bsc#1247220). - gfs2: Minor delete_work_func cleanup (bsc#1247220). - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (bsc#1247220). - gfs2: Rename dinode_demise to evict_behavior (bsc#1247220). - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (bsc#1247220). - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (bsc#1247220). - gfs2: Initialize gl_no_formal_ino earlier (bsc#1247220). - commit b3f7b8c ++++ kernel-rt: - ring-buffer: Do not trigger WARN_ON() due to a commit_overrun (CVE-2025-38267 bsc#1246245) - commit 5cf9510 - net: drv: netdevsim: don't napi_complete() from netpoll (CVE-2025-38270 bsc#1246252) - commit 42d34e9 - HID: core: Harden s32ton() against conversion to 0 bits (CVE-2025-38556 bsc#1248296) - commit 69d7c6e - rxrpc: Fix bug due to prealloc collision (CVE-2025-38544 bsc#1248225) - commit c9a2e2d - net: libwx: fix the using of Rx buffer DMA (CVE-2025-38533 bsc#1248200) - commit 492149c - ice: add NULL check in eswitch lag check (CVE-2025-38526 bsc#1248192) - commit b5741b4 - rxrpc: Fix oops due to non-existence of prealloc backlog struct (CVE-2025-38514 bsc#1248202) - commit b9aa197 - idpf: return 0 size for RSS key if not supported (CVE-2025-38402 bsc#1247262) - commit 684be88 - remoteproc: core: Release rproc->clean_table after rproc_attach() fails (CVE-2025-38418 bsc#1247137) - commit fcf59c8 - remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (CVE-2025-38419 bsc#1247136) - commit 081aa19 - genirq/irq_sim: Initialize work context pointers properly (CVE-2025-38408 bsc#1247126) - commit e434c9f - ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (CVE-2025-38456 bsc#1247099) - commit 411d2f8 - perf: arm-ni: Fix missing platform_set_drvdata() (CVE-2025-38318 bsc#1246444) - commit a77d803 - nvmem: zynqmp_nvmem: unbreak driver after cleanup (CVE-2025-38301 bsc#1246351) - commit cd1ecf3 - perf: arm-ni: Unregister PMUs on probe failure (CVE-2025-38168 bsc#1245763) - commit b4e90d7 - bcache: fix NULL pointer in cache_set_flush() (CVE-2025-38263 bsc#1246248) - commit 3f952c1 - Update reference in patches.suse/lib-group_cpus-fix-NULL-pointer-dereference-from-gro.patch (CVE-2025-38255 bsc#1246190 bsc#1236897) - commit a85a300 - xfs: do not propagate ENODATA disk errors into xattr code (git-fixes). - commit 15bf037 - sunrpc: fix handling of server side tls alerts (bsc#1248374 CVE-2025-38566). - commit c831a16 - sunrpc: fix client side handling of tls alerts (bsc#1248401 CVE-2025-38571). - commit a14a1e5 - tracing/osnoise: Fix crash in timerlat_dump_stack() (CVE-2025-38493 bsc#1247283). - commit 5cbec5a - wifi: mac80211: reject TDLS operations when station is not associated (CVE-2025-38644 bsc#1248748). - commit f32351b - x86/bugs: Clean up SRSO microcode handling (git-fixes). - commit b9aaf6a - x86/bugs: Use IBPB for retbleed if used by SRSO (git-fixes). - commit 0f67ae1 - x86/bugs: Add SRSO_MITIGATION_NOSMT (git-fixes). - commit 1d54073 - EDAC/{i10nm,skx,skx_common}: Support UV systems (bsc#1234693). - Refresh patches.suse/EDAC-skx_common-i10nm-Fix-some-missing-error-reports.patch. - commit fd6b8c8 - slab: Decouple slab_debug and no_hash_pointers (bsc#1249022). - commit 3da3d78 - kABI fix after KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes). - commit f1ae006 - KVM: x86: Convert vcpu_run()'s immediate exit param into a generic bitmap (git-fixes). - commit 59df1fc - s390/pci: Allow automatic recovery with minimal driver support (bsc#1248728 git-fixes). - commit de86836 - s390/hypfs: Enable limited access during lockdown (bsc#1248727 git-fixes). - s390/hypfs: Avoid unnecessary ioctl registration in debugfs (bsc#1248727 git-fixes). - commit 6f1ae11 - kABI fix after KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes). - commit f94bea5 - KVM: VMX: Apply MMIO Stale Data mitigation if KVM maps MMIO into the guest (git-fixes). - commit d93b5c1 - KVM: x86/mmu: Locally cache whether a PFN is host MMIO when making a SPTE (git-fixes). - commit b70d87b - RAS/AMD/FMPM: Get masked address (bsc#1242034). - commit e9e5ffb - RAS/AMD/ATL: Include row bit in row retirement (bsc#1242034). - commit 9ccbbc5 - vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes). - commit 61f61a5 - vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes). - commit b1b2e0f - ixgbe: fix ixgbe_orom_civd_info struct layout (bsc#1245410). - commit 16234f6 - vhost: fail early when __vhost_add_used() fails (git-fixes). - commit 49782c5 - vsock: Do not allow binding to VMADDR_PORT_ANY (bsc#1248511 CVE-2025-38618). - commit e04e292 - compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes). - commit 470eca8 - xen/netfront: Fix TX response spurious interrupts (git-fixes). - commit 1a84d61 - PCI: Extend isolated function probing to LoongArch (git-fixes). - commit 0d2add0 - vhost: Fix ioctl # for VHOST_[GS]ET_FORK_FROM_OWNER (git-fixes). - commit 6ddd657 - gfs2: skip if we cannot defer delete (bsc#1247220). - gfs2: minor evict fix (bsc#1247220). - commit 24ae034 - gfs2: Prevent inode creation race (2) (bsc#1247220). - gfs2: Replace GIF_DEFER_DELETE with GLF_DEFER_DELETE (bsc#1247220). - gfs2: Prevent inode creation race (bsc#1247220). - gfs2: Only defer deletes when we have an iopen glock (bsc#1247220). - gfs2: Simplify DLM_LKF_QUECVT use (bsc#1247220). - gfs2: gfs2_evict_inode clarification (bsc#1247220). - gfs2: Randomize GLF_VERIFY_DELETE work delay (bsc#1247220). - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (bsc#1247220). - gfs2: Update to the evict / remote delete documentation (bsc#1247220). - gfs2: Call gfs2_queue_verify_delete from gfs2_evict_inode (bsc#1247220). - gfs2: Clean up delete work processing (bsc#1247220). - gfs2: Minor delete_work_func cleanup (bsc#1247220). - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (bsc#1247220). - gfs2: Rename dinode_demise to evict_behavior (bsc#1247220). - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (bsc#1247220). - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (bsc#1247220). - gfs2: Initialize gl_no_formal_ino earlier (bsc#1247220). - commit b3f7b8c ------------------------------------------------------------------ ------------------ 2025-8-31 - Aug 31 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Follow the recommended dracut module ordering for out-of-tree modules In dracut release v108 or later the recommended ordering for out out of tree modules is 50-59 range. The following is a section from dracut documentation: > Not using the 50-59 range for out of tree dracut modules will likely > lead to unintended errors in the initramfs generation process as your > dracut module will either run too early or too late in the generation process. > You have been warned. ++++ kernel-default: - Update patches.suse/ASoC-mediatek-mt8365-dai-i2s-pass-correct-size-to-mt.patch (git-fixes CVE-2025-38662 bsc#1248635). - Update patches.suse/HID-apple-validate-feature-report-field-count-to-pre.patch (git-fixes CVE-2025-38557 bsc#1248304). - Update patches.suse/KVM-Allow-CPU-to-reschedule-while-setting-per-page-m.patch (git-fixes CVE-2025-38506 bsc#1248186). - Update patches.suse/PCI-pnv_php-Clean-up-allocated-IRQs-on-unplug.patch (bsc#1215199 CVE-2025-38624 bsc#1248617). - Update patches.suse/PM-devfreq-Check-governor-before-using-governor-name.patch (git-fixes CVE-2025-38609 bsc#1248337). - Update patches.suse/RDMA-hns-Fix-double-destruction-of-rsv_qp.patch (git-fixes CVE-2025-38582 bsc#1248349). - Update patches.suse/arm64-entry-Mask-DAIF-in-cpu_switch_to-call_on_irq_stack.patch (git-fixes CVE-2025-38670 bsc#1248655). - Update patches.suse/bpf-Reject-narrower-access-to-pointer-ctx-fields.patch (git-fixes CVE-2025-38591 bsc#1248363). - Update patches.suse/bpf-Reject-p-format-string-in-bprintf-like-helpers.patch (git-fixes CVE-2025-38528 bsc#1248198). - Update patches.suse/bpf-arm64-Fix-fp-initialization-for-exception-boundary.patch (git-fixes CVE-2025-38586 bsc#1248359). - Update patches.suse/btrfs-fix-assertion-when-building-free-space-tree.patch (git-fixes CVE-2025-38503 bsc#1248183). - Update patches.suse/can-netlink-can_changelink-fix-NULL-pointer-deref-of.patch (git-fixes CVE-2025-38665 bsc#1248648). - Update patches.suse/clk-davinci-Add-NULL-check-in-davinci_lpsc_clk_regis.patch (git-fixes CVE-2025-38635 bsc#1248573). - Update patches.suse/clk-imx95-blk-ctl-Fix-synchronous-abort.patch (git-fixes CVE-2025-38631 bsc#1248662). - Update patches.suse/clk-xilinx-vcu-unregister-pll_post-only-if-registere.patch (git-fixes CVE-2025-38583 bsc#1248350). - Update patches.suse/crypto-ccp-Fix-crash-when-rebind-ccp-device-for-ccp..patch (git-fixes CVE-2025-38581 bsc#1248345). - Update patches.suse/fbdev-imxfb-Check-fb_add_videomode-to-prevent-null-p.patch (git-fixes CVE-2025-38630 bsc#1248575). - Update patches.suse/i2c-qup-jump-out-of-the-loop-in-case-of-timeout.patch (git-fixes CVE-2025-38671 bsc#1248652). - Update patches.suse/iio-common-st_sensors-Fix-use-of-uninitialize-device.patch (stable-fixes CVE-2025-38531 bsc#1248205). - Update patches.suse/ipv6-fix-possible-infinite-loop-in-fib6_info_uses_de.patch (git-fixes CVE-2025-38587 bsc#1248361). - Update patches.suse/ipv6-prevent-infinite-loop-in-rt6_nlmsg_size.patch (git-fixes CVE-2025-38588 bsc#1248368). - Update patches.suse/ipv6-reject-malicious-packets-in-ipv6_gso_segment.patch (git-fixes CVE-2025-38572 bsc#1248399). - Update patches.suse/iwlwifi-Add-missing-check-for-alloc_ordered_workqueu.patch (git-fixes CVE-2025-38602 bsc#1248341). - Update patches.suse/md-make-rdev_addable-usable-for-rcu-mode.patch (git-fixes CVE-2025-38621 bsc#1248609). - Update patches.suse/media-ti-j721e-csi2rx-fix-list_del-corruption.patch (git-fixes CVE-2025-38619 bsc#1248664). - Update patches.suse/net-packet-fix-a-race-in-packet_set_ring-and-packet_.patch (git-fixes CVE-2025-38617 bsc#1248621). - Update patches.suse/net-sched-Restrict-conditions-for-adding-duplicating.patch (git-fixes CVE-2025-38553 bsc#1248255). - Update patches.suse/net-sched-mqprio-fix-stack-out-of-bounds-write-in-tc.patch (git-fixes CVE-2025-38568 bsc#1248386). - Update patches.suse/nvmet-pci-epf-Do-not-complete-commands-twice-if-nvme.patch (git-fixes CVE-2025-38658 bsc#1248627). - Update patches.suse/perf-core-Exit-early-on-perf_mmap-fail.patch (CVE-2025-38563 bsc#1248306 dependency CVE-2025-38565 bsc#1248377). - Update patches.suse/perf-core-Handle-buffer-mapping-fail-correctly-in-perf_mma.patch (CVE-2025-38563 bsc#1248306 dependency CVE-2025-38564 bsc#1248367). - Update patches.suse/pinmux-fix-race-causing-mux_owner-NULL-with-active-m.patch (git-fixes CVE-2025-38632 bsc#1248669). - Update patches.suse/power-supply-cpcap-charger-Fix-null-check-for-power_.patch (git-fixes CVE-2025-38634 bsc#1248666). - Update patches.suse/powercap-dtpm_cpu-Fix-NULL-pointer-dereference-in-ge.patch (git-fixes CVE-2025-38610 bsc#1248395). - Update patches.suse/powerpc-eeh-Make-EEH-driver-device-hotplug-safe.patch (bsc#1215199 CVE-2025-38576 bsc#1248354). - Update patches.suse/regulator-core-fix-NULL-dereference-on-unbind-due-to.patch (stable-fixes CVE-2025-38668 bsc#1248647). - Update patches.suse/spi-cs42l43-Property-entry-should-be-a-null-terminat.patch (bsc#1246979 CVE-2025-38573 bsc#1248396). - Update patches.suse/spi-stm32-Check-for-cfg-availability-in-stm32_spi_pr.patch (git-fixes CVE-2025-38648 bsc#1248624). - Update patches.suse/staging-fbtft-fix-potential-memory-leak-in-fbtft_fra.patch (git-fixes CVE-2025-38612 bsc#1248390). - Update patches.suse/staging-media-atomisp-Fix-stack-buffer-overflow-in-g.patch (git-fixes CVE-2025-38585 bsc#1248355). - Update patches.suse/sunrpc-fix-client-side-handling-of-tls-alerts.patch (git-fixes CVE-2025-38571 bsc#1248401). - Update patches.suse/sunrpc-fix-handling-of-server-side-tls-alerts.patch (git-fixes CVE-2025-38566 bsc#1248374). - Update patches.suse/usb-gadget-fix-use-after-free-in-composite_dev_clean.patch (git-fixes CVE-2025-38555 bsc#1248297). - Update patches.suse/wifi-ath11k-clear-initialized-flag-for-deinit-ed-srn.patch (git-fixes CVE-2025-38601 bsc#1248340). - Update patches.suse/wifi-ath12k-Pass-ab-pointer-directly-to-ath12k_dp_tx.patch (git-fixes CVE-2025-38605 bsc#1248334). - Update patches.suse/wifi-iwlwifi-Fix-error-code-in-iwl_op_mode_dvm_start.patch (git-fixes CVE-2025-38656 bsc#1248643). - Update patches.suse/wifi-mac80211-reject-TDLS-operations-when-station-is.patch (git-fixes CVE-2025-38644 bsc#1248748). - Update patches.suse/wifi-rtl818x-Kill-URBs-before-clearing-tx-status-que.patch (git-fixes CVE-2025-38604 bsc#1248333). - Update patches.suse/wifi-rtw89-avoid-NULL-dereference-when-RX-problemati.patch (git-fixes CVE-2025-38646 bsc#1248577). - Update patches.suse/xen-fix-UAF-in-dmabuf_exp_from_pages.patch (git-fixes CVE-2025-38595 bsc#1248380). - commit ab6edaf ++++ kernel-rt: - Update patches.suse/ASoC-mediatek-mt8365-dai-i2s-pass-correct-size-to-mt.patch (git-fixes CVE-2025-38662 bsc#1248635). - Update patches.suse/HID-apple-validate-feature-report-field-count-to-pre.patch (git-fixes CVE-2025-38557 bsc#1248304). - Update patches.suse/KVM-Allow-CPU-to-reschedule-while-setting-per-page-m.patch (git-fixes CVE-2025-38506 bsc#1248186). - Update patches.suse/PCI-pnv_php-Clean-up-allocated-IRQs-on-unplug.patch (bsc#1215199 CVE-2025-38624 bsc#1248617). - Update patches.suse/PM-devfreq-Check-governor-before-using-governor-name.patch (git-fixes CVE-2025-38609 bsc#1248337). - Update patches.suse/RDMA-hns-Fix-double-destruction-of-rsv_qp.patch (git-fixes CVE-2025-38582 bsc#1248349). - Update patches.suse/arm64-entry-Mask-DAIF-in-cpu_switch_to-call_on_irq_stack.patch (git-fixes CVE-2025-38670 bsc#1248655). - Update patches.suse/bpf-Reject-narrower-access-to-pointer-ctx-fields.patch (git-fixes CVE-2025-38591 bsc#1248363). - Update patches.suse/bpf-Reject-p-format-string-in-bprintf-like-helpers.patch (git-fixes CVE-2025-38528 bsc#1248198). - Update patches.suse/bpf-arm64-Fix-fp-initialization-for-exception-boundary.patch (git-fixes CVE-2025-38586 bsc#1248359). - Update patches.suse/btrfs-fix-assertion-when-building-free-space-tree.patch (git-fixes CVE-2025-38503 bsc#1248183). - Update patches.suse/can-netlink-can_changelink-fix-NULL-pointer-deref-of.patch (git-fixes CVE-2025-38665 bsc#1248648). - Update patches.suse/clk-davinci-Add-NULL-check-in-davinci_lpsc_clk_regis.patch (git-fixes CVE-2025-38635 bsc#1248573). - Update patches.suse/clk-imx95-blk-ctl-Fix-synchronous-abort.patch (git-fixes CVE-2025-38631 bsc#1248662). - Update patches.suse/clk-xilinx-vcu-unregister-pll_post-only-if-registere.patch (git-fixes CVE-2025-38583 bsc#1248350). - Update patches.suse/crypto-ccp-Fix-crash-when-rebind-ccp-device-for-ccp..patch (git-fixes CVE-2025-38581 bsc#1248345). - Update patches.suse/fbdev-imxfb-Check-fb_add_videomode-to-prevent-null-p.patch (git-fixes CVE-2025-38630 bsc#1248575). - Update patches.suse/i2c-qup-jump-out-of-the-loop-in-case-of-timeout.patch (git-fixes CVE-2025-38671 bsc#1248652). - Update patches.suse/iio-common-st_sensors-Fix-use-of-uninitialize-device.patch (stable-fixes CVE-2025-38531 bsc#1248205). - Update patches.suse/ipv6-fix-possible-infinite-loop-in-fib6_info_uses_de.patch (git-fixes CVE-2025-38587 bsc#1248361). - Update patches.suse/ipv6-prevent-infinite-loop-in-rt6_nlmsg_size.patch (git-fixes CVE-2025-38588 bsc#1248368). - Update patches.suse/ipv6-reject-malicious-packets-in-ipv6_gso_segment.patch (git-fixes CVE-2025-38572 bsc#1248399). - Update patches.suse/iwlwifi-Add-missing-check-for-alloc_ordered_workqueu.patch (git-fixes CVE-2025-38602 bsc#1248341). - Update patches.suse/md-make-rdev_addable-usable-for-rcu-mode.patch (git-fixes CVE-2025-38621 bsc#1248609). - Update patches.suse/media-ti-j721e-csi2rx-fix-list_del-corruption.patch (git-fixes CVE-2025-38619 bsc#1248664). - Update patches.suse/net-packet-fix-a-race-in-packet_set_ring-and-packet_.patch (git-fixes CVE-2025-38617 bsc#1248621). - Update patches.suse/net-sched-Restrict-conditions-for-adding-duplicating.patch (git-fixes CVE-2025-38553 bsc#1248255). - Update patches.suse/net-sched-mqprio-fix-stack-out-of-bounds-write-in-tc.patch (git-fixes CVE-2025-38568 bsc#1248386). - Update patches.suse/nvmet-pci-epf-Do-not-complete-commands-twice-if-nvme.patch (git-fixes CVE-2025-38658 bsc#1248627). - Update patches.suse/perf-core-Exit-early-on-perf_mmap-fail.patch (CVE-2025-38563 bsc#1248306 dependency CVE-2025-38565 bsc#1248377). - Update patches.suse/perf-core-Handle-buffer-mapping-fail-correctly-in-perf_mma.patch (CVE-2025-38563 bsc#1248306 dependency CVE-2025-38564 bsc#1248367). - Update patches.suse/pinmux-fix-race-causing-mux_owner-NULL-with-active-m.patch (git-fixes CVE-2025-38632 bsc#1248669). - Update patches.suse/power-supply-cpcap-charger-Fix-null-check-for-power_.patch (git-fixes CVE-2025-38634 bsc#1248666). - Update patches.suse/powercap-dtpm_cpu-Fix-NULL-pointer-dereference-in-ge.patch (git-fixes CVE-2025-38610 bsc#1248395). - Update patches.suse/powerpc-eeh-Make-EEH-driver-device-hotplug-safe.patch (bsc#1215199 CVE-2025-38576 bsc#1248354). - Update patches.suse/regulator-core-fix-NULL-dereference-on-unbind-due-to.patch (stable-fixes CVE-2025-38668 bsc#1248647). - Update patches.suse/spi-cs42l43-Property-entry-should-be-a-null-terminat.patch (bsc#1246979 CVE-2025-38573 bsc#1248396). - Update patches.suse/spi-stm32-Check-for-cfg-availability-in-stm32_spi_pr.patch (git-fixes CVE-2025-38648 bsc#1248624). - Update patches.suse/staging-fbtft-fix-potential-memory-leak-in-fbtft_fra.patch (git-fixes CVE-2025-38612 bsc#1248390). - Update patches.suse/staging-media-atomisp-Fix-stack-buffer-overflow-in-g.patch (git-fixes CVE-2025-38585 bsc#1248355). - Update patches.suse/sunrpc-fix-client-side-handling-of-tls-alerts.patch (git-fixes CVE-2025-38571 bsc#1248401). - Update patches.suse/sunrpc-fix-handling-of-server-side-tls-alerts.patch (git-fixes CVE-2025-38566 bsc#1248374). - Update patches.suse/usb-gadget-fix-use-after-free-in-composite_dev_clean.patch (git-fixes CVE-2025-38555 bsc#1248297). - Update patches.suse/wifi-ath11k-clear-initialized-flag-for-deinit-ed-srn.patch (git-fixes CVE-2025-38601 bsc#1248340). - Update patches.suse/wifi-ath12k-Pass-ab-pointer-directly-to-ath12k_dp_tx.patch (git-fixes CVE-2025-38605 bsc#1248334). - Update patches.suse/wifi-iwlwifi-Fix-error-code-in-iwl_op_mode_dvm_start.patch (git-fixes CVE-2025-38656 bsc#1248643). - Update patches.suse/wifi-mac80211-reject-TDLS-operations-when-station-is.patch (git-fixes CVE-2025-38644 bsc#1248748). - Update patches.suse/wifi-rtl818x-Kill-URBs-before-clearing-tx-status-que.patch (git-fixes CVE-2025-38604 bsc#1248333). - Update patches.suse/wifi-rtw89-avoid-NULL-dereference-when-RX-problemati.patch (git-fixes CVE-2025-38646 bsc#1248577). - Update patches.suse/xen-fix-UAF-in-dmabuf_exp_from_pages.patch (git-fixes CVE-2025-38595 bsc#1248380). - commit ab6edaf ------------------------------------------------------------------ ------------------ 2025-8-30 - Aug 30 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - efi: stmm: Fix incorrect buffer allocation method (git-fixes). - HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes). - HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes). - drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes). - drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes). - drm/msm: update the high bitfield of certain DSI registers (git-fixes). - drm/msm/kms: move snapshot init earlier in KMS init (git-fixes). - drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes). - drm/nouveau: remove unused memory target test (git-fixes). - drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes). - drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes). - drm/nouveau/disp: Always accept linear modifier (git-fixes). - drm/xe: Don't trigger rebind on initial dma-buf validation (git-fixes). - drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes). - drm/xe/xe_sync: avoid race during ufence signaling (git-fixes). - Bluetooth: hci_sync: fix set_local_name race condition (git-fixes). - Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes). - Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes). - Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes). - drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes). - drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes). - commit 3cc6741 ++++ kernel-rt: - efi: stmm: Fix incorrect buffer allocation method (git-fixes). - HID: asus: fix UAF via HID_CLAIMED_INPUT validation (git-fixes). - HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() (git-fixes). - drm/mediatek: Fix device/node reference count leaks in mtk_drm_get_all_drm_priv (git-fixes). - drm/mediatek: Add error handling for old state CRTC in atomic_disable (git-fixes). - drm/msm: update the high bitfield of certain DSI registers (git-fixes). - drm/msm/kms: move snapshot init earlier in KMS init (git-fixes). - drm/msm: Defer fd_install in SUBMIT ioctl (git-fixes). - drm/nouveau: remove unused memory target test (git-fixes). - drm/nouveau: remove unused increment in gm200_flcn_pio_imem_wr (git-fixes). - drm/nouveau: fix error path in nvkm_gsp_fwsec_v2 (git-fixes). - drm/nouveau/disp: Always accept linear modifier (git-fixes). - drm/xe: Don't trigger rebind on initial dma-buf validation (git-fixes). - drm/xe/vm: Clear the scratch_pt pointer on error (git-fixes). - drm/xe/xe_sync: avoid race during ufence signaling (git-fixes). - Bluetooth: hci_sync: fix set_local_name race condition (git-fixes). - Bluetooth: hci_event: Detect if HCI_EV_NUM_COMP_PKTS is unbalanced (git-fixes). - Bluetooth: hci_event: Mark connection as closed during suspend disconnect (git-fixes). - Bluetooth: hci_event: Treat UNKNOWN_CONN_ID on disconnect as success (git-fixes). - drm/hisilicon/hibmc: fix the i2c device resource leak when vdac init failed (git-fixes). - drm/hisilicon/hibmc: refactored struct hibmc_drm_private (stable-fixes). - commit 3cc6741 ++++ harfbuzz: - Update to version 11.4.5: + Bug fixes for “AAT” shaping, and other shaping micro optimizations. ------------------------------------------------------------------ ------------------ 2025-8-29 - Aug 29 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch patches.suse/kdump-crashkernel-cma-update-Documentation.patch patches.suse/kdump-implement-reserve_crashkernel_cma.patch patches.suse/kdump-wait-for-dma-to-time-out-when-using-cma.patch patches.suse/kdump-x86-implement-crashkernel-cma-reservation.patch (jsc#PED-7249 implementation now upstream). - commit f57031a - clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (CVE-2025-38160 bsc#1245780) - commit a306e30 - tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (CVE-2025-38184 bsc#1245956) - commit ea5f7f7 - drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (CVE-2025-38205 bsc#1246005) - commit ca56750 - smb: client: add NULL check in automount_fullpath (CVE-2025-38208 bsc#1245815) - commit cb3a2bf - net: stmmac: make sure that ptp_rate is not 0 before configuring EST (CVE-2025-38125 bsc#1245710) - commit 04509ac - block: Make REQ_OP_ZONE_FINISH a write operation (git-fixes, bsc#1249552). - blacklist.conf: remove 3f66ccbaaef3 mwilck: this commit is a necessary part of an upstream fix series. See comments in block-Make-REQ_OP_ZONE_FINISH-a-write-operation.patch. - commit 5f975b1 - dm: split write BIOs on zone boundaries when zone append is not emulated (git-fixes). - commit 68ed6f4 - dm: Always split write BIOs to zoned device limits (git-fixes, CVE-2025-39792, bsc#1249618). - commit a8b835f - dm: dm-crypt: Do not partially accept write BIOs with zoned targets (git-fixes, CVE-2025-39791, bsc#1249550). - commit d7f2e88 - dm: Check for forbidden splitting of zone write operations (git-fixes). - commit f3bd28c - dm-stripe: limit chunk_sectors to the stripe size (git-fixes). - commit a008640 - kernel-binary: Another installation ordering fix (bsc#1241353). - commit fe14ab5 - dm-table: fix checking for rq stackable devices (git-fixes). - commit c0133c8 - dm-mpath: don't print the "loaded" message if registering fails (git-fixes). - commit d2cfeaf - md: dm-zoned-target: Initialize return variable r to avoid uninitialized use (git-fixes). - commit c0e418a - iio: imu: inv_icm42600: change invalid data error to -EBUSY (git-fixes). - commit e4f8b35 - drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes). - commit 6f325ab - iio: light: as73211: Ensure buffer holes are zeroed (git-fixes). - usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes). - USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes). - usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes). - USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes). - usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes). - drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes). - drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes). - drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes). - drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes). - drm/amd/display: Avoid a NULL pointer dereference (stable-fixes). - drm/amdgpu/swm14: Update power limit logic (stable-fixes). - ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes). - drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes). - amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes). - drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes). - drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes). - drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes). - drm/amd: Restore cached power limit during resume (stable-fixes). - drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes). - drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes). - drm/amdgpu: Avoid extra evict-restore process (stable-fixes). - drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes). - pwm: mediatek: Fix duty and period setting (git-fixes). - pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes). - crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes). - crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0 (stable-fixes). - crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2 (stable-fixes). - crypto: octeontx2 - Fix address alignment issue on ucode loading (stable-fixes). - drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes). - iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes). - drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes). - iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes). - iio: light: Use aligned_s64 instead of open coding alignment (stable-fixes). - commit 60c07db - net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info (CVE-2025-38545 bsc#1248224). - commit af6b2ae ++++ kernel-rt: - Refresh patches.suse/kdump-add-crashkernel-cma-suffix.patch patches.suse/kdump-crashkernel-cma-update-Documentation.patch patches.suse/kdump-implement-reserve_crashkernel_cma.patch patches.suse/kdump-wait-for-dma-to-time-out-when-using-cma.patch patches.suse/kdump-x86-implement-crashkernel-cma-reservation.patch (jsc#PED-7249 implementation now upstream). - commit f57031a - clk: bcm: rpi: Add NULL check in raspberrypi_clk_register() (CVE-2025-38160 bsc#1245780) - commit a306e30 - tipc: fix null-ptr-deref when acquiring remote ip of ethernet bearer (CVE-2025-38184 bsc#1245956) - commit ea5f7f7 - drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 (CVE-2025-38205 bsc#1246005) - commit ca56750 - smb: client: add NULL check in automount_fullpath (CVE-2025-38208 bsc#1245815) - commit cb3a2bf - net: stmmac: make sure that ptp_rate is not 0 before configuring EST (CVE-2025-38125 bsc#1245710) - commit 04509ac - block: Make REQ_OP_ZONE_FINISH a write operation (git-fixes, bsc#1249552). - blacklist.conf: remove 3f66ccbaaef3 mwilck: this commit is a necessary part of an upstream fix series. See comments in block-Make-REQ_OP_ZONE_FINISH-a-write-operation.patch. - commit 5f975b1 - dm: split write BIOs on zone boundaries when zone append is not emulated (git-fixes). - commit 68ed6f4 - dm: Always split write BIOs to zoned device limits (git-fixes, CVE-2025-39792, bsc#1249618). - commit a8b835f - dm: dm-crypt: Do not partially accept write BIOs with zoned targets (git-fixes, CVE-2025-39791, bsc#1249550). - commit d7f2e88 - dm: Check for forbidden splitting of zone write operations (git-fixes). - commit f3bd28c - dm-stripe: limit chunk_sectors to the stripe size (git-fixes). - commit a008640 - kernel-binary: Another installation ordering fix (bsc#1241353). - commit fe14ab5 - dm-table: fix checking for rq stackable devices (git-fixes). - commit c0133c8 - dm-mpath: don't print the "loaded" message if registering fails (git-fixes). - commit d2cfeaf - md: dm-zoned-target: Initialize return variable r to avoid uninitialized use (git-fixes). - commit c0e418a - iio: imu: inv_icm42600: change invalid data error to -EBUSY (git-fixes). - commit e4f8b35 - drm/amdgpu: fix task hang from failed job submission during process kill (git-fixes). - commit 6f325ab - iio: light: as73211: Ensure buffer holes are zeroed (git-fixes). - usb: dwc3: Remove WARN_ON for device endpoint command timeouts (stable-fixes). - USB: storage: Ignore driver CD mode for Realtek multi-mode Wi-Fi dongles (stable-fixes). - usb: dwc3: pci: add support for the Intel Wildcat Lake (stable-fixes). - USB: storage: Add unusual-devs entry for Novatek NTK96550-based camera (stable-fixes). - usb: quirks: Add DELAY_INIT quick for another SanDisk 3.2Gen1 Flash Drive (stable-fixes). - drm/amd/display: Fix DP audio DTO1 clock source on DCE 6 (stable-fixes). - drm/amd/display: Fill display clock and vblank time in dce110_fill_display_configs (stable-fixes). - drm/amd/display: Find first CRTC and its line time in dce110_fill_display_configs (stable-fixes). - drm/amd/display: Fix Xorg desktop unresponsive on Replay panel (stable-fixes). - drm/amd/display: Avoid a NULL pointer dereference (stable-fixes). - drm/amdgpu/swm14: Update power limit logic (stable-fixes). - ALSA: hda/realtek: Add support for HP EliteBook x360 830 G6 and EliteBook 830 G6 (stable-fixes). - drm/amdkfd: Destroy KFD debugfs after destroy KFD wq (stable-fixes). - amdgpu/amdgpu_discovery: increase timeout limit for IFWI init (stable-fixes). - drm/amd/display: fix a Null pointer dereference vulnerability (stable-fixes). - drm/amd/display: Add primary plane to commits for correct VRR handling (stable-fixes). - drm/amdgpu: update mmhub 3.0.1 client id mappings (stable-fixes). - drm/amd: Restore cached power limit during resume (stable-fixes). - drm/amdgpu: Update external revid for GC v9.5.0 (stable-fixes). - drm/amdgpu: update mmhub 4.1.0 client id mappings (stable-fixes). - drm/amdgpu: Avoid extra evict-restore process (stable-fixes). - drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities (stable-fixes). - pwm: mediatek: Fix duty and period setting (git-fixes). - pwm: mediatek: Handle hardware enable and clock enable separately (stable-fixes). - crypto: qat - lower priority for skcipher and aead algorithms (stable-fixes). - crypto: octeontx2 - Fix address alignment on CN10KB and CN10KA-B0 (stable-fixes). - crypto: octeontx2 - Fix address alignment on CN10K A0/A1 and OcteonTX2 (stable-fixes). - crypto: octeontx2 - Fix address alignment issue on ucode loading (stable-fixes). - drm/dp: Change AUX DPCD probe address from DPCD_REV to LANE0_1_STATUS (stable-fixes). - iio: imu: inv_icm42600: use = { } instead of memset() (stable-fixes). - drm/format-helper: Add conversion from XRGB8888 to BGR888 (stable-fixes). - iio: imu: inv_icm42600: switch timestamp type from int64_t __aligned(8) to aligned_s64 (stable-fixes). - iio: light: Use aligned_s64 instead of open coding alignment (stable-fixes). - commit 60c07db - net: ethernet: ti: am65-cpsw-nuss: Fix skb size by accounting for skb_shared_info (CVE-2025-38545 bsc#1248224). - commit af6b2ae ------------------------------------------------------------------ ------------------ 2025-8-28 - Aug 28 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - x86/sev: Evict cache lines during SNP memory validation (CVE-2025-38560 bsc#1248312). - commit 122589e - x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation (CVE-2025-38508 bsc#1248190). - kABI: x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation (git-fixes). - commit 9051bdb - hid: hide cleanup of hid_descriptor (CVE-2025-38103 bsc#1245663). - commit da277ba - xfrm: interface: fix use-after-free after changing collect_md xfrm interface (CVE-2025-38500 bsc#1248088). - rxrpc: Fix recv-recv race of completed call (CVE-2025-38524 bsc#1248194). - atm: clip: Fix memory leak of struct clip_vcc (CVE-2025-38546 bsc#1248223). - commit f78c063 - HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (CVE-2025-38103 bsc#1245663). - blacklist.conf: removing erroneous entry - commit 59058fc - selftests/bpf: Fix build error with llvm 19 (git-fixes). - selftests/bpf: Add a test for arena range tree algorithm (git-fixes). - commit f2d6c5a - selftests/bpf: Range analysis test case for JSET (git-fixes). - bpf: Forget ranges when refining tnum after JSET (git-fixes). - commit 0deb4ac ++++ kernel-rt: - x86/sev: Evict cache lines during SNP memory validation (CVE-2025-38560 bsc#1248312). - commit 122589e - x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation (CVE-2025-38508 bsc#1248190). - kABI: x86/sev: Use TSC_FACTOR for Secure TSC frequency calculation (git-fixes). - commit 9051bdb - hid: hide cleanup of hid_descriptor (CVE-2025-38103 bsc#1245663). - commit da277ba - xfrm: interface: fix use-after-free after changing collect_md xfrm interface (CVE-2025-38500 bsc#1248088). - rxrpc: Fix recv-recv race of completed call (CVE-2025-38524 bsc#1248194). - atm: clip: Fix memory leak of struct clip_vcc (CVE-2025-38546 bsc#1248223). - commit f78c063 - HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhid_parse() (CVE-2025-38103 bsc#1245663). - blacklist.conf: removing erroneous entry - commit 59058fc - selftests/bpf: Fix build error with llvm 19 (git-fixes). - selftests/bpf: Add a test for arena range tree algorithm (git-fixes). - commit f2d6c5a - selftests/bpf: Range analysis test case for JSET (git-fixes). - bpf: Forget ranges when refining tnum after JSET (git-fixes). - commit 0deb4ac ------------------------------------------------------------------ ------------------ 2025-8-27 - Aug 27 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - selftests/perf_events: Add a mmap() correctness test (CVE-2025-38563 bsc#1248306 selftest). - commit dffae9d - perf/core: Prevent VMA split of buffer mappings (CVE-2025-38563 bsc#1248306). - commit 011b3e1 - perf/core: Handle buffer mapping fail correctly in perf_mmap() (CVE-2025-38563 bsc#1248306 dependency). - commit b1e65ce - perf/core: Exit early on perf_mmap() fail (CVE-2025-38563 bsc#1248306 dependency). - commit f53f18d - perf/core: Don't leak AUX buffer refcount on allocation failure (CVE-2025-38563 bsc#1248306 dependency). - commit 00401fa - perf/core: Preserve AUX buffer allocation failure result (CVE-2025-38563 bsc#1248306 dependency). - commit ed80f93 - mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (CVE-2025-38554 bsc#1248299). - commit af06370 ++++ kernel-rt: - selftests/perf_events: Add a mmap() correctness test (CVE-2025-38563 bsc#1248306 selftest). - commit dffae9d - perf/core: Prevent VMA split of buffer mappings (CVE-2025-38563 bsc#1248306). - commit 011b3e1 - perf/core: Handle buffer mapping fail correctly in perf_mmap() (CVE-2025-38563 bsc#1248306 dependency). - commit b1e65ce - perf/core: Exit early on perf_mmap() fail (CVE-2025-38563 bsc#1248306 dependency). - commit f53f18d - perf/core: Don't leak AUX buffer refcount on allocation failure (CVE-2025-38563 bsc#1248306 dependency). - commit 00401fa - perf/core: Preserve AUX buffer allocation failure result (CVE-2025-38563 bsc#1248306 dependency). - commit ed80f93 - mm: fix a UAF when vma->mm is freed after vma->vm_refcnt got dropped (CVE-2025-38554 bsc#1248299). - commit af06370 ++++ regionServiceClientConfigAzure: - Update to version 3.0.0 (bsc#1246995) + SLE 16 python-requests requiers SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. ++++ regionServiceClientConfigEC2: - Update to version 5.0.0 (bsc#1246995) + SLE 16 python-requests requiers SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. ++++ regionServiceClientConfigGCE: - Update to version 5.0.0 (bsc#1246995) + SLE 16 python-requests requiers SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. ------------------------------------------------------------------ ------------------ 2025-8-26 - Aug 26 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - build_bug.h: Add KABI assert (bsc#1249186). - commit 126f232 - kabi/severities: ignore kabi for intel pmt drivers (CVE-2025-38559 bsc#1248302) They are locally used only among intel pmt drivers. - commit 336a1fb - platform/x86/intel/pmt: fix a crashlog NULL pointer access (CVE-2025-38559 bsc#1248302). - commit 21f76b6 - usb: xhci: Fix slot_id resource race conflict (git-fixes). - commit ca93cfc - of: dynamic: Fix use after free in of_changeset_add_prop_helper() (git-fixes). - commit 864aa13 - pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes). - usb: xhci: Fix slot_id resource race conflict (git-fixes). - usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes). - usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes). - usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes). - usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes). - usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes). - usb: renesas-xhci: Fix External ROM access timeouts (git-fixes). - platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (git-fixes). - platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes). - commit 2aeddbc - of: dynamic: Fix memleak when of_pci_add_properties() failed (git-fixes). - iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes). - iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes). - most: core: Drop device reference after usage in get_channel() (git-fixes). - comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes). - comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes). - comedi: pcl726: Prevent invalid irq number (git-fixes). - cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes). - drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes). - accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes). - iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes). - drm/tests: Fix endian warning (git-fixes). - drm/nouveau: fix typos in comments (git-fixes). - drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes). - drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes). - drm/amd/display: Don't print errors for nonexistent connectors (git-fixes). - drm/amd/display: Adjust DCE 8-10 clock, don't overclock by 15% (git-fixes). - drm/amd/display: Don't overclock DCE 6 by 15% (git-fixes). - drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes). - memstick: Fix deadlock by moving removing flag earlier (git-fixes). - mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER (git-fixes). - mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes). - mmc: sdhci-pci-gli: Add a new function to simplify the code (git-fixes). - ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes). - ALSA: timer: fix ida_free call while not allocated (git-fixes). - ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes). - ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes). - ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes). - commit 3b28ac3 ++++ kernel-rt: - build_bug.h: Add KABI assert (bsc#1249186). - commit 126f232 - kabi/severities: ignore kabi for intel pmt drivers (CVE-2025-38559 bsc#1248302) They are locally used only among intel pmt drivers. - commit 336a1fb - platform/x86/intel/pmt: fix a crashlog NULL pointer access (CVE-2025-38559 bsc#1248302). - commit 21f76b6 - usb: xhci: Fix slot_id resource race conflict (git-fixes). - commit ca93cfc - of: dynamic: Fix use after free in of_changeset_add_prop_helper() (git-fixes). - commit 864aa13 - pinctrl: STMFX: add missing HAS_IOMEM dependency (git-fixes). - usb: xhci: Fix slot_id resource race conflict (git-fixes). - usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes). - usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes). - usb: storage: realtek_cr: Use correct byte order for bcs->Residue (git-fixes). - usb: dwc3: Ignore late xferNotReady event to prevent halt timeout (git-fixes). - usb: core: hcd: fix accessing unmapped memory in SINGLE_STEP_SET_FEATURE test (git-fixes). - usb: renesas-xhci: Fix External ROM access timeouts (git-fixes). - platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (git-fixes). - platform/x86/intel-uncore-freq: Check write blocked for ELC (git-fixes). - commit 2aeddbc - of: dynamic: Fix memleak when of_pci_add_properties() failed (git-fixes). - iio: pressure: bmp280: Use IS_ERR() in bmp280_common_probe() (git-fixes). - iio: proximity: isl29501: fix buffered read on big-endian systems (git-fixes). - most: core: Drop device reference after usage in get_channel() (git-fixes). - comedi: Make insn_rw_emulate_bits() do insn->n samples (git-fixes). - comedi: Fix use of uninitialized memory in do_insn_ioctl() and do_insnlist_ioctl() (git-fixes). - comedi: pcl726: Prevent invalid irq number (git-fixes). - cdx: Fix off-by-one error in cdx_rpmsg_probe() (git-fixes). - drm/hisilicon/hibmc: fix the hibmc loaded failed bug (git-fixes). - accel/habanalabs/gaudi2: Use kvfree() for memory allocated with kvcalloc() (git-fixes). - iosys-map: Fix undefined behavior in iosys_map_clear() (git-fixes). - drm/tests: Fix endian warning (git-fixes). - drm/nouveau: fix typos in comments (git-fixes). - drm/nouveau/nvif: Fix potential memory leak in nvif_vmm_ctor() (git-fixes). - drm/amd/display: Fix fractional fb divider in set_pixel_clock_v3 (git-fixes). - drm/amd/display: Don't print errors for nonexistent connectors (git-fixes). - drm/amd/display: Adjust DCE 8-10 clock, don't overclock by 15% (git-fixes). - drm/amd/display: Don't overclock DCE 6 by 15% (git-fixes). - drm/amd/display: Add null pointer check in mod_hdcp_hdcp1_create_session() (git-fixes). - memstick: Fix deadlock by moving removing flag earlier (git-fixes). - mmc: sdhci-pci-gli: GL9763e: Mask the replay timer timeout of AER (git-fixes). - mmc: sdhci-pci-gli: GL9763e: Rename the gli_set_gl9763e() for consistency (git-fixes). - mmc: sdhci-pci-gli: Add a new function to simplify the code (git-fixes). - ALSA: usb-audio: Use correct sub-type for UAC3 feature unit validation (git-fixes). - ALSA: timer: fix ida_free call while not allocated (git-fixes). - ALSA: hda/realtek: Audio disappears on HP 15-fc000 after warm boot again (git-fixes). - ALSA: hda/realtek: Fix headset mic on ASUS Zenbook 14 (git-fixes). - ALSA: usb-audio: Fix size validation in convert_chmap_v3() (git-fixes). - commit 3b28ac3 ------------------------------------------------------------------ ------------------ 2025-8-25 - Aug 25 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: error on missing block group when unaccounting log tree extent buffers (git-fixes). - commit ca535e9 - atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (CVE-2025-38458 bsc#1247116) - commit 48dd298 - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (CVE-2025-38245 bsc#1246193) - commit daf962c - NFS: Fix a race when updating an existing write (git-fixes). - commit dd68c46 - squashfs: fix memory leak in squashfs_fill_super (git-fixes). - commit 97b84d0 - btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes). - commit 71e5dc6 - btrfs: fix two misuses of folio_shift() (git-fixes). - commit 56b1b7d - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes). - commit 6429a2c - atm: Revert atm_account_tx() if copy_from_iter_full() fails (CVE-2025-38190 bsc#1245973) - commit 0dae89a - btrfs: correctly escape subvol in btrfs_show_options() (git-fixes). - commit a28815d - btrfs: exit after state split error at set_extent_bit() (git-fixes). - commit 3d66187 - btrfs: simplify error detection flow during log replay (git-fixes). - commit 01419dc - btrfs: remove redundant path release when replaying a log tree (git-fixes). - commit 7716eeb - md/raid1: Fix stack memory use after return in raid1_reshape (CVE-2025-38445 bsc#1247229) - commit 9aa9477 - btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes). - commit e991a13 - btrfs: unfold transaction aborts when replaying log trees (git-fixes). - commit e05bcc5 - btrfs: fix -ENOSPC mmap write failure on NOCOW files/extents (bsc#1247949). - commit 358990e - btrfs: use a single variable to track return value at btrfs_page_mkwrite() (bsc#1247949). - commit 7b18bc8 - btrfs: don't return VM_FAULT_SIGBUS on failure to set delalloc for mmap write (bsc#1247949). - commit 621c50f - btrfs: simplify early error checking in btrfs_page_mkwrite() (bsc#1247949). - commit c73e908 - btrfs: pass true to btrfs_delalloc_release_space() at btrfs_page_mkwrite() (bsc#1247949). - commit 3b9148d - btrfs: fix iteration bug in __qgroup_excl_accounting() (git-fixes). - commit ad5c1bb - bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338 CVE-2025-38608). - commit 04b4d43 - RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes) - commit 25d5b8f - RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes) - commit 8869ef6 - RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes) - commit 33fe82f - RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes) - commit 9051d83 - RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes) - commit abc50d4 - RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes) - commit a868248 - RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes) - commit 61ee0cd - RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes) - commit db9dec3 ++++ kernel-rt: - btrfs: error on missing block group when unaccounting log tree extent buffers (git-fixes). - commit ca535e9 - atm: clip: Fix NULL pointer dereference in vcc_sendmsg() (CVE-2025-38458 bsc#1247116) - commit 48dd298 - atm: Release atm_dev_mutex after removing procfs in atm_dev_deregister() (CVE-2025-38245 bsc#1246193) - commit daf962c - NFS: Fix a race when updating an existing write (git-fixes). - commit dd68c46 - squashfs: fix memory leak in squashfs_fill_super (git-fixes). - commit 97b84d0 - btrfs: fix data race when accessing the inode's disk_i_size at btrfs_drop_extents() (git-fixes). - commit 71e5dc6 - btrfs: fix two misuses of folio_shift() (git-fixes). - commit 56b1b7d - btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (git-fixes). - commit 6429a2c - atm: Revert atm_account_tx() if copy_from_iter_full() fails (CVE-2025-38190 bsc#1245973) - commit 0dae89a - btrfs: correctly escape subvol in btrfs_show_options() (git-fixes). - commit a28815d - btrfs: exit after state split error at set_extent_bit() (git-fixes). - commit 3d66187 - btrfs: simplify error detection flow during log replay (git-fixes). - commit 01419dc - btrfs: remove redundant path release when replaying a log tree (git-fixes). - commit 7716eeb - md/raid1: Fix stack memory use after return in raid1_reshape (CVE-2025-38445 bsc#1247229) - commit 9aa9477 - btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes). - commit e991a13 - btrfs: unfold transaction aborts when replaying log trees (git-fixes). - commit e05bcc5 - btrfs: fix -ENOSPC mmap write failure on NOCOW files/extents (bsc#1247949). - commit 358990e - btrfs: use a single variable to track return value at btrfs_page_mkwrite() (bsc#1247949). - commit 7b18bc8 - btrfs: don't return VM_FAULT_SIGBUS on failure to set delalloc for mmap write (bsc#1247949). - commit 621c50f - btrfs: simplify early error checking in btrfs_page_mkwrite() (bsc#1247949). - commit c73e908 - btrfs: pass true to btrfs_delalloc_release_space() at btrfs_page_mkwrite() (bsc#1247949). - commit 3b9148d - btrfs: fix iteration bug in __qgroup_excl_accounting() (git-fixes). - commit ad5c1bb - bpf, ktls: Fix data corruption when using bpf_msg_pop_data() in ktls (bsc#1248338 CVE-2025-38608). - commit 04b4d43 - RDMA/hns: Fix dip entries leak on devices newer than hip09 (git-fixes) - commit 25d5b8f - RDMA/bnxt_re: Fix to initialize the PBL array (git-fixes) - commit 8869ef6 - RDMA/bnxt_re: Fix a possible memory leak in the driver (git-fixes) - commit 33fe82f - RDMA/bnxt_re: Fix to remove workload check in SRQ limit path (git-fixes) - commit 9051d83 - RDMA/bnxt_re: Fix to do SRQ armena by default (git-fixes) - commit abc50d4 - RDMA/hns: Fix querying wrong SCC context for DIP algorithm (git-fixes) - commit a868248 - RDMA/erdma: Fix ignored return value of init_kernel_qp (git-fixes) - commit 61ee0cd - RDMA/rxe: Flush delayed SKBs while releasing RXE resources (git-fixes) - commit db9dec3 ++++ colord: - Update to version 1.4.8: + New Features: - Add AppStream metainfo XML with hardware provide info. - Add support for -Dsystemd_root_prefix to make local building easier. - Install sysusers.d config file if configured user is not root. + Bugfixes: - Add the source attribute for each man page. - Drop component type from AppStream metadata XML to avoid parsing error. - Fix a critical warning when running the self tests. - Fix USB scanners not working with RestrictAddressFamilies. - Fix writing to the database with ProtectSystem=strict. - Properly set the status to CD_SESSION_STATUS_RUNNING. - Use g_ascii_strtod instead of atof(). - Use sqlite3_errmsg() to avoid getting a mutable error message. - Changes from version 1.4.7: + Bugfixes: - Add various hardenings to the systemd service. - Always close the ICC profile when loading fails. - Avoid destructing LCMS plugin twice with lcms 2.14. - Do not make state files executable in tmpfiles.d/colord.conf. - Fix a double free spotted by Coverity. - Fix an error check when parsing the DTP94 data. - Fix a -Wincompatible-pointer-types warning. - Fix potential crash when reading from broken Huey hardware. - Set FILE_OFFSET_BITS explicitly. - Use a 64-bit time_t. - Use thread context for Gamut Alarm codes. - Drop colord-CVE-2021-42523.patch and harden_colord.service.patch: fixed upstream. ++++ harfbuzz: - Update to version 11.4.4: + Fix a shaping regression affecting mark glyphs in certain fonts. + Fix pruning of mark filtering sets when subsetting fonts, which caused changes in shaping behaviour. ------------------------------------------------------------------ ------------------ 2025-8-23 - Aug 23 2025 ------------------- ------------------------------------------------------------------ ++++ kmod: - kmod-testsuite * BuildIgnore pesign-obs-integration (new runtime requirement of kernel-default-devel): we don't need it for the kmod testsuite, and it also breaks the build as we aren't producting any binaries. (bsc#1248108) ++++ harfbuzz: - Update to version 11.4.3: + Make shaping fail much faster for certain malformed fonts (e.g., those that trigger infinite recursion). + Fix undefined behaviour introduced in 11.4.2. + Fix detection of the “Cambria Math” font when fonts are scaled, so the workaround for the bad MATH table constant is applied. ------------------------------------------------------------------ ------------------ 2025-8-22 - Aug 22 2025 ------------------- ------------------------------------------------------------------ ++++ cloud-regionsrv-client: - Update version to 10.5.2 (bsc#1247539) + When an instance fails verification server side the default credentials were left behind requireing manual intervantion prior to the next registration attempt. + Fix issue triggered when using instance-billing-flavor-check due to IP address handling as object rather than string introduced 10.5.0 ++++ python-kiwi: - Fix agama integration test Disable no longer existing agama-auto.service - Fixed agama integration test nothing provides agama-auto anymore ++++ kdump: - upgrade to version 2.1.6 * drop broken option KDUMP_NETCONFIG="" from manpage * prevent NetworkManager from overwriting resolv.conf (bsc#1247848) * fix KDUMP_NETCONFIG=auto for NetworkManager (bsc#1247848) * exclude kernel.panic_on_warn sysctl (bsc#1247355) ++++ kernel-default: - atm: clip: Fix infinite recursive call of clip_push() (CVE-2025-38459 bsc#1247119) - commit 40aa5b7 - atm: clip: prevent NULL deref in clip_push() (CVE-2025-38251 bsc#1246181) - commit bcf4c6c - spi: spi-fsl-lpspi: Clamp too high speed_hz (git-fixes). - ACPI: pfr_update: Fix the driver update version check (git-fixes). - microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1 (git-fixes). - microchip: lan865x: fix missing netif_start_queue() call on device open (git-fixes). - net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes). - Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes). - Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes). - Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF (git-fixes). - Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes). - Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes). - Bluetooth: hci_sync: Fix scan state after PA Sync has been established (git-fixes). - commit 71fbfbf - bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (CVE-2025-38439 bsc#1247155) - commit e4fb5aa ++++ kernel-rt: - atm: clip: Fix infinite recursive call of clip_push() (CVE-2025-38459 bsc#1247119) - commit 40aa5b7 - atm: clip: prevent NULL deref in clip_push() (CVE-2025-38251 bsc#1246181) - commit bcf4c6c - spi: spi-fsl-lpspi: Clamp too high speed_hz (git-fixes). - ACPI: pfr_update: Fix the driver update version check (git-fixes). - microchip: lan865x: fix missing Timer Increment config for Rev.B0/B1 (git-fixes). - microchip: lan865x: fix missing netif_start_queue() call on device open (git-fixes). - net: usb: asix_devices: Fix PHY address mask in MDIO bus initialization (git-fixes). - Bluetooth: hci_conn: do return error from hci_enhanced_setup_sync() (git-fixes). - Bluetooth: hci_event: fix MTU for BN == 0 in CIS Established (git-fixes). - Bluetooth: hci_sync: Prevent unintended PA sync when SID is 0xFF (git-fixes). - Bluetooth: hci_core: Fix using {cis,bis}_capable for current settings (git-fixes). - Bluetooth: btmtk: Fix wait_on_bit_timeout interruption during shutdown (git-fixes). - Bluetooth: hci_sync: Fix scan state after PA Sync has been established (git-fixes). - commit 71fbfbf - bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT (CVE-2025-38439 bsc#1247155) - commit e4fb5aa ++++ gcc15: - Update to GCC 15.2 release * the GCC 15.2 release contains regression fixes accumulated since the GCC 15.1 release ++++ openldap2_6: - Fix the git version identifying as 2.6.X which breaks packages parsing the version string trying to match numbers. ++++ libtpms: - Allow for %is_opensuse to be unset, following up to https://src.suse.de/products/SLFO/pulls/204 (bsc#1248486). ------------------------------------------------------------------ ------------------ 2025-8-21 - Aug 21 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - zram: permit only one post-processing operation at a time (git-fixes). - Refresh patches.suse/zram-fix-NULL-pointer-in-comp_algorithm_show.patch. - commit a8f2eb9 - serial: 8250: Touch watchdogs in write_atomic() (bsc#1246688). - commit 956817a - raid10: cleanup memleak at raid10_make_request (CVE-2025-38444 bsc#1247162) - commit 2551d5d - config.sh: SLFO 1.2 branched in IBS - commit 38742b4 - md/md-bitmap: fix GPF in bitmap_get_stats() (CVE-2025-38451 bsc#1247102) - commit f2c7bab - net: openvswitch: Fix the dead loop of MPLS parse (CVE-2025-38146 bsc#1245767). - commit 9115959 - scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055,CVE-2025-37861). - commit a094fbc - ata: libata-sata: Add link_power_management_supported sysfs attribute (git-fixes). - commit e1a205b - watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes). - wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes). - wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes). - wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes). - wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes). - wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes). - wifi: cfg80211: reject HTC bit for management frames (stable-fixes). - wifi: rtw89: wow: Add Basic Rate IE to probe request in scheduled scan mode (stable-fixes). - wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes). - wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes). - wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes). - wifi: iwlwifi: mvm: fix scan request validation (stable-fixes). - wifi: cfg80211: Fix interface type validation (stable-fixes). - wifi: mac80211: don't unreserve never reserved chanctx (stable-fixes). - wifi: mac80211: don't complete management TX on SAE commit (stable-fixes). - wifi: mac80211: avoid weird state in error path (stable-fixes). - wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes). - wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes). - wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes). - wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes). - wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes). - wifi: rtw89: scan abort when assign/unassign_vif (stable-fixes). - wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes). - wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes). - wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes). - wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes). - wifi: iwlegacy: Check rate_idx range after addition (stable-fixes). - commit e7f2df8 - tools/power turbostat: Handle non-root legacy-uncore sysfs permissions (stable-fixes). - tools/power turbostat: Handle cap_get_proc() ENOSYS (stable-fixes). - tools/power turbostat: Fix build with musl (stable-fixes). - watchdog: dw_wdt: Fix default timeout (stable-fixes). - watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes). - soundwire: amd: cancel pending slave status handling workqueue during remove sequence (stable-fixes). - soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes). - soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes). - usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes). - usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes). - usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes). - usb: xhci: Avoid showing warnings for dying controller (stable-fixes). - usb: xhci: Avoid showing errors during surprise removal (stable-fixes). - usb: typec: tcpm/tcpci_maxim: fix irq wake usage (stable-fixes). - usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes). - usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes). - usb: core: usb_submit_urb: downgrade type check (stable-fixes). - tty: serial: fix print format specifiers (stable-fixes). - thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes). - thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes). - commit c8e8ef2 - rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes). - rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes). - power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes). - soc: qcom: rpmh-rsc: Add RSC version 4 support (stable-fixes). - soc: qcom: mdt_loader: Actually use the e_phoff (stable-fixes). - reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes). - pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes). - PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes). - PM: sleep: console: Fix the black screen issue (stable-fixes). - PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes). - commit 958ff77 - net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes). - pinctrl: stm32: Manage irq affinity settings (stable-fixes). - media: hi556: Fix reset GPIO timings (stable-fixes). - media: ipu-bridge: Add _HID for OV5670 (stable-fixes). - mfd: axp20x: Set explicit ID for AXP313 regulator (stable-fixes). - net: phy: micrel: Add ksz9131_resume() (stable-fixes). - net: phy: bcm54811: PHY initialization (stable-fixes). - net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes). - net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes). - net: ieee8021q: fix insufficient table-size assertion (stable-fixes). - mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes). - mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes). - mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes). - platform/chrome: cros_ec_sensorhub: Retries when a sensor is not ready (stable-fixes). - platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes). - platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes). - commit dd25a85 - ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes). - ipmi: Fix strcpy source and destination the same (stable-fixes). - i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes). - i3c: add missing include to internal header (stable-fixes). - i3c: don't fail if GETHDRCAP is unsupported (stable-fixes). - hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes). - media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes). - media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes). - media: tc358743: Check I2C succeeded during probe (stable-fixes). - media: tc358743: Increase FIFO trigger level to 374 (stable-fixes). - media: usb: hdpvr: disable zero-length read messages (stable-fixes). - media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes). - media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes). - media: uvcvideo: Add quirk for HP Webcam HD 2300 (stable-fixes). - media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes). - leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes). - iio: adc: ad_sigma_delta: don't overallocate scan buffer (stable-fixes). - iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes). - gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes). - gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes). - commit 6c360e1 - ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes). - fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes). - fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes). - dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs (stable-fixes). - drm/amd/display: Allow DCN301 to clear update flags (git-fixes). - drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes). - drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes). - drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes). - crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes). - crypto: jitter - fix intermediary handling (stable-fixes). - crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes). - crypto: ccp - Add missing bootloader info reg for pspv6 (stable-fixes). - drm/amd/pm: fix null pointer access (stable-fixes). - drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes). - drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes). - drm/msm: use trylock for debugfs (stable-fixes). - drm/msm: Add error handling for krealloc in metadata setup (stable-fixes). - drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes). - drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes). - drm/amd/display: Initialize mode_select to 0 (stable-fixes). - drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes). - drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes). - drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes). - drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes). - drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes). - drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes). - drm/ttm: Should to return the evict error (stable-fixes). - drm/ttm: Respect the shrinker core free target (stable-fixes). - Bluetooth: btusb: Add new VID/PID 0489/e14e for MT7925 (stable-fixes). - Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes). - firmware: tegra: Fix IVC dependency problems (stable-fixes). - firmware: arm_scmi: Convert to SYSTEM_SLEEP_PM_OPS (git-fixes). - firmware: arm_scmi: power_control: Ensure SCMI_SYSPOWER_IDLE is set early during resume (stable-fixes). - char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes). - ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes). - firmware: arm_ffa: Change initcall level of ffa_init() to rootfs_initcall (stable-fixes). - ata: ahci: Disallow LPM policy control if not supported (stable-fixes). - ata: ahci: Disable DIPM if host lacks support (stable-fixes). - ata: libata-sata: Disallow changing LPM state if not supported (stable-fixes). - commit 81a9217 - ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes). - ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes). - ALSA: hda/realtek: add LG gram 16Z90R-A to alc269 fixup table (stable-fixes). - ACPI: Suppress misleading SPCR console message when SPCR table is absent (stable-fixes). - ACPI: Return -ENODEV from acpi_parse_spcr() when SPCR support is disabled (stable-fixes). - ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes). - ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes). - ASoC: SOF: topology: Parse the dapm_widget_tokens in case of DSPless mode (stable-fixes). - ASoC: qcom: use drvdata instead of component to keep id (stable-fixes). - ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes). - ALSA: hda: Handle the jack polling always via a work (stable-fixes). - ALSA: hda: Disable jack polling at shutdown (stable-fixes). - ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes). - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes). - ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes). - ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes). - ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes). - ACPI: processor: fix acpi_object initialization (stable-fixes). - commit 7148b68 - RDMA/bnxt_re: Fix size of uverbs_copy_to() in BNXT_RE_METHOD_GET_TOGGLE_MEM (git-fixes) - commit 295036f - RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes) - commit 3c7e10f - RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes) - commit 096f6b9 - pNFS: Fix disk addr range check in block/scsi layout (git-fixes). - commit c14b06d - pNFS: Fix stripe mapping in block/scsi layout (git-fixes). - commit 2a1cc0f - pNFS: Handle RPC size limit for layoutcommits (git-fixes). - commit 14b9be8 - pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes). - commit 65e1a8b - exfat: add cluster chain loop check for dir (git-fixes). - commit 6a79efa - kabi: hide new member fallback_lock in struct mptcp_sock (CVE-2025-38491 bsc#1247280). - mptcp: make fallback action and fallback decision atomic (CVE-2025-38491 bsc#1247280). - mptcp: safety check before fallback (CVE-2025-38491 bsc#1247280). - commit 41fa302 - tipc: Fix use-after-free in tipc_conn_close() (CVE-2025-38464 bsc#1247112). - commit ca43752 ++++ kernel-rt: - zram: permit only one post-processing operation at a time (git-fixes). - Refresh patches.suse/zram-fix-NULL-pointer-in-comp_algorithm_show.patch. - commit a8f2eb9 - serial: 8250: Touch watchdogs in write_atomic() (bsc#1246688). - commit 956817a - raid10: cleanup memleak at raid10_make_request (CVE-2025-38444 bsc#1247162) - commit 2551d5d - config.sh: SLFO 1.2 branched in IBS - commit 38742b4 - md/md-bitmap: fix GPF in bitmap_get_stats() (CVE-2025-38451 bsc#1247102) - commit f2c7bab - net: openvswitch: Fix the dead loop of MPLS parse (CVE-2025-38146 bsc#1245767). - commit 9115959 - scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue (bsc#1243055,CVE-2025-37861). - commit a094fbc - ata: libata-sata: Add link_power_management_supported sysfs attribute (git-fixes). - commit e1a205b - watchdog: sbsa: Adjust keepalive timeout to avoid MediaTek WS0 race condition (stable-fixes). - wifi: iwlwifi: mvm: avoid outdated reorder buffer head_sn (stable-fixes). - wifi: ath12k: Correct tid cleanup when tid setup fails (stable-fixes). - wifi: ath10k: shutdown driver when hardware is unreliable (stable-fixes). - wifi: ath12k: Add memset and update default rate value in wmi tx completion (stable-fixes). - wifi: ath12k: Fix station association with MBSSID Non-TX BSS (stable-fixes). - wifi: cfg80211: reject HTC bit for management frames (stable-fixes). - wifi: rtw89: wow: Add Basic Rate IE to probe request in scheduled scan mode (stable-fixes). - wifi: rtw89: Lower the timeout in rtw89_fw_read_c2h_reg() for USB (stable-fixes). - wifi: rtw89: Fix rtw89_mac_power_switch() for USB (stable-fixes). - wifi: iwlwifi: mvm: set gtk id also in older FWs (stable-fixes). - wifi: iwlwifi: mvm: fix scan request validation (stable-fixes). - wifi: cfg80211: Fix interface type validation (stable-fixes). - wifi: mac80211: don't unreserve never reserved chanctx (stable-fixes). - wifi: mac80211: don't complete management TX on SAE commit (stable-fixes). - wifi: mac80211: avoid weird state in error path (stable-fixes). - wifi: mac80211: fix rx link assignment for non-MLO stations (stable-fixes). - wifi: mt76: mt7915: mcu: re-init MCU before loading FW patch (stable-fixes). - wifi: iwlwifi: dvm: fix potential overflow in rs_fill_link_cmd() (stable-fixes). - wifi: iwlwifi: fw: Fix possible memory leak in iwl_fw_dbg_collect (stable-fixes). - wifi: rtlwifi: fix possible skb memory leak in `_rtl_pci_rx_interrupt()` (stable-fixes). - wifi: rtw89: scan abort when assign/unassign_vif (stable-fixes). - wifi: rtlwifi: fix possible skb memory leak in _rtl_pci_init_one_rxdesc() (stable-fixes). - wifi: ath12k: Enable REO queue lookup table feature on QCN9274 hw2.0 (stable-fixes). - wifi: ath12k: Decrement TID on RX peer frag setup error handling (stable-fixes). - wifi: mac80211: update radar_required in channel context after channel switch (stable-fixes). - wifi: iwlegacy: Check rate_idx range after addition (stable-fixes). - commit e7f2df8 - tools/power turbostat: Handle non-root legacy-uncore sysfs permissions (stable-fixes). - tools/power turbostat: Handle cap_get_proc() ENOSYS (stable-fixes). - tools/power turbostat: Fix build with musl (stable-fixes). - watchdog: dw_wdt: Fix default timeout (stable-fixes). - watchdog: iTCO_wdt: Report error if timeout configuration fails (stable-fixes). - soundwire: amd: cancel pending slave status handling workqueue during remove sequence (stable-fixes). - soundwire: amd: serialize amd manager resume sequence during pm_prepare (stable-fixes). - soundwire: Move handle_nested_irq outside of sdw_dev_lock (stable-fixes). - usb: xhci: print xhci->xhc_state when queue_command failed (stable-fixes). - usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default (stable-fixes). - usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command (stable-fixes). - usb: xhci: Avoid showing warnings for dying controller (stable-fixes). - usb: xhci: Avoid showing errors during surprise removal (stable-fixes). - usb: typec: tcpm/tcpci_maxim: fix irq wake usage (stable-fixes). - usb: core: config: Prevent OOB read in SS endpoint companion parsing (stable-fixes). - usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present (stable-fixes). - usb: core: usb_submit_urb: downgrade type check (stable-fixes). - tty: serial: fix print format specifiers (stable-fixes). - thermal: sysfs: Return ENODATA instead of EAGAIN for reads (stable-fixes). - thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required (stable-fixes). - commit c8e8ef2 - rtc: ds1307: handle oscillator stop flag (OSF) for ds1341 (stable-fixes). - rtc: ds1307: remove clear of oscillator stop flag (OSF) in probe (stable-fixes). - power: supply: qcom_battmgr: Add lithium-polymer entry (stable-fixes). - soc: qcom: rpmh-rsc: Add RSC version 4 support (stable-fixes). - soc: qcom: mdt_loader: Actually use the e_phoff (stable-fixes). - reset: brcmstb: Enable reset drivers for ARCH_BCM2835 (stable-fixes). - pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() (stable-fixes). - PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() (stable-fixes). - PM: sleep: console: Fix the black screen issue (stable-fixes). - PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() (stable-fixes). - commit 958ff77 - net: phy: smsc: add proper reset flags for LAN8710A (stable-fixes). - pinctrl: stm32: Manage irq affinity settings (stable-fixes). - media: hi556: Fix reset GPIO timings (stable-fixes). - media: ipu-bridge: Add _HID for OV5670 (stable-fixes). - mfd: axp20x: Set explicit ID for AXP313 regulator (stable-fixes). - net: phy: micrel: Add ksz9131_resume() (stable-fixes). - net: phy: bcm54811: PHY initialization (stable-fixes). - net: thunderbolt: Enable end-to-end flow control also in transmit (stable-fixes). - net: thunderbolt: Fix the parameter passing of tb_xdomain_enable_paths()/tb_xdomain_disable_paths() (stable-fixes). - net: ieee8021q: fix insufficient table-size assertion (stable-fixes). - mmc: sdhci-msm: Ensure SD card power isn't ON when card removed (stable-fixes). - mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() (stable-fixes). - mei: bus: Check for still connected devices in mei_cl_bus_dev_release() (stable-fixes). - platform/chrome: cros_ec_sensorhub: Retries when a sensor is not ready (stable-fixes). - platform/chrome: cros_ec_typec: Defer probe on missing EC parent (stable-fixes). - platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list (stable-fixes). - commit dd25a85 - ipmi: Use dev_warn_ratelimited() for incorrect message warnings (stable-fixes). - ipmi: Fix strcpy source and destination the same (stable-fixes). - i2c: Force DLL0945 touchpad i2c freq to 100khz (stable-fixes). - i3c: add missing include to internal header (stable-fixes). - i3c: don't fail if GETHDRCAP is unsupported (stable-fixes). - hwmon: (emc2305) Set initial PWM minimum value during probe based on thermal state (stable-fixes). - media: v4l2-common: Reduce warnings about missing V4L2_CID_LINK_FREQ control (stable-fixes). - media: tc358743: Return an appropriate colorspace from tc358743_set_fmt (stable-fixes). - media: tc358743: Check I2C succeeded during probe (stable-fixes). - media: tc358743: Increase FIFO trigger level to 374 (stable-fixes). - media: usb: hdpvr: disable zero-length read messages (stable-fixes). - media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb() (stable-fixes). - media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar (stable-fixes). - media: uvcvideo: Add quirk for HP Webcam HD 2300 (stable-fixes). - media: uvcvideo: Fix bandwidth issue for Alcor camera (stable-fixes). - leds: leds-lp50xx: Handle reg to get correct multi_index (stable-fixes). - iio: adc: ad_sigma_delta: don't overallocate scan buffer (stable-fixes). - iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement (stable-fixes). - gpio: wcd934x: check the return value of regmap_update_bits() (stable-fixes). - gpio: tps65912: check the return value of regmap_update_bits() (stable-fixes). - commit 6c360e1 - ASoC: Intel: avs: Fix uninitialized pointer error in probe() (stable-fixes). - fbdev: Fix vmalloc out-of-bounds write in fast_imageblit (stable-fixes). - fbdev: fix potential buffer overflow in do_register_framebuffer() (stable-fixes). - dmaengine: stm32-dma: configure next sg only if there are more than 2 sgs (stable-fixes). - drm/amd/display: Allow DCN301 to clear update flags (git-fixes). - drm/amd/display: Only finalize atomic_obj if it was initialized (stable-fixes). - drm/amd/display: Avoid configuring PSR granularity if PSR-SU not supported (stable-fixes). - drm/amd/display: Disable dsc_power_gate for dcn314 by default (stable-fixes). - crypto: hisilicon/hpre - fix dma unmap sequence (stable-fixes). - crypto: jitter - fix intermediary handling (stable-fixes). - crypto: octeontx2 - add timeout for load_fvc completion poll (stable-fixes). - crypto: ccp - Add missing bootloader info reg for pspv6 (stable-fixes). - drm/amd/pm: fix null pointer access (stable-fixes). - drm/amd/display: limit clear_update_flags to dcn32 and above (stable-fixes). - drm/xe/xe_query: Use separate iterator while filling GT list (stable-fixes). - drm/msm: use trylock for debugfs (stable-fixes). - drm/msm: Add error handling for krealloc in metadata setup (stable-fixes). - drm/amd/display: Separate set_gsl from set_gsl_source_select (stable-fixes). - drm/amd/display: Fix 'failed to blank crtc!' (stable-fixes). - drm/amd/display: Initialize mode_select to 0 (stable-fixes). - drm/amd: Allow printing VanGogh OD SCLK levels without setting dpm to manual (stable-fixes). - drm/amd/display: Update DMCUB loading sequence for DCN3.5 (stable-fixes). - drm/amd/display: Avoid trying AUX transactions on disconnected ports (stable-fixes). - drm/imagination: Clear runtime PM errors while resetting the GPU (stable-fixes). - drm/xe: Make dma-fences compliant with the safe access rules (stable-fixes). - drm: renesas: rz-du: mipi_dsi: Add min check for VCLK range (stable-fixes). - drm/ttm: Should to return the evict error (stable-fixes). - drm/ttm: Respect the shrinker core free target (stable-fixes). - Bluetooth: btusb: Add new VID/PID 0489/e14e for MT7925 (stable-fixes). - Bluetooth: hci_sock: Reset cookie to zero in hci_sock_free_cookie() (stable-fixes). - firmware: tegra: Fix IVC dependency problems (stable-fixes). - firmware: arm_scmi: Convert to SYSTEM_SLEEP_PM_OPS (git-fixes). - firmware: arm_scmi: power_control: Ensure SCMI_SYSPOWER_IDLE is set early during resume (stable-fixes). - char: misc: Fix improper and inaccurate error code returned by misc_init() (stable-fixes). - ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed (stable-fixes). - firmware: arm_ffa: Change initcall level of ffa_init() to rootfs_initcall (stable-fixes). - ata: ahci: Disallow LPM policy control if not supported (stable-fixes). - ata: ahci: Disable DIPM if host lacks support (stable-fixes). - ata: libata-sata: Disallow changing LPM state if not supported (stable-fixes). - commit 81a9217 - ALSA: hda/realtek: Fix headset mic on HONOR BRB-X (stable-fixes). - ALSA: hda/realtek: Add Framework Laptop 13 (AMD Ryzen AI 300) to quirks (stable-fixes). - ALSA: hda/realtek: add LG gram 16Z90R-A to alc269 fixup table (stable-fixes). - ACPI: Suppress misleading SPCR console message when SPCR table is absent (stable-fixes). - ACPI: Return -ENODEV from acpi_parse_spcr() when SPCR support is disabled (stable-fixes). - ASoC: hdac_hdmi: Rate limit logging on connection and disconnection (stable-fixes). - ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() (stable-fixes). - ASoC: SOF: topology: Parse the dapm_widget_tokens in case of DSPless mode (stable-fixes). - ASoC: qcom: use drvdata instead of component to keep id (stable-fixes). - ASoC: codecs: rt5640: Retry DEVICE_ID verification (stable-fixes). - ALSA: hda: Handle the jack polling always via a work (stable-fixes). - ALSA: hda: Disable jack polling at shutdown (stable-fixes). - ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 (stable-fixes). - ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (stable-fixes). - ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop (stable-fixes). - ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros (stable-fixes). - ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered (stable-fixes). - ACPI: processor: fix acpi_object initialization (stable-fixes). - commit 7148b68 - RDMA/bnxt_re: Fix size of uverbs_copy_to() in BNXT_RE_METHOD_GET_TOGGLE_MEM (git-fixes) - commit 295036f - RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() (git-fixes) - commit 3c7e10f - RDMA/core: reduce stack using in nldev_stat_get_doit() (git-fixes) - commit 096f6b9 - pNFS: Fix disk addr range check in block/scsi layout (git-fixes). - commit c14b06d - pNFS: Fix stripe mapping in block/scsi layout (git-fixes). - commit 2a1cc0f - pNFS: Handle RPC size limit for layoutcommits (git-fixes). - commit 14b9be8 - pNFS: Fix uninited ptr deref in block/scsi layout (git-fixes). - commit 65e1a8b - exfat: add cluster chain loop check for dir (git-fixes). - commit 6a79efa - kabi: hide new member fallback_lock in struct mptcp_sock (CVE-2025-38491 bsc#1247280). - mptcp: make fallback action and fallback decision atomic (CVE-2025-38491 bsc#1247280). - mptcp: safety check before fallback (CVE-2025-38491 bsc#1247280). - commit 41fa302 - tipc: Fix use-after-free in tipc_conn_close() (CVE-2025-38464 bsc#1247112). - commit ca43752 ++++ harfbuzz: - Update to version 11.4.2: + Various performance and memory usage improvements. + The hb-shape command line tool can now be built with the amalgamated harfbuzz.cc source. + Fix regression in handling version 2 of avar table. + Increase various buffer length limits for better handling of fonts that generate huge number of glyphs per codepoint (e.g. Noto Sans Duployan). + Improvements to the harfrust shaper for more accurate testing. ++++ tiff: - security update: * CVE-2025-8534 [bsc#1247582] Fix null pointer dereference in function PS_Lvl2page + tiff-CVE-2025-8534.patch * CVE-2025-9165 [bsc#1248330] Fix local execution manipulation can lead to memory leak + tiff-CVE-2025-9165.patch * CVE-2024-13978 [bsc#1247581] Fix null pointer dereference in tiff2pdf + tiff-CVE-2024-13978.patch ++++ ucode-intel: - Intel CPU Microcode was updated to the 20250812 release (bsc#1248438) - Security updates for INTEL-SA-01249 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html - CVE-2025-20109: Improper Isolation or Compartmentalization in the stream cache mechanism for some Intel Processors may allow an authenticated user to potentially enable escalation of privilege via local access. - Security updates for INTEL-SA-01308 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html - CVE-2025-22840: Sequence of processor instructions leads to unexpected behavior for some Intel Xeon 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access - Security updates for INTEL-SA-01310 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html - CVE-2025-22839: Insufficient granularity of access control in the OOB-MSM for some Intel Xeon 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. - Security updates for INTEL-SA-01311 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html - CVE-2025-22889: Improper handling of overlap between protected memory ranges for some Intel Xeon 6 processor with Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - Security updates for INTEL-SA-01313 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html - CVE-2025-20053: Improper buffer restrictions for some Intel Xeon Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access. - Security updates for INTEL-SA-01367 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html - CVE-2025-26403: Out-of-bounds write in the memory subsystem for some Intel Xeon 6 processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - CVE-2025-32086: Improperly implemented security check for standard in the DDRIO configuration for some Intel Xeon 6 Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. - Update for functional issues. Refer to 13th/14th Gen Intel Core Processor Specification Update for details. - Update for functional issues. Refer to 3rd Gen Intel Xeon Processor Scalable Family Specification Update for details. - Update for functional issues. Refer to 4th Gen Intel Xeon Scalable Processors Specification Update for details. - Update for functional issues. Refer to 5th Gen Intel Xeon Scalable Processors Specification Update for details. - Update for functional issues. Refer to 6th Gen Intel Xeon Scalable Processors Specification Update for details. - Update for functional issues. Refer to Intel Core Ultra 200 V Series Processor for details. - Update for functional issues. Refer to Intel Core Ultra Processor for details. - Update for functional issues. Refer to Intel Core Ultra Processor (Series 2) for details. - Update for functional issues. Refer to Intel Xeon 6700-Series Processor Specification Update for details. - Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. - Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ARL-H | A1 | 06-c5-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2) | ARL-S/HX (8P) | B0 | 06-c6-02/82 | 00000118 | 00000119 | Core Ultra Processor (Series 2) | EMR-SP | A1 | 06-cf-02/87 | 210002a9 | 210002b3 | Xeon Scalable Gen5 | GNR-AP/SP | B0 | 06-ad-01/95 | 010003a2 | 010003d0 | Xeon Scalable Gen6 | GNR-AP/SP | H0 | 06-ad-01/20 | 0a0000d1 | 0a000100 | Xeon Scalable Gen6 | ICL-D | B0 | 06-6c-01/10 | 010002d0 | 010002e0 | Xeon D-17xx, D-27xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d000404 | 0d000410 | Xeon Scalable Gen3 | LNL | B0 | 06-bd-01/80 | 0000011f | 00000123 | Core Ultra 200 V Series Processor | MTL | C0 | 06-aa-04/e6 | 00000024 | 00000025 | Core™ Ultra Processor | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004128 | 00004129 | Core Gen13 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004128 | 00004129 | Core Gen13 | SPR-HBM | Bx | 06-8f-08/10 | 2c0003f7 | 2c000401 | Xeon Max | SPR-SP | E4/S2 | 06-8f-07/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b000639 | 2b000643 | Xeon Scalable Gen4 | SRF-SP | C0 | 06-af-03/01 | 03000341 | 03000362 | Xeon 6700-Series Processors with E-Cores New Disclosures Updated in Prior Releases: All ADL, RPL, SPR, EMR, MTL, ARL Microcode patches previously released in May 2025. ------------------------------------------------------------------ ------------------ 2025-8-20 - Aug 20 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit-machines: - Update to 337 * 337 - Bug fixes and translation updates * 336 - Graphical VNC and serial consoles improvements - Control VNC console resizing and scaling - Bug fixes and translation updates * 335 - Bug fixes and translation updates * 334 - Bug fixes and translation updates ++++ cockpit-podman: - Update to 112 * 112 - Translation and dependency updates * 111 - Bug fixes and translation updates * 110 - Bug fixes and translation updates * 109 - Bug fixes and translation updates * 108 - Bug fixes and translation updates ++++ git: - Use zlib instead of zlib-ng for SLES16 ++++ kernel-default: - ixgbe: prevent from unwanted interface name changes (git-fixes). - commit b593885 - kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes). - commit 7c0fd06 - devlink: let driver opt out of automatic phys_port_name generation (git-fixes). - commit 28c0839 - md: make rdev_addable usable for rcu mode (git-fixes). - block: ensure discard_granularity is zero when discard is not supported (git-fixes). - scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes). - scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes). - scsi: mpt3sas: Fix a fw_event memory leak (git-fixes). - scsi: isci: Fix dma_unmap_sg() nents value (git-fixes). - scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes). - scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes). - scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes). - scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes). - scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes). - scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes). - scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes). - sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes). - md: allow removing faulty rdev during resync (git-fixes). - block: sanitize chunk_sectors for atomic write limits (git-fixes). - block: mtip32xx: Fix usage of dma_map_sg() (git-fixes). - ublk: use vmalloc for ublk_device's __queues (git-fixes). - block: Introduce bio_needs_zone_write_plugging() (git-fixes). - loop: use kiocb helpers to fix lockdep warning (git-fixes). - block: fix kobject leak in blk_unregister_queue (git-fixes). - md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes). - ublk: sanity check add_dev input for underflow (git-fixes). - aoe: defer rexmit timer downdev work to workqueue (git-fixes). - scsi: core: ufs: Fix a hang in the error handler (CVE-2025-38119 bsc#1245700). - commit d72a9d3 - fs/fhandle.c: fix a race in call of has_locked_children() (CVE-2025-38306 bsc#1246366) - commit ba2c55e - clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (CVE-2025-38499 bsc#1247976) - commit e64cd3b - selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320). - commit e28bde1 - livepatch: Add stack_order sysfs attribute (poo#187320). - commit 9ec1cd1 - selftests: livepatch: test if ftrace can trace a livepatched function (poo#187320). - commit 30f78a7 - selftests: livepatch: add new ftrace helpers functions (poo#187320). - commit 2920271 - selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE (poo#187320). - commit 6f6ceda - selftests: livepatch: handle PRINTK_CALLER in check_result() (poo#187320). - commit 1420668 - selftests: livepatch: add test cases of stack_order sysfs interface (poo#187320). - commit d445e83 - selftests/livepatch: Replace hardcoded module name with variable in test-callbacks.sh (poo#187320). - commit 35f2fcd - selftests: livepatch: test livepatching a kprobed function (poo#187320). - commit 9775843 - selftests: livepatch: save and restore kprobe state (poo#187320). - commit 687700e - selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR (poo#187320). - commit 7dc1564 - selftests/run_kselftest.sh: Use readlink if realpath is not available (poo#187320). - commit d609bae - selftests/run_kselftest.sh: Fix help string for --per-test-log (poo#187320). - commit 0a13bf1 - selftests: ncdevmem: Move ncdevmem under drivers/net/hw (poo#187443). - Refresh patches.suse/selftests-net-Add-busy_poll_test.patch. - commit bfa5fe6 - hrtimers: Handle CPU state correctly on hotplug (CVE-2024-57951 bsc#1237108). - commit 4d85e21 - Revert "libfs: fix infinite directory reads for offset dir" (CVE-2024-57952 bsc#1237131). - commit a2419ea ++++ kernel-rt: - ixgbe: prevent from unwanted interface name changes (git-fixes). - commit b593885 - kABI: fix for struct devlink_port_attrs: move new member to the end (git-fixes). - commit 7c0fd06 - devlink: let driver opt out of automatic phys_port_name generation (git-fixes). - commit 28c0839 - md: make rdev_addable usable for rcu mode (git-fixes). - block: ensure discard_granularity is zero when discard is not supported (git-fixes). - scsi: sd: Make sd shutdown issue START STOP UNIT appropriately (git-fixes). - scsi: Revert "scsi: iscsi: Fix HW conn removal use after free" (git-fixes). - scsi: mpt3sas: Fix a fw_event memory leak (git-fixes). - scsi: isci: Fix dma_unmap_sg() nents value (git-fixes). - scsi: mvsas: Fix dma_unmap_sg() nents value (git-fixes). - scsi: elx: efct: Fix dma_unmap_sg() nents value (git-fixes). - scsi: core: Fix kernel doc for scsi_track_queue_full() (git-fixes). - scsi: ibmvscsi_tgt: Fix dma_unmap_sg() nents value (git-fixes). - scsi: mpi3mr: Serialize admin queue BAR writes on 32-bit systems (git-fixes). - scsi: mpi3mr: Fix race between config read submit and interrupt completion (git-fixes). - scsi: mpi3mr: Fix kernel-doc issues in mpi3mr_app.c (git-fixes). - sunvdc: Balance device refcount in vdc_port_mpgroup_check (git-fixes). - md: allow removing faulty rdev during resync (git-fixes). - block: sanitize chunk_sectors for atomic write limits (git-fixes). - block: mtip32xx: Fix usage of dma_map_sg() (git-fixes). - ublk: use vmalloc for ublk_device's __queues (git-fixes). - block: Introduce bio_needs_zone_write_plugging() (git-fixes). - loop: use kiocb helpers to fix lockdep warning (git-fixes). - block: fix kobject leak in blk_unregister_queue (git-fixes). - md/raid1,raid10: strip REQ_NOWAIT from member bios (git-fixes). - ublk: sanity check add_dev input for underflow (git-fixes). - aoe: defer rexmit timer downdev work to workqueue (git-fixes). - scsi: core: ufs: Fix a hang in the error handler (CVE-2025-38119 bsc#1245700). - commit d72a9d3 - fs/fhandle.c: fix a race in call of has_locked_children() (CVE-2025-38306 bsc#1246366) - commit ba2c55e - clone_private_mnt(): make sure that caller has CAP_SYS_ADMIN in the right userns (CVE-2025-38499 bsc#1247976) - commit e64cd3b - selftests/livepatch: Ignore NO_SUPPORT line in dmesg (poo#187320). - commit e28bde1 - livepatch: Add stack_order sysfs attribute (poo#187320). - commit 9ec1cd1 - selftests: livepatch: test if ftrace can trace a livepatched function (poo#187320). - commit 30f78a7 - selftests: livepatch: add new ftrace helpers functions (poo#187320). - commit 2920271 - selftest/livepatch: Only run test-kprobe with CONFIG_KPROBES_ON_FTRACE (poo#187320). - commit 6f6ceda - selftests: livepatch: handle PRINTK_CALLER in check_result() (poo#187320). - commit 1420668 - selftests: livepatch: add test cases of stack_order sysfs interface (poo#187320). - commit d445e83 - selftests/livepatch: Replace hardcoded module name with variable in test-callbacks.sh (poo#187320). - commit 35f2fcd - selftests: livepatch: test livepatching a kprobed function (poo#187320). - commit 9775843 - selftests: livepatch: save and restore kprobe state (poo#187320). - commit 687700e - selftests: livepatch: rename KLP_SYSFS_DIR to SYSFS_KLP_DIR (poo#187320). - commit 7dc1564 - selftests/run_kselftest.sh: Use readlink if realpath is not available (poo#187320). - commit d609bae - selftests/run_kselftest.sh: Fix help string for --per-test-log (poo#187320). - commit 0a13bf1 - selftests: ncdevmem: Move ncdevmem under drivers/net/hw (poo#187443). - Refresh patches.suse/selftests-net-Add-busy_poll_test.patch. - commit bfa5fe6 - hrtimers: Handle CPU state correctly on hotplug (CVE-2024-57951 bsc#1237108). - commit 4d85e21 - Revert "libfs: fix infinite directory reads for offset dir" (CVE-2024-57952 bsc#1237131). - commit a2419ea ++++ rust-keylime: - Update vendored crates (bsc#1248006, CVE-2025-55159) * slab 0.4.11 - Add Cargo_lock.patch patch to update slab and other dependencies - Update to version 0.2.8+12: * build(deps): bump actions/checkout from 4 to 5 * build(deps): bump cfg-if from 1.0.0 to 1.0.1 * build(deps): bump openssl from 0.10.72 to 0.10.73 * build(deps): bump clap from 4.5.39 to 4.5.45 * build(deps): bump pest from 2.8.0 to 2.8.1 * Fix clippy warnings * Use verifier-provided interval for continuous attestation timing * Add meta object with seconds_to_next_attestation to evidence response * Fix boot time retrieval * Fix IMA log format (it must be ['text/plain']) (#1073) * Remove unnecessary configuration fields * cargo: Bump retry-policies to version 0.4.0 * Bump version to 0.2.8 ------------------------------------------------------------------ ------------------ 2025-8-19 - Aug 19 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Update SLFO integration test Make sure ps tool is installed ++++ drbd-utils: - drbd_passive didn't start due to drbd.rules returning error (bsc#1247534) * update patch - bsc-1247534_drbd-didnt-start-due-to-drbd_rules-returning-err.patch ++++ kernel-default: - efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths (CVE-2025-38549 bsc#1248235). - commit fd82800 - scsi: target: iscsi: Fix timeout on deleted connection (CVE-2025-38075 bsc#1244734) - commit 9ff5b21 - net: mctp: Don't access ifa_index when missing (CVE-2025-38006 bsc#1244930) - commit d4809b9 ++++ kernel-rt: - efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths (CVE-2025-38549 bsc#1248235). - commit fd82800 - scsi: target: iscsi: Fix timeout on deleted connection (CVE-2025-38075 bsc#1244734) - commit 9ff5b21 - net: mctp: Don't access ifa_index when missing (CVE-2025-38006 bsc#1244930) - commit d4809b9 ------------------------------------------------------------------ ------------------ 2025-8-18 - Aug 18 2025 ------------------- ------------------------------------------------------------------ ++++ gdk-pixbuf: - Add gdk-pixbuf-jpeg-icc-data.patch: be more careful with icc data (bsc#1246114 CVE-2025-7345 glgo@GNOME/gdk-pixbuf!217). ++++ git: - Update to 2.51.0 - UI, Workflows & Features - Userdiff patterns for the R language have been added. - Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. - "git cat-file --batch" learns to understand %(objectmode) atom to allow the caller to tell missing objects (due to repository corruption) and submodules (whose commit objects are OK to be missing) apart. - "git diff --no-index dirA dirB" can limit the comparison with pathspec at the end of the command line, just like normal "git diff". - "git subtree" (in contrib/) learned to grok GPG signing its commits. - "git whatchanged" that is longer to type than "git log --raw" which is its modern rough equivalent has outlived its usefulness more than 10 years ago. Plan to deprecate and remove it. - An interchange format for stash entries is defined, and subcommand of "git stash" to import/export has been added. - "git merge/pull" has been taught the "--compact-summary" option to use the compact-summary format, intead of diffstat, when showing the summary of the incoming changes. - "git imap-send" has been broken for a long time, which has been resurrected and then taught to talk OAuth2.0 etc. - Some error messages from "git imap-send" has been updated. - When "git daemon" sees a signal while attempting to accept() a new client, instead of retrying, it skipped it by mistake, which has been corrected. - The reftable ref backend has matured enough; Git 3.0 will make it the default format in a newly created repositories by default. - "netrc" credential helper has been improved to understand textual service names (like smtp) in addition to the numeric port numbers (like 25). - Lift the limitation to use changed-path filter in "git log" so that it can be used for a pathspec with multiple literal paths. - Clean up the way how signature on commit objects are exported to and imported from fast-import stream. - Remove unsupported, unused, and unsupportable old option from "git log". - Document recently added "git imap-send --list" with an example. - "git pull" learned to pay attention to pull.autostash configuration variable, which overrides rebase/merge.autostash. - "git for-each-ref" learns "--start-after" option to help applications that want to page its output. - "git switch" and "git restore" are declared to be no longer experimental. - "git -c alias.foo=bar foo -h baz" reported "'foo' is aliased to 'bar'" and then went on to run "git foo -h baz", which was unexpected. Tighten the rule so that alias expansion is reported only when "-h" is the sole option. - Performance, Internal Implementation, Development Support etc. - "git pack-objects" learned to find delta bases from blobs at the same path, using the --path-walk API. - CodingGuidelines update. - Add settings for Solaris 10 & 11. - Meson-based build/test framework now understands TAP output generated by our tests. - "Do not explicitly initialize to zero" rule has been clarified in the CodingGuidelines document. - A test helper "test_seq" function learned the "-f " option, which allowed us to simplify a lot of test scripts. - A lot of stale stuff has been removed from the contrib/ hierarchy. - "git push" and "git fetch" are taught to update refs in batches to gain performance. - Some code paths in "git prune" used to ignore the passed-in repository object and used the `the_repository` singleton instance instead, which has been corrected. - Update ".clang-format" and ".editorconfig" to match our style guide a bit better. - "make coccicheck" succeeds even when spatch made suggestions, which has been updated to fail in such a case. - Code clean-up around object access API. - Define .precision to more canned parse-options type to avoid bugs coming from using a variable with a wrong type to capture the parsed values. - Flipping the default hash function to SHA-256 at Git 3.0 boundary is planned. - Declare weather-balloon we raised for "bool" type 18 months ago a success and officially allow using the type in our codebase. - GIT_TEST_INSTALLED was not honored in the recent topic related to SHA256 hashes, which has been corrected. - The pop_most_recent_commit() function can have quite expensive worst case performance characteristics, which has been optimized by using prio-queue data structure. - Move structure definition from unrelated header file to where it belongs. - To help our developers, document what C99 language features are being considered for adoption, in addition to what past experiments have already decided. - The reftable unit tests are now ported to the "clar" unit testing framework. - Redefine where the multi-pack-index sits in the object subsystem, which recently was restructured to allow multiple backends that support a single object source that belongs to one repository. A MIDX does span multiple "object sources". - Reduce implicit assumption and dependence on the_repository in the object-file subsystem. - Fixes since v2.50 Unless otherwise noted, all the changes in 2.50.X maintenance track, including security updates, are included in this release. - A memory-leak in an error code path has been plugged. (merge 7082da85cb ly/commit-graph-graph-write-leakfix later to maint). - A memory-leak in an error code path has been plugged. (merge aedebdb6b9 ly/fetch-pack-leakfix later to maint). - Some leftover references to documentation source files that no longer exist, due to recent ".txt" -> ".adoc" renaming, have been corrected. (merge 3717a5775a jw/doc-txt-to-adoc-refs later to maint). - "git stash -p " improvements. (merge 468817bab2 pw/stash-p-pathspec-fixes later to maint). - "git send-email" incremented its internal message counter when a message was edited, which made logic that treats the first message specially misbehave, which has been corrected. (merge 2cc27b3501 ag/send-email-edit-threading-fix later to maint). - "git stash" recorded a wrong branch name when submodules are present in the current checkout, which has been corrected. (merge ffb36c64f2 kj/stash-onbranch-submodule-fix later to maint). - When asking to apply mailmap to both author and committer field while showing a commit object, the field that appears later was not correctly parsed and replaced, which has been corrected. (merge abf94a283f sa/multi-mailmap-fix later to maint). - "git maintenance" lacked the care "git gc" had to avoid holding onto the repository lock for too long during packing refs, which has been remedied. (merge 1b5074e614 ps/maintenance-ref-lock later to maint). - Avoid regexp_constraint and instead use comparison_constraint when listing functions to exclude from application of coccinelle rules, as spatch can be built with different regexp engine X-<. (merge f2ad545813 jc/cocci-avoid-regexp-constraint later to maint). - Updating submodules from the upstream did not work well when submodule's HEAD is detached, which has been improved. (merge ca62f524c1 jk/submodule-remote-lookup-cleanup later to maint). - Remove unnecessary check from "git daemon" code. (merge 0c856224d2 cb/daemon-fd-check-fix later to maint). - Use of sysctl() system call to learn the total RAM size used on BSDs has been corrected. (merge 781c1cf571 cb/total-ram-bsd-fix later to maint). - Drop FreeBSD 4 support and declare that we support only FreeBSD 12 or later, which has memmem() supported. (merge 0392f976a7 bs/config-mak-freebsd later to maint). - A diff-filter with negative-only specification like "git log - -diff-filter=d" did not trigger correctly, which has been fixed. (merge 375ac087c5 jk/all-negative-diff-filter-fix later to maint). - A failure to open the index file for writing due to conflicting access did not state what went wrong, which has been corrected. (merge 9455397a5c hy/read-cache-lock-error-fix later to maint). - Tempfile removal fix in the codepath to sign commits with SSH keys. (merge 4498127b04 re/ssh-sign-buffer-fix later to maint). - Code and test clean-up around string-list API. (merge 6e5b26c3ff sj/string-list later to maint). - "git apply -N" should start from the current index and register only new files, but it instead started from an empty index, which has been corrected. (merge 2b49d97fcb rp/apply-intent-to-add-fix later to maint). - Leakfix with a new and a bit invasive test on pack-bitmap files. (merge bfd5522e98 ly/load-bitmap-leakfix later to maint). - "git fetch --prune" used to be O(n^2) expensive when there are many refs, which has been corrected. (merge 87d8d8c5d0 ph/fetch-prune-optim later to maint). - When a ref creation at refs/heads/foo/bar fails, the files backend now removes refs/heads/foo/ if the directory is otherwise not used. (merge a3a7f20516 ps/refs-files-remove-empty-parent later to maint). - "pack-objects" has been taught to avoid pointing into objects in cruft packs from midx. - "git remote" now detects remote names that overlap with each other (e.g., remote nickname "outer" and "outer/inner" are used at the same time), as it will lead to overlapping remote-tracking branches. (merge a5a727c448 jk/remote-avoid-overlapping-names later to maint). - The gpg.program configuration variable, which names a pathname to the (custom) GPG compatible program, can now be spelled with ~tilde expansion. (merge 7d275cd5c0 jb/gpg-program-variable-is-a-pathname later to maint). - Our header file relied on that the system-supplied header is not later included, which would override our macro definitions, but "amazon linux" broke this assumption. Fix this by preemptively including near the beginning of ourselves. (merge 9d3b33125f ps/sane-ctype-workaround later to maint). - Clean-up compat/bswap.h mess. (merge f4ac32c03a ss/compat-bswap-revamp later to maint). - Meson-based build did not handle libexecdir setting correctly, which has been corrected. (merge 056dbe8612 rj/meson-libexecdir-fix later to maint). - Document that we do not require "real" name when signing your patches off. (merge 1f0fed312a bc/contribution-under-non-real-names later to maint). - "git commit" that concludes a conflicted merge failed to notice and remove existing comment added automatically (like "# Conflicts:") when the core.commentstring is set to 'auto'. (merge 92b7c7c9f5 ac/auto-comment-char-fix later to maint). - "git rebase -i" with bogus rebase.instructionFormat configuration failed to produce the todo file after recording the state files, leading to confused "git status"; this has been corrected. (merge ade14bffd7 ow/rebase-verify-insn-fmt-before-initializing-state later to maint). - A few file descriptors left unclosed upon program completion in a few test helper programs are now closed. (merge 0f1b33815b hl/test-helper-fd-close later to maint). - Interactive prompt code did not correctly strip CRLF from the end of line on Windows. (merge 711a20827b js/prompt-crlf-fix later to maint). - The config API had a set of convenience wrapper functions that implicitly use the_repository instance; they have been removed and inlined at the calling sites. - "git add/etc -p" now honor the diff.context configuration variable, and also they learn to honor the -U command-line option. (merge 2b3ae04011 lm/add-p-context later to maint). - The case where a new submodule takes a path where there used to be a completely different subproject is now dealt with a bit better than before. (merge 5ed8c5b465 kj/renamed-submodule later to maint). - The deflate codepath in "git archive --format=zip" had a longstanding bug coming from misuse of zlib API, which has been corrected. - drop patches included in update: 0001-git-gui-Replace-null_sha1-with-nullid.patch 0001-gitk-Add-support-of-SHA256-repo.patch 0002-git-gui-Add-support-of-SHA256-repo.patch - refreshed patches: CVE-2024-24577.patch completion-wordbreaks.diff git-tcsh-completion-fixes.diff setup-don-t-fail-if-commondir-reference-is-deleted.patch - contrib/workdir is dropped. remove references for it. ++++ kernel-default: - printk: nbcon: Allow reacquire during panic (bsc#1246688). - commit 941c111 - netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (CVE-2025-38201 bsc#1245977). - commit 4f77e20 - netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (CVE-2025-38441 bsc#1247167). - commit d5364ae - netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (CVE-2025-38472 bsc#1247313). - commit 11979f4 - netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (git-fixes). - commit 596135b - powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199). - powerpc: do not build ppc_save_regs.o always (bsc#1215199). - commit 8f66a65 - s390/mm: Allocate page table with PAGE_SIZE granularity (git-fixes bsc#1247838). - commit bb475d8 - x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483 CVE-2025-40300). - commit 0596b58 - x86/bugs: Move cpu_bugs_smt_update() down (bsc#1247483 CVE-2025-40300). - commit fcdc737 - x86/vmscape: Enable the mitigation (bsc#1247483 CVE-2025-40300). - Update config files. - commit 0178963 - powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199). - powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199). - PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199). - PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199). - arch/powerpc: Remove .interp section in vmlinux (bsc#1215199). - commit c0014cb - x86/vmscape: Add conditional IBPB mitigation (bsc#1247483 CVE-2025-40300). - commit 4212c10 - sched/psi: Fix psi_seq initialization (bsc#1248155). - commit 2dd3707 - x86/vmscape: Enumerate VMSCAPE bug (bsc#1247483 CVE-2025-40300). - commit 91b029d - Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483 CVE-2025-40300). - commit c6b560b ++++ kernel-rt: - printk: nbcon: Allow reacquire during panic (bsc#1246688). - commit 941c111 - netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX (CVE-2025-38201 bsc#1245977). - commit 4f77e20 - netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() (CVE-2025-38441 bsc#1247167). - commit d5364ae - netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (CVE-2025-38472 bsc#1247313). - commit 11979f4 - netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (git-fixes). - commit 596135b - powerpc/kernel: Fix ppc_save_regs inclusion in build (bsc#1215199). - powerpc: do not build ppc_save_regs.o always (bsc#1215199). - commit 8f66a65 - s390/mm: Allocate page table with PAGE_SIZE granularity (git-fixes bsc#1247838). - commit bb475d8 - x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483 CVE-2025-40300). - commit 0596b58 - x86/bugs: Move cpu_bugs_smt_update() down (bsc#1247483 CVE-2025-40300). - commit fcdc737 - x86/vmscape: Enable the mitigation (bsc#1247483 CVE-2025-40300). - Update config files. - commit 0178963 - powerpc/eeh: Make EEH driver device hotplug safe (bsc#1215199). - powerpc/eeh: Export eeh_unfreeze_pe() (bsc#1215199). - PCI: pnv_php: Work around switches with broken presence detection (bsc#1215199). - PCI: pnv_php: Clean up allocated IRQs on unplug (bsc#1215199). - arch/powerpc: Remove .interp section in vmlinux (bsc#1215199). - commit c0014cb - x86/vmscape: Add conditional IBPB mitigation (bsc#1247483 CVE-2025-40300). - commit 4212c10 - sched/psi: Fix psi_seq initialization (bsc#1248155). - commit 2dd3707 - x86/vmscape: Enumerate VMSCAPE bug (bsc#1247483 CVE-2025-40300). - commit 91b029d - Documentation/hw-vuln: Add VMSCAPE documentation (bsc#1247483 CVE-2025-40300). - commit c6b560b ------------------------------------------------------------------ ------------------ 2025-8-17 - Aug 17 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ata: libata-scsi: Fix CDL control (git-fixes). - commit 0aa8bcb ++++ kernel-rt: - ata: libata-scsi: Fix CDL control (git-fixes). - commit 0aa8bcb ++++ openssl-3: - Move ssl configuration files to the libopenssl package [bsc#1247463] - Don't install unneeded NOTES ------------------------------------------------------------------ ------------------ 2025-8-16 - Aug 16 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - drm/amdgpu: fix incorrect vm flags to map bo (git-fixes). - drm/amdgpu: fix vram reservation issue (git-fixes). - drm/bridge: fix OF node leak (git-fixes). - ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes). - ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes). - ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes). - gpio: mlxbf3: use platform_get_irq_optional() (git-fixes). - Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes). - soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes). - net: mdio: mdio-bcm-unimac: Correct rate fallback logic (git-fixes). - net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). - ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26) (stable-fixes). - ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx (stable-fixes). - ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx (stable-fixes). - Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes). - USB: serial: option: add Foxconn T99W709 (stable-fixes). - ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes). - ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes). - ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes). - ALSA: hda/cs35l56: Workaround bad dev-index on Lenovo Yoga Book 9i GenX (stable-fixes). - ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes). - drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes). - drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes). - drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes). - drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes). - drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes). - drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes). - accel/ivpu: Fix reset_engine debugfs file logic (stable-fixes). - commit 6ed913d ++++ kernel-rt: - drm/amdgpu: fix incorrect vm flags to map bo (git-fixes). - drm/amdgpu: fix vram reservation issue (git-fixes). - drm/bridge: fix OF node leak (git-fixes). - ALSA: usb-audio: Validate UAC3 cluster segment descriptors (git-fixes). - ALSA: usb-audio: Validate UAC3 power domain descriptors, too (git-fixes). - ASoC: fsl_sai: replace regmap_write with regmap_update_bits (git-fixes). - gpio: mlxbf3: use platform_get_irq_optional() (git-fixes). - Revert "gpio: mlxbf3: only get IRQ for device instance 0" (git-fixes). - soc/tegra: pmc: Ensure power-domains are in a known state (git-fixes). - net: mdio: mdio-bcm-unimac: Correct rate fallback logic (git-fixes). - net: usbnet: Fix the wrong netif_carrier_on() call (git-fixes). - ALSA: hda/realtek - Fix mute LED for HP Victus 16-d1xxx (MB 8A26) (stable-fixes). - ALSA: hda/realtek - Fix mute LED for HP Victus 16-s0xxx (stable-fixes). - ALSA: hda/realtek - Fix mute LED for HP Victus 16-r1xxx (stable-fixes). - Bluetooth: btusb: Add USB ID 3625:010b for TP-LINK Archer TX10UB Nano (stable-fixes). - USB: serial: option: add Foxconn T99W709 (stable-fixes). - ASoC: amd: yc: Add DMI quirk for HP Laptop 17 cp-2033dx (stable-fixes). - ASoC: amd: yc: Add DMI entries to support HP 15-fb1xxx (stable-fixes). - ASoC: Intel: fix SND_SOC_SOF dependencies (stable-fixes). - ALSA: hda/cs35l56: Workaround bad dev-index on Lenovo Yoga Book 9i GenX (stable-fixes). - ASoC: amd: yc: add DMI quirk for ASUS M6501RM (stable-fixes). - drm/i915/ddi: only call shutdown hooks for valid encoders (stable-fixes). - drm/i915/display: add intel_encoder_is_hdmi() (stable-fixes). - drm/i915/ddi: gracefully handle errors from intel_ddi_init_hdmi_connector() (stable-fixes). - drm/i915/hdmi: add error handling in g4x_hdmi_init() (stable-fixes). - drm/i915/hdmi: propagate errors from intel_hdmi_init_connector() (stable-fixes). - drm/i915/ddi: change intel_ddi_init_{dp, hdmi}_connector() return type (stable-fixes). - accel/ivpu: Fix reset_engine debugfs file logic (stable-fixes). - commit 6ed913d ------------------------------------------------------------------ ------------------ 2025-8-15 - Aug 15 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Fix exclude list for live image builds When specifying a filesystem attribute for a live image build, the rootfs gets build directly into this filesystem instead of being a squashfs wraped ext4 which is the default layout for compatibility reasons. In this direct filesystem mode the exclude list was not passed along to the filesystem creation and causes unwanted metadata to be part of the final image. This Fixes #2873 ++++ drbd-utils: - drbd_passive didn't start due to drbd.rules returning error (bsc#1247534) * remove patch - bsc-1239437_drbd.rules-fix-missing-udev-device.patch * add patch - bsc-1247534_drbd-didnt-start-due-to-drbd_rules-returning-err.patch ++++ kernel-default: - ACPI: processor: perflib: Move problematic pr->performance check (git-fixes). - net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes). - commit c0405fc ++++ kernel-rt: - ACPI: processor: perflib: Move problematic pr->performance check (git-fixes). - net: usb: asix_devices: add phy_mask for ax88772 mdio bus (git-fixes). - commit c0405fc ++++ python313-core: - Update to 3.13.7: - gh-137583: Fix a deadlock introduced in 3.13.6 when a call to ssl.SSLSocket.recv was blocked in one thread, and then another method on the object (such as ssl.SSLSocket.send) was subsequently called in another thread. - gh-137044: Return large limit values as positive integers instead of negative integers in resource.getrlimit(). Accept large values and reject negative values (except RLIM_INFINITY) for limits in resource.setrlimit(). - gh-136914: Fix retrieval of doctest.DocTest.lineno for objects decorated with functools.cache() or functools.cached_property. - gh-131788: Make ResourceTracker.send from multiprocessing re-entrant safe - gh-136155: We are now checking for fatal errors in EPUB builds in CI. - gh-137400: Fix a crash in the free threading build when disabling profiling or tracing across all threads with PyEval_SetProfileAllThreads() or PyEval_SetTraceAllThreads() or their Python equivalents threading.settrace_all_threads() and threading.setprofile_all_threads(). - Remove upstreamed patch: - gh137583-only-lock-SSL-context.patch ++++ python313: - Update to 3.13.7: - gh-137583: Fix a deadlock introduced in 3.13.6 when a call to ssl.SSLSocket.recv was blocked in one thread, and then another method on the object (such as ssl.SSLSocket.send) was subsequently called in another thread. - gh-137044: Return large limit values as positive integers instead of negative integers in resource.getrlimit(). Accept large values and reject negative values (except RLIM_INFINITY) for limits in resource.setrlimit(). - gh-136914: Fix retrieval of doctest.DocTest.lineno for objects decorated with functools.cache() or functools.cached_property. - gh-131788: Make ResourceTracker.send from multiprocessing re-entrant safe - gh-136155: We are now checking for fatal errors in EPUB builds in CI. - gh-137400: Fix a crash in the free threading build when disabling profiling or tracing across all threads with PyEval_SetProfileAllThreads() or PyEval_SetTraceAllThreads() or their Python equivalents threading.settrace_all_threads() and threading.setprofile_all_threads(). - Remove upstreamed patch: - gh137583-only-lock-SSL-context.patch ------------------------------------------------------------------ ------------------ 2025-8-14 - Aug 14 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Update to 344 * Changes since 340 - 344 * Bug fixes and translation updates - 343 * login: Improve error message for unsupported shells * cockpit: Handle file access issues with files in machines.d * Translation updates - 342 * systemd: ensure update() is called at least once for tuned-dialog * Translation updates - 341 * services: show link to podman page for quadlets * Bug fixes and translation updates - Remove kdump-nfs-fixes.patch as this was upstreamed - Fix not falling back to PRETTY_NAME in SUSE_PRETTY_NAME patches bsc#1248446 ++++ kernel-default: - Refresh patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch Drop the static_assert() kABI checks temporarily until we have a proper solution to signal kABI verification. - commit e7bb4bf - Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108). - commit e707e41 - PCI: dw-rockchip: Replace PERST# sleep time with proper macro (git-fixes). - commit bb054e5 - PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes). - PCI: rockchip: Use standard PCIe definitions (git-fixes). - PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features (git-fixes). - PCI: qcom: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ (git-fixes). - PCI: dw-rockchip: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ (git-fixes). - PCI: Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS (git-fixes). - PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes). - PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes). - kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes). - PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes). - serial: 8250: fix panic due to PSLVERR (git-fixes). - PCI: imx6: Add i.MX8Q PCIe Endpoint (EP) support (git-fixes). - commit d9839d9 - habanalabs: fix UAF in export_dmabuf() (git-fixes). - commit e4702d9 - mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes) - commit ca79f49 - bpf, arm64: Fix fp initialization for exception boundary (git-fixes) - commit 99a8d8c - arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes) - commit eead6a6 - arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes) - commit cdabae0 - arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes) - commit 9c47c1b - arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes) - commit eb83c61 - arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes) - commit 2f99788 - arm64: dts: imx8mp-venice-gw702x: Increase HS400 USDHC clock speed (git-fixes) - commit bf3a9db - arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes) - commit 1f06f91 - arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes) - commit 35f4757 - arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes) - commit 3b1791e - arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV (git-fixes) - commit d3b2a07 - arm64: dts: st: fix timer used for ticks (git-fixes) - commit 564f85e - arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes) - commit f18579c - arm64: dts: exynos: gs101: ufs: add dma-coherent property (git-fixes) - commit 22fb09f - arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes (git-fixes) - commit b3eb296 - arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes) - commit 1656f5d - arm64: dts: rockchip: Add cd-gpios for sdcard detect on Cool Pi CM5 (git-fixes) - commit 06668ed - arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes) - commit 7a17452 - arm64: dts: imx95: Correct the DMA interrupter number of pcie0_ep (git-fixes) - commit d3f8c87 - arm64: dts: add big-endian property back into watchdog node (git-fixes) - commit 28f0cfd - arm64: dts: imx8mp-venice-gw74xx: fix TPM SPI frequency (git-fixes) - commit 6ca14ce - arm64: dts: imx8mp-venice-gw73xx: fix TPM SPI frequency (git-fixes) - commit 35c5043 - arm64: dts: imx8mp-venice-gw72xx: fix TPM SPI frequency (git-fixes) - commit f964f6e - arm64: dts: imx8mp-venice-gw71xx: fix TPM SPI frequency (git-fixes) - commit 1221df5 - arm64/mm: Drop wrong writes into TCR2_EL1 (git-fixes) - commit e3d963f - arm64: poe: Handle spurious Overlay faults (git-fixes) - commit c62c76a - arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes) - commit 81f649f - arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes) - commit 9f9e25d - arm64: Restrict pagetable teardown to avoid false warning (git-fixes) - commit dee5a62 - arm64/mm: Close theoretical race where stale TLB entry remains valid (git-fixes) - commit 2b9ed9e - arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes) - commit e5bad02 - arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes) - commit 7f552e2 - arm64: dts: imx8mn-beacon: Set SAI5 MCLK direction to output for HDMI (git-fixes) - commit 5876cdf - arm64: dts: imx8mm-beacon: Set SAI5 MCLK direction to output for HDMI (git-fixes) - commit a98adac - arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes) - commit 51525e3 - arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes) - commit ad05c9f - arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes) - commit dfb5eed - arm64: tegra: Add uartd serial alias for Jetson TX1 module (git-fixes) - commit e812e32 - arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes) - commit e6ab9c1 - arm64: dts: rockchip: Add vcc-supply to SPI flash on rk3566-rock3c (git-fixes) - commit 13e0c58 - arm64: dts: rockchip: Move SHMEM memory to reserved memory on rk3588 (git-fixes) - commit 344f8c5 - kbuild: rust: add rustc-min-version support function (git-fixes) - commit 573f96a - arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes) - commit 82c486e - arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes) - commit 6c6ebf5 - arm64: tegra: Resize aperture for the IGX PCIe C5 slot (git-fixes) - commit d1d248d - arm64/mm: Check pmd_table() in pmd_trans_huge() (git-fixes) - commit 04e9ebd - arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes) - commit 68e8096 - arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes) - commit 8062927 - arm64/sysreg: Add register fields for HFGWTR2_EL2 (git-fixes) - commit c06ac5b - arm64/sysreg: Add register fields for HFGRTR2_EL2 (git-fixes) - commit ac00342 - arm64/sysreg: Add register fields for HFGITR2_EL2 (git-fixes) - commit 40903bf - arm64/sysreg: Add register fields for HDFGWTR2_EL2 (git-fixes) - commit 9b26437 - arm64/sysreg: Add register fields for HDFGRTR2_EL2 (git-fixes) - commit 6c6c2d1 - arm64/sysreg: Update register fields for ID_AA64MMFR0_EL1 (git-fixes) - commit 1862d57 - arm64: rust: clean Rust 1.85.0 warning using softfloat target (git-fixes) - commit 2c2605f - arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes) - commit d144825 ++++ kernel-rt: - Refresh patches.kabi/xsk-Fix-race-condition-in-AF_XDP-generic-RX-path.patch Drop the static_assert() kABI checks temporarily until we have a proper solution to signal kABI verification. - commit e7bb4bf - Move pesign-obs-integration requirement from kernel-syms to kernel devel subpackage (bsc#1248108). - commit e707e41 - PCI: dw-rockchip: Replace PERST# sleep time with proper macro (git-fixes). - commit bb054e5 - PCI: rockchip: Set Target Link Speed to 5.0 GT/s before retraining (git-fixes). - PCI: rockchip: Use standard PCIe definitions (git-fixes). - PCI: imx6: Add IMX8MQ_EP third 64-bit BAR in epc_features (git-fixes). - PCI: qcom: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ (git-fixes). - PCI: dw-rockchip: Wait PCIE_RESET_CONFIG_WAIT_MS after link-up IRQ (git-fixes). - PCI: Rename PCIE_RESET_CONFIG_DEVICE_WAIT_MS to PCIE_RESET_CONFIG_WAIT_MS (git-fixes). - PCI/portdrv: Use is_pciehp instead of is_hotplug_bridge (git-fixes). - PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes). - kABI: PCI/ACPI: Fix runtime PM ref imbalance on Hot-Plug Capable ports (git-fixes). - PCI: Support Immediate Readiness on devices without PM capabilities (git-fixes). - serial: 8250: fix panic due to PSLVERR (git-fixes). - PCI: imx6: Add i.MX8Q PCIe Endpoint (EP) support (git-fixes). - commit d9839d9 - habanalabs: fix UAF in export_dmabuf() (git-fixes). - commit e4702d9 - mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd() (git-fixes) - commit ca79f49 - bpf, arm64: Fix fp initialization for exception boundary (git-fixes) - commit 99a8d8c - arm64: dts: imx8mm-venice-gw7904: Increase HS400 USDHC clock speed (git-fixes) - commit eead6a6 - arm64: dts: imx8mm-venice-gw7903: Increase HS400 USDHC clock speed (git-fixes) - commit cdabae0 - arm64: dts: imx8mn-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes) - commit 9c47c1b - arm64: dts: imx8mm-venice-gw7902: Increase HS400 USDHC clock speed (git-fixes) - commit eb83c61 - arm64: dts: imx8mm-venice-gw7901: Increase HS400 USDHC clock speed (git-fixes) - commit 2f99788 - arm64: dts: imx8mp-venice-gw702x: Increase HS400 USDHC clock speed (git-fixes) - commit bf3a9db - arm64: dts: imx8mm-venice-gw700x: Increase HS400 USDHC clock speed (git-fixes) - commit 1f06f91 - arm64: dts: imx8mn-beacon: Fix HS400 USDHC clock speed (git-fixes) - commit 35f4757 - arm64: dts: imx8mm-beacon: Fix HS400 USDHC clock speed (git-fixes) - commit 3b1791e - arm64: dts: freescale: imx93-tqma9352: Limit BUCK2 to 600mV (git-fixes) - commit d3b2a07 - arm64: dts: st: fix timer used for ticks (git-fixes) - commit 564f85e - arm64: dts: rockchip: fix endpoint dtc warning for PX30 ISP (git-fixes) - commit f18579c - arm64: dts: exynos: gs101: ufs: add dma-coherent property (git-fixes) - commit 22fb09f - arm64: dts: exynos: gs101: Add 'local-timer-stop' to cpuidle nodes (git-fixes) - commit b3eb296 - arm64/entry: Mask DAIF in cpu_switch_to(), call_on_irq_stack() (git-fixes) - commit 1656f5d - arm64: dts: rockchip: Add cd-gpios for sdcard detect on Cool Pi CM5 (git-fixes) - commit 06668ed - arm64: dts: freescale: imx8mm-verdin: Keep LDO5 always on (git-fixes) - commit 7a17452 - arm64: dts: imx95: Correct the DMA interrupter number of pcie0_ep (git-fixes) - commit d3f8c87 - arm64: dts: add big-endian property back into watchdog node (git-fixes) - commit 28f0cfd - arm64: dts: imx8mp-venice-gw74xx: fix TPM SPI frequency (git-fixes) - commit 6ca14ce - arm64: dts: imx8mp-venice-gw73xx: fix TPM SPI frequency (git-fixes) - commit 35c5043 - arm64: dts: imx8mp-venice-gw72xx: fix TPM SPI frequency (git-fixes) - commit f964f6e - arm64: dts: imx8mp-venice-gw71xx: fix TPM SPI frequency (git-fixes) - commit 1221df5 - arm64/mm: Drop wrong writes into TCR2_EL1 (git-fixes) - commit e3d963f - arm64: poe: Handle spurious Overlay faults (git-fixes) - commit c62c76a - arm64: Filter out SME hwcaps when FEAT_SME isn't implemented (git-fixes) - commit 81f649f - arm64: dts: apple: t8103: Fix PCIe BCM4377 nodename (git-fixes) - commit 9f9e25d - arm64: Restrict pagetable teardown to avoid false warning (git-fixes) - commit dee5a62 - arm64/mm: Close theoretical race where stale TLB entry remains valid (git-fixes) - commit 2b9ed9e - arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes) - commit e5bad02 - arm64: dts: rockchip: Update eMMC for NanoPi R5 series (git-fixes) - commit 7f552e2 - arm64: dts: imx8mn-beacon: Set SAI5 MCLK direction to output for HDMI (git-fixes) - commit 5876cdf - arm64: dts: imx8mm-beacon: Set SAI5 MCLK direction to output for HDMI (git-fixes) - commit a98adac - arm64: dts: imx8mp-beacon: Fix RTC capacitive load (git-fixes) - commit 51525e3 - arm64: dts: imx8mn-beacon: Fix RTC capacitive load (git-fixes) - commit ad05c9f - arm64: dts: imx8mm-beacon: Fix RTC capacitive load (git-fixes) - commit dfb5eed - arm64: tegra: Add uartd serial alias for Jetson TX1 module (git-fixes) - commit e812e32 - arm64: tegra: Drop remaining serial clock-names and reset-names (git-fixes) - commit e6ab9c1 - arm64: dts: rockchip: Add vcc-supply to SPI flash on rk3566-rock3c (git-fixes) - commit 13e0c58 - arm64: dts: rockchip: Move SHMEM memory to reserved memory on rk3588 (git-fixes) - commit 344f8c5 - kbuild: rust: add rustc-min-version support function (git-fixes) - commit 573f96a - arm64: zynqmp: add clock-output-names property in clock nodes (git-fixes) - commit 82c486e - arm64: tegra: p2597: Fix gpio for vdd-1v8-dis regulator (git-fixes) - commit 6c6ebf5 - arm64: tegra: Resize aperture for the IGX PCIe C5 slot (git-fixes) - commit d1d248d - arm64/mm: Check pmd_table() in pmd_trans_huge() (git-fixes) - commit 04e9ebd - arm64/mm: Check PUD_TYPE_TABLE in pud_bad() (git-fixes) - commit 68e8096 - arm64: cputype: Add QCOM_CPU_PART_KRYO_3XX_GOLD (git-fixes) - commit 8062927 - arm64/sysreg: Add register fields for HFGWTR2_EL2 (git-fixes) - commit c06ac5b - arm64/sysreg: Add register fields for HFGRTR2_EL2 (git-fixes) - commit ac00342 - arm64/sysreg: Add register fields for HFGITR2_EL2 (git-fixes) - commit 40903bf - arm64/sysreg: Add register fields for HDFGWTR2_EL2 (git-fixes) - commit 9b26437 - arm64/sysreg: Add register fields for HDFGRTR2_EL2 (git-fixes) - commit 6c6c2d1 - arm64/sysreg: Update register fields for ID_AA64MMFR0_EL1 (git-fixes) - commit 1862d57 - arm64: rust: clean Rust 1.85.0 warning using softfloat target (git-fixes) - commit 2c2605f - arm64/mm: Ensure adequate HUGE_MAX_HSTATE (git-fixes) - commit d144825 ++++ harfbuzz: - Update to version 11.4.1: + Fix clang compiler warnings. - Changes from version 11.4.0: + General shaping and subsetting speedups. + Fix in Graphite shaping backend when glyph advances became negative. + Subsetting improvements, pruning empty mark-attachment lookups. + Don't use the macro name _S, which is reserved by system liberaries. + Build fixes and speedup. + Add a kbts shaping backend that calls into the kb_text_shape single-header shaping library. This is purely for testing and performance evaluation and we do NOT recommend using it for any other purposes. ++++ openldap2_6: - Update to version 2.6.10+10: * Add export symbols related to LDAP_CONNECTIONLESS - Initial import of OpenLDAP 2.6 ++++ mdadm: - Fix systemd unit file handling in spec file (boo#1207266) * make all units known to systemd * restart only timers and mdmonitor.service ++++ nvidia-open-driver-G06-signed: - make sure Requires to nvidia packages are not added for SLE16 ------------------------------------------------------------------ ------------------ 2025-8-13 - Aug 13 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782, CVE-2025-23141). - commit f303436 - net: libwx: remove duplicate page_pool_put_full_page() (CVE-2025-38490 bsc#1247243). - commit eca8cf3 - drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078 CVE-2025-38360) - commit 273e174 ++++ kernel-rt: - KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses (bsc#1242782, CVE-2025-23141). - commit f303436 - net: libwx: remove duplicate page_pool_put_full_page() (CVE-2025-38490 bsc#1247243). - commit eca8cf3 - drm/amd/display: Add more checks for DSC / HUBP ONO guarantees (bsc#1247078 CVE-2025-38360) - commit 273e174 ++++ podman: - Add patch for CVE-2025-6032 (bsc#1245320): * 0003-CVE-2025-6032-machine-init-fix-tls-check.patch ++++ ovmf: - Update firmware descriptors to remove tab whitespace (bsc#1247847) - Replace tab whitespace with spaces in 50-ovmf-x86_64-sev.json - Replace tab whitespace with spaces in 50-ovmf-x86_64-sev-snp.json ++++ virt-manager: - Adjust how we detect sles16 as the media layout changes. (bsc#1244685) (bsc#1249466) virtinst-add-sle16-detection-support.patch ------------------------------------------------------------------ ------------------ 2025-8-12 - Aug 12 2025 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 059+suse.696.g950c4798: * fix(dracut-util): crash if CMDLINE ends with quotation mark (bsc#1247819) * fix(74nvmf): set root=nvmf (bsc#1238848) ++++ gstreamer: - Update to version 1.26.5: + Highlighted bugfixes: - audioconvert: Fix caps negotiation regression when using a mix matrix - cea608overlay, cea708overlay: Accept GPU memory buffers if downstream supports the overlay composition meta - d3d12screencapture source element and device provider fixes - decodebin3: Don't error on an incoming ONVIF metadata stream - uridecodebin3: Fix potential crash when adding URIs to messages, e.g. if no decoder is available - v4l2: Fix memory leak for dynamic resolution change - VA encoder fixes - videorate, imagefreeze: Add support for JPEG XS - Vulkan integration fixes - wasapi2 audio device monitor improvements - threadshare: Many improvements and fixes to the generic threadshare and RTP threadshare elements - rtpbin2 improvements and fixes - gst-device-monitor-1.0 command line tool improvements - Various bug fixes, build fixes, memory leak fixes, and other stability and reliability improvements + gstreamer: - aggregator: add sub_latency_min to pad queue size - build: Disable C5287 warning on MSVC ++++ gstreamer-plugins-base: - Update to version 1.26.5: + audioconvert: mix-matrix causes caps negotiation failure + decodebin3: Don't error on an incoming ONVIF metadata stream + gloverlay: Recompute geometry when caps change, and load texture after stopping and starting again + uridecodebin3: Add missing locking and NULL checks when adding URIs to messages + uridecodebin3: segfault in update_message_with_uri() if no decoder available + videorate, imagefreeze: add support for JPEG XS + gst-device-monitor-1.0: Add shell quoting for launch lines + gst-device-monitor-1.0: Fix criticals, and also accept utf8 in launch lines + gst-device-monitor-1.0: Use gst_print instead of g_print ++++ kernel-default: - sunrpc: fix handling of server side tls alerts (git-fixes). - commit 7a563f7 ++++ kernel-rt: - sunrpc: fix handling of server side tls alerts (git-fixes). - commit 7a563f7 ++++ python313-core: - Add gh137583-only-lock-SSL-context.patch fixing the regression in 3.13.6 by breaking non-blocking TLS connections (gh#python/cpython#137583). ++++ python313: - Add gh137583-only-lock-SSL-context.patch fixing the regression in 3.13.6 by breaking non-blocking TLS connections (gh#python/cpython#137583). ++++ qemu: - Fix build issues due to Python version: * mkvenv: Support pip 25.2 (bsc#1247972) - Bug and CVE fixes: * tests: Avoid dependency on padding on signal messages (boo#1246830) * pcie_sriov: Fix configuration and state synchronization (bsc#1246992 CVE-2025-54566 CVE-2025-54567) * [openSUSE][RPM] linux-user: restart systemd-binfmt upon changes (bsc#1247443) ++++ ovmf: - Update firmware descriptors for SEV-SNP and TDX (bsc#1247847) - Add 50-ovmf-x86_64-sev-snp.json to support the 'amd-sev-snp' feature. - Remove the sev-snp feature from 50-ovmf-x86_64-sev.json. - Update the device in 60-ovmf-x86_64-tdx.json from 'pflash' to 'memory'. ++++ virt-manager: - bsc#1247865 - sles 16.0 rc3 KVM virt-manager detects windows 2025 as 2022 virtinst-windows-server-detection.patch ------------------------------------------------------------------ ------------------ 2025-8-11 - Aug 11 2025 ------------------- ------------------------------------------------------------------ ++++ busybox: - Add patch to fix adduser inside containers on an SELinux host (boo#1247779): * 0001-update_passwd-Avoid-selinux_preserve_fcontext-if-SEL.patch - Don't throw debug info away during build, let RPM separate it afterwards ++++ python-kiwi: - Fix test-image-custom-partitions integration test Same fix as for the Tumbleweed test now also applied to the Leap test. Patching of the new root device did no longer apply - Fix test-image-custom-partitions integration test Patching of the new root device did no longer apply - Bump version: 10.2.31 → 10.2.32 - fix: resize for raid device, ensure vars like kiwi_RaidDev are loaded before setting disk variable ++++ kernel-default: - dpll: zl3073x: ZL3073X_I2C and ZL3073X_SPI should depend on NET (jsc#PED-13331). - commit 7ae9e04 - dpll: Make ZL3073X invisible (jsc#PED-13331). - Update config files. - commit 1c5ea3f - dpll: Add basic Microchip ZL3073x support (jsc#PED-13331). - Update config files. - supported.conf: Mark ZL3073X modules supported - commit 9ca5336 - dpll: zl3073x: Fix build failure (jsc#PED-13331). - netlink: specs: devlink: replace underscores with dashes in names (jsc#PED-13331). - netlink: fix policy dump for int with validation callback (jsc#PED-13331). - commit 8ed21c1 - dpll: zl3073x: Add support to get/set frequency on pins (jsc#PED-13331). - dpll: zl3073x: Implement input pin state setting in automatic mode (jsc#PED-13331). - dpll: zl3073x: Add support to get/set priority on input pins (jsc#PED-13331). - dpll: zl3073x: Implement input pin selection in manual mode (jsc#PED-13331). - dpll: zl3073x: Register DPLL devices and pins (jsc#PED-13331). - dpll: zl3073x: Read DPLL types and pin properties from system firmware (jsc#PED-13331). - dpll: zl3073x: Fetch invariants during probe (jsc#PED-13331). - devlink: Add support for u64 parameters (jsc#PED-13331). - dt-bindings: dpll: Add support for Microchip Azurite chip family (jsc#PED-13331). - dt-bindings: dpll: Add DPLL device and pin (jsc#PED-13331). - devlink: avoid param type value translations (jsc#PED-13331). - devlink: define enum for attr types of dynamic attributes (jsc#PED-13331). - devlink: introduce devlink_nl_put_u64() (jsc#PED-13331). - commit 635a9c4 - ice, irdma: fix an off by one in error handling code (bsc#1247712). - irdma: free iwdev->rf after removing MSI-X (bsc#1247712). - ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712). - ice: init flow director before RDMA (bsc#1247712). - ice: simplify VF MSI-X managing (bsc#1247712). - ice: enable_rdma devlink param (bsc#1247712). - ice: treat dyn_allowed only as suggestion (bsc#1247712). - ice, irdma: move interrupts code to irdma (bsc#1247712). - ice: get rid of num_lan_msix field (bsc#1247712). - ice: remove splitting MSI-X between features (bsc#1247712). - ice: devlink PF MSI-X max and min parameter (bsc#1247712). - ice: count combined queues using Rx/Tx count (bsc#1247712). - ice, irdma: fix an off by one in error handling code (bsc#1247712). - irdma: free iwdev->rf after removing MSI-X (bsc#1247712). - ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712). - ice: init flow director before RDMA (bsc#1247712). - ice: simplify VF MSI-X managing (bsc#1247712). - ice: enable_rdma devlink param (bsc#1247712). - ice: treat dyn_allowed only as suggestion (bsc#1247712). - ice, irdma: move interrupts code to irdma (bsc#1247712). - ice: get rid of num_lan_msix field (bsc#1247712). - ice: remove splitting MSI-X between features (bsc#1247712). - ice: devlink PF MSI-X max and min parameter (bsc#1247712). - ice: count combined queues using Rx/Tx count (bsc#1247712). - commit 5c830c5 - iommu/vt-d: Fix missing PASID in dev TLB flush with cache_tag_flush_all (git-fixes). - commit 3a05b85 - iommu: Handle race with default domain setup (git-fixes). - commit 10fd40d - smb: client: fix netns refcount leak after net_passive changes (git-fixes). - commit afa7a11 - net: mana: Fix build errors when CONFIG_NET_SHAPER is disabled (gix-fixes). - commit 9d3b307 - RDMA/mana_ib: Add device statistics support (bsc#1246651). - net: mana: Handle Reset Request from MANA NIC (bsc#1245728). - net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). - net: mana: Handle unsupported HWC commands (bsc#1245726). - net: mana: Add speed support in mana_get_link_ksettings (bsc#1245726). - net: mana: Add support for net_shaper_ops (bsc#1245726). - net: mana: Fix potential deadlocks in mana napi ops (bsc#1245726). - net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). - net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). - net: mana: explain irq_setup() algorithm (bsc#1245457). - PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). - PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). - net: mana: Add handler for hardware servicing events (bsc#1245730). - net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). - commit 0742f38 - kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (CVE-2025-38453 bsc#1247234). Conflicts: series.conf - kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (CVE-2025-38453 bsc#1247234). - commit 909d7fe - Revert "smb: client: fix TCP timers deadlock after rmmod" (bsc#1241403, CVE-2025-22077). - commit cadbdcb - smb: client: fix potential deadlock when reconnecting channels (bsc#1246183, CVE-2025-38244). - commit 1b9b63f - NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes). - commit 92d61de - sunrpc: fix client side handling of tls alerts (git-fixes). - commit 504fa2d - NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). - commit cdc019d - NFSv4.2: another fix for listxattr (git-fixes). - commit 20728e2 - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). - commit a126339 - NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes). - commit 47a75c4 - pNFS/flexfiles: don't attempt pnfs on fatal DS errors (git-fixes). - commit f90ce8d - drm/amdgpu: Add basic validation for RAS header (bsc#1247252 CVE-2025-38426) - commit c5bedcf - netlink: avoid infinite retry looping in netlink_unicast() (CVE-2025-38465 bsc#1247118). - commit e134e60 - Move upstreamed SPI patch into sorted section - commit 71eadf5 - tools/power turbostat: Fix bogus SysWatt for forked program (git-fixes). - gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). - ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes). - ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes). - ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). - ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes). - commit f114c9a ++++ kernel-rt: - dpll: zl3073x: ZL3073X_I2C and ZL3073X_SPI should depend on NET (jsc#PED-13331). - commit 7ae9e04 - dpll: Make ZL3073X invisible (jsc#PED-13331). - Update config files. - commit 1c5ea3f - dpll: Add basic Microchip ZL3073x support (jsc#PED-13331). - Update config files. - supported.conf: Mark ZL3073X modules supported - commit 9ca5336 - dpll: zl3073x: Fix build failure (jsc#PED-13331). - netlink: specs: devlink: replace underscores with dashes in names (jsc#PED-13331). - netlink: fix policy dump for int with validation callback (jsc#PED-13331). - commit 8ed21c1 - dpll: zl3073x: Add support to get/set frequency on pins (jsc#PED-13331). - dpll: zl3073x: Implement input pin state setting in automatic mode (jsc#PED-13331). - dpll: zl3073x: Add support to get/set priority on input pins (jsc#PED-13331). - dpll: zl3073x: Implement input pin selection in manual mode (jsc#PED-13331). - dpll: zl3073x: Register DPLL devices and pins (jsc#PED-13331). - dpll: zl3073x: Read DPLL types and pin properties from system firmware (jsc#PED-13331). - dpll: zl3073x: Fetch invariants during probe (jsc#PED-13331). - devlink: Add support for u64 parameters (jsc#PED-13331). - dt-bindings: dpll: Add support for Microchip Azurite chip family (jsc#PED-13331). - dt-bindings: dpll: Add DPLL device and pin (jsc#PED-13331). - devlink: avoid param type value translations (jsc#PED-13331). - devlink: define enum for attr types of dynamic attributes (jsc#PED-13331). - devlink: introduce devlink_nl_put_u64() (jsc#PED-13331). - commit 635a9c4 - ice, irdma: fix an off by one in error handling code (bsc#1247712). - irdma: free iwdev->rf after removing MSI-X (bsc#1247712). - ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712). - ice: init flow director before RDMA (bsc#1247712). - ice: simplify VF MSI-X managing (bsc#1247712). - ice: enable_rdma devlink param (bsc#1247712). - ice: treat dyn_allowed only as suggestion (bsc#1247712). - ice, irdma: move interrupts code to irdma (bsc#1247712). - ice: get rid of num_lan_msix field (bsc#1247712). - ice: remove splitting MSI-X between features (bsc#1247712). - ice: devlink PF MSI-X max and min parameter (bsc#1247712). - ice: count combined queues using Rx/Tx count (bsc#1247712). - ice, irdma: fix an off by one in error handling code (bsc#1247712). - irdma: free iwdev->rf after removing MSI-X (bsc#1247712). - ice: Fix signedness bug in ice_init_interrupt_scheme() (bsc#1247712). - ice: init flow director before RDMA (bsc#1247712). - ice: simplify VF MSI-X managing (bsc#1247712). - ice: enable_rdma devlink param (bsc#1247712). - ice: treat dyn_allowed only as suggestion (bsc#1247712). - ice, irdma: move interrupts code to irdma (bsc#1247712). - ice: get rid of num_lan_msix field (bsc#1247712). - ice: remove splitting MSI-X between features (bsc#1247712). - ice: devlink PF MSI-X max and min parameter (bsc#1247712). - ice: count combined queues using Rx/Tx count (bsc#1247712). - commit 5c830c5 - iommu/vt-d: Fix missing PASID in dev TLB flush with cache_tag_flush_all (git-fixes). - commit 3a05b85 - iommu: Handle race with default domain setup (git-fixes). - commit 10fd40d - smb: client: fix netns refcount leak after net_passive changes (git-fixes). - commit afa7a11 - net: mana: Fix build errors when CONFIG_NET_SHAPER is disabled (gix-fixes). - commit 9d3b307 - RDMA/mana_ib: Add device statistics support (bsc#1246651). - net: mana: Handle Reset Request from MANA NIC (bsc#1245728). - net: mana: Set tx_packets to post gso processing packet count (bsc#1245731). - net: mana: Handle unsupported HWC commands (bsc#1245726). - net: mana: Add speed support in mana_get_link_ksettings (bsc#1245726). - net: mana: Add support for net_shaper_ops (bsc#1245726). - net: mana: Fix potential deadlocks in mana napi ops (bsc#1245726). - net: mana: Allocate MSI-X vectors dynamically (bsc#1245457). - net: mana: Allow irq_setup() to skip cpus for affinity (bsc#1245457). - net: mana: explain irq_setup() algorithm (bsc#1245457). - PCI: hv: Allow dynamic MSI-X vector allocation (bsc#1245457). - PCI/MSI: Export pci_msix_prepare_desc() for dynamic MSI-X allocations (bsc#1245457). - net: mana: Add handler for hardware servicing events (bsc#1245730). - net: mana: Expose additional hardware counters for drop and TC via ethtool (bsc#1245729). - commit 0742f38 - kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (CVE-2025-38453 bsc#1247234). Conflicts: series.conf - kABI: io_uring: msg_ring ensure io_kiocb freeing is deferred (CVE-2025-38453 bsc#1247234). - commit 909d7fe - Revert "smb: client: fix TCP timers deadlock after rmmod" (bsc#1241403, CVE-2025-22077). - commit cadbdcb - smb: client: fix potential deadlock when reconnecting channels (bsc#1246183, CVE-2025-38244). - commit 1b9b63f - NFS: Fix the setting of capabilities when automounting a new filesystem (git-fixes). - commit 92d61de - sunrpc: fix client side handling of tls alerts (git-fixes). - commit 504fa2d - NFS: Fixup allocation flags for nfsiod's __GFP_NORETRY (git-fixes). - commit cdc019d - NFSv4.2: another fix for listxattr (git-fixes). - commit 20728e2 - NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (git-fixes). - commit a126339 - NFS: Fix wakeup of __nfs_lookup_revalidate() in unblock_revalidate() (git-fixes). - commit 47a75c4 - pNFS/flexfiles: don't attempt pnfs on fatal DS errors (git-fixes). - commit f90ce8d - drm/amdgpu: Add basic validation for RAS header (bsc#1247252 CVE-2025-38426) - commit c5bedcf - netlink: avoid infinite retry looping in netlink_unicast() (CVE-2025-38465 bsc#1247118). - commit e134e60 - Move upstreamed SPI patch into sorted section - commit 71eadf5 - tools/power turbostat: Fix bogus SysWatt for forked program (git-fixes). - gpio: mlxbf2: use platform_get_irq_optional() (git-fixes). - ASoC: tas2781: Fix the wrong step for TLV on tas2781 (git-fixes). - ASoC: SOF: amd: acp-loader: Use GFP_KERNEL for DMA allocations in resume context (git-fixes). - ALSA: hda/ca0132: Fix missing error handling in ca0132_alt_select_out() (git-fixes). - ALSA: intel_hdmi: Fix off-by-one error in __hdmi_lpe_audio_probe() (git-fixes). - commit f114c9a ++++ sqlite3: - Update to version 3.50.4: * Fix two long-standings cases of the use of uninitialized variables in obscure circumstances. ++++ unbound: - simplify python handling. python2 support is dropped and python3 is built by default. Conditionals for the latter are removed. - enable EDNS subnet handling ++++ libzypp: - Make ld.so ignore the subarch packages during install (bsc#1246912) - version 17.37.17 (35) ++++ net-tools: - Provide more readable error for interface name size checking introduced by net-tools-CVE-2025-46836.patch (bsc#1243581, net-tools-CVE-2025-46836-error-reporting.patch). ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to 580.76.05 (boo#1247907) - get rid of rule of older KMPs not to load nvidia_drm module, which are still installed in parallel and therefore still active (boo#1247923) ------------------------------------------------------------------ ------------------ 2025-8-10 - Aug 10 2025 ------------------- ------------------------------------------------------------------ ++++ unbound: - Update to 1.23.1: (boo#1246625) Bug Fixes: * Fix RebirthDay Attack CVE-2025-5994, reported by Xiang Li from AOSP Lab Nankai University. - our package was not built with EDNS subnet support up to this point and therefor was not affected. - prepare enabling quic support: currently fails on missing quic support in openssl. aws-lc is sadly not a drop in replacement for unbound. - enable TCP Fast Open for the server and client - remove unused --with-ldns option - enable cachedb including hiredis support on Tumbleweed new BuildRequires pkgconfig(libhiredis) ++++ qemu: - Update to stable release 10.0.3: Full list of backports here: https://lore.kernel.org/qemu-devel/1748499690.323471.13081.nullmailer@localhost/ A selection of them is reported here too: hvf: arm: Emulate ICC_RPR_EL1 accesses properly target/arm: Correct encoding of Debug Communications Channel registers ui: fix setting client_endian field defaults hw/net/npcm_gmac.c: Send the right data for second packet in a row target/i386: do not expose ARCH_CAPABILITIES on AMD CPU i386/cpu: Honor maximum value for CPUID.8000001DH.EAX[25:14] i386/cpu: Fix overflow of cache topology fields in CPUID.04H i386/cpu: Fix cpu number overflow in CPUID.01H.EBX[23:16] ui/vnc: Do not copy z_stream vhost: Fix used memslot tracking when destroying a vhost device roms: re-remove execute bit from hppa-firmware* file-posix: Fix aio=threads performance regression after enablign FUA amd_iommu: Fix truncation of oldval in amdvi_writeq amd_iommu: Remove duplicated definitions amd_iommu: Fix the calculation for Device Table size amd_iommu: Fix mask to retrieve Interrupt Table Root Pointer from DTE amd_iommu: Fix masks for various IOMMU MMIO Registers amd_iommu: Update bitmasks representing DTE reserved fields amd_iommu: Fix Device ID decoding for INVALIDATE_IOTLB_PAGES command amd_iommu: Fix Miscellaneous Information Register 0 encoding virtio-net: Add queues for RSS during migration net: fix buffer overflow in af_xdp_umem_create() accel/kvm: Adjust the note about the minimum required kernel version ... ------------------------------------------------------------------ ------------------ 2025-8-9 - Aug 9 2025 ------------------- ------------------------------------------------------------------ ++++ nvidia-open-driver-G06-signed: - make sure these Requires right below are not added on Tumbleweed ------------------------------------------------------------------ ------------------ 2025-8-8 - Aug 8 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Do not clobber initialize method There was a method named initialize defined and implemented differently in the dracut modules kiwi-lib and kiwi-repart. kiwi-lib is expected to be shared code across all kiwi dracut modules. However if one module redefines a method of the same name which is used in another module and expected to work differently there, this is evil. This commit cleans up the name conflict and names the kiwi library init function as lib_initialize. All dracut code that is expected to make use of this method has been adopted too. ++++ glib2: - Update to version 2.84.4 (bsc#1249055): + Bugs fixed: - (CVE-2025-7039) (#YWH-PGM9867-104) Buffer Under-read on GLib through glib/gfileutils.c via get_tmp_file() - GFile leak in g_local_file_set_display_name during error handling - Incorrect output parameter handling in closure helper of g_settings_bind_with_mapping_closures - gfileutils: fix computation of temporary file name - Fix GFile leak in g_local_file_set_display_name() - gthreadpool: Catch pool_spawner creation failure - gio/filenamecompleter: Fix leaks - gfilenamecompleter: Fix g_object_unref() of undefined value ++++ kernel-default: - io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU (CVE-2025-38453 bsc#1247234). - commit 171360a - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911 CVE-2025-38352). - commit 0681499 - Delete patches.suse/kasan-avoid-sleepable-page-allocation-from-atomic-co.patch This doesn't build properly with the current SL-16.0 kernel code - commit beec866 - tls: always refresh the queue when reading sock (CVE-2025-38471 bsc#1247450). - mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write (CVE-2025-38258 bsc#1246185). - perf/x86/intel: Fix crash in icl_update_topdown_event() (CVE-2025-38322 bsc#1246447). - ext4: only dirty folios when data journaling regular files (CVE-2025-38220 bsc#1245966). - commit 2bcb640 - smc: Fix various oops due to inet_sock type confusion (CVE-2025-38475 bsc#1247308). - kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (CVE-2025-38470 bsc#1247288). - net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime (CVE-2025-38470 bsc#1247288). - smc: Fix various oops due to inet_sock type confusion (CVE-2025-38475 bsc#1247308). - net/mlx5e: Fix race between DIM disable and net_dim() (CVE-2025-38440 bsc#1247290). - net/sched: Abort __tc_modify_qdisc if parent class does not exist (CVE-2025-38457 bsc#1247098). - atm: clip: Fix potential null-ptr-deref in to_atmarpd() (CVE-2025-38460 bsc#1247143). - idpf: convert control queue mutex to a spinlock (CVE-2025-38392 bsc#1247169). - commit 05e8074 - net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes). - commit 38b5d6f - net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes). - commit da0301d - net/packet: fix a race in packet_set_ring() and packet_notifier() (CVE-2025-38617 bsc#1248621) Cherry-picked from SL-16.0. CVSS is 7.0 so it should be on SL-16.0-GA too. - commit 6ca1c18 - net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). - commit d42d899 - ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). - commit 1820a44 - netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). - commit 1d345b1 - tracing: Fix using ret variable in tracing_set_tracer() (git-fixes). - commit e9dbf86 - fgraph: Fix set_graph_notrace with setting TRACE_GRAPH_NOTRACE_BIT (git-fixes). - commit c43ec6f - ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). - commit 720a150 - tracing: Switch trace_events_hist.c code over to use guard() (git-fixes). - commit 7cfc3ab - tracing: Switch trace.c code over to use guard() (git-fixes). - commit d022aa4 - drm/amd/display: Don't overwrite dce60_clk_mgr (git-fixes). - Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). - commit 5df2fd2 ++++ kernel-rt: - io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU (CVE-2025-38453 bsc#1247234). - commit 171360a - posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (bsc#1246911 CVE-2025-38352). - commit 0681499 - Delete patches.suse/kasan-avoid-sleepable-page-allocation-from-atomic-co.patch This doesn't build properly with the current SL-16.0 kernel code - commit beec866 - tls: always refresh the queue when reading sock (CVE-2025-38471 bsc#1247450). - mm/damon/sysfs-schemes: free old damon_sysfs_scheme_filter->memcg_path on write (CVE-2025-38258 bsc#1246185). - perf/x86/intel: Fix crash in icl_update_topdown_event() (CVE-2025-38322 bsc#1246447). - ext4: only dirty folios when data journaling regular files (CVE-2025-38220 bsc#1245966). - commit 2bcb640 - smc: Fix various oops due to inet_sock type confusion (CVE-2025-38475 bsc#1247308). - kABI fix for net: vlan: fix VLAN 0 refcount imbalance of toggling (CVE-2025-38470 bsc#1247288). - net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime (CVE-2025-38470 bsc#1247288). - smc: Fix various oops due to inet_sock type confusion (CVE-2025-38475 bsc#1247308). - net/mlx5e: Fix race between DIM disable and net_dim() (CVE-2025-38440 bsc#1247290). - net/sched: Abort __tc_modify_qdisc if parent class does not exist (CVE-2025-38457 bsc#1247098). - atm: clip: Fix potential null-ptr-deref in to_atmarpd() (CVE-2025-38460 bsc#1247143). - idpf: convert control queue mutex to a spinlock (CVE-2025-38392 bsc#1247169). - commit 05e8074 - net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing (git-fixes). - commit 38b5d6f - net/packet: fix a race in packet_set_ring() and packet_notifier() (git-fixes). - commit da0301d - net/packet: fix a race in packet_set_ring() and packet_notifier() (CVE-2025-38617 bsc#1248621) Cherry-picked from SL-16.0. CVSS is 7.0 so it should be on SL-16.0-GA too. - commit 6ca1c18 - net/sched: taprio: enforce minimum value for picos_per_byte (git-fixes). - commit d42d899 - ipv6: reject malicious packets in ipv6_gso_segment() (git-fixes). - commit 1820a44 - netpoll: prevent hanging NAPI when netcons gets enabled (git-fixes). - commit 1d345b1 - tracing: Fix using ret variable in tracing_set_tracer() (git-fixes). - commit e9dbf86 - fgraph: Fix set_graph_notrace with setting TRACE_GRAPH_NOTRACE_BIT (git-fixes). - commit c43ec6f - ring-buffer: Do not allow events in NMI with generic atomic64 cmpxchg() (git-fixes). - commit 720a150 - tracing: Switch trace_events_hist.c code over to use guard() (git-fixes). - commit 7cfc3ab - tracing: Switch trace.c code over to use guard() (git-fixes). - commit d022aa4 - drm/amd/display: Don't overwrite dce60_clk_mgr (git-fixes). - Revert "vgacon: Add check for vc_origin address range in vgacon_scroll()" (stable-fixes). - commit 5df2fd2 ++++ man: - Update to man-db 2.13.1 (2 May 2025) * Update various manual page translation * Fix various minor formatting issues in manual pages. * Tolerate additional spaces in preprocessor strings. * Fix check for generated source files in out-of-tree builds. * Fix building with the `musl` C library. * Recognize another Ukrainian translation of the `NAME` section. * Increase the maximum size of the `NAME` section from 8192 to 16384 bytes. - Port patches * man-db-2.6.3-listall.dif * man-db-2.9.4.patch ------------------------------------------------------------------ ------------------ 2025-8-7 - Aug 7 2025 ------------------- ------------------------------------------------------------------ ++++ grub2: - Fix timeout when loading initrd via http after PPC CAS reboot (bsc#1245953) * 0001-tcp-Fix-TCP-port-number-reused-on-reboot.patch ++++ kernel-default: - scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (CVE-2025-38399 bsc#1247097). - commit b40a9d6 - exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). - commit a622d1a - do_change_type(): refuse to operate on unmounted/not ours mounts (CVE-2025-38498 bsc#1247374) - commit cb82edb - Enable CONFIG_CMA_SYSFS This is a generally useful feature for anyone using CMA or investigating CMA issues, with a small and simple code base and no runtime overhead. - commit 523b720 - Update config files. Set CONFIG_CMA_AREAS values to their new upstream default. - commit bb7f630 - ring-buffer: Make reading page consistent with the code logic (git-fixes). - commit 22871cd - ring-buffer: Fix buffer locking in ring_buffer_subbuf_order_set() (CVE-2025-38101 bsc#1245659). - commit 59c07ff - tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes). - commit c9b00b2 - ftrace: Fix function profiler's filtering functionality (git-fixes). - commit 594ca40 - tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). - commit a204d8e - trace/ring-buffer: Do not use TP_printk() formatting for boot mapped buffers (git-fixes). - commit 4041535 - module: Restore the moduleparam prefix length check (git-fixes). - module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes). - commit a84e148 - audit,module: restore audit logging in load failure case (git-fixes). - kABI: Fix the module::name type in audit_context (git-fixes). - commit 4504207 - module: Fix memory deallocation on error path in move_module() (git-fixes). - commit 00ca9af - mm/vmalloc: fix data race in show_numa_info() (CVE-2025-38383 bsc#1247250). - commit c043092 - RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) - commit 4638273 ++++ kernel-rt: - scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port() (CVE-2025-38399 bsc#1247097). - commit b40a9d6 - exfat: fdatasync flag should be same like generic_write_sync() (git-fixes). - commit a622d1a - do_change_type(): refuse to operate on unmounted/not ours mounts (CVE-2025-38498 bsc#1247374) - commit cb82edb - Enable CONFIG_CMA_SYSFS This is a generally useful feature for anyone using CMA or investigating CMA issues, with a small and simple code base and no runtime overhead. - commit 523b720 - Update config files. Set CONFIG_CMA_AREAS values to their new upstream default. - commit bb7f630 - ring-buffer: Make reading page consistent with the code logic (git-fixes). - commit 22871cd - ring-buffer: Fix buffer locking in ring_buffer_subbuf_order_set() (CVE-2025-38101 bsc#1245659). - commit 59c07ff - tracing/kprobes: Fix to free objects when failed to copy a symbol (git-fixes). - commit c9b00b2 - ftrace: Fix function profiler's filtering functionality (git-fixes). - commit 594ca40 - tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (git-fixes). - commit a204d8e - trace/ring-buffer: Do not use TP_printk() formatting for boot mapped buffers (git-fixes). - commit 4041535 - module: Restore the moduleparam prefix length check (git-fixes). - module: Remove unnecessary +1 from last_unloaded_module::name size (git-fixes). - commit a84e148 - audit,module: restore audit logging in load failure case (git-fixes). - kABI: Fix the module::name type in audit_context (git-fixes). - commit 4504207 - module: Fix memory deallocation on error path in move_module() (git-fixes). - commit 00ca9af - mm/vmalloc: fix data race in show_numa_info() (CVE-2025-38383 bsc#1247250). - commit c043092 - RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages (git-fixes) - commit 4638273 ++++ python313-core: - Update to 3.13.6: - Security - gh-135661: Fix parsing start and end tags in html.parser.HTMLParser according to the HTML5 standard. - Whitespaces no longer accepted between does not end the script section. - Vertical tabulation (\v) and non-ASCII whitespaces no longer recognized as whitespaces. The only whitespaces are \t\n\r\f and space. - Null character (U+0000) no longer ends the tag name. - Attributes and slashes after the tag name in end tags are now ignored, instead of terminating after the first > in quoted attribute value. E.g. . - Multiple slashes and whitespaces between the last attribute and closing > are now ignored in both start and end tags. E.g. . - Multiple = between attribute name and value are no longer collapsed. E.g. produces attribute “foo” with value “=bar”. - gh-102555: Fix comment parsing in html.parser.HTMLParser according to the HTML5 standard. --!> now ends the comment. - - > no longer ends the comment. Support abnormally ended empty comments <--> and <--->. - gh-135462: Fix quadratic complexity in processing specially crafted input in html.parser.HTMLParser. End-of-file errors are now handled according to the HTML5 specs – comments and declarations are automatically closed, tags are ignored (CVE-2025-6069, bsc#1244705). - gh-118350: Fix support of escapable raw text mode (elements “textarea” and “title”) in html.parser.HTMLParser. - Core and Builtins - gh-58124: Fix name of the Python encoding in Unicode errors of the code page codec: use “cp65000” and “cp65001” instead of “CP_UTF7” and “CP_UTF8” which are not valid Python code names. Patch by Victor Stinner. - gh-137314: Fixed a regression where raw f-strings incorrectly interpreted escape sequences in format specifications. Raw f-strings now properly preserve literal backslashes in format specs, matching the behavior from Python 3.11. For example, rf"{obj:\xFF}" now correctly produces '\\xFF' instead of 'ÿ'. Patch by Pablo Galindo. - gh-136541: Fix some issues with the perf trampolines on x86-64 and aarch64. The trampolines were not being generated correctly for some cases, which could lead to the perf integration not working correctly. Patch by Pablo Galindo. - gh-109700: Fix memory error handling in PyDict_SetDefault(). - gh-78465: Fix error message for cls.__new__(cls, ...) where cls is not instantiable builtin or extension type (with tp_new set to NULL). - gh-135871: Non-blocking mutex lock attempts now return immediately when the lock is busy instead of briefly spinning in the free threading build. - gh-135607: Fix potential weakref races in an object’s destructor on the free threaded build. - gh-135496: Fix typo in the f-string conversion type error (“exclamanation” -> “exclamation”). - gh-130077: Properly raise custom syntax errors when incorrect syntax containing names that are prefixes of soft keywords is encountered. Patch by Pablo Galindo. - gh-135148: Fixed a bug where f-string debug expressions (using =) would incorrectly strip out parts of strings containing escaped quotes and # characters. Patch by Pablo Galindo. - gh-133136: Limit excess memory usage in the free threading build when a large dictionary or list is resized and accessed by multiple threads. - gh-132617: Fix dict.update() modification check that could incorrectly raise a “dict mutated during update” error when a different dictionary was modified that happens to share the same underlying keys object. - gh-91153: Fix a crash when a bytearray is concurrently mutated during item assignment. - gh-127971: Fix off-by-one read beyond the end of a string in string search. - gh-125723: Fix crash with gi_frame.f_locals when generator frames outlive their generator. Patch by Mikhail Efimov. - Library - gh-132710: If possible, ensure that uuid.getnode() returns the same result even across different processes. Previously, the result was constant only within the same process. Patch by Bénédikt Tran. - gh-137273: Fix debug assertion failure in locale.setlocale() on Windows. - gh-137257: Bump the version of pip bundled in ensurepip to version 25.2 - gh-81325: tarfile.TarFile now accepts a path-like when working on a tar archive. (Contributed by Alexander Enrique Urieles Nieto in gh-81325.) - gh-130522: Fix unraisable TypeError raised during interpreter shutdown in the threading module. - gh-130577: tarfile now validates archives to ensure member offsets are non-negative. (Contributed by Alexander Enrique Urieles Nieto in gh-130577; CVE-2025-8194, bsc#1247249). - gh-136549: Fix signature of threading.excepthook(). - gh-136523: Fix wave.Wave_write emitting an unraisable when open raises. - gh-52876: Add missing keepends (default True) parameter to codecs.StreamReaderWriter.readline() and codecs.StreamReaderWriter.readlines(). - gh-85702: If zoneinfo._common.load_tzdata is given a package without a resource a zoneinfo.ZoneInfoNotFoundError is raised rather than a PermissionError. Patch by Victor Stinner. - gh-134759: Fix UnboundLocalError in email.message.Message.get_payload() when the payload to decode is a bytes object. Patch by Kliment Lamonov. - gh-136028: Fix parsing month names containing “İ” (U+0130, LATIN CAPITAL LETTER I WITH DOT ABOVE) in time.strptime(). This affects locales az_AZ, ber_DZ, ber_MA and crh_UA. - gh-135995: In the palmos encoding, make byte 0x9b decode to › (U+203A - SINGLE RIGHT-POINTING ANGLE QUOTATION MARK). - gh-53203: Fix time.strptime() for %c and %x formats on locales byn_ER, wal_ET and lzh_TW, and for %X format on locales ar_SA, bg_BG and lzh_TW. - gh-91555: An earlier change, which was introduced in 3.13.4, has been reverted. It disabled logging for a logger during handling of log messages for that logger. Since the reversion, the behaviour should be as it was before 3.13.4. - gh-135878: Fixes a crash of types.SimpleNamespace on free threading builds, when several threads were calling its __repr__() method at the same time. - gh-135836: Fix IndexError in asyncio.loop.create_connection() that could occur when non-OSError exception is raised during connection and socket’s close() raises OSError. - gh-135836: Fix IndexError in asyncio.loop.create_connection() that could occur when the Happy Eyeballs algorithm resulted in an empty exceptions list during connection attempts. - gh-135855: Raise TypeError instead of SystemError when _interpreters.set___main___attrs() is passed a non-dict object. Patch by Brian Schubert. - gh-135815: netrc: skip security checks if os.getuid() is missing. Patch by Bénédikt Tran. - gh-135640: Address bug where it was possible to call xml.etree.ElementTree.ElementTree.write() on an ElementTree object with an invalid root element. This behavior blanked the file passed to write if it already existed. - gh-135444: Fix asyncio.DatagramTransport.sendto() to account for datagram header size when data cannot be sent. - gh-135497: Fix os.getlogin() failing for longer usernames on BSD-based platforms. - gh-135487: Fix reprlib.Repr.repr_int() when given integers with more than sys.get_int_max_str_digits() digits. Patch by Bénédikt Tran. - gh-135335: multiprocessing: Flush stdout and stderr after preloading modules in the forkserver. - gh-135244: uuid: when the MAC address cannot be determined, the 48-bit node ID is now generated with a cryptographically-secure pseudo-random number generator (CSPRNG) as per RFC 9562, §6.10.3. This affects uuid1(). - gh-135069: Fix the “Invalid error handling” exception in encodings.idna.IncrementalDecoder to correctly replace the ‘errors’ parameter. - gh-134698: Fix a crash when calling methods of ssl.SSLContext or ssl.SSLSocket across multiple threads. - gh-132124: On POSIX-compliant systems, multiprocessing.util.get_temp_dir() now ignores TMPDIR (and similar environment variables) if the path length of AF_UNIX socket files exceeds the platform-specific maximum length when using the forkserver start method. Patch by Bénédikt Tran. - gh-133439: Fix dot commands with trailing spaces are mistaken for multi-line SQL statements in the sqlite3 command-line interface. - gh-132969: Prevent the ProcessPoolExecutor executor thread, which remains running when shutdown(wait=False), from attempting to adjust the pool’s worker processes after the object state has already been reset during shutdown. A combination of conditions, including a worker process having terminated abormally, resulted in an exception and a potential hang when the still-running executor thread attempted to replace dead workers within the pool. - gh-130664: Support the '_' digit separator in formatting of the integral part of Decimal’s. Patch by Sergey B Kirpichev. - gh-85702: If zoneinfo._common.load_tzdata is given a package without a resource a ZoneInfoNotFoundError is raised rather than a IsADirectoryError. - gh-130664: Handle corner-case for Fraction’s formatting: treat zero-padding (preceding the width field by a zero ('0') character) as an equivalent to a fill character of '0' with an alignment type of '=', just as in case of float’s. - Tools/Demos - gh-135968: Stubs for strip are now provided as part of an iOS install. - Tests - gh-135966: The iOS testbed now handles the app_packages folder as a site directory. - gh-135494: Fix regrtest to support excluding tests from - -pgo tests. Patch by Victor Stinner. - gh-135489: Show verbose output for failing tests during PGO profiling step with –enable-optimizations. - Documentation - gh-135171: Document that the iterator for the leftmost for clause in the generator expression is created immediately. - Build - gh-135497: Fix the detection of MAXLOGNAME in the configure.ac script. - Remove upstreamed patches: - CVE-2025-8194-tarfile-no-neg-offsets.patch - CVE-2025-6069-quad-complex-HTMLParser.patch ++++ libzypp: - Fix evaluation of libproxy results (bsc#1247690) - Replace URL variables inside mirrorlist/metalink files (fixes #667) - version 17.37.16 (35) ++++ python313: - Update to 3.13.6: - Security - gh-135661: Fix parsing start and end tags in html.parser.HTMLParser according to the HTML5 standard. - Whitespaces no longer accepted between does not end the script section. - Vertical tabulation (\v) and non-ASCII whitespaces no longer recognized as whitespaces. The only whitespaces are \t\n\r\f and space. - Null character (U+0000) no longer ends the tag name. - Attributes and slashes after the tag name in end tags are now ignored, instead of terminating after the first > in quoted attribute value. E.g. . - Multiple slashes and whitespaces between the last attribute and closing > are now ignored in both start and end tags. E.g. . - Multiple = between attribute name and value are no longer collapsed. E.g. produces attribute “foo” with value “=bar”. - gh-102555: Fix comment parsing in html.parser.HTMLParser according to the HTML5 standard. --!> now ends the comment. - - > no longer ends the comment. Support abnormally ended empty comments <--> and <--->. - gh-135462: Fix quadratic complexity in processing specially crafted input in html.parser.HTMLParser. End-of-file errors are now handled according to the HTML5 specs – comments and declarations are automatically closed, tags are ignored (CVE-2025-6069, bsc#1244705). - gh-118350: Fix support of escapable raw text mode (elements “textarea” and “title”) in html.parser.HTMLParser. - Core and Builtins - gh-58124: Fix name of the Python encoding in Unicode errors of the code page codec: use “cp65000” and “cp65001” instead of “CP_UTF7” and “CP_UTF8” which are not valid Python code names. Patch by Victor Stinner. - gh-137314: Fixed a regression where raw f-strings incorrectly interpreted escape sequences in format specifications. Raw f-strings now properly preserve literal backslashes in format specs, matching the behavior from Python 3.11. For example, rf"{obj:\xFF}" now correctly produces '\\xFF' instead of 'ÿ'. Patch by Pablo Galindo. - gh-136541: Fix some issues with the perf trampolines on x86-64 and aarch64. The trampolines were not being generated correctly for some cases, which could lead to the perf integration not working correctly. Patch by Pablo Galindo. - gh-109700: Fix memory error handling in PyDict_SetDefault(). - gh-78465: Fix error message for cls.__new__(cls, ...) where cls is not instantiable builtin or extension type (with tp_new set to NULL). - gh-135871: Non-blocking mutex lock attempts now return immediately when the lock is busy instead of briefly spinning in the free threading build. - gh-135607: Fix potential weakref races in an object’s destructor on the free threaded build. - gh-135496: Fix typo in the f-string conversion type error (“exclamanation” -> “exclamation”). - gh-130077: Properly raise custom syntax errors when incorrect syntax containing names that are prefixes of soft keywords is encountered. Patch by Pablo Galindo. - gh-135148: Fixed a bug where f-string debug expressions (using =) would incorrectly strip out parts of strings containing escaped quotes and # characters. Patch by Pablo Galindo. - gh-133136: Limit excess memory usage in the free threading build when a large dictionary or list is resized and accessed by multiple threads. - gh-132617: Fix dict.update() modification check that could incorrectly raise a “dict mutated during update” error when a different dictionary was modified that happens to share the same underlying keys object. - gh-91153: Fix a crash when a bytearray is concurrently mutated during item assignment. - gh-127971: Fix off-by-one read beyond the end of a string in string search. - gh-125723: Fix crash with gi_frame.f_locals when generator frames outlive their generator. Patch by Mikhail Efimov. - Library - gh-132710: If possible, ensure that uuid.getnode() returns the same result even across different processes. Previously, the result was constant only within the same process. Patch by Bénédikt Tran. - gh-137273: Fix debug assertion failure in locale.setlocale() on Windows. - gh-137257: Bump the version of pip bundled in ensurepip to version 25.2 - gh-81325: tarfile.TarFile now accepts a path-like when working on a tar archive. (Contributed by Alexander Enrique Urieles Nieto in gh-81325.) - gh-130522: Fix unraisable TypeError raised during interpreter shutdown in the threading module. - gh-130577: tarfile now validates archives to ensure member offsets are non-negative. (Contributed by Alexander Enrique Urieles Nieto in gh-130577; CVE-2025-8194, bsc#1247249). - gh-136549: Fix signature of threading.excepthook(). - gh-136523: Fix wave.Wave_write emitting an unraisable when open raises. - gh-52876: Add missing keepends (default True) parameter to codecs.StreamReaderWriter.readline() and codecs.StreamReaderWriter.readlines(). - gh-85702: If zoneinfo._common.load_tzdata is given a package without a resource a zoneinfo.ZoneInfoNotFoundError is raised rather than a PermissionError. Patch by Victor Stinner. - gh-134759: Fix UnboundLocalError in email.message.Message.get_payload() when the payload to decode is a bytes object. Patch by Kliment Lamonov. - gh-136028: Fix parsing month names containing “İ” (U+0130, LATIN CAPITAL LETTER I WITH DOT ABOVE) in time.strptime(). This affects locales az_AZ, ber_DZ, ber_MA and crh_UA. - gh-135995: In the palmos encoding, make byte 0x9b decode to › (U+203A - SINGLE RIGHT-POINTING ANGLE QUOTATION MARK). - gh-53203: Fix time.strptime() for %c and %x formats on locales byn_ER, wal_ET and lzh_TW, and for %X format on locales ar_SA, bg_BG and lzh_TW. - gh-91555: An earlier change, which was introduced in 3.13.4, has been reverted. It disabled logging for a logger during handling of log messages for that logger. Since the reversion, the behaviour should be as it was before 3.13.4. - gh-135878: Fixes a crash of types.SimpleNamespace on free threading builds, when several threads were calling its __repr__() method at the same time. - gh-135836: Fix IndexError in asyncio.loop.create_connection() that could occur when non-OSError exception is raised during connection and socket’s close() raises OSError. - gh-135836: Fix IndexError in asyncio.loop.create_connection() that could occur when the Happy Eyeballs algorithm resulted in an empty exceptions list during connection attempts. - gh-135855: Raise TypeError instead of SystemError when _interpreters.set___main___attrs() is passed a non-dict object. Patch by Brian Schubert. - gh-135815: netrc: skip security checks if os.getuid() is missing. Patch by Bénédikt Tran. - gh-135640: Address bug where it was possible to call xml.etree.ElementTree.ElementTree.write() on an ElementTree object with an invalid root element. This behavior blanked the file passed to write if it already existed. - gh-135444: Fix asyncio.DatagramTransport.sendto() to account for datagram header size when data cannot be sent. - gh-135497: Fix os.getlogin() failing for longer usernames on BSD-based platforms. - gh-135487: Fix reprlib.Repr.repr_int() when given integers with more than sys.get_int_max_str_digits() digits. Patch by Bénédikt Tran. - gh-135335: multiprocessing: Flush stdout and stderr after preloading modules in the forkserver. - gh-135244: uuid: when the MAC address cannot be determined, the 48-bit node ID is now generated with a cryptographically-secure pseudo-random number generator (CSPRNG) as per RFC 9562, §6.10.3. This affects uuid1(). - gh-135069: Fix the “Invalid error handling” exception in encodings.idna.IncrementalDecoder to correctly replace the ‘errors’ parameter. - gh-134698: Fix a crash when calling methods of ssl.SSLContext or ssl.SSLSocket across multiple threads. - gh-132124: On POSIX-compliant systems, multiprocessing.util.get_temp_dir() now ignores TMPDIR (and similar environment variables) if the path length of AF_UNIX socket files exceeds the platform-specific maximum length when using the forkserver start method. Patch by Bénédikt Tran. - gh-133439: Fix dot commands with trailing spaces are mistaken for multi-line SQL statements in the sqlite3 command-line interface. - gh-132969: Prevent the ProcessPoolExecutor executor thread, which remains running when shutdown(wait=False), from attempting to adjust the pool’s worker processes after the object state has already been reset during shutdown. A combination of conditions, including a worker process having terminated abormally, resulted in an exception and a potential hang when the still-running executor thread attempted to replace dead workers within the pool. - gh-130664: Support the '_' digit separator in formatting of the integral part of Decimal’s. Patch by Sergey B Kirpichev. - gh-85702: If zoneinfo._common.load_tzdata is given a package without a resource a ZoneInfoNotFoundError is raised rather than a IsADirectoryError. - gh-130664: Handle corner-case for Fraction’s formatting: treat zero-padding (preceding the width field by a zero ('0') character) as an equivalent to a fill character of '0' with an alignment type of '=', just as in case of float’s. - Tools/Demos - gh-135968: Stubs for strip are now provided as part of an iOS install. - Tests - gh-135966: The iOS testbed now handles the app_packages folder as a site directory. - gh-135494: Fix regrtest to support excluding tests from - -pgo tests. Patch by Victor Stinner. - gh-135489: Show verbose output for failing tests during PGO profiling step with –enable-optimizations. - Documentation - gh-135171: Document that the iterator for the leftmost for clause in the generator expression is created immediately. - Build - gh-135497: Fix the detection of MAXLOGNAME in the configure.ac script. - Remove upstreamed patches: - CVE-2025-8194-tarfile-no-neg-offsets.patch - CVE-2025-6069-quad-complex-HTMLParser.patch ++++ rust-keylime: - Update vendored crates (bsc#1247193, CVE-2025-58266) * shlex 1.3.0 - Rebase keylime-agent.conf.diff for current configuration - Drop Cargo_lock.patch patch, already present in Cargo.lock - Update to version 0.2.7+141: * service: Use WantedBy=multi-user.target * rpm: Add subpackage for push-attestation agent * push-model: implement continuous attestation with configurable intervals * Retry registration forever in the state machine * Add Verifier URL to configuration * Align exp.backoff to current configuration format * Increase coverage of state machine (using Context) * Increase coverage of struct_filler.rs * Groom code (remove dead code) * Fix exponential backoff (10secs, 4xx accepted) * test: Add documentation test to tests/run.sh * tpm: Avoid running code example during documentation tests * state_machine: Always start the agent from the Unregistered state * Add fixes for the URL construction * Refactor evidences collection in push attestation agent * push-model: refactor attestation logic into a state machine * Fix body sending by allowing serializing strings (#1057) * Log ResilientClient errors/response status codes (#1055) * Add AK signing scheme and hash algorithm to negotiation * tpm: Add method to extract signing scheme and hash algorithm from AK * Allow custom content-type/accept headers * Integrate exponential backoff to registration (#1052) * keylime/structures: Rename ShaValues to PcrBanks * Add resilient_client for exponential backoff (#1048) ------------------------------------------------------------------ ------------------ 2025-8-6 - Aug 6 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - io_uring/rsrc: fix folio unpinning (bsc#1246188 CVE-2025-38256). - commit 95e6074 - io_uring: fix potential page leak in io_sqe_buffer_register() (git-fixes). - commit 3fb0381 - btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). - commit a2d6441 - netlink: make sure we allow at least one dump skb (CVE-2025-38465 bsc#1247118). - netlink: Fix rmem check in netlink_broadcast_deliver() (CVE-2025-38465 bsc#1247118). - netlink: Fix wraparounds of sk->sk_rmem_alloc (CVE-2025-38465 bsc#1247118). - commit 51a6af8 - netfilter: nft_flow_offload: update tcp state flags under lock (git-fixes). - commit 88664ea - netfilter: nf_tables: imbalance in flowtable binding (git-fixes). - commit 94ec604 - netfilter: nft_set_hash: skip duplicated elements pending gc run (git-fixes). - commit 12841f0 - nvme-tcp: fix selinux denied when calling sock_sendmsg (bsc#1247497). - commit 6082643 - eth: fbnic: avoid double free when failing to DMA-map FW msg (CVE-2025-38341 bsc#1246260). - commit 5553a2c - selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes). - commit 9c60da1 - integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343). - powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343). - powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343). - commit 3e4fe7b ++++ kernel-rt: - io_uring/rsrc: fix folio unpinning (bsc#1246188 CVE-2025-38256). - commit 95e6074 - io_uring: fix potential page leak in io_sqe_buffer_register() (git-fixes). - commit 3fb0381 - btrfs: fix log tree replay failure due to file with 0 links and extents (git-fixes). - commit a2d6441 - netlink: make sure we allow at least one dump skb (CVE-2025-38465 bsc#1247118). - netlink: Fix rmem check in netlink_broadcast_deliver() (CVE-2025-38465 bsc#1247118). - netlink: Fix wraparounds of sk->sk_rmem_alloc (CVE-2025-38465 bsc#1247118). - commit 51a6af8 - netfilter: nft_flow_offload: update tcp state flags under lock (git-fixes). - commit 88664ea - netfilter: nf_tables: imbalance in flowtable binding (git-fixes). - commit 94ec604 - netfilter: nft_set_hash: skip duplicated elements pending gc run (git-fixes). - commit 12841f0 - nvme-tcp: fix selinux denied when calling sock_sendmsg (bsc#1247497). - commit 6082643 - eth: fbnic: avoid double free when failing to DMA-map FW msg (CVE-2025-38341 bsc#1246260). - commit 5553a2c - selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes). - commit 9c60da1 - integrity/platform_certs: Allow loading of keys in the static key management mode (jsc#PED-13345 jsc#PED-13343). - powerpc/secvar: Expose secvars relevant to the key management mode (jsc#PED-13345 jsc#PED-13343). - powerpc/pseries: Correct secvar format representation for static key management (jsc#PED-13345 jsc#PED-13343). - commit 3e4fe7b ++++ libvirt: - Set virt_hooks_unconfined boolean to true in libvirt-daemon-hooks %post script (see comment 13 in bsc#1242998) ++++ toolbox: - Update to version 2.4+git20250806.ba48bd3: * Add SCC credentials if available [bsc#1247491] ------------------------------------------------------------------ ------------------ 2025-8-5 - Aug 5 2025 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20250805.3069494: * Remove initviocons for tcsh as well and * Update csh.login * Add missing quoting and remove unneeded uses of eval ++++ python-kiwi: - Skip kiwi-repart module in install ISOs In case the kiwi-repart module is explicitly requested in a dracut.conf file and the image is also configured to build an install ISO image this leads the install ISO to contain the kiwi-repart module as well which is unwanted. This commit explicitly omits the kiwi-repart when creating the initrd for the install image - Skip repart when booting install/live iso ++++ kernel-default: - kABI: restore layout of struct msi_desc (CVE-2025-38062 bsc#1245216). - genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie (CVE-2025-38062 bsc#1245216). - commit 831ff50 - md/md-cluster: handle REMOVE message earlier (bsc#1247057). - commit 8e8eaf1 - sched/eevdf: Fix se->slice being set to U64_MAX and resulting (CVE-2025-37821 bsc#1242864) - commit ba057af - sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324 CVE-2024-58090) - commit cc45d5b - sched_ext: Fix invalid irq restore in scx_ops_bypass() (CVE-2024-57891 bsc#1235953) - commit f68543a - selftests/bpf: Fix unintentional switch case fall through (git-fixes). - selftests/bpf: fix signedness bug in redir_partial() (git-fixes). - selftests/bpf: Test invalid narrower ctx load (git-fixes). - bpf: Reject narrower access to pointer ctx fields (git-fixes). - bpf, sockmap: Fix psock incorrectly pointing to sk (git-fixes). - selftests/bpf: Add negative test cases for snprintf (git-fixes). - commit 0d272a0 - bpf: Reject %p% format string in bprintf-like helpers (git-fixes). - bpf: Adjust free target to avoid global starvation of LRU map (git-fixes). - tools/resolve_btfids: Fix build when cross compiling kernel with clang (git-fixes). - commit a8770bb - bpf: Fix uninitialized values in BPF_{CORE,PROBE}_READ (git-fixes). - bpf: Allow XDP dev-bound programs to perform XDP_REDIRECT into maps (git-fixes). - libbpf: Add identical pointer detection to btf_dedup_is_equiv() (git-fixes). - bpf: Use proper type to calculate bpf_raw_tp_null_args.mask index (git-fixes). - samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora (git-fixes). - commit db60287 - bpf: Return prog btf_id without capable check (git-fixes). - commit 8f212fe - selftests/bpf: add test for softlock when modifying hashmap while iterating (git-fixes). - bpf: fix possible endless loop in BPF map iteration (git-fixes). - selftests/bpf: Mitigate sockmap_ktls disconnect_after_delete failure (git-fixes). - selftests/bpf: Add selftest for attaching fexit to __noreturn functions (git-fixes). - bpf: Reject attaching fexit/fmod_ret to __noreturn functions (git-fixes). - commit 088a03b - bpf: Only fails the busy counter check in bpf_cgrp_storage_get if it creates storage (git-fixes). - selftests/bpf: Fix string read in strncmp benchmark (git-fixes). - bpf, docs: Fix broken link to renamed bpf_iter_task_vmas.c (git-fixes). - selftests/bpf: Use asm constraint "m" for LoongArch (git-fixes). - commit 6a67de9 - i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe() (git-fixes). - commit 3d7da1a - kABI fix after vhost: Reintroduce kthread API and add mode selection (git-fixes). - commit d3622c5 ++++ kernel-rt: - kABI: restore layout of struct msi_desc (CVE-2025-38062 bsc#1245216). - genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie (CVE-2025-38062 bsc#1245216). - commit 831ff50 - md/md-cluster: handle REMOVE message earlier (bsc#1247057). - commit 8e8eaf1 - sched/eevdf: Fix se->slice being set to U64_MAX and resulting (CVE-2025-37821 bsc#1242864) - commit ba057af - sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324 CVE-2024-58090) - commit cc45d5b - sched_ext: Fix invalid irq restore in scx_ops_bypass() (CVE-2024-57891 bsc#1235953) - commit f68543a - selftests/bpf: Fix unintentional switch case fall through (git-fixes). - selftests/bpf: fix signedness bug in redir_partial() (git-fixes). - selftests/bpf: Test invalid narrower ctx load (git-fixes). - bpf: Reject narrower access to pointer ctx fields (git-fixes). - bpf, sockmap: Fix psock incorrectly pointing to sk (git-fixes). - selftests/bpf: Add negative test cases for snprintf (git-fixes). - commit 0d272a0 - bpf: Reject %p% format string in bprintf-like helpers (git-fixes). - bpf: Adjust free target to avoid global starvation of LRU map (git-fixes). - tools/resolve_btfids: Fix build when cross compiling kernel with clang (git-fixes). - commit a8770bb - bpf: Fix uninitialized values in BPF_{CORE,PROBE}_READ (git-fixes). - bpf: Allow XDP dev-bound programs to perform XDP_REDIRECT into maps (git-fixes). - libbpf: Add identical pointer detection to btf_dedup_is_equiv() (git-fixes). - bpf: Use proper type to calculate bpf_raw_tp_null_args.mask index (git-fixes). - samples/bpf: Fix compilation failure for samples/bpf on LoongArch Fedora (git-fixes). - commit db60287 - bpf: Return prog btf_id without capable check (git-fixes). - commit 8f212fe - selftests/bpf: add test for softlock when modifying hashmap while iterating (git-fixes). - bpf: fix possible endless loop in BPF map iteration (git-fixes). - selftests/bpf: Mitigate sockmap_ktls disconnect_after_delete failure (git-fixes). - selftests/bpf: Add selftest for attaching fexit to __noreturn functions (git-fixes). - bpf: Reject attaching fexit/fmod_ret to __noreturn functions (git-fixes). - commit 088a03b - bpf: Only fails the busy counter check in bpf_cgrp_storage_get if it creates storage (git-fixes). - selftests/bpf: Fix string read in strncmp benchmark (git-fixes). - bpf, docs: Fix broken link to renamed bpf_iter_task_vmas.c (git-fixes). - selftests/bpf: Use asm constraint "m" for LoongArch (git-fixes). - commit 6a67de9 - i2c: muxes: mule: Fix an error handling path in mule_i2c_mux_probe() (git-fixes). - commit 3d7da1a - kABI fix after vhost: Reintroduce kthread API and add mode selection (git-fixes). - commit d3622c5 ++++ nvidia-open-driver-G06-signed: - added Requires * nvidia-modprobe >= %version * nvidia-persitenced >= %version * nvidia-modprobe-cuda-lt-sp6 * nvidia-persitenced-cuda-lt-sp6 to be provided by special versions of nvidia-modprobe and nvidia-persitenced built against SP4 (bsc#1237208, jsc#PED-13295) ------------------------------------------------------------------ ------------------ 2025-8-4 - Aug 4 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Update leap test-image-disk integration test Add test for alternative volume ID in install ISO ++++ grub2: - Skip mount point in grub_find_device function (bsc#1246231) * 0001-getroot-Skip-mount-points-in-grub_find_device.patch ++++ kernel-default: - KVM: Conditionally reschedule when resetting the dirty ring (git-fixes). - commit 2dff58a - KVM: Bail from the dirty ring reset flow if a signal is pending (git-fixes). - commit eab0b89 - KVM: Bound the number of dirty ring entries in a single reset at INT_MAX (git-fixes). - commit aac37a8 - KVM: Allow CPU to reschedule while setting per-page memory attributes (git-fixes). - commit 5d216e9 - KVM: arm64: Don't free hyp pages with pKVM on GICv2 (git-fixes). - commit c01040d - tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). - commit 317bbda - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). - commit 7e0d53d - KVM: arm64: Fix error path in init_hyp_mode() (git-fixes). - commit 23e29da - btrfs: avoid starting new transaction when cleaning qgroup during subvolume drop (git-fixes). - commit 5d6038d - btrfs: qgroup: fix qgroup create ioctl returning success after quotas disabled (git-fixes). - commit 6bfd9e4 - btrfs: qgroup: set quota enabled bit if quota disable fails flushing reservations (git-fixes). - commit 7eff76f - KVM: arm64: Adjust range correctly during host stage-2 faults (git-fixes). - commit 3d83087 - btrfs: clear dirty status from extent buffer on error at insert_new_root() (git-fixes). - commit feae542 - btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes). - commit ab9615f - btrfs: fix ssd_spread overallocation (git-fixes). - commit c5cd300 - Rename to patches.suse/virtio-blk-scsi-use-block-layer-helpers-to-calculate.patch. - commit 4cc7f9f - Rename to patches.suse/scsi-use-block-layer-helpers-to-calculate-num-of-que.patch. - commit a2aa4dc - Rename to patches.suse/nvme-pci-use-block-layer-helpers-to-calculate-num-of.patch. - commit 1f9b36e - btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). - commit 88c829f - btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). - commit bbb516f - Refresh patches.suse/blk-mq-add-number-of-queue-calc-helper.patch. - commit e910199 - btrfs: don't skip remaining extrefs if dir not found during log replay (git-fixes). - commit 70b2e71 - Rename to patches.suse/lib-group_cpus-Let-group_cpu_evenly-return-the-numbe.patch. (bsc#1236897 bsc#1243774) - Refresh patches.suse/lib-group_cpus-honor-housekeeping-config-when-grouping-cpus.patch. - commit 446c2ea - btrfs: don't ignore inode missing when replaying log tree (git-fixes). - commit 23b8b0c - btrfs: fix inode lookup error handling during log replay (git-fixes). - commit 2365a96 - lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). - Refresh patches.suse/lib-group_cpus-let-group_cpu_evenly-return-number-initialized-masks.patch. - commit 1ff1f6d - btrfs: don't silently ignore unexpected extent type when replaying log (git-fixes). - commit 45649bf - btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). - commit b75fd3b - KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes). - commit 5a81b3c - btrfs: return a btrfs_inode from read_one_inode() (git-fixes). - commit f365bc7 - btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). - commit 1b7aead - KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes). - commit 32d198b - nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails (git-fixes). - nvmet-tcp: fix callback lock for TLS handshake (git-fixes). - nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). - nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes). - nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). - commit 1304ce4 - KVM: TDX: Use kvm_arch_vcpu.host_debugctl to restore the host's DEBUGCTL (git-fixes). - commit d8f0496 - btrfs: update superblock's device bytes_used when dropping chunk (git-fixes). - commit a87918f - Enable SMC_LO (a.k.a SMC-D) (jsc#PED-13256). - commit 9164e38 - Fix bogus i915 patch backport (bsc#1238972) It's been already cherry-picked in 6.12 kernel itself. - commit b66de0d - RDMA/core: Rate limit GID cache warning messages (git-fixes) - commit a5e809e - Refresh patches.suse/s390-boot-Use-D__DISABLE_EXPORTS.patch. - commit bcdca9e - KVM: x86: Avoid calling kvm_is_mmio_pfn() when kvm_x86_ops.get_mt_mask is NULL (git-fixes). - commit cc59aef - Update config files. - commit 40dfe08 - vsock/virtio: Validate length in packet header before skb_put() (git-fixes). - commit 3f40097 - vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes). - commit b8d0767 - vhost: Reintroduce kthread API and add mode selection (git-fixes). - commit 4f10d1a - vhost-scsi: Fix log flooding with target does not exist errors (git-fixes). - commit 35e2840 - virtio_net: Enforce minimum TX ring size for reliability (git-fixes). - commit d86e0e3 - Refresh patches.suse/powerpc-pseries-dlpar-Search-DRC-index-from-ibm-drc-.patch. - commit 8a56f7b - virtio_ring: Fix error reporting in virtqueue_resize (git-fixes). - commit 82b060c - kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). - commit b4fa2d1 - xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes). - commit 078d2c1 - rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). - rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). - rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). - rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). - rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). - rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). - ucount: fix atomic_long_inc_below() argument type (git-fixes). - i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). - commit 24bca99 - xen: fix UAF in dmabuf_exp_from_pages() (git-fixes). - commit b9557cc ++++ kernel-rt: - KVM: Conditionally reschedule when resetting the dirty ring (git-fixes). - commit 2dff58a - KVM: Bail from the dirty ring reset flow if a signal is pending (git-fixes). - commit eab0b89 - KVM: Bound the number of dirty ring entries in a single reset at INT_MAX (git-fixes). - commit aac37a8 - KVM: Allow CPU to reschedule while setting per-page memory attributes (git-fixes). - commit 5d216e9 - KVM: arm64: Don't free hyp pages with pKVM on GICv2 (git-fixes). - commit c01040d - tcp: call tcp_measure_rcv_mss() for ooo packets (git-fixes). - commit 317bbda - net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (git-fixes). - commit 7e0d53d - KVM: arm64: Fix error path in init_hyp_mode() (git-fixes). - commit 23e29da - btrfs: avoid starting new transaction when cleaning qgroup during subvolume drop (git-fixes). - commit 5d6038d - btrfs: qgroup: fix qgroup create ioctl returning success after quotas disabled (git-fixes). - commit 6bfd9e4 - btrfs: qgroup: set quota enabled bit if quota disable fails flushing reservations (git-fixes). - commit 7eff76f - KVM: arm64: Adjust range correctly during host stage-2 faults (git-fixes). - commit 3d83087 - btrfs: clear dirty status from extent buffer on error at insert_new_root() (git-fixes). - commit feae542 - btrfs: tests: fix chunk map leak after failure to add it to the tree (git-fixes). - commit ab9615f - btrfs: fix ssd_spread overallocation (git-fixes). - commit c5cd300 - Rename to patches.suse/virtio-blk-scsi-use-block-layer-helpers-to-calculate.patch. - commit 4cc7f9f - Rename to patches.suse/scsi-use-block-layer-helpers-to-calculate-num-of-que.patch. - commit a2aa4dc - Rename to patches.suse/nvme-pci-use-block-layer-helpers-to-calculate-num-of.patch. - commit 1f9b36e - btrfs: use btrfs_record_snapshot_destroy() during rmdir (git-fixes). - commit 88c829f - btrfs: propagate last_unlink_trans earlier when doing a rmdir (git-fixes). - commit bbb516f - Refresh patches.suse/blk-mq-add-number-of-queue-calc-helper.patch. - commit e910199 - btrfs: don't skip remaining extrefs if dir not found during log replay (git-fixes). - commit 70b2e71 - Rename to patches.suse/lib-group_cpus-Let-group_cpu_evenly-return-the-numbe.patch. (bsc#1236897 bsc#1243774) - Refresh patches.suse/lib-group_cpus-honor-housekeeping-config-when-grouping-cpus.patch. - commit 446c2ea - btrfs: don't ignore inode missing when replaying log tree (git-fixes). - commit 23b8b0c - btrfs: fix inode lookup error handling during log replay (git-fixes). - commit 2365a96 - lib/group_cpus: fix NULL pointer dereference from group_cpus_evenly() (bsc#1236897). - Refresh patches.suse/lib-group_cpus-let-group_cpu_evenly-return-number-initialized-masks.patch. - commit 1ff1f6d - btrfs: don't silently ignore unexpected extent type when replaying log (git-fixes). - commit 45649bf - btrfs: fix invalid inode pointer dereferences during log replay (git-fixes). - commit b75fd3b - KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes). - commit 5a81b3c - btrfs: return a btrfs_inode from read_one_inode() (git-fixes). - commit f365bc7 - btrfs: return a btrfs_inode from btrfs_iget_logging() (git-fixes). - commit 1b7aead - KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes). - commit 32d198b - nvmet: pci-epf: Do not complete commands twice if nvmet_req_init() fails (git-fixes). - nvmet-tcp: fix callback lock for TLS handshake (git-fixes). - nvme: fix misaccounting of nvme-mpath inflight I/O (git-fixes). - nvme: fix endianness of command word prints in nvme_log_err_passthru() (git-fixes). - nvme: fix inconsistent RCU list manipulation in nvme_ns_add_to_ctrl_list() (git-fixes). - commit 1304ce4 - KVM: TDX: Use kvm_arch_vcpu.host_debugctl to restore the host's DEBUGCTL (git-fixes). - commit d8f0496 - btrfs: update superblock's device bytes_used when dropping chunk (git-fixes). - commit a87918f - Enable SMC_LO (a.k.a SMC-D) (jsc#PED-13256). - commit 9164e38 - Fix bogus i915 patch backport (bsc#1238972) It's been already cherry-picked in 6.12 kernel itself. - commit b66de0d - RDMA/core: Rate limit GID cache warning messages (git-fixes) - commit a5e809e - Refresh patches.suse/s390-boot-Use-D__DISABLE_EXPORTS.patch. - commit bcdca9e - KVM: x86: Avoid calling kvm_is_mmio_pfn() when kvm_x86_ops.get_mt_mask is NULL (git-fixes). - commit cc59aef - Update config files. - commit 40dfe08 - vsock/virtio: Validate length in packet header before skb_put() (git-fixes). - commit 3f40097 - vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes). - commit b8d0767 - vhost: Reintroduce kthread API and add mode selection (git-fixes). - commit 4f10d1a - vhost-scsi: Fix log flooding with target does not exist errors (git-fixes). - commit 35e2840 - virtio_net: Enforce minimum TX ring size for reliability (git-fixes). - commit d86e0e3 - Refresh patches.suse/powerpc-pseries-dlpar-Search-DRC-index-from-ibm-drc-.patch. - commit 8a56f7b - virtio_ring: Fix error reporting in virtqueue_resize (git-fixes). - commit 82b060c - kernel-syms.spec: Drop old rpm release number hack (bsc#1247172). - commit b4fa2d1 - xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes). - commit 078d2c1 - rtc: rv3028: fix incorrect maximum clock rate handling (git-fixes). - rtc: pcf8563: fix incorrect maximum clock rate handling (git-fixes). - rtc: pcf85063: fix incorrect maximum clock rate handling (git-fixes). - rtc: nct3018y: fix incorrect maximum clock rate handling (git-fixes). - rtc: hym8563: fix incorrect maximum clock rate handling (git-fixes). - rtc: ds1307: fix incorrect maximum clock rate handling (git-fixes). - ucount: fix atomic_long_inc_below() argument type (git-fixes). - i3c: fix module_i3c_i2c_driver() with I3C=n (git-fixes). - commit 24bca99 - xen: fix UAF in dmabuf_exp_from_pages() (git-fixes). - commit b9557cc ++++ numactl: - bsc#1247093 bsc#1246858 Cleanup code by reverting 2 patches and get back to old has_preferred_many initialization. This allows to call numa_set_bind_policy early again. A Cleanup-No-need-to-suppress-possible-errno-anymore.patch A Cleanup-move-has_preferred_many-to-numa_init-again.patch ++++ libsolv: - fixed rare crash in the handling of allowuninstall in combination with forcebest updates - new pool_satisfieddep_map feature to test if a set of packages satisfies a dependency - bump version to 0.7.35 ++++ tiff: - bsc#1243503: Fix TIFFMergeFieldInfo() read_count=write_count=0 + tiff-4.7.0-bsc1243503.patch - security update: * CVE-2025-8176 [bsc#1247108] Fix heap use-after-free in tools/tiffmedian.c + tiff-CVE-2025-8176.patch * CVE-2025-8177 [bsc#1247106] Fix possible buffer overflow in tools/thumbnail.c:setrow() + tiff-CVE-2025-8177.patch ++++ net-tools: - Fix a regression in net-tools-CVE-2025-46836.patch (bsc#1246608). ------------------------------------------------------------------ ------------------ 2025-8-3 - Aug 3 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes). - pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state() (git-fixes). - pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). - fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). - firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). - commit 598b0ba ++++ kernel-rt: - pinmux: fix race causing mux_owner NULL with active mux_usecount (git-fixes). - pinctrl: berlin: fix memory leak in berlin_pinctrl_build_state() (git-fixes). - pinctrl: sunxi: Fix memory leak on krealloc failure (git-fixes). - fbdev: imxfb: Check fb_add_videomode to prevent null-ptr-deref (git-fixes). - firewire: ohci: correct code comments about bus_reset tasklet (git-fixes). - commit 598b0ba ------------------------------------------------------------------ ------------------ 2025-8-2 - Aug 2 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). - PCI: imx6: Delay link start until configfs 'start' written (git-fixes). - PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes). - PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes). - PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). - PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). - PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes). - PCI: endpoint: Fix configfs group list head handling (git-fixes). - watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes). - dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). - dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes). - dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning (git-fixes). - dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). - dmaengine: fsl-dpaa2-qdma: Drop unused mc_enc() (git-fixes). - dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). - phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence (git-fixes). - phy: qualcomm: phy-qcom-eusb2-repeater: Don't zero-out registers (git-fixes). - selftests: ALSA: fix memory leak in utimer test (git-fixes). - ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). - ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes). - soundwire: stream: restore params when prepare ports fail (git-fixes). - drm/xe/vf: Disable CSC support on VF (git-fixes). - drm/amd/display: fix initial backlight brightness calculation (git-fixes). - drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram() (git-fixes). - power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes). - power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). - HID: apple: validate feature-report field count to prevent NULL pointer dereference (git-fixes). - kasan: use vmalloc_dump_obj() for vmalloc error reports (git-fixes). - ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes). - ALSA: hda/realtek - Add mute LED support for HP Victus 15-fa0xxx (stable-fixes). - staging: vchiq_arm: Make vchiq_shutdown never fail (git-fixes). - regulator: core: fix NULL dereference on unbind due to stale coupling data (stable-fixes). - spi: cadence-quadspi: fix cleanup of rx_chan on failure paths (stable-fixes). - platform/x86: asus-nb-wmi: add DMI quirk for ASUS Zenbook Duo UX8406CA (stable-fixes). - usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes). - usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes). - usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). - commit 50f3301 ++++ kernel-rt: - PCI: rockchip-host: Fix "Unexpected Completion" log message (git-fixes). - PCI: imx6: Delay link start until configfs 'start' written (git-fixes). - PCI: imx6: Remove apps_reset toggling from imx_pcie_{assert/deassert}_core_reset (git-fixes). - PCI: imx6: Add IMX8MM_EP and IMX8MP_EP fixed 256-byte BAR 4 in epc_features (git-fixes). - PCI: endpoint: pci-epf-vntb: Fix the incorrect usage of __iomem attribute (git-fixes). - PCI: endpoint: pci-epf-vntb: Return -ENOENT if pci_epc_get_next_free_bar() fails (git-fixes). - PCI: endpoint: Fix configfs group removal on driver teardown (git-fixes). - PCI: endpoint: Fix configfs group list head handling (git-fixes). - watchdog: ziirave_wdt: check record length in ziirave_firm_verify() (git-fixes). - dmaengine: nbpfaxi: Add missing check after DMA map (git-fixes). - dmaengine: mv_xor: Fix missing check after DMA map and missing unmap (git-fixes). - dmaengine: mmp: Fix again Wvoid-pointer-to-enum-cast warning (git-fixes). - dmaengine: qcom: gpi: Drop unused gpi_write_reg_field() (git-fixes). - dmaengine: fsl-dpaa2-qdma: Drop unused mc_enc() (git-fixes). - dmaengine: dw-edma: Drop unused dchan2dev() and chan2dev() (git-fixes). - phy: qcom: phy-qcom-m31: Update IPQ5332 M31 USB phy initialization sequence (git-fixes). - phy: qualcomm: phy-qcom-eusb2-repeater: Don't zero-out registers (git-fixes). - selftests: ALSA: fix memory leak in utimer test (git-fixes). - ASoC: fsl_xcvr: get channel status data when PHY is not exists (git-fixes). - ALSA: scarlett2: Add retry on -EPROTO from scarlett2_usb_tx() (git-fixes). - soundwire: stream: restore params when prepare ports fail (git-fixes). - drm/xe/vf: Disable CSC support on VF (git-fixes). - drm/amd/display: fix initial backlight brightness calculation (git-fixes). - drm/amdgpu: Initialize data to NULL in imu_v12_0_program_rlc_ram() (git-fixes). - power: supply: max14577: Handle NULL pdata when CONFIG_OF is not set (git-fixes). - power: supply: cpcap-charger: Fix null check for power_supply_get_by_name (git-fixes). - HID: apple: validate feature-report field count to prevent NULL pointer dereference (git-fixes). - kasan: use vmalloc_dump_obj() for vmalloc error reports (git-fixes). - ALSA: hda/realtek - Add mute LED support for HP Pavilion 15-eg0xxx (stable-fixes). - ALSA: hda/realtek - Add mute LED support for HP Victus 15-fa0xxx (stable-fixes). - staging: vchiq_arm: Make vchiq_shutdown never fail (git-fixes). - regulator: core: fix NULL dereference on unbind due to stale coupling data (stable-fixes). - spi: cadence-quadspi: fix cleanup of rx_chan on failure paths (stable-fixes). - platform/x86: asus-nb-wmi: add DMI quirk for ASUS Zenbook Duo UX8406CA (stable-fixes). - usb: typec: tcpm: apply vbus before data bringup in tcpm_src_attach (git-fixes). - usb: typec: tcpm: allow switching to mode accessory to mux properly (stable-fixes). - usb: typec: tcpm: allow to use sink in accessory mode (stable-fixes). - commit 50f3301 ------------------------------------------------------------------ ------------------ 2025-8-1 - Aug 1 2025 ------------------- ------------------------------------------------------------------ ++++ aaa_base: - Update to version 84.87+git20250801.f305627: * Remove sysconfig.language [bsc#1247286] - Update to version 84.87+git20250801.b2fa3fe: * Allow /etc/locale.conf to have no newline ++++ busybox: - revert the change to busybox.install.patch below. The logic will be needed only in busybox-links package when generating file lists. - fix mkdir path to point to /usr/bin instead of /bin ++++ python-kiwi: - Bump version: 10.2.30 → 10.2.31 ++++ kernel-default: - iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). - commit 86d87fb - iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). - commit 9fabb61 - cgroup: Add compatibility option for content of /proc/cgroups (jsc#PED-12405). - cgroup: Print message when /proc/cgroups is read on v2-only system (jsc#PED-12405). - commit 764f23b - Update patches.suse/ACPI-CPPC-Fix-NULL-pointer-dereference-when-nosmp-is.patch (git-fixes CVE-2025-38113 bsc#1245683). - Update patches.suse/ACPICA-Refuse-to-evaluate-a-method-if-arguments-are-.patch (stable-fixes CVE-2025-38386 bsc#1247138). - Update patches.suse/ACPICA-fix-acpi-operand-cache-leak-in-dswstate.c.patch (stable-fixes CVE-2025-38345 bsc#1246337). - Update patches.suse/ACPICA-fix-acpi-parse-and-parseext-cache-leaks.patch (stable-fixes CVE-2025-38344 bsc#1246334). - Update patches.suse/ALSA-ad1816a-Fix-potential-NULL-pointer-deref-in-snd.patch (git-fixes CVE-2025-38454 bsc#1247426). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-read-in-snd_usb_get.patch (git-fixes CVE-2025-38249 bsc#1246171). - Update patches.suse/ASoC-Intel-avs-Verify-content-returned-by-parse_int_.patch (git-fixes CVE-2025-38307 bsc#1246364). - Update patches.suse/ASoC-SOF-Intel-hda-Use-devm_kstrdup-to-avoid-memleak.patch (stable-fixes CVE-2025-38438 bsc#1247157). - Update patches.suse/ASoC-codecs-wcd9335-Fix-missing-free-of-regulator-su.patch (git-fixes CVE-2025-38259 bsc#1246220). - Update patches.suse/ASoC-mediatek-mt8195-Set-ETDM1-2-IN-OUT-to-COMP_DUMM.patch (git-fixes CVE-2025-38299 bsc#1246290). - Update patches.suse/Bluetooth-Disable-SCO-support-if-READ_VOICE_SETTING-.patch (stable-fixes CVE-2025-38099 bsc#1245671). - Update patches.suse/Bluetooth-Fix-NULL-pointer-deference-on-eir_get_serv.patch (git-fixes CVE-2025-38304 bsc#1246240). - Update patches.suse/Bluetooth-Fix-null-ptr-deref-in-l2cap_sock_resume_cb.patch (git-fixes CVE-2025-38473 bsc#1247289). - Update patches.suse/Bluetooth-MGMT-Fix-UAF-on-mgmt_remove_adv_monitor_co.patch (git-fixes CVE-2025-38118 bsc#1245670). - Update patches.suse/Bluetooth-MGMT-reject-malformed-HCI_CMD_SYNC-command.patch (git-fixes CVE-2025-38128 bsc#1245703). - Update patches.suse/Bluetooth-btintel-Check-dsbr-size-from-EFI-variable.patch (git-fixes CVE-2025-38315 bsc#1246333). - Update patches.suse/Bluetooth-eir-Fix-possible-crashes-on-eir_create_adv.patch (git-fixes CVE-2025-38303 bsc#1246354). - Update patches.suse/HID-core-do-not-bypass-hid_hw_raw_request.patch (stable-fixes CVE-2025-38494 bsc#1247349). - Update patches.suse/HID-core-ensure-the-allocated-report-buffer-can-cont.patch (stable-fixes CVE-2025-38495 bsc#1247348). - Update patches.suse/HID-wacom-fix-crash-in-wacom_aes_battery_handler.patch (git-fixes CVE-2025-38253 bsc#1246192). - Update patches.suse/IB-cm-Drop-lockdep-assert-and-WARN-when-freeing-old-.patch (git-fixes CVE-2025-38287 bsc#1246285). - Update patches.suse/IB-mlx5-Fix-potential-deadlock-in-MR-deregistration.patch (git-fixes CVE-2025-38373 bsc#1247033). - Update patches.suse/Input-cs40l50-vibra-fix-potential-NULL-dereference-i.patch (git-fixes CVE-2025-38381 bsc#1247027). - Update patches.suse/Input-gpio-keys-fix-a-sleep-while-atomic-with-PREEMP.patch (git-fixes CVE-2025-38335 bsc#1246250). - Update patches.suse/Input-ims-pcu-check-record-size-in-ims_pcu_flash_fir.patch (git-fixes CVE-2025-38428 bsc#1247150). - Update patches.suse/KVM-SVM-Reject-SEV-ES-intra-host-migration-if-vCPU-c.patch (git-fixes CVE-2025-38455 bsc#1247101). - Update patches.suse/NFC-nci-uart-Set-tty-disc_data-only-in-success-path.patch (git-fixes CVE-2025-38416 bsc#1247151). - Update patches.suse/NFSD-fix-race-between-nfsd-registration-and-exports_proc.patch (git-fixes CVE-2025-38232 bsc#1246054). - Update patches.suse/NFSv4-pNFS-Fix-a-race-to-wake-on-NFS_LAYOUT_DRAIN.patch (git-fixes CVE-2025-38393 bsc#1247170). - Update patches.suse/PCI-pwrctrl-Cancel-outstanding-rescan-work-when-unre.patch (git-fixes CVE-2025-38137 bsc#1245721). - Update patches.suse/RDMA-cma-Fix-hang-when-cma_netevent_callback-fails-t.patch (git-fixes CVE-2025-38151 bsc#1245745). - Update patches.suse/RDMA-iwcm-Fix-use-after-free-of-work-objects-after-c.patch (git-fixes CVE-2025-38211 bsc#1246008). - Update patches.suse/RDMA-mlx5-Fix-error-flow-upon-firmware-failure-for-R.patch (git-fixes CVE-2025-38161 bsc#1245777). - Update patches.suse/RDMA-mlx5-Fix-unsafe-xarray-access-in-implicit-ODP-h.patch (git-fixes CVE-2025-38372 bsc#1247020). - Update patches.suse/RDMA-mlx5-Initialize-obj_event-obj_sub_list-before-x.patch (git-fixes CVE-2025-38387 bsc#1247154). - Update patches.suse/Squashfs-check-return-result-of-sb_min_blocksize.patch (git-fixes CVE-2025-38415 bsc#1247147). - Update patches.suse/VMCI-fix-race-between-vmci_host_setup_notify-and-vmc.patch (git-fixes CVE-2025-38102 bsc#1245669). - Update patches.suse/aoe-clean-device-rq_list-in-aoedev_downdev.patch (git-fixes CVE-2025-38326 bsc#1246490). - Update patches.suse/arm64-fpsimd-Avoid-clobbering-kernel-FPSIMD-state-with-SMS.patch (git-fixes CVE-2025-38169 bsc#1245784). - Update patches.suse/arm64-fpsimd-Discard-stale-CPU-state-when-handling-SME-tra.patch (git-fixes CVE-2025-38170 bsc#1245785). - Update patches.suse/ata-pata_via-Force-PIO-for-ATAPI-devices-on-VT6415-V.patch (stable-fixes CVE-2025-38336 bsc#1246370). - Update patches.suse/backlight-pm8941-Add-NULL-check-in-wled_configure.patch (git-fixes CVE-2025-38143 bsc#1245714). - Update patches.suse/block-don-t-use-submit_bio_noacct_nocheck-in-blk_zone_wplu.patch (git-fixes CVE-2025-38302 bsc#1246353). - Update patches.suse/bnxt-properly-flush-XDP-redirect-lists.patch (git-fixes CVE-2025-38246 bsc#1246195). - Update patches.suse/bnxt_en-Fix-double-invocation-of-bnxt_ulp_stop-bnxt_.patch (git-fixes CVE-2025-38186 bsc#1245955). - Update patches.suse/bpf-sockmap-Fix-panic-when-calling-skb_linearize.patch (bsc#1245749 CVE-2025-38154 CVE-2025-38165 bsc#1245757). - Update patches.suse/bus-fsl-mc-fix-double-free-on-mc_dev.patch (git-fixes CVE-2025-38313 bsc#1246342). - Update patches.suse/bus-mhi-ep-Update-read-pointer-only-after-buffer-is-.patch (git-fixes CVE-2025-38429 bsc#1247253). - Update patches.suse/calipso-Fix-null-ptr-deref-in-calipso_req_-set-del-a.patch (git-fixes CVE-2025-38181 bsc#1246000). - Update patches.suse/can-kvaser_pciefd-refine-error-prone-echo_skb_max-ha.patch (git-fixes CVE-2025-38224 bsc#1246166). - Update patches.suse/clk-imx-Fix-an-out-of-bounds-access-in-dispmix_csr_c.patch (git-fixes CVE-2025-38446 bsc#1247231). - Update patches.suse/comedi-Fail-COMEDI_INSNLIST-ioctl-if-n_insns-is-too-.patch (git-fixes CVE-2025-38481 bsc#1247276). - Update patches.suse/comedi-Fix-initialization-of-data-for-instructions-t.patch (git-fixes CVE-2025-38478 bsc#1247273). - Update patches.suse/comedi-Fix-use-of-uninitialized-data-in-insn_rw_emul.patch (git-fixes CVE-2025-38480 bsc#1247274). - Update patches.suse/comedi-das16m1-Fix-bit-shift-out-of-bounds.patch (git-fixes CVE-2025-38483 bsc#1247278). - Update patches.suse/comedi-das6402-Fix-bit-shift-out-of-bounds.patch (git-fixes CVE-2025-38482 bsc#1247277). - Update patches.suse/crypto-marvell-cesa-Handle-zero-length-skcipher-requ.patch (git-fixes CVE-2025-38173 bsc#1245769). - Update patches.suse/crypto-sun8i-ce-cipher-fix-error-handling-in-sun8i_c.patch (git-fixes CVE-2025-38300 bsc#1246349). - Update patches.suse/dm-bufio-fix-sched-in-atomic-context.patch (git-fixes CVE-2025-38496 bsc#1247284). - Update patches.suse/dm-fix-dm_blk_report_zones.patch (CVE-2025-38140 bsc#1245717 CVE-2025-38141 bsc#1245715). - Update patches.suse/dma-buf-insert-memory-barrier-before-updating-num_fe.patch (git-fixes CVE-2025-38095 bsc#1245658). - Update patches.suse/dmaengine-idxd-Check-availability-of-workqueue-alloc.patch (stable-fixes CVE-2025-38369 bsc#1247209). - Update patches.suse/dmaengine-ti-Add-NULL-check-in-udma_probe.patch (git-fixes CVE-2025-38138 bsc#1245719). - Update patches.suse/drivers-rapidio-rio_cm.c-prevent-possible-heap-overw.patch (stable-fixes CVE-2025-38090 bsc#1245510). - Update patches.suse/drm-amd-display-Add-null-pointer-check-for-get_first.patch (git-fixes CVE-2025-38362 bsc#1247089). - Update patches.suse/drm-amd-display-Check-dce_hwseq-before-dereferencing.patch (stable-fixes CVE-2025-38361 bsc#1247079). - Update patches.suse/drm-amd-display-Don-t-treat-wb-connector-as-physical.patch (stable-fixes CVE-2025-38098 bsc#1245654). - Update patches.suse/drm-amd-display-check-stream-id-dml21-wrapper-to-get.patch (stable-fixes CVE-2025-38091 bsc#1245621). - Update patches.suse/drm-amd-pp-Fix-potential-NULL-pointer-dereference-in.patch (git-fixes CVE-2025-38319 bsc#1246243). - Update patches.suse/drm-exynos-exynos7_drm_decon-add-vblank-check-in-IRQ.patch (git-fixes CVE-2025-38467 bsc#1247146). - Update patches.suse/drm-gem-Acquire-references-on-GEM-handles-for-frameb.patch (stable-fixes CVE-2025-38449 bsc#1247255). - Update patches.suse/drm-i915-gt-Fix-timeline-left-held-on-VMA-alloc-erro.patch (git-fixes CVE-2025-38389 bsc#1247153). - Update patches.suse/drm-msm-Fix-a-fence-leak-in-submit-error-path.patch (stable-fixes CVE-2025-38410 bsc#1247128). - Update patches.suse/drm-msm-Fix-another-leak-in-the-submit-error-path.patch (stable-fixes CVE-2025-38409 bsc#1247285). - Update patches.suse/drm-msm-a7xx-Call-CP_RESET_CONTEXT_STATE.patch (git-fixes CVE-2025-38188 bsc#1246098). - Update patches.suse/drm-msm-gpu-Fix-crash-when-throttling-GPU-immediatel.patch (git-fixes CVE-2025-38354 bsc#1247061). - Update patches.suse/drm-scheduler-signal-scheduled-fence-when-kill-job.patch (stable-fixes CVE-2025-38436 bsc#1247227). - Update patches.suse/drm-tegra-Fix-a-possible-null-pointer-dereference.patch (git-fixes CVE-2025-38363 bsc#1247018). - Update patches.suse/drm-v3d-Avoid-NULL-pointer-dereference-in-v3d_job_up.patch (stable-fixes CVE-2025-38189 bsc#1245812). - Update patches.suse/drm-v3d-Disable-interrupts-before-resetting-the-GPU.patch (git-fixes CVE-2025-38371 bsc#1247178). - Update patches.suse/drm-xe-Fix-taking-invalid-lock-on-wedge.patch (stable-fixes CVE-2025-38353 bsc#1247265). - Update patches.suse/drm-xe-Process-deferred-GGTT-node-removals-on-device.patch (git-fixes CVE-2025-38355 bsc#1247062). - Update patches.suse/drm-xe-guc-Explicitly-exit-CT-safe-mode-on-unwind.patch (git-fixes CVE-2025-38356 bsc#1247064). - Update patches.suse/e1000-Move-cancel_work_sync-to-avoid-deadlock.patch (git-fixes CVE-2025-38114 bsc#1245686). - Update patches.suse/erofs-avoid-using-multiple-devices-with-different-type.patch (git-fixes CVE-2025-38172 bsc#1245787). - Update patches.suse/fbcon-Make-sure-modelist-not-set-on-unregistered-con.patch (stable-fixes CVE-2025-38198 bsc#1245952). - Update patches.suse/fbdev-Fix-do_register_framebuffer-to-prevent-null-pt.patch (git-fixes CVE-2025-38215 bsc#1246109). - Update patches.suse/fbdev-Fix-fb_set_var-to-prevent-null-ptr-deref-in-fb.patch (git-fixes CVE-2025-38214 bsc#1246042). - Update patches.suse/fbdev-core-fbcvt-avoid-division-by-0-in-fb_cvt_hperi.patch (git-fixes CVE-2025-38312 bsc#1246386). - Update patches.suse/firmware-arm_ffa-Fix-memory-leak-by-freeing-notifier.patch (git-fixes CVE-2025-38390 bsc#1247088). - Update patches.suse/fpga-fix-potential-null-pointer-deref-in-fpga_mgr_te.patch (git-fixes CVE-2025-38274 bsc#1246234). - Update patches.suse/fs-nfs-read-fix-double-unlock-bug-in-nfs_return_empty_folio.patch (git-fixes CVE-2025-38338 bsc#1246258). - Update patches.suse/gve-add-missing-NULL-check-for-gve_alloc_pending_pac.patch (git-fixes CVE-2025-38122 bsc#1245746). - Update patches.suse/hwmon-asus-ec-sensors-check-sensor-index-in-read_str.patch (git-fixes CVE-2025-38142 bsc#1245713). - Update patches.suse/hwmon-ftsteutates-Fix-TOCTOU-race-in-fts_read.patch (git-fixes CVE-2025-38217 bsc#1246002). - Update patches.suse/i2c-designware-Fix-an-initialization-issue.patch (git-fixes CVE-2025-38380 bsc#1247028). - Update patches.suse/i2c-tegra-check-msg-length-in-SMBUS-block-read.patch (bsc#1242086 CVE-2025-38425 bsc#1247251). - Update patches.suse/ice-fix-Tx-scheduler-error-handling-in-XDP-callback.patch (git-fixes CVE-2025-38127 bsc#1245705). - Update patches.suse/ice-fix-eswitch-code-memory-leak-in-reset-scenario.patch (git-fixes CVE-2025-38417 bsc#1247282). - Update patches.suse/iio-accel-fxls8962af-Fix-use-after-free-in-fxls8962a.patch (git-fixes CVE-2025-38485 bsc#1247236). - Update patches.suse/iio-backend-fix-out-of-bound-write.patch (git-fixes CVE-2025-38484 bsc#1247235). - Update patches.suse/maple_tree-fix-MA_STATE_PREALLOC-flag-in-mas_preallo.patch (git-fixes CVE-2025-38364 bsc#1247091). - Update patches.suse/media-cxusb-no-longer-judge-rbuf-when-the-write-fail.patch (git-fixes CVE-2025-38229 bsc#1246049). - Update patches.suse/media-imagination-fix-a-potential-memory-leak-in-e50.patch (git-fixes CVE-2025-38228 bsc#1245814). - Update patches.suse/media-imx-jpeg-Cleanup-after-an-allocation-error.patch (git-fixes CVE-2025-38225 bsc#1246041). - Update patches.suse/media-vidtv-Terminating-the-subsequent-process-of-in.patch (git-fixes CVE-2025-38227 bsc#1246031). - Update patches.suse/media-vivid-Change-the-siize-of-the-composing.patch (git-fixes CVE-2025-38226 bsc#1246050). - Update patches.suse/misc-tps6594-pfsm-Add-NULL-pointer-check-in-tps6594_.patch (stable-fixes CVE-2025-38368 bsc#1247022). - Update patches.suse/mtd-nand-ecc-mxic-Fix-use-of-uninitialized-variable-.patch (git-fixes CVE-2025-38277 bsc#1246246). - Update patches.suse/mtd-spinand-fix-memory-leak-of-ECC-engine-conf.patch (stable-fixes CVE-2025-38384 bsc#1247035). - Update patches.suse/mtk-sd-Prevent-memory-corruption-from-DMA-map-failur.patch (git-fixes CVE-2025-38401 bsc#1247125). - Update patches.suse/nbd-fix-uaf-in-nbd_genl_connect-error-path.patch (git-fixes CVE-2025-38443 bsc#1247164). - Update patches.suse/net-Fix-TOCTOU-issue-in-sk_is_readable.patch (git-fixes CVE-2025-38112 bsc#1245668). - Update patches.suse/net-fix-udp-gso-skb_segment-after-pull-from-frag_lis.patch (git-fixes CVE-2025-38124 bsc#1245690). - Update patches.suse/net-mdiobus-Fix-potential-out-of-bounds-clause-45-re.patch (git-fixes CVE-2025-38110 bsc#1245665). - Update patches.suse/net-mdiobus-Fix-potential-out-of-bounds-read-write-a.patch (git-fixes CVE-2025-38111 bsc#1245666). - Update patches.suse/net-mlx5-Fix-ECVF-vports-unload-on-shutdown-flow.patch (git-fixes CVE-2025-38109 bsc#1245684). - Update patches.suse/net-phy-clear-phydev-devlink-when-the-link-is-delete.patch (git-fixes CVE-2025-38149 bsc#1245737). - Update patches.suse/net-phy-mscc-Fix-memory-leak-when-using-one-step-tim.patch (git-fixes CVE-2025-38148 bsc#1245735). - Update patches.suse/net-sched-Return-NULL-when-htb_lookup_leaf-encounter.patch (git-fixes CVE-2025-38468 bsc#1247437). - Update patches.suse/net-sched-fix-use-after-free-in-taprio_dev_notifier.patch (git-fixes CVE-2025-38087 bsc#1245504). - Update patches.suse/net-sched-sch_qfq-Fix-race-condition-on-qfq_aggregat.patch (git-fixes CVE-2025-38477 bsc#1247314). - Update patches.suse/net-tipc-fix-refcount-warning-in-tipc_aead_encrypt.patch (CVE-2025-38052 bsc#1244749 CVE-2025-38273 bsc#1246266). - Update patches.suse/net-usb-aqc111-fix-error-handling-of-usbnet-read-cal.patch (git-fixes CVE-2025-38153 bsc#1245744). - Update patches.suse/net-usb-lan78xx-fix-WARN-in-__netif_napi_del_locked-.patch (git-fixes CVE-2025-38385 bsc#1247149). - Update patches.suse/net-wwan-t7xx-Fix-napi-rx-poll-issue.patch (git-fixes CVE-2025-38123 bsc#1245688). - Update patches.suse/net_sched-ets-fix-a-race-in-ets_qdisc_change.patch (git-fixes CVE-2025-38107 bsc#1245676). - Update patches.suse/net_sched-red-fix-a-race-in-__red_change.patch (git-fixes CVE-2025-38108 bsc#1245675). - Update patches.suse/net_sched-sch_sfq-reject-invalid-perturb-period.patch (git-fixes CVE-2025-38193 bsc#1245945). - Update patches.suse/netfilter-nf_set_pipapo_avx2-fix-initial-map-fill.patch (git-fixes CVE-2025-38120 bsc#1245711). - Update patches.suse/nfs-Clean-up-proc-net-rpc-nfs-when-nfs_fs_proc_net_init-fails.patch (git-fixes CVE-2025-38400 bsc#1247123). - Update patches.suse/nfsd-Initialize-ssc-before-laundromat_work-to-prevent-NULL-dereference.patch (git-fixes CVE-2025-38231 bsc#1246055). - Update patches.suse/nfsd-nfsd4_spo_must_allow-must-check-this-is-a-v4-compound-request.patch (git-fixes CVE-2025-38430 bsc#1247160). - Update patches.suse/nvme-multipath-fix-suspicious-RCU-usage-warning.patch (git-fixes CVE-2025-38397 bsc#1247163). - Update patches.suse/nvme-tcp-remove-tag-set-when-second-admin-queue-conf.patch (git-fixes CVE-2025-38209 bsc#1246022). - Update patches.suse/nvmet-fix-memory-leak-of-bio-integrity.patch (git-fixes CVE-2025-38405 bsc#1247270). - Update patches.suse/octeontx2-pf-QOS-Refactor-TC_HTB_LEAF_DEL_LAST-callb.patch (git-fixes CVE-2025-38278 bsc#1246255). - Update patches.suse/page_pool-Fix-use-after-free-in-page_pool_recycle_in.patch (git-fixes CVE-2025-38129 bsc#1245723). - Update patches.suse/perf-Fix-sample-vs-do_exit.patch (bsc#1246547 CVE-2025-38424 bsc#1247293). - Update patches.suse/perf-Revert-to-requiring-CAP_SYS_ADMIN-for-uprobes.patch (git-fixes CVE-2025-38466 bsc#1247442). - Update patches.suse/phy-qcom-qmp-usb-Fix-an-NULL-vs-IS_ERR-bug.patch (git-fixes CVE-2025-38275 bsc#1246236). - Update patches.suse/pinctrl-at91-Fix-possible-out-of-boundary-access.patch (git-fixes CVE-2025-38286 bsc#1246283). - Update patches.suse/platform-x86-amd-pmf-Use-device-managed-allocations.patch (git-fixes CVE-2025-38421 bsc#1247130). - Update patches.suse/platform-x86-dell-wmi-sysman-Fix-WMI-data-block-retr.patch (git-fixes CVE-2025-38412 bsc#1247132). - Update patches.suse/platform-x86-dell_rbu-Fix-list-usage.patch (git-fixes CVE-2025-38197 bsc#1246047). - Update patches.suse/powerpc-bpf-fix-JIT-code-size-calculation-of-bpf-tra.patch (jsc#PED-10909 git-fixes CVE-2025-38339 bsc#1246259). - Update patches.suse/powerpc-powernv-memtrace-Fix-out-of-bounds-issue-in-.patch (bsc#1244309 ltc#213790 CVE-2025-38088 bsc#1245506). - Update patches.suse/powerpc64-ftrace-fix-clobbered-r15-during-livepatchi.patch (jsc#PED-10909 git-fixes CVE-2025-38233 bsc#1246053). - Update patches.suse/ptp-remove-ptp-n_vclocks-check-logic-in-ptp_vclock_i.patch (git-fixes CVE-2025-38305 bsc#1246358). - Update patches.suse/regulator-gpio-Fix-the-out-of-bounds-access-to-drvda.patch (git-fixes CVE-2025-38395 bsc#1247171). - Update patches.suse/rose-fix-dangling-neighbour-pointers-in-rose_rt_devi.patch (git-fixes CVE-2025-38377 bsc#1247174). - Update patches.suse/rpl-Fix-use-after-free-in-rpl_do_srh_inline.patch (git-fixes CVE-2025-38476 bsc#1247317). - Update patches.suse/s390-bpf-Fix-bpf_arch_text_poke-with-new_addr-NULL-again.patch (git-fixes bsc#1246868 CVE-2025-38489 bsc#1247241). - Update patches.suse/s390-pkey-Prevent-overflow-in-size-calculation-for-memdup_.patch (git-fixes bsc#1245596 CVE-2025-38257 bsc#1246186). - Update patches.suse/sch_hfsc-make-hfsc_qlen_notify-idempotent.patch (CVE-2025-37798 bsc#1242414 CVE-2025-38177 bsc#1245986). - Update patches.suse/sched-rt-Fix-race-in-push_rt_task.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2025-38234 bsc#1246057). - Update patches.suse/scsi-lpfc-Avoid-potential-ndlp-use-after-free-in-dev.patch (bsc#1242995 CVE-2025-38289 bsc#1246287). - Update patches.suse/scsi-lpfc-Use-memcpy-for-BIOS-version.patch (bsc#1240966 CVE-2025-38332 bsc#1246375). - Update patches.suse/scsi-smartpqi-Fix-smp_processor_id-call-trace-for-preempti.patch (git-fixes CVE-2025-38288 bsc#1246286). - Update patches.suse/serial-Fix-potential-null-ptr-deref-in-mlb_usio_prob.patch (git-fixes CVE-2025-38135 bsc#1246023). - Update patches.suse/serial-jsm-fix-NPE-during-jsm_uart_port_init.patch (git-fixes CVE-2025-38265 bsc#1246244). - Update patches.suse/soc-aspeed-Add-NULL-check-in-aspeed_lpc_enable_snoop.patch (git-fixes CVE-2025-38145 bsc#1245765). - Update patches.suse/soc-aspeed-lpc-snoop-Don-t-disable-channels-that-are.patch (git-fixes CVE-2025-38487 bsc#1247238). - Update patches.suse/software-node-Correct-a-OOB-check-in-software_node_g.patch (stable-fixes CVE-2025-38342 bsc#1246453). - Update patches.suse/sunrpc-handle-SVC_GARBAGE-during-svc-auth-processing-as-auth-error.patch (git-fixes CVE-2025-38089 bsc#1245508). - Update patches.suse/thunderbolt-Do-not-double-dequeue-a-configuration-re.patch (stable-fixes CVE-2025-38174 bsc#1245781). - Update patches.suse/usb-acpi-Prevent-null-pointer-dereference-in-usb_acp.patch (git-fixes CVE-2025-38134 bsc#1245678). - Update patches.suse/usb-chipidea-udc-disconnect-reconnect-from-host-when.patch (git-fixes CVE-2025-38376 bsc#1247176). - Update patches.suse/usb-gadget-u_serial-Fix-race-condition-in-TTY-wakeup.patch (git-fixes CVE-2025-38448 bsc#1247233). - Update patches.suse/usb-net-sierra-check-for-no-status-endpoint.patch (git-fixes CVE-2025-38474 bsc#1247311). - Update patches.suse/usb-renesas_usbhs-Reorder-clock-handling-and-power-m.patch (git-fixes CVE-2025-38136 bsc#1245691). - Update patches.suse/usb-typec-altmodes-displayport-do-not-index-invalid-.patch (git-fixes CVE-2025-38391 bsc#1247181). - Update patches.suse/usb-typec-displayport-Fix-potential-deadlock.patch (git-fixes CVE-2025-38404 bsc#1247271). - Update patches.suse/usb-typec-tcpm-move-tcpm_queue_vdm_unlocked-to-async.patch (git-fixes CVE-2025-38268 bsc#1246385). - Update patches.suse/vgacon-Add-check-for-vc_origin-address-range-in-vgac.patch (git-fixes CVE-2025-38213 bsc#1246037). - Update patches.suse/video-screen_info-Update-framebuffers-behind-PCI-bri.patch (bsc#1240696 CVE-2025-38427 bsc#1247152). - Update patches.suse/virtio-net-ensure-the-received-length-does-not-excee.patch (git-fixes CVE-2025-38375 bsc#1247177). - Update patches.suse/virtio-net-xsk-rx-fix-the-frame-s-length-check.patch (git-fixes CVE-2025-38413 bsc#1247131). - Update patches.suse/vsock-Fix-transport_-TOCTOU.patch (git-fixes CVE-2025-38461 bsc#1247103). - Update patches.suse/vsock-Fix-transport_-g2h-h2g-TOCTOU.patch (git-fixes CVE-2025-38462 bsc#1247104). - Update patches.suse/vsock-vmci-Clear-the-vmci-transport-packet-properly-.patch (git-fixes CVE-2025-38403 bsc#1247141). - Update patches.suse/wifi-ath11k-fix-node-corruption-in-ar-arvifs-list.patch (git-fixes CVE-2025-38293 bsc#1246292). - Update patches.suse/wifi-ath12k-Fix-buffer-overflow-in-debugfs.patch (git-fixes CVE-2025-38317 bsc#1246443). - Update patches.suse/wifi-ath12k-Prevent-sending-WMI-commands-to-firmware.patch (bsc#1240998 CVE-2025-38291 bsc#1246297). - Update patches.suse/wifi-ath12k-fix-GCC_GCC_PCIE_HOT_RST-definition-for-.patch (git-fixes CVE-2025-38414 bsc#1247145). - Update patches.suse/wifi-ath12k-fix-invalid-access-to-memory.patch (git-fixes CVE-2025-38292 bsc#1246295). - Update patches.suse/wifi-ath12k-fix-node-corruption-in-ar-arvifs-list.patch (git-fixes CVE-2025-38290 bsc#1246293). - Update patches.suse/wifi-ath6kl-remove-WARN-on-bad-firmware-input.patch (stable-fixes CVE-2025-38406 bsc#1247210). - Update patches.suse/wifi-ath9k_htc-Abort-software-beacon-handling-if-dis.patch (git-fixes CVE-2025-38157 bsc#1245747). - Update patches.suse/wifi-carl9170-do-not-ping-device-which-has-failed-to.patch (git-fixes CVE-2025-38420 bsc#1247279). - Update patches.suse/wifi-iwlwifi-don-t-warn-when-if-there-is-a-FW-error.patch (stable-fixes CVE-2025-38096 bsc#1245657). - Update patches.suse/wifi-mt76-mt7915-Fix-null-ptr-deref-in-mt7915_mmio_w.patch (git-fixes CVE-2025-38155 bsc#1245748). - Update patches.suse/wifi-mt76-mt7925-prevent-NULL-pointer-dereference-in.patch (git-fixes CVE-2025-38450 bsc#1247376). - Update patches.suse/wifi-mt76-mt7996-Fix-null-ptr-deref-in-mt7996_mmio_w.patch (git-fixes CVE-2025-38156 bsc#1246034). - Update patches.suse/wifi-mt76-mt7996-drop-fragments-with-multicast-or-br.patch (stable-fixes CVE-2025-38343 bsc#1246438). - Update patches.suse/wifi-p54-prevent-buffer-overflow-in-p54_rx_eeprom_re.patch (git-fixes CVE-2025-38348 bsc#1246262). - Update patches.suse/wifi-rtw88-fix-the-para-buffer-size-to-avoid-reading.patch (git-fixes CVE-2025-38159 bsc#1245751). - commit 8064d69 - ipv6: annotate data-races around rt->fib6_nsiblings (git-fixes). - commit 4b09993 - ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). - commit b0133f0 - ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). - commit a1d8794 - net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). - commit 21bb04b - spi: cs42l43: Property entry should be a null-terminated array (bsc#1246979). - commit 2043cd1 - Move upstreamed sched, SCSI and ACPI patches into sorted section - commit 836e139 - selftests/bpf: Fix selection of static vs. dynamic LLVM Bring git fixes for commit 4ed92da84b67 ("selftests/bpf: Support dynamically linking LLVM if static is not available") - commit 7a43a26 - media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes). - commit 1e731e7 - maple_tree: fix status setup on restore to active (git-fixes). - mtd: rawnand: atmel: set pmecc data setup time (git-fixes). - mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). - mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). - mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). - mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). - mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). - mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). - mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER (git-fixes). - mtd: fix possible integer overflow in erase_xfer() (git-fixes). - clk: qcom: gcc-ipq8074: fix broken freq table for nss_port6_tx_clk_src (git-fixes). - clk: imx95-blk-ctl: Fix synchronous abort (git-fixes). - clk: at91: sam9x7: update pll clk ranges (git-fixes). - clk: thead: th1520-ap: Correctly refer the parent of osc_12m (git-fixes). - clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). - clk: samsung: exynos850: fix a comment (git-fixes). - clk: samsung: gs101: fix alternate mout_hsi0_usb20_ref parent clock (git-fixes). - clk: samsung: gs101: fix CLK_DOUT_CMU_G3D_BUSD (git-fixes). - clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks (git-fixes). - clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). - clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes). - clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). - hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). - pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). - media: v4l2: Add support for NV12M tiled variants to v4l2_format_info() (git-fixes). - media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). - media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). - media: ti: j721e-csi2rx: fix list_del corruption (git-fixes). - media: hi556: correct the test pattern configuration (git-fixes). - media: ipu6: isys: Use correct pads for xlate_streams() (git-fixes). - media: vivid: fix wrong pixel_array control size (git-fixes). - media: qcom: camss: cleanup media device allocated resource on error path (git-fixes). - media: venus: Fix MSM8998 frequency table (git-fixes). - media: venus: hfi: explicitly release IRQ during teardown (git-fixes). - media: venus: Fix OOB read due to missing payload bound check (git-fixes). - media: venus: Add a check for packet size after reading from shared memory (git-fixes). - media: venus: protect against spurious interrupts during probe (git-fixes). - media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes). - media: pisp_be: Fix pm_runtime underrun in probe (git-fixes). - media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls (git-fixes). - media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() (git-fixes). - media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval (git-fixes). - media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). - media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). - media: verisilicon: Fix AV1 decoder clock frequency (git-fixes). - media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes). - media: gspca: Add bounds checking to firmware parser (git-fixes). - media: usbtv: Lock resolution while streaming (git-fixes). - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes). - Revert "leds: trigger: netdev: Configure LED blink interval for HW offload" (git-fixes). - leds: flash: leds-qcom-flash: Fix registry access after re-bind (git-fixes). - mfd: cros_ec: Separate charge-control probing from USB-PD (git-fixes). - crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). - crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). - crypto: qat - flush misc workqueue during device shutdown (git-fixes). - crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). - crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). - crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). - hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). - crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). - crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). - crypto: ccp - Fix locking on alloc failure handling (git-fixes). - crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP (git-fixes). - crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). - crypto: qat - fix state restore for banks with exceptions (git-fixes). - crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). - crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). - crypto: qat - use unmanaged allocation for dc_data (git-fixes). - crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). - commit ae512ba - RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) - commit e78882a - x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes). - commit 3ccca36 - x86/cacheinfo: Properly parse CPUID(0x80000006) L2/L3 associativity (git-fixes). - commit a5b12b1 - RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) - commit 5241bbd - x86/cacheinfo: Properly parse CPUID(0x80000005) L1d/L1i associativity (git-fixes). - commit 530f80b - x86/cpu: Sanitize CPUID(0x80000000) output (git-fixes). - commit 8c1593e - RDMA/hns: Fix -Wframe-larger-than issue (git-fixes) - commit 160aaf0 - RDMA/hns: Drop GFP_NOWARN (git-fixes) - commit 3983b2d - RDMA/hns: Fix accessing uninitialized resources (git-fixes) - commit 020f808 - RDMA/hns: Get message length of ack_req from FW (git-fixes) - commit ed23840 - RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes) - commit 17d9c9c - RDMA/hns: Fix double destruction of rsv_qp (git-fixes) - commit 127df58 - Fix dma_unmap_sg() nents value (git-fixes) - commit 72c9bb9 - RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) - commit e32f637 - RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) - commit 066fc2e - RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) - commit 876344b - RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes) - commit 84b0982 - RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) - commit 5d5e159 - RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) - commit 1d83d68 - RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) - commit 880cd69 - RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) - commit 1e737a4 ++++ kernel-rt: - iommu/arm-smmu-qcom: Add SM6115 MDSS compatible (git-fixes). - commit 86d87fb - iommu/amd: Fix geometry.aperture_end for V2 tables (git-fixes). - commit 9fabb61 - cgroup: Add compatibility option for content of /proc/cgroups (jsc#PED-12405). - cgroup: Print message when /proc/cgroups is read on v2-only system (jsc#PED-12405). - commit 764f23b - Update patches.suse/ACPI-CPPC-Fix-NULL-pointer-dereference-when-nosmp-is.patch (git-fixes CVE-2025-38113 bsc#1245683). - Update patches.suse/ACPICA-Refuse-to-evaluate-a-method-if-arguments-are-.patch (stable-fixes CVE-2025-38386 bsc#1247138). - Update patches.suse/ACPICA-fix-acpi-operand-cache-leak-in-dswstate.c.patch (stable-fixes CVE-2025-38345 bsc#1246337). - Update patches.suse/ACPICA-fix-acpi-parse-and-parseext-cache-leaks.patch (stable-fixes CVE-2025-38344 bsc#1246334). - Update patches.suse/ALSA-ad1816a-Fix-potential-NULL-pointer-deref-in-snd.patch (git-fixes CVE-2025-38454 bsc#1247426). - Update patches.suse/ALSA-usb-audio-Fix-out-of-bounds-read-in-snd_usb_get.patch (git-fixes CVE-2025-38249 bsc#1246171). - Update patches.suse/ASoC-Intel-avs-Verify-content-returned-by-parse_int_.patch (git-fixes CVE-2025-38307 bsc#1246364). - Update patches.suse/ASoC-SOF-Intel-hda-Use-devm_kstrdup-to-avoid-memleak.patch (stable-fixes CVE-2025-38438 bsc#1247157). - Update patches.suse/ASoC-codecs-wcd9335-Fix-missing-free-of-regulator-su.patch (git-fixes CVE-2025-38259 bsc#1246220). - Update patches.suse/ASoC-mediatek-mt8195-Set-ETDM1-2-IN-OUT-to-COMP_DUMM.patch (git-fixes CVE-2025-38299 bsc#1246290). - Update patches.suse/Bluetooth-Disable-SCO-support-if-READ_VOICE_SETTING-.patch (stable-fixes CVE-2025-38099 bsc#1245671). - Update patches.suse/Bluetooth-Fix-NULL-pointer-deference-on-eir_get_serv.patch (git-fixes CVE-2025-38304 bsc#1246240). - Update patches.suse/Bluetooth-Fix-null-ptr-deref-in-l2cap_sock_resume_cb.patch (git-fixes CVE-2025-38473 bsc#1247289). - Update patches.suse/Bluetooth-MGMT-Fix-UAF-on-mgmt_remove_adv_monitor_co.patch (git-fixes CVE-2025-38118 bsc#1245670). - Update patches.suse/Bluetooth-MGMT-reject-malformed-HCI_CMD_SYNC-command.patch (git-fixes CVE-2025-38128 bsc#1245703). - Update patches.suse/Bluetooth-btintel-Check-dsbr-size-from-EFI-variable.patch (git-fixes CVE-2025-38315 bsc#1246333). - Update patches.suse/Bluetooth-eir-Fix-possible-crashes-on-eir_create_adv.patch (git-fixes CVE-2025-38303 bsc#1246354). - Update patches.suse/HID-core-do-not-bypass-hid_hw_raw_request.patch (stable-fixes CVE-2025-38494 bsc#1247349). - Update patches.suse/HID-core-ensure-the-allocated-report-buffer-can-cont.patch (stable-fixes CVE-2025-38495 bsc#1247348). - Update patches.suse/HID-wacom-fix-crash-in-wacom_aes_battery_handler.patch (git-fixes CVE-2025-38253 bsc#1246192). - Update patches.suse/IB-cm-Drop-lockdep-assert-and-WARN-when-freeing-old-.patch (git-fixes CVE-2025-38287 bsc#1246285). - Update patches.suse/IB-mlx5-Fix-potential-deadlock-in-MR-deregistration.patch (git-fixes CVE-2025-38373 bsc#1247033). - Update patches.suse/Input-cs40l50-vibra-fix-potential-NULL-dereference-i.patch (git-fixes CVE-2025-38381 bsc#1247027). - Update patches.suse/Input-gpio-keys-fix-a-sleep-while-atomic-with-PREEMP.patch (git-fixes CVE-2025-38335 bsc#1246250). - Update patches.suse/Input-ims-pcu-check-record-size-in-ims_pcu_flash_fir.patch (git-fixes CVE-2025-38428 bsc#1247150). - Update patches.suse/KVM-SVM-Reject-SEV-ES-intra-host-migration-if-vCPU-c.patch (git-fixes CVE-2025-38455 bsc#1247101). - Update patches.suse/NFC-nci-uart-Set-tty-disc_data-only-in-success-path.patch (git-fixes CVE-2025-38416 bsc#1247151). - Update patches.suse/NFSD-fix-race-between-nfsd-registration-and-exports_proc.patch (git-fixes CVE-2025-38232 bsc#1246054). - Update patches.suse/NFSv4-pNFS-Fix-a-race-to-wake-on-NFS_LAYOUT_DRAIN.patch (git-fixes CVE-2025-38393 bsc#1247170). - Update patches.suse/PCI-pwrctrl-Cancel-outstanding-rescan-work-when-unre.patch (git-fixes CVE-2025-38137 bsc#1245721). - Update patches.suse/RDMA-cma-Fix-hang-when-cma_netevent_callback-fails-t.patch (git-fixes CVE-2025-38151 bsc#1245745). - Update patches.suse/RDMA-iwcm-Fix-use-after-free-of-work-objects-after-c.patch (git-fixes CVE-2025-38211 bsc#1246008). - Update patches.suse/RDMA-mlx5-Fix-error-flow-upon-firmware-failure-for-R.patch (git-fixes CVE-2025-38161 bsc#1245777). - Update patches.suse/RDMA-mlx5-Fix-unsafe-xarray-access-in-implicit-ODP-h.patch (git-fixes CVE-2025-38372 bsc#1247020). - Update patches.suse/RDMA-mlx5-Initialize-obj_event-obj_sub_list-before-x.patch (git-fixes CVE-2025-38387 bsc#1247154). - Update patches.suse/Squashfs-check-return-result-of-sb_min_blocksize.patch (git-fixes CVE-2025-38415 bsc#1247147). - Update patches.suse/VMCI-fix-race-between-vmci_host_setup_notify-and-vmc.patch (git-fixes CVE-2025-38102 bsc#1245669). - Update patches.suse/aoe-clean-device-rq_list-in-aoedev_downdev.patch (git-fixes CVE-2025-38326 bsc#1246490). - Update patches.suse/arm64-fpsimd-Avoid-clobbering-kernel-FPSIMD-state-with-SMS.patch (git-fixes CVE-2025-38169 bsc#1245784). - Update patches.suse/arm64-fpsimd-Discard-stale-CPU-state-when-handling-SME-tra.patch (git-fixes CVE-2025-38170 bsc#1245785). - Update patches.suse/ata-pata_via-Force-PIO-for-ATAPI-devices-on-VT6415-V.patch (stable-fixes CVE-2025-38336 bsc#1246370). - Update patches.suse/backlight-pm8941-Add-NULL-check-in-wled_configure.patch (git-fixes CVE-2025-38143 bsc#1245714). - Update patches.suse/block-don-t-use-submit_bio_noacct_nocheck-in-blk_zone_wplu.patch (git-fixes CVE-2025-38302 bsc#1246353). - Update patches.suse/bnxt-properly-flush-XDP-redirect-lists.patch (git-fixes CVE-2025-38246 bsc#1246195). - Update patches.suse/bnxt_en-Fix-double-invocation-of-bnxt_ulp_stop-bnxt_.patch (git-fixes CVE-2025-38186 bsc#1245955). - Update patches.suse/bpf-sockmap-Fix-panic-when-calling-skb_linearize.patch (bsc#1245749 CVE-2025-38154 CVE-2025-38165 bsc#1245757). - Update patches.suse/bus-fsl-mc-fix-double-free-on-mc_dev.patch (git-fixes CVE-2025-38313 bsc#1246342). - Update patches.suse/bus-mhi-ep-Update-read-pointer-only-after-buffer-is-.patch (git-fixes CVE-2025-38429 bsc#1247253). - Update patches.suse/calipso-Fix-null-ptr-deref-in-calipso_req_-set-del-a.patch (git-fixes CVE-2025-38181 bsc#1246000). - Update patches.suse/can-kvaser_pciefd-refine-error-prone-echo_skb_max-ha.patch (git-fixes CVE-2025-38224 bsc#1246166). - Update patches.suse/clk-imx-Fix-an-out-of-bounds-access-in-dispmix_csr_c.patch (git-fixes CVE-2025-38446 bsc#1247231). - Update patches.suse/comedi-Fail-COMEDI_INSNLIST-ioctl-if-n_insns-is-too-.patch (git-fixes CVE-2025-38481 bsc#1247276). - Update patches.suse/comedi-Fix-initialization-of-data-for-instructions-t.patch (git-fixes CVE-2025-38478 bsc#1247273). - Update patches.suse/comedi-Fix-use-of-uninitialized-data-in-insn_rw_emul.patch (git-fixes CVE-2025-38480 bsc#1247274). - Update patches.suse/comedi-das16m1-Fix-bit-shift-out-of-bounds.patch (git-fixes CVE-2025-38483 bsc#1247278). - Update patches.suse/comedi-das6402-Fix-bit-shift-out-of-bounds.patch (git-fixes CVE-2025-38482 bsc#1247277). - Update patches.suse/crypto-marvell-cesa-Handle-zero-length-skcipher-requ.patch (git-fixes CVE-2025-38173 bsc#1245769). - Update patches.suse/crypto-sun8i-ce-cipher-fix-error-handling-in-sun8i_c.patch (git-fixes CVE-2025-38300 bsc#1246349). - Update patches.suse/dm-bufio-fix-sched-in-atomic-context.patch (git-fixes CVE-2025-38496 bsc#1247284). - Update patches.suse/dm-fix-dm_blk_report_zones.patch (CVE-2025-38140 bsc#1245717 CVE-2025-38141 bsc#1245715). - Update patches.suse/dma-buf-insert-memory-barrier-before-updating-num_fe.patch (git-fixes CVE-2025-38095 bsc#1245658). - Update patches.suse/dmaengine-idxd-Check-availability-of-workqueue-alloc.patch (stable-fixes CVE-2025-38369 bsc#1247209). - Update patches.suse/dmaengine-ti-Add-NULL-check-in-udma_probe.patch (git-fixes CVE-2025-38138 bsc#1245719). - Update patches.suse/drivers-rapidio-rio_cm.c-prevent-possible-heap-overw.patch (stable-fixes CVE-2025-38090 bsc#1245510). - Update patches.suse/drm-amd-display-Add-null-pointer-check-for-get_first.patch (git-fixes CVE-2025-38362 bsc#1247089). - Update patches.suse/drm-amd-display-Check-dce_hwseq-before-dereferencing.patch (stable-fixes CVE-2025-38361 bsc#1247079). - Update patches.suse/drm-amd-display-Don-t-treat-wb-connector-as-physical.patch (stable-fixes CVE-2025-38098 bsc#1245654). - Update patches.suse/drm-amd-display-check-stream-id-dml21-wrapper-to-get.patch (stable-fixes CVE-2025-38091 bsc#1245621). - Update patches.suse/drm-amd-pp-Fix-potential-NULL-pointer-dereference-in.patch (git-fixes CVE-2025-38319 bsc#1246243). - Update patches.suse/drm-exynos-exynos7_drm_decon-add-vblank-check-in-IRQ.patch (git-fixes CVE-2025-38467 bsc#1247146). - Update patches.suse/drm-gem-Acquire-references-on-GEM-handles-for-frameb.patch (stable-fixes CVE-2025-38449 bsc#1247255). - Update patches.suse/drm-i915-gt-Fix-timeline-left-held-on-VMA-alloc-erro.patch (git-fixes CVE-2025-38389 bsc#1247153). - Update patches.suse/drm-msm-Fix-a-fence-leak-in-submit-error-path.patch (stable-fixes CVE-2025-38410 bsc#1247128). - Update patches.suse/drm-msm-Fix-another-leak-in-the-submit-error-path.patch (stable-fixes CVE-2025-38409 bsc#1247285). - Update patches.suse/drm-msm-a7xx-Call-CP_RESET_CONTEXT_STATE.patch (git-fixes CVE-2025-38188 bsc#1246098). - Update patches.suse/drm-msm-gpu-Fix-crash-when-throttling-GPU-immediatel.patch (git-fixes CVE-2025-38354 bsc#1247061). - Update patches.suse/drm-scheduler-signal-scheduled-fence-when-kill-job.patch (stable-fixes CVE-2025-38436 bsc#1247227). - Update patches.suse/drm-tegra-Fix-a-possible-null-pointer-dereference.patch (git-fixes CVE-2025-38363 bsc#1247018). - Update patches.suse/drm-v3d-Avoid-NULL-pointer-dereference-in-v3d_job_up.patch (stable-fixes CVE-2025-38189 bsc#1245812). - Update patches.suse/drm-v3d-Disable-interrupts-before-resetting-the-GPU.patch (git-fixes CVE-2025-38371 bsc#1247178). - Update patches.suse/drm-xe-Fix-taking-invalid-lock-on-wedge.patch (stable-fixes CVE-2025-38353 bsc#1247265). - Update patches.suse/drm-xe-Process-deferred-GGTT-node-removals-on-device.patch (git-fixes CVE-2025-38355 bsc#1247062). - Update patches.suse/drm-xe-guc-Explicitly-exit-CT-safe-mode-on-unwind.patch (git-fixes CVE-2025-38356 bsc#1247064). - Update patches.suse/e1000-Move-cancel_work_sync-to-avoid-deadlock.patch (git-fixes CVE-2025-38114 bsc#1245686). - Update patches.suse/erofs-avoid-using-multiple-devices-with-different-type.patch (git-fixes CVE-2025-38172 bsc#1245787). - Update patches.suse/fbcon-Make-sure-modelist-not-set-on-unregistered-con.patch (stable-fixes CVE-2025-38198 bsc#1245952). - Update patches.suse/fbdev-Fix-do_register_framebuffer-to-prevent-null-pt.patch (git-fixes CVE-2025-38215 bsc#1246109). - Update patches.suse/fbdev-Fix-fb_set_var-to-prevent-null-ptr-deref-in-fb.patch (git-fixes CVE-2025-38214 bsc#1246042). - Update patches.suse/fbdev-core-fbcvt-avoid-division-by-0-in-fb_cvt_hperi.patch (git-fixes CVE-2025-38312 bsc#1246386). - Update patches.suse/firmware-arm_ffa-Fix-memory-leak-by-freeing-notifier.patch (git-fixes CVE-2025-38390 bsc#1247088). - Update patches.suse/fpga-fix-potential-null-pointer-deref-in-fpga_mgr_te.patch (git-fixes CVE-2025-38274 bsc#1246234). - Update patches.suse/fs-nfs-read-fix-double-unlock-bug-in-nfs_return_empty_folio.patch (git-fixes CVE-2025-38338 bsc#1246258). - Update patches.suse/gve-add-missing-NULL-check-for-gve_alloc_pending_pac.patch (git-fixes CVE-2025-38122 bsc#1245746). - Update patches.suse/hwmon-asus-ec-sensors-check-sensor-index-in-read_str.patch (git-fixes CVE-2025-38142 bsc#1245713). - Update patches.suse/hwmon-ftsteutates-Fix-TOCTOU-race-in-fts_read.patch (git-fixes CVE-2025-38217 bsc#1246002). - Update patches.suse/i2c-designware-Fix-an-initialization-issue.patch (git-fixes CVE-2025-38380 bsc#1247028). - Update patches.suse/i2c-tegra-check-msg-length-in-SMBUS-block-read.patch (bsc#1242086 CVE-2025-38425 bsc#1247251). - Update patches.suse/ice-fix-Tx-scheduler-error-handling-in-XDP-callback.patch (git-fixes CVE-2025-38127 bsc#1245705). - Update patches.suse/ice-fix-eswitch-code-memory-leak-in-reset-scenario.patch (git-fixes CVE-2025-38417 bsc#1247282). - Update patches.suse/iio-accel-fxls8962af-Fix-use-after-free-in-fxls8962a.patch (git-fixes CVE-2025-38485 bsc#1247236). - Update patches.suse/iio-backend-fix-out-of-bound-write.patch (git-fixes CVE-2025-38484 bsc#1247235). - Update patches.suse/maple_tree-fix-MA_STATE_PREALLOC-flag-in-mas_preallo.patch (git-fixes CVE-2025-38364 bsc#1247091). - Update patches.suse/media-cxusb-no-longer-judge-rbuf-when-the-write-fail.patch (git-fixes CVE-2025-38229 bsc#1246049). - Update patches.suse/media-imagination-fix-a-potential-memory-leak-in-e50.patch (git-fixes CVE-2025-38228 bsc#1245814). - Update patches.suse/media-imx-jpeg-Cleanup-after-an-allocation-error.patch (git-fixes CVE-2025-38225 bsc#1246041). - Update patches.suse/media-vidtv-Terminating-the-subsequent-process-of-in.patch (git-fixes CVE-2025-38227 bsc#1246031). - Update patches.suse/media-vivid-Change-the-siize-of-the-composing.patch (git-fixes CVE-2025-38226 bsc#1246050). - Update patches.suse/misc-tps6594-pfsm-Add-NULL-pointer-check-in-tps6594_.patch (stable-fixes CVE-2025-38368 bsc#1247022). - Update patches.suse/mtd-nand-ecc-mxic-Fix-use-of-uninitialized-variable-.patch (git-fixes CVE-2025-38277 bsc#1246246). - Update patches.suse/mtd-spinand-fix-memory-leak-of-ECC-engine-conf.patch (stable-fixes CVE-2025-38384 bsc#1247035). - Update patches.suse/mtk-sd-Prevent-memory-corruption-from-DMA-map-failur.patch (git-fixes CVE-2025-38401 bsc#1247125). - Update patches.suse/nbd-fix-uaf-in-nbd_genl_connect-error-path.patch (git-fixes CVE-2025-38443 bsc#1247164). - Update patches.suse/net-Fix-TOCTOU-issue-in-sk_is_readable.patch (git-fixes CVE-2025-38112 bsc#1245668). - Update patches.suse/net-fix-udp-gso-skb_segment-after-pull-from-frag_lis.patch (git-fixes CVE-2025-38124 bsc#1245690). - Update patches.suse/net-mdiobus-Fix-potential-out-of-bounds-clause-45-re.patch (git-fixes CVE-2025-38110 bsc#1245665). - Update patches.suse/net-mdiobus-Fix-potential-out-of-bounds-read-write-a.patch (git-fixes CVE-2025-38111 bsc#1245666). - Update patches.suse/net-mlx5-Fix-ECVF-vports-unload-on-shutdown-flow.patch (git-fixes CVE-2025-38109 bsc#1245684). - Update patches.suse/net-phy-clear-phydev-devlink-when-the-link-is-delete.patch (git-fixes CVE-2025-38149 bsc#1245737). - Update patches.suse/net-phy-mscc-Fix-memory-leak-when-using-one-step-tim.patch (git-fixes CVE-2025-38148 bsc#1245735). - Update patches.suse/net-sched-Return-NULL-when-htb_lookup_leaf-encounter.patch (git-fixes CVE-2025-38468 bsc#1247437). - Update patches.suse/net-sched-fix-use-after-free-in-taprio_dev_notifier.patch (git-fixes CVE-2025-38087 bsc#1245504). - Update patches.suse/net-sched-sch_qfq-Fix-race-condition-on-qfq_aggregat.patch (git-fixes CVE-2025-38477 bsc#1247314). - Update patches.suse/net-tipc-fix-refcount-warning-in-tipc_aead_encrypt.patch (CVE-2025-38052 bsc#1244749 CVE-2025-38273 bsc#1246266). - Update patches.suse/net-usb-aqc111-fix-error-handling-of-usbnet-read-cal.patch (git-fixes CVE-2025-38153 bsc#1245744). - Update patches.suse/net-usb-lan78xx-fix-WARN-in-__netif_napi_del_locked-.patch (git-fixes CVE-2025-38385 bsc#1247149). - Update patches.suse/net-wwan-t7xx-Fix-napi-rx-poll-issue.patch (git-fixes CVE-2025-38123 bsc#1245688). - Update patches.suse/net_sched-ets-fix-a-race-in-ets_qdisc_change.patch (git-fixes CVE-2025-38107 bsc#1245676). - Update patches.suse/net_sched-red-fix-a-race-in-__red_change.patch (git-fixes CVE-2025-38108 bsc#1245675). - Update patches.suse/net_sched-sch_sfq-reject-invalid-perturb-period.patch (git-fixes CVE-2025-38193 bsc#1245945). - Update patches.suse/netfilter-nf_set_pipapo_avx2-fix-initial-map-fill.patch (git-fixes CVE-2025-38120 bsc#1245711). - Update patches.suse/nfs-Clean-up-proc-net-rpc-nfs-when-nfs_fs_proc_net_init-fails.patch (git-fixes CVE-2025-38400 bsc#1247123). - Update patches.suse/nfsd-Initialize-ssc-before-laundromat_work-to-prevent-NULL-dereference.patch (git-fixes CVE-2025-38231 bsc#1246055). - Update patches.suse/nfsd-nfsd4_spo_must_allow-must-check-this-is-a-v4-compound-request.patch (git-fixes CVE-2025-38430 bsc#1247160). - Update patches.suse/nvme-multipath-fix-suspicious-RCU-usage-warning.patch (git-fixes CVE-2025-38397 bsc#1247163). - Update patches.suse/nvme-tcp-remove-tag-set-when-second-admin-queue-conf.patch (git-fixes CVE-2025-38209 bsc#1246022). - Update patches.suse/nvmet-fix-memory-leak-of-bio-integrity.patch (git-fixes CVE-2025-38405 bsc#1247270). - Update patches.suse/octeontx2-pf-QOS-Refactor-TC_HTB_LEAF_DEL_LAST-callb.patch (git-fixes CVE-2025-38278 bsc#1246255). - Update patches.suse/page_pool-Fix-use-after-free-in-page_pool_recycle_in.patch (git-fixes CVE-2025-38129 bsc#1245723). - Update patches.suse/perf-Fix-sample-vs-do_exit.patch (bsc#1246547 CVE-2025-38424 bsc#1247293). - Update patches.suse/perf-Revert-to-requiring-CAP_SYS_ADMIN-for-uprobes.patch (git-fixes CVE-2025-38466 bsc#1247442). - Update patches.suse/phy-qcom-qmp-usb-Fix-an-NULL-vs-IS_ERR-bug.patch (git-fixes CVE-2025-38275 bsc#1246236). - Update patches.suse/pinctrl-at91-Fix-possible-out-of-boundary-access.patch (git-fixes CVE-2025-38286 bsc#1246283). - Update patches.suse/platform-x86-amd-pmf-Use-device-managed-allocations.patch (git-fixes CVE-2025-38421 bsc#1247130). - Update patches.suse/platform-x86-dell-wmi-sysman-Fix-WMI-data-block-retr.patch (git-fixes CVE-2025-38412 bsc#1247132). - Update patches.suse/platform-x86-dell_rbu-Fix-list-usage.patch (git-fixes CVE-2025-38197 bsc#1246047). - Update patches.suse/powerpc-bpf-fix-JIT-code-size-calculation-of-bpf-tra.patch (jsc#PED-10909 git-fixes CVE-2025-38339 bsc#1246259). - Update patches.suse/powerpc-powernv-memtrace-Fix-out-of-bounds-issue-in-.patch (bsc#1244309 ltc#213790 CVE-2025-38088 bsc#1245506). - Update patches.suse/powerpc64-ftrace-fix-clobbered-r15-during-livepatchi.patch (jsc#PED-10909 git-fixes CVE-2025-38233 bsc#1246053). - Update patches.suse/ptp-remove-ptp-n_vclocks-check-logic-in-ptp_vclock_i.patch (git-fixes CVE-2025-38305 bsc#1246358). - Update patches.suse/regulator-gpio-Fix-the-out-of-bounds-access-to-drvda.patch (git-fixes CVE-2025-38395 bsc#1247171). - Update patches.suse/rose-fix-dangling-neighbour-pointers-in-rose_rt_devi.patch (git-fixes CVE-2025-38377 bsc#1247174). - Update patches.suse/rpl-Fix-use-after-free-in-rpl_do_srh_inline.patch (git-fixes CVE-2025-38476 bsc#1247317). - Update patches.suse/s390-bpf-Fix-bpf_arch_text_poke-with-new_addr-NULL-again.patch (git-fixes bsc#1246868 CVE-2025-38489 bsc#1247241). - Update patches.suse/s390-pkey-Prevent-overflow-in-size-calculation-for-memdup_.patch (git-fixes bsc#1245596 CVE-2025-38257 bsc#1246186). - Update patches.suse/sch_hfsc-make-hfsc_qlen_notify-idempotent.patch (CVE-2025-37798 bsc#1242414 CVE-2025-38177 bsc#1245986). - Update patches.suse/sched-rt-Fix-race-in-push_rt_task.patch (bsc#1234634 (Scheduler functional and performance backports) CVE-2025-38234 bsc#1246057). - Update patches.suse/scsi-lpfc-Avoid-potential-ndlp-use-after-free-in-dev.patch (bsc#1242995 CVE-2025-38289 bsc#1246287). - Update patches.suse/scsi-lpfc-Use-memcpy-for-BIOS-version.patch (bsc#1240966 CVE-2025-38332 bsc#1246375). - Update patches.suse/scsi-smartpqi-Fix-smp_processor_id-call-trace-for-preempti.patch (git-fixes CVE-2025-38288 bsc#1246286). - Update patches.suse/serial-Fix-potential-null-ptr-deref-in-mlb_usio_prob.patch (git-fixes CVE-2025-38135 bsc#1246023). - Update patches.suse/serial-jsm-fix-NPE-during-jsm_uart_port_init.patch (git-fixes CVE-2025-38265 bsc#1246244). - Update patches.suse/soc-aspeed-Add-NULL-check-in-aspeed_lpc_enable_snoop.patch (git-fixes CVE-2025-38145 bsc#1245765). - Update patches.suse/soc-aspeed-lpc-snoop-Don-t-disable-channels-that-are.patch (git-fixes CVE-2025-38487 bsc#1247238). - Update patches.suse/software-node-Correct-a-OOB-check-in-software_node_g.patch (stable-fixes CVE-2025-38342 bsc#1246453). - Update patches.suse/sunrpc-handle-SVC_GARBAGE-during-svc-auth-processing-as-auth-error.patch (git-fixes CVE-2025-38089 bsc#1245508). - Update patches.suse/thunderbolt-Do-not-double-dequeue-a-configuration-re.patch (stable-fixes CVE-2025-38174 bsc#1245781). - Update patches.suse/usb-acpi-Prevent-null-pointer-dereference-in-usb_acp.patch (git-fixes CVE-2025-38134 bsc#1245678). - Update patches.suse/usb-chipidea-udc-disconnect-reconnect-from-host-when.patch (git-fixes CVE-2025-38376 bsc#1247176). - Update patches.suse/usb-gadget-u_serial-Fix-race-condition-in-TTY-wakeup.patch (git-fixes CVE-2025-38448 bsc#1247233). - Update patches.suse/usb-net-sierra-check-for-no-status-endpoint.patch (git-fixes CVE-2025-38474 bsc#1247311). - Update patches.suse/usb-renesas_usbhs-Reorder-clock-handling-and-power-m.patch (git-fixes CVE-2025-38136 bsc#1245691). - Update patches.suse/usb-typec-altmodes-displayport-do-not-index-invalid-.patch (git-fixes CVE-2025-38391 bsc#1247181). - Update patches.suse/usb-typec-displayport-Fix-potential-deadlock.patch (git-fixes CVE-2025-38404 bsc#1247271). - Update patches.suse/usb-typec-tcpm-move-tcpm_queue_vdm_unlocked-to-async.patch (git-fixes CVE-2025-38268 bsc#1246385). - Update patches.suse/vgacon-Add-check-for-vc_origin-address-range-in-vgac.patch (git-fixes CVE-2025-38213 bsc#1246037). - Update patches.suse/video-screen_info-Update-framebuffers-behind-PCI-bri.patch (bsc#1240696 CVE-2025-38427 bsc#1247152). - Update patches.suse/virtio-net-ensure-the-received-length-does-not-excee.patch (git-fixes CVE-2025-38375 bsc#1247177). - Update patches.suse/virtio-net-xsk-rx-fix-the-frame-s-length-check.patch (git-fixes CVE-2025-38413 bsc#1247131). - Update patches.suse/vsock-Fix-transport_-TOCTOU.patch (git-fixes CVE-2025-38461 bsc#1247103). - Update patches.suse/vsock-Fix-transport_-g2h-h2g-TOCTOU.patch (git-fixes CVE-2025-38462 bsc#1247104). - Update patches.suse/vsock-vmci-Clear-the-vmci-transport-packet-properly-.patch (git-fixes CVE-2025-38403 bsc#1247141). - Update patches.suse/wifi-ath11k-fix-node-corruption-in-ar-arvifs-list.patch (git-fixes CVE-2025-38293 bsc#1246292). - Update patches.suse/wifi-ath12k-Fix-buffer-overflow-in-debugfs.patch (git-fixes CVE-2025-38317 bsc#1246443). - Update patches.suse/wifi-ath12k-Prevent-sending-WMI-commands-to-firmware.patch (bsc#1240998 CVE-2025-38291 bsc#1246297). - Update patches.suse/wifi-ath12k-fix-GCC_GCC_PCIE_HOT_RST-definition-for-.patch (git-fixes CVE-2025-38414 bsc#1247145). - Update patches.suse/wifi-ath12k-fix-invalid-access-to-memory.patch (git-fixes CVE-2025-38292 bsc#1246295). - Update patches.suse/wifi-ath12k-fix-node-corruption-in-ar-arvifs-list.patch (git-fixes CVE-2025-38290 bsc#1246293). - Update patches.suse/wifi-ath6kl-remove-WARN-on-bad-firmware-input.patch (stable-fixes CVE-2025-38406 bsc#1247210). - Update patches.suse/wifi-ath9k_htc-Abort-software-beacon-handling-if-dis.patch (git-fixes CVE-2025-38157 bsc#1245747). - Update patches.suse/wifi-carl9170-do-not-ping-device-which-has-failed-to.patch (git-fixes CVE-2025-38420 bsc#1247279). - Update patches.suse/wifi-iwlwifi-don-t-warn-when-if-there-is-a-FW-error.patch (stable-fixes CVE-2025-38096 bsc#1245657). - Update patches.suse/wifi-mt76-mt7915-Fix-null-ptr-deref-in-mt7915_mmio_w.patch (git-fixes CVE-2025-38155 bsc#1245748). - Update patches.suse/wifi-mt76-mt7925-prevent-NULL-pointer-dereference-in.patch (git-fixes CVE-2025-38450 bsc#1247376). - Update patches.suse/wifi-mt76-mt7996-Fix-null-ptr-deref-in-mt7996_mmio_w.patch (git-fixes CVE-2025-38156 bsc#1246034). - Update patches.suse/wifi-mt76-mt7996-drop-fragments-with-multicast-or-br.patch (stable-fixes CVE-2025-38343 bsc#1246438). - Update patches.suse/wifi-p54-prevent-buffer-overflow-in-p54_rx_eeprom_re.patch (git-fixes CVE-2025-38348 bsc#1246262). - Update patches.suse/wifi-rtw88-fix-the-para-buffer-size-to-avoid-reading.patch (git-fixes CVE-2025-38159 bsc#1245751). - commit 8064d69 - ipv6: annotate data-races around rt->fib6_nsiblings (git-fixes). - commit 4b09993 - ipv6: fix possible infinite loop in fib6_info_uses_dev() (git-fixes). - commit b0133f0 - ipv6: prevent infinite loop in rt6_nlmsg_size() (git-fixes). - commit a1d8794 - net/sched: Restrict conditions for adding duplicating netems to qdisc tree (git-fixes). - commit 21bb04b - spi: cs42l43: Property entry should be a null-terminated array (bsc#1246979). - commit 2043cd1 - Move upstreamed sched, SCSI and ACPI patches into sorted section - commit 836e139 - selftests/bpf: Fix selection of static vs. dynamic LLVM Bring git fixes for commit 4ed92da84b67 ("selftests/bpf: Support dynamically linking LLVM if static is not available") - commit 7a43a26 - media: venus: vdec: Clamp param smaller than 1fps and bigger than 240 (git-fixes). - commit 1e731e7 - maple_tree: fix status setup on restore to active (git-fixes). - mtd: rawnand: atmel: set pmecc data setup time (git-fixes). - mtd: spinand: propagate spinand_wait() errors from spinand_write_page() (git-fixes). - mtd: rawnand: fsmc: Add missing check after DMA map (git-fixes). - mtd: rawnand: rockchip: Add missing check after DMA map (git-fixes). - mtd: rawnand: atmel: Fix dma_mapping_error() address (git-fixes). - mtd: rawnand: renesas: Add missing check after DMA map (git-fixes). - mtd: spi-nor: Fix spi_nor_try_unlock_all() (git-fixes). - mtd: spi-nor: spansion: Fixup params->set_4byte_addr_mode for SEMPER (git-fixes). - mtd: fix possible integer overflow in erase_xfer() (git-fixes). - clk: qcom: gcc-ipq8074: fix broken freq table for nss_port6_tx_clk_src (git-fixes). - clk: imx95-blk-ctl: Fix synchronous abort (git-fixes). - clk: at91: sam9x7: update pll clk ranges (git-fixes). - clk: thead: th1520-ap: Correctly refer the parent of osc_12m (git-fixes). - clk: sunxi-ng: v3s: Fix de clock definition (git-fixes). - clk: samsung: exynos850: fix a comment (git-fixes). - clk: samsung: gs101: fix alternate mout_hsi0_usb20_ref parent clock (git-fixes). - clk: samsung: gs101: fix CLK_DOUT_CMU_G3D_BUSD (git-fixes). - clk: renesas: rzv2h: Fix missing CLK_SET_RATE_PARENT flag for ddiv clocks (git-fixes). - clk: clk-axi-clkgen: fix fpfd_max frequency for zynq (git-fixes). - clk: xilinx: vcu: unregister pll_post only if registered correctly (git-fixes). - clk: davinci: Add NULL check in davinci_lpsc_clk_register() (git-fixes). - hwmon: (gsc-hwmon) fix fan pwm setpoint show functions (git-fixes). - pwm: imx-tpm: Reset counter if CMOD is 0 (git-fixes). - media: v4l2: Add support for NV12M tiled variants to v4l2_format_info() (git-fixes). - media: uvcvideo: Do not mark valid metadata as invalid (git-fixes). - media: ov2659: Fix memory leaks in ov2659_probe() (git-fixes). - media: ti: j721e-csi2rx: fix list_del corruption (git-fixes). - media: hi556: correct the test pattern configuration (git-fixes). - media: ipu6: isys: Use correct pads for xlate_streams() (git-fixes). - media: vivid: fix wrong pixel_array control size (git-fixes). - media: qcom: camss: cleanup media device allocated resource on error path (git-fixes). - media: venus: Fix MSM8998 frequency table (git-fixes). - media: venus: hfi: explicitly release IRQ during teardown (git-fixes). - media: venus: Fix OOB read due to missing payload bound check (git-fixes). - media: venus: Add a check for packet size after reading from shared memory (git-fixes). - media: venus: protect against spurious interrupts during probe (git-fixes). - media: venus: venc: Clamp param smaller than 1fps and bigger than 240 (git-fixes). - media: pisp_be: Fix pm_runtime underrun in probe (git-fixes). - media: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls (git-fixes). - media: v4l2-ctrls: Don't reset handler's error in v4l2_ctrl_handler_free() (git-fixes). - media: mt9m114: Fix deadlock in get_frame_interval/set_frame_interval (git-fixes). - media: v4l2-ctrls: Fix H264 SEPARATE_COLOUR_PLANE check (git-fixes). - media: imx: fix a potential memory leak in imx_media_csc_scaler_device_init() (git-fixes). - media: verisilicon: Fix AV1 decoder clock frequency (git-fixes). - media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt() (git-fixes). - media: gspca: Add bounds checking to firmware parser (git-fixes). - media: usbtv: Lock resolution while streaming (git-fixes). - media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format() (git-fixes). - Revert "leds: trigger: netdev: Configure LED blink interval for HW offload" (git-fixes). - leds: flash: leds-qcom-flash: Fix registry access after re-bind (git-fixes). - mfd: cros_ec: Separate charge-control probing from USB-PD (git-fixes). - crypto: qat - fix seq_file position update in adf_ring_next() (git-fixes). - crypto: qat - fix DMA direction for compression on GEN2 devices (git-fixes). - crypto: qat - flush misc workqueue during device shutdown (git-fixes). - crypto: qat - disable ZUC-256 capability for QAT GEN5 (git-fixes). - crypto: img-hash - Fix dma_unmap_sg() nents value (git-fixes). - crypto: keembay - Fix dma_unmap_sg() nents value (git-fixes). - hwrng: mtk - handle devm_pm_runtime_enable errors (git-fixes). - crypto: ccp - Fix crash when rebind ccp device for ccp.ko (git-fixes). - crypto: inside-secure - Fix `dma_unmap_sg()` nents value (git-fixes). - crypto: ccp - Fix locking on alloc failure handling (git-fixes). - crypto: caam - Prevent crash on suspend with iMX8QM / iMX8ULP (git-fixes). - crypto: arm/aes-neonbs - work around gcc-15 warning (git-fixes). - crypto: qat - fix state restore for banks with exceptions (git-fixes). - crypto: qat - allow enabling VFs in the absence of IOMMU (git-fixes). - crypto: marvell/cesa - Fix engine load inaccuracy (git-fixes). - crypto: qat - use unmanaged allocation for dc_data (git-fixes). - crypto: sun8i-ce - fix nents passed to dma_unmap_sg() (git-fixes). - commit ae512ba - RDMA/uverbs: Add empty rdma_uattrs_has_raw_cap() declaration (git-fixes) - commit e78882a - x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes). - commit 3ccca36 - x86/cacheinfo: Properly parse CPUID(0x80000006) L2/L3 associativity (git-fixes). - commit a5b12b1 - RDMA/mlx5: Fix compilation warning when USER_ACCESS isn't set (git-fixes) - commit 5241bbd - x86/cacheinfo: Properly parse CPUID(0x80000005) L1d/L1i associativity (git-fixes). - commit 530f80b - x86/cpu: Sanitize CPUID(0x80000000) output (git-fixes). - commit 8c1593e - RDMA/hns: Fix -Wframe-larger-than issue (git-fixes) - commit 160aaf0 - RDMA/hns: Drop GFP_NOWARN (git-fixes) - commit 3983b2d - RDMA/hns: Fix accessing uninitialized resources (git-fixes) - commit 020f808 - RDMA/hns: Get message length of ack_req from FW (git-fixes) - commit ed23840 - RDMA/hns: Fix HW configurations not cleared in error flow (git-fixes) - commit 17d9c9c - RDMA/hns: Fix double destruction of rsv_qp (git-fixes) - commit 127df58 - Fix dma_unmap_sg() nents value (git-fixes) - commit 72c9bb9 - RDMA/counter: Check CAP_NET_RAW check in user namespace for RDMA counters (git-fixes) - commit e32f637 - RDMA/nldev: Check CAP_NET_RAW in user namespace for QP modify (git-fixes) - commit 066fc2e - RDMA/mlx5: Check CAP_NET_RAW in user namespace for devx create (git-fixes) - commit 876344b - RDMA/uverbs: Check CAP_NET_RAW in user namespace for RAW QP create (git-fixes) - commit 84b0982 - RDMA/uverbs: Check CAP_NET_RAW in user namespace for QP create (git-fixes) - commit 5d5e159 - RDMA/mlx5: Check CAP_NET_RAW in user namespace for anchor create (git-fixes) - commit 1d83d68 - RDMA/mlx5: Check CAP_NET_RAW in user namespace for flow create (git-fixes) - commit 880cd69 - RDMA/uverbs: Check CAP_NET_RAW in user namespace for flow create (git-fixes) - commit 1e737a4 ++++ gcc15: - Update to GCC 15 branch head, 15.1.1+git10189, GCC 15.2 RC ++++ python313-core: - Add CVE-2025-8194-tarfile-no-neg-offsets.patch which now validates archives to ensure member offsets are non-negative (gh#python/cpython#130577, CVE-2025-8194, bsc#1247249). ++++ python313: - Add CVE-2025-8194-tarfile-no-neg-offsets.patch which now validates archives to ensure member offsets are non-negative (gh#python/cpython#130577, CVE-2025-8194, bsc#1247249). ------------------------------------------------------------------ ------------------ 2025-7-31 - Jul 31 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Consolidate device lock into its own method Add set_device_lock method which uses udevadm lock preferable but also supports an flock fallback in case there is no lock command provided via systemd/udev - Fix bug in shell condition The shell code test ... || warn A; warn B will always print the warning for B despite the test result. This lead to the warning message "Settings from the kiwi description will be ignored" to be printed always. This commit fixes it with a clean if/then condition ++++ kernel-default: - tcp: Correct signedness in skb remaining space calculation (CVE-2025-38463 bsc#1247113). - net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350 bsc#1246781). - commit 3e7e03b - wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). - wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). - commit f109748 - drm/amdgpu/gfx10: fix kiq locking in KCQ reset (git-fixes). - drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset (git-fixes). - drm/amdgpu/gfx9: fix kiq locking in KCQ reset (git-fixes). - drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes). - drm/xe/uapi: Correct sync type definition in comments (git-fixes). - fbcon: Fix outdated registered_fb reference in comment (git-fixes). - drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). - drm/amdgpu: Remove nbiov7.9 replay count reporting (git-fixes). - drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). - drm/panthor: Add missing explicit padding in drm_panthor_gpu_info (git-fixes). - drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). - drm/connector: hdmi: Evaluate limited range after computing format (git-fixes). - drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). - can: peak_usb: fix USB FD devices potential malfunction (git-fixes). - net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). - net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). - can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes). - can: kvaser_pciefd: Store device channel index (git-fixes). - Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). - wifi: nl80211: Set num_sub_specs before looping through sub_specs (git-fixes). - wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon() (git-fixes). - wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes). - wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). - wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). - wifi: ath12k: fix source ring-buffer corruption (git-fixes). - wifi: ath12k: fix dest ring-buffer corruption (git-fixes). - wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). - wifi: ath11k: fix source ring-buffer corruption (git-fixes). - wifi: ath11k: fix dest ring-buffer corruption (git-fixes). - wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). - wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). - wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). - Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). - wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). - wifi: mac80211: Don't call fq_flow_idx() for management frames (git-fixes). - wifi: mac80211: Do not schedule stopped TXQs (git-fixes). - wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). - wifi: mac80211: reject TDLS operations when station is not associated (git-fixes). - wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). - wifi: rtw88: Fix macid assigned to TDLS station (git-fixes). - wifi: rtl8xxxu: Fix RX skb size for aggregation disabled (git-fixes). - mwl8k: Add missing check after DMA map (git-fixes). - iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). - wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). - wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). - wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). - wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (git-fixes). - staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (git-fixes). - commit 2967d89 - RDMA/mlx5: Fix UMR modifying of mkey page size (git-fixes) - commit 2bdec98 ++++ kernel-rt: - tcp: Correct signedness in skb remaining space calculation (CVE-2025-38463 bsc#1247113). - net/sched: Always pass notifications when child class becomes empty (CVE-2025-38350 bsc#1246781). - commit 3e7e03b - wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start() (git-fixes). - wifi: iwlwifi: return ERR_PTR from opmode start() (stable-fixes). - commit f109748 - drm/amdgpu/gfx10: fix kiq locking in KCQ reset (git-fixes). - drm/amdgpu/gfx9.4.3: fix kiq locking in KCQ reset (git-fixes). - drm/amdgpu/gfx9: fix kiq locking in KCQ reset (git-fixes). - drm/amd/pm/powerplay/hwmgr/smu_helper: fix order of mask and value (git-fixes). - drm/xe/uapi: Correct sync type definition in comments (git-fixes). - fbcon: Fix outdated registered_fb reference in comment (git-fixes). - drm/msm/dpu: Fill in min_prefill_lines for SC8180X (git-fixes). - drm/amdgpu: Remove nbiov7.9 replay count reporting (git-fixes). - drm/vmwgfx: Fix Host-Backed userspace on Guest-Backed kernel (git-fixes). - drm/panthor: Add missing explicit padding in drm_panthor_gpu_info (git-fixes). - drm/panfrost: Fix panfrost device variable name in devfreq (git-fixes). - drm/connector: hdmi: Evaluate limited range after computing format (git-fixes). - drm/rockchip: cleanup fb when drm_gem_fb_afbc_init failed (git-fixes). - can: peak_usb: fix USB FD devices potential malfunction (git-fixes). - net: phy: micrel: fix KSZ8081/KSZ8091 cable test (git-fixes). - net: usbnet: Avoid potential RCU stall on LINK_CHANGE event (git-fixes). - can: kvaser_usb: Assign netdev.dev_port based on device channel index (git-fixes). - can: kvaser_pciefd: Store device channel index (git-fixes). - Bluetooth: hci_event: Mask data status from LE ext adv reports (git-fixes). - wifi: nl80211: Set num_sub_specs before looping through sub_specs (git-fixes). - wifi: mac80211: Write cnt before copying in ieee80211_copy_rnr_beacon() (git-fixes). - wifi: ath12k: fix endianness handling while accessing wmi service bit (git-fixes). - wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask() (git-fixes). - wifi: ath12k: fix dest ring-buffer corruption when ring is full (git-fixes). - wifi: ath12k: fix source ring-buffer corruption (git-fixes). - wifi: ath12k: fix dest ring-buffer corruption (git-fixes). - wifi: ath11k: fix dest ring-buffer corruption when ring is full (git-fixes). - wifi: ath11k: fix source ring-buffer corruption (git-fixes). - wifi: ath11k: fix dest ring-buffer corruption (git-fixes). - wifi: ath11k: fix suspend use-after-free after probe failure (git-fixes). - wifi: ath11k: clear initialized flag for deinit-ed srng lists (git-fixes). - wifi: brcmfmac: fix P2P discovery failure in P2P peer due to missing P2P IE (git-fixes). - Reapply "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (git-fixes). - wifi: mac80211: Check 802.11 encaps offloading in ieee80211_tx_h_select_key() (git-fixes). - wifi: mac80211: Don't call fq_flow_idx() for management frames (git-fixes). - wifi: mac80211: Do not schedule stopped TXQs (git-fixes). - wifi: plfxlc: Fix error handling in usb driver probe (git-fixes). - wifi: mac80211: reject TDLS operations when station is not associated (git-fixes). - wifi: brcmsmac: Remove const from tbl_ptr parameter in wlc_lcnphy_common_read_table() (git-fixes). - wifi: rtw88: Fix macid assigned to TDLS station (git-fixes). - wifi: rtl8xxxu: Fix RX skb size for aggregation disabled (git-fixes). - mwl8k: Add missing check after DMA map (git-fixes). - iwlwifi: Add missing check for alloc_ordered_workqueue (git-fixes). - wifi: iwlwifi: Fix memory leak in iwl_mvm_init() (git-fixes). - wifi: rtl818x: Kill URBs before clearing tx status queue (git-fixes). - wifi: rtw89: avoid NULL dereference when RX problematic packet on unsupported 6 GHz band (git-fixes). - wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (git-fixes). - staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() (git-fixes). - commit 2967d89 - RDMA/mlx5: Fix UMR modifying of mkey page size (git-fixes) - commit 2bdec98 ++++ systemd: - Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations (bsc#1247074) The script was introduced more than 7 years ago and all systems running TW should have been migrated since then. Moreover the installer supports the systemd default locations since approximately SLE15. ++++ libzypp: - Append RepoInfo::path() to the mirror URLs in Preloader (bsc#1247054) - version 17.37.15 (35) ++++ selinux-policy: - Update to version 20250627+git66.15675827a: * Set /srv/tftpboot = /var/lib/tftpboot as equivalent file context (bsc#1247381) * Create unconfined type for salt-minion bsc#1228984 - Change default of example config to enforcing mode. With selinux-autorelabel taking care of relabeling this should work nowadays ------------------------------------------------------------------ ------------------ 2025-7-30 - Jul 30 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - drop duplicate %changelog macro ++++ python-kiwi: - Fix documentation rendering There was an indentation bug which caused the docs to render wrong. This commit fixes it ++++ kernel-default: - io_uring/sqpoll: don't put task_struct on tctx setup failure (bsc#1245664 CVE-2025-38106). - io_uring: consistently use rcu semantics with sqpoll thread (bsc#1245664 CVE-2025-38106). - io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() (bsc#1245664 CVE-2025-38106). - commit 83d2779 - usb: gadget: configfs: Fix OOB read on empty string write (CVE-2025-38497 bsc#1247347). - commit fdc50d2 - fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396 bsc#1247156). Conflicts: series.conf - fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396 bsc#1247156). - commit 4bbdefe - Enable MT7925 WiFi drivers for openSUSE Leap 16.0 (bsc#1247325) Enabled only for Leap 16.0 kernel-default-optional as unsupported for now - commit 60216d7 - optee: ffa: fix sleep in atomic context (CVE-2025-38374 bsc#1247024). - commit c40f48d - kabi/severities: ignore two unused/dropped symbols from MEI - commit f8ced2f - soc: qcom: mdt_loader: Fix error return values in mdt_header_valid() (git-fixes). - commit eab169b - Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). - soc: qcom: pmic_glink: fix OF node leak (git-fixes). - soc: qcom: fix endianness for QMI header (git-fixes). - soc: qcom: QMI encoding/decoding for big endian (git-fixes). - soc: qcom: mdt_loader: Ensure we don't read past the ELF header (git-fixes). - memory: mtk-smi: Add ostd setting for mt8186 (git-fixes). - soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). - firmware: arm_scmi: Fix up turbo frequencies selection (git-fixes). - usb: musb: omap2430: fix device leak at unbind (git-fixes). - usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). - usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). - usb: dwc3: imx8mp: fix device leak at unbind (git-fixes). - usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). - thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). - usb: typec: ucsi: Update power_supply on power role change (git-fixes). - usb: typec: fusb302: cache PD RX state (git-fixes). - usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). - cdc-acm: fix race between initial clearing halt and open (git-fixes). - usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). - USB: gadget: f_hid: Fix memory leak in hidg_bind error path (git-fixes). - usb: typec: ucsi: yoga-c630: fix error and remove paths (git-fixes). - usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). - Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). - usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). - vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). - vt: keyboard: Don't process Unicode characters in K_OFF mode (git-fixes). - staging: axis-fifo: remove sysfs interface (git-fixes). - staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes). - staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes). - interconnect: qcom: sc8180x: specify num_nodes (git-fixes). - interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg (git-fixes). - comedi: fix race between polling and detaching (git-fixes). - iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). - iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). - bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). - bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640 (git-fixes). - misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). - vmci: Prevent the dispatching of uninitialized payloads (git-fixes). - samples: mei: Fix building on musl libc (git-fixes). - mei: vsc: Fix "BUG: Invalid wait context" lockdep error (git-fixes). - mei: vsc: Run event callback from a workqueue (git-fixes). - mei: vsc: Unset the event callback on remove and probe errors (git-fixes). - mei: vsc: Event notifier fixes (git-fixes). - mei: vsc: Destroy mutex after freeing the IRQ (git-fixes). - mei: vsc: Don't re-init VSC from mei_vsc_hw_reset() on stop (git-fixes). - mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq() (stable-fixes). - platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes). - pwm: rockchip: Round period/duty down on apply, up on get (git-fixes). - spi: stm32: Check for cfg availability in stm32_spi_probe (git-fixes). - gpio: virtio: Fix config space reading (git-fixes). - ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). - ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes). - Documentation: ACPI: Fix parent device references (git-fixes). - ACPI: LPSS: Remove AudioDSP related ID (git-fixes). - ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes). - powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes). - PM: runtime: Take active children into account in pm_runtime_get_if_in_use() (git-fixes). - PM / devfreq: Fix a index typo in trans_stat (git-fixes). - PM / devfreq: Check governor before using governor->name (git-fixes). - commit bb1eeb0 - s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1247372). - commit 9c82c2d - s390/mm: Remove possible false-positive warning in pte_free_defer() (git-fixes bsc#1247366). - commit 24410b3 - x86/fpu: Delay instruction pointer fixup until after warning (git-fixes). - commit 065c5cd - x86/bugs: Allow ITS stuffing in eIBRS+retpoline mode also (git-fixes). - commit 5066cbd - x86/bugs: Remove its=stuff dependency on retbleed (git-fixes). - commit a74c41e - x86/bugs: Introduce cdt_possible() (git-fixes). - commit 229ca7c - x86/bugs: Use switch/case in its_apply_mitigation() (git-fixes). - commit 83a9f22 - x86/bugs: Avoid warning when overriding return thunk (git-fixes). - commit 0b33009 - x86/bugs: Simplify the retbleed=stuff checks (git-fixes). - commit 4381119 - x86/bugs: Avoid AUTO after the select step in the retbleed mitigation (git-fixes). - commit 4ef3103 - Refresh patches.suse/x86-entry-Add-__init-to-ia32_emulation_override_cmdline.patch. - commit dfed6d8 ++++ kernel-rt: - io_uring/sqpoll: don't put task_struct on tctx setup failure (bsc#1245664 CVE-2025-38106). - io_uring: consistently use rcu semantics with sqpoll thread (bsc#1245664 CVE-2025-38106). - io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() (bsc#1245664 CVE-2025-38106). - commit 83d2779 - usb: gadget: configfs: Fix OOB read on empty string write (CVE-2025-38497 bsc#1247347). - commit fdc50d2 - fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396 bsc#1247156). Conflicts: series.conf - fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (CVE-2025-38396 bsc#1247156). - commit 4bbdefe - Enable MT7925 WiFi drivers for openSUSE Leap 16.0 (bsc#1247325) Enabled only for Leap 16.0 kernel-default-optional as unsupported for now - commit 60216d7 - optee: ffa: fix sleep in atomic context (CVE-2025-38374 bsc#1247024). - commit c40f48d - kabi/severities: ignore two unused/dropped symbols from MEI - commit f8ced2f - soc: qcom: mdt_loader: Fix error return values in mdt_header_valid() (git-fixes). - commit eab169b - Docs/ABI: Fix sysfs-kernel-address_bits path (git-fixes). - soc: qcom: pmic_glink: fix OF node leak (git-fixes). - soc: qcom: fix endianness for QMI header (git-fixes). - soc: qcom: QMI encoding/decoding for big endian (git-fixes). - soc: qcom: mdt_loader: Ensure we don't read past the ELF header (git-fixes). - memory: mtk-smi: Add ostd setting for mt8186 (git-fixes). - soc/tegra: cbb: Clear ERR_FORCE register with ERR_STATUS (git-fixes). - firmware: arm_scmi: Fix up turbo frequencies selection (git-fixes). - usb: musb: omap2430: fix device leak at unbind (git-fixes). - usb: gadget: udc: renesas_usb3: fix device leak at unbind (git-fixes). - usb: dwc3: meson-g12a: fix device leaks at unbind (git-fixes). - usb: dwc3: imx8mp: fix device leak at unbind (git-fixes). - usb: atm: cxacru: Merge cxacru_upload_firmware() into cxacru_heavy_init() (git-fixes). - thunderbolt: Fix copy+paste error in match_service_id() (git-fixes). - usb: typec: ucsi: Update power_supply on power role change (git-fixes). - usb: typec: fusb302: cache PD RX state (git-fixes). - usb: gadget : fix use-after-free in composite_dev_cleanup() (git-fixes). - cdc-acm: fix race between initial clearing halt and open (git-fixes). - usb: early: xhci-dbc: Fix early_ioremap leak (git-fixes). - USB: gadget: f_hid: Fix memory leak in hidg_bind error path (git-fixes). - usb: typec: ucsi: yoga-c630: fix error and remove paths (git-fixes). - usb: misc: apple-mfi-fastcharge: Make power supply names unique (git-fixes). - Documentation: usb: gadget: Wrap remaining usage snippets in literal code block (git-fixes). - usb: host: xhci-plat: fix incorrect type for of_match variable in xhci_plat_probe() (git-fixes). - vt: defkeymap: Map keycodes above 127 to K_HOLE (git-fixes). - vt: keyboard: Don't process Unicode characters in K_OFF mode (git-fixes). - staging: axis-fifo: remove sysfs interface (git-fixes). - staging: nvec: Fix incorrect null termination of battery manufacturer (git-fixes). - staging: fbtft: fix potential memory leak in fbtft_framebuffer_alloc() (git-fixes). - interconnect: qcom: sc8180x: specify num_nodes (git-fixes). - interconnect: qcom: sc8280xp: specify num_links for qnm_a1noc_cfg (git-fixes). - comedi: fix race between polling and detaching (git-fixes). - iio: adc: ad_sigma_delta: change to buffer predisable (git-fixes). - iio: imu: bno055: fix OOB access of hw_xlate array (git-fixes). - bus: mhi: host: Detect events pointing to unexpected TREs (git-fixes). - bus: mhi: host: pci_generic: Fix the modem name of Foxconn T99W640 (git-fixes). - misc: rtsx: usb: Ensure mmc child device is active when card is present (git-fixes). - vmci: Prevent the dispatching of uninitialized payloads (git-fixes). - samples: mei: Fix building on musl libc (git-fixes). - mei: vsc: Fix "BUG: Invalid wait context" lockdep error (git-fixes). - mei: vsc: Run event callback from a workqueue (git-fixes). - mei: vsc: Unset the event callback on remove and probe errors (git-fixes). - mei: vsc: Event notifier fixes (git-fixes). - mei: vsc: Destroy mutex after freeing the IRQ (git-fixes). - mei: vsc: Don't re-init VSC from mei_vsc_hw_reset() on stop (git-fixes). - mei: vsc: Drop unused vsc_tp_request_irq() and vsc_tp_free_irq() (stable-fixes). - platform/chrome: cros_ec: Unregister notifier in cros_ec_unregister() (git-fixes). - pwm: rockchip: Round period/duty down on apply, up on get (git-fixes). - spi: stm32: Check for cfg availability in stm32_spi_probe (git-fixes). - gpio: virtio: Fix config space reading (git-fixes). - ASoC: ops: dynamically allocate struct snd_ctl_elem_value (git-fixes). - ASoC: soc-dai: tidyup return value of snd_soc_xlate_tdm_slot_mask() (git-fixes). - Documentation: ACPI: Fix parent device references (git-fixes). - ACPI: LPSS: Remove AudioDSP related ID (git-fixes). - ACPI: processor: perflib: Fix initial _PPC limit application (git-fixes). - powercap: dtpm_cpu: Fix NULL pointer dereference in get_pd_power_uw() (git-fixes). - PM: runtime: Take active children into account in pm_runtime_get_if_in_use() (git-fixes). - PM / devfreq: Fix a index typo in trans_stat (git-fixes). - PM / devfreq: Check governor before using governor->name (git-fixes). - commit bb1eeb0 - s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1247372). - commit 9c82c2d - s390/mm: Remove possible false-positive warning in pte_free_defer() (git-fixes bsc#1247366). - commit 24410b3 - x86/fpu: Delay instruction pointer fixup until after warning (git-fixes). - commit 065c5cd - x86/bugs: Allow ITS stuffing in eIBRS+retpoline mode also (git-fixes). - commit 5066cbd - x86/bugs: Remove its=stuff dependency on retbleed (git-fixes). - commit a74c41e - x86/bugs: Introduce cdt_possible() (git-fixes). - commit 229ca7c - x86/bugs: Use switch/case in its_apply_mitigation() (git-fixes). - commit 83a9f22 - x86/bugs: Avoid warning when overriding return thunk (git-fixes). - commit 0b33009 - x86/bugs: Simplify the retbleed=stuff checks (git-fixes). - commit 4381119 - x86/bugs: Avoid AUTO after the select step in the retbleed mitigation (git-fixes). - commit 4ef3103 - Refresh patches.suse/x86-entry-Add-__init-to-ia32_emulation_override_cmdline.patch. - commit dfed6d8 ++++ openssl-3: - Disable LTO for userspace livepatching [jsc#PED-13245] ++++ selinux-policy: - Unify with factory specfile, which includes: - Explain that disabling SELinux should not be done via the config file anymore (bsc#1246549) - Drop mls option, as we don't provide this ATM - Improve selinux-policy-devel dependencies and add post script to improve experience when debugging (bsc#1236193). - Move manpages to selinux-policy-doc package (bsc#1241391) - Add ugly workaround for semodule removal issues (bsc#1221342 bsc#1238062 bsc#1230643 bsc#1230938) Can be dropped when PED-12491 is done. - Use python311 tools in 15.4 and 15.5 when building selinux-policy to deprecate python36 tooling - Improve selinux-policy packaging * Remove bashisms to support UNIX SH syntax in scriptlets (bsc#1237517) * Fix non-existing $package variable in "%post minimum" scriptlet * Improve selinux-policy.rpmlintrc file * Remove duplicates with fdupes ++++ ucode-amd: - Update to version 20250730 (git commit 910c19074091): * linux-firmware: Update AMD cpu microcode ------------------------------------------------------------------ ------------------ 2025-7-29 - Jul 29 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update to Docker 28.3.3-ce. See upstream changelog online at CVE-2025-54388 bsc#1247367 ++++ python-kiwi: - solver/repository: Handle zstd-compressed metadata files `_create_solvables` assumes metadata files are gzip-compressed, but modern Fedora ones are not, they are zstd-compressed. Signed-off-by: Adam Williamson - uri: If we fail to resolve the metalink URI, log it It's rather useful to know *what* the URI is when something goes wrong, after all. Signed-off-by: Adam Williamson - Bump version: 10.2.29 → 10.2.30 - Fix repartitioning with parted parted does locking itself already. Wrapping it in udevadm lock results in a deadlock, breaking boot. ++++ fde-tools: - Add the missing /var/log/fde (bsc#1247228) ++++ kernel-default: - selftests/bpf: Remove test_skb_cgroup_id.sh from TEST_PROGS Fix the following BPF selftests build error: [ 183s] make[1]: Entering directory '/home/abuild/rpmbuild/BUILD/kselftests-bpf-6.12.0-build/tools/testing/selftests/bpf' [ 183s] rsync -a --copy-unsafe-links test_kmod.sh test_xdp_redirect.sh test_xdp_redirect_multi.sh test_xdp_meta.sh test_tunnel.sh test_lwt_seg6local.sh test_lirc_mode2.sh test_skb_cgroup_id.sh test_flow_dissector.sh test_xdp_vlan_mode_generic.sh test_xdp_vlan_mode_native.sh test_lwt_ip_encap.sh test_tcp_check_syncookie.sh test_tc_tunnel.sh test_tc_edt.sh test_xdping.sh test_bpftool_build.sh test_bpftool.sh test_bpftool_metadata.sh test_doc_build.sh test_xsk.sh test_xdp_features.sh /home/abuild/rpmbuild/BUILD/kselftests-bpf-6.12.0-build/tools/testing/selftests/kselftest_install/bpf/ [ 183s] rsync: [sender] link_stat "/home/abuild/rpmbuild/BUILD/kselftests-bpf-6.12.0-build/tools/testing/selftests/bpf/test_skb_cgroup_id.sh" failed: No such file or directory (2) [ 183s] rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1338) [sender=3.4.1] - commit 7aa88b9 - selftests/bpf: Support dynamically linking LLVM if static is not available Fix the following BPF selftests build error: [ 116s] make[1]: Entering directory '/home/abuild/rpmbuild/BUILD/kselftests-bpf-6.12.0-build/tools/testing/selftests/bpf' [ 116s] llvm-config: error: missing: /usr/lib64/libLLVMDemangle.a [ 116s] llvm-config: error: missing: /usr/lib64/libLLVMSupport.a [ 116s] llvm-config: error: missing: /usr/lib64/libLLVMTargetParser.a [ 116s] llvm-config: error: missing: /usr/lib64/libLLVMBinaryFormat.a (...) - commit 4ed92da - iommu/tegra241-cmdqv: Read SMMU IDR1.CMDQS instead of hardcoding (git-fixes). - commit b2958c3 - eventpoll: don't decrement ep refcount while still holding the ep mutex (bsc#1246777 CVE-2025-38349). - commit 8cd134d - jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253 CVE-2025-38337). - commit c6fbc8a - ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976 CVE-2025-38222). - commit c641a38 - ublk: santizize the arguments from userspace when adding a device (bsc#1245937 CVE-2025-38182). - commit 89a2a7b - __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151 CVE-2025-38058). - commit e772035 - xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). - commit be810e3 - xfs: remove unused trace event xfs_discard_rtrelax (git-fixes). - commit 97feca9 - xfs: remove unused trace event xfs_log_cil_return (git-fixes). - commit f8adb59 - xfs: change xfs_xattr_class from a TRACE_EVENT() to DECLARE_EVENT_CLASS() (git-fixes). - commit 9d236fc - xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). - commit 9c39d8c - xfs: remove usused xfs_end_io_direct events (git-fixes). - commit 60f358f - xfs: remove unused event xfs_pagecache_inval (git-fixes). - commit a5b7032 - xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). - commit 78d1acd - xfs: remove unused event xfs_alloc_near_error (git-fixes). - commit 3b1caf6 - xfs: remove unused event xfs_attr_node_removename (git-fixes). - commit e689919 - xfs: remove unused xfs_attr events (git-fixes). - commit 950fc00 - xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). - commit 096be3d - xfs: remove unused xfs_reflink_compare_extents events (git-fixes). - commit 4ed410c - xfs: remove unused event xfs_ioctl_clone (git-fixes). - commit 1ca6b2f - xfs: remove unused event xlog_iclog_want_sync (git-fixes). - commit c429e69 - xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). - commit 82f668d - NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes). - commit 4e26ab2 - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). - commit 5f5b227 - x86/fpu: Avoid copying dynamic FP state from init_task in arch_dup_task_struct() (git-fixes). - commit 5286ce5 - x86/fpu: Fix guest FPU state buffer allocation size (git-fixes). - commit fcdd18c - x86/fpu/xstate: Fix inconsistencies in guest FPU xfeatures (git-fixes). - commit 3c77f80 - x86/headers: Replace __ASSEMBLY__ with __ASSEMBLER__ in UAPI headers (git-fixes). - commit d331bca - x86/smpboot: Fix INIT delay assignment for extended Intel Families (git-fixes). - commit fa3f890 - x86/fpu: Fully optimize out WARN_ON_FPU() (git-fixes). - commit 44d216b - x86/percpu: Disable named address spaces for UBSAN_BOOL with KASAN for GCC < 14.2 (git-fixes). - commit 495301f - x86/nmi: Add an emergency handler in nmi_desc & use it in nmi_shootdown_cpus() (git-fixes). - commit 62f7c35 - x86/locking: Use ALT_OUTPUT_SP() for percpu_{,try_}cmpxchg{64,128}_op() (git-fixes). - commit a3223dc - x86/boot: Sanitize boot params before parsing command line (git-fixes). - commit fa10e4c - x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes). - commit c364173 - x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes). - commit 6fe089b - x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes). - commit 8aa4767 - x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes). - commit 9f24ef0 - x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes). - commit 1378c6a - Refresh patches.suse/RISC-V-Add-defines-for-the-SBI-nested-acceleration-e.patch. Fix metadata for the RISC-V patch. - commit 7fb7430 - Refresh patches.suse/x86-entry-Add-__init-to-ia32_emulation_override_cmdline.patch. - commit 7b16eb0 - Update patches.suse/vfs-add-super_operations-get_inode_dev (bsc#927455 bsc#1246450). - commit c096336 ++++ kernel-rt: - selftests/bpf: Remove test_skb_cgroup_id.sh from TEST_PROGS Fix the following BPF selftests build error: [ 183s] make[1]: Entering directory '/home/abuild/rpmbuild/BUILD/kselftests-bpf-6.12.0-build/tools/testing/selftests/bpf' [ 183s] rsync -a --copy-unsafe-links test_kmod.sh test_xdp_redirect.sh test_xdp_redirect_multi.sh test_xdp_meta.sh test_tunnel.sh test_lwt_seg6local.sh test_lirc_mode2.sh test_skb_cgroup_id.sh test_flow_dissector.sh test_xdp_vlan_mode_generic.sh test_xdp_vlan_mode_native.sh test_lwt_ip_encap.sh test_tcp_check_syncookie.sh test_tc_tunnel.sh test_tc_edt.sh test_xdping.sh test_bpftool_build.sh test_bpftool.sh test_bpftool_metadata.sh test_doc_build.sh test_xsk.sh test_xdp_features.sh /home/abuild/rpmbuild/BUILD/kselftests-bpf-6.12.0-build/tools/testing/selftests/kselftest_install/bpf/ [ 183s] rsync: [sender] link_stat "/home/abuild/rpmbuild/BUILD/kselftests-bpf-6.12.0-build/tools/testing/selftests/bpf/test_skb_cgroup_id.sh" failed: No such file or directory (2) [ 183s] rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1338) [sender=3.4.1] - commit 7aa88b9 - selftests/bpf: Support dynamically linking LLVM if static is not available Fix the following BPF selftests build error: [ 116s] make[1]: Entering directory '/home/abuild/rpmbuild/BUILD/kselftests-bpf-6.12.0-build/tools/testing/selftests/bpf' [ 116s] llvm-config: error: missing: /usr/lib64/libLLVMDemangle.a [ 116s] llvm-config: error: missing: /usr/lib64/libLLVMSupport.a [ 116s] llvm-config: error: missing: /usr/lib64/libLLVMTargetParser.a [ 116s] llvm-config: error: missing: /usr/lib64/libLLVMBinaryFormat.a (...) - commit 4ed92da - iommu/tegra241-cmdqv: Read SMMU IDR1.CMDQS instead of hardcoding (git-fixes). - commit b2958c3 - eventpoll: don't decrement ep refcount while still holding the ep mutex (bsc#1246777 CVE-2025-38349). - commit 8cd134d - jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata() (bsc#1246253 CVE-2025-38337). - commit c6fbc8a - ext4: inline: fix len overflow in ext4_prepare_inline_data (bsc#1245976 CVE-2025-38222). - commit c641a38 - ublk: santizize the arguments from userspace when adding a device (bsc#1245937 CVE-2025-38182). - commit 89a2a7b - __legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock (bsc#1245151 CVE-2025-38058). - commit e772035 - xfs: remove unused trace event xfs_reflink_cow_enospc (git-fixes). - commit be810e3 - xfs: remove unused trace event xfs_discard_rtrelax (git-fixes). - commit 97feca9 - xfs: remove unused trace event xfs_log_cil_return (git-fixes). - commit f8adb59 - xfs: change xfs_xattr_class from a TRACE_EVENT() to DECLARE_EVENT_CLASS() (git-fixes). - commit 9d236fc - xfs: only create event xfs_file_compat_ioctl when CONFIG_COMPAT is configure (git-fixes). - commit 9c39d8c - xfs: remove usused xfs_end_io_direct events (git-fixes). - commit 60f358f - xfs: remove unused event xfs_pagecache_inval (git-fixes). - commit a5b7032 - xfs: remove unused event xfs_alloc_near_nominleft (git-fixes). - commit 78d1acd - xfs: remove unused event xfs_alloc_near_error (git-fixes). - commit 3b1caf6 - xfs: remove unused event xfs_attr_node_removename (git-fixes). - commit e689919 - xfs: remove unused xfs_attr events (git-fixes). - commit 950fc00 - xfs: remove unused trace event xfs_attr_rmtval_set (git-fixes). - commit 096be3d - xfs: remove unused xfs_reflink_compare_extents events (git-fixes). - commit 4ed410c - xfs: remove unused event xfs_ioctl_clone (git-fixes). - commit 1ca6b2f - xfs: remove unused event xlog_iclog_want_sync (git-fixes). - commit c429e69 - xfs: remove unused trace event xfs_attr_remove_iter_return (git-fixes). - commit 82f668d - NFSD: detect mismatch of file handle and delegation stateid in OPEN op (git-fixes). - commit 4e26ab2 - nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (git-fixes). - commit 5f5b227 - x86/fpu: Avoid copying dynamic FP state from init_task in arch_dup_task_struct() (git-fixes). - commit 5286ce5 - x86/fpu: Fix guest FPU state buffer allocation size (git-fixes). - commit fcdd18c - x86/fpu/xstate: Fix inconsistencies in guest FPU xfeatures (git-fixes). - commit 3c77f80 - x86/headers: Replace __ASSEMBLY__ with __ASSEMBLER__ in UAPI headers (git-fixes). - commit d331bca - x86/smpboot: Fix INIT delay assignment for extended Intel Families (git-fixes). - commit fa3f890 - x86/fpu: Fully optimize out WARN_ON_FPU() (git-fixes). - commit 44d216b - x86/percpu: Disable named address spaces for UBSAN_BOOL with KASAN for GCC < 14.2 (git-fixes). - commit 495301f - x86/nmi: Add an emergency handler in nmi_desc & use it in nmi_shootdown_cpus() (git-fixes). - commit 62f7c35 - x86/locking: Use ALT_OUTPUT_SP() for percpu_{,try_}cmpxchg{64,128}_op() (git-fixes). - commit a3223dc - x86/boot: Sanitize boot params before parsing command line (git-fixes). - commit fa10e4c - x86/mce: Make sure CMCI banks are cleared during shutdown on Intel (git-fixes). - commit c364173 - x86/platform/olpc: Remove unused variable 'len' in olpc_dt_compatible_match() (git-fixes). - commit 6fe089b - x86/fred/signal: Prevent immediate repeat of single step trap on return from SIGTRAP handler (git-fixes). - commit 8aa4767 - x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (git-fixes). - commit 9f24ef0 - x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes). - commit 1378c6a - Refresh patches.suse/RISC-V-Add-defines-for-the-SBI-nested-acceleration-e.patch. Fix metadata for the RISC-V patch. - commit 7fb7430 - Refresh patches.suse/x86-entry-Add-__init-to-ia32_emulation_override_cmdline.patch. - commit 7b16eb0 - Update patches.suse/vfs-add-super_operations-get_inode_dev (bsc#927455 bsc#1246450). - commit c096336 ------------------------------------------------------------------ ------------------ 2025-7-28 - Jul 28 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Update test-image-disk-simple integration test Update slfo/test-image-disk-simple. Add more space for flake testing and add a user to test flakes for non root ++++ kernel-default: - Refresh patches.suse/padding-for-more-cgroup-controllers.patch. SUSE developers may build our kernel with customized configs. We don't know how many controllers they enable and this may run over the limit in BUILD_BUG_ON because of the added padding. Relax BUILD_BUG_ON condition to only look at actually used controllers (the effective boundary in our kernel). - commit 44a41b0 - sprintf.h: mask additional include (git-fixes). - commit 3c155f3 - sprintf.h requires stdarg.h (git-fixes). - commit 4e2dd00 - btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). - commit bd1213b - btrfs: record new subvolume in parent dir earlier to avoid dir logging races (git-fixes). - commit bb20dcf - btrfs: fix assertion when building free space tree (git-fixes). - commit 9c045a8 - btrfs: fix iteration of extrefs during log replay (bsc#1247031 CVE-2025-38382). - commit e093d49 - btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). - commit fb9d68c - kabi: Hide adding of u64 to devlink_param_type (jsc#PED-12745). - commit 4d9651f ++++ kernel-rt: - Refresh patches.suse/padding-for-more-cgroup-controllers.patch. SUSE developers may build our kernel with customized configs. We don't know how many controllers they enable and this may run over the limit in BUILD_BUG_ON because of the added padding. Relax BUILD_BUG_ON condition to only look at actually used controllers (the effective boundary in our kernel). - commit 44a41b0 - sprintf.h: mask additional include (git-fixes). - commit 3c155f3 - sprintf.h requires stdarg.h (git-fixes). - commit 4e2dd00 - btrfs: fix non-empty delayed iputs list on unmount due to async workers (git-fixes). - commit bd1213b - btrfs: record new subvolume in parent dir earlier to avoid dir logging races (git-fixes). - commit bb20dcf - btrfs: fix assertion when building free space tree (git-fixes). - commit 9c045a8 - btrfs: fix iteration of extrefs during log replay (bsc#1247031 CVE-2025-38382). - commit e093d49 - btrfs: fix missing error handling when searching for inode refs during log replay (git-fixes). - commit fb9d68c - kabi: Hide adding of u64 to devlink_param_type (jsc#PED-12745). - commit 4d9651f ++++ gcc15: - Update to GCC 15 branch head, 15.1.1+gitt10077 - Fixes PR120714, RISC-V: incorrect frame pointer CFA address for stack-clash protection loops ++++ harfbuzz: - Update to version 11.3.3: + Fix bug in vertical shaping of fonts without the vmtx table. ++++ nvidia-open-driver-G06-signed: - update CUDA variant to 580.65.06, which addresses various security issues: * CVE-2025-23277 (bsc#1247528) * CVE-2025-23278 (bsc#1247529) * CVE-2025-23286 (bsc#1247530) * CVE-2025-23283 (bsc#1247531) * CVE-2025-23279 (bsc#1247532) ++++ virt-manager: - Add support for creating TDX guests in virt-install (jsc#PED-9265) 053-virtinst-add-support-for-creating-TDX-guests.patch ------------------------------------------------------------------ ------------------ 2025-7-27 - Jul 27 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Revert "RISC-V: KVM: Allow Smnpm and Ssnpm extensions for guests" This reverts commit 5fc44fd9addf2ae400bcc37ae75c718d86dafcaa. Requires support for Smnpm and Ssnpm extensions which is not present. - commit 2f49da4 - i2c: qup: jump out of the loop in case of timeout (git-fixes). - i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). - i2c: tegra: Fix reset error handling with ACPI (git-fixes). - commit d23cb51 ++++ kernel-rt: - Revert "RISC-V: KVM: Allow Smnpm and Ssnpm extensions for guests" This reverts commit 5fc44fd9addf2ae400bcc37ae75c718d86dafcaa. Requires support for Smnpm and Ssnpm extensions which is not present. - commit 2f49da4 - i2c: qup: jump out of the loop in case of timeout (git-fixes). - i2c: virtio: Avoid hang by using interruptible completion wait (git-fixes). - i2c: tegra: Fix reset error handling with ACPI (git-fixes). - commit d23cb51 ------------------------------------------------------------------ ------------------ 2025-7-26 - Jul 26 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - RISC-V: Add defines for the SBI nested acceleration extension (jsc#PED-348). - commit 7bb7585 - drm/xe: Fix build without debugfs (git-fixes). - drm/i915/display: Fix dma_fence_wait_timeout() return value handling (git-fixes). - commit 04fc7cf ++++ kernel-rt: - RISC-V: Add defines for the SBI nested acceleration extension (jsc#PED-348). - commit 7bb7585 - drm/xe: Fix build without debugfs (git-fixes). - drm/i915/display: Fix dma_fence_wait_timeout() return value handling (git-fixes). - commit 04fc7cf ------------------------------------------------------------------ ------------------ 2025-7-25 - Jul 25 2025 ------------------- ------------------------------------------------------------------ ++++ cloud-regionsrv-client: - Update version to 10.5.1 + Fix issue with picking up configured server names from the regionsrv config file. Previously only IP addresses were collected + Update scriptlet for package uninstall to avoid issues in the build service ++++ python-kiwi: - Catch potential exceptions from pathlib.Path.mkdir Creating a directory can fail, we should catch this error instead of ending up in a stack trace ++++ grub2: - Fix CVE-2024-56738: side-channel attack due to not constant-time algorithm in grub_crypto_memcmp (bsc#1234959) * grub2-constant-time-grub_crypto_memcmp.patch ++++ kernel-default: - btrfs: fix a race between renames and directory logging (bsc#1247023 CVE-2025-38365). - commit 82d2bad - btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645 CVE-2024-56759). - commit bd41b6c - nvme-tcp: sanitize request list handling (CVE-2026-38264 bsc#1246387). - commit 4fae28c - cpufreq: amd-pstate: Remove unnecessary driver_lock in set_boost (bsc#1244812 CVE-2025-38038). - Refresh patches.suse/cpufreq-amd-pstate-Overhaul-locking.patch. - commit 9e52e61 - KVM: arm64: Tear down vGIC on failed vCPU creation (CVE-2025-37849 bsc#1243000). - commit 38855cd - drm/xe/pf: Prepare to stop SR-IOV support prior GT reset (git-fixes). - commit 71e9c4e - resource: fix false warning in __request_region() (git-fixes). - ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv (git-fixes). - ALSA: hda/realtek: Fix mute LED mask on HP OMEN 16 laptop (git-fixes). - can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). - bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). - i2c: omap: Fix an error handling path in omap_i2c_probe() (git-fixes). - i2c: omap: Handle omap_i2c_init() errors in omap_i2c_probe() (git-fixes). - USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes). - USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). - USB: serial: option: add Foxconn T99W640 (stable-fixes). - iio: common: st_sensors: Fix use of uninitialize device structs (stable-fixes). - iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). - iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). - drm/xe/mocs: Initialize MOCS index early (stable-fixes). - drm/amdgpu: Increase reset counter only on success (stable-fixes). - drm/amd/display: Disable CRTC degamma LUT for DCN401 (stable-fixes). - drm/amd/display: Free memory allocation (stable-fixes). - ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). - ALSA: hda/realtek - Fix mute LED for HP Victus 16-r0xxx (stable-fixes). - HID: core: do not bypass hid_hw_raw_request (stable-fixes). - HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). - i2c: omap: Fix an error handling path in omap_i2c_probe() (git-fixes). - i2c: omap: fix deprecated of_property_read_bool() use (git-fixes). - i2c: omap: Add support for setting mux (stable-fixes). - drm/xe/pf: Move VFs reprovisioning to worker (stable-fixes). - drm/xe/pf: Sanitize VF scratch registers on FLR (stable-fixes). - commit ad41c3a - mm: userfaultfd: fix race of userfaultfd_move and swap cache (CVE-2025-38242 bsc#1246176). - commit 04ed915 ++++ kernel-rt: - btrfs: fix a race between renames and directory logging (bsc#1247023 CVE-2025-38365). - commit 82d2bad - btrfs: fix use-after-free when COWing tree bock and tracing is enabled (bsc#1235645 CVE-2024-56759). - commit bd41b6c - nvme-tcp: sanitize request list handling (CVE-2026-38264 bsc#1246387). - commit 4fae28c - cpufreq: amd-pstate: Remove unnecessary driver_lock in set_boost (bsc#1244812 CVE-2025-38038). - Refresh patches.suse/cpufreq-amd-pstate-Overhaul-locking.patch. - commit 9e52e61 - KVM: arm64: Tear down vGIC on failed vCPU creation (CVE-2025-37849 bsc#1243000). - commit 38855cd - drm/xe/pf: Prepare to stop SR-IOV support prior GT reset (git-fixes). - commit 71e9c4e - resource: fix false warning in __request_region() (git-fixes). - ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365_dai_set_priv (git-fixes). - ALSA: hda/realtek: Fix mute LED mask on HP OMEN 16 laptop (git-fixes). - can: netlink: can_changelink(): fix NULL pointer deref of struct can_priv::do_set_mode (git-fixes). - bus: fsl-mc: Fix potential double device reference in fsl_mc_get_endpoint() (git-fixes). - i2c: omap: Fix an error handling path in omap_i2c_probe() (git-fixes). - i2c: omap: Handle omap_i2c_init() errors in omap_i2c_probe() (git-fixes). - USB: serial: option: add Telit Cinterion FE910C04 (ECM) composition (stable-fixes). - USB: serial: ftdi_sio: add support for NDI EMGUIDE GEMINI (stable-fixes). - USB: serial: option: add Foxconn T99W640 (stable-fixes). - iio: common: st_sensors: Fix use of uninitialize device structs (stable-fixes). - iio: adc: max1363: Reorder mode_list[] entries (stable-fixes). - iio: adc: max1363: Fix MAX1363_4X_CHANS/MAX1363_8X_CHANS[] (stable-fixes). - drm/xe/mocs: Initialize MOCS index early (stable-fixes). - drm/amdgpu: Increase reset counter only on success (stable-fixes). - drm/amd/display: Disable CRTC degamma LUT for DCN401 (stable-fixes). - drm/amd/display: Free memory allocation (stable-fixes). - ALSA: hda/realtek: Add quirk for ASUS ROG Strix G712LWS (stable-fixes). - ALSA: hda/realtek - Fix mute LED for HP Victus 16-r0xxx (stable-fixes). - HID: core: do not bypass hid_hw_raw_request (stable-fixes). - HID: core: ensure the allocated report buffer can contain the reserved report ID (stable-fixes). - i2c: omap: Fix an error handling path in omap_i2c_probe() (git-fixes). - i2c: omap: fix deprecated of_property_read_bool() use (git-fixes). - i2c: omap: Add support for setting mux (stable-fixes). - drm/xe/pf: Move VFs reprovisioning to worker (stable-fixes). - drm/xe/pf: Sanitize VF scratch registers on FLR (stable-fixes). - commit ad41c3a - mm: userfaultfd: fix race of userfaultfd_move and swap cache (CVE-2025-38242 bsc#1246176). - commit 04ed915 ++++ samba: - adjust gpgme build dependency for future-proofing ++++ wpa_supplicant: - Build wpa_gui with qt6 instead of obsolete qt5 [+ 0001-wpa_gui-Port-to-Qt6.patch] - Update build config: * Enable 802.11ax support ------------------------------------------------------------------ ------------------ 2025-7-24 - Jul 24 2025 ------------------- ------------------------------------------------------------------ ++++ Mesa: - U_loader_wayland-Fix-missing-timespec.h-include.patch * fixes build with wayland-protocols 1.45 ++++ Mesa-drivers: - U_loader_wayland-Fix-missing-timespec.h-include.patch * fixes build with wayland-protocols 1.45 ++++ afterburn: - Update to version 5.9.0: * cargo: Afterburn release 5.9.0 * docs/release-notes: update for release 5.9.0 * cargo: update dependencies * Add TMT test structure and basic smoke test * build(deps): bump openssl from 0.10.72 to 0.10.73 * build(deps): bump reqwest from 0.12.15 to 0.12.18 * docs/release-notes: Update changelog entry * dracut: Return 255 in module-setup * oraclecloud: add release note and move base URL to constant * oraclecloud: implement oraclecloud provider * build(deps): bump nix from 0.29.0 to 0.30.1 * build(deps): bump zbus from 5.7.0 to 5.7.1 * build(deps): bump serde-xml-rs from 0.6.0 to 0.8.1 * build(deps): bump ipnetwork from 0.20.0 to 0.21.1 * build(deps): bump clap from 4.5.38 to 4.5.39 ++++ container-selinux: - Add workaround for rootless docker iptables AVCs (bsc#1246348) adding rootless-docker_iptables.patch ++++ python-kiwi: - Bump version: 10.2.28 → 10.2.29 - Fix return from repart stage If we return from the repart stage it's important to wait for the root device to appear. This is because the device setup from udev might still be held back due to a former lock on the device. This means if we return fast after locking for example when check_repart_possible() quickly finds out that it's not possible, then udev has not yet got the time to create the device nodes. This Fixes #2863 ++++ glibc: - regcomp-double-free.patch: posix: Fix double-free after allocation failure in regcomp (CVE-2025-8058, bsc#1246965, BZ #33185) ++++ gstreamer: - Update to version 1.26.4: + Highlighted bugfixes in 1.26.4: - adaptivedemux2: Fixed reverse playback - d3d12screencapture: Add support for monitor add/remove in device provider - rtmp2src: various fixes to make it play back AWS medialive streams - rtph265pay: add profile-id, tier-flag, and level-id to output rtp caps - vp9parse: Fix handling of spatial SVC decoding - vtenc: Fix negotiation failure with profile=main-422-10 - gtk4paintablesink: Add YCbCr memory texture formats and other improvements - livekit: add room-timeout - mp4mux: add TAI timestamp muxing support - rtpbin2: fix various race conditions, plus other bug fixes and performance improvements - threadshare: add a ts-rtpdtmfsrc element, implement run-time input switching in ts-intersrc - webrtcsink: fix deadlock on error setting remote description and other fixes. - cerbero: WiX installer: fix missing props files in the MSI packages - smaller macOS/iOS package sizes - Various bug fixes, build fixes, memory leak fixes, and other stability and reliability improvements + gstreamer: - tracers: Fix deadlock in latency tracer - Fix various valgrind/test errors when GST_DEBUG is enabled - More valgrind and test fixes - Various ASAN fixes ++++ gstreamer-plugins-base: - Update to version 1.26.4: + Revert "streamsynchronizer: Consider streams having received stream-start as waiting" + alsa: free conf cache under valgrind + gst-device-monitor: Fix caps filter splitting + Fix various valgrind/test errors when GST_DEBUG is enabled + More valgrind and test fixes + Various ASAN fixes ++++ kdump: - upgrade to version 2.1.5 * kdumptool calibrate: use kernel flavour from the kdump kernel (jsc#PED-12971) * order kdump-commandline.service after kdump.service * updated documentation (bsc#1246908) ++++ kernel-default: - x86/fpu: Refactor xfeature bitmask update code for sigframe XSAVE (git-fixes). - commit fdfb535 - kABI workaround for drm_gem.h (git-fixes). - commit b3f8c43 - x86/microcode: Consolidate the loader enablement checking (git-fixes). - commit a281c51 - x86/pkeys: Simplify PKRU update in signal frame (git-fixes). - commit 7f493bf - x86/mm/pat: don't collapse pages without PSE set (git-fixes). - commit a309aa1 - x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes). - commit b9a8d7c - x86/mce: Don't remove sysfs if thresholding sysfs init fails (git-fixes). - commit 6b9b4dc - x86/mce: Ensure user polling settings are honored when restarting timer (git-fixes). - commit dd99169 - x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). - commit 8cf89c0 - drivers: base: handle module_kobject creation (git-fixes). - kernel: globalize lookup_or_create_module_kobject() (stable-fixes). - kernel: param: rename locate_module_kobject (stable-fixes). - commit 443c294 - bus: firewall: Fix missing static inline annotations for stubs (git-fixes). - drm/gem: Internally test import_attach for imported objects (git-fixes). - commit 883c447 - mailbox: Not protect module_put with spin_lock_irqsave (stable-fixes). - of: unittest: Unlock on error in unittest_data_add() (git-fixes). - objtool, lkdtm: Obfuscate the do_nothing() pointer (stable-fixes). - objtool, regulator: rk808: Remove potential undefined behavior in rk806_set_mode_dcdc() (stable-fixes). - objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler() (stable-fixes). - mailbox: pcc: Use acpi_os_ioremap() instead of ioremap() (stable-fixes). - mailbox: pcc: Always clear the platform ack interrupt first (stable-fixes). - mailbox: pcc: Fix the possible race in updation of chan_in_use flag (stable-fixes). - of: resolver: Fix device node refcount leakage in of_resolve_phandles() (git-fixes). - of: resolver: Simplify of_resolve_phandles() using __free() (stable-fixes). - commit 2842fe3 - phy: fsl-imx8mq-usb: fix phy_tx_vboost_level_from_property() (git-fixes). - phy: rockchip: samsung-hdptx: Do no set rk_hdptx_phy->rate in case of errors (git-fixes). - phy: rockchip: samsung-hdptx: Fix clock ratio setup (git-fixes). - PM: EM: use kfree_rcu() to simplify the code (stable-fixes). - pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes). - commit 0b2b7d3 - iio: pressure: mprls0025pa: use aligned_s64 for timestamp (git-fixes). - iio: adc: ad7266: Fix potential timestamp alignment issue (git-fixes). - iio: adc: ad7768-1: Fix insufficient alignment of timestamp (git-fixes). - iio: adc: dln2: Use aligned_s64 for timestamp (git-fixes). - iio: accel: adxl355: Make timestamp 64-bit aligned using aligned_s64 (git-fixes). - iio: chemical: pms7003: use aligned_s64 for timestamp (git-fixes). - iio: chemical: sps30: use aligned_s64 for timestamp (git-fixes). - commit c3a47c4 - drm/i915/dp_mst: Work around Thunderbolt sink disconnect after SINK_COUNT_ESI read (stable-fixes). - accel/ivpu: Correct DCT interrupt handling (git-fixes). - commit af2fdb4 - accel/ivpu: Fix warning in ivpu_gem_bo_free() (git-fixes). - drm/gem: Test for imported GEM buffers with helper (stable-fixes). - commit bf7255f - rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879) Put the same workaround to avoid file truncation of vmlinux and co in kernel-default-base package, too. - commit 2329734 - iommu/vt-d: Fix possible circular locking dependency (git-fixes). - commit b917ee9 - drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). - Revert "drm/nouveau: check ioctl command codes better" (git-fixes). - drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). - drm/amdgpu: Reset the clear flag in buddy during resume (git-fixes). - platform/x86: Fix initialization order for firmware_attributes_class (git-fixes). - platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). - platform/x86: ideapad-laptop: Fix FnLock not remembered among boots (git-fixes). - platform/mellanox: mlxbf-pmc: Use kstrtobool() to check 0/1 input (git-fixes). - platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes). - platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes). - commit e77a634 ++++ kernel-rt: - x86/fpu: Refactor xfeature bitmask update code for sigframe XSAVE (git-fixes). - commit fdfb535 - kABI workaround for drm_gem.h (git-fixes). - commit b3f8c43 - x86/microcode: Consolidate the loader enablement checking (git-fixes). - commit a281c51 - x86/pkeys: Simplify PKRU update in signal frame (git-fixes). - commit 7f493bf - x86/mm/pat: don't collapse pages without PSE set (git-fixes). - commit a309aa1 - x86/traps: Initialize DR6 by writing its architectural reset value (git-fixes). - commit b9a8d7c - x86/mce: Don't remove sysfs if thresholding sysfs init fails (git-fixes). - commit 6b9b4dc - x86/mce: Ensure user polling settings are honored when restarting timer (git-fixes). - commit dd99169 - x86/mce/amd: Add default names for MCA banks and blocks (git-fixes). - commit 8cf89c0 - drivers: base: handle module_kobject creation (git-fixes). - kernel: globalize lookup_or_create_module_kobject() (stable-fixes). - kernel: param: rename locate_module_kobject (stable-fixes). - commit 443c294 - bus: firewall: Fix missing static inline annotations for stubs (git-fixes). - drm/gem: Internally test import_attach for imported objects (git-fixes). - commit 883c447 - mailbox: Not protect module_put with spin_lock_irqsave (stable-fixes). - of: unittest: Unlock on error in unittest_data_add() (git-fixes). - objtool, lkdtm: Obfuscate the do_nothing() pointer (stable-fixes). - objtool, regulator: rk808: Remove potential undefined behavior in rk806_set_mode_dcdc() (stable-fixes). - objtool, ASoC: codecs: wcd934x: Remove potential undefined behavior in wcd934x_slim_irq_handler() (stable-fixes). - mailbox: pcc: Use acpi_os_ioremap() instead of ioremap() (stable-fixes). - mailbox: pcc: Always clear the platform ack interrupt first (stable-fixes). - mailbox: pcc: Fix the possible race in updation of chan_in_use flag (stable-fixes). - of: resolver: Fix device node refcount leakage in of_resolve_phandles() (git-fixes). - of: resolver: Simplify of_resolve_phandles() using __free() (stable-fixes). - commit 2842fe3 - phy: fsl-imx8mq-usb: fix phy_tx_vboost_level_from_property() (git-fixes). - phy: rockchip: samsung-hdptx: Do no set rk_hdptx_phy->rate in case of errors (git-fixes). - phy: rockchip: samsung-hdptx: Fix clock ratio setup (git-fixes). - PM: EM: use kfree_rcu() to simplify the code (stable-fixes). - pm: cpupower: bench: Prevent NULL dereference on malloc failure (stable-fixes). - commit 0b2b7d3 - iio: pressure: mprls0025pa: use aligned_s64 for timestamp (git-fixes). - iio: adc: ad7266: Fix potential timestamp alignment issue (git-fixes). - iio: adc: ad7768-1: Fix insufficient alignment of timestamp (git-fixes). - iio: adc: dln2: Use aligned_s64 for timestamp (git-fixes). - iio: accel: adxl355: Make timestamp 64-bit aligned using aligned_s64 (git-fixes). - iio: chemical: pms7003: use aligned_s64 for timestamp (git-fixes). - iio: chemical: sps30: use aligned_s64 for timestamp (git-fixes). - commit c3a47c4 - drm/i915/dp_mst: Work around Thunderbolt sink disconnect after SINK_COUNT_ESI read (stable-fixes). - accel/ivpu: Correct DCT interrupt handling (git-fixes). - commit af2fdb4 - accel/ivpu: Fix warning in ivpu_gem_bo_free() (git-fixes). - drm/gem: Test for imported GEM buffers with helper (stable-fixes). - commit bf7255f - rpm/kernel-subpackage-spec: Skip brp-strip-debug to avoid file truncation (bsc#1246879) Put the same workaround to avoid file truncation of vmlinux and co in kernel-default-base package, too. - commit 2329734 - iommu/vt-d: Fix possible circular locking dependency (git-fixes). - commit b917ee9 - drm/bridge: ti-sn65dsi86: Remove extra semicolon in ti_sn_bridge_probe() (git-fixes). - Revert "drm/nouveau: check ioctl command codes better" (git-fixes). - drm/sched: Remove optimization that causes hang when killing dependent jobs (git-fixes). - drm/amdgpu: Reset the clear flag in buddy during resume (git-fixes). - platform/x86: Fix initialization order for firmware_attributes_class (git-fixes). - platform/x86: ideapad-laptop: Fix kbd backlight not remembered among boots (git-fixes). - platform/x86: ideapad-laptop: Fix FnLock not remembered among boots (git-fixes). - platform/mellanox: mlxbf-pmc: Use kstrtobool() to check 0/1 input (git-fixes). - platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes). - platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes). - commit e77a634 ------------------------------------------------------------------ ------------------ 2025-7-23 - Jul 23 2025 ------------------- ------------------------------------------------------------------ ++++ cloud-regionsrv-client: - Update version to 10.5.0 + Use region server IP addresses to determine Internet access rather than a generic address. Region server IP addresses may not be blocked in the network construct. (bsc#1245305) ++++ cockpit: - Add %postun for firewalld package to ensure the firewall state remains as expected ++++ docker: - Update to docker-buildx v0.26.1. Upstream changelog: ++++ transactional-update: - Add journalmount.patch to bind mount systemd journal only when available ++++ kernel-default: - hci_dev centralize extra lock (CVE-2025-38117 bsc#1245695). - commit 242b32d - rpm/kernel-binary.spec.in: Ignore return code from ksymtypes compare When using suse-kabi-tools, the RPM build invokes 'ksymvers compare' to compare the resulting symbol CRCs with the reference data. If the values differ, it then invokes 'ksymtypes compare' to provide a detailed report explaining why the symbols differ. The build expects the latter 'ksymtypes compare' command to always return zero, even if the two compared kABI corpuses are different. This is currently the case for 'ksymtypes compare'. However, I plan to update the command to return a non-zero code when the comparison detects any differences. This should ensure consistent behavior with 'ksymvers compare'. Since the build uses 'ksymtypes compare' only for more detailed diagnostics, ignore its return code. - commit 5ac1381 - net: atm: fix /proc/net/atm/lec handling (CVE-2025-38180 bsc#1245970). - net: atm: add lec_mutex (CVE-2025-38323 bsc#1246473). - net: atm: fix /proc/net/atm/lec handling (CVE-2025-38180 bsc#1245970). - net: atm: add lec_mutex (CVE-2025-38323 bsc#1246473). - commit 736dcb9 - Bluetooth: MGMT: Protect mgmt_pending list with its own lock (CVE-2025-38117 bsc#1245695). - commit 089c9e2 - arm64: config: Make tpm_tis_spi module build-in (bsc#1246896) - commit 9192eb0 ++++ kernel-rt: - hci_dev centralize extra lock (CVE-2025-38117 bsc#1245695). - commit 242b32d - rpm/kernel-binary.spec.in: Ignore return code from ksymtypes compare When using suse-kabi-tools, the RPM build invokes 'ksymvers compare' to compare the resulting symbol CRCs with the reference data. If the values differ, it then invokes 'ksymtypes compare' to provide a detailed report explaining why the symbols differ. The build expects the latter 'ksymtypes compare' command to always return zero, even if the two compared kABI corpuses are different. This is currently the case for 'ksymtypes compare'. However, I plan to update the command to return a non-zero code when the comparison detects any differences. This should ensure consistent behavior with 'ksymvers compare'. Since the build uses 'ksymtypes compare' only for more detailed diagnostics, ignore its return code. - commit 5ac1381 - net: atm: fix /proc/net/atm/lec handling (CVE-2025-38180 bsc#1245970). - net: atm: add lec_mutex (CVE-2025-38323 bsc#1246473). - net: atm: fix /proc/net/atm/lec handling (CVE-2025-38180 bsc#1245970). - net: atm: add lec_mutex (CVE-2025-38323 bsc#1246473). - commit 736dcb9 - Bluetooth: MGMT: Protect mgmt_pending list with its own lock (CVE-2025-38117 bsc#1245695). - commit 089c9e2 - arm64: config: Make tpm_tis_spi module build-in (bsc#1246896) - commit 9192eb0 ++++ kubevirt: - Replace/Supercede patch Update-module-golang.org-x-net-to-v0.36.0-SECURITY.patch -> Update-module-golang.org-x-net-to-v0.38.0-SECURITY.patch (bsc#1238704, bsc#1241772) - Rename patch for clarity and consistency chore-deps-update-module-golang.org-x-oauth2-to-v0.2.patch -> Update-module-golang.org-x-oauth2-to-v0.27.0-SECURITY.patch - Update _service file to reference v1.5.2 - Reorder patches with respect to the newly added patch ++++ libzypp: - During installation indicate the backend being used (bsc#1246038) If some package actually needs to know, it should test for ZYPP_CLASSIC_RPMTRANS being set in the environment. Otherwise the transaction is driven by librpm. - version 17.37.14 (35) ++++ qemu: - Fix bsc#1246566: * [roms] seabios: include "pciinit: don't misalign large BARs" (bsc#1246566) ++++ sysuser-tools: - disable the buildroot virus scanning, as it needs the vscan user this package provides. (bsc#1246878) ------------------------------------------------------------------ ------------------ 2025-7-22 - Jul 22 2025 ------------------- ------------------------------------------------------------------ ++++ cloud-init: - Update to version 25.1.3 (bsc#1245401,bsc#1245403) + Forward port - cloud-init-no-openstack-guess.patch + docs: provide example3 for PAM and ssh_pwauth behavior (#27) + fix: Make hotplug socket writable only by root (#25) (CVE-2024-11584) + fix: Don't attempt to identify non-x86 OpenStack instances (LP: #2069607) (CVE-2024-6174) From 25.1.2 + fix: ensure MAAS datasource retries on failure (#6167) ++++ fde-tools: - Add fde-tools-bsc1246464-use-default-uefi-boot-path.patch to use the default EFI boot path if there is no FILE compoment in in the boot entry (bsc#1246464) ++++ kernel-default: - KVM: TDX: Don't report base TDVMCALLs (git-fixes). - commit 486d9e8 - Documentation: KVM: Fix unexpected unindent warning (git-fixes). - commit 1046fef - Documentation: KVM: Fix unexpected unindent warnings (git-fixes). - commit bfc2140 - kABI fix after Add TDX support for vSphere (jsc#PED-13302). - commit a4c3d79 - s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246868). - commit 7a6a473 - KVM: VMX: Ensure unused kvm_tdx_capabilities fields are zeroed out (jsc#PED-13302). - commit bc9f3cf - KVM: TDX: Report supported optional TDVMCALLs in TDX capabilities (jsc#PED-13302). - commit af1a799 - KVM: TDX: Exit to userspace for SetupEventNotifyInterrupt (jsc#PED-13302). - commit b72fb90 - KVM: TDX: Exit to userspace for GetTdVmCallInfo (jsc#PED-13302). - commit 78e8a10 - KVM: TDX: Handle TDG.VP.VMCALL (jsc#PED-13302). - commit 2d49648 - KVM: TDX: Add new TDVMCALL status code for unsupported subfuncs (jsc#PED-13302). - commit 9661c0c - KVM: x86: Reject KVM_SET_TSC_KHZ vCPU ioctl for TSC protected guest (git-fixes). - commit 62d55cd - KVM: x86: avoid underflow when scaling TSC frequency (git-fixes). - commit 38e9775 - iommu/vt-d: Fix system hang on reboot -f (git-fixes). - commit d8aaf21 - KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes). - commit be0174d - KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (git-fixes). - commit 95b4b81 - kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). - commit 48db1ee - KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). - commit 1cd78e3 ++++ kernel-firmware-sound: - Update to version 20250721 (git commit d89120bb80fc): * cirrus: cs35l41: Add Firmware for various ASUS commercial Laptops using CS35L41 HDA * cirrus: cs35l41: Update Firmware for Dell Oasis * cirrus: cs35l56: Add firmware for Cirrus CS35L56 for various Dell laptops * qcom: Add Audio topology for QCS6490 RB3Gen2 ++++ kernel-rt: - KVM: TDX: Don't report base TDVMCALLs (git-fixes). - commit 486d9e8 - Documentation: KVM: Fix unexpected unindent warning (git-fixes). - commit 1046fef - Documentation: KVM: Fix unexpected unindent warnings (git-fixes). - commit bfc2140 - kABI fix after Add TDX support for vSphere (jsc#PED-13302). - commit a4c3d79 - s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again (git-fixes bsc#1246868). - commit 7a6a473 - KVM: VMX: Ensure unused kvm_tdx_capabilities fields are zeroed out (jsc#PED-13302). - commit bc9f3cf - KVM: TDX: Report supported optional TDVMCALLs in TDX capabilities (jsc#PED-13302). - commit af1a799 - KVM: TDX: Exit to userspace for SetupEventNotifyInterrupt (jsc#PED-13302). - commit b72fb90 - KVM: TDX: Exit to userspace for GetTdVmCallInfo (jsc#PED-13302). - commit 78e8a10 - KVM: TDX: Handle TDG.VP.VMCALL (jsc#PED-13302). - commit 2d49648 - KVM: TDX: Add new TDVMCALL status code for unsupported subfuncs (jsc#PED-13302). - commit 9661c0c - KVM: x86: Reject KVM_SET_TSC_KHZ vCPU ioctl for TSC protected guest (git-fixes). - commit 62d55cd - KVM: x86: avoid underflow when scaling TSC frequency (git-fixes). - commit 38e9775 - iommu/vt-d: Fix system hang on reboot -f (git-fixes). - commit d8aaf21 - KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes). - commit be0174d - KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight (git-fixes). - commit 95b4b81 - kABI fix after KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). - commit 48db1ee - KVM: SVM: Fix SNP AP destroy race with VMRUN (git-fixes). - commit 1cd78e3 ++++ libnvme: - Update to version 1.11+4.g18b9f8e5: * tree: free ctrl attributes when (re)configure ctrl (bsc#1243716) * tree: filter tree after scan has completed (bsc#1243716) * test/mock: pass thru unknown ioctls * linux: fix derive_psk_digest OpenSSL 1.1 version - Drop intergrated patches * remove 0001-linux-fix-derive_psk_digest-OpenSSL-1.1-version.patch * remove 0002-test-mock-pass-thru-unknown-ioctls.patch ++++ libzypp: - Workaround 'rpm -vv' leaving scriptlets /var/tmp (bsc#1218459) - Verbose log libproxy results if PX_DEBUG=1 is set. - BuildRequires: cmake >= 3.17. - version 17.37.13 (35) ++++ nvme-cli: - Update to version 2.11+4.g16c450a7: * nvme: fix mem leak in nvme copy (bsc#1243716) * nvme-print: suppress output when no ctrl is present for list-subsys (bsc#1243716) * nvme: extend filter to match device name (bsc#1243716) * udev-rules-ontap: switch to queue-depth iopolicy (bsc#1246599) ------------------------------------------------------------------ ------------------ 2025-7-21 - Jul 21 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Add cockpit-firewalld package for easily configuring the users firewall jsc#PED-13228 ++++ docker: - Update to docker-buildx v0.26.0. Upstream changelog: ++++ transactional-update: - Version 5.0.7 - Add sysext compatibility [bsc#1246140] - Fix soft-reboot with btrfs subvolume based /etc - Sync /etc layers also on soft-reboot - Bind mount /run/systemd/journal to allow log calls [gh#openSUSE/transactional-update#149] - Use rootlesskit instead of fakeroot for tests - Small coding style fixes - Temporarily disabling the testsuite because it doesn't run in the build environment so far ++++ kernel-default: - iavf: get rid of the crit lock (CVE-2025-38311 bsc#1246376). - iavf: sprinkle netdev_assert_locked() annotations (CVE-2025-38311 bsc#1246376). - iavf: extract iavf_watchdog_step() out of iavf_watchdog_task() (CVE-2025-38311 bsc#1246376). - iavf: simplify watchdog_task in terms of adminq task scheduling (CVE-2025-38311 bsc#1246376). - iavf: centralize watchdog requeueing itself (CVE-2025-38311 bsc#1246376). - net: dsa: b53: do not enable EEE on bcm63xx (CVE-2025-38272 bsc#1246268). - commit 2236e1a - kABI workaround for bluetooth hci_dev changes (CVE-2025-38250 bsc#1246182). - commit 9363e74 - Bluetooth: hci_core: Fix use-after-free in vhci_flush() (CVE-2025-38250 bsc#1246182). - commit 7979f02 - tools/hv: fcopy: Fix irregularities with size of ring buffer (git-fixes). - PCI: hv: Use the correct hypercall for unmasking interrupts on nested (git-fixes). - x86/hyperv: Expose hv_map_msi_interrupt() (git-fixes). - Drivers: hv: Use nested hypercall for post message and signal event (git-fixes). - x86/hyperv: Clean up hv_map/unmap_interrupt() return values (git-fixes). - x86/hyperv: Fix usage of cpu_online_mask to get valid cpu (git-fixes). - PCI: hv: Don't load the driver for baremetal root partition (git-fixes). - net: mana: Fix warnings for missing export.h header inclusion (git-fixes). - PCI: hv: Fix warnings for missing export.h header inclusion (git-fixes). - clocksource: hyper-v: Fix warnings for missing export.h header inclusion (git-fixes). - x86/hyperv: Fix warnings for missing export.h header inclusion (git-fixes). - Drivers: hv: Fix warnings for missing export.h header inclusion (git-fixes). - Drivers: hv: Fix the check for HYPERVISOR_CALLBACK_VECTOR (git-fixes). - tools/hv: fcopy: Fix incorrect file path conversion (git-fixes). - Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes). - hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes). - commit 6fce57d - i2c: stm32f7: unmap DMA mapped buffer (git-fixes). - i2c: stm32: fix the device used for the DMA map (git-fixes). - usb: hub: Don't try to recover devices lost during warm reset (git-fixes). - usb: dwc2: gadget: Fix enter to hibernation for UTMI+ PHY (git-fixes). - usb: musb: fix gadget state on disconnect (git-fixes). - thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). - thunderbolt: Fix wake on connect at runtime (git-fixes). - pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). - serial: core: fix OF node leak (git-fixes). - comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). - comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). - comedi: das6402: Fix bit shift out of bounds (git-fixes). - comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). - comedi: pcl812: Fix bit shift out of bounds (git-fixes). - comedi: das16m1: Fix bit shift out of bounds (git-fixes). - comedi: Fix some signed shift left operations (git-fixes). - comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). - interconnect: icc-clk: destroy nodes in case of memory allocation failures (git-fixes). - interconnect: exynos: handle node name allocation failure (git-fixes). - interconnect: qcom: sc7280: Add missing num_links to xm_pcie3_1 node (git-fixes). - iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). - iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes). - iio: adc: axp20x_adc: Add missing sentinel to AXP717 ADC channel maps (git-fixes). - iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). - iio: backend: fix out-of-bound write (git-fixes). - spi: Add check for 8-bit transfer with 8 IO mode support (git-fixes). - regmap: fix potential memory leak of regmap_bus (git-fixes). - Input: xpad - set correct controller type for Acer NGR200 (git-fixes). - commit efa1e54 ++++ kernel-firmware-nvidia: - Remove stale *.rpmmoved directories (bsc#1244458) ++++ kernel-firmware-qcom: - Remove stale *.rpmmoved directories (bsc#1244458) ++++ kernel-rt: - iavf: get rid of the crit lock (CVE-2025-38311 bsc#1246376). - iavf: sprinkle netdev_assert_locked() annotations (CVE-2025-38311 bsc#1246376). - iavf: extract iavf_watchdog_step() out of iavf_watchdog_task() (CVE-2025-38311 bsc#1246376). - iavf: simplify watchdog_task in terms of adminq task scheduling (CVE-2025-38311 bsc#1246376). - iavf: centralize watchdog requeueing itself (CVE-2025-38311 bsc#1246376). - net: dsa: b53: do not enable EEE on bcm63xx (CVE-2025-38272 bsc#1246268). - commit 2236e1a - kABI workaround for bluetooth hci_dev changes (CVE-2025-38250 bsc#1246182). - commit 9363e74 - Bluetooth: hci_core: Fix use-after-free in vhci_flush() (CVE-2025-38250 bsc#1246182). - commit 7979f02 - tools/hv: fcopy: Fix irregularities with size of ring buffer (git-fixes). - PCI: hv: Use the correct hypercall for unmasking interrupts on nested (git-fixes). - x86/hyperv: Expose hv_map_msi_interrupt() (git-fixes). - Drivers: hv: Use nested hypercall for post message and signal event (git-fixes). - x86/hyperv: Clean up hv_map/unmap_interrupt() return values (git-fixes). - x86/hyperv: Fix usage of cpu_online_mask to get valid cpu (git-fixes). - PCI: hv: Don't load the driver for baremetal root partition (git-fixes). - net: mana: Fix warnings for missing export.h header inclusion (git-fixes). - PCI: hv: Fix warnings for missing export.h header inclusion (git-fixes). - clocksource: hyper-v: Fix warnings for missing export.h header inclusion (git-fixes). - x86/hyperv: Fix warnings for missing export.h header inclusion (git-fixes). - Drivers: hv: Fix warnings for missing export.h header inclusion (git-fixes). - Drivers: hv: Fix the check for HYPERVISOR_CALLBACK_VECTOR (git-fixes). - tools/hv: fcopy: Fix incorrect file path conversion (git-fixes). - Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes). - hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes). - commit 6fce57d - i2c: stm32f7: unmap DMA mapped buffer (git-fixes). - i2c: stm32: fix the device used for the DMA map (git-fixes). - usb: hub: Don't try to recover devices lost during warm reset (git-fixes). - usb: dwc2: gadget: Fix enter to hibernation for UTMI+ PHY (git-fixes). - usb: musb: fix gadget state on disconnect (git-fixes). - thunderbolt: Fix bit masking in tb_dp_port_set_hops() (git-fixes). - thunderbolt: Fix wake on connect at runtime (git-fixes). - pch_uart: Fix dma_sync_sg_for_device() nents value (git-fixes). - serial: core: fix OF node leak (git-fixes). - comedi: Fix initialization of data for instructions that write to subdevice (git-fixes). - comedi: Fix use of uninitialized data in insn_rw_emulate_bits() (git-fixes). - comedi: das6402: Fix bit shift out of bounds (git-fixes). - comedi: aio_iiro_16: Fix bit shift out of bounds (git-fixes). - comedi: pcl812: Fix bit shift out of bounds (git-fixes). - comedi: das16m1: Fix bit shift out of bounds (git-fixes). - comedi: Fix some signed shift left operations (git-fixes). - comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large (git-fixes). - interconnect: icc-clk: destroy nodes in case of memory allocation failures (git-fixes). - interconnect: exynos: handle node name allocation failure (git-fixes). - interconnect: qcom: sc7280: Add missing num_links to xm_pcie3_1 node (git-fixes). - iio: adc: ad7949: use spi_is_bpw_supported() (git-fixes). - iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush (git-fixes). - iio: adc: axp20x_adc: Add missing sentinel to AXP717 ADC channel maps (git-fixes). - iio: adc: stm32-adc: Fix race in installing chained IRQ handler (git-fixes). - iio: backend: fix out-of-bound write (git-fixes). - spi: Add check for 8-bit transfer with 8 IO mode support (git-fixes). - regmap: fix potential memory leak of regmap_bus (git-fixes). - Input: xpad - set correct controller type for Acer NGR200 (git-fixes). - commit efa1e54 ++++ kubevirt: - Update to version 1.5.2 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.5.2 bsc#1234537 (CVE-2024-45337), bsc#1235303 (CVE-2024-45338), bsc#1244486 - Drop upstream patch 0002-chore-deps-update-module-golang.org-x-crypto-to-v0.3.patch - Rename patches 0001-Ensure-SEV-VMs-use-stateless-OVMF-firmware.patch -> Ensure-SEV-VMs-use-stateless-OVMF-firmware.patch 0003-chore-deps-update-module-golang.org-x-oauth2-to-v0.2.patch -> chore-deps-update-module-golang.org-x-oauth2-to-v0.2.patch 0004-chore-deps-update-module-golang.org-x-net-to-v0.36.0.patch -> Update-module-golang.org-x-net-to-v0.36.0-SECURITY.patch ++++ libbpf: - update to 1.6.0: * add more control over BPF object lifetime with new preparation step (bpf_object__prepare() API) * libbpf will report symbolic error code (e.g., "-EINVAL") in addition to human-readable error description * bpf_prog_stream_read() API * BPF token support when attaching BPF trampoline-based BPF programs in bpf_program__set_attach_target() * BPF token support for BPF_BTF_GET_FD_BY_ID command * support multi-uprobe session (SEC("uprobe.session")) BPF programs * support unique_match option for multi-kprobe attachment * support creating and destroying qdisk with BPF_TC_QDISC flag; * bpf_program__attach_cgroup_opts() which enables more precise cgroup-based attachment ordering * automatically take advantage of memory-mappable kernel BTF (/sys/kernel/btf/vmlinux), if supported * emit_strings option for BTF dumper API, improving string-like data printing * add BPF program's func and line info accessors * BPF linker supports linking ELF object files coming from memory buffer and referenced by FD, in addition to file path-based APIs; * small improvements to BTF dedup to handle rare quirky corner cases produces by some compilers * add likely() and unlikely() convenience macros; * __arg_untrusted annotation for BPF global subprog arguments; * bpf_stream_printk() macro for working with BPF streams; * bpf_usdt_arg_size() API - update to 1.6.0: * fixing a possible crash when handling BPF arena global variable relocations - drop 0001-libbpf-Add-identical-pointer-detection-to-btf_dedup_.patch, which is now included ++++ harfbuzz: - Update to version 11.3.2: + Fix build with non-compliant C++11 compilers that don't recognize the "and" keyword. - Changes from version 11.3.1: + Fix crasher in the glyph_v_origin function introduced in 11.3.0. - Changes from version 11.3.0: + Speed up handling fonts with very large number of variations. + Speed up getting horizontal and vertical glyph advances by up to 24%. + Significantly speed up vertical text shaping. + Various documentation improvements. + Various build improvements. + Various subsetting improvements. + Various improvements to Rust font functions (fontations integration) and shaper (HarfRust integration). + Rename harfruzz option and shaper to harfrust following upstream rename. + Implement hb_face_reference_blob() for DirectWrite font functions. ++++ mdadm: - Stop emitting %release into program binaries [boo#1246806] ------------------------------------------------------------------ ------------------ 2025-7-20 - Jul 20 2025 ------------------- ------------------------------------------------------------------ ++++ hyper-v: - fcopy: Fix irregularities with size of ring buffer (a4131a50) - fcopy: Fix incorrect file path conversion (0d86a8d6) ++++ kernel-default: - hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes). - drm/mediatek: only announce AFBC if really supported (git-fixes). - drm/mediatek: Add wait_event_timeout when disabling plane (git-fixes). - drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). - drm/nouveau: check ioctl command codes better (git-fixes). - soundwire: amd: fix for clearing command status register (git-fixes). - dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). - phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes). - memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes). - mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). - mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). - mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). - commit f4e7d99 ++++ kernel-rt: - hwmon: (corsair-cpro) Validate the size of the received input buffer (git-fixes). - drm/mediatek: only announce AFBC if really supported (git-fixes). - drm/mediatek: Add wait_event_timeout when disabling plane (git-fixes). - drm/amdgpu/gfx8: reset compute ring wptr on the GPU on resume (git-fixes). - drm/nouveau: check ioctl command codes better (git-fixes). - soundwire: amd: fix for clearing command status register (git-fixes). - dmaengine: nbpfaxi: Fix memory corruption in probe() (git-fixes). - phy: tegra: xusb: Fix unbalanced regulator disable in UTMI PHY mode (git-fixes). - memstick: core: Zero initialize id_reg in h_memstick_read_dev_id() (git-fixes). - mmc: bcm2835: Fix dma_unmap_sg() nents value (git-fixes). - mmc: sdhci_am654: Workaround for Errata i2312 (git-fixes). - mmc: sdhci-pci: Quirk for broken command queuing on Intel GLK-based Positivo models (git-fixes). - commit f4e7d99 ++++ unbound: - Remove leftover dependency on sudo (not required) See also: boo#1215628 ------------------------------------------------------------------ ------------------ 2025-7-19 - Jul 19 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - virtio-net: fix recursived rtnl_lock() during probe() (git-fixes). - commit 0bc7aff - vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes). - commit 615e0f1 - vsock: Fix transport_* TOCTOU (git-fixes). - commit 704674f - vsock: Fix transport_{g2h,h2g} TOCTOU (git-fixes). - commit 3024c81 ++++ kernel-firmware-amdgpu: - Update to version 20250718 (git commit a5fbfa20d1bd): * amdgpu: update dmcub fw for various DCN version ++++ kernel-firmware-intel: - Update to version 20250718 (git commit a5fbfa20d1bd): * intel_vpu: Update NPU firmware ++++ kernel-rt: - virtio-net: fix recursived rtnl_lock() during probe() (git-fixes). - commit 0bc7aff - vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes). - commit 615e0f1 - vsock: Fix transport_* TOCTOU (git-fixes). - commit 704674f - vsock: Fix transport_{g2h,h2g} TOCTOU (git-fixes). - commit 3024c81 ------------------------------------------------------------------ ------------------ 2025-7-18 - Jul 18 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Bump version: 10.2.27 → 10.2.28 - Fix dracut code to be POSIX compliant The redirect type "< <(...)" is not POSIX complians and leads to a syntax error in dracut which calls bash as "sh" leading it to be restricted to POSIX only ++++ gdk-pixbuf: - Add gdk-pixbuf-fix-decoder-written-bytes-reporting.patch: Fix memory leak caused by wrong written bytes reported by decoder (CVE-2025-6199, glgo#GNOME/gdk-pixbuf#257, bsc#1245227). ++++ kdump: - upgrade to version 2.1.4 * work around failing calibration on aarch64 * support for kernel flavour-specific calibration * specific calibration for aarch64 -64kb kernels (jsc#PED-12971) * use KDUMP_NET_TIMEOUT as sftp/ftp timeout - update calibrate values ++++ kernel-default: - vsock/vmci: Clear the vmci transport packet properly when initializing it (git-fixes). - commit ec91da1 - virtio-net: xsk: rx: fix the frame's length check (git-fixes). - commit d6ac97d - af_unix: Don't set -ECONNRESET for consumed OOB skb (bsc#1246093). - commit 6c81d26 - sched/psi: Optimize psi_group_change() cpu_clock() usage KABI (bsc#1234634 (Scheduler functional and performance backports)). - commit 74a8f57 - virtio-net: ensure the received length does not exceed allocated size (git-fixes). - commit 98cd35a - sched: Skip useless sched_balance_running acquisition if load balance is not due (bsc#1234634 (Scheduler functional and performance backports)). - commit 8648646 - net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes). - commit ecdd7a1 - net: fix segmentation after TCP/UDP fraglist GRO (git-fixes). - commit 0365d28 - ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). - commit 6b2d784 - rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). - commit fa150fb - af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). - commit f0f997a - net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). - commit e3a7f48 - sched/deadline: Less agressive dl_server handling KABI (bsc#1234634 (Scheduler functional and performance backports)). - commit ce216e3 - sched/fair: Workaround NO_RUN_TO_PARITY fix kabi (bsc#1234634 (Scheduler functional and performance backports)). - commit 6a6e170 - af_unix: Don't leave consecutive consumed OOB skbs (CVE-2025-38236 bsc#1246093). - commit a443f38 - kABI workaround for struct drm_framebuffer changes (git-fixes). - commit 7f15c4f - bridge: mcast: Fix use-after-free during router port configuration (CVE-2025-38248 bsc#1246173). - commit 78cf8a3 - Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). - Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). - Bluetooth: hci_core: add missing braces when using macro parameters (git-fixes). - Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). - Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). - Bluetooth: btintel: Check if controller is ISO capable on btintel_classify_pkt_type (git-fixes). - Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). - Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). - wifi: cfg80211: remove scan request n_channels counted_by (git-fixes). - can: tcan4x5x: fix reset gpio usage during probe (git-fixes). - usb: net: sierra: check for no status endpoint (git-fixes). - net: phy: Don't register LEDs for genphy (git-fixes). - clk: imx: Fix an out-of-bounds access in dispmix_csr_clk_dev_data (git-fixes). - clk: scmi: Handle case where child clocks are initialized before their parents (git-fixes). - drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). - drm/framebuffer: Acquire internal references on GEM handles (git-fixes). - wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). - wifi: mac80211: correctly identify S1G short beacon (git-fixes). - wifi: cfg80211: fix S1G beacon head validation in nl80211 (git-fixes). - net: phy: qcom: qca808x: Fix WoL issue by utilizing at8031_set_wol() (git-fixes). - net: phy: qcom: move the WoL function to shared library (stable-fixes). - Revert "ACPI: battery: negate current when discharging" (stable-fixes). - drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). - vt: add missing notification when switching back to text mode (stable-fixes). - Revert "PCI/ACPI: Fix allocated memory release on error in pci_acpi_scan_root()" (stable-fixes). - ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak (stable-fixes). - ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes). - ALSA: hda/realtek: Add mic-mute LED setup for ASUS UM5606 (stable-fixes). - HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes). - HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). - HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes). - HID: nintendo: avoid bluetooth suspend/resume stalls (stable-fixes). - driver: bluetooth: hci_qca:fix unable to load the BT driver (stable-fixes). - net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). - wifi: cfg80211/mac80211: correctly parse S1G beacon optional elements (git-fixes). - drm/amdgpu/ip_discovery: add missing ip_discovery fw (stable-fixes). - drm/amdgpu/discovery: use specific ip_discovery.bin for legacy asics (stable-fixes). - ASoC: Intel: soc-acpi: arl: Add match entries for new cs42l43 laptops (stable-fixes). - ASoC: Intel: soc-acpi: arl: Correct naming of a cs35l56 address struct (stable-fixes). - commit ead540d ++++ kernel-firmware-media: - Update to version 20250717 (git commit 6fc20e018cca): * WHENCE: extract more license statements ++++ kernel-firmware-mellanox: - Update to version 20250717 (git commit 6fc20e018cca): * WHENCE: extract more license statements ++++ kernel-firmware-network: - Update to version 20250717 (git commit 6fc20e018cca): * WHENCE: extract more license statements ++++ kernel-firmware-platform: - Update to version 20250717 (git commit 6fc20e018cca): * WHENCE: extract more license statements ++++ kernel-firmware-qlogic: - Update to version 20250717 (git commit 6fc20e018cca): * WHENCE: extract more license statements ++++ kernel-firmware-realtek: - Update to version 20250717 (git commit 6fc20e018cca): * WHENCE: extract more license statements ++++ kernel-firmware-serial: - Update to version 20250717 (git commit 6fc20e018cca): * WHENCE: extract more license statements ++++ kernel-firmware-usb-network: - Update to version 20250717 (git commit 6fc20e018cca): * WHENCE: extract more license statements ++++ kernel-rt: - vsock/vmci: Clear the vmci transport packet properly when initializing it (git-fixes). - commit ec91da1 - virtio-net: xsk: rx: fix the frame's length check (git-fixes). - commit d6ac97d - af_unix: Don't set -ECONNRESET for consumed OOB skb (bsc#1246093). - commit 6c81d26 - sched/psi: Optimize psi_group_change() cpu_clock() usage KABI (bsc#1234634 (Scheduler functional and performance backports)). - commit 74a8f57 - virtio-net: ensure the received length does not exceed allocated size (git-fixes). - commit 98cd35a - sched: Skip useless sched_balance_running acquisition if load balance is not due (bsc#1234634 (Scheduler functional and performance backports)). - commit 8648646 - net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree (git-fixes). - commit ecdd7a1 - net: fix segmentation after TCP/UDP fraglist GRO (git-fixes). - commit 0365d28 - ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (git-fixes). - commit 6b2d784 - rpl: Fix use-after-free in rpl_do_srh_inline() (git-fixes). - commit fa150fb - af_packet: fix the SO_SNDTIMEO constraint not effective on tpacked_snd() (git-fixes). - commit f0f997a - net/sched: sch_qfq: Fix race condition on qfq_aggregate (git-fixes). - commit e3a7f48 - sched/deadline: Less agressive dl_server handling KABI (bsc#1234634 (Scheduler functional and performance backports)). - commit ce216e3 - sched/fair: Workaround NO_RUN_TO_PARITY fix kabi (bsc#1234634 (Scheduler functional and performance backports)). - commit 6a6e170 - af_unix: Don't leave consecutive consumed OOB skbs (CVE-2025-38236 bsc#1246093). - commit a443f38 - kABI workaround for struct drm_framebuffer changes (git-fixes). - commit 7f15c4f - bridge: mcast: Fix use-after-free during router port configuration (CVE-2025-38248 bsc#1246173). - commit 78cf8a3 - Bluetooth: L2CAP: Fix attempting to adjust outgoing MTU (git-fixes). - Bluetooth: btusb: QCA: Fix downloading wrong NVM for WCN6855 GF variant without board ID (git-fixes). - Bluetooth: hci_core: add missing braces when using macro parameters (git-fixes). - Bluetooth: SMP: Fix using HCI_ERROR_REMOTE_USER_TERM on timeout (git-fixes). - Bluetooth: SMP: If an unallowed command is received consider it a failure (git-fixes). - Bluetooth: btintel: Check if controller is ISO capable on btintel_classify_pkt_type (git-fixes). - Bluetooth: hci_sync: fix connectable extended advertising when using static random address (git-fixes). - Bluetooth: Fix null-ptr-deref in l2cap_sock_resume_cb() (git-fixes). - wifi: cfg80211: remove scan request n_channels counted_by (git-fixes). - can: tcan4x5x: fix reset gpio usage during probe (git-fixes). - usb: net: sierra: check for no status endpoint (git-fixes). - net: phy: Don't register LEDs for genphy (git-fixes). - clk: imx: Fix an out-of-bounds access in dispmix_csr_clk_dev_data (git-fixes). - clk: scmi: Handle case where child clocks are initialized before their parents (git-fixes). - drm/gem: Fix race in drm_gem_handle_create_tail() (stable-fixes). - drm/framebuffer: Acquire internal references on GEM handles (git-fixes). - wifi: prevent A-MSDU attacks in mesh networks (stable-fixes). - wifi: mac80211: correctly identify S1G short beacon (git-fixes). - wifi: cfg80211: fix S1G beacon head validation in nl80211 (git-fixes). - net: phy: qcom: qca808x: Fix WoL issue by utilizing at8031_set_wol() (git-fixes). - net: phy: qcom: move the WoL function to shared library (stable-fixes). - Revert "ACPI: battery: negate current when discharging" (stable-fixes). - drm/gem: Acquire references on GEM handles for framebuffers (stable-fixes). - vt: add missing notification when switching back to text mode (stable-fixes). - Revert "PCI/ACPI: Fix allocated memory release on error in pci_acpi_scan_root()" (stable-fixes). - ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak (stable-fixes). - ASoC: amd: yc: add quirk for Acer Nitro ANV15-41 internal mic (stable-fixes). - ALSA: hda/realtek: Add mic-mute LED setup for ASUS UM5606 (stable-fixes). - HID: lenovo: Add support for ThinkPad X1 Tablet Thin Keyboard Gen2 (stable-fixes). - HID: Add IGNORE quirk for SMARTLINKTECHNOLOGY (stable-fixes). - HID: quirks: Add quirk for 2 Chicony Electronics HP 5MP Cameras (stable-fixes). - HID: nintendo: avoid bluetooth suspend/resume stalls (stable-fixes). - driver: bluetooth: hci_qca:fix unable to load the BT driver (stable-fixes). - net: usb: qmi_wwan: add SIMCom 8230C composition (stable-fixes). - wifi: cfg80211/mac80211: correctly parse S1G beacon optional elements (git-fixes). - drm/amdgpu/ip_discovery: add missing ip_discovery fw (stable-fixes). - drm/amdgpu/discovery: use specific ip_discovery.bin for legacy asics (stable-fixes). - ASoC: Intel: soc-acpi: arl: Add match entries for new cs42l43 laptops (stable-fixes). - ASoC: Intel: soc-acpi: arl: Correct naming of a cs35l56 address struct (stable-fixes). - commit ead540d ++++ leancrypto: - Add baselibs.conf ++++ ceph: - Drop cryptopp as potential dependency [jsc#PED-13011] and use gnutls as upstream seastar. * Remove cryptopp and use gnutls instead. * Add ceph-replace-CryptoPP-calls-with-GnuTLS.patch ++++ libxml2: - security update - added patches CVE-2025-7425 [bsc#1246296], Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr + libxml2-CVE-2025-7425.patch ++++ libxml2-python: - security update - added patches CVE-2025-7425 [bsc#1246296], Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr + libxml2-CVE-2025-7425.patch ++++ zypper: - Fix addrepo to handle explicit --check and --no-check requests (bsc#1246466) - Accept "show" as alias for "info" (bsc#1245985) - version 1.14.93 ------------------------------------------------------------------ ------------------ 2025-7-17 - Jul 17 2025 ------------------- ------------------------------------------------------------------ ++++ busybox: - add placeholder variable and ignore applet logic to busybox.install ++++ busybox-links: - add filtering of ignored applets to busybox.install ++++ docker: - Update to Go 1.24 for builds, to match upstream. ++++ python-kiwi: - Extend test-image-lvm integration test For testing a bit more complex resize procedure, update the lvm integration test to run more resize actions with required device locking - Apply proper udev locking Several commands during repart, resize and other actions require a proper lock to be set for udev such that other events knows about the locked state of a device and do not mess with it until the command for which the lock persists has completed. This commit applies proper udev locks to all commands that requires it. In addition incorrect code that was expected to prevent such race conditions got dropped from the implementation. This is related to bsc#1242987 - relocate GPT at the end of disk using sfdisk Using sfdisk for relocation and verification makes this part more consistent. We also want to move away from gdisk. This is related to #2851 - Do not strictly require config.partids in repart The kiwi-repart implementation requires a metadata file named config.partids which holds information about partition ids and more stored at the time the image was built. Depending on the complexity of the image and the resize request some of the information can be rebuilt in case the metadata file is missing. This commit adds the rebuild of the minimum required information to run a standard resize and therefore allows the kiwi-repart dracut module to work also without config.partids to be present in the system - Do not drop /config.partids The partition id metadata file is used in the kiwi-repart module. If a user wants to use the kiwi repart module permanently, this metadata file needs to stay in the system. Therefore it should not be automatically deleted by the cleanup. A disk.sh hook script can be used to force the deletion of the file though. This is related #2851 ++++ kernel-default: - sched/fair: Reimplement NEXT_BUDDY to align with EEVDF goals (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Enable scheduler feature NEXT_BUDDY (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Always trigger resched at the end of a protected period (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Fix entity's lag with run to parity (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Limit run to parity to the min slice of enqueued entities (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Remove spurious shorter slice preemption (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Fix NO_RUN_TO_PARITY case (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Use protect_slice() instead of direct comparison (bsc#1234634 (Scheduler functional and performance backports)). - sched/deadline: Less agressive dl_server handling (bsc#1234634 (Scheduler functional and performance backports)). - sched/psi: Optimize psi_group_change() cpu_clock() usage (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails (bsc#1234634 (Scheduler functional and performance backports)). - sched/eevdf: Correct the comment in place_entity (bsc#1234634 (Scheduler functional and performance backports)). - sched/deadline: Fix dl_server runtime calculation formula (bsc#1234634 (Scheduler functional and performance backports)). - sched/core: Fix migrate_swap() vs. hotplug (bsc#1234634 (Scheduler functional and performance backports)). - sched: Fix preemption string of preempt_dynamic_none (bsc#1234634 (Scheduler functional and performance backports)). - sched/numa: fix task swap by skipping kernel threads (bsc#1234634 (Scheduler functional and performance backports)). - mm: pcp: increase pcp->free_count threshold to trigger free_high (bsc#1241169 (MM functional and performance backports)). - sched/numa: add tracepoint that tracks the skipping of numa balancing due to cpuset memory pinning (bsc#1234634 (Scheduler functional and performance backports)). - sched/numa: skip VMA scanning on memory pinned to one NUMA node via cpuset.mems (bsc#1234634 (Scheduler functional and performance backports)). - mm: page_alloc: remove redundant READ_ONCE (bsc#1241169 (MM functional and performance backports)). - sched/uclamp: Align uclamp and util_est and call before freq update (bsc#1234634 (Scheduler functional and performance backports)). - sched/util_est: Simplify condition for util_est_{en,de}queue() (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Fixup wake_up_sync() vs DELAYED_DEQUEUE (bsc#1234634 (Scheduler functional and performance backports)). - sched/core: Tweak wait_task_inactive() to force dequeue sched_delayed tasks (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Adhere to place_entity() constraints (bsc#1234634 (Scheduler functional and performance backports)). - sched/debug: Print the local group's asym_prefer_cpu (bsc#1234634 (Scheduler functional and performance backports)). - sched/topology: Introduce sched_update_asym_prefer_cpu() (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Use READ_ONCE() to read sg->asym_prefer_cpu (bsc#1234634 (Scheduler functional and performance backports)). - sched/isolation: Make use of more than one housekeeping cpu (bsc#1234634 (Scheduler functional and performance backports)). - sched/rt: Fix race in push_rt_task (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Allow decaying util_est when util_avg > CPU capa (bsc#1234634 (Scheduler functional and performance backports)). - sched: Fix trace_sched_switch(.prev_state) (bsc#1234634 (Scheduler functional and performance backports)). - commit 2289d34 - Update patches.suse/scsi-megaraid_sas-Fix-invalid-node-index.patch (git-fixes CVE-2025-38239 bsc#1246178). - commit 3918567 - soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled (git-fixes). - soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). - HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). - commit d4ff6f9 - x86/iopl: Cure TIF_IO_BITMAP inconsistencies (CVE-2025-38100 bsc#1245650). - commit 2e30d9c - config: x86_64: default: use run_oldconfig to refresh - commit e2e6c0d - kABI workaround for bpf: Do not include stack ptr register in precision backtracking bookkeeping (bsc#1246264 CVE-2025-38279). - commit e82df30 - btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) - commit 8676cda - btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) - commit 5d891f0 - btrfs: harden block_group::bg_list against list_del() races (CVE-2025-37856 bsc#1243068) - commit fe28436 - btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (CVE-2025-38034 bsc#1244792) - commit cbeb64e ++++ kernel-firmware-amdgpu: - Update to version 20250716 (git commit 1b1a9d871442): * amdgpu: Update GC 11.5.1 microcode ++++ kernel-rt: - sched/fair: Reimplement NEXT_BUDDY to align with EEVDF goals (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Enable scheduler feature NEXT_BUDDY (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Always trigger resched at the end of a protected period (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Fix entity's lag with run to parity (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Limit run to parity to the min slice of enqueued entities (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Remove spurious shorter slice preemption (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Fix NO_RUN_TO_PARITY case (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Use protect_slice() instead of direct comparison (bsc#1234634 (Scheduler functional and performance backports)). - sched/deadline: Less agressive dl_server handling (bsc#1234634 (Scheduler functional and performance backports)). - sched/psi: Optimize psi_group_change() cpu_clock() usage (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Bump sd->max_newidle_lb_cost when newidle balance fails (bsc#1234634 (Scheduler functional and performance backports)). - sched/eevdf: Correct the comment in place_entity (bsc#1234634 (Scheduler functional and performance backports)). - sched/deadline: Fix dl_server runtime calculation formula (bsc#1234634 (Scheduler functional and performance backports)). - sched/core: Fix migrate_swap() vs. hotplug (bsc#1234634 (Scheduler functional and performance backports)). - sched: Fix preemption string of preempt_dynamic_none (bsc#1234634 (Scheduler functional and performance backports)). - sched/numa: fix task swap by skipping kernel threads (bsc#1234634 (Scheduler functional and performance backports)). - mm: pcp: increase pcp->free_count threshold to trigger free_high (bsc#1241169 (MM functional and performance backports)). - sched/numa: add tracepoint that tracks the skipping of numa balancing due to cpuset memory pinning (bsc#1234634 (Scheduler functional and performance backports)). - sched/numa: skip VMA scanning on memory pinned to one NUMA node via cpuset.mems (bsc#1234634 (Scheduler functional and performance backports)). - mm: page_alloc: remove redundant READ_ONCE (bsc#1241169 (MM functional and performance backports)). - sched/uclamp: Align uclamp and util_est and call before freq update (bsc#1234634 (Scheduler functional and performance backports)). - sched/util_est: Simplify condition for util_est_{en,de}queue() (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Fixup wake_up_sync() vs DELAYED_DEQUEUE (bsc#1234634 (Scheduler functional and performance backports)). - sched/core: Tweak wait_task_inactive() to force dequeue sched_delayed tasks (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Adhere to place_entity() constraints (bsc#1234634 (Scheduler functional and performance backports)). - sched/debug: Print the local group's asym_prefer_cpu (bsc#1234634 (Scheduler functional and performance backports)). - sched/topology: Introduce sched_update_asym_prefer_cpu() (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Use READ_ONCE() to read sg->asym_prefer_cpu (bsc#1234634 (Scheduler functional and performance backports)). - sched/isolation: Make use of more than one housekeeping cpu (bsc#1234634 (Scheduler functional and performance backports)). - sched/rt: Fix race in push_rt_task (bsc#1234634 (Scheduler functional and performance backports)). - sched/fair: Allow decaying util_est when util_avg > CPU capa (bsc#1234634 (Scheduler functional and performance backports)). - sched: Fix trace_sched_switch(.prev_state) (bsc#1234634 (Scheduler functional and performance backports)). - commit 2289d34 - Update patches.suse/scsi-megaraid_sas-Fix-invalid-node-index.patch (git-fixes CVE-2025-38239 bsc#1246178). - commit 3918567 - soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled (git-fixes). - soc: aspeed: lpc-snoop: Cleanup resources in stack-order (git-fixes). - HID: core: ensure __hid_request reserves the report ID as the first byte (git-fixes). - commit d4ff6f9 - x86/iopl: Cure TIF_IO_BITMAP inconsistencies (CVE-2025-38100 bsc#1245650). - commit 2e30d9c - config: x86_64: default: use run_oldconfig to refresh - commit e2e6c0d - kABI workaround for bpf: Do not include stack ptr register in precision backtracking bookkeeping (bsc#1246264 CVE-2025-38279). - commit e82df30 - btrfs: explicitly ref count block_group on new_bgs list (bsc#1243068) - commit 8676cda - btrfs: make btrfs_discard_workfn() block_group ref explicit (bsc#1243068) - commit 5d891f0 - btrfs: harden block_group::bg_list against list_del() races (CVE-2025-37856 bsc#1243068) - commit fe28436 - btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref (CVE-2025-38034 bsc#1244792) - commit cbeb64e ++++ gcc15: - Fixup conflicts again. - Make sure to retain binary suffixes for accelerator crosses. ++++ libxslt: - security update - added patches CVE-2025-7424 [bsc#1246360], Type confusion in xmlNode.psvi between stylesheet and source nodes + libxslt-CVE-2025-7424.patch ++++ sqlite3: - Update to version 3.50.3: * Fix a possible memory error that can occur if a query is made against against FTS5 index that has been deliberately corrupted in a very specific way. * Fix the parser so that it ignored SQL comments in all places of a CREATE TRIGGER statement. This resolves a problem that was introduced by the introduction of the SQLITE_DBCONFIG_ENABLE_COMMENTS feature in version 3.49.0. * Fix an incorrect answer due to over-optimization of an AND operator. ++++ libzypp: - Allow explicit request to probe an added repo's URL (bsc#1246466) - Fix tests with -DISABLE_MEDIABACKEND_TESTS=1 (fixes #661) - version 17.37.12 (35) ++++ update-bootloader: - merge gh#openSUSE/perl-bootloader#191 - avoid spurious warning messages when parsing /etc/default/grub (bsc#1246373, bsc#1245323) - 1.25 ------------------------------------------------------------------ ------------------ 2025-7-16 - Jul 16 2025 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 059+suse.692.g6ec224d5: * ci(suse.conf.example): change log levels (jsc#PED-12922) ++++ python-kiwi: - Fix centos/test-image-live-disk-v10 There is no package named iprutils - Fix centos/test-image-live-disk-v10 Update package names - Added centos/test-image-live-disk-v10 build test - Fix tumbleweed/test-image-gce integration test Drop obsolete growpart - Followup fix to support older apt versions for bootstrap There are apt versions that do not create missing state files. Make sure the intermediate bootstrap state file is created in any case. This Fixes #2857 - Fixed integration test builds Next round of fixes for integration tests. Missing or wrong service activations - Fix arm/tumbleweed/test-image-rpi Fix snapper setup for this integration test ++++ grub2: - Fix test -f and -s do not work properly over the network files served via tftp and http (bsc#1246157) (bsc#1246237) * 0001-test-Fix-f-test-on-files-over-network.patch * 0002-http-Return-HTTP-status-code-in-http_establish.patch * 0003-docs-Clarify-test-for-files-on-TFTP-and-HTTP.patch * 0004-tftp-Fix-hang-when-file-is-a-directory.patch ++++ kernel-default: - net: sched: fix ordering of qlen adjustment (CVE-2024-53164 bsc#1234863) - commit f3dbf9a - seg6: Fix validation of nexthop addresses (CVE-2025-38310 bsc#1246361). - netfs: Fix oops in write-retry from mis-resetting the subreq iterator (CVE-2025-38139 bsc#1245718). - x86/sgx: Prevent attempts to reclaim poisoned pages (CVE-2025-38334 bsc#1246384). - commit 5e00081 - fs/proc: Use inode_get_dev() for device numbers in procmap_query References: bsc#1246450 - commit 8f812e6 - fs/proc/kcore.c: Clear ret value in read_kcore_iter after successful iov_iter_zero (bsc#1246620). - commit ac8d8ea - net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (CVE-2025-38126 bsc#1245708). - bpf: fix ktls panic with sockmap (CVE-2025-38166 bsc#1245758). - commit f2dcced - objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). - commit cdba1ce - objtool: Silence more KCOV warnings, part 2 (git-fixes). - commit 4da0721 - objtool: Add missing endian conversion to read_annotate() (git-fixes). - commit 33dacf5 - ixgbe: add FW API version check (jsc#PED-12380 bsc#1245410 bsc#1246128). - Refresh patches.suse/bsc1170284-ixgbe_dont_check_firmware_errors.patch. - commit c263240 - ixgbe: add support for devlink reload (jsc#PED-12380 bsc#1245410 bsc#1246128). - Refresh patches.suse/bsc1170284-ixgbe_dont_check_firmware_errors.patch. - commit 207db98 - ixgbe: devlink: add devlink region support for E610 (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add E610 .set_phys_id() callback implementation (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: apply different rules for setting FC on E610 (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add support for ACPI WOL for E610 (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: create E610 specific ethtool_ops structure (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add support for FW rollback mode (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add E610 implementation of FW recovery mode (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add device flash update via devlink (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: extend .info_get() with stored versions (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add E610 functions getting PBA and FW ver info (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add .info_get extension specific for E610 devices (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: read the netlist version information (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: read the OROM version information (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add E610 functions for acquiring flash data (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add handler for devlink .info_get() (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add initial devlink support (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: wrap netdev_priv() usage (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: Fix unreachable retry logic in combined and byte I2C write functions (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add support for thermal sensor event reception (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add PTP support for E610 device (jsc#PED-12380 bsc#1245410 bsc#1246128). - commit aea9558 - objtool: Stop UNRET validation on UD2 (git-fixes). - commit 82f38be - objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). - commit af1e729 - objtool: Properly disable uaccess validation (git-fixes). - commit c47d66e - objtool: Silence more KCOV warnings (git-fixes). - commit 700d945 - wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). - commit bd0db70 - wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). - commit 1568d0d - wifi: rt2x00: fix remove callback type mismatch (git-fixes). - commit c0ae7f4 - wifi: mwifiex: discard erroneous disassoc frames on STA interface (git-fixes). - commit decdc76 - wifi: mac80211: fix non-transmitted BSSID profile search (git-fixes). - commit 7ee21af - wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). - commit c13b504 - selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264 CVE-2025-38279). - bpf: Do not include stack ptr register in precision backtracking bookkeeping (bsc#1246264 CVE-2025-38279). - commit 3a79b8b - selftests/bpf: Set test path for token/obj_priv_implicit_token_envvar (git-fixes). - commit 493edb3 - perf/core: Fix the WARN_ON_ONCE is out of lock protected region (git-fixes). - commit 6223b3a - perf: Revert to requiring CAP_SYS_ADMIN for uprobes (git-fixes). - perf/aux: Fix pending disable flow when the AUX ring buffer overruns (git-fixes). - perf/core: Fix WARN in perf_cgroup_switch() (git-fixes). - perf: Fix dangling cgroup pointer in cpuctx (git-fixes). - perf: Fix cgroup state vs ERROR (git-fixes). - perf test: Directory file descriptor leak (git-fixes). - perf evsel: Missed close() when probing hybrid core PMUs (git-fixes). - perf callchain: Always populate the addr_location map when adding IP (git-fixes). - perf trace: Set errpid to false for rseq and set_robust_list (git-fixes). - perf trace: Always print return value for syscalls returning a pid (git-fixes). - perf record: Fix incorrect --user-regs comments (git-fixes). - perf symbol: Fix use-after-free in filename__read_build_id (git-fixes). - perf pmu: Avoid segv for missing name/alias_name in wildcarding (git-fixes). - perf tests switch-tracking: Fix timestamp comparison (git-fixes). - perf scripts python: exported-sql-viewer.py: Fix pattern matching with Python 3 (git-fixes). - perf intel-pt: Fix PEBS-via-PT data_src (git-fixes). - perf tests: Fix 'perf report' tests installation (git-fixes). - perf trace: Fix leaks of 'struct thread' in set_filter_loop_pids() (git-fixes). - perf symbol-minimal: Fix double free in filename__read_build_id (git-fixes). - perf tool_pmu: Fix aggregation on duration_time (git-fixes). - perf ui browser hists: Set actions->thread before calling do_zoom_thread() (git-fixes). - perf build: Warn when libdebuginfod devel files are not available (git-fixes). - tools build: Don't show libunwind build status as it is opt-in (git-fixes). - tools build: Don't set libunwind as available if test-all.c build succeeds (git-fixes). - perf/core: Fix broken throttling when max_samples_per_tick=1 (git-fixes). - perf/x86/amd/uncore: Prevent UMC counters from saturating (git-fixes). - perf/x86/amd/uncore: Remove unused 'struct amd_uncore_ctx::node' member (git-fixes). - perf: Ensure bpf_perf_link path is properly serialized (git-fixes). - arch/powerpc/perf: Check the instruction type before creating sample with perf_mem_data_src (git-fixes). - perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint type (git-fixes). - commit 4d40f30 ++++ kernel-default-base: - Add modules for confidential compute (bsc#1246502) ++++ kernel-firmware-realtek: - Update to version 20250715 (git commit 04c379b552c7): * rtw89: 8852b: update fw to v0.29.128.0 * rtw89: 8852bt: update fw to v0.29.127.0 * rtw89: 8922a: add regd fw element with version R72-R6 * rtw89: 8852c: add regd fw element with version R72-R57 * rtw89: 8922a: update BB parameter V49 ++++ kernel-rt: - net: sched: fix ordering of qlen adjustment (CVE-2024-53164 bsc#1234863) - commit f3dbf9a - seg6: Fix validation of nexthop addresses (CVE-2025-38310 bsc#1246361). - netfs: Fix oops in write-retry from mis-resetting the subreq iterator (CVE-2025-38139 bsc#1245718). - x86/sgx: Prevent attempts to reclaim poisoned pages (CVE-2025-38334 bsc#1246384). - commit 5e00081 - fs/proc: Use inode_get_dev() for device numbers in procmap_query References: bsc#1246450 - commit 8f812e6 - fs/proc/kcore.c: Clear ret value in read_kcore_iter after successful iov_iter_zero (bsc#1246620). - commit ac8d8ea - net: stmmac: make sure that ptp_rate is not 0 before configuring timestamping (CVE-2025-38126 bsc#1245708). - bpf: fix ktls panic with sockmap (CVE-2025-38166 bsc#1245758). - commit f2dcced - objtool: Ignore end-of-section jumps for KCOV/GCOV (git-fixes). - commit cdba1ce - objtool: Silence more KCOV warnings, part 2 (git-fixes). - commit 4da0721 - objtool: Add missing endian conversion to read_annotate() (git-fixes). - commit 33dacf5 - ixgbe: add FW API version check (jsc#PED-12380 bsc#1245410 bsc#1246128). - Refresh patches.suse/bsc1170284-ixgbe_dont_check_firmware_errors.patch. - commit c263240 - ixgbe: add support for devlink reload (jsc#PED-12380 bsc#1245410 bsc#1246128). - Refresh patches.suse/bsc1170284-ixgbe_dont_check_firmware_errors.patch. - commit 207db98 - ixgbe: devlink: add devlink region support for E610 (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add E610 .set_phys_id() callback implementation (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: apply different rules for setting FC on E610 (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add support for ACPI WOL for E610 (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: create E610 specific ethtool_ops structure (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add support for FW rollback mode (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add E610 implementation of FW recovery mode (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add device flash update via devlink (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: extend .info_get() with stored versions (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add E610 functions getting PBA and FW ver info (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add .info_get extension specific for E610 devices (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: read the netlist version information (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: read the OROM version information (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add E610 functions for acquiring flash data (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add handler for devlink .info_get() (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add initial devlink support (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: wrap netdev_priv() usage (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: Fix unreachable retry logic in combined and byte I2C write functions (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add support for thermal sensor event reception (jsc#PED-12380 bsc#1245410 bsc#1246128). - ixgbe: add PTP support for E610 device (jsc#PED-12380 bsc#1245410 bsc#1246128). - commit aea9558 - objtool: Stop UNRET validation on UD2 (git-fixes). - commit 82f38be - objtool: Fix INSN_CONTEXT_SWITCH handling in validate_unret() (git-fixes). - commit af1e729 - objtool: Properly disable uaccess validation (git-fixes). - commit c47d66e - objtool: Silence more KCOV warnings (git-fixes). - commit 700d945 - wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). - commit bd0db70 - wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). - commit 1568d0d - wifi: rt2x00: fix remove callback type mismatch (git-fixes). - commit c0ae7f4 - wifi: mwifiex: discard erroneous disassoc frames on STA interface (git-fixes). - commit decdc76 - wifi: mac80211: fix non-transmitted BSSID profile search (git-fixes). - commit 7ee21af - wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). - commit c13b504 - selftests/bpf: Add tests with stack ptr register in conditional jmp (bsc#1246264 CVE-2025-38279). - bpf: Do not include stack ptr register in precision backtracking bookkeeping (bsc#1246264 CVE-2025-38279). - commit 3a79b8b - selftests/bpf: Set test path for token/obj_priv_implicit_token_envvar (git-fixes). - commit 493edb3 - perf/core: Fix the WARN_ON_ONCE is out of lock protected region (git-fixes). - commit 6223b3a - perf: Revert to requiring CAP_SYS_ADMIN for uprobes (git-fixes). - perf/aux: Fix pending disable flow when the AUX ring buffer overruns (git-fixes). - perf/core: Fix WARN in perf_cgroup_switch() (git-fixes). - perf: Fix dangling cgroup pointer in cpuctx (git-fixes). - perf: Fix cgroup state vs ERROR (git-fixes). - perf test: Directory file descriptor leak (git-fixes). - perf evsel: Missed close() when probing hybrid core PMUs (git-fixes). - perf callchain: Always populate the addr_location map when adding IP (git-fixes). - perf trace: Set errpid to false for rseq and set_robust_list (git-fixes). - perf trace: Always print return value for syscalls returning a pid (git-fixes). - perf record: Fix incorrect --user-regs comments (git-fixes). - perf symbol: Fix use-after-free in filename__read_build_id (git-fixes). - perf pmu: Avoid segv for missing name/alias_name in wildcarding (git-fixes). - perf tests switch-tracking: Fix timestamp comparison (git-fixes). - perf scripts python: exported-sql-viewer.py: Fix pattern matching with Python 3 (git-fixes). - perf intel-pt: Fix PEBS-via-PT data_src (git-fixes). - perf tests: Fix 'perf report' tests installation (git-fixes). - perf trace: Fix leaks of 'struct thread' in set_filter_loop_pids() (git-fixes). - perf symbol-minimal: Fix double free in filename__read_build_id (git-fixes). - perf tool_pmu: Fix aggregation on duration_time (git-fixes). - perf ui browser hists: Set actions->thread before calling do_zoom_thread() (git-fixes). - perf build: Warn when libdebuginfod devel files are not available (git-fixes). - tools build: Don't show libunwind build status as it is opt-in (git-fixes). - tools build: Don't set libunwind as available if test-all.c build succeeds (git-fixes). - perf/core: Fix broken throttling when max_samples_per_tick=1 (git-fixes). - perf/x86/amd/uncore: Prevent UMC counters from saturating (git-fixes). - perf/x86/amd/uncore: Remove unused 'struct amd_uncore_ctx::node' member (git-fixes). - perf: Ensure bpf_perf_link path is properly serialized (git-fixes). - arch/powerpc/perf: Check the instruction type before creating sample with perf_mem_data_src (git-fixes). - perf/hw_breakpoint: Return EOPNOTSUPP for unsupported breakpoint type (git-fixes). - commit 4d40f30 ++++ leancrypto: - Split kernel module into to a separate package as to allow leancrypto to be part of ring1 following replacement of liboqs in gnutls [jsc#PED-3176] - Update to 1.5.1: * add ChaCha20 Poly 1305 AEAD * ChaCha20: add ARMv8 NEON, ARMv7 Neon, Intel AVX2, Intel AVX512, RISCV RVV/ZBB implementations * RISC-V entropy source: make implementation consistent to spec * Unify stack memory allocation ++++ selinux-policy: - Update to version 20250627+git62.68c403828: * Allow virtqemud_t use its private tmpfs files (bsc#1242998) * Allow virtqemud_t setattr to /dev/userfaultfd (bsc#1242998) * Allow virtqemud_t read and write /dev/ptmx (bsc#1242998) * Extend virtqemud_t tcp_socket permissions (bsc#1242998) * Mark configfs_t as mountpoint (bsc#1246080) * healthchecker: add proper optional_policy() guards * Allow virtqemud_t to read and write generic pty (bsc#1242998) * Drop SUSE-specific /usr/etc = /etc equivalency * Allow irqbalance execute shell if irqbalance_run_unconfined is on * Allow openvswitch ioctl vduse devices * Label /dev/vduse/control and /dev/vduse/NAME devices * Allow virtstoraged the sys_rawio capability * Allow virtqemud read insights-core state files * Allow virtnodedev create mdevctl config dirs * Allow virtqemud additional permissions on scsi generic chr files * Allow local login execute gnome keyring daemon * Allow plymouthd_t read proc files of systemd_passwd_agent (bsc#1245470) * Allow virtqemud send a generic signal to passt * Allow svirt-tcg read init state * Allow irqbalance execute shell if irqbalance_run_unconfined is on * Label /run/opendkim with dkim_milter_data_t * Allow sa-update status systemd services * Introduce new cluster_service_transition_to_unconfined_user boolean (bsc#1244495) * Allow updpwd logging send audit messages * Temporary dontaudit iio-sensor-proxy sys_admin. * Allow iio-sensor-proxy sendto to journald over a unix datagram socket * Revert "Allow iio-sensor-proxy sendto to journald over a unix datagram socket" * virt: allow QEMU use of the qgs daemon for attestation * qgs: add contrib module for TDX "qgs" daemon * kernel: add interfaces for using SGX enclaves * Define file equivalency for /usr/etc * Allow mongod to receive pressure stall information * Dontaudit systemd_generator read sssd public files * Allow plymouthd read/write input event devices * Label 99-nvme-nbft-connect.sh with NetworkManager_dispatcher_nvme_script_t * Allow systemd-user-runtime-dir sendto to syslogd * Remove pcp module * Update irqbalance policy for using unconfined scripts * Allow utempter use terminal multiplexor * Allow virtqemud execute ovs-vsctl with a domain transition * Update the files_search_mnt() interface * Allow nmbd read network sysctls * Allow iio-sensor-proxy sendto to journald over a unix datagram socket * Allow logrotate stop all systemd services * systemd: rework systemd_manage_random_seed * Allow tuned-ppd connect to sssd over a unix stream socket * Drop config for /run/random-seed * Update file location for systemd random-seed file * Allow tomcat execute cracklib-check with a domain transition * Allow sssd watch lib dirs * Confine systemd-hibernate-resume * Allow login_userdomain create /run/tlog directory with user_tmp_t * Allow login_pgm read filesystem sysctls * Allow gconfd connect to system dbus * Allow NetworkManager manage NetworkManager_etc_rw_t symlinks - Syncing with upstream rawhide selinux-policy up to: * 23514206ea45e1d1d2f8a4c08288065c813fcc91 - Update embedded container-selinux version to commit: * 36e8f213b7ac8a1843e5e37b37eb8ef7bdc2af9c (version 2.238.0) ------------------------------------------------------------------ ------------------ 2025-7-15 - Jul 15 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - add 0001-cockpit-overview-support-SUSE_SUPPORT_PRODUCT-keys.patch - add 0002-cockpit-kdump-support-SLE-micro-6.2.patch - add 0003-branding-use-SUSE_SUPPORT_PRODUCT-and-SUSE_SUPPORT_P.patch to fix bsc#1241003 ++++ python-kiwi: - Fixed test-image-live-disk Added missing openssh-server package - Fixed test-image-azure Add missing python-azure-agent-config-default package - Fixed debian integration test builds secure shell service is named ssh and not sshd there - Fixed integration test builds Second round of fixes for integration tests. Again errors now became visible due to the refactoring of the script code - Fixed integration test builds Errors from scripts were no longer ignored due to the last cleanup of the integration test script code. This commit fixes the now exposed build errors - Fix check_target_dir_on_unsupported_filesystem Find the first existing path in the target path and check the filesystem capabilities for this path. This Fixes #2858 ++++ git: - update git-gui sha256 patches after the upstream review: 0001-git-gui-Replace-null_sha1-with-nullid.patch 0002-git-gui-Add-support-of-SHA256-repo.patch ++++ gnutls: - Build with leancrypto. The liboqs support for post-quantum cryptography (PQC) has been removed and is only provided through leancrypto. - Build with TPM 2.0 support via tpm2-0-tss. ++++ kernel-default: - dm-bufio: fix sched in atomic context (git-fixes). - commit ccc1d23 - Update patches.suse/nvme-pci-fix-queue-unquiesce-check-on-slot_reset.patch (git-fixes bsc#1240885). - commit 03e1767 - objtool: Fix error handling inconsistencies in check() (git-fixes). - commit ec79144 - x86/traps: Make exc_double_fault() consistently noreturn (git-fixes). - commit bf4b16f - objtool: Fix C jump table annotations for Clang (git-fixes). - commit 529d2a6 - objtool: Add bch2_trans_unlocked_error() to bcachefs noreturns (git-fixes). - commit 7e1fde5 - perf: Fix sample vs do_exit() (bsc#1246547). - commit 073eb4d - drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951 CVE-2025-38187) - commit 9b6cd76 - nvme-multipath: fix suspicious RCU usage warning (git-fixes). - nvme-pci: refresh visible attrs after being checked (git-fixes). - nvmet: fix memory leak of bio integrity (git-fixes). - nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). - nvme-tcp: fix I/O stalls on congested sockets (git-fixes). - commit 717d386 - tools: fix atomic_set() definition to set the value correctly (git-fixes). - Refresh patches.suse/mm-replace-vm_lock-and-detached-flag-with-a-reference-coun.patch. - commit a7fcdf3 - firewall: remove misplaced semicolon from stm32_firewall_get_firewall (git-fixes). - commit 2dc4084 - scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). - scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). - commit db7c71a - sched_ext: fix application of sizeof to pointer (git-fixes). - commit 7226f76 - crypto: hkdf - skip TVs with unapproved salt lengths in FIPS mode (bsc#1241200 bsc#1246134). - commit 5472af3 - Update patches.suse/net-clear-the-dst-when-changing-skb-protocol.patch (bsc#1245954 CVE-2025-38192). Fix incorrect CVE reference. - commit 0f40511 - bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980 CVE-2025-38202). - commit ca2d088 - bpf, sockmap: Avoid using sk_socket after free when sending (bsc#1245749 CVE-2025-38154). - selftest/bpf/benchs: Add benchmark for sockmap usage (bsc#1245749 CVE-2025-38154). - bpf, sockmap: Fix panic when calling skb_linearize (bsc#1245749 CVE-2025-38154). - bpf, sockmap: fix duplicated data transmission (bsc#1245749 CVE-2025-38154). - bpf, sockmap: Fix data lost during EAGAIN retries (bsc#1245749 CVE-2025-38154). - commit b7122ae - btrfs: improve the warning and error message for btrfs_remove_qgroup() (bsc#1246357). - commit 01d925c ++++ kernel-firmware-bluetooth: - Update to version 20250714 (git commit ecdbd2b8af04): * linux-firmware: Update firmware file for Intel Solar core * linux-firmware: Update firmware file for Intel BlazarU core * linux-firmware: Update firmware file for Intel BlazarI core ++++ kernel-firmware-qcom: - Update to version 20250714 (git commit ecdbd2b8af04): * qcom: Update gpu firmwares of QCS615 chipset ++++ kernel-rt: - dm-bufio: fix sched in atomic context (git-fixes). - commit ccc1d23 - Update patches.suse/nvme-pci-fix-queue-unquiesce-check-on-slot_reset.patch (git-fixes bsc#1240885). - commit 03e1767 - objtool: Fix error handling inconsistencies in check() (git-fixes). - commit ec79144 - x86/traps: Make exc_double_fault() consistently noreturn (git-fixes). - commit bf4b16f - objtool: Fix C jump table annotations for Clang (git-fixes). - commit 529d2a6 - objtool: Add bch2_trans_unlocked_error() to bcachefs noreturns (git-fixes). - commit 7e1fde5 - perf: Fix sample vs do_exit() (bsc#1246547). - commit 073eb4d - drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() (bsc#1245951 CVE-2025-38187) - commit 9b6cd76 - nvme-multipath: fix suspicious RCU usage warning (git-fixes). - nvme-pci: refresh visible attrs after being checked (git-fixes). - nvmet: fix memory leak of bio integrity (git-fixes). - nvme: Fix incorrect cdw15 value in passthru error logging (git-fixes). - nvme-tcp: fix I/O stalls on congested sockets (git-fixes). - commit 717d386 - tools: fix atomic_set() definition to set the value correctly (git-fixes). - Refresh patches.suse/mm-replace-vm_lock-and-detached-flag-with-a-reference-coun.patch. - commit a7fcdf3 - firewall: remove misplaced semicolon from stm32_firewall_get_firewall (git-fixes). - commit 2dc4084 - scsi: lpfc: Copyright updates for 14.4.0.10 patches (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Update lpfc version to 14.4.0.10 (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Modify end-of-life adapters' model descriptions (bsc#1245260 bsc#1243100 bsc#1246125 bsc#1204142). - scsi: lpfc: Revise CQ_CREATE_SET mailbox bitfield definitions (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Move clearing of HBA_SETUP flag to before lpfc_sli4_queue_unset (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Ensure HBA_SETUP flag is used only for SLI4 in dev_loss_tmo_callbk (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Relocate clearing initial phba flags from link up to link down hdlr (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Simplify error handling for failed lpfc_get_sli4_parameters cmd (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Early return out of FDMI cmpl for locally rejected statuses (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Skip RSCN processing when FC_UNLOADING flag is set (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Update debugfs trace ring initialization messages (bsc#1245260 bsc#1243100 bsc#1246125). - scsi: lpfc: Revise logging format for failed CT MIB requests (bsc#1245260 bsc#1243100 bsc#1246125). - commit db7c71a - sched_ext: fix application of sizeof to pointer (git-fixes). - commit 7226f76 - crypto: hkdf - skip TVs with unapproved salt lengths in FIPS mode (bsc#1241200 bsc#1246134). - commit 5472af3 - Update patches.suse/net-clear-the-dst-when-changing-skb-protocol.patch (bsc#1245954 CVE-2025-38192). Fix incorrect CVE reference. - commit 0f40511 - bpf: Check rcu_read_lock_trace_held() in bpf_map_lookup_percpu_elem() (bsc#1245980 CVE-2025-38202). - commit ca2d088 - bpf, sockmap: Avoid using sk_socket after free when sending (bsc#1245749 CVE-2025-38154). - selftest/bpf/benchs: Add benchmark for sockmap usage (bsc#1245749 CVE-2025-38154). - bpf, sockmap: Fix panic when calling skb_linearize (bsc#1245749 CVE-2025-38154). - bpf, sockmap: fix duplicated data transmission (bsc#1245749 CVE-2025-38154). - bpf, sockmap: Fix data lost during EAGAIN retries (bsc#1245749 CVE-2025-38154). - commit b7122ae - btrfs: improve the warning and error message for btrfs_remove_qgroup() (bsc#1246357). - commit 01d925c ++++ polkit: - CVE-2025-7519: Fixed that a XML policy file with a large number of nested elements may lead to out-of-bounds write (bsc#1246472) added 0001-Nested-.policy-files-cause-xml-parsing-overflow-lead.patch ++++ systemd: - systemd-update-helper: fix regression introduced when support for package renaming/splitting was added (bsc#1245551) The cleanup of the flags in /run/systemd/rpm was previously handled in the %pretrans/%posttrans sections of the systemd main package. However, this method was ineffective if systemd was not part of the transaction. The cleanup is now run in %transfiletriggerin instead. ++++ pam-config: - Update to version 2.13+git.20250715: * Release version 2.13 * Place himmelblau near the top of pam stack [bsc#1243418] ++++ psmisc: - Add patch 0001-fuser-Fix-expandpath.patch * Is an upstream commit which fixes https://gitlab.com/psmisc/psmisc/-/issues/57 as well as bug boo#1242093 ------------------------------------------------------------------ ------------------ 2025-7-14 - Jul 14 2025 ------------------- ------------------------------------------------------------------ ++++ accountsservice: - Update accountsservice-sysconfig.patch: Check whether sysconfig is used and fallback to display manager settings if sysconfig is not used (bsc#1246127). ++++ cockpit: - update check_cockpit_users to only check for systemd support in /etc/nsswitch.conf bsc#1246408 ++++ curl: - Fix the --ftp-pasv option in curl v8.14.1 [bsc#1246197] * tool_getparam: fix --ftp-pasv [5f805ee] * Add curl-fix--ftp-pasv.patch ++++ branding-SLE: - Update square-hicolor.svg to adapt the GNOME light color style (bsc#1243104). ++++ python-kiwi: - Cleanup integration tests config.sh script code Add script code to shellcheck and fix all reported issues. Get rid of suseXX and baseXX methods as much as possible. Add set -ex for all script code. Do not allow any script code to fail. - defaults: Add patterns for shim/grub2 on riscv64 A recent commit changed the way these are looked up and accidentally broke image building on riscv64, with KiwiBootLoaderGrubSecureBootError: Signed grub2 efi loader not found now being raised for kiwi recipes that worked just fine before that moment. Fixes: 197572378cf4f25103934beac2ceca4fbbcfcbc0 Thanks: David Abdurachmanov Thanks: Marcus Schäfer Signed-off-by: Andrea Bolognani ++++ gnutls: - Update to 3.8.10: * libgnutls: Fix NULL pointer dereference when 2nd Client Hello omits PSK Reported by Stefan Bühler. [GNUTLS-SA-2025-07-07-4, CVSS: medium] [bsc#1246299, CVE-2025-6395] * libgnutls: Fix heap read buffer overrun in parsing X.509 SCTS timestamps Spotted by oss-fuzz and reported by OpenAI Security Research Team, and fix developed by Andrew Hamilton. [GNUTLS-SA-2025-07-07-1, CVSS: medium] [bsc#1246233, CVE-2025-32989] * libgnutls: Fix double-free upon error when exporting otherName in SAN Reported by OpenAI Security Research Team. [GNUTLS-SA-2025-07-07-2, CVSS: low] [bsc#1246232, CVE-2025-32988] * certtool: Fix 1-byte write buffer overrun when parsing template Reported by David Aitel. [GNUTLS-SA-2025-07-07-3, CVSS: low] [bsc#1246267, CVE-2025-32990] * libgnutls: PKCS#11 modules can now be used to override the default cryptographic backend. Use the [provider] section in the system-wide config to specify path and pin to the module (see system-wide config Documentation). * libgnutls: Linux kernel version 6.14 brings a Kernel TLS (kTLS) key update support. The library running on the aforementioned version now utilizes the kernel’s key update mechanism when kTLS is enabled, allowing uninterrupted TLS session. The --enable-ktls configure option as well as the system-wide kTLS configuration(see GnuTLS Documentation) are still required to enable this feature. * libgnutls: liboqs support for PQC has been removed For maintenance purposes, support for post-quantum cryptography (PQC) is now only provided through leancrypto. The experimental key exchange algorithm, X25519Kyber768Draft00, which is based on the round 3 candidate of Kyber and only supported through liboqs has also been removed altogether. * libgnutls: TLS certificate compression methods can now be set with cert-compression-alg configuration option in the gnutls priority file. * libgnutls: All variants of ML-DSA private key formats are supported While the previous implementation of ML-DSA was based on draft-ietf-lamps-dilithium-certificates-04, this updates it to draft-ietf-lamps-dilithium-certificates-12 with support for all 3 variants of private key formats: "seed", "expandedKey", and "both". * libgnutls: ML-DSA signatures can now be used in TLS The ML-DSA signature algorithms, ML-DSA-44, ML-DSA-65, and ML-DSA-87, can now be used to digitally sign TLS handshake messages. * API and ABI modifications: - GNUTLS_PKCS_MLDSA_SEED: New enum member of gnutls_pkcs_encrypt_flags_t - GNUTLS_PKCS_MLDSA_EXPANDED: New enum member of gnutls_pkcs_encrypt_flags_t - Add patch gnutls-3.8.10-disable-ktls_test.patch - Rebased patches: * gnutls-FIPS-140-3-references.patch * gnutls-FIPS-disable-mac-sha1.patch * gnutls-disable-flaky-test-dtls-resume.patch * gnutls-skip-pqx-test.patch ++++ hwinfo: - merge gh#openSUSE/hwinfo#170 - Makefile: fix build for ARCH=i686 - 25.0 - merge gh#openSUSE/hwinfo#165 - Fix memory leaks in block device name handling - merge gh#openSUSE/hwinfo#164 - feat: capture usb alternate setting - feat: capture usb interface association - feat: use interface association descriptor first when classifying usb devices - USB improvements - merge gh#openSUSE/hwinfo#169 - add nvmeof and iscsi info (jsc#PED-13261, jsc#PED-13209) ++++ texinfo: - Add texinfo-perl-5.42.patch: Fix syntax to be unambiguous if (! $str eq '') is not really clear; is it (!$str) eq '' or !($str eq '') Perl 5.42 rightly flagges this syntax with: Possible precedence problem between ! and string eq Assuming !($str eq '') was meant, we can rewrite this as $str ne '', which happens to also be used in multiple places already (sometimes just a few lines further down in the same files) ++++ kernel-default: - scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). - scsi: sd: Fix VPD page 0xb7 length check (git-fixes). - scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes). - scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes). - scsi: megaraid_sas: Fix invalid node index (git-fixes). - aoe: clean device rq_list in aoedev_downdev() (git-fixes). - block: use plug request list tail for one-shot backmerge attempt (git-fixes). - block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work (git-fixes). - block: Clear BIO_EMULATES_ZONE_APPEND flag on BIO completion (git-fixes). - md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). - scsi: smartpqi: Add new PCI IDs (git-fixes). - block: use q->elevator with ->elevator_lock held in elv_iosched_show() (git-fixes). - commit abdb18a - mm: fix uprobe pte be overwritten when expanding vma (CVE-2025-38207 bsc#1246004). - commit b1729e5 - ipc: fix to protect IPCS lookups using RCU (CVE-2025-38212 bsc#1246029). - commit 78df593 - calipso: unlock rcu before returning -EAFNOSUPPORT (CVE-2025-38147 bsc#1245768). - calipso: Don't call calipso functions for AF_INET sk (CVE-2025-38147 bsc#1245768). - commit ddcefe6 - s390x config: set CONFIG_PCI_NR_FUNCTIONS=512 (bsc#1246470 LTC#214321) - commit 1465ef8 - x86/fred: Fix system hang during S4 resume with FRED enabled (bsc#1245084 CVE-2025-38047). - commit 622750a - hisi_acc_vfio_pci: bugfix live migration function without VF device driver (CVE-2025-38283 bsc#1246273). - configfs-tsm-report: Fix NULL dereference of tsm_ops (CVE-2025-38210 bsc#1246020). - commit fb63fb6 ++++ kernel-rt: - scsi: core: Enforce unlimited max_segment_size when virt_boundary_mask is set (git-fixes). - scsi: sd: Fix VPD page 0xb7 length check (git-fixes). - scsi: qla4xxx: Fix missing DMA mapping error in qla4xxx_alloc_pdu() (git-fixes). - scsi: qla2xxx: Fix DMA mapping test in qla24xx_get_port_database() (git-fixes). - scsi: megaraid_sas: Fix invalid node index (git-fixes). - aoe: clean device rq_list in aoedev_downdev() (git-fixes). - block: use plug request list tail for one-shot backmerge attempt (git-fixes). - block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work (git-fixes). - block: Clear BIO_EMULATES_ZONE_APPEND flag on BIO completion (git-fixes). - md/md-bitmap: fix dm-raid max_write_behind setting (git-fixes). - scsi: smartpqi: Add new PCI IDs (git-fixes). - block: use q->elevator with ->elevator_lock held in elv_iosched_show() (git-fixes). - commit abdb18a - mm: fix uprobe pte be overwritten when expanding vma (CVE-2025-38207 bsc#1246004). - commit b1729e5 - ipc: fix to protect IPCS lookups using RCU (CVE-2025-38212 bsc#1246029). - commit 78df593 - calipso: unlock rcu before returning -EAFNOSUPPORT (CVE-2025-38147 bsc#1245768). - calipso: Don't call calipso functions for AF_INET sk (CVE-2025-38147 bsc#1245768). - commit ddcefe6 - s390x config: set CONFIG_PCI_NR_FUNCTIONS=512 (bsc#1246470 LTC#214321) - commit 1465ef8 - x86/fred: Fix system hang during S4 resume with FRED enabled (bsc#1245084 CVE-2025-38047). - commit 622750a - hisi_acc_vfio_pci: bugfix live migration function without VF device driver (CVE-2025-38283 bsc#1246273). - configfs-tsm-report: Fix NULL dereference of tsm_ops (CVE-2025-38210 bsc#1246020). - commit fb63fb6 ++++ gcc15: - Update to GCC 15 branch head, 15.1.1+git9973 - Fixes PR120995, unrecognizable insn UNSPEC_COMPARE_AND_SWAP with rv64gc_zabha_zacas ++++ libcontainers-common: - Remove subpackage libcontainers-sles-mounts and prevent auto mounting SUSEConnect credentials from host to container. SLE16 onwards, the idea is to expect users to explicitly mount secrets. (bsc#1246227) ++++ libzypp: - Add runtime check for a broken rpm-4.18.0 --runpostrans (bsc#1246149) - Add regression test for bsc#1245220 and some other filesize related tests. - version 17.37.11 (35) ++++ python-requests: - Add revert-caching-default-sslcontext.patch upstream patch to avoid problems with certificate caching in sslcontext. bsc#1246104, gh#psf/requests#6767 ++++ rust-keylime: - Update vendored crates (bsc#1242623, CVE-2025-3416) * openssl 0.10.73 - Update to version 0.2.7+117: * Increase coverage in evidence handling structure * Add Capabilities Negotiations resp. missing fields * Fix UEFI test to check file access in all cases * context_info_handler: Do not assume /var/lib/keylime exists * Fix clippy warnings about uninlined format arguments * attestation: Allow unwrap() in tests * Increase coverage (groom code, extend unit tests) * Include IMA/UEFI logs in Evidence Handling request * Include method to get all IMA entries as string * Send correct list of pcr banks and sign algorithms * Try to fix TPM tests related issues * Define attestation perform asynchronous * Perform attestation in push model agent binary * Refactor code to use new attestation.rs * Create attestation.rs for Attestation stuff * Move ContextInfo management to its own handler * Adjust context_info.rs after rebase * Add attestation function to ContextInfo structure * Add prohibited signing algorithms, avoid ecschnorr * keylime/config: Use macro to implement PushModelConfigTrait * Introduce keylime-macros and define_view_trait * config: Remove KeylimeConfig structure * config: Remove unnecessary options and lazy initialization * Fix pcr_bank function to send all possible slots * Send Content-Type:application/json on request (#1039) * Send correct 'key_algorithm' in certification_keys (#1035) * Push Model: Persist Attestation Key to file * Add Keylime push model binary to root GNUmakefile * Use singleton to avoid multiple Context allocation * tests: Do not assume `/var/lib/keylime` exists (#1030) * lib/cert: Fix race condition due to use of same file path * payloads: Fix race condition in tests * Add uefi_log_handler.rs to parse UEFI binary * Use IMA log parser to send correct entry count * Add IMA log parser * build(deps): bump once_cell from 1.19.0 to 1.21.3 * lib/config/base.rs: Add more unit tests * lib/permissions: Add unit tests * keylime-agent: move JsonWrapper from common.rs to the library * lib/agent_data: Move agent_data related tests from common * common: Replace APIVersion with the library Version structure * keylime_agent: Move secure_mount.rs to the library * lib: Rename keylime_error.rs as error.rs * config: Move config to keylime library * config: Rename push_model_config to push_model * lib: Move permissions.rs from keylime-agent to the lib * Extract Capabilities Negotiation info from TPM (#1014) ------------------------------------------------------------------ ------------------ 2025-7-13 - Jul 13 2025 ------------------- ------------------------------------------------------------------ ++++ gnutls: - enable ktls support - enable brotli and zstd compression support ++++ open-iscsi: - Update to version 2.1.11.suse+73.1723affc61eb: * README for rpm build directory * Fix issue with IPv6 adapter interfaces (#508, bsc#1240969) * fwparam_ppc.c: Fix the calloc-transposed-args issue (#504) * Makefile: fix "No rule to make target 'iscsiuio/Makefile.in" issue (#506) * Fix typo in initiator.c (#507) - Fixed some issues in this changes file * One date had incorrect format from 2014 * Two separator lines were formatted incrrectly ++++ kernel-default: - kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). - maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). - maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (git-fixes). - kasan: avoid sleepable page allocation from atomic context (git-fixes). - commit 3186bf7 ++++ kernel-rt: - kasan: remove kasan_find_vm_area() to prevent possible deadlock (git-fixes). - maple_tree: fix mt_destroy_walk() on root leaf node (git-fixes). - maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() (git-fixes). - kasan: avoid sleepable page allocation from atomic context (git-fixes). - commit 3186bf7 ------------------------------------------------------------------ ------------------ 2025-7-12 - Jul 12 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Add SLFO test-image-disk-simple integration test Add simple disk test and allow for testing the new transparent container idea for the aws toolchain. also add SLFO builds to the helper script ++++ kernel-default: - drm/imagination: Fix kernel crash when hard resetting the GPU (git-fixes). - drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). - drm/xe/pm: Correct comment of xe_pm_set_vram_threshold() (git-fixes). - drm/xe/bmg: fix compressed VRAM handling (git-fixes). - Revert "drm/xe/xe2: Enable Indirect Ring State support for Xe2" (git-fixes). - drm/xe: Allocate PF queue size on pow2 boundary (git-fixes). - drm/xe/pf: Clear all LMTT pages on alloc (git-fixes). - nbd: fix uaf in nbd_genl_connect() error path (git-fixes). - can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). - net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). - net: phy: microchip: Use genphy_soft_reset() to purge stale LPA bits (git-fixes). - wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). - wifi: mt76: mt7921: prevent decap offload config before STA initialization (git-fixes). - wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_sta_set_decap_offload() (git-fixes). - wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). - wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). - wifi: mwifiex: discard erroneous disassoc frames on STA interface (git-fixes). - wifi: mac80211: fix non-transmitted BSSID profile search (git-fixes). - wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). - commit 7d2f716 ++++ kernel-rt: - drm/imagination: Fix kernel crash when hard resetting the GPU (git-fixes). - drm/tegra: nvdec: Fix dma_alloc_coherent error check (git-fixes). - drm/xe/pm: Correct comment of xe_pm_set_vram_threshold() (git-fixes). - drm/xe/bmg: fix compressed VRAM handling (git-fixes). - Revert "drm/xe/xe2: Enable Indirect Ring State support for Xe2" (git-fixes). - drm/xe: Allocate PF queue size on pow2 boundary (git-fixes). - drm/xe/pf: Clear all LMTT pages on alloc (git-fixes). - nbd: fix uaf in nbd_genl_connect() error path (git-fixes). - can: m_can: m_can_handle_lost_msg(): downgrade msg lost in rx message to debug level (git-fixes). - net: phy: microchip: limit 100M workaround to link-down events on LAN88xx (git-fixes). - net: phy: microchip: Use genphy_soft_reset() to purge stale LPA bits (git-fixes). - wifi: mt76: mt7925: Fix null-ptr-deref in mt7925_thermal_init() (git-fixes). - wifi: mt76: mt7921: prevent decap offload config before STA initialization (git-fixes). - wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_sta_set_decap_offload() (git-fixes). - wifi: mt76: mt7925: fix invalid array index in ssid assignment during hw scan (git-fixes). - wifi: mt76: mt7925: fix the wrong config for tx interrupt (git-fixes). - wifi: mwifiex: discard erroneous disassoc frames on STA interface (git-fixes). - wifi: mac80211: fix non-transmitted BSSID profile search (git-fixes). - wifi: zd1211rw: Fix potential NULL pointer dereference in zd_mac_tx_to_dev() (git-fixes). - commit 7d2f716 ------------------------------------------------------------------ ------------------ 2025-7-11 - Jul 11 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - add a requirement on /usr/sbin/kdumptool for cockpit-kdump (bsc#1227402) - add libzypp-plugin-appdata dependency to cockpit-packagekit as this will generate the swcatalog which it depends on for calculating various cockpit packages ++++ grub2: - Enable loongarch64 build (bsc#1234248) ++++ kernel-default: - xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). - commit f532c0d - hisi_acc_vfio_pci: fix XQE dma address error (CVE-2025-38158 bsc#1245750). - commit d6de051 - platform/x86: think-lmi: Create ksets consecutively (stable-fixes). - Refresh patches.suse/platform-x86-think-lmi-Fix-kobject-cleanup.patch. - commit ed9e879 - ASoC: tas2764: Extend driver to SN012776 (stable-fixes). - Refresh patches.suse/ASoC-tas2764-Reinit-cache-on-part-reset.patch. - commit d98ebe4 - drm/xe/guc: Dead CT helper (stable-fixes). - Refresh patches.suse/drm-xe-Fix-early-wedge-on-GuC-load-failure.patch. - commit f279fcb - net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). - net: phy: smsc: Force predictable MDI-X state on LAN87xx (git-fixes). - net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes). - Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes). - Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). - platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes). - platform/x86: think-lmi: Fix class device unregistration (git-fixes). - platform/x86: hp-bioscfg: Fix class device unregistration (git-fixes). - usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). - Logitech C-270 even more broken (stable-fixes). - Input: xpad - support Acer NGR 200 Controller (stable-fixes). - dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). - mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). - drm/xe/guc: Explicitly exit CT safe mode on unwind (git-fixes). - drm/xe: move DPT l2 flush to a more sensible place (git-fixes). - drm/xe: Move DSB l2 flush to a more sensible place (git-fixes). - ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes). - mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). - ASoC: amd: yc: update quirk data for HP Victus (stable-fixes). - ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). - ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes). - ALSA: sb: Don't allow changing the DMA mode during operations (stable-fixes). - drm/msm: Fix another leak in the submit error path (stable-fixes). - drm/msm: Fix a fence leak in submit error path (stable-fixes). - regulator: fan53555: add enable_time support and soft-start times (stable-fixes). - wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). - wifi: mac80211: drop invalid source address OCB frames (stable-fixes). - ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). - platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). - ACPI: thermal: Execute _SCP before reading trip points (git-fixes). - crypto: zynqmp-sha - Add locking (git-fixes). - crypto: iaa - Do not clobber req->base.data (git-fixes). - crypto: iaa - Remove dst_null support (stable-fixes). - spinlock: extend guard with spinlock_bh variants (stable-fixes). - ACPI: thermal: Fix stale comment regarding trip points (stable-fixes). - platform/x86: dell-sysman: Directly use firmware_attributes_class (stable-fixes). - platform/x86: hp-bioscfg: Directly use firmware_attributes_class (stable-fixes). - platform/x86: think-lmi: Directly use firmware_attributes_class (stable-fixes). - platform/x86: firmware_attributes_class: Simplify API (stable-fixes). - platform/x86: firmware_attributes_class: Move include linux/device/class.h (stable-fixes). - drm/xe: Allow bo mapping on multiple ggtts (stable-fixes). - drm/xe: add interface to request physical alignment for buffer objects (stable-fixes). - drm/xe: Fix DSB buffer coherency (stable-fixes). - drm/xe: Replace double space with single space after comma (stable-fixes). - commit 909dad5 - i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200 bsc#1246045). - net: cadence: macb: Fix a possible deadlock in macb_halt_tx (CVE-2025-38094 bsc#1245649). - commit 13d7db9 - x86/process: Move the buffer clearing before MONITOR (bsc#1238896 CVE-2024-36350 CVE-2024-36357 CVE-2024-36348 CVE-2024-36349). - commit 8266745 - x86/microcode/AMD: Add TSA microcode SHAs (bsc#1238896 CVE-2024-36350 CVE-2024-36357 CVE-2024-36348 CVE-2024-36349). - commit b20882f - KVM: SVM: Advertise TSA CPUID bits to guests (bsc#1238896 CVE-2024-36350 CVE-2024-36357 CVE-2024-36348 CVE-2024-36349). - commit eae5894 - x86/cpu: Avoid running off the end of an AMD erratum table (git-fixes). - commit 1a01a37 - x86/cpu: Move AMD erratum 1386 table over to 'x86_cpu_id' (git-fixes). - commit 00956a9 - x86/cpu: Replace PEBS use of 'x86_cpu_desc' use with 'x86_cpu_id' (git-fixes). - commit a673ad4 - x86/cpu: Introduce new microcode matching helper (git-fixes). - commit e274dab - x86/bugs: Add a Transient Scheduler Attacks mitigation (bsc#1238896 CVE-2024-36350 CVE-2024-36357 CVE-2024-36348 CVE-2024-36349). - Update config files. - commit 8a110dc - kabi: fix dm-fix-dm_blk_report_zones.patch (CVE-2025-38140 bsc#1245717). - commit 701faad - net: clear the dst when changing skb protocol (bsc#1245954 CVE-2024-49861). - commit b34915e ++++ kernel-rt: - xfs: fix off-by-one error in fsmap's end_daddr usage (bsc#1235837). - commit f532c0d - hisi_acc_vfio_pci: fix XQE dma address error (CVE-2025-38158 bsc#1245750). - commit d6de051 - platform/x86: think-lmi: Create ksets consecutively (stable-fixes). - Refresh patches.suse/platform-x86-think-lmi-Fix-kobject-cleanup.patch. - commit ed9e879 - ASoC: tas2764: Extend driver to SN012776 (stable-fixes). - Refresh patches.suse/ASoC-tas2764-Reinit-cache-on-part-reset.patch. - commit d98ebe4 - drm/xe/guc: Dead CT helper (stable-fixes). - Refresh patches.suse/drm-xe-Fix-early-wedge-on-GuC-load-failure.patch. - commit f279fcb - net: phy: smsc: Fix link failure in forced mode with Auto-MDIX (git-fixes). - net: phy: smsc: Force predictable MDI-X state on LAN87xx (git-fixes). - net: phy: smsc: Fix Auto-MDIX configuration when disabled by strap (git-fixes). - Bluetooth: hci_event: Fix not marking Broadcast Sink BIS as connected (git-fixes). - Bluetooth: hci_sync: Fix not disabling advertising instance (git-fixes). - platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes). - platform/x86: think-lmi: Fix class device unregistration (git-fixes). - platform/x86: hp-bioscfg: Fix class device unregistration (git-fixes). - usb: xhci: quirk for data loss in ISOC transfers (stable-fixes). - Logitech C-270 even more broken (stable-fixes). - Input: xpad - support Acer NGR 200 Controller (stable-fixes). - dma-buf: fix timeout handling in dma_resv_wait_timeout v2 (stable-fixes). - mmc: sdhci: Add a helper function for dump register in dynamic debug mode (stable-fixes). - drm/xe/guc: Explicitly exit CT safe mode on unwind (git-fixes). - drm/xe: move DPT l2 flush to a more sensible place (git-fixes). - drm/xe: Move DSB l2 flush to a more sensible place (git-fixes). - ACPICA: Refuse to evaluate a method if arguments are missing (stable-fixes). - mtd: spinand: fix memory leak of ECC engine conf (stable-fixes). - ASoC: amd: yc: update quirk data for HP Victus (stable-fixes). - ASoC: amd: yc: Add quirk for MSI Bravo 17 D7VF internal mic (stable-fixes). - ALSA: sb: Force to disable DMAs once when DMA mode is changed (stable-fixes). - ALSA: sb: Don't allow changing the DMA mode during operations (stable-fixes). - drm/msm: Fix another leak in the submit error path (stable-fixes). - drm/msm: Fix a fence leak in submit error path (stable-fixes). - regulator: fan53555: add enable_time support and soft-start times (stable-fixes). - wifi: ath6kl: remove WARN on bad firmware input (stable-fixes). - wifi: mac80211: drop invalid source address OCB frames (stable-fixes). - ata: pata_cs5536: fix build on 32-bit UML (stable-fixes). - platform/x86/amd/pmc: Add PCSpecialist Lafite Pro V 14M to 8042 quirks list (stable-fixes). - ACPI: thermal: Execute _SCP before reading trip points (git-fixes). - crypto: zynqmp-sha - Add locking (git-fixes). - crypto: iaa - Do not clobber req->base.data (git-fixes). - crypto: iaa - Remove dst_null support (stable-fixes). - spinlock: extend guard with spinlock_bh variants (stable-fixes). - ACPI: thermal: Fix stale comment regarding trip points (stable-fixes). - platform/x86: dell-sysman: Directly use firmware_attributes_class (stable-fixes). - platform/x86: hp-bioscfg: Directly use firmware_attributes_class (stable-fixes). - platform/x86: think-lmi: Directly use firmware_attributes_class (stable-fixes). - platform/x86: firmware_attributes_class: Simplify API (stable-fixes). - platform/x86: firmware_attributes_class: Move include linux/device/class.h (stable-fixes). - drm/xe: Allow bo mapping on multiple ggtts (stable-fixes). - drm/xe: add interface to request physical alignment for buffer objects (stable-fixes). - drm/xe: Fix DSB buffer coherency (stable-fixes). - drm/xe: Replace double space with single space after comma (stable-fixes). - commit 909dad5 - i40e: fix MMIO write access to an invalid page in i40e_clear_hw (CVE-2025-38200 bsc#1246045). - net: cadence: macb: Fix a possible deadlock in macb_halt_tx (CVE-2025-38094 bsc#1245649). - commit 13d7db9 - x86/process: Move the buffer clearing before MONITOR (bsc#1238896 CVE-2024-36350 CVE-2024-36357 CVE-2024-36348 CVE-2024-36349). - commit 8266745 - x86/microcode/AMD: Add TSA microcode SHAs (bsc#1238896 CVE-2024-36350 CVE-2024-36357 CVE-2024-36348 CVE-2024-36349). - commit b20882f - KVM: SVM: Advertise TSA CPUID bits to guests (bsc#1238896 CVE-2024-36350 CVE-2024-36357 CVE-2024-36348 CVE-2024-36349). - commit eae5894 - x86/cpu: Avoid running off the end of an AMD erratum table (git-fixes). - commit 1a01a37 - x86/cpu: Move AMD erratum 1386 table over to 'x86_cpu_id' (git-fixes). - commit 00956a9 - x86/cpu: Replace PEBS use of 'x86_cpu_desc' use with 'x86_cpu_id' (git-fixes). - commit a673ad4 - x86/cpu: Introduce new microcode matching helper (git-fixes). - commit e274dab - x86/bugs: Add a Transient Scheduler Attacks mitigation (bsc#1238896 CVE-2024-36350 CVE-2024-36357 CVE-2024-36348 CVE-2024-36349). - Update config files. - commit 8a110dc - kabi: fix dm-fix-dm_blk_report_zones.patch (CVE-2025-38140 bsc#1245717). - commit 701faad - net: clear the dst when changing skb protocol (bsc#1245954 CVE-2024-49861). - commit b34915e ++++ llvm19: - Add reproducible.patch to make libomp.so reproducible (boo#1199076) - Replace usage of %jobs for reproducible builds (boo#1237231) ++++ at-spi2-core: - Add upstream fixes: + at-spi2-core-grab-memory-leak.patch + at-spi2-core-key-grabs.patch (glgo#GNOME/at-spi2-core!193) + at-spi2-core-plug-crash.patch (glgo#GNOME/at-spi2-core#198) ++++ procps: - Add patch procps-ng-4.0.5-bsc1246330.patch * Do not Fail in year 2038 (bsc#1246330) ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to 570.172.08 (boo#1246327) - supersedes * 0003-nv-dmabuf-Inline-dma_buf_attachment_is_dynamic.patch * 0004-nvidia-uvm-Disable-SVA-support-for-6.16.patch - update pci_ids-supported ++++ perl: - update to 5.42.0 * new pragma "source::encoding" * new ":writer" attribute on field variables * new "any" and "all" operators * lexical method declaration using "my method" * lexical method invocation operator "->&" * switch and Smart Match operator kept, behind a feature * unicode 16.0 supported * assigning logical xor "^^=" operator * many performance enhancements - drop perl-dirdup.diff (included upstream) ------------------------------------------------------------------ ------------------ 2025-7-10 - Jul 10 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Show reboot nofication after updates in packagekit * Add 0009-packagekit-reboot-notification.patch ++++ kernel-default: - dm: limit swapping tables for devices with zone write plugs (CVE-2025-38140 bsc#1245717). - commit 8c8d49f - dm: fix dm_blk_report_zones (CVE-2025-38140 bsc#1245717). - commit 6d395b8 - dm-table: check BLK_FEAT_ATOMIC_WRITES inside limits_lock (git-fixes). - commit d31c434 - coresight: prevent deactivate active config while enabling the config (CVE-2025-38131 bsc#1245677). - coresight: holding cscfg_csdev_lock while removing cscfg from csdev (CVE-2025-38132 bsc#1245679). - commit 4dcb9b9 - ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). - commit 13b2592 - ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). - ALSA: hda/tegra: Add Tegra264 support (stable-fixes). - commit df0e4a0 - ALSA: hda/realtek: Add quirk for ASUS ExpertBook B9403CVAR (stable-fixes). - ALSA: usb-audio: Improve filtering of sample rates on Focusrite devices (stable-fixes). - ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes). - commit 3d097e2 - ALSA: hda/realtek: Enable headset Mic on Positivo K116J (stable-fixes). - ALSA: hda/realtek - Add mute LED support for HP Victus 15-fb2xxx (stable-fixes). - ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes). - ALSA: hda/realtek: Enable headset Mic on Positivo P15X (stable-fixes). - ALSA: hda/realtek: Add quirk for Asus GA605K (stable-fixes). - commit c130ef1 - pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). - pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). - commit f2d1e17 ++++ kernel-firmware-amdgpu: - Update to version 20250708 (git commit 99d64b4f788c): * amdgpu: Add DCN 3.6 * amdgpu: Add PSP 14.0.5 * amdgpu: Add SDMA 6.1.3 * amdgpu: Add GC 11.5.3 ++++ kernel-firmware-i915: - Update to version 20250708 (git commit 99d64b4f788c): * xe: Add fan_control v203.0.0.0 for BMG ++++ kernel-firmware-mediatek: - Update to version 20250708 (git commit 99d64b4f788c): * mediatek MT7921: update bluetooth firmware to 20250625154126 ++++ kernel-firmware-qcom: - Update to version 20250708 (git commit 99d64b4f788c): * qcom/adreno: move A610 and A702 ZAP files to Adreno driver section * qcom: Add sdx61 Foxconn vendor firmware image file ++++ kernel-rt: - dm: limit swapping tables for devices with zone write plugs (CVE-2025-38140 bsc#1245717). - commit 8c8d49f - dm: fix dm_blk_report_zones (CVE-2025-38140 bsc#1245717). - commit 6d395b8 - dm-table: check BLK_FEAT_ATOMIC_WRITES inside limits_lock (git-fixes). - commit d31c434 - coresight: prevent deactivate active config while enabling the config (CVE-2025-38131 bsc#1245677). - coresight: holding cscfg_csdev_lock while removing cscfg from csdev (CVE-2025-38132 bsc#1245679). - commit 4dcb9b9 - ACPI: PRM: Reduce unnecessary printing to avoid user confusion (bsc#1246122). - commit 13b2592 - ALSA: hda: Add missing NVIDIA HDA codec IDs (stable-fixes). - ALSA: hda/tegra: Add Tegra264 support (stable-fixes). - commit df0e4a0 - ALSA: hda/realtek: Add quirk for ASUS ExpertBook B9403CVAR (stable-fixes). - ALSA: usb-audio: Improve filtering of sample rates on Focusrite devices (stable-fixes). - ALSA: hda/realtek - Enable mute LED on HP Pavilion Laptop 15-eg100 (stable-fixes). - commit 3d097e2 - ALSA: hda/realtek: Enable headset Mic on Positivo K116J (stable-fixes). - ALSA: hda/realtek - Add mute LED support for HP Victus 15-fb2xxx (stable-fixes). - ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes). - ALSA: hda/realtek: Enable headset Mic on Positivo P15X (stable-fixes). - ALSA: hda/realtek: Add quirk for Asus GA605K (stable-fixes). - commit c130ef1 - pinctrl: amd: Clear GPIO debounce for suspend (git-fixes). - pinctrl: qcom: msm: mark certain pins as invalid for interrupts (git-fixes). - commit f2d1e17 ++++ python313-core: - Fix gil/nogil package description, bsc#1246229 ++++ net-tools: - Perform bound checks when parsing interface labels in /proc/net/dev (bsc#1243581, CVE-2025-46836, net-tools-CVE-2025-46836.patch, net-tools-CVE-2025-46836-regression.patch). ++++ python313: - Fix gil/nogil package description, bsc#1246229 ++++ systemd-presets-common-SUSE: - Add cockpit.socket to improve user experience as it is replacing YaST (jsc#PED-13228) ++++ ucode-amd: - Update to version 20250708 (git commit 99d64b4f788c): * linux-firmware: Update AMD cpu microcode ------------------------------------------------------------------ ------------------ 2025-7-9 - Jul 9 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit-machines: - Explicitly set uefi as default firmware (bsc#1245145) ++++ docker: - Update to Docker 28.3.2-ce. See upstream changelog online at ++++ python-kiwi: - Fixed check for unallocated space on disk So far the check for unallocated space was only working for GPT and there it was also not really stable. The check was based on verifying if the backup GPT table is really at the end of the disk. Depending on which tool was used to dump the image on the target this "mistake" often got corrected by the tools that dumped the image. In this case the check no longer worked. This commit improves the check by another test which looks for the real free bytes on disk compared to the current partition geometry. - Move to neutral directory for calling osc When calling the helper/build_status.sh script to get an overview about the results of the integration tests, there is a stupid new behavior from the osc tool that it assumes a package name according to the name of the directory you are in probably connected to the fact that the data in this directory is a git checkout or some other strange assumption. This commit moves to a neutral directory where none of the osc internal assumptions applies and it just does what it should do... showing results of the given project. - Bump version: 10.2.26 → 10.2.27 ++++ transactional-update: - Version 5.0.6 - Fix missing x-initrd.mount in fstab on migration [boo#1246139] When migrating overlayfs based /etc to btrfs subvolumes, then the attribute was not set - this may result in failures from services operating on /etc during initrd phase such as SELinux relabelling - Optimize execution time of tests ++++ git: - refreshed gitk sha256 patches: 0001-gitk-Add-support-of-SHA256-repo.patch 0002-git-gui-Add-support-of-SHA256-repo.patch - update to 2.50.1 (boo#1245938 boo#1245939 boo#1245942 boo#1245943 boo#1245946 boo#1245947) Security fixes for CVE-2025-27613, CVE-2025-27614, CVE-2025-46334, CVE-2025-46835, CVE-2025-48384, CVE-2025-48385, and CVE-2025-48386 CVE-2025-27613, Gitk: When a user clones an untrusted repository and runs Gitk without additional command arguments, any writable file can be created and truncated. The option "Support per-file encoding" must have been enabled. The operation "Show origin of this line" is affected as well, regardless of the option being enabled or not. CVE-2025-27614, Gitk: A Git repository can be crafted in such a way that a user who has cloned the repository can be tricked into running any script supplied by the attacker by invoking `gitk filename`, where `filename` has a particular structure. CVE-2025-46334, Git GUI (Windows only): A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. On Windows, path lookup can find such executables in the worktree. These programs are invoked when the user selects "Git Bash" or "Browse Files" from the menu. CVE-2025-46835, Git GUI: When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite any writable file. CVE-2025-48384, Git: When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing CR are not quoted, causing the CR to be lost when the config is later read. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read resulting in the submodule being checked out to an incorrect location. If a symlink exists that points the altered path to the submodule hooks directory, and the submodule contains an executable post-checkout hook, the script may be unintentionally executed after checkout. CVE-2025-48385, Git: When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection. This protocol injection can cause the client to write the fetched bundle to a location controlled by the adversary. The fetched content is fully controlled by the server, which can in the worst case lead to arbitrary code execution. CVE-2025-48386, Git: The wincred credential helper uses a static buffer (`target`) as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending to it with `wcsncat()`, leading to potential buffer overflows. ++++ kdump: - upgrade to version 2.1.1 * check for reserved memory on load for better error reporting * update man page * set KDUMP_CPUS to 1 on XEN (bsc#1244289) * load.sh clean up * use eval for PRESCRIPT, POSTSCRIPT and TRANSFER * sftp: fix key-based authentication * fix and improve calibrate build - update calibrate values ++++ kernel-default: - kabi: restore encap_sk in struct xfrm_state (CVE-2025-38097 bsc#1245660). - espintcp: remove encap socket caching to avoid reference leak (CVE-2025-38097 bsc#1245660). - commit 063ca35 - net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (CVE-2025-38183 bsc#1246006). - commit 39da23e - net_sched: sch_sfq: fix a potential crash on gso_skb handling (CVE-2025-38115 bsc#1245689). - commit 9e19da0 - ALSA: usb-audio: Kill timer properly at removal (CVE-2025-38105 bsc#1245682). - commit 79e6efd - rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) - commit 630f139 - exfat: fix double free in delayed_free (bsc#1246073 CVE-2025-38206). - commit ad15d15 - pwm: mediatek: Ensure to disable clocks in error path (git-fixes). - pwm: Fix invalid state detection (git-fixes). - ASoC: cs35l56: probe() should fail if the device ID is not recognized (git-fixes). - ASoC: fsl_sai: Force a software reset when starting in consumer mode (git-fixes). - ASoC: Intel: SND_SOC_INTEL_SOF_BOARD_HELPERS select SND_SOC_ACPI_INTEL_MATCH (git-fixes). - ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes). - ALSA: ad1816a: Fix potential NULL pointer deref in snd_card_ad1816a_pnp() (git-fixes). - commit 04c53e4 ++++ kernel-rt: - kabi: restore encap_sk in struct xfrm_state (CVE-2025-38097 bsc#1245660). - espintcp: remove encap socket caching to avoid reference leak (CVE-2025-38097 bsc#1245660). - commit 063ca35 - net: lan743x: fix potential out-of-bounds write in lan743x_ptp_io_event_clock_get() (CVE-2025-38183 bsc#1246006). - commit 39da23e - net_sched: sch_sfq: fix a potential crash on gso_skb handling (CVE-2025-38115 bsc#1245689). - commit 9e19da0 - ALSA: usb-audio: Kill timer properly at removal (CVE-2025-38105 bsc#1245682). - commit 79e6efd - rpm/mkspec: Fix missing kernel-syms-rt creation (bsc#1244337) - commit 630f139 - exfat: fix double free in delayed_free (bsc#1246073 CVE-2025-38206). - commit ad15d15 - pwm: mediatek: Ensure to disable clocks in error path (git-fixes). - pwm: Fix invalid state detection (git-fixes). - ASoC: cs35l56: probe() should fail if the device ID is not recognized (git-fixes). - ASoC: fsl_sai: Force a software reset when starting in consumer mode (git-fixes). - ASoC: Intel: SND_SOC_INTEL_SOF_BOARD_HELPERS select SND_SOC_ACPI_INTEL_MATCH (git-fixes). - ASoC: fsl_asrc: use internal measured ratio for non-ideal ratio mode (git-fixes). - ALSA: ad1816a: Fix potential NULL pointer deref in snd_card_ad1816a_pnp() (git-fixes). - commit 04c53e4 ++++ gcc15: - Prune the use of update-alternatives from openSUSE Factory and SLFO. - Adjust crosses to conflict consistently where they did not already and make them use unsuffixed binaries. ------------------------------------------------------------------ ------------------ 2025-7-8 - Jul 8 2025 ------------------- ------------------------------------------------------------------ ++++ dracut: - Update to version 059+suse.690.g496a1409: * fix(rngd): adjust license to match the license of the whole project * fix(dracut): kernel module name normalization in drivers lists (bsc#1241680) * fix(dracut-init): assign real path to srcmods (bsc#1241114) ++++ python-kiwi: - Fix regression in get_partition_node_name backwards compat for lsblk before 2.38 if START column not supported, fall back to default sort - Add global option --setenv Allow to set environment variables in the caller environment via the commandline, e.g --setenv SOURCE_DATE_EPOCH=42 - Seed filesystem UUIDs with SOURCE_DATE_EPOCH For reproducible builds the calculation of the filesystem UUID should be persistent with each rebuild of the image. To achieve this the UUID is calculated using the SOURCE_DATE_EPOCH from the environment plus a char-number representation of the filesystem label name as random seed. In kiwi every filesystem is created with a label, thus only in case there is no SOURCE_DATE_EPOCH available we continue to create the UUID as random data. This Fixes #2761 - Add label attribute for section Allow to specify a filesystem label as part of a definition. So far the label was set by the name of the partition. With the new label attribute, a filesystem label different from the partition name can be set. This commit also updates/fixes the documentation in this regard. - Improve log message in SystemIdentifier Add some scope information such that we know from where this log information originates from. ++++ grub2: - Backport upstream disk password retry (bsc#1245545) * 0001-disk-cryptodisk-Allow-user-to-retry-failed-passphras.patch ++++ jeos-firstboot: - Update to version 1.5.8: * Update files/usr/share/jeos-firstboot/jeos-firstboot-functions * Use SUSE_PRETTY_NAME as product name to display if it exists (bsc#1245364) * Use xterm-256color on WSL based hosts boo#1237756 ++++ kernel-default: - dm-raid: fix variable in journal device check (git-fixes). - commit 03404b3 - dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). - commit bbecd6f - dm-mirror: fix a tiny race condition (git-fixes). - commit 0d4f8fc - dm vdo indexer: don't read request structure after enqueuing (git-fixes). - commit 4cb65b5 - dm-table: Set BLK_FEAT_ATOMIC_WRITES for target queue limits (git-fixes). - commit 2396437 - dm-flakey: make corrupting read bios work (git-fixes). - commit b0152c6 - dm-flakey: error all IOs when num_features is absent (git-fixes). - commit fd9c57b - dm: lock limits when reading them (git-fixes). - commit 153ee47 - dm: handle failures in dm_table_set_restrictions (git-fixes). - commit 78fcb29 - dm: free table mempools if not used in __bind (git-fixes). - commit 5859b3f - dm: don't change md if dm_table_set_restrictions() fails (git-fixes). - commit 4bd9525 - virtgpu: don't reset on shutdown (git-fixes). - commit 901c686 - kernel/fork: only call untrack_pfn_clear() on VMAs duplicated for fork() (git-fix for CVE-2025-22090 bsc#1241537). - commit 09cb3ff - netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (CVE-2025-38162 bsc#1245752). - commit 8282c3d - vhost-scsi: protect vq->log_used with vq->mutex (CVE-2025-38074 bsc#1244735). - commit 4cc2d93 - crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (CVE-2025-37984 bsc#1243669). - commit 743073a - virtio: break and reset virtio devices on device_shutdown() (CVE-2025-38064 bsc#1245201). - commit dec0ac7 ++++ kernel-rt: - dm-raid: fix variable in journal device check (git-fixes). - commit 03404b3 - dm-verity: fix a memory leak if some arguments are specified multiple times (git-fixes). - commit bbecd6f - dm-mirror: fix a tiny race condition (git-fixes). - commit 0d4f8fc - dm vdo indexer: don't read request structure after enqueuing (git-fixes). - commit 4cb65b5 - dm-table: Set BLK_FEAT_ATOMIC_WRITES for target queue limits (git-fixes). - commit 2396437 - dm-flakey: make corrupting read bios work (git-fixes). - commit b0152c6 - dm-flakey: error all IOs when num_features is absent (git-fixes). - commit fd9c57b - dm: lock limits when reading them (git-fixes). - commit 153ee47 - dm: handle failures in dm_table_set_restrictions (git-fixes). - commit 78fcb29 - dm: free table mempools if not used in __bind (git-fixes). - commit 5859b3f - dm: don't change md if dm_table_set_restrictions() fails (git-fixes). - commit 4bd9525 - virtgpu: don't reset on shutdown (git-fixes). - commit 901c686 - kernel/fork: only call untrack_pfn_clear() on VMAs duplicated for fork() (git-fix for CVE-2025-22090 bsc#1241537). - commit 09cb3ff - netfilter: nft_set_pipapo: prevent overflow in lookup table allocation (CVE-2025-38162 bsc#1245752). - commit 8282c3d - vhost-scsi: protect vq->log_used with vq->mutex (CVE-2025-38074 bsc#1244735). - commit 4cc2d93 - crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() (CVE-2025-37984 bsc#1243669). - commit 743073a - virtio: break and reset virtio devices on device_shutdown() (CVE-2025-38064 bsc#1245201). - commit dec0ac7 ++++ samba: - Update to 4.22.3 * samba-tool cannot add user to group whose name is exactly 16 characters long; (bso#15854); * Windows security hardening locks out schannel'ed netlogon dc calls like netr_DsRGetDCName; (bsc#1246431); (bso#15876); * Startup messages of rpc deamons fills /var/log/messages; (bso#15869); ++++ libvirt: - qemu: ARM: Change default SCSI controller model from 'lsilogic' to 'virtio-scsi' bsc#1240762 ++++ ovmf: - Backport the patch from edk2-stable202505 (jsc#PED-13202) - ovmf-UefiCpuPkg-MpInitLib-Fix-SNP-AP-creation.patch dca5d26bc57e UefiCpuPkg/MpInitLib: Fix SNP AP creation when using known APIC IDs ++++ read-only-root-fs: - Update to version 1.0+git20250708.3eed5de: * writable-etc: Install findmnt instead of mountpoint * CI: Omit volatile-overlay from the initrd * Add basic CI * Only remount when [/sysroot]/etc is ro (bsc#1246021) ++++ systemd-rpm-macros: - Bump version to 26 ------------------------------------------------------------------ ------------------ 2025-7-7 - Jul 7 2025 ------------------- ------------------------------------------------------------------ ++++ container-selinux: - Update to version 2.239.0: * Allow containers to use hsa devices for ROCM ++++ python-kiwi: - Add rd.kiwi.install.devicepersistency Allow to specify which type of persistent device name should be used to build up the list of installation disk devices. For example rd.kiwi.install.devicepersistency=by-path would use the by-path representations for the available disk devices. The default (by-id) stays untouched. In case an invalid or not present device representation is selected, kiwi falls back to the non persistent unix node names. ++++ hwinfo: - merge gh#openSUSE/hwinfo#167 - fix usb network card detection (bsc#1245950) - 24.1 ++++ kernel-default: - rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810 CVE-2024-53160) - commit cc08ae0 - net: dsa: clean up FDB, MDB, VLAN entries on unbind (CVE-2025-37864 bsc#1242965). - commit 9f73d53 - NFSv4: Always set NLINK even if the server doesn't support it (git-fixes). - commit ab761d1 - NFSv4.2: fix listxattr to return selinux security label (git-fixes). - commit b10a707 - NFSv4.2: fix setattr caching of TIME_[MODIFY|ACCESS]_SET when timestamps are delegated (git-fixes). - commit 3f2e95e - NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes). - commit 4564984 - sunrpc: don't immediately retransmit on seqno miss (git-fixes). - commit eaac877 - usb: typec: displayport: Fix potential deadlock (git-fixes). - commit bf24223 - iio: dac: ad3552r: changes to use FIELD_PREP (stable-fixes). - Refresh patches.suse/iio-dac-ad3552r-clear-reset-status-flag.patch. - commit 9805aa5 - accel/ivpu: Make command queue ID allocated on XArray (stable-fixes). - Refresh patches.suse/accel-ivpu-Fix-locking-order-in-ivpu_job_submit.patch. - commit f24456f - accel/ivpu: Do not fail on cmdq if failed to allocate preemption buffers (stable-fixes). - Refresh patches.suse/accel-ivpu-Use-xa_alloc_cyclic-instead-of-custom-fun.patch. - commit d5a180a - drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes). - ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). - wifi: mac80211: finish link init before RCU publish (git-fixes). - Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). - spi: spi-cadence-quadspi: Fix pm runtime unbalance (git-fixes). - drm/xe: Fix early wedge on GuC load failure (git-fixes). - drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). - drm/amdgpu: Fix SDMA UTC_L1 handling during start/stop sequences (stable-fixes). - drm/amd/display: Check dce_hwseq before dereferencing it (stable-fixes). - drm/amdgpu: Add kicker device detection (stable-fixes). - drm/amd/display: Fix RMCM programming seq errors (stable-fixes). - drm/amd/display: Fix mpv playback corruption on weston (stable-fixes). - drm/i915/dsi: Fix off by one in BXT_MIPI_TRANS_VTOTAL (stable-fixes). - ASoC: rt1320: fix speaker noise when volume bar is 100% (stable-fixes). - ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). - ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes). - usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes). - usb: potential integer overflow in usbg_make_tpg() (stable-fixes). - usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). - usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). - usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). - usb: gadget: f_hid: wake up readers on disable/unbind (stable-fixes). - usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). - usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes). - 8250: microchip: pci1xxxx: Add PCIe Hot reset disable support for Rev C0 and later devices (stable-fixes). - iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). - iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes). - misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe() (stable-fixes). - drm/scheduler: signal scheduled fence when kill job (stable-fixes). - drm/amd/display: Correct non-OLED pre_T11_delay (stable-fixes). - amd/amdkfd: fix a kfd_process ref leak (stable-fixes). - drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). - drm/amdgpu: seq64 memory unmap uses uninterruptible lock (stable-fixes). - Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). - dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). - dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). - PCI: imx6: Add workaround for errata ERR051624 (stable-fixes). - PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). - PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (stable-fixes). - leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). - mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). - hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). - wifi: mac80211: Create separate links for VLAN interfaces (stable-fixes). - wifi: mac80211: Add link iteration macro for link data (stable-fixes). - drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). - drm/xe: Fix taking invalid lock on wedge (stable-fixes). - ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). - accel/ivpu: Separate DB ID and CMDQ ID allocations from CMDQ allocation (stable-fixes). - drm/amdkfd: Fix instruction hazard in gfx12 trap handler (stable-fixes). - types: Complement the aligned types with signed 64-bit one (stable-fixes). - drm/amdkfd: remove gfx 12 trap handler page size cap (stable-fixes). - accel/ivpu: Remove copy engine support (stable-fixes). - net: phy: realtek: add RTL8125D-internal PHY (stable-fixes). - net: phy: realtek: merge the drivers for internal NBase-T PHY's (stable-fixes). - commit 3355077 ++++ kernel-firmware-bluetooth: - Update to version 20250707 (git commit ba5e4e381494): * Revert "linux-firmware: Update firmware file for Intel Pulsar core" ++++ kernel-firmware-i915: - Update to version 20250707 (git commit ba5e4e381494): * xe: First HuC release for Pantherlake * xe: First GuC release for Pantherlake ++++ kernel-firmware-mediatek: - Update to version 20250707 (git commit ba5e4e381494): * linux-firmware: update firmware for MT7921 WiFi device ++++ kernel-firmware-qcom: - Update to version 20250707 (git commit ba5e4e381494): * qcom/adreno: sort entries in WHENCE ++++ kernel-rt: - rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu (bsc#1234810 CVE-2024-53160) - commit cc08ae0 - net: dsa: clean up FDB, MDB, VLAN entries on unbind (CVE-2025-37864 bsc#1242965). - commit 9f73d53 - NFSv4: Always set NLINK even if the server doesn't support it (git-fixes). - commit ab761d1 - NFSv4.2: fix listxattr to return selinux security label (git-fixes). - commit b10a707 - NFSv4.2: fix setattr caching of TIME_[MODIFY|ACCESS]_SET when timestamps are delegated (git-fixes). - commit 3f2e95e - NFSv4: xattr handlers should check for absent nfs filehandles (git-fixes). - commit 4564984 - sunrpc: don't immediately retransmit on seqno miss (git-fixes). - commit eaac877 - usb: typec: displayport: Fix potential deadlock (git-fixes). - commit bf24223 - iio: dac: ad3552r: changes to use FIELD_PREP (stable-fixes). - Refresh patches.suse/iio-dac-ad3552r-clear-reset-status-flag.patch. - commit 9805aa5 - accel/ivpu: Make command queue ID allocated on XArray (stable-fixes). - Refresh patches.suse/accel-ivpu-Fix-locking-order-in-ivpu_job_submit.patch. - commit f24456f - accel/ivpu: Do not fail on cmdq if failed to allocate preemption buffers (stable-fixes). - Refresh patches.suse/accel-ivpu-Use-xa_alloc_cyclic-instead-of-custom-fun.patch. - commit d5a180a - drm/bridge: ti-sn65dsi86: Add HPD for DisplayPort connector type (git-fixes). - ASoC: amd: yc: Add DMI quirk for Lenovo IdeaPad Slim 5 15 (stable-fixes). - wifi: mac80211: finish link init before RCU publish (git-fixes). - Bluetooth: L2CAP: Fix L2CAP MTU negotiation (stable-fixes). - spi: spi-cadence-quadspi: Fix pm runtime unbalance (git-fixes). - drm/xe: Fix early wedge on GuC load failure (git-fixes). - drm/amdkfd: Fix race in GWS queue scheduling (stable-fixes). - drm/amdgpu: Fix SDMA UTC_L1 handling during start/stop sequences (stable-fixes). - drm/amd/display: Check dce_hwseq before dereferencing it (stable-fixes). - drm/amdgpu: Add kicker device detection (stable-fixes). - drm/amd/display: Fix RMCM programming seq errors (stable-fixes). - drm/amd/display: Fix mpv playback corruption on weston (stable-fixes). - drm/i915/dsi: Fix off by one in BXT_MIPI_TRANS_VTOTAL (stable-fixes). - ASoC: rt1320: fix speaker noise when volume bar is 100% (stable-fixes). - ASoC: codecs: wcd9335: Fix missing free of regulator supplies (git-fixes). - ALSA: hda: Ignore unsol events for cards being shut down (stable-fixes). - usb: dwc2: also exit clock_gating when stopping udc while suspended (stable-fixes). - usb: potential integer overflow in usbg_make_tpg() (stable-fixes). - usb: common: usb-conn-gpio: use a unique name for usb connector device (stable-fixes). - usb: Add checks for snprintf() calls in usb_alloc_dev() (stable-fixes). - usb: cdc-wdm: avoid setting WDM_READ for ZLP-s (stable-fixes). - usb: gadget: f_hid: wake up readers on disable/unbind (stable-fixes). - usb: typec: displayport: Receive DP Status Update NAK request exit dp altmode (stable-fixes). - usb: typec: mux: do not return on EOPNOTSUPP in {mux, switch}_set (stable-fixes). - 8250: microchip: pci1xxxx: Add PCIe Hot reset disable support for Rev C0 and later devices (stable-fixes). - iio: pressure: zpa2326: Use aligned_s64 for the timestamp (stable-fixes). - iio: adc: ad_sigma_delta: Fix use of uninitialized status_pos (stable-fixes). - misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe() (stable-fixes). - drm/scheduler: signal scheduled fence when kill job (stable-fixes). - drm/amd/display: Correct non-OLED pre_T11_delay (stable-fixes). - amd/amdkfd: fix a kfd_process ref leak (stable-fixes). - drm/amdgpu: amdgpu_vram_mgr_new(): Clamp lpfn to total vram (stable-fixes). - drm/amdgpu: seq64 memory unmap uses uninterruptible lock (stable-fixes). - Revert "drm/i915/gem: Allow EXEC_CAPTURE on recoverable contexts on DG1" (stable-fixes). - dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using (stable-fixes). - dmaengine: xilinx_dma: Set dma_device directions (stable-fixes). - PCI: imx6: Add workaround for errata ERR051624 (stable-fixes). - PCI: dwc: Make link training more robust by setting PORT_LOGIC_LINK_WIDTH to one lane (stable-fixes). - PCI: apple: Fix missing OF node reference in apple_pcie_setup_port (stable-fixes). - leds: multicolor: Fix intensity setting while SW blinking (stable-fixes). - mfd: max14577: Fix wakeup source leaks on device unbind (stable-fixes). - hwmon: (pmbus/max34440) Fix support for max34451 (stable-fixes). - wifi: mac80211: Create separate links for VLAN interfaces (stable-fixes). - wifi: mac80211: Add link iteration macro for link data (stable-fixes). - drm/bridge: ti-sn65dsi86: make use of debugfs_init callback (stable-fixes). - drm/xe: Fix taking invalid lock on wedge (stable-fixes). - ASoC: codec: wcd9335: Convert to GPIO descriptors (stable-fixes). - accel/ivpu: Separate DB ID and CMDQ ID allocations from CMDQ allocation (stable-fixes). - drm/amdkfd: Fix instruction hazard in gfx12 trap handler (stable-fixes). - types: Complement the aligned types with signed 64-bit one (stable-fixes). - drm/amdkfd: remove gfx 12 trap handler page size cap (stable-fixes). - accel/ivpu: Remove copy engine support (stable-fixes). - net: phy: realtek: add RTL8125D-internal PHY (stable-fixes). - net: phy: realtek: merge the drivers for internal NBase-T PHY's (stable-fixes). - commit 3355077 ++++ libsolv: - add support for product-obsoletes() provides in the product autopackage generation code - bump version to 0.7.34 ++++ libzypp: - BuildRequires: %{libsolv_devel_package} >= 0.7.34 (bsc#1243486) Newer rpm versions no longer allow a ':' in rpm package names or obsoletes. So injecting an Obsoletes: product:oldproductname < oldproductversion into the -release package to indicate a product rename is no longer possible. Since libsolv-0.7.34 you can and should use: Provides: product-obsoletes(oldproductname) < oldproductversion in the -release package. libsolv will then inject the appropriate Obsoletes into the Product. - version 17.37.10 (35) ++++ nvidia-open-driver-G06-signed: - empty pci_ids-570.169; PCI ID hardware Supplements get moved to gfx repository to package nvidia-open-driver-G06-signed-kmp-meta (boo#1246010) - remove 60-nvidia-$flavor.conf, since driver no longer gets autoselected without gfx/cuda repositories present and so we no longer need to disable it by default (boo#1246010) ++++ systemd-rpm-macros: - Introduce %udev_trigger_with_reload() for packages that need to trigger events in theirs scriplets. The new macro automatically triggers a reload of the udev rule files as this step is often overlooked by packages (bsc#1237143). ------------------------------------------------------------------ ------------------ 2025-7-6 - Jul 6 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - i2c/designware: Fix an initialization issue (git-fixes). - powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). - firmware: arm_ffa: Fix memory leak by freeing notifier callback node (git-fixes). - regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes). - spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes). - platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). - platform/x86: think-lmi: Fix kobject cleanup (git-fixes). - platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes). - platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). - platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). - platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes). - platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). - xhci: dbc: Flush queued requests before stopping dbc (git-fixes). - xhci: dbctty: disable ECHO flag by default (git-fixes). - xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes). - usb: dwc3: gadget: Fix TRB reclaim logic for short transfers and ZLPs (git-fixes). - usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes). - usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). - Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git-fixes). - usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes). - usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). - Revert "usb: gadget: u_serial: Add null pointer check in gs_start_io" (git-fixes). - usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). - usb: dwc3: Abort suspend on soft disconnect failure (git-fixes). - usb: cdnsp: do not disable slot for disabled slot (git-fixes). - Input: cs40l50-vibra - fix potential NULL dereference in cs40l50_upload_owt() (git-fixes). - Input: iqs7222 - explicitly define number of external channels (git-fixes). - Input: xpad - adjust error handling for disconnect (git-fixes). - drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes). - drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). - drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes). - drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). - drm/i915/selftests: Change mock_request() to return error pointers (git-fixes). - drm/v3d: Disable interrupts before resetting the GPU (git-fixes). - drm/sched: Increment job count before swapping tail spsc queue (git-fixes). - drm/bridge: aux-hpd-bridge: fix assignment of the of_node (git-fixes). - drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). - drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). - drm/amdkfd: Don't call mmput from MMU notifier callback (git-fixes). - commit 58c4f95 ++++ kernel-rt: - i2c/designware: Fix an initialization issue (git-fixes). - powercap: intel_rapl: Do not change CLAMPING bit if ENABLE bit cannot be changed (git-fixes). - firmware: arm_ffa: Fix memory leak by freeing notifier callback node (git-fixes). - regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods (git-fixes). - spi: spi-fsl-dspi: Clear completion counter before initiating transfer (git-fixes). - platform/x86: think-lmi: Fix sysfs group cleanup (git-fixes). - platform/x86: think-lmi: Fix kobject cleanup (git-fixes). - platform/mellanox: mlxreg-lc: Fix logic error in power state check (git-fixes). - platform/x86: dell-wmi-sysman: Fix WMI data block retrieval in sysfs callbacks (git-fixes). - platform/mellanox: nvsw-sn2201: Fix bus number in adapter error message (git-fixes). - platform/mellanox: mlxbf-pmc: Fix duplicate event ID for CACHE_DATA1 (git-fixes). - platform/mellanox: mlxbf-tmfifo: fix vring_desc.len assignment (git-fixes). - xhci: dbc: Flush queued requests before stopping dbc (git-fixes). - xhci: dbctty: disable ECHO flag by default (git-fixes). - xhci: Disable stream for xHC controller with XHCI_BROKEN_STREAMS (git-fixes). - usb: dwc3: gadget: Fix TRB reclaim logic for short transfers and ZLPs (git-fixes). - usb: typec: altmodes/displayport: do not index invalid pin_assignments (git-fixes). - usb: cdnsp: Fix issue with CV Bad Descriptor test (git-fixes). - Revert "usb: xhci: Implement xhci_handshake_check_state() helper" (git-fixes). - usb: xhci: Skip xhci_reset in xhci_resume if xhci is being removed (git-fixes). - usb: gadget: u_serial: Fix race condition in TTY wakeup (git-fixes). - Revert "usb: gadget: u_serial: Add null pointer check in gs_start_io" (git-fixes). - usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume (git-fixes). - usb: dwc3: Abort suspend on soft disconnect failure (git-fixes). - usb: cdnsp: do not disable slot for disabled slot (git-fixes). - Input: cs40l50-vibra - fix potential NULL dereference in cs40l50_upload_owt() (git-fixes). - Input: iqs7222 - explicitly define number of external channels (git-fixes). - Input: xpad - adjust error handling for disconnect (git-fixes). - drm/exynos: fimd: Guard display clock control with runtime PM calls (git-fixes). - drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling (git-fixes). - drm/i915/gsc: mei interrupt top half should be in irq disabled context (git-fixes). - drm/i915/gt: Fix timeline left held on VMA alloc error (git-fixes). - drm/i915/selftests: Change mock_request() to return error pointers (git-fixes). - drm/v3d: Disable interrupts before resetting the GPU (git-fixes). - drm/sched: Increment job count before swapping tail spsc queue (git-fixes). - drm/bridge: aux-hpd-bridge: fix assignment of the of_node (git-fixes). - drm/bridge: panel: move prepare_prev_first handling to drm_panel_bridge_add_typed (git-fixes). - drm/ttm: fix error handling in ttm_buffer_object_transfer (git-fixes). - drm/amdkfd: Don't call mmput from MMU notifier callback (git-fixes). - commit 58c4f95 ++++ wayland: - Update to release 1.24 * A new wl_fixes interface to add a request to destroy a wl_registry object. * A new wl_keyboard.key repeated state, to allow compositors to take over the responsibility of repeating keys, which is useful for remote desktop. * wl_display_dispatch_queue_timeout() and wl_display_dispatch_timeout(), to set a timeout when dispatching events. * wl_shm_buffer_ref() and wl_shm_buffer_unref(), to access wl_shm_buffer underlying storage after the protocol object has been destroyed (e.g. when a client is shutting down). * wl_proxy_get_interface() and wl_resource_get_interface(), to fetch the wl_interface of an object. * wl_resource_post_error_vargs(), as an alternative to wl_resource_post_error() when the compositor already has a va_list. ------------------------------------------------------------------ ------------------ 2025-7-4 - Jul 4 2025 ------------------- ------------------------------------------------------------------ ++++ Mesa: - U_0001-svga-add-svga_resource_create_with_modifiers-functio.patch U_0002-svga-fix-printing-64-bit-value-for-32-bit-build.patch * fixes Wayland session when using SP7 as vmware guest (bsc#1245034) ++++ Mesa-drivers: - U_0001-svga-add-svga_resource_create_with_modifiers-functio.patch U_0002-svga-fix-printing-64-bit-value-for-32-bit-build.patch * fixes Wayland session when using SP7 as vmware guest (bsc#1245034) ++++ python-kiwi: - Update test-image-disk Add NetworkManager for better remote debugging capabilities ++++ transactional-update: - Version 5.0.5 - Add support for kdump 2.1.0 [bsc#1243758] - Integrate test to support `make check` ++++ kernel-default: - smb: client: Fix use-after-free in cifs_fill_dirent (CVE-2025-38051 bsc#1244750). - commit f65fc44 - cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). - commit e4048e5 - rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). - Bluetooth: HCI: Set extended advertising data synchronously (git-fixes). - Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). - Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). - Bluetooth: hci_sync: revert some mesh modifications (git-fixes). - Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). - net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes). - commit a505fc6 ++++ kernel-rt: - smb: client: Fix use-after-free in cifs_fill_dirent (CVE-2025-38051 bsc#1244750). - commit f65fc44 - cgroup/cpuset: Extend kthread_is_per_cpu() check to all PF_NO_SETAFFINITY tasks (bsc#1241166). - commit e4048e5 - rose: fix dangling neighbour pointers in rose_rt_device_down() (git-fixes). - Bluetooth: HCI: Set extended advertising data synchronously (git-fixes). - Bluetooth: MGMT: mesh_send: check instances prior disabling advertising (git-fixes). - Bluetooth: MGMT: set_mesh: update LE scan interval and window (git-fixes). - Bluetooth: hci_sync: revert some mesh modifications (git-fixes). - Bluetooth: Prevent unintended pause by checking if advertising is active (git-fixes). - net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect (git-fixes). - commit a505fc6 ++++ systemd: - triggers.systemd: skip update of hwdb, journal-catalog if executed during an offline update. ++++ libzypp: - Ignore DeltaRpm download errors (bsc#1245672) DeltaRpms are in fact optional resources. In case of a failure the full rpm is downloaded. - Improve fix for incorrect filesize handling (bsc#1245220) - version 17.37.9 (35) ++++ salt: - Add `minion_legacy_req_warnings` option to avoid noisy warnings - Require M2Crypto >= 0.44.0 for SUSE Family distros - Added: * add-minion_legacy_req_warnings-option-to-avoid-noisy.patch ++++ ovmf: - Revert the following change due to security concerns and potential underlying issues. - Enables UEFI Shell support for guests on X64 and AARCH64 platforms (bsc#1244266) - Build Shell.efi independently - Add ovmf-ShellPkg-Add-post-script-for-Shell-installation.patch - Install Shell.efi to EFI boot partition (/boot/efi/EFI/opensuse/ or /boot/efi/EFI/sles/) - Register Shell.efi as a boot entry ++++ zypper: - sh: Reset solver options after command (bsc#1245496) - Explicitly selecting DownloadAsNeeded also selects the classic_rpmtrans backend. - version 1.14.92 ------------------------------------------------------------------ ------------------ 2025-7-3 - Jul 3 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update to Docker 28.3.1-ce. See upstream changelog online at ++++ kernel-default: - gfs2: Don't clear sb->s_fs_info in gfs2_sys_fs_add (bsc#1243993 bsc#1245617). - writeback: fix false warning in inode_to_wb() (bsc#1243993 bsc#1245617). - gfs2: replace sd_aspace with sd_inode (bsc#1243993 bsc#1245617). - commit 9761d03 - dma-mapping: Fix warning reported for missing prototype (git-fixes). - dma/mapping.c: dev_dbg support for dma_addressing_limited (git-fixes). - commit 0c85d2b - s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245644). - commit 6883c36 - s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245643). - commit 0f86722 - NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). - commit d887598 - nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes). - commit cebbc14 - mtk-sd: reset host->mrq on prepare_data() error (git-fixes). - commit 9cc3c5f - Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git-fixes). - mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). - mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). - mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). - commit 34daecf - RDMA/mlx5: Fix vport loopback for MPV device (git-fixes) - commit 2e17666 - RDMA/mlx5: Fix CC counters query for MPV (git-fixes) - commit 047aefd - RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes) - commit 385720a - IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes) - commit e26004c - RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) - commit da1aeda - RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling (git-fixes) - commit 877a2f1 - RDMA/mlx5: reduce stack usage in mlx5_ib_ufile_hw_cleanup (git-fixes) - commit 95b475f ++++ kernel-firmware-realtek: - Update to version 20250630 (git commit e2dad11e8d4b): * rtw89: 8922a: update fw to v0.35.80.0 * rtw89: 8852c: update fw to v0.27.129.1 * rtw89: 8852c: update fw to v0.27.128.0 ++++ kernel-rt: - gfs2: Don't clear sb->s_fs_info in gfs2_sys_fs_add (bsc#1243993 bsc#1245617). - writeback: fix false warning in inode_to_wb() (bsc#1243993 bsc#1245617). - gfs2: replace sd_aspace with sd_inode (bsc#1243993 bsc#1245617). - commit 9761d03 - dma-mapping: Fix warning reported for missing prototype (git-fixes). - dma/mapping.c: dev_dbg support for dma_addressing_limited (git-fixes). - commit 0c85d2b - s390/pci: Fix stale function handles in error handling (git-fixes bsc#1245644). - commit 6883c36 - s390/pci: Do not try re-enabling load/store if device is disabled (git-fixes bsc#1245643). - commit 0f86722 - NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (git-fixes). - commit d887598 - nfs: Clean up /proc/net/rpc/nfs when nfs_fs_proc_net_init() fails (git-fixes). - commit cebbc14 - mtk-sd: reset host->mrq on prepare_data() error (git-fixes). - commit 9cc3c5f - Revert "mmc: sdhci: Disable SD card clock before changing parameters" (git-fixes). - mtk-sd: Prevent memory corruption from DMA map failure (git-fixes). - mtk-sd: Fix a pagefault in dma_unmap_sg() for not prepared data (git-fixes). - mmc: core: sd: Apply BROKEN_SD_DISCARD quirk earlier (git-fixes). - commit 34daecf - RDMA/mlx5: Fix vport loopback for MPV device (git-fixes) - commit 2e17666 - RDMA/mlx5: Fix CC counters query for MPV (git-fixes) - commit 047aefd - RDMA/mlx5: Fix HW counters query for non-representor devices (git-fixes) - commit 385720a - IB/mlx5: Fix potential deadlock in MR deregistration (git-fixes) - commit e26004c - RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert (git-fixes) - commit da1aeda - RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling (git-fixes) - commit 877a2f1 - RDMA/mlx5: reduce stack usage in mlx5_ib_ufile_hw_cleanup (git-fixes) - commit 95b475f ++++ leancrypto: - Update to 1.5.0: * Enable SHA3 CE 2x implementation for SLH-DSA and ML-DSA (performance increases 2 to 3 fold) * Fix lookup of RDRAND support in CPUID * Catch Y2038 issue on 32-bit systems that do not have 64 bit time_t support * Start Python interface * Add ED448 / X448 for use in hybrid PQC constructions, ED448 implementation verified with NIST ACVP * Add ML-KEM-X448 and ML-DSA-ED448 support * ASN.1: Add ML-DSA-ED448 certificate support * RUST: Add ML-DSA-ED448 support * Linux kernel: Add ML-KEM-X448 and ML-DSA-ED448 support * Ascon AEAD: Bug fix when calculating the tag for plaintext that is not multiples of 128 bits * Composite X.509 signatures: update implementation to match draft revision 5 * Add support for the Linux kernel updated scatterwalk API in 6.15 for leancrypto_kernel_aead_ascon.ko - Includes changes from 1.4.0: * ML-DSA: add signature generation rejection test cases and enable them during self tests * add HQC following reference implementation (https://pqc-hqc.org/implementation.html (versions from 2025-02-19)) but derived from PQClean implementation. NOTE: HQC is not yet considered stable as the implementation currently does not exhibit the IND-CCA2 property. Moreover, the FIPS standardization of HQC is pending. Changes to the HQC algorithm until standardization will need to be expected. I.e. the versioning rules of the library do not apply to the HQC algorithm until being announced in the CHANGES.md file. * ARMv8: properly save/restore SIMD registers v8 through v15 for ML-DSA/ML-KEM, X25519 and SHA3-CE (reported by Alexander Sosedkin) * Rust: add wrapper allowing a native interaction with the leancrypto library - the API offered by the Rust wrappers is not yet defined to be stable and may change to the next version - i.e. the versioning rules of the library do not apply to the Rust API until being announced in the CHANGES.md file. * Add “secure_execution” compile-time option * Add HQC AVX2 implementation derived from https://pqc-hqc.org/ - Remove patch fix-aarch64.patch ++++ ovmf: - Removed ovmf-Revert-OvmfPkg-PlatformInitLib-dynamic-mmio-window-s.patch because the bsc#1205978 be fixed in qemu. And re-enabling 'dynamic mmio window size' feature in ovmf can support big GPU passthrough to guest. (bsc#1245542) ++++ suseconnect-ng: - switch to go1.24-openssl for SL16/SLE15 ------------------------------------------------------------------ ------------------ 2025-7-2 - Jul 2 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - btrfs: remove the subpage related warning message (bsc#1241492). - commit 0e19b2b - x86/sev: Add the Secure TSC feature for SNP guests (jsc#PED-12716). - commit 3ab97c0 - x86/sev: Mark the TSC in a secure TSC guest as reliable (jsc#PED-12716). - commit 643400d - Update config files (bsc#1245603). Enable rtl8139 driver on ppc64le. - commit 61b03fb - scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245597). - commit 3235d4d - s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245596). - commit 0eac12f - Update config files. Enabled the following config on x86_64 and arm64: CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y CONFIG_INTEGRITY_CA_MACHINE_KEYRING_MAX=y (bsc#1243677, PED-12554, PED-6528) - commit 5d04048 ++++ kernel-default-base: - Add nvme support (bsc#1245533) ++++ kernel-rt: - btrfs: remove the subpage related warning message (bsc#1241492). - commit 0e19b2b - x86/sev: Add the Secure TSC feature for SNP guests (jsc#PED-12716). - commit 3ab97c0 - x86/sev: Mark the TSC in a secure TSC guest as reliable (jsc#PED-12716). - commit 643400d - Update config files (bsc#1245603). Enable rtl8139 driver on ppc64le. - commit 61b03fb - scsi: s390: zfcp: Ensure synchronous unit_add (git-fixes bsc#1245597). - commit 3235d4d - s390/pkey: Prevent overflow in size calculation for memdup_user() (git-fixes bsc#1245596). - commit 0eac12f - Update config files. Enabled the following config on x86_64 and arm64: CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y CONFIG_INTEGRITY_CA_MACHINE_KEYRING_MAX=y (bsc#1243677, PED-12554, PED-6528) - commit 5d04048 ++++ gcc15: - Tune for power10 for SLES 16. [jsc#PED-12029] - Tune for z15 for SLES 16. [jsc#PED-253] ++++ python313-core: - Add CVE-2025-6069-quad-complex-HTMLParser.patch to avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (CVE-2025-6069, bsc#1244705). - Add bsc1243155-sphinx-non-determinism.patch (bsc#1243155) to generate ids for audit_events using docname (reproducible builds). ++++ libzypp: - Do not trigger download data exceeded errors on HTTP non data responses (bsc#1245220) In some cases a HTTP 401 or 407 did trigger a "filesize exceeded" error, because the response payload size was compared against the expected filesize. This patch adds some checks if the response code is in the success range and only then takes expected filesize into account. Otherwise the response content-length is used or a fallback of 2Mb if no content-length is known. - version 17.37.8 (35) - Fix SEGV in MediaDISK handler (bsc#1245452) - Explicitly selecting DownloadAsNeeded also selects the classic_rpmtrans backend. DownloadAsNeeded can not be combined with the rpm singletrans installer backend because a rpm transaction requires all package headers to be available the the beginning of the transaction. So explicitly selecting this mode also turns on the classic_rpmtrans backend. - Fix evaluation of libproxy results (bsc#1244710) - version 17.37.7 (35) ++++ python313: - Add CVE-2025-6069-quad-complex-HTMLParser.patch to avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (CVE-2025-6069, bsc#1244705). - Add bsc1243155-sphinx-non-determinism.patch (bsc#1243155) to generate ids for audit_events using docname (reproducible builds). ++++ ovmf: - Remove 60-ovmf-x86_64-sev.json descriptor (bsc#1245497) ++++ update-alternatives: - Update to version 1.22.21 The full changelog is very large. Please check it here: https://git.dpkg.org/cgit/dpkg/dpkg.git/tree/debian/changelog?h=1.22.21 - Changes from 1.22.20: https://git.dpkg.org/cgit/dpkg/dpkg.git/tree/debian/changelog?h=1.22.20 - Changes from 1.22.19: https://git.dpkg.org/cgit/dpkg/dpkg.git/tree/debian/changelog?h=1.22.19 - Release 1.22.21 includes the fix upstream for CVE-2025-6297 / bsc#1245573. ------------------------------------------------------------------ ------------------ 2025-7-1 - Jul 1 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Make mbr-id deterministic Log the value of SDE so it is available to review, even if the build system does not tell about it. Update the tests to cover the new code-path. Co-Authored-By: Marcus Schäfer - Ensure dracut initrd is reproducible This helps a bit with issue #2358 Add reproducible flag for UKI too Update tests accordingly Co-Authored-By: Marcus Schäfer ++++ gstreamer: - Update to version 1.26.3: + Highlighted bugfixes in 1.26.3: - Security fix for the H.266 video parser - Fix regression for WAV files with acid chunks - Fix high memory consumption caused by a text handling regression in uridecodebin3 and playbin3 - Fix panic on late GOP in fragmented MP4 muxer - Closed caption conversion, rendering and muxing improvements - Decklink video sink preroll frame rendering and clock drift handling fixes - MPEG-TS demuxing and muxing fixes - MP4 muxer fixes for creating very large files with faststart support - New thread-sharing 1:N inter source and sink elements, and a ts-rtpdtmfsrc - New speech synthesis element around ElevenLabs API - RTP H.265 depayloader fixes and improvements, as well as TWCC and GCC congestion control fixes - Seeking improvements in DASH client for streams with gaps - WebRTC sink and source fixes and enhancements, including to LiveKit and WHIP signallers - The macOS osxvideosink now posts navigation messages - QtQML6GL video sink input event handling improvements - Overhaul detection of hardware-accelerated video codecs on Android - Video4Linux capture source fixes and support for BT.2100 PQ and 1:4:5:3 colorimetry - Vulkan buffer upload and memory handling regression fixes - gst-python: fix various regressions introduced in 1.26.2 - cerbero: fix text relocation issues on 32-bit Android and fix broken VisualStudio VC templates - packages: ship pbtypes plugin and update openssl to 3.5.0 LTS - Various bug fixes, build fixes, memory leak fixes, and other stability and reliability improvements + gstreamer: - aggregator: Do not set event seqnum to INVALID - baseparse: test: Fix race on test start - pad: Only remove TAG events on STREAM_START if the stream-id actually changes - utils: Mark times array as static to avoid symbol conflict with the POSIX function - vecdeque: Use correct index type gst_vec_deque_drop_struct() ++++ gstreamer-plugins-base: - Update to version 1.26.3: + GstAudioAggregator: fix structure unref in peek_next_sample() + audioconvert: Fix setting mix-matrix when input caps changes + encodebasebin: Duplicate encoding profile in property setter + gl: simplify private gst_gl_gst_meta_api_type_tags_contain_only() + osxvideosink: Use gst_pad_push_event() and post navigation messages + playsink: Fix race condition in stream synchronizer pad cleanup during state changes + python: Fix pulling events from appsink + streamsynchronizer: Consider streams having received stream-start as waiting + urisourcebin: Text tracks are no longer set as sparse stream in urisourcebin's multiqueue ++++ kernel-default: - kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (CVE-2025-37920 bsc#1243479). - xsk: Fix race condition in AF_XDP generic RX path (CVE-2025-37920 bsc#1243479). - commit 53ced4a - rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186) It's not used in any active branches and it cannot solve contemporary problems. - commit f86a16a - Update config files (jsc#PED-12554 jsc#PED-6996 bsc#1243677 ltc#213602 bsc#1243678 ltc#213596) CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y CONFIG_INTEGRITY_CA_MACHINE_KEYRING_MAX=y - commit b450a63 - net: tipc: fix refcount warning in tipc_aead_encrypt (CVE-2025-38052 bsc#1244749). - net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CVE-2025-38052 bsc#1244749). - commit b3f2db2 - Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (git-fixes). - commit 106066c - treewide: Convert new and leftover hrtimer_init() users (git-fixes). - commit a0cfc87 - net: vlan: don't propagate flags on open (CVE-2025-23163 bsc#1242837). - commit aa9c6ef - ata: ahci: Use correct DMI identifier for ASUSPRO-D840SA LPM quirk (git-fixes). - commit b1c1e22 - blacklist.conf: 2 fixes to drivers we don't build - Delete patches.suse/watchdog-da9052_wdt-respect-TWDMIN.patch. - commit 493eda5 - rtc: pcf2127: add missing semicolon after statement (git-fixes). - rtc: pcf2127: fix SPI command byte for PCF2131 (git-fixes). - rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes). - commit 1050c51 ++++ kernel-rt: - kABI workaround for xsk: Fix race condition in AF_XDP generic RX path (CVE-2025-37920 bsc#1243479). - xsk: Fix race condition in AF_XDP generic RX path (CVE-2025-37920 bsc#1243479). - commit 53ced4a - rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186) It's not used in any active branches and it cannot solve contemporary problems. - commit f86a16a - Update config files (jsc#PED-12554 jsc#PED-6996 bsc#1243677 ltc#213602 bsc#1243678 ltc#213596) CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y CONFIG_INTEGRITY_CA_MACHINE_KEYRING_MAX=y - commit b450a63 - net: tipc: fix refcount warning in tipc_aead_encrypt (CVE-2025-38052 bsc#1244749). - net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CVE-2025-38052 bsc#1244749). - commit b3f2db2 - Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT (git-fixes). - commit 106066c - treewide: Convert new and leftover hrtimer_init() users (git-fixes). - commit a0cfc87 - net: vlan: don't propagate flags on open (CVE-2025-23163 bsc#1242837). - commit aa9c6ef - ata: ahci: Use correct DMI identifier for ASUSPRO-D840SA LPM quirk (git-fixes). - commit b1c1e22 - blacklist.conf: 2 fixes to drivers we don't build - Delete patches.suse/watchdog-da9052_wdt-respect-TWDMIN.patch. - commit 493eda5 - rtc: pcf2127: add missing semicolon after statement (git-fixes). - rtc: pcf2127: fix SPI command byte for PCF2131 (git-fixes). - rtc: cmos: use spin_lock_irqsave in cmos_interrupt (git-fixes). - commit 1050c51 ++++ python313-core: - Use one core to build doc. This will make sphinx doc build reproducible. bsc#1243155 ++++ ceph: - Enable build on riscv64 ++++ sqlite3: - Update to 3.50.2: * Fix the concat_ws() SQL function so that it includes empty strings in the concatenation. * Avoid writing frames with no checksums into the wal file if a savepoint is rolled back after dirty pages have already been spilled into the wal file. * Fix the Bitvec object to avoid stack overflow when the database is within 60 pages of its maximum size. * Fix a problem with UPDATEs on fts5 tables that contain BLOB values. * Fix an issue with transitive IS constraints on a RIGHT JOIN. * CVE-2025-6965, bsc#1246597: Raise an error early if the number of aggregate terms in a query exceeds the maximum number of columns, to avoid downstream assertion faults. * Ensure that sqlite3_setlk_timeout() holds the database mutex. ++++ systemd: - Import commit a0dfd5de4cdc3f97ef2ad23396904f3e20769317 (merge of v257.7) For a complete list of changes, visit: https://github.com/openSUSE/systemd/compare/1e42ecf5a145589954df77da05937ee69619f3e5...a0dfd5de4cdc3f97ef2ad23396904f3e20769317 ++++ libvirt: - qemu: Use numa-preplace instead of numad for numa placement advice bsc#1242979, jsc#PED-12821 ++++ python313: - Use one core to build doc. This will make sphinx doc build reproducible. bsc#1243155 ++++ salt: - Prevent tests failures when pygit2 is not present - Several fixes for security issues (bsc#1244561, CVE-2024-38822) (bsc#1244564, CVE-2024-38823) (bsc#1244565, CVE-2024-38824) (bsc#1244566, CVE-2024-38825) (bsc#1244567, CVE-2025-22240) (bsc#1244568, CVE-2025-22236) (bsc#1244570, CVE-2025-22241) (bsc#1244571, CVE-2025-22237) (bsc#1244572, CVE-2025-22238) (bsc#1244574, CVE-2025-22239) (bsc#1244575, CVE-2025-22242) * Request server hardening * Prevent traversal in local_cache::save_minions * Add test and fix for file_recv cve * Fix traversal in gitfs find_file * Fix traversal in salt.utils.virt * Fix traversal in pub_ret * Reasonable failures when pillars timeout * Make send_req_async wait longer * Remove token to prevent decoding errors * Fix checking of non-url style git remotes * Allow subdirs in GitFS find_file check - Add subsystem filter to udev.exportdb (bsc#1236621) - tornado.httputil: raise errors instead of logging in multipart/form-data parsing (CVE-2025-47287, bsc#1243268) - Fix Ubuntu 24.04 edge-case test failures - Fix broken tests for Ubuntu 24.04 - Fix refresh of osrelease and related grains on Python 3.10+ - Make "salt" package to obsolete "python3-salt" package on SLE15SP7+ - Fix issue requiring proper Python flavor for dependencies and recommended package - Added: * fix-tests-issues-in-salt-shaker-environments-721.patch * several-fixes-for-security-issues.patch * add-subsystem-filter-to-udev.exportdb-bsc-1236621-71.patch * fix-of-cve-2025-47287-bsc-1243268-718.patch * fix-ubuntu-24.04-specific-failures-716.patch * fix-debian-tests-715.patch * fix-refresh-of-osrelease-and-related-grains-on-pytho.patch ++++ supportutils: - Changes to version 3.2.11 + Collect rsyslog frule files (bsc#1244003, pr#257) + Remove proxy passwords (bsc#1244011, pr#257) + Missing NetworkManager information (bsc#1241284, pr#257) + Include agama logs bsc#1244937, pr#256) + Additional NFS conf files (pr#253) + New fadump sysfs files (pr#252) + Fixed change log dates ------------------------------------------------------------------ ------------------ 2025-6-30 - Jun 30 2025 ------------------- ------------------------------------------------------------------ ++++ crypto-policies: - Allow openssl to load when using the DEFAULT policy, and also other policies, in FIPS mode. [bsc#1243830, bsc#1242233] * Add crypto-policies-Allow-openssl-other-policies-in-FIPS-mode.patch ++++ curl: - Disable insecure NTLM authentication support [bsc#1245491, jsc#PED-12960] ++++ ignition: - ignition-suse-generator: Only use Ignition platform ID when the corresponding kernel modules are found [bsc#1234315] [boo#1230668] [gh#coreos/ignition#1984] ++++ kernel-default: - vhost-scsi: Fix vhost_scsi_send_status() (git-fixes). - commit 5eeec6a - Refresh patches.suse/virtio_net-ensure-netdev_tx_reset_queue-is-called-on.patch. - commit b3cad97 - Update config files. - commit 8ef851e - net: mana: Record doorbell physical address in PF mode (bsc#1244229). - scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455). - commit daecbe1 - kernel/watchdog: always restore watchdog_softlockup(,hardlockup)_user_enabled after proc show (bsc#1245522). Refresh patches.suse/watchdog-fix-watchdog-may-detect-false-positive-of-s.patch (bsc#1245523). - commit 789b353 - tools/power turbostat: Fix AMD package-energy reporting (git-fixes). - commit 053070b - vsock: avoid timeout during connect() if the socket is closing (git-fixes). - commit 7192292 - vhost-scsi: Return queue full for page alloc failures during copy (git-fixes). - commit 4420b10 - vhost-scsi: Add better resource allocation failure handling (git-fixes). - Refresh patches.suse/vhost-scsi-Fix-vhost_scsi_send_bad_target.patch. - commit 575b441 - kABI: update kABI symbols kABI exceptions were allowed for a couple of branches. Update kABI symbols after the merge. Since kABI symbols are being updated, remove current kABI workaround patches before the update. - commit 0c9b3ad - kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled Fixes: 485ae1da2b88 ("kernel-obs-qa: Use srchash for dependency as well") - commit a840f87 - virtio_net: xsk: bind/unbind xsk for tx (git-fixes). - Update patches.suse/virtio-net-free-xsk_buffs-on-error-in-virtnet_xsk_po.patch (git-fixes). - Refresh patches.suse/virtio_net-ensure-netdev_tx_reset_queue-is-called-on.patch. - commit 0050a39 - KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes). - commit dec589f - KVM: x86/mmu: Use kvm_x86_call() instead of manual static_call() (git-fixes). - commit bfaf83d - KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes). - commit e71b652 - KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes). - commit 8f58b75 - NFSD: Implement FATTR4_CLONE_BLKSIZE attribute (git-fixes). - commit 4f434fe - overflow: Introduce __DEFINE_FLEX for having no initializer (git-fixes). - commit 99c412c - nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes). - commit d974da9 - NFSD: fix race between nfsd registration and exports_proc (git-fixes). - commit 7c3e6b5 - netlink: specs: tc: replace underscores with dashes in names (git-fixes). - netlink: specs: dpll: replace underscores with dashes in names (git-fixes). - netlink: specs: nfsd: replace underscores with dashes in names (git-fixes). - bnxt: properly flush XDP redirect lists (git-fixes). - e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes). - ice: fix eswitch code memory leak in reset scenario (git-fixes). - net: ice: Perform accurate aRFS flow match (git-fixes). - net: ethtool: remove duplicate defines for family info (git-fixes). - bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start() (git-fixes). - net/mlx5e: Fix leak of Geneve TLV option object (git-fixes). - net/mlx5: HWS, make sure the uplink is the last destination (git-fixes). - net/mlx5: HWS, fix missing ip_version handling in definer (git-fixes). - net/mlx5: Fix return value when searching for existing flow group (git-fixes). - net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes). - net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes). - e1000: Move cancel_work_sync to avoid deadlock (git-fixes). - iavf: fix reset_task for early reset event (git-fixes). - i40e: retry VFLR handling if there is ongoing VF reset (git-fixes). - i40e: return false from i40e_reset_vf if reset is in progress (git-fixes). - iavf: iavf_suspend(): take RTNL before netdev_lock() (git-fixes). - gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes). - idpf: avoid mailbox timeout delays during reset (git-fixes). - idpf: fix a race in txq wakeup (git-fixes). - ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes). - ice: create new Tx scheduler nodes for new queues only (git-fixes). - ice: fix Tx scheduler error handling in XDP callback (git-fixes). - net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes). - gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes). - octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback (git-fixes). - octeontx2-pf: QOS: Perform cache sync on send queue teardown (git-fixes). - net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes). - net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes). - net/mlx5: HWS, Fix matcher action template attach (git-fixes). - overflow: Fix direct struct member initialization in _DEFINE_FLEX() (git-fixes). - idpf: fix idpf_vport_splitq_napi_poll() (git-fixes). - idpf: fix null-ptr-deref in idpf_features_check (CVE-2025-38053 bsc#1244746). - ice: Fix LACP bonds without SRIOV environment (git-fixes). - ice: fix vf->num_mac count with port representors (git-fixes). - commit af82899 - x86/xen: disable CPU idle and frequency drivers for PVH dom0 (git-fixes). - commit 1d99be7 - xen: Change xen-acpi-processor dom0 dependency (git-fixes). - commit 70cda63 - xen/pci: Do not register devices with segments >= 0x10000 (git-fixes). - commit 1940a47 - xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes). - commit 6e1a750 - xen: Add support for XenServer 6.1 platform device (git-fixes). - commit 7dd2df0 - Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes). - commit 4ff5446 - Grab mm lock before grabbing pt lock (git-fixes). - commit 26a77ff - staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes). - serial: imx: Restore original RXTL for console to fix data loss (git-fixes). - serial: core: restore of_node information in sysfs (git-fixes). - commit 3895da7 - RDMA/hns: initialize db in update_srq_db() (git-fixes) - commit 980c53d ++++ kernel-firmware-amdgpu: - Update to version 20250627 (git commit f40eafe21683): * amdgpu: DMCUB updates for DCN401 ++++ kernel-firmware-bnx2: - Update to version 20250627 (git commit f40eafe21683): * WHENCE: extract license texts ++++ kernel-firmware-chelsio: - Update to version 20250627 (git commit f40eafe21683): * WHENCE: extract license texts ++++ kernel-firmware-media: - Update to version 20250627 (git commit f40eafe21683): * WHENCE: extract license texts * qcom: update firmware binary for SM8550 ++++ kernel-firmware-network: - Update to version 20250627 (git commit f40eafe21683): * WHENCE: extract license texts ++++ kernel-firmware-platform: - Update to version 20250627 (git commit f40eafe21683): * WHENCE: expand the advansys license statement * WHENCE: some older AMD drivers are MIT licensed ++++ kernel-firmware-radeon: - Update to version 20250627 (git commit f40eafe21683): * WHENCE: some older AMD drivers are MIT licensed ++++ kernel-firmware-serial: - Update to version 20250627 (git commit f40eafe21683): * WHENCE: extract license texts ++++ kernel-firmware-sound: - Update to version 20250627 (git commit f40eafe21683): * WHENCE: extract license texts ++++ kernel-rt: - vhost-scsi: Fix vhost_scsi_send_status() (git-fixes). - commit 5eeec6a - Refresh patches.suse/virtio_net-ensure-netdev_tx_reset_queue-is-called-on.patch. - commit b3cad97 - Update config files. - commit 8ef851e - net: mana: Record doorbell physical address in PF mode (bsc#1244229). - scsi: storvsc: Increase the timeouts to storvsc_timeout (bsc#1245455). - commit daecbe1 - kernel/watchdog: always restore watchdog_softlockup(,hardlockup)_user_enabled after proc show (bsc#1245522). Refresh patches.suse/watchdog-fix-watchdog-may-detect-false-positive-of-s.patch (bsc#1245523). - commit 789b353 - tools/power turbostat: Fix AMD package-energy reporting (git-fixes). - commit 053070b - vsock: avoid timeout during connect() if the socket is closing (git-fixes). - commit 7192292 - vhost-scsi: Return queue full for page alloc failures during copy (git-fixes). - commit 4420b10 - vhost-scsi: Add better resource allocation failure handling (git-fixes). - Refresh patches.suse/vhost-scsi-Fix-vhost_scsi_send_bad_target.patch. - commit 575b441 - kABI: update kABI symbols kABI exceptions were allowed for a couple of branches. Update kABI symbols after the merge. Since kABI symbols are being updated, remove current kABI workaround patches before the update. - commit 0c9b3ad - kernel-obs-qa: Do not depend on srchash when qemu emulation is used In this case the dependency is never fulfilled Fixes: 485ae1da2b88 ("kernel-obs-qa: Use srchash for dependency as well") - commit a840f87 - virtio_net: xsk: bind/unbind xsk for tx (git-fixes). - Update patches.suse/virtio-net-free-xsk_buffs-on-error-in-virtnet_xsk_po.patch (git-fixes). - Refresh patches.suse/virtio_net-ensure-netdev_tx_reset_queue-is-called-on.patch. - commit 0050a39 - KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes). - commit dec589f - KVM: x86/mmu: Use kvm_x86_call() instead of manual static_call() (git-fixes). - commit bfaf83d - KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes). - commit e71b652 - KVM: x86: Explicitly zero-initialize on-stack CPUID unions (git-fixes). - commit 8f58b75 - NFSD: Implement FATTR4_CLONE_BLKSIZE attribute (git-fixes). - commit 4f434fe - overflow: Introduce __DEFINE_FLEX for having no initializer (git-fixes). - commit 99c412c - nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request (git-fixes). - commit d974da9 - NFSD: fix race between nfsd registration and exports_proc (git-fixes). - commit 7c3e6b5 - netlink: specs: tc: replace underscores with dashes in names (git-fixes). - netlink: specs: dpll: replace underscores with dashes in names (git-fixes). - netlink: specs: nfsd: replace underscores with dashes in names (git-fixes). - bnxt: properly flush XDP redirect lists (git-fixes). - e1000e: set fixed clock frequency indication for Nahum 11 and Nahum 13 (git-fixes). - ice: fix eswitch code memory leak in reset scenario (git-fixes). - net: ice: Perform accurate aRFS flow match (git-fixes). - net: ethtool: remove duplicate defines for family info (git-fixes). - bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start() (git-fixes). - net/mlx5e: Fix leak of Geneve TLV option object (git-fixes). - net/mlx5: HWS, make sure the uplink is the last destination (git-fixes). - net/mlx5: HWS, fix missing ip_version handling in definer (git-fixes). - net/mlx5: Fix return value when searching for existing flow group (git-fixes). - net/mlx5: Fix ECVF vports unload on shutdown flow (git-fixes). - net/mlx5: Ensure fw pages are always allocated on same NUMA (git-fixes). - e1000: Move cancel_work_sync to avoid deadlock (git-fixes). - iavf: fix reset_task for early reset event (git-fixes). - i40e: retry VFLR handling if there is ongoing VF reset (git-fixes). - i40e: return false from i40e_reset_vf if reset is in progress (git-fixes). - iavf: iavf_suspend(): take RTNL before netdev_lock() (git-fixes). - gve: add missing NULL check for gve_alloc_pending_packet() in TX DQO (git-fixes). - idpf: avoid mailbox timeout delays during reset (git-fixes). - idpf: fix a race in txq wakeup (git-fixes). - ice: fix rebuilding the Tx scheduler tree for large queue counts (git-fixes). - ice: create new Tx scheduler nodes for new queues only (git-fixes). - ice: fix Tx scheduler error handling in XDP callback (git-fixes). - net/mlx4_en: Prevent potential integer overflow calculating Hz (git-fixes). - gve: Fix RX_BUFFERS_POSTED stat to report per-queue fill_cnt (git-fixes). - octeontx2-pf: QOS: Refactor TC_HTB_LEAF_DEL_LAST callback (git-fixes). - octeontx2-pf: QOS: Perform cache sync on send queue teardown (git-fixes). - net/mlx5: Add error handling in mlx5_query_nic_vport_node_guid() (git-fixes). - net/mlx5_core: Add error handling inmlx5_query_nic_vport_qkey_viol_cntr() (git-fixes). - net/mlx5: HWS, Fix matcher action template attach (git-fixes). - overflow: Fix direct struct member initialization in _DEFINE_FLEX() (git-fixes). - idpf: fix idpf_vport_splitq_napi_poll() (git-fixes). - idpf: fix null-ptr-deref in idpf_features_check (CVE-2025-38053 bsc#1244746). - ice: Fix LACP bonds without SRIOV environment (git-fixes). - ice: fix vf->num_mac count with port representors (git-fixes). - commit af82899 - x86/xen: disable CPU idle and frequency drivers for PVH dom0 (git-fixes). - commit 1d99be7 - xen: Change xen-acpi-processor dom0 dependency (git-fixes). - commit 70cda63 - xen/pci: Do not register devices with segments >= 0x10000 (git-fixes). - commit 1940a47 - xen/mcelog: Add __nonstring annotations for unterminated strings (git-fixes). - commit 6e1a750 - xen: Add support for XenServer 6.1 platform device (git-fixes). - commit 7dd2df0 - Xen/swiotlb: mark xen_swiotlb_fixup() __init (git-fixes). - commit 4ff5446 - Grab mm lock before grabbing pt lock (git-fixes). - commit 26a77ff - staging: rtl8723bs: Avoid memset() in aes_cipher() and aes_decipher() (git-fixes). - serial: imx: Restore original RXTL for console to fix data loss (git-fixes). - serial: core: restore of_node information in sysfs (git-fixes). - commit 3895da7 - RDMA/hns: initialize db in update_srq_db() (git-fixes) - commit 980c53d ++++ numactl: - Update to version 2.0.19.14.g690a72c: * numastat command fails on LPAR which is not having node0 Patch is now upstream: https://github.com/numactl/numactl/pull/246 D 4abeee1aac20a7a2552870e0359b8df013ae9037.patch Patches are wrong or not needed anymore: https://github.com/numactl/numactl/pull/246 D 0001-Fixed-segfault-when-no-node-could-be-found-in-sysfs-.patch D numactl-clearcache-pie.patch ++++ sudo: - Update to 1.9.17p1 * Fix a possible local privilege escalation via the --host option [bsc#1245274, CVE-2025-32462] * Fix a possible local privilege Escalation via chroot option [bsc#1245275, CVE-2025-32463] - Update to 1.9.17 * Sudo now uses the NODEV macro consistently. Bug #1074. Fixed a bug where the ALL command in a sudoers rule would override a previous NOSETENV tag. Command tags are inherited from previous Cmnds in a Cmnd_Spec_List. There is a special case for the SETENV tag with the ALL command, where SETENV is implied if no explicit SETENV or NOSETENV tag is specified. This special case did not take into account that a NOSETENV tag that was inherited should override this behavior. * If sudo is run via ssh without a terminal and a password is required, it now suggest using ssh’s -t option. * Fixed the display of timeout values in the sudo -V output on systems without a C99-compliant snprintf() function. * Quieted a number of minor Coverity warnings. * Fixed a problem running sudo from a serial console on Linux when the command is run in a pseudo-terminal (the default). * Fixed a crash in sudo which could occur if there was a fatal error after the user was validated but before the command was actually run. * Fixed a number of man page style warnings. The “lint” make target in the docs directory will now run groff with warnings enabled if it is available. Bug #1075. * The ignore_dot sudoers setting is now on by default. There is now a - -disable-ignore-dot configure option to disable it. The - -with-ignore-dot configure option has been deprecated. * Fixed a problem with the pwfeedback option where an initial backspace would reduce the maximum length allowed for the password. GitHub issue #439. * Fixed minor grammar and spelling problems in the man pages. * Fixed a bug where a user could avoid entering a password for sudo -l command if they specified their own user or group name via the -u or - g options. * Avoid potential password guessing based on timing attacks on the strcmp() function on systems without PAM or a crypt() function where plaintext passwords are stored in the shadow password file. * Fixed a potential information leak where sudo -l command could be used to determine whether an executable exists in a directory that they do not have search access to. * Sudo uses TCSAFLUSH, not TCSADRAIN, when disabling echo once again. A long time ago sudo changed from using TCSAFLUSH to TCSADRAIN due to some systems having bugs related to TCSAFLUSH. That should no longer be a concern. Using TCSAFLUSH ensures that password input that has been received by the kernel, but not yet read by sudo, will be discarded and not echoed. * Added the SUDO_TTY environment variable if the user has a terminal. This can be used to find the user’s original tty device when sudo runs the command in its own pseudo-terminal. GitHub issue #447. * New Cantonese translation for sudo. ++++ toolbox: - Update to version 2.4+git20250630.5e08e45: * Forbid --user if running as root ------------------------------------------------------------------ ------------------ 2025-6-29 - Jun 29 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - wifi: rtw88: usb: Upload the firmware in bigger chunks (stable-fixes). - commit 1df8f6c - wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes). - wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes). - wifi: mt76: mt7925: introduce thermal protection (stable-fixes). - wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes). - wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes). - wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes). - wifi: ath11k: Fix QMI memory reuse logic (stable-fixes). - wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO (stable-fixes). - wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes). - wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes). - wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes). - wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes). - wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes). - wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes). - wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes). - wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes). - wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes). - wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes). - wifi: ath12k: fix incorrect CE addresses (stable-fixes). - commit b75f8f8 - drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes). - PCI: Add ACS quirk for Loongson PCIe (stable-fixes). - watchdog: da9052_wdt: respect TWDMIN (stable-fixes). - watchdog: fix watchdog may detect false positive of softlockup (stable-fixes). - pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes). - pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes). - pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes). - pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes). - pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes). - software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes). - wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes). - wifi: mac80211: VLAN traffic in multicast path (stable-fixes). - wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes). - usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes). - PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes). - power: supply: max17040: adjust thermal channel scaling (stable-fixes). - power: supply: bq27xxx: Retrieve again when busy (stable-fixes). - power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes). - platform-msi: Add msi_remove_device_irq_domain() in platform_device_msi_free_irqs_all() (stable-fixes). - wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes). - commit 132d8d6 - i2c: tiny-usb: disable zero-length read messages (git-fixes). - i2c: robotfuzz-osif: disable zero-length read messages (git-fixes). - i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes). - i2c: npcm: Add clock toggle recovery (stable-fixes). - hid-asus: check ROG Ally MCU version and warn (stable-fixes). - mmc: Add quirk to disable DDR50 tuning (stable-fixes). - gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). - Make 'cc-option' work correctly for the -Wno-xyzzy pattern (stable-fixes). - Input: sparcspkr - avoid unannotated fall-through (stable-fixes). - commit 1379ece - drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes). - Refresh patches.suse/drm-xe-Fix-GT-for-each-engine-workarounds.patch. - commit b01435e - drm/xe: Process deferred GGTT node removals on device unwind (git-fixes). - drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes). - drm/i915: fix build error some more (git-fixes). - drm/amd: Adjust output for discovery error handling (git-fixes). - drm/xe/bmg: Update Wa_16023588340 (git-fixes). - drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable-fixes). - fbcon: Make sure modelist not set on unregistered console (stable-fixes). - drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes). - drm/xe: Wire up device shutdown handler (stable-fixes). - commit 425e83a - ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes). - ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes). - ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes). - ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes). - ALSA: hda/realtek: Add quirk for Asus GU605C (stable-fixes). - ALSA: hda/realtek - Add mute LED support for HP Victus 16-s1xxx and HP Victus 15-fa1xxx (stable-fixes). - ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes). - ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes). - bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3584 for MT7922 (stable-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3630 for MT7925 (stable-fixes). - ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable-fixes). - ACPI: battery: negate current when discharging (stable-fixes). - ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes). - ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes). - ACPICA: Apply pack(1) to union aml_resource (stable-fixes). - ACPICA: fix acpi parse and parseext cache leaks (stable-fixes). - ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes). - ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes). - ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes). - ASoC: intel/sdw_utils: Assign initial value in asoc_sdw_rt_amp_spk_rtd_init() (stable-fixes). - ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes). - ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes). - commit 36941d3 ++++ kernel-rt: - wifi: rtw88: usb: Upload the firmware in bigger chunks (stable-fixes). - commit 1df8f6c - wifi: mt76: mt7996: drop fragments with multicast or broadcast RA (stable-fixes). - wifi: mt76: mt7921: add 160 MHz AP for mt7922 device (stable-fixes). - wifi: mt76: mt7925: introduce thermal protection (stable-fixes). - wifi: mt76: mt76x2: Add support for LiteOn WN4516R,WN4519R (stable-fixes). - wifi: ath12k: fix macro definition HAL_RX_MSDU_PKT_LENGTH_GET (stable-fixes). - wifi: ath12k: fix a possible dead lock caused by ab->base_lock (stable-fixes). - wifi: ath11k: Fix QMI memory reuse logic (stable-fixes). - wifi: mac80211: validate SCAN_FLAG_AP in scan request during MLO (stable-fixes). - wifi: rtw89: leave idle mode when setting WEP encryption for AP mode (stable-fixes). - wifi: rtw89: 8922a: fix TX fail with wrong VCO setting (stable-fixes). - wifi: iwlwifi: mvm: fix beacon CCK flag (stable-fixes). - wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (stable-fixes). - wifi: mac80211: do not offer a mesh path if forwarding is disabled (stable-fixes). - wifi: iwlwifi: pcie: make sure to lock rxq->read (stable-fixes). - wifi: mac80211_hwsim: Prevent tsf from setting if beacon is disabled (stable-fixes). - wifi: ath12k: using msdu end descriptor to check for rx multicast packets (stable-fixes). - wifi: ath12k: fix failed to set mhi state error during reboot with hardware grouping (stable-fixes). - wifi: ath12k: fix link valid field initialization in the monitor Rx (stable-fixes). - wifi: ath12k: fix incorrect CE addresses (stable-fixes). - commit b75f8f8 - drivers/rapidio/rio_cm.c: prevent possible heap overwrite (stable-fixes). - PCI: Add ACS quirk for Loongson PCIe (stable-fixes). - watchdog: da9052_wdt: respect TWDMIN (stable-fixes). - watchdog: fix watchdog may detect false positive of softlockup (stable-fixes). - pinctrl: armada-37xx: propagate error from armada_37xx_pmx_set_by_name() (stable-fixes). - pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get_direction() (stable-fixes). - pinctrl: armada-37xx: propagate error from armada_37xx_pmx_gpio_set_direction() (stable-fixes). - pinctrl: armada-37xx: propagate error from armada_37xx_gpio_get() (stable-fixes). - pinctrl: mcp23s08: Reset all pins to input at probe (stable-fixes). - software node: Correct a OOB check in software_node_get_reference_args() (stable-fixes). - wifi: ath12k: Pass correct values of center freq1 and center freq2 for 160 MHz (stable-fixes). - wifi: mac80211: VLAN traffic in multicast path (stable-fixes). - wifi: iwlwifi: Add missing MODULE_FIRMWARE for Qu-c0-jf-b0 (stable-fixes). - usbnet: asix AX88772: leave the carrier control to phylink (stable-fixes). - PM: runtime: fix denying of auto suspend in pm_suspend_timer_fn() (stable-fixes). - power: supply: max17040: adjust thermal channel scaling (stable-fixes). - power: supply: bq27xxx: Retrieve again when busy (stable-fixes). - power: supply: collie: Fix wakeup source leaks on device unbind (stable-fixes). - platform-msi: Add msi_remove_device_irq_domain() in platform_device_msi_free_irqs_all() (stable-fixes). - wifi: rtw89: phy: add dummy C2H event handler for report of TAS power (stable-fixes). - commit 132d8d6 - i2c: tiny-usb: disable zero-length read messages (git-fixes). - i2c: robotfuzz-osif: disable zero-length read messages (git-fixes). - i2c: designware: Invoke runtime suspend on quick slave re-registration (stable-fixes). - i2c: npcm: Add clock toggle recovery (stable-fixes). - hid-asus: check ROG Ally MCU version and warn (stable-fixes). - mmc: Add quirk to disable DDR50 tuning (stable-fixes). - gpiolib: of: Add polarity quirk for s5m8767 (stable-fixes). - Make 'cc-option' work correctly for the -Wno-xyzzy pattern (stable-fixes). - Input: sparcspkr - avoid unannotated fall-through (stable-fixes). - commit 1379ece - drm/xe/gt: Update handling of xe_force_wake_get return (stable-fixes). - Refresh patches.suse/drm-xe-Fix-GT-for-each-engine-workarounds.patch. - commit b01435e - drm/xe: Process deferred GGTT node removals on device unwind (git-fixes). - drm/xe/display: Add check for alloc_ordered_workqueue() (git-fixes). - drm/i915: fix build error some more (git-fixes). - drm/amd: Adjust output for discovery error handling (git-fixes). - drm/xe/bmg: Update Wa_16023588340 (git-fixes). - drm/v3d: Avoid NULL pointer dereference in `v3d_job_update_stats()` (stable-fixes). - fbcon: Make sure modelist not set on unregistered console (stable-fixes). - drm/amdgpu: read back register after written for VCN v4.0.5 (stable-fixes). - drm/xe: Wire up device shutdown handler (stable-fixes). - commit 425e83a - ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X507UAR (git-fixes). - ALSA: usb-audio: Fix out-of-bounds read in snd_usb_get_audioformat_uac3() (git-fixes). - ALSA: hda/realtek: enable headset mic on Latitude 5420 Rugged (stable-fixes). - ALSA: usb-audio: Rename ALSA kcontrol PCM and PCM1 for the KTMicro sound card (stable-fixes). - ALSA: hda/realtek: Add quirk for Asus GU605C (stable-fixes). - ALSA: hda/realtek - Add mute LED support for HP Victus 16-s1xxx and HP Victus 15-fa1xxx (stable-fixes). - ALSA: hda/intel: Add Thinkpad E15 to PM deny list (stable-fixes). - ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330 (stable-fixes). - bus: fsl-mc: increase MC_CMD_COMPLETION_TIMEOUT_MS value (stable-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3584 for MT7922 (stable-fixes). - Bluetooth: btusb: Add new VID/PID 13d3/3630 for MT7925 (stable-fixes). - ACPI: Add missing prototype for non CONFIG_SUSPEND/CONFIG_X86 case (stable-fixes). - ACPI: battery: negate current when discharging (stable-fixes). - ACPICA: Avoid sequence overread in call to strncmp() (stable-fixes). - ACPICA: utilities: Fix overflow check in vsnprintf() (stable-fixes). - ACPICA: Apply pack(1) to union aml_resource (stable-fixes). - ACPICA: fix acpi parse and parseext cache leaks (stable-fixes). - ACPICA: fix acpi operand cache leak in dswstate.c (stable-fixes). - ACPI: bus: Bail out if acpi_kobj registration fails (stable-fixes). - ASoC: amd: yc: Add quirk for Lenovo Yoga Pro 7 14ASP9 (stable-fixes). - ASoC: intel/sdw_utils: Assign initial value in asoc_sdw_rt_amp_spk_rtd_init() (stable-fixes). - ASoC: tegra210_ahub: Add check to of_device_get_match_data() (stable-fixes). - ASoC: tas2770: Power cycle amp on ISENSE/VSENSE change (stable-fixes). - commit 36941d3 ++++ at-spi2-core: - Update to version 2.56.3: + DeviceEventController: update mouse coordinates before sending button events + atspi-device-legacy: Don't crash when XkbGetMap fails + Return localized role name for ATSPI_ROLE_EDITBAR ------------------------------------------------------------------ ------------------ 2025-6-28 - Jun 28 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - Revert "block/bdev: enable large folio support for large logical block" (bsc#1245444) This reverts commit 03e169f9e789f08bac7bdb238dbd9bd7cfd00142. - commit f46bdc5 ++++ kernel-rt: - Revert "block/bdev: enable large folio support for large logical block" (bsc#1245444) This reverts commit 03e169f9e789f08bac7bdb238dbd9bd7cfd00142. - commit f46bdc5 ------------------------------------------------------------------ ------------------ 2025-6-27 - Jun 27 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Bump version: 10.2.25 → 10.2.26 - Add kernel parameter support for dm-verity options Implement rd.kiwi.verity_options= parameter to allow runtime customization of veritysetup options Closes #2837 - Fix shim lookup for arm on SUSE Add missing search path for shim binary on arm based SUSE systems. Also update the tumbleweed/test-image-live-disk integration test for arm to build with secure boot enabled to actually test a secure boot enabled ISO build. This Fixes #2842 ++++ kernel-default: - Update patches.suse/ALSA-pcm-Fix-race-of-buffer-access-at-PCM-OSS-layer.patch (stable-fixes CVE-2025-38078 bsc#1244737). - Update patches.suse/ASoC-SOF-Intel-hda-Fix-UAF-when-reloading-module.patch (git-fixes CVE-2025-38056 bsc#1244748). - Update patches.suse/HID-bpf-abort-dispatch-if-device-destroyed.patch (git-fixes CVE-2025-38016 bsc#1244745). - Update patches.suse/HID-uclogic-Add-NULL-check-in-uclogic_input_configur.patch (git-fixes CVE-2025-38007 bsc#1244938). - Update patches.suse/KVM-arm64-Fix-uninitialized-memcache-pointer-in-user.patch (git-fixes CVE-2025-37996 bsc#1243828). - Update patches.suse/PCI-endpoint-pci-epf-test-Fix-double-free-that-cause.patch (stable-fixes CVE-2025-38069 bsc#1245246). - Update patches.suse/RDMA-core-Fix-KASAN-slab-use-after-free-Read-in-ib_r.patch (git-fixes CVE-2025-38022 bsc#1245003). - Update patches.suse/RDMA-rxe-Fix-slab-use-after-free-Read-in-rxe_queue_c.patch (git-fixes CVE-2025-38024 bsc#1245025). - Update patches.suse/block-fix-race-between-set_blocksize-and-read-paths.patch (git-fixes CVE-2025-38073 bsc#1244741). - Update patches.suse/btrfs-avoid-NULL-pointer-dereference-if-no-valid-csu.patch (bsc#1243342 CVE-2025-38059 bsc#1244759). - Update patches.suse/btrfs-avoid-NULL-pointer-dereference-if-no-valid-ext.patch (bsc#1236208 CVE-2025-21658). - Update patches.suse/btrfs-zoned-fix-extent-range-end-unlock-in-cow_file_.patch (bsc#1239514 CVE-2025-21942 bsc#1240704). - Update patches.suse/can-bcm-add-locking-for-bcm_op-runtime-updates.patch (git-fixes CVE-2025-38004 bsc#1244274). - Update patches.suse/can-bcm-add-missing-rcu-read-protection-for-procfs-c.patch (git-fixes CVE-2025-38003 bsc#1244275). - Update patches.suse/can-m_can-m_can_class_allocate_dev-initialize-spin-l.patch (git-fixes CVE-2025-37993 bsc#1243822). - Update patches.suse/crypto-algif_hash-fix-double-free-in-hash_accept.patch (git-fixes CVE-2025-38079 bsc#1245217). - Update patches.suse/crypto-lzo-Fix-compression-buffer-overrun.patch (stable-fixes CVE-2025-38068 bsc#1245210). - Update patches.suse/dm-cache-prevent-BUG_ON-by-blocking-retries-on-faile.patch (git-fixes CVE-2025-38066 bsc#1244909). - Update patches.suse/dm-fix-unconditional-IO-throttle-caused-by-REQ_PREFL.patch (git-fixes CVE-2025-38063 bsc#1245202). - Update patches.suse/dmaengine-idxd-Refactor-remove-call-with-idxd_cleanu.patch (git-fixes CVE-2025-38014 bsc#1244732). - Update patches.suse/dmaengine-idxd-fix-memory-leak-in-error-handling-pat-46a5cca.patch (git-fixes CVE-2025-38015 bsc#1244789). - Update patches.suse/dmaengine-ti-k3-udma-Add-missing-locking.patch (git-fixes CVE-2025-38005 bsc#1244727). - Update patches.suse/drm-amd-display-Fix-invalid-context-error-in-dml-hel.patch (git-fixes CVE-2025-37965 bsc#1244174). - Update patches.suse/drm-amd-display-Increase-block_sequence-array-size.patch (stable-fixes CVE-2025-38080 bsc#1244738). - Update patches.suse/drm-amdgpu-csa-unmap-use-uninterruptible-lock.patch (stable-fixes CVE-2025-38011 bsc#1244729). - Update patches.suse/espintcp-fix-skb-leaks.patch (git-fixes CVE-2025-38057 bsc#1244862). - Update patches.suse/ext4-avoid-journaling-sb-update-on-error-if-journal-is-des.patch (bsc#1241967 CVE-2025-22113 bsc#1241617). - Update patches.suse/ext4-goto-right-label-out_mmap_sem-in-ext4_setattr.patch (bsc#1242556 CVE-2025-22120 bsc#1241592). - Update patches.suse/firmware-arm_ffa-Set-dma_mask-for-ffa-devices.patch (stable-fixes CVE-2025-38043 bsc#1245081). - Update patches.suse/fs-erofs-fileio-call-erofs_onlinefolio_split-after-bio_add_folio.patch (git-fixes CVE-2025-37999 bsc#1243846). - Update patches.suse/gpio-virtuser-fix-potential-out-of-bound-write.patch (stable-fixes CVE-2025-38082 bsc#1244740). - Update patches.suse/md-fix-mddev-uaf-while-iterating-all_mddevs-list.patch (git-fixes CVE-20255-22126 bsc#1241597 CVE-2025-22126). - Update patches.suse/media-cx231xx-set-device_caps-for-417.patch (stable-fixes CVE-2025-38044 bsc#1245082). - Update patches.suse/net-mlx5e-Disable-MACsec-offload-for-uplink-represen.patch (git-fixes CVE-2025-38020 bsc#1245001). - Update patches.suse/net-pktgen-fix-access-outside-of-user-given-buffer-i.patch (git-fixes CVE-2025-38061 bsc#1245440). - Update patches.suse/net-tls-fix-kernel-panic-when-alloc_page-failed.patch (git-fixes CVE-2025-38018 bsc#1244999). - Update patches.suse/net_sched-prio-fix-a-race-in-prio_tune.patch (git-fixes CVE-2025-38083 bsc#1245183). - Update patches.suse/nfs-handle-failure-of-nfs_get_lock_context-in-unlock-path.patch (git-fixes CVE-2025-38023 bsc#1245004). - Update patches.suse/nvmet-tcp-don-t-restore-null-sk_state_change.patch (git-fixes CVE-2025-38035 bsc#1244801). - Update patches.suse/padata-do-not-leak-refcount-in-reorder_work.patch (git-fixes CVE-2025-38031 bsc#1245046). - Update patches.suse/perf-x86-intel-Fix-segfault-with-PEBS-via-PT-with-sample_f.patch (git-fixes CVE-2025-38055 bsc#1244747). - Update patches.suse/phy-tegra-xusb-Use-a-bitmask-for-UTMI-pad-power-stat.patch (git-fixes CVE-2025-38010 bsc#1244996). - Update patches.suse/platform-x86-dell-wmi-sysman-Avoid-buffer-overflow-i.patch (git-fixes CVE-2025-38077 bsc#1244736). - Update patches.suse/ptp-ocp-Limit-signal-freq-counts-in-summary-output-f.patch (git-fixes CVE-2025-38054 bsc#1244752). - Update patches.suse/regulator-max20086-fix-invalid-memory-access.patch (git-fixes CVE-2025-38027 bsc#1245042). - Update patches.suse/sched-numa-fix-memory-leak-due-to-the-overwritten-vma-numab_state.patch (git fixes (sched/numa) CVE-2024-56613 bsc#1244176). - Update patches.suse/serial-mctrl_gpio-split-disable_ms-into-sync-and-no_.patch (git-fixes CVE-2025-38040 bsc#1245078). - Update patches.suse/spi-rockchip-Fix-register-out-of-bounds-access.patch (stable-fixes CVE-2025-38081 bsc#1244739). - Update patches.suse/staging-bcm2835-camera-Initialise-dev-in-v4l2_dev.patch (git-fixes CVE-2025-37971 bsc#1244173). - Update patches.suse/tracing-Have-process_string-also-allow-arrays.patch (git-fixes CVE-2024-57930 bsc#1236194). - Update patches.suse/usb-typec-ucsi-displayport-Fix-NULL-pointer-access.patch (git-fixes CVE-2025-37994 bsc#1243823). - Update patches.suse/wifi-cfg80211-fix-out-of-bounds-access-during-multi-.patch (git-fixes CVE-2025-37973 bsc#1244172). - Update patches.suse/wifi-iwlwifi-fix-debug-actions-order.patch (stable-fixes CVE-2025-38045 bsc#1245083). - Update patches.suse/wifi-mac80211-Set-n_channels-after-allocating-struct.patch (git-fixes CVE-2025-38013 bsc#1244731). - Update patches.suse/wifi-mt76-disable-napi-on-driver-removal.patch (git-fixes CVE-2025-38009 bsc#1244995). - Update patches.suse/x86-microcode-AMD-Fix-__apply_microcode_amd-s-return-value.patch (git-fixes CVE-2025-22047 bsc#1241437). - commit db15093 - cpufreq/ondemand: Set io_is_busy to 1 by default on all platforms (bsc#1233975). - commit e5c69ac - Delete patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-13111). - commit e2263cb - HID: wacom: fix crash in wacom_aes_battery_handler() (git-fixes). - HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes). - HID: wacom: fix kobject reference count leak (git-fixes). - HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes). - HID: wacom: fix memory leak on kobject creation failure (git-fixes). - wifi: mac80211: fix beacon interval calculation overflow (git-fixes). - commit ea1fa22 ++++ kernel-rt: - Update patches.suse/ALSA-pcm-Fix-race-of-buffer-access-at-PCM-OSS-layer.patch (stable-fixes CVE-2025-38078 bsc#1244737). - Update patches.suse/ASoC-SOF-Intel-hda-Fix-UAF-when-reloading-module.patch (git-fixes CVE-2025-38056 bsc#1244748). - Update patches.suse/HID-bpf-abort-dispatch-if-device-destroyed.patch (git-fixes CVE-2025-38016 bsc#1244745). - Update patches.suse/HID-uclogic-Add-NULL-check-in-uclogic_input_configur.patch (git-fixes CVE-2025-38007 bsc#1244938). - Update patches.suse/KVM-arm64-Fix-uninitialized-memcache-pointer-in-user.patch (git-fixes CVE-2025-37996 bsc#1243828). - Update patches.suse/PCI-endpoint-pci-epf-test-Fix-double-free-that-cause.patch (stable-fixes CVE-2025-38069 bsc#1245246). - Update patches.suse/RDMA-core-Fix-KASAN-slab-use-after-free-Read-in-ib_r.patch (git-fixes CVE-2025-38022 bsc#1245003). - Update patches.suse/RDMA-rxe-Fix-slab-use-after-free-Read-in-rxe_queue_c.patch (git-fixes CVE-2025-38024 bsc#1245025). - Update patches.suse/block-fix-race-between-set_blocksize-and-read-paths.patch (git-fixes CVE-2025-38073 bsc#1244741). - Update patches.suse/btrfs-avoid-NULL-pointer-dereference-if-no-valid-csu.patch (bsc#1243342 CVE-2025-38059 bsc#1244759). - Update patches.suse/btrfs-avoid-NULL-pointer-dereference-if-no-valid-ext.patch (bsc#1236208 CVE-2025-21658). - Update patches.suse/btrfs-zoned-fix-extent-range-end-unlock-in-cow_file_.patch (bsc#1239514 CVE-2025-21942 bsc#1240704). - Update patches.suse/can-bcm-add-locking-for-bcm_op-runtime-updates.patch (git-fixes CVE-2025-38004 bsc#1244274). - Update patches.suse/can-bcm-add-missing-rcu-read-protection-for-procfs-c.patch (git-fixes CVE-2025-38003 bsc#1244275). - Update patches.suse/can-m_can-m_can_class_allocate_dev-initialize-spin-l.patch (git-fixes CVE-2025-37993 bsc#1243822). - Update patches.suse/crypto-algif_hash-fix-double-free-in-hash_accept.patch (git-fixes CVE-2025-38079 bsc#1245217). - Update patches.suse/crypto-lzo-Fix-compression-buffer-overrun.patch (stable-fixes CVE-2025-38068 bsc#1245210). - Update patches.suse/dm-cache-prevent-BUG_ON-by-blocking-retries-on-faile.patch (git-fixes CVE-2025-38066 bsc#1244909). - Update patches.suse/dm-fix-unconditional-IO-throttle-caused-by-REQ_PREFL.patch (git-fixes CVE-2025-38063 bsc#1245202). - Update patches.suse/dmaengine-idxd-Refactor-remove-call-with-idxd_cleanu.patch (git-fixes CVE-2025-38014 bsc#1244732). - Update patches.suse/dmaengine-idxd-fix-memory-leak-in-error-handling-pat-46a5cca.patch (git-fixes CVE-2025-38015 bsc#1244789). - Update patches.suse/dmaengine-ti-k3-udma-Add-missing-locking.patch (git-fixes CVE-2025-38005 bsc#1244727). - Update patches.suse/drm-amd-display-Fix-invalid-context-error-in-dml-hel.patch (git-fixes CVE-2025-37965 bsc#1244174). - Update patches.suse/drm-amd-display-Increase-block_sequence-array-size.patch (stable-fixes CVE-2025-38080 bsc#1244738). - Update patches.suse/drm-amdgpu-csa-unmap-use-uninterruptible-lock.patch (stable-fixes CVE-2025-38011 bsc#1244729). - Update patches.suse/espintcp-fix-skb-leaks.patch (git-fixes CVE-2025-38057 bsc#1244862). - Update patches.suse/ext4-avoid-journaling-sb-update-on-error-if-journal-is-des.patch (bsc#1241967 CVE-2025-22113 bsc#1241617). - Update patches.suse/ext4-goto-right-label-out_mmap_sem-in-ext4_setattr.patch (bsc#1242556 CVE-2025-22120 bsc#1241592). - Update patches.suse/firmware-arm_ffa-Set-dma_mask-for-ffa-devices.patch (stable-fixes CVE-2025-38043 bsc#1245081). - Update patches.suse/fs-erofs-fileio-call-erofs_onlinefolio_split-after-bio_add_folio.patch (git-fixes CVE-2025-37999 bsc#1243846). - Update patches.suse/gpio-virtuser-fix-potential-out-of-bound-write.patch (stable-fixes CVE-2025-38082 bsc#1244740). - Update patches.suse/md-fix-mddev-uaf-while-iterating-all_mddevs-list.patch (git-fixes CVE-20255-22126 bsc#1241597 CVE-2025-22126). - Update patches.suse/media-cx231xx-set-device_caps-for-417.patch (stable-fixes CVE-2025-38044 bsc#1245082). - Update patches.suse/net-mlx5e-Disable-MACsec-offload-for-uplink-represen.patch (git-fixes CVE-2025-38020 bsc#1245001). - Update patches.suse/net-pktgen-fix-access-outside-of-user-given-buffer-i.patch (git-fixes CVE-2025-38061 bsc#1245440). - Update patches.suse/net-tls-fix-kernel-panic-when-alloc_page-failed.patch (git-fixes CVE-2025-38018 bsc#1244999). - Update patches.suse/net_sched-prio-fix-a-race-in-prio_tune.patch (git-fixes CVE-2025-38083 bsc#1245183). - Update patches.suse/nfs-handle-failure-of-nfs_get_lock_context-in-unlock-path.patch (git-fixes CVE-2025-38023 bsc#1245004). - Update patches.suse/nvmet-tcp-don-t-restore-null-sk_state_change.patch (git-fixes CVE-2025-38035 bsc#1244801). - Update patches.suse/padata-do-not-leak-refcount-in-reorder_work.patch (git-fixes CVE-2025-38031 bsc#1245046). - Update patches.suse/perf-x86-intel-Fix-segfault-with-PEBS-via-PT-with-sample_f.patch (git-fixes CVE-2025-38055 bsc#1244747). - Update patches.suse/phy-tegra-xusb-Use-a-bitmask-for-UTMI-pad-power-stat.patch (git-fixes CVE-2025-38010 bsc#1244996). - Update patches.suse/platform-x86-dell-wmi-sysman-Avoid-buffer-overflow-i.patch (git-fixes CVE-2025-38077 bsc#1244736). - Update patches.suse/ptp-ocp-Limit-signal-freq-counts-in-summary-output-f.patch (git-fixes CVE-2025-38054 bsc#1244752). - Update patches.suse/regulator-max20086-fix-invalid-memory-access.patch (git-fixes CVE-2025-38027 bsc#1245042). - Update patches.suse/sched-numa-fix-memory-leak-due-to-the-overwritten-vma-numab_state.patch (git fixes (sched/numa) CVE-2024-56613 bsc#1244176). - Update patches.suse/serial-mctrl_gpio-split-disable_ms-into-sync-and-no_.patch (git-fixes CVE-2025-38040 bsc#1245078). - Update patches.suse/spi-rockchip-Fix-register-out-of-bounds-access.patch (stable-fixes CVE-2025-38081 bsc#1244739). - Update patches.suse/staging-bcm2835-camera-Initialise-dev-in-v4l2_dev.patch (git-fixes CVE-2025-37971 bsc#1244173). - Update patches.suse/tracing-Have-process_string-also-allow-arrays.patch (git-fixes CVE-2024-57930 bsc#1236194). - Update patches.suse/usb-typec-ucsi-displayport-Fix-NULL-pointer-access.patch (git-fixes CVE-2025-37994 bsc#1243823). - Update patches.suse/wifi-cfg80211-fix-out-of-bounds-access-during-multi-.patch (git-fixes CVE-2025-37973 bsc#1244172). - Update patches.suse/wifi-iwlwifi-fix-debug-actions-order.patch (stable-fixes CVE-2025-38045 bsc#1245083). - Update patches.suse/wifi-mac80211-Set-n_channels-after-allocating-struct.patch (git-fixes CVE-2025-38013 bsc#1244731). - Update patches.suse/wifi-mt76-disable-napi-on-driver-removal.patch (git-fixes CVE-2025-38009 bsc#1244995). - Update patches.suse/x86-microcode-AMD-Fix-__apply_microcode_amd-s-return-value.patch (git-fixes CVE-2025-22047 bsc#1241437). - commit db15093 - cpufreq/ondemand: Set io_is_busy to 1 by default on all platforms (bsc#1233975). - commit e5c69ac - Delete patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch (jsc#PED-13111). - commit e2263cb - HID: wacom: fix crash in wacom_aes_battery_handler() (git-fixes). - HID: lenovo: Restrict F7/9/11 mode to compact keyboards only (git-fixes). - HID: wacom: fix kobject reference count leak (git-fixes). - HID: wacom: fix memory leak on sysfs attribute creation failure (git-fixes). - HID: wacom: fix memory leak on kobject creation failure (git-fixes). - wifi: mac80211: fix beacon interval calculation overflow (git-fixes). - commit ea1fa22 ++++ pango: - Update to version 1.56.4: + fontconfig: - Improve the add_font_file implementation - Combine font features and style variants - Make sure font faces stay alive + win32: - Drop some caching - Make sure font faces stay alive - Modernize and simplify the code - Stop synthesizing fonts - Implement list models + coretext: Support synthetic small caps + layout: Avoid assertions in line breaking + build: Require GLib 2.82 ++++ libxml2: - security update - added patches CVE-2025-49794 [bsc#1244554], heap use after free (UAF) can lead to Denial of service (DoS) CVE-2025-49796 [bsc#1244557], type confusion may lead to Denial of service (DoS) + libxml2-CVE-2025-49794,49796.patch CVE-2025-49795 [bsc#1244555], null pointer dereference may lead to Denial of service (DoS) + libxml2-CVE-2025-49795.patch - security update - added patches CVE-2025-6021 [bsc#1244580], Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 CVE-2025-6170 [bsc#1244700], stack buffer overflow may lead to a crash + libxml2-CVE-2025-6170,6021.patch ++++ libxml2-python: - security update - added patches CVE-2025-49794 [bsc#1244554], heap use after free (UAF) can lead to Denial of service (DoS) CVE-2025-49796 [bsc#1244557], type confusion may lead to Denial of service (DoS) + libxml2-CVE-2025-49794,49796.patch CVE-2025-49795 [bsc#1244555], null pointer dereference may lead to Denial of service (DoS) + libxml2-CVE-2025-49795.patch - security update - added patches CVE-2025-6021 [bsc#1244580], Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2 CVE-2025-6170 [bsc#1244700], stack buffer overflow may lead to a crash + libxml2-CVE-2025-6170,6021.patch ++++ ovmf: - Enables UEFI Shell support for virtual machines on X64 and AARCH64 platforms (bsc#1244266) - Build Shell.efi and install it to /usr/share/ovmf/ - Add ovmf-ShellPkg-Add-post-script-for-Shell-installation.patch - Add post-install and post-uninstall scripts in /usr/share/ovmf/ - Install Shell.efi to the EFI boot partition (/boot/efi/EFI/opensuse/ or /boot/efi/EFI/sles/) - Register Shell.efi as a UEFI boot entry ++++ selinux-policy: - Update to version 20250627+git0.1805634d: * Set /srv/www = /var/www as equivalent file context (bsc#1239177) * Add a smoke test to the gitlab-ci * Add a default PR template * allow openvpn to attach to wicked owned tun interfaces (bsc#1243291) * allow wicked to connect to networkmanager and mange pid files for it (bsc#1243291) * allow wicked to transition to openvswitch domain (bsc#1243291) * allow wicked to start systemd services (bsc#1243291) * allow wicked to controll firewalld services (bsc1243291) * allow wicked interaction with tmpfs files and creation of sysfs files (bsc#1243291) * introduce fs_dontaudit_exec_tmpfs_files interface * Trigger the gitlab-ci tests only for merge requests to factory * Move 'logging_mounton_syslog_pid_socket' to end of file * Revert "Allow init_t create syslog files (bsc#1230134)" * Allow mdadm nosuid_transition * Label plasma user service files as xdm_unit_file_t. * Revert "Allow systemd-homed to start services." * Allow virtstoraged write qemu runtime files * Allow virtqemud read/write/setattr input event devices * Allow systemd create journal pid files * Allow networkmanager send a general signal to iptables * Allow syslogd watch syslog_conf_t directories * Revert downstream fix for bsc#1199630 due to regression (bsc#1243242) * Allow systemd-machined work with its private tmp and tmpfs files * Allow geoclue read virt lib files * Fix files_dontaudit_delete_all_files() * Label /run/polkit-1 with policykit_var_run_t * Label /dev/diag as diagnostic_device_t * Allow systemd-homed to start services. * Allow named_t to read NetworkManager's runtime files * Improve README* documentation * Add missing permissions for ftpd_anon_write to manage NFS directories * Add missing permissions for ftpd_anon_write to manage CIFS directories * Allow nut-upsmon write systemd inhibit pipes * Allow systemd-user-runtime-dir connect to systemd-userdbd over a unix socket * Remove permissive domain for systemd_vsftpd_generator_t * Change generator-specific rules to apply to systemd_generator * Define file equivalency for /var/etc * Allow tuned-ppd create ppd_base_profile with a file transition * Allow lldpd connect to systemd-homed over a unix socket * Allow sysadm_sudo_t signal rpm script * Fix the "/var/cache/systemd/home(/.*)?" regex * allow selinux_autorelabel_generator_t dac_read_search (bsc#1237511) * do not set sulogin_no_pam (bsc#1237511) - Replace internal slfo-main git branch with factory ------------------------------------------------------------------ ------------------ 2025-6-26 - Jun 26 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit-machines: - Patch cockpit-machines to ignore domain not found errors when domain is deleted (bsc#1236383) * added nic-domain-not-found.patch ++++ git: - Fix git-gui citool SHA256 repo handling: refreshed 0002-git-gui-Add-support-of-SHA256-repo.patch ++++ gpg2: - Security fix: [bsc#1236931, bsc#1239119, CVE-2025-30258] * gpg: Fix another regression due to the T7547 fix. * The fix for CVE-2025-30258 was introduced in 2.5.5 * Add gnupg-gpg-Fix-another-regression-due-to-the-T7547-fix.patch ++++ kernel-default: - mm/memory-tier: Fix abstract distance calculation overflow (bsc#1244051). - commit 3248628 - x86/xen: Fix __xen_hypercall_setfunc() (git-fixes). - commit 76c9b78 - x86: don't re-generate cpufeaturemasks.h so eagerly (git-fixes). - commit 1bde9b6 - btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes). - btrfs: prepare btrfs_page_mkwrite() for large folios (git-fixes). - commit e702032 - btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes). - commit ecc292a - kabi/severities: ignore nf_flow_register_bpf() that depends on CONFIG_DEBUG_* (bsc#1245399) - commit f7994ea - x86/cpufeatures: Use AWK to generate {REQUIRED|DISABLED}_MASK_BIT_SET in (git-fixes). - Refresh patches.suse/kabi-reserve-cpuid-leaves.patch. - commit c797ea7 - x86/cpufeatures: Remove {disabled,required}-features.h (git-fixes). - Refresh patches.suse/kabi-reserve-cpuid-leaves.patch. - commit 7c1ff00 - x86/cpufeatures: Generate the header based on build config (git-fixes). - commit aa4d1af - x86/cpufeatures: Add {REQUIRED,DISABLED} feature configs (git-fixes). - commit 130db28 - x86/cpufeatures: Rename X86_CMPXCHG64 to X86_CX8 (git-fixes). - commit c39c8b4 - KVM: SVM: Add Idle HLT intercept support (jsc#PED-12577). - commit 9b4ced8 - kabi: restore layout of struct cgroup_subsys (bsc#1241166). - commit 4553ae3 - x86/cpufeatures: Add CPUID feature bit for Idle HLT intercept (jsc#PED-12577). - commit c78722e - cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166). - cgroup/cpuset: Don't allow creation of local partition over a remote one (bsc#1241166). - commit 0392529 - vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626). - commit 1216762 - vmxnet3: update MTU after device quiesce (bsc#1244626). - commit d22f709 ++++ kernel-rt: - mm/memory-tier: Fix abstract distance calculation overflow (bsc#1244051). - commit 3248628 - x86/xen: Fix __xen_hypercall_setfunc() (git-fixes). - commit 76c9b78 - x86: don't re-generate cpufeaturemasks.h so eagerly (git-fixes). - commit 1bde9b6 - btrfs: fix wrong start offset for delalloc space release during mmap write (git-fixes). - btrfs: prepare btrfs_page_mkwrite() for large folios (git-fixes). - commit e702032 - btrfs: fix invalid data space release when truncating block in NOCOW mode (git-fixes). - commit ecc292a - kabi/severities: ignore nf_flow_register_bpf() that depends on CONFIG_DEBUG_* (bsc#1245399) - commit f7994ea - x86/cpufeatures: Use AWK to generate {REQUIRED|DISABLED}_MASK_BIT_SET in (git-fixes). - Refresh patches.suse/kabi-reserve-cpuid-leaves.patch. - commit c797ea7 - x86/cpufeatures: Remove {disabled,required}-features.h (git-fixes). - Refresh patches.suse/kabi-reserve-cpuid-leaves.patch. - commit 7c1ff00 - x86/cpufeatures: Generate the header based on build config (git-fixes). - commit aa4d1af - x86/cpufeatures: Add {REQUIRED,DISABLED} feature configs (git-fixes). - commit 130db28 - x86/cpufeatures: Rename X86_CMPXCHG64 to X86_CX8 (git-fixes). - commit c39c8b4 - KVM: SVM: Add Idle HLT intercept support (jsc#PED-12577). - commit 9b4ced8 - kabi: restore layout of struct cgroup_subsys (bsc#1241166). - commit 4553ae3 - x86/cpufeatures: Add CPUID feature bit for Idle HLT intercept (jsc#PED-12577). - commit c78722e - cgroup/cpuset: Fix race between newly created partition and dying one (bsc#1241166). - cgroup/cpuset: Don't allow creation of local partition over a remote one (bsc#1241166). - commit 0392529 - vmxnet3: correctly report gso type for UDP tunnels (bsc#1244626). - commit 1216762 - vmxnet3: update MTU after device quiesce (bsc#1244626). - commit d22f709 ++++ kmod: - Fix testsuite on Leap 16.0 (bsc#1240126) * Revert-build-check-for-__xstat-declarations.patch ++++ gcc15: - Update to GCC 15 branch head, 15.1.1+git9866 - Fix PR120827, ICE due to splitter emitting constant loads directly ++++ ovmf: - Add patch to make Ovmf builds reproducible in OvmfPkg and ArmVirtPkg (bsc#1244218) - Add ovmf-OvmfPkg-ArmVirtPkg-Keep-JSON-stack-cookie-files.patch ------------------------------------------------------------------ ------------------ 2025-6-25 - Jun 25 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update to Docker 28.3.0-ce. See upstream changelog online at bsc#1246556 - Rebase patches: * 0001-SECRETS-SUSE-always-clear-our-internal-secrets.patch * 0002-SECRETS-daemon-allow-directory-creation-in-run-secre.patch * 0003-SECRETS-SUSE-implement-SUSE-container-secrets.patch * 0004-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch * 0005-bsc1073877-apparmor-clobber-docker-default-profile-o.patch * 0006-SLE12-revert-apparmor-remove-version-conditionals-fr.patch ++++ python-kiwi: - Add container_import template test - Bump version: 10.2.24 → 10.2.25 - Fixed get_partition_node_name The function get_partition_node_name takes the disk device and the partition index as arguments to match against the respective device node for this partition index. The partition index is the position of the partition in the partition table according to their start offset. For the code to function properly it is required that the list of partitions provided by lsblk is ordered according to the start address of the partitions in the table. The way lsblk was called did not enforce this ordering. This commit enforces the order to be done against the start offset and fixes bsc#1245190 ++++ kernel-default: - btrfs: factor out nocow ordered extent and extent map generation into a helper (git-fixes). - btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes). - btrfs: move ordered extent cleanup to where they are allocated (git-fixes). - btrfs: remove the unused locked_folio parameter from btrfs_cleanup_ordered_extents() (git-fixes). - btrfs: use unsigned types for constants defined as bit shifts (git-fixes). - Refresh patches.suse/0005-btrfs-do-proper-folio-cleanup-when-run_delalloc_noco.patch. - commit a1f80d1 - tracing: Fix compilation warning on arm32 (bsc#1243551). - commit 5ab4900 - cpufreq/amd-pstate: Add support for the "Requested CPU Min frequency" BIOS option (jsc#PED-13164). - cpufreq/amd-pstate: Add offline, online and suspend callbacks for amd_pstate_driver (jsc#PED-13164). - cpufreq/amd-pstate: Move max_perf limiting in amd_pstate_update (jsc#PED-13164). - commit c625c71 - cpufreq/amd-pstate: Enable ITMT support after initializing core rankings (jsc#PED-13164). - cpufreq/amd-pstate: Fix min_limit perf and freq updation for performance governor (jsc#PED-13164). - commit f84536f - cpufreq/amd-pstate: Set different default EPP policy for Epyc and Ryzen (jsc#PED-13164). - Refresh patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch. - commit f5fec72 - ata: ahci: Disallow LPM for Asus B550-F motherboard (git-fixes). - commit 50509e4 - ata: ahci: Disallow LPM for ASUSPRO-D840SA motherboard (git-fixes). - commit 1162257 - ata: ahci: Use correct BIOS build date for ThinkPad W541 quirk (git-fixes). - commit be1e349 - pidfs: ensure that PIDFS_INFO_EXIT is available (jsc#PED-13113). - blacklist.conf: Guard against unused prerequisite - commit 872e385 - exit: fix the usage of delay_group_leader->exit_code in do_notify_parent() and pidfs_exit() (jsc#PED-13113). - pidfs: improve multi-threaded exec and premature thread-group leader exit polling (jsc#PED-13113). - commit c5e2e6c - ata: Fix typos in the comment (git-fixes). - commit c056491 - cpufreq/amd-pstate: Drop actions in amd_pstate_epp_cpu_offline() (jsc#PED-13164). - cpufreq/amd-pstate: Stop caching EPP (jsc#PED-13164). - cpufreq/amd-pstate: Rework CPPC enabling (jsc#PED-13164). - cpufreq/amd-pstate: Drop debug statements for policy setting (jsc#PED-13164). - cpufreq/amd-pstate: Update cppc_req_cached for shared mem EPP writes (jsc#PED-13164). - cpufreq/amd-pstate: Move all EPP tracing into *_update_perf and *_set_epp functions (jsc#PED-13164). - cpufreq/amd-pstate: Cache CPPC request in shared mem case too (jsc#PED-13164). - cpufreq/amd-pstate: Replace all AMD_CPPC_* macros with masks (jsc#PED-13164). - cpufreq/amd-pstate-ut: Adjust variable scope (jsc#PED-13164). - cpufreq/amd-pstate-ut: Run on all of the correct CPUs (jsc#PED-13164). - cpufreq/amd-pstate-ut: Drop SUCCESS and FAIL enums (jsc#PED-13164). - cpufreq/amd-pstate-ut: Allow lowest nonlinear and lowest to be the same (jsc#PED-13164). - cpufreq/amd-pstate-ut: Use _free macro to free put policy (jsc#PED-13164). - cpufreq/amd-pstate: Drop `cppc_cap1_cached` (jsc#PED-13164). - cpufreq/amd-pstate: Overhaul locking (jsc#PED-13164). - cpufreq/amd-pstate: Move perf values into a union (jsc#PED-13164). - cpufreq/amd-pstate: Drop min and max cached frequencies (jsc#PED-13164). - cpufreq/amd-pstate: Show a warning when a CPU fails to setup (jsc#PED-13164). - cpufreq/amd-pstate: Invalidate cppc_req_cached during suspend (jsc#PED-13164). - cpufreq/amd-pstate: Fix the clamping of perf values (jsc#PED-13164). - commit 0b848ba - bpf: abort verification if env->cur_state->loop_entry != NULL (CVE-2025-38060 bsc#1245155). - commit 3e1f9c9 - tracing: Fix oob write in trace_seq_to_buffer() (CVE-2025-37923 bsc#1243551). - commit 3a99a12 - cpufreq/amd-pstate: Remove the unncecessary driver_lock in amd_pstate_update_limits (jsc#PED-13164). - cpufreq/amd-pstate: Use scope based cleanup for cpufreq_policy refs (jsc#PED-13164). - cpufreq/amd-pstate: Remove the unnecessary cpufreq_update_policy call (jsc#PED-13164). - cpufreq/amd-pstate: Modularize perf<->freq conversion (jsc#PED-13164). - Refresh patches.suse/cpufreq-amd-pstate-Add-missing-NULL-ptr-check-in-amd.patch. - cpufreq/amd-pstate: Convert all perf values to u8 (jsc#PED-13164). - Refresh patches.suse/cpufreq-amd-pstate-Add-missing-NULL-ptr-check-in-amd.patch. - cpufreq/amd-pstate: Pass min/max_limit_perf as min/max_perf to amd_pstate_update (jsc#PED-13164). - cpufreq/amd-pstate: Remove the redundant des_perf clamping in adjust_perf (jsc#PED-13164). - cpufreq/amd-pstate: Modify the min_perf calculation in adjust_perf callback (jsc#PED-13164). - commit 21b14f2 - tracing: Fix use-after-free in print_graph_function_flags during tracer switching (CVE-2025-22035 bsc#1241544). - commit 49f381e - bpf: free verifier states when they are no longer referenced (CVE-2025-38060 bsc#1245155). - Refresh patches.suse/kABI-padding-for-bpf.patch. - commit 06e2482 - bpf: fix env->peak_states computation (CVE-2025-38060 bsc#1245155). - commit 53d5bd3 - bpf: use list_head to track explored states and free list (CVE-2025-38060 bsc#1245155). - bpf: do not update state->loop_entry in get_loop_entry() (CVE-2025-38060 bsc#1245155). - bpf: make state->dfs_depth < state->loop_entry->dfs_depth an invariant (CVE-2025-38060 bsc#1245155). - bpf: detect infinite loop in get_loop_entry() (CVE-2025-38060 bsc#1245155). - selftests/bpf: check states pruning for deeply nested iterator (CVE-2025-38060 bsc#1245155). - bpf: don't do clean_live_states when state->loop_entry->branches > 0 (CVE-2025-38060 bsc#1245155). - selftests/bpf: test correct loop_entry update in copy_verifier_state (CVE-2025-38060 bsc#1245155). - bpf: copy_verifier_state() should copy 'loop_entry' field (CVE-2025-38060 bsc#1245155). - commit 6388e16 - bpf: Fix deadlock between rcu_tasks_trace and event_mutex (CVE-2025-37884 bsc#1243060). - commit 1feaa51 ++++ kernel-firmware-media: - Update to version 20250624 (git commit b05fabcd6f2a): * qcom: venus-5.4: add the firmware binary for qcs615 ++++ kernel-rt: - btrfs: factor out nocow ordered extent and extent map generation into a helper (git-fixes). - btrfs: fix qgroup reservation leak on failure to allocate ordered extent (git-fixes). - btrfs: move ordered extent cleanup to where they are allocated (git-fixes). - btrfs: remove the unused locked_folio parameter from btrfs_cleanup_ordered_extents() (git-fixes). - btrfs: use unsigned types for constants defined as bit shifts (git-fixes). - Refresh patches.suse/0005-btrfs-do-proper-folio-cleanup-when-run_delalloc_noco.patch. - commit a1f80d1 - tracing: Fix compilation warning on arm32 (bsc#1243551). - commit 5ab4900 - cpufreq/amd-pstate: Add support for the "Requested CPU Min frequency" BIOS option (jsc#PED-13164). - cpufreq/amd-pstate: Add offline, online and suspend callbacks for amd_pstate_driver (jsc#PED-13164). - cpufreq/amd-pstate: Move max_perf limiting in amd_pstate_update (jsc#PED-13164). - commit c625c71 - cpufreq/amd-pstate: Enable ITMT support after initializing core rankings (jsc#PED-13164). - cpufreq/amd-pstate: Fix min_limit perf and freq updation for performance governor (jsc#PED-13164). - commit f84536f - cpufreq/amd-pstate: Set different default EPP policy for Epyc and Ryzen (jsc#PED-13164). - Refresh patches.suse/cpufreq-amd-pstate-Default-to-powersave-governor-whe.patch. - commit f5fec72 - ata: ahci: Disallow LPM for Asus B550-F motherboard (git-fixes). - commit 50509e4 - ata: ahci: Disallow LPM for ASUSPRO-D840SA motherboard (git-fixes). - commit 1162257 - ata: ahci: Use correct BIOS build date for ThinkPad W541 quirk (git-fixes). - commit be1e349 - pidfs: ensure that PIDFS_INFO_EXIT is available (jsc#PED-13113). - blacklist.conf: Guard against unused prerequisite - commit 872e385 - exit: fix the usage of delay_group_leader->exit_code in do_notify_parent() and pidfs_exit() (jsc#PED-13113). - pidfs: improve multi-threaded exec and premature thread-group leader exit polling (jsc#PED-13113). - commit c5e2e6c - ata: Fix typos in the comment (git-fixes). - commit c056491 - cpufreq/amd-pstate: Drop actions in amd_pstate_epp_cpu_offline() (jsc#PED-13164). - cpufreq/amd-pstate: Stop caching EPP (jsc#PED-13164). - cpufreq/amd-pstate: Rework CPPC enabling (jsc#PED-13164). - cpufreq/amd-pstate: Drop debug statements for policy setting (jsc#PED-13164). - cpufreq/amd-pstate: Update cppc_req_cached for shared mem EPP writes (jsc#PED-13164). - cpufreq/amd-pstate: Move all EPP tracing into *_update_perf and *_set_epp functions (jsc#PED-13164). - cpufreq/amd-pstate: Cache CPPC request in shared mem case too (jsc#PED-13164). - cpufreq/amd-pstate: Replace all AMD_CPPC_* macros with masks (jsc#PED-13164). - cpufreq/amd-pstate-ut: Adjust variable scope (jsc#PED-13164). - cpufreq/amd-pstate-ut: Run on all of the correct CPUs (jsc#PED-13164). - cpufreq/amd-pstate-ut: Drop SUCCESS and FAIL enums (jsc#PED-13164). - cpufreq/amd-pstate-ut: Allow lowest nonlinear and lowest to be the same (jsc#PED-13164). - cpufreq/amd-pstate-ut: Use _free macro to free put policy (jsc#PED-13164). - cpufreq/amd-pstate: Drop `cppc_cap1_cached` (jsc#PED-13164). - cpufreq/amd-pstate: Overhaul locking (jsc#PED-13164). - cpufreq/amd-pstate: Move perf values into a union (jsc#PED-13164). - cpufreq/amd-pstate: Drop min and max cached frequencies (jsc#PED-13164). - cpufreq/amd-pstate: Show a warning when a CPU fails to setup (jsc#PED-13164). - cpufreq/amd-pstate: Invalidate cppc_req_cached during suspend (jsc#PED-13164). - cpufreq/amd-pstate: Fix the clamping of perf values (jsc#PED-13164). - commit 0b848ba - bpf: abort verification if env->cur_state->loop_entry != NULL (CVE-2025-38060 bsc#1245155). - commit 3e1f9c9 - tracing: Fix oob write in trace_seq_to_buffer() (CVE-2025-37923 bsc#1243551). - commit 3a99a12 - cpufreq/amd-pstate: Remove the unncecessary driver_lock in amd_pstate_update_limits (jsc#PED-13164). - cpufreq/amd-pstate: Use scope based cleanup for cpufreq_policy refs (jsc#PED-13164). - cpufreq/amd-pstate: Remove the unnecessary cpufreq_update_policy call (jsc#PED-13164). - cpufreq/amd-pstate: Modularize perf<->freq conversion (jsc#PED-13164). - Refresh patches.suse/cpufreq-amd-pstate-Add-missing-NULL-ptr-check-in-amd.patch. - cpufreq/amd-pstate: Convert all perf values to u8 (jsc#PED-13164). - Refresh patches.suse/cpufreq-amd-pstate-Add-missing-NULL-ptr-check-in-amd.patch. - cpufreq/amd-pstate: Pass min/max_limit_perf as min/max_perf to amd_pstate_update (jsc#PED-13164). - cpufreq/amd-pstate: Remove the redundant des_perf clamping in adjust_perf (jsc#PED-13164). - cpufreq/amd-pstate: Modify the min_perf calculation in adjust_perf callback (jsc#PED-13164). - commit 21b14f2 - tracing: Fix use-after-free in print_graph_function_flags during tracer switching (CVE-2025-22035 bsc#1241544). - commit 49f381e - bpf: free verifier states when they are no longer referenced (CVE-2025-38060 bsc#1245155). - Refresh patches.suse/kABI-padding-for-bpf.patch. - commit 06e2482 - bpf: fix env->peak_states computation (CVE-2025-38060 bsc#1245155). - commit 53d5bd3 - bpf: use list_head to track explored states and free list (CVE-2025-38060 bsc#1245155). - bpf: do not update state->loop_entry in get_loop_entry() (CVE-2025-38060 bsc#1245155). - bpf: make state->dfs_depth < state->loop_entry->dfs_depth an invariant (CVE-2025-38060 bsc#1245155). - bpf: detect infinite loop in get_loop_entry() (CVE-2025-38060 bsc#1245155). - selftests/bpf: check states pruning for deeply nested iterator (CVE-2025-38060 bsc#1245155). - bpf: don't do clean_live_states when state->loop_entry->branches > 0 (CVE-2025-38060 bsc#1245155). - selftests/bpf: test correct loop_entry update in copy_verifier_state (CVE-2025-38060 bsc#1245155). - bpf: copy_verifier_state() should copy 'loop_entry' field (CVE-2025-38060 bsc#1245155). - commit 6388e16 - bpf: Fix deadlock between rcu_tasks_trace and event_mutex (CVE-2025-37884 bsc#1243060). - commit 1feaa51 ++++ ldmtool: - Update to version 0.2.5 (jsc#PED-12706) * Fix crash while creating mapper for a volume which lacks of partitions * Make libldm to parse and return volume GUID * Change the way we sanitise LDM partition name * Set UUID for device mapper devices (partitions and volumes) * Fix potential memory leak * Use device mapper device UUID instead of name to find device in a tree * New API: ldm_volume_dm_get_device * New API: ldm_partition_dm_get_device * Fix bug in libldm to allow for all spanned LDM volumes to bex correctly identified/mounted - Upstream fixes post 0.2.5 001-Add-example-systemd-unit-file.patch 002-ldmtool-fix-NULL-pointer-dereference.patch 003-Add-ability-to-override-device-mapper-UUID.patch 004-src-Fix-declaration-of-ldm_new.patch 005-Update-gtkdocize.patch - Drop patch contained in new tarball Remove-deprecated-g_type_class_add_private.patch ++++ xfsprogs: - update to 6.15.0 - xfs_mdrestore: don't allow restoring onto zoned block devices - man: adjust description of the statx manpage - xfs_protofile: fix permission octet when suid/guid is set - xfs_repair: fix libxfs abstraction mess - xfs_growfs: support internal RT devices - xfs_mdrestore: support internal RT devices - xfs_scrub: support internal RT device - xfs_spaceman: handle internal RT devices - xfs_io: handle internal RT devices in fsmap output - xfs_io: don't re-query fs_path information in fsmap_f - xfs_io: correctly report RGs with internal rt dev in bmap output - man: document XFS_FSOP_GEOM_FLAGS_ZONED - xfs_mkfs: document the new zoned options in the man page - xfs_mkfs: reflink conflicts with zoned file systems for now - xfs_mkfs: default to rtinherit=1 for zoned file systems - xfs_mkfs: calculate zone overprovisioning when specifying size - xfs_mkfs: support creating file system with zoned RT devices - xfs_mkfs: factor out a validate_rtgroup_geometry helper - xfs_repair: validate rt groups vs reported hardware zones - xfs_repair: fix the RT device check in process_dinode_int - xfs_repair: support repairing zoned file systems - libfrog: report the zoned geometry - xfs_repair: phase6: scan longform entries before header check - xfs_repair: Bump link count if longform_dir2_rebuild yields shortform dir - mkfs: fix the issue of maxpct set to 0 not taking effect - mkfs: fix blkid probe API violations causing weird output - xfs_io: make statx mask parsing more generally useful - xfs_io: redefine what statx -m all does - xfs_io: catch statx fields up to 6.15 - man: fix missing cachestat manpage ------------------------------------------------------------------ ------------------ 2025-6-24 - Jun 24 2025 ------------------- ------------------------------------------------------------------ ++++ python-kiwi: - Add support for container-snap as a container-image engine With this commit, we can now pre-load images using container-snap directly during the kiwi image build - Update test-image-MicroOS for local build Fix bootstrap setup such that micro-os patterns can resolve - Fix logging of stderr data in command calls The stderr data was presented as one blob without line breaks. Hard to read and smells like a bug. This commit fixes the output to become readable - Update test-image-MicroOS/disk.sh Add a findmnt for / to check if there is a proper root device reference ++++ kernel-default: - netfilter: nft_exthdr: fix offset with ipv4_find_option() (git-fixes). - commit be2a228 - netfilter: conntrack: Bound nf_conntrack sysctl writes (git-fixes). - commit 0ac13d2 - netfilter: nf_tables: Only use nf_skip_indirect_calls() when MITIGATION_RETPOLINE (git-fixes). - commit 114a1de - netfilter: nft_set_hash: GC reaps elements with conncount for dynamic sets only (git-fixes). - commit fd8be75 - netfilter: nft_quota: match correctly when the quota just depleted (git-fixes). - commit 563b1e8 - netfilter: nf_set_pipapo_avx2: fix initial map fill (git-fixes). - commit 5316618 - netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it (git-fixes). - commit 3a5285b - netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy (git-fixes). - commit 18d1e67 - netfilter: nf_tables: nft_fib: consistent l3mdev handling (git-fixes). - commit 2b7f119 - s390/pci: Fix s390_mmio_read/write syscall page fault handling (git-fixes bsc#1245291). - commit 2f37aef - s390: Fix linker error when -no-pie option is unavailable (git-fixes bsc#1245290). - commit 788b161 - Delete patches.suse/nvdimm-disable-namespace-on-error.patch. We think the patch is not needed and the issue bsc#1166486 has actually been resolved by upstream commit c1f45d86a522. The upstream submission never got any reply [*], so if we decide we in the end want the patch, it should be resent there first. [*] https://lore.kernel.org/nvdimm/20211201164844.125296-1-colyli@suse.de/ - commit ecc0f57 - s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1245285). - commit 9d4cdf8 - scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes). - scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes). - commit 1fc590c ++++ kernel-firmware-amdgpu: - Update to version 20250623 (git commit dbfe16e9e8ac): * amdgpu: update dmcub fw for dcn401 ++++ kernel-firmware-brcm: - Update to version 20250623 (git commit dbfe16e9e8ac): * brcm: Fix symlinks for Khadas VIM SDIO wifi config ++++ kernel-rt: - netfilter: nft_exthdr: fix offset with ipv4_find_option() (git-fixes). - commit be2a228 - netfilter: conntrack: Bound nf_conntrack sysctl writes (git-fixes). - commit 0ac13d2 - netfilter: nf_tables: Only use nf_skip_indirect_calls() when MITIGATION_RETPOLINE (git-fixes). - commit 114a1de - netfilter: nft_set_hash: GC reaps elements with conncount for dynamic sets only (git-fixes). - commit fd8be75 - netfilter: nft_quota: match correctly when the quota just depleted (git-fixes). - commit 563b1e8 - netfilter: nf_set_pipapo_avx2: fix initial map fill (git-fixes). - commit 5316618 - netfilter: bridge: Move specific fragmented packet to slow_path instead of dropping it (git-fixes). - commit 3a5285b - netfilter: nf_tables: nft_fib_ipv6: fix VRF ipv4/ipv6 result discrepancy (git-fixes). - commit 18d1e67 - netfilter: nf_tables: nft_fib: consistent l3mdev handling (git-fixes). - commit 2b7f119 - s390/pci: Fix s390_mmio_read/write syscall page fault handling (git-fixes bsc#1245291). - commit 2f37aef - s390: Fix linker error when -no-pie option is unavailable (git-fixes bsc#1245290). - commit 788b161 - Delete patches.suse/nvdimm-disable-namespace-on-error.patch. We think the patch is not needed and the issue bsc#1166486 has actually been resolved by upstream commit c1f45d86a522. The upstream submission never got any reply [*], so if we decide we in the end want the patch, it should be resent there first. [*] https://lore.kernel.org/nvdimm/20211201164844.125296-1-colyli@suse.de/ - commit ecc0f57 - s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1245285). - commit 9d4cdf8 - scsi: elx: efct: Fix memory leak in efct_hw_parse_filter() (git-fixes). - scsi: iscsi: Fix incorrect error path labels for flashnode operations (git-fixes). - commit 1fc590c ++++ util-linux-systemd: - Update to version 2.41.1: * cfdisk: fix memory leak and possible NULL dereference * fdisk: fix possible memory leak * findmnt: fix -k option parsing regression (boo#1242705, drop util-linux-libblkid-econf-parse.patch) * hardlink: fix performance regression * include/cctype: fix string comparison * libblkid: * Fix crash while parsing config with libeconf * befs fix underflow * avoid strcasecmp() for ASCII-only strings * libblkid/src/topology/dm: fix fscanf return value check to match expected number of parsed items * libmount: * (subdir) restrict for real mounts only * (subdir) remove unused code * avoid calling memset() unnecessarily * fix --no-canonicalize regression (boo#1244251, drop libmount-fix-no-canonicalize-regression.patch) * lsblk: * use ID_PART_ENTRY_SCHEME as fallback for PTTYPE * avoid strcasecmp() for ASCII-only strings * lscpu: * fix possible buffer overflow in cpuinfo parser * Fix loongarch op-mode output with recent kernel * lsfd: * scan the protocol field of /proc/net/packet as a hex number * fix the description for PACKET.PROTOCOL column * lsns: * enhance compilation without USE_NS_GET_API * fix undefined reference to add_namespace_for_nsfd #3483 * more: * fix broken ':!command' command key * fix implicit previous shell_line execution #3508 * tests: (test_mkfds::mapped-packet-socket) add a new parameter, protocol * treewide: * add ul_ to parse_timestamp() function name (drop util-linux-rename-common-symbols-4.patch) * add ul_ to parse_switch() function name (drop util-linux-rename-common-symbols-3.patch) * add ul_ to parse_size() function name (drop util-linux-rename-common-symbols-2.patch) * add ul_ to parse_range() function name (drop util-linux-rename-common-symbols-1.patch) * fix optional arguments usage * avoid strcasecmp() for ASCII-only strings * Wipefs: improve --all descriptions for whole-disks * Misc: Do not call exit() on code ending in shared libraries * Other fixes. For complete list see https://kernel.org/pub/linux/utils/util-linux/v2.41/v2.41.1-ReleaseNotes - Fix problem with uname26 listed twice. ++++ util-linux: - Update to version 2.41.1: * cfdisk: fix memory leak and possible NULL dereference * fdisk: fix possible memory leak * findmnt: fix -k option parsing regression (boo#1242705, drop util-linux-libblkid-econf-parse.patch) * hardlink: fix performance regression * include/cctype: fix string comparison * libblkid: * Fix crash while parsing config with libeconf * befs fix underflow * avoid strcasecmp() for ASCII-only strings * libblkid/src/topology/dm: fix fscanf return value check to match expected number of parsed items * libmount: * (subdir) restrict for real mounts only * (subdir) remove unused code * avoid calling memset() unnecessarily * fix --no-canonicalize regression (boo#1244251, drop libmount-fix-no-canonicalize-regression.patch) * lsblk: * use ID_PART_ENTRY_SCHEME as fallback for PTTYPE * avoid strcasecmp() for ASCII-only strings * lscpu: * fix possible buffer overflow in cpuinfo parser * Fix loongarch op-mode output with recent kernel * lsfd: * scan the protocol field of /proc/net/packet as a hex number * fix the description for PACKET.PROTOCOL column * lsns: * enhance compilation without USE_NS_GET_API * fix undefined reference to add_namespace_for_nsfd #3483 * more: * fix broken ':!command' command key * fix implicit previous shell_line execution #3508 * tests: (test_mkfds::mapped-packet-socket) add a new parameter, protocol * treewide: * add ul_ to parse_timestamp() function name (drop util-linux-rename-common-symbols-4.patch) * add ul_ to parse_switch() function name (drop util-linux-rename-common-symbols-3.patch) * add ul_ to parse_size() function name (drop util-linux-rename-common-symbols-2.patch) * add ul_ to parse_range() function name (drop util-linux-rename-common-symbols-1.patch) * fix optional arguments usage * avoid strcasecmp() for ASCII-only strings * Wipefs: improve --all descriptions for whole-disks * Misc: Do not call exit() on code ending in shared libraries * Other fixes. For complete list see https://kernel.org/pub/linux/utils/util-linux/v2.41/v2.41.1-ReleaseNotes - Fix problem with uname26 listed twice. ++++ libguestfs: - Update to version 1.56.1 (jsc#PED-12706) * lib: Enable ACPI for the libvirt backend for x86_64 and arm - Only build the inspect-icons RPM for Tumbleweed. Tumbleweed is the only place where icoutils package exists which it requires. ++++ numactl: - Fix Node0 does not exist (bsc#1244492) A 4abeee1aac20a7a2552870e0359b8df013ae9037.patch ++++ ceph: - Disable ceph-mgr-cephadm in ring1 ++++ libssh: - Update to version 0.11.2 * Security: * CVE-2025-4877 - Write beyond bounds in binary to base64 conversion (bsc#1245309) * CVE-2025-4878 - Use of uninitialized variable in privatekey_from_file() (bsc#1245310) * CVE-2025-5318 - Likely read beyond bounds in sftp server handle management (bsc#1245311) * CVE-2025-5351 - Double free in functions exporting keys (bsc#1245312) * CVE-2025-5372 - ssh_kdf() returns a success code on certain failures (bsc#1245314) * CVE-2025-5449 - Likely read beyond bounds in sftp server message decoding (bsc#1245316) * CVE-2025-5987 - Invalid return code for chacha20 poly1305 with OpenSSL (bsc#1245317) * Compatibility * Fixed compatibility with CPM.cmake * Compatibility with OpenSSH 10.0 * Tests compatibility with new Dropbear releases * Removed p11-kit remoting from the pkcs11 testsuite * Bugfixes * Implement missing packet filter for DH GEX * Properly process the SSH2_MSG_DEBUG message * Allow escaping quotes in quoted arguments to ssh configuration * Do not fail with unknown match keywords in ssh configuration * Process packets before selecting signature algorithm during authentication * Do not fail hard when the SFTP status message is not sent by noncompliant servers - Removed libssh-CmakeLists-Fix-multiple-digit-major-version-for-OpenSSH.patch - Removed libssh-misc-Fix-OpenSSH-banner-parsing.patch ++++ nvidia-open-driver-G06-signed: - 0003-nv-dmabuf-Inline-dma_buf_attachment_is_dynamic.patch 0004-nvidia-uvm-Disable-SVA-support-for-6.16.patch * buildfixes against Kernel 6.16 picked up from https://github.com/CachyOS/CachyOS-PKGBUILDS.git - -> nvidia/nvidia-utils ------------------------------------------------------------------ ------------------ 2025-6-23 - Jun 23 2025 ------------------- ------------------------------------------------------------------ ++++ busybox: - enable halt, poweroff, reboot commands (bsc#1243201) ++++ busybox-links: - Blacklist creating links for halt, reboot, shutdown commands to avoid accidental use in a fully booted system (bsc#1243201) ++++ docker: [ This update is a no-op, only needed to work around unfortunate automated packaging script behaviour on SLES. ] - The following patches were removed in openSUSE in the Docker 28.1.1-ce update, but the patch names were later renamed in a SLES-only update before Docker 28.1.1-ce was submitted to SLES. This causes the SLES build scripts to refuse the update because the patches are not referenced in the changelog. There is no obvious place to put the patch removals (the 28.1.1-ce update removing the patches chronologically predates their renaming in SLES), so they are included here a dummy changelog entry to work around the issue. - 0007-CVE-2025-22868-vendor-jws-split-token-into-fixed-num.patch - 0008-CVE-2025-22869-vendor-ssh-limit-the-size-of-the-inte.patch ++++ python-kiwi: - Fix mount system for root_is_snapper_snapshot If root is a snapper snapshot we have to tell the chroot a proper root mount point which can be achieved by a bind mount pointing to itself. This Fixes bsc#1244668 ++++ kernel-default: - fs/mpage: use blocks_per_folio instead of blocks_per_page (bsc#1245219). - commit 6f61662 - fs/mpage: avoid negative shift for large blocksize (bsc#1245219). - commit f40b15c - s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245230). - commit 5f783ee - pidfs: never refuse ppid == 0 in PIDFD_GET_INFO (jsc#PED-13113). - commit 4327fa2 - iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (CVE-2025-37927 bsc#1243620). - commit 0e060e5 - Move upstreamed patch "genksyms: Fix enum consts from a reference affecting new values" into the sorted section (git-fixes). - commit 7c87e2b - s390/boot: Use -D__DISABLE_EXPORTS (bsc#1245126). - commit 79382ab - nvme: always punt polled uring_cmd end_io work to task_work (git-fixes). - nvme-tcp: remove tag set when second admin queue config fails (git-fixes). - nvme: fix implicit bool to flags conversion (git-fixes). - nvme: fix command limits status code (git-fixes). - nvme-fc: do not reference lsrsp after failure (bsc#1245193). - nvmet-fcloop: don't wait for lport cleanup (bsc#1245193). - nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193). - nvmet-fc: take tgtport refs for portentry (bsc#1245193). - nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193). - nvmet-fcloop: drop response if targetport is gone (bsc#1245193). - nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193). - nvmet-fcloop: prevent double port deletion (bsc#1245193). - nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193). - nvmet-fcloop: update refs on tfcp_req (bsc#1245193). - nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193). - nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193). - nvmet-fcloop: remove nport from list on last user (bsc#1245193). - nvmet-fcloop: track ref counts for nports (bsc#1245193). - nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes). - commit 60761a1 - btrfs: fix fsync of files with no hard links not persisting deletion (bsc#1245068). - btrfs: remove end_no_trans label from btrfs_log_inode_parent() (bsc#1245068). - btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (bsc#1245068). - commit 188ca65 - Remove host-memcpy-hack.h This might have been usefult at some point but we have more things that depend on specific library versions today. - commit 0396c23 - Remove compress-vmlinux.sh /usr/lib/rpm/brp-suse.d/brp-99-compress-vmlinux was added in pesign-obs-integration during SLE12 RC. This workaround can be removed. - commit 19caac0 - Remove try-disable-staging-driver The config for linux-next is autogenerated from master config, and defaults filled for missing options. This is unlikely to enable any staging driver in the first place. - commit a6f21ed - btrfs: always fallback to buffered write if the inode requires checksum (bsc#1245067). - commit b160824 - cpufreq: Default to performance governor on servers (jsc#PED-13111). - commit 0f4c2f8 - sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes). - commit 753d7ae - nfsd: use threads array as-is in netlink interface (git-fixes). - commit 3a8806c - Refresh patches.suse/x86-entry-Add-__init-to-ia32_emulation_override_cmdline.patch. - commit 15f587c - x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes). - commit 0b0ecd8 - x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). - Refresh patches.suse/x86-virt-tdx-Mark-memory-cache-state-incoherent-when-making-seamcall.patch. - commit a3e640a - Revert "mm/execmem: Unify early execmem_cache behaviour" (git-fixes). - commit 99e2ca1 - x86/its: explicitly manage permissions for ITS pages (git-fixes). - commit 4d57729 - x86/Kconfig: only enable ROX cache in execmem when STRICT_MODULE_RWX is set (git-fixes). - commit d3bec4e ++++ kernel-rt: - fs/mpage: use blocks_per_folio instead of blocks_per_page (bsc#1245219). - commit 6f61662 - fs/mpage: avoid negative shift for large blocksize (bsc#1245219). - commit f40b15c - s390/tty: Fix a potential memory leak bug (git-fixes bsc#1245230). - commit 5f783ee - pidfs: never refuse ppid == 0 in PIDFD_GET_INFO (jsc#PED-13113). - commit 4327fa2 - iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid (CVE-2025-37927 bsc#1243620). - commit 0e060e5 - Move upstreamed patch "genksyms: Fix enum consts from a reference affecting new values" into the sorted section (git-fixes). - commit 7c87e2b - s390/boot: Use -D__DISABLE_EXPORTS (bsc#1245126). - commit 79382ab - nvme: always punt polled uring_cmd end_io work to task_work (git-fixes). - nvme-tcp: remove tag set when second admin queue config fails (git-fixes). - nvme: fix implicit bool to flags conversion (git-fixes). - nvme: fix command limits status code (git-fixes). - nvme-fc: do not reference lsrsp after failure (bsc#1245193). - nvmet-fcloop: don't wait for lport cleanup (bsc#1245193). - nvmet-fcloop: add missing fcloop_callback_host_done (bsc#1245193). - nvmet-fc: take tgtport refs for portentry (bsc#1245193). - nvmet-fc: free pending reqs on tgtport unregister (bsc#1245193). - nvmet-fcloop: drop response if targetport is gone (bsc#1245193). - nvmet-fcloop: allocate/free fcloop_lsreq directly (bsc#1245193). - nvmet-fcloop: prevent double port deletion (bsc#1245193). - nvmet-fcloop: access fcpreq only when holding reqlock (bsc#1245193). - nvmet-fcloop: update refs on tfcp_req (bsc#1245193). - nvmet-fcloop: refactor fcloop_delete_local_port (bsc#1245193). - nvmet-fcloop: refactor fcloop_nport_alloc and track lport (bsc#1245193). - nvmet-fcloop: remove nport from list on last user (bsc#1245193). - nvmet-fcloop: track ref counts for nports (bsc#1245193). - nvme-pci: add NVME_QUIRK_NO_DEEPEST_PS quirk for SOLIDIGM P44 Pro (git-fixes). - commit 60761a1 - btrfs: fix fsync of files with no hard links not persisting deletion (bsc#1245068). - btrfs: remove end_no_trans label from btrfs_log_inode_parent() (bsc#1245068). - btrfs: simplify condition for logging new dentries at btrfs_log_inode_parent() (bsc#1245068). - commit 188ca65 - Remove host-memcpy-hack.h This might have been usefult at some point but we have more things that depend on specific library versions today. - commit 0396c23 - Remove compress-vmlinux.sh /usr/lib/rpm/brp-suse.d/brp-99-compress-vmlinux was added in pesign-obs-integration during SLE12 RC. This workaround can be removed. - commit 19caac0 - Remove try-disable-staging-driver The config for linux-next is autogenerated from master config, and defaults filled for missing options. This is unlikely to enable any staging driver in the first place. - commit a6f21ed - btrfs: always fallback to buffered write if the inode requires checksum (bsc#1245067). - commit b160824 - cpufreq: Default to performance governor on servers (jsc#PED-13111). - commit 0f4c2f8 - sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (git-fixes). - commit 753d7ae - nfsd: use threads array as-is in netlink interface (git-fixes). - commit 3a8806c - Refresh patches.suse/x86-entry-Add-__init-to-ia32_emulation_override_cmdline.patch. - commit 15f587c - x86/microcode/AMD: Do not return error when microcode update is not necessary (git-fixes). - commit 0b0ecd8 - x86/virt/tdx: Avoid indirect calls to TDX assembly functions (git-fixes). - Refresh patches.suse/x86-virt-tdx-Mark-memory-cache-state-incoherent-when-making-seamcall.patch. - commit a3e640a - Revert "mm/execmem: Unify early execmem_cache behaviour" (git-fixes). - commit 99e2ca1 - x86/its: explicitly manage permissions for ITS pages (git-fixes). - commit 4d57729 - x86/Kconfig: only enable ROX cache in execmem when STRICT_MODULE_RWX is set (git-fixes). - commit d3bec4e ++++ libblockdev: - suppress privilege escalation during xfs fs resize (CVE-2025-6019) (bsc#1243285) * add 0001-dont-allow-suid-and-dev-set-on-fs-resize.patch ++++ python-urllib3: - Update to 2.5.0: * Security issues Pool managers now properly control redirects when retries is passed (CVE-2025-50181, GHSA-pq67-6m6q-mj2v, bsc#1244925) Redirects are now controlled by urllib3 in the Node.js runtime (CVE-2025-50182, GHSA-48p4-8xcf-vxj5, bsc#1244924) * Features Added support for the compression.zstd module that is new in Python 3.14. Added support for version 0.5 of hatch-vcs * Bugfixes Raised exception for HTTPResponse.shutdown on a connection already released to the pool. Fixed incorrect CONNECT statement when using an IPv6 proxy with connection_from_host. Previously would not be wrapped in []. ------------------------------------------------------------------ ------------------ 2025-6-22 - Jun 22 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - md/raid1,raid10: don't handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes). - commit 0ec5b97 - PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes). - commit 58c3f30 ++++ kernel-rt: - md/raid1,raid10: don't handle IO error for REQ_RAHEAD and REQ_NOWAIT (git-fixes). - commit 0ec5b97 - PCI/PM: Set up runtime PM even for devices without PCI PM (git-fixes). - commit 58c3f30 ------------------------------------------------------------------ ------------------ 2025-6-21 - Jun 21 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes). - commit 0071891 - ALSA: hda: Apply volume control on speaker+lineout for HP EliteStudio AIO (stable-fixes). - commit ba1a979 - ALSA: hda/realtek - Support mute led function for HP platform (stable-fixes). - commit 74fc8d1 - gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes). - gpio: pca953x: fix wrong error probe return value (git-fixes). - drm/xe: Fix memset on iomem (git-fixes). - drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes). - drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes). - drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes). - drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes). - drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes). - drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes). - drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes). - drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes). - drm/msm/disp: Correct porch timing for SDM845 (git-fixes). - ALSA: hda/realtek: Add support for Acer Helios Laptops using CS35L41 HDA (stable-fixes). - commit 26d96c5 ++++ kernel-firmware-amdgpu: - Update to version 20250620 (git commit 49c833a10ad9): * amdgpu: update renoir firmware * amdgpu: update vcn 5.0.0 firmware * amdgpu: update smu 14.0.3 firmware * amdgpu: update sdma 7.0.1 firmware * amdgpu: update psp 14.0.3 firmware * amdgpu: update gc 12.0.1 firmware * amdgpu: update navy flounder firmware * amdgpu: update psp 14.0.4 firmware * amdgpu: update gc 11.5.2 firmware * amdgpu: update sienna cichlid firmware * amdgpu: add raven2 ip discovery firmware * amdgpu: update smu 14.0.2 firmware * amdgpu: update sdma 7.0.0 firmware * amdgpu: update psp 14.0.2 firmware * amdgpu: update gc 12.0.0 firmware * amdgpu: update vcn 4.0.6 firmware * amdgpu: update psp 14.0.1 firmware * amdgpu: update gc 11.5.1 firmware * amdgpu: update psp 13.0.11 firmware * amdgpu: update gc 11.0.4 firmware * amdgpu: add picasso ip discovery firmware * amdgpu: add raven ip discovery firmware * amdgpu: update vega20 firmware * amdgpu: update vega12 firmware * amdgpu: update smu 13.0.7 firmware * amdgpu: update vcn 4.0.4 firmware * amdgpu: update psp 13.0.7 firmware * amdgpu: update gc 11.0.2 firmware * amdgpu: update navi14 firmware * amdgpu: update vega10 firmware * amdgpu: update gc 10.3.6 firmware * amdgpu: update smu 13.0.10 firmware * amdgpu: update psp 13.0.10 firmware * amdgpu: update gc 11.0.3 firmware * amdgpu: update navi12 firmware * amdgpu: update vangogh firmware * amdgpu: update navi10 firmware * amdgpu: add smu 13.0.0 kicker firmware * amdgpu: add psp 13.0.0 kicker firmware * amdgpu: add gc 11.0.0 kicker firmware * amdgpu: add vcn 5.0.1 firmware * amdgpu: add sdma 4.4.4 firmware * amdgpu: add psp 13.0.12 firmware * amdgpu: add gc 9.5.0 firmware * amdgpu: add arcturus IP discovery firmware * amdgpu: update vcn 4.0.0 firmware * amdgpu: update smu 13.0.0 firmware * amdgpu: update psp 13.0.0 firmware * amdgpu: update gc 11.0.0 firmware * amdgpu: update psp 13.0.14 firmware * amdgpu: update gc 9.4.4 firmware * amdgpu: update psp 13.0.6 firmware * amdgpu: update gc 9.4.3 firmware * amdgpu: update beige_goby firmware * amdgpu: update vcn 4.0.5 firmware * amdgpu: update gc 11.5.0 firmware * amdgpu: update vcn 4.0.2 firmware * amdgpu: update gc 11.0.1 firmware * amdgpu: update dimgrey_cavefish firmware * amdgpu: update aldebaran firmware ++++ kernel-firmware-iwlwifi: - Update aliases ++++ kernel-firmware-mediatek: - Update aliases ++++ kernel-firmware-network: - Update aliases ++++ kernel-firmware-platform: - Update aliases ++++ kernel-firmware-realtek: - Update aliases ++++ kernel-firmware-sound: - Update aliases ++++ kernel-rt: - ALSA: hda/realtek: Fix built-in mic on ASUS VivoBook X513EA (git-fixes). - commit 0071891 - ALSA: hda: Apply volume control on speaker+lineout for HP EliteStudio AIO (stable-fixes). - commit ba1a979 - ALSA: hda/realtek - Support mute led function for HP platform (stable-fixes). - commit 74fc8d1 - gpio: mlxbf3: only get IRQ for device instance 0 (git-fixes). - gpio: pca953x: fix wrong error probe return value (git-fixes). - drm/xe: Fix memset on iomem (git-fixes). - drm/etnaviv: Protect the scheduler's pending list with its lock (git-fixes). - drm/nouveau/bl: increase buffer size to avoid truncate warning (git-fixes). - drm/ssd130x: fix ssd132x_clear_screen() columns (git-fixes). - drm/amdgpu: switch job hw_fence to amdgpu_fence (git-fixes). - drm/i915/pmu: Fix build error with GCOV and AutoFDO enabled (git-fixes). - drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE (git-fixes). - drm/msm: Fix CP_RESET_CONTEXT_STATE bitfield names (git-fixes). - drm/msm/dsi/dsi_phy_10nm: Fix missing initial VCO rate (git-fixes). - drm/msm/disp: Correct porch timing for SDM845 (git-fixes). - ALSA: hda/realtek: Add support for Acer Helios Laptops using CS35L41 HDA (stable-fixes). - commit 26d96c5 ++++ python313-core: - adjusted sofilename for "nogil" build correctly. ++++ python313: - adjusted sofilename for "nogil" build correctly. ------------------------------------------------------------------ ------------------ 2025-6-20 - Jun 20 2025 ------------------- ------------------------------------------------------------------ ++++ transactional-update: - Add correct SELinux policy version dependency for SLE 16 ++++ kernel-default: - libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743, CVE-2025-38072). - commit 100db61 - mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios (CVE-2025-38050 bsc#1244751). - commit 805754b - config: enable rbd and libceph (jsc#PED-13108) - commit 793f4d9 - s390/purgatory: Use -D__DISABLE_EXPORTS (bsc#1245126). - commit 490ac3b - wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes). - commit 6b57cd2 - wifi: carl9170: do not ping device which has failed to load firmware (git-fixes). - NFC: nci: uart: Set tty->disc_data only in success path (git-fixes). - can: tcan4x5x: fix power regulator retrieval during probe (git-fixes). - hwmon: (ltc4282) avoid repeated register write (git-fixes). - hwmon: (occ) fix unaligned accesses (git-fixes). - hwmon: (occ) Rework attribute registration for stack usage (git-fixes). - hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes). - wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes). - wifi: ath11k: don't wait when there is no vdev started (git-fixes). - wifi: ath11k: don't use static variables in ath11k_debugfs_fw_stats_process() (git-fixes). - wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes). - net: wwan: mhi_wwan_mbim: use correct mux_id for multiplexing (git-fixes). - pinctrl: samsung: add gs101 specific eint suspend/resume callbacks (git-fixes). - pinctrl: samsung: add dedicated SoC eint suspend/resume callbacks (stable-fixes). - pinctrl: samsung: refactor drvdata suspend & resume callbacks (stable-fixes). - Bluetooth: ISO: Fix not using SID from adv report (stable-fixes). - wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes). - firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes). - thermal/drivers/mediatek/lvts: Remove unused lvts_debugfs_exit (git-fixes). - Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes). - wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes). - commit 9415389 - workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101). - commit 6bd2836 - Revert "rpm/config.sh: Use suse-kabi-tools (jsc#PED-12618)" This breaking build on s390x and blocking upcoming submissions: Failed to read symtypes from '.': arch/s390/lib/string.symtypes:3: Export 'strlen' is duplicate, previous occurrence found in 'arch/s390/purgatory/string.symtypes' This reverts commit a0854fc92f0d8c56e48e96980cea7efe15509265. - commit 672894a - calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes). - commit 666ce5b - net/sched: fix use-after-free in taprio_dev_notifier (git-fixes). - commit bd3ade1 - net_sched: ets: fix a race in ets_qdisc_change() (git-fixes). - commit 035ae9a - net_sched: tbf: fix a race in tbf_change() (git-fixes). - commit 4131c83 - net_sched: red: fix a race in __red_change() (git-fixes). - commit f0af35e - net_sched: prio: fix a race in prio_tune() (git-fixes). - commit 13ce5f2 - net_sched: sch_sfq: reject invalid perturb period (git-fixes). - commit dc06830 - net: Fix TOCTOU issue in sk_is_readable() (git-fixes). - commit 9d72614 - KEYS: trusted: don't fail module __init if SHA1 is unavailable (bsc#1240423 jsc#PED-12225). - commit 93f363a - pidfs: lookup pid through rbtree (jsc#PED-13113). - commit eead84f ++++ kernel-firmware-amdgpu: - Update to version 20250619 (git commit dcd2ee2f57a7): * amdgpu: update dmcub fw for dcn32 and dcn401 ++++ kernel-firmware-mediatek: - Update to version 20250619 (git commit dcd2ee2f57a7): * mediatek: Update mt8186 SCP firmware ++++ kernel-rt: - libnvdimm/labels: Fix divide error in nd_label_data_init() (bsc#1244743, CVE-2025-38072). - commit 100db61 - mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios (CVE-2025-38050 bsc#1244751). - commit 805754b - config: enable rbd and libceph (jsc#PED-13108) - commit 793f4d9 - s390/purgatory: Use -D__DISABLE_EXPORTS (bsc#1245126). - commit 490ac3b - wifi: ath12k: fix GCC_GCC_PCIE_HOT_RST definition for WCN7850 (git-fixes). - commit 6b57cd2 - wifi: carl9170: do not ping device which has failed to load firmware (git-fixes). - NFC: nci: uart: Set tty->disc_data only in success path (git-fixes). - can: tcan4x5x: fix power regulator retrieval during probe (git-fixes). - hwmon: (ltc4282) avoid repeated register write (git-fixes). - hwmon: (occ) fix unaligned accesses (git-fixes). - hwmon: (occ) Rework attribute registration for stack usage (git-fixes). - hwmon: (ftsteutates) Fix TOCTOU race in fts_read() (git-fixes). - wifi: ath11k: move some firmware stats related functions outside of debugfs (git-fixes). - wifi: ath11k: don't wait when there is no vdev started (git-fixes). - wifi: ath11k: don't use static variables in ath11k_debugfs_fw_stats_process() (git-fixes). - wifi: ath11k: avoid burning CPU in ath11k_debugfs_fw_stats_request() (git-fixes). - net: wwan: mhi_wwan_mbim: use correct mux_id for multiplexing (git-fixes). - pinctrl: samsung: add gs101 specific eint suspend/resume callbacks (git-fixes). - pinctrl: samsung: add dedicated SoC eint suspend/resume callbacks (stable-fixes). - pinctrl: samsung: refactor drvdata suspend & resume callbacks (stable-fixes). - Bluetooth: ISO: Fix not using SID from adv report (stable-fixes). - wifi: ath12k: refactor ath12k_hw_regs structure (stable-fixes). - firmware: SDEI: Allow sdei initialization without ACPI_APEI_GHES (git-fixes). - thermal/drivers/mediatek/lvts: Remove unused lvts_debugfs_exit (git-fixes). - Bluetooth: MGMT: Remove unused mgmt_pending_find_data (stable-fixes). - wifi: ath11k: convert timeouts to secs_to_jiffies() (stable-fixes). - commit 9415389 - workqueue: Initialize wq_isolated_cpumask in workqueue_init_early() (bsc#1245101). - commit 6bd2836 - Revert "rpm/config.sh: Use suse-kabi-tools (jsc#PED-12618)" This breaking build on s390x and blocking upcoming submissions: Failed to read symtypes from '.': arch/s390/lib/string.symtypes:3: Export 'strlen' is duplicate, previous occurrence found in 'arch/s390/purgatory/string.symtypes' This reverts commit a0854fc92f0d8c56e48e96980cea7efe15509265. - commit 672894a - calipso: Fix null-ptr-deref in calipso_req_{set,del}attr() (git-fixes). - commit 666ce5b - net/sched: fix use-after-free in taprio_dev_notifier (git-fixes). - commit bd3ade1 - net_sched: ets: fix a race in ets_qdisc_change() (git-fixes). - commit 035ae9a - net_sched: tbf: fix a race in tbf_change() (git-fixes). - commit 4131c83 - net_sched: red: fix a race in __red_change() (git-fixes). - commit f0af35e - net_sched: prio: fix a race in prio_tune() (git-fixes). - commit 13ce5f2 - net_sched: sch_sfq: reject invalid perturb period (git-fixes). - commit dc06830 - net: Fix TOCTOU issue in sk_is_readable() (git-fixes). - commit 9d72614 - KEYS: trusted: don't fail module __init if SHA1 is unavailable (bsc#1240423 jsc#PED-12225). - commit 93f363a - pidfs: lookup pid through rbtree (jsc#PED-13113). - commit eead84f ++++ open-vm-tools: - Update to open-vm-tools 13.0.0 based on build 24696409. (boo#1245169): There are no new features in the open-vm-tools 13.0.0 release. This is primarily a maintenance release that addresses a few issues, including: - The vm-support script has been updated to collect the open-vm-tools log files from the Linux guest and information from the systemd journal. - Github pull requests has been integrated and issues fixed. Please see the Resolved Issues section of the Release Notes. For a more complete list of issues resolved in this release, see the Resolved Issues section of the Release Notes. For complete details, see: https://github.com/vmware/open-vm-tools/releases/tag/stable-13.0.0 Release Notes are available at: https://github.com/vmware/open-vm-tools/blob/stable-13.0.0/ReleaseNotes.md The granular changes that have gone into the 13.0.0 release are in the ChangeLog at: https://github.com/vmware/open-vm-tools/blob/stable-13.0.0/open-vm-tools/ChangeLog - Add patch: 0001-GOSC-Update-Guest-OS-Customization-to-utilize-system.patch Currently the "telinit 6" command is used to reboot a Linux VM following Guest OS Customization. As the classic Linux init system, SysVinit, is deprecated in favor of a newer init system, systemd, the telinit command may not be available on the base Linux OS. This change adds support to Guest OS Customization for the systemd init system. If the modern init system, systemd, is available, then a "systemctl reboot" command will be used to trigger reboot. Otherwise, the "telinit 6" command will be used assuming the traditional init system, SysVinit, is still available. - Drop patch now contained in 13.0.0: open-vm-tools-12.5.0-gcc15.patch - Ran /usr/lib/obs/service/source_validators/helpers/fix_changelog to fix changes file where source validator was failing. ++++ qemu: - Add Live migration support for QEMU-emulated AMD IOMMU (jsc#PED-13144): * hw/i386/amd_iommu: Allow migration when explicitly create the AMDVI-PCI device (jsc#PED-PED-13144) * hw/i386/amd_iommu: Isolate AMDVI-PCI from amd-iommu device to allow full control over the PCI device creation (jsc#PED-13144) ++++ ovmf: - Enable TDVF firmware to boot TDX guest VM with Secure boot (jsc#PED-13070) - Add ovmf-x86_64-tdx-secureboot.bin - Add 60-ovmf-x86_64-tdx.json ------------------------------------------------------------------ ------------------ 2025-6-19 - Jun 19 2025 ------------------- ------------------------------------------------------------------ ++++ cockpit: - Add kdump-nfs-fixes.patch to fix bsc#1241949 ++++ kernel-default: - Update patches.suse/dlm-mask-sk_shutdown-value.patch (bsc#1241278). - Update patches.suse/dlm-use-SHUT_RDWR-for-SCTP-shutdown.patch (bsc#1241278). Original bsc number was wrong. Fix it. - commit 4a3a0a7 - selftests/ftrace: Use readelf to find entry point in uprobe test (bsc#1242836). - commit c5198f9 - selftests/ftrace: Make uprobe test more robust against binary name (bsc#1242836). - commit 97eea6a ++++ kernel-rt: - Update patches.suse/dlm-mask-sk_shutdown-value.patch (bsc#1241278). - Update patches.suse/dlm-use-SHUT_RDWR-for-SCTP-shutdown.patch (bsc#1241278). Original bsc number was wrong. Fix it. - commit 4a3a0a7 - selftests/ftrace: Use readelf to find entry point in uprobe test (bsc#1242836). - commit c5198f9 - selftests/ftrace: Make uprobe test more robust against binary name (bsc#1242836). - commit 97eea6a ++++ systemd: - Import commit 1e42ecf5a145589954df77da05937ee69619f3e5 1e42ecf5a1 firstboot: make sure labelling is enabled 3bdb2efbe0 tmpfiles: fix symlink creation when replacing 61c228d2cc firstboot: use WRITE_STRING_FILE_LABEL more f5148acf37 env-file: port write_env_file() to label_ops_pre() bbff8b5523 fs-util: replace symlink_atomic_full_label() by a flag to symlinkat_atomic_full() (bsc#1244237) 2b39393efa env-file: rework write_env_file() to make use of O_TMPFILE ------------------------------------------------------------------ ------------------ 2025-6-18 - Jun 18 2025 ------------------- ------------------------------------------------------------------ ++++ docker: - Update to docker-buildx v0.25.0. Upstream changelog: ++++ python-kiwi: - There is no shim for aarch64 on SUSE Fix integration test for standard EFI (no secure boot) setup on arm ++++ kernel-default: - rpm/config.sh: Use suse-kabi-tools (jsc#PED-12618) Fix for bsc#1245126 was merged. - rpm/config.sh: Use suse-kabi-tools (jsc#PED-12618) - commit 90af69e - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (CVE-2025-38001 bsc#1244234). - commit 031f2d0 - block: flip iter directions in blk_rq_integrity_map_user() (git-fixes). - loop: add file_start_write() and file_end_write() (git-fixes). - brd: fix discard end sector (git-fixes). - brd: fix aligned_sector from brd_do_discard() (git-fixes). - block: only update request sector if needed (git-fixes). - block: fix race between set_blocksize and read paths (git-fixes). - badblocks: Fix a nonsense WARN_ON() which checks whether a u64 variable < 0 (git-fixes). - blk-throttle: don't take carryover for prioritized processing of metadata (git-fixes). - ublk: enforce ublks_max only for unprivileged devices (git-fixes). - block: mark bounce buffering as incompatible with integrity (git-fixes). - ublk: complete command synchronously on error (git-fixes). - loop: check in LO_FLAGS_DIRECT_IO in loop_default_blocksize (git-fixes). - commit 9c6fb7f - packaging: Add support for suse-kabi-tools The current workflow to check kABI stability during the RPM build of SUSE kernels consists of the following steps: * The downstream script rpm/modversions unpacks the consolidated kABI symtypes reference data from kabi//symtypes- and creates individual symref files. * The build performs a regular kernel make. During this operation, genksyms is invoked for each source file. The tool determines type signatures of all exports within the file, reports any differences compared to the associated symref reference, calculates symbol CRCs from the signatures and writes new type data into a symtypes file. * The script rpm/modversions is invoked again, this time it packs all new symtypes files to a consolidated kABI file. * The downstream script rpm/kabi.pl checks symbol CRCs in the new build and compares them to a reference from kabi//symvers-, taking kabi/severities into account. suse-kabi-tools is a new set of tools to improve the kABI checking process. The suite includes two tools, ksymtypes and ksymvers, which replace the existing scripts rpm/modversions and rpm/kabi.pl, as well as the comparison functionality previously provided by genksyms. The tools have their own source repository and package. The tools provide faster operation and more detailed, unified output. In addition, they allow the use of the new upstream tool gendwarfksyms, which lacks any built-in comparison functionality. The updated workflow is as follows: * The build performs a regular kernel make. During this operation, genksyms (gendwarfksyms) is invoked as usual, determinining signatures and CRCs of all exports and writing the type data to symtypes files. However, genksyms no longer performs any comparison. * 'ksymtypes consolidate' packs all new symtypes files to a consolidated kABI file. * 'ksymvers compare' checks symbol CRCs in the new build and compares them to a reference from kabi//symvers-, taking kabi/severities into account. The tool writes its result in a human-readable form on standard output and also writes a list of all changed exports (not ignored by kabi/severities) to the changed-exports file. * 'ksymtypes compare' takes the changed-exports file, the consolidated kABI symtypes reference data from kabi//symtypes- and the new consolidated data. Based on this data, it produces a detailed report explaining why the symbols changed. The patch enables the use of suse-kabi-tools via rpm/config.sh, providing explicit control to each branch. To enable the support, set USE_SUSE_KABI_TOOLS=Yes in the config file. - commit a2c6f89 - platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes). - platform/x86: dell_rbu: Fix list usage (git-fixes). - platform/x86/amd: pmf: Prevent amd_pmf_tee_deinit() from running twice (git-fixes). - platform/x86/amd: pmf: Use device managed allocations (git-fixes). - platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes). - platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes). - platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes). - commit 89154c9 ++++ kernel-rt: - rpm/config.sh: Use suse-kabi-tools (jsc#PED-12618) Fix for bsc#1245126 was merged. - rpm/config.sh: Use suse-kabi-tools (jsc#PED-12618) - commit 90af69e - net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (CVE-2025-38001 bsc#1244234). - commit 031f2d0 - block: flip iter directions in blk_rq_integrity_map_user() (git-fixes). - loop: add file_start_write() and file_end_write() (git-fixes). - brd: fix discard end sector (git-fixes). - brd: fix aligned_sector from brd_do_discard() (git-fixes). - block: only update request sector if needed (git-fixes). - block: fix race between set_blocksize and read paths (git-fixes). - badblocks: Fix a nonsense WARN_ON() which checks whether a u64 variable < 0 (git-fixes). - blk-throttle: don't take carryover for prioritized processing of metadata (git-fixes). - ublk: enforce ublks_max only for unprivileged devices (git-fixes). - block: mark bounce buffering as incompatible with integrity (git-fixes). - ublk: complete command synchronously on error (git-fixes). - loop: check in LO_FLAGS_DIRECT_IO in loop_default_blocksize (git-fixes). - commit 9c6fb7f - packaging: Add support for suse-kabi-tools The current workflow to check kABI stability during the RPM build of SUSE kernels consists of the following steps: * The downstream script rpm/modversions unpacks the consolidated kABI symtypes reference data from kabi//symtypes- and creates individual symref files. * The build performs a regular kernel make. During this operation, genksyms is invoked for each source file. The tool determines type signatures of all exports within the file, reports any differences compared to the associated symref reference, calculates symbol CRCs from the signatures and writes new type data into a symtypes file. * The script rpm/modversions is invoked again, this time it packs all new symtypes files to a consolidated kABI file. * The downstream script rpm/kabi.pl checks symbol CRCs in the new build and compares them to a reference from kabi//symvers-, taking kabi/severities into account. suse-kabi-tools is a new set of tools to improve the kABI checking process. The suite includes two tools, ksymtypes and ksymvers, which replace the existing scripts rpm/modversions and rpm/kabi.pl, as well as the comparison functionality previously provided by genksyms. The tools have their own source repository and package. The tools provide faster operation and more detailed, unified output. In addition, they allow the use of the new upstream tool gendwarfksyms, which lacks any built-in comparison functionality. The updated workflow is as follows: * The build performs a regular kernel make. During this operation, genksyms (gendwarfksyms) is invoked as usual, determinining signatures and CRCs of all exports and writing the type data to symtypes files. However, genksyms no longer performs any comparison. * 'ksymtypes consolidate' packs all new symtypes files to a consolidated kABI file. * 'ksymvers compare' checks symbol CRCs in the new build and compares them to a reference from kabi//symvers-, taking kabi/severities into account. The tool writes its result in a human-readable form on standard output and also writes a list of all changed exports (not ignored by kabi/severities) to the changed-exports file. * 'ksymtypes compare' takes the changed-exports file, the consolidated kABI symtypes reference data from kabi//symtypes- and the new consolidated data. Based on this data, it produces a detailed report explaining why the symbols changed. The patch enables the use of suse-kabi-tools via rpm/config.sh, providing explicit control to each branch. To enable the support, set USE_SUSE_KABI_TOOLS=Yes in the config file. - commit a2c6f89 - platform/x86: dell_rbu: Stop overwriting data buffer (git-fixes). - platform/x86: dell_rbu: Fix list usage (git-fixes). - platform/x86/amd: pmf: Prevent amd_pmf_tee_deinit() from running twice (git-fixes). - platform/x86/amd: pmf: Use device managed allocations (git-fixes). - platform/x86/amd: pmc: Clear metrics table at start of cycle (git-fixes). - platform/x86/intel-uncore-freq: Fail module load when plat_info is NULL (git-fixes). - platform/x86: ideapad-laptop: use usleep_range() for EC polling (git-fixes). - commit 89154c9 ++++ ceph: - Added cephadm-fix-get_cluster_count_when_data_dir_is_missing.patch - Add ceph-rocksdb-gcc15.patch ++++ libsoup: - Add libsoup-CVE-2025-4945.patch: add value checks for date/time parsing (boo#1243314 CVE-2025-4945). ++++ libzypp: - Enhancements regarding mirror handling during repo refresh. Added means to disable the use of mirrors when downloading security relevant files. Requires updaing zypper to 1.14.91. - Fix autotestcase writer if ZYPP_FULLLOG=1 (bsc#1244042) If ZYPP_FULLLOG=1 a solver testcase to "/var/log/YaST2/autoTestcase" should be written for each solver run. There was no testcase written for the very first solver run. This is now fixed. - Pass $1==2 to %posttrans script if it's an update (bsc#1243279) - version 17.37.6 (35) ++++ pam: - hardcode disabling elogind, meson detection is unreliable in OBS - Update to version 1.7.1 - pam_access: do not resolve ttys or display variables as hostnames. - pam_access: added "nodns" option to disallow resolving of tokens as hostnames (CVE-2024-10963). - pam_limits: added support for rttime (RLIMIT_RTTIME). - pam_namespace: fixed potential privilege escalation (CVE-2025-6020). - meson: added support of elogind as a logind provider. - Multiple minor bug fixes, build fixes, portability fixes, documentation improvements, and translation updates. - pam_access-rework-resolving-of-tokens-as-hostname.patch got obsoleted ++++ pam-config: - Update to version 2.12+git.20250516: * Don't add pam_env twice ++++ pam-full-src: - hardcode disabling elogind, meson detection is unreliable in OBS - Update to version 1.7.1 - pam_access: do not resolve ttys or display variables as hostnames. - pam_access: added "nodns" option to disallow resolving of tokens as hostnames (CVE-2024-10963). - pam_limits: added support for rttime (RLIMIT_RTTIME). - pam_namespace: fixed potential privilege escalation (CVE-2025-6020). - meson: added support of elogind as a logind provider. - Multiple minor bug fixes, build fixes, portability fixes, documentation improvements, and translation updates. - pam_access-rework-resolving-of-tokens-as-hostname.patch got obsoleted ++++ virt-manager: - bsc#1244685 - Could not find an installable distribution with virt-install command virtinst-add-sle16-detection-support.patch ++++ zypper: - BuildRequires: libzypp-devel >= 17.37.6. Enhancements regarding mirror handling during repo refresh. Adapt to libzypp API changes. (bsc#1230267) - version 1.14.91 ------------------------------------------------------------------ ------------------ 2025-6-17 - Jun 17 2025 ------------------- ------------------------------------------------------------------ ++++ afterburn: - Fix Requires in noarch package to not be arch specific (bsc#1244675) ++++ drbd-utils: - merge upstream patch to fix build error * add patch + DRBDmon-Add-missing-default_types.h-include-in-strin.patch - Fix SELinux equivalency rules in module (bsc#1242915) * add patch + 0001-Fix-selinux-policy-for-usr-bin-equivalency-rules.patch + 0002-Fix-selinux-module-for-run-lock-equivalency-rules.patch + 0003-Fix-selinux-module-for-run-equivalency-rules.patch ++++ git: - update to 2.50.0 https://about.gitlab.com/blog/what-s-new-in-git-2-50-0/ https://raw.githubusercontent.com/git/git/refs/tags/v2.50.0/Documentation/RelNotes/2.50.0.adoc ++++ glibc: - ppc64le-revert-power10-strcmp.patch: Revert optimized POWER10 strcmp, strncmp implementations (CVE-2025-5745, CVE-2025-5702, bsc#1244184, bsc#1244182, BZ #33060, BZ #33056) - ppc64le-revert-power10-memcmp.patch: Revert optimized POWER10 memcmp implementation (BZ #33059) ++++ gpg2: - Don't install expired sks certificate [bsc#1243069] * Add patch gnupg-dirmngr-Don-t-install-expired-sks-certificate.patch ++++ kernel-default: - loop: factor out a loop_assign_backing_file helper (git-fixes). - Refresh patches.suse/loop-Add-sanity-check-for-read-write_iter.patch. - commit 6b2b09e - platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes). - commit a5ad60f - iommu: Clear iommu-dma ops on cleanup (CVE-2025-37877 bsc#1243058). - commit 5ecb9e1 - kernel-source: Remove log.sh from sources - commit 96bd779 - powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199). - commit e772925 ++++ kernel-firmware-amdgpu: - Update to version 20250616 (git commit 1d98972a5635): * amdgpu: Update DMCUB fw for DCN401 & DCN315 ++++ kernel-firmware-qcom: - Update to version 20250616 (git commit 1d98972a5635): * qcom: add gpu firmwares for X1P42100 chipset ++++ kernel-rt: - loop: factor out a loop_assign_backing_file helper (git-fixes). - Refresh patches.suse/loop-Add-sanity-check-for-read-write_iter.patch. - commit 6b2b09e - platform/x86/amd/hsmp: mark hsmp_msg_desc_table as maybe_unused (git-fixes). - commit a5ad60f - iommu: Clear iommu-dma ops on cleanup (CVE-2025-37877 bsc#1243058). - commit 5ecb9e1 - kernel-source: Remove log.sh from sources - commit 96bd779 - powerpc/eeh: Fix missing PE bridge reconfiguration during VFIO EEH recovery (bsc#1215199). - commit e772925 ++++ vim: - Fix bsc#1228776 / CVE-2024-41965. - Fix bsc#1239602 / CVE-2025-29768. - Refresh patch: vim-7.3-sh_is_bash.patch - Update to 9.1.1406: 9.1.1406: crash when importing invalid tuple 9.1.1405: tests: no test for mapping with special keys in session file 9.1.1404: wrong link to Chapter 2 in new-tutor 9.1.1403: expansion of 'tabpanelopt' value adds wrong values 9.1.1402: multi-byte mappings not properly stored in session file 9.1.1401: list not materialized in prop_list() 9.1.1400: [security]: use-after-free when evaluating tuple fails 9.1.1399: tests: test_codestyle fails for auto-generated files 9.1.1398: completion: trunc does not follow Pmenu highlighting attributes 9.1.1397: tabpanel not correctly updated on :tabonly 9.1.1396: 'errorformat' is a global option 9.1.1395: search_stat not reset when pattern differs in case 9.1.1394: tabpanel not correctly redrawn on tabonly 9.1.1393: missing test for switching buffers and reusing curbuf 9.1.1392: missing patch number 9.1.1391: Vim does not have a vertical tabpanel 9.1.1390: style: more wrong indentation 9.1.1389: completion: still some issue when 'isexpand' contains a space 9.1.1388: Scrolling one line too far with 'nosmoothscroll' page scrolling 9.1.1387: memory leak when buflist_new() fails to reuse curbuf 9.1.1386: MS-Windows: some minor problems building on AARCH64 9.1.1385: inefficient loop for 'nosmoothscroll' scrolling 9.1.1384: still some problem with the new tutors filetype plugin 9.1.1383: completion: 'isexpand' option does not handle space char correct 9.1.1382: if_ruby: unused compiler warnings from ruby internals 9.1.1381: completion: cannot return to original text 9.1.1380: 'eventignorewin' only checked for current buffer 9.1.1379: MS-Windows: error when running evim when space in path 9.1.1378: sign without text overwrites number option 9.1.1377: patch v9.1.1370 causes some GTK warning messages 9.1.1376: quickfix dummy buffer may remain as dummy buffer 9.1.1375: [security]: possible heap UAF with quickfix dummy buffer 9.1.1374: completion: 'smartcase' not respected when filtering matches 9.1.1373: 'completeopt' checking logic can be simplified 9.1.1372: style: braces issues in various files 9.1.1371: style: indentation and brace issues in insexpand.c 9.1.1370: CI Tests favor GTK2 over GTK3 9.1.1369: configure still using autoconf 2.71 9.1.1368: GTK3 and GTK4 will drop numeric cursor support. 9.1.1367: too many strlen() calls in gui.c 9.1.1366: v9.1.1364 unintentionally changed sign.c and sound.c 9.1.1365: MS-Windows: compile warnings and too many strlen() calls 9.1.1364: style: more indentation issues 9.1.1363: style: inconsistent indentation in various files 9.1.1362: Vim9: type ignored when adding tuple to instance list var 9.1.1361: [security]: possible use-after-free when closing a buffer 9.1.1360: filetype: GNU Radio companion files are not recognized 9.1.1359: filetype: GNU Radio config files are not recognized 9.1.1358: if_lua: compile warnings with gcc15 9.1.1357: Vim incorrectly escapes tags with "[" in a help buffer 9.1.1356: Vim9: crash when unletting variable 9.1.1355: The pum_redraw() function is too complex 9.1.1354: tests: Test_terminalwinscroll_topline() fails on Windows 9.1.1353: missing change from v9.1.1350 9.1.1352: style: inconsistent indent in insexpand.c 9.1.1351: Return value of getcmdline() inconsistent in CmdlineLeavePre 9.1.1350: tests: typo in Test_CmdlineLeavePre_cabbr() 9.1.1349: CmdlineLeavePre may trigger twice 9.1.1348: still E315 with the terminal feature 9.1.1347: small problems with gui_w32.c 9.1.1346: missing out-of-memory check in textformat.c 9.1.1345: tests: Test_xxd_color2() test failure dump diff is misleading 9.1.1344: double free in f_complete_match() (after v9.1.1341) 9.1.1343: filetype: IPython files are not recognized 9.1.1342: Shebang filetype detection can be improved 9.1.1341: cannot define completion triggers 9.1.1340: cannot complete :filetype arguments 9.1.1339: missing out-of-memory checks for enc_to_utf16()/utf16_to_enc() 9.1.1338: Calling expand() interferes with cmdcomplete_info() 9.1.1337: Undo corrupted with 'completeopt' "preinsert" when switching buffer 9.1.1336: comment plugin does not support case-insensitive 'commentstring' 9.1.1335: Coverity complains about Null pointer dereferences 9.1.1334: Coverity complains about unchecked return value 9.1.1333: Coverity: complains about unutilized variable 9.1.1332: Vim9: segfault when using super within a lambda 9.1.1331: Leaking memory with cmdcomplete() ------------------------------------------------------------------ ------------------ 2025-6-16 - Jun 16 2025 ------------------- ------------------------------------------------------------------ ++++ cifs-utils: - Update cifs-utils to 7.4 * mount.cifs: retry mount on -EINPROGRESS * cifs.upcall: correctly treat UPTARGET_UNSPECIFIED as UPTARGET_APP * cifs.upcall: fix memory leaks in check_service_ticket_exits() * cifs-utils: bump version to 7.4 * getcifsacl, setcifsacl: use for basename * cifscreds: use for basename ++++ cockpit: - Update to 340 * Detect multiple mount points when creating btrfs subvolumes * Disk Self-Test error warnings on the overview page * Prevent modifying partitions in unsupported places * Bug fixes and translation updates ++++ cockpit-machines: - Update to 333 * Bug fixes * The "shareable" attribute of disks is no longer modified by Cockpit * Virtual network interfaces can now select source mode ++++ cockpit-podman: - Update to 107 * Bug fixes * Translation updates ++++ python-kiwi: - Add driver configuration support for dracut initrd Add driver configuration support for dracut initrd Add support for specifying kernel drivers to be included or omitted in the dracut initrd configuration. This extends the existing dracut configuration capabilities like in the following example ++++ kernel-default: - block/bdev: enable large folio support for large logical block sizes (git-fixes). - commit 03e169f - x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094). - commit 718f7f2 - x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094). - commit 8b0488f - x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094). - commit fdceb0c - ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650). - Refresh patches.suse/0008-ima-track-the-set-of-PCRs-ever-extended.patch. - commit 87b6eff - wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998). - wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998). - commit 7530032 - wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol 'ret' (bsc#1240998). - commit f7be9d8 - wifi: ath12k: Fix for out-of bound access error (bsc#1240998 CVE-2024-58015 bsc#1238995). - blacklist.conf: - commit 3c5bf1f - wifi: ath12k: fix key cache handling (bsc#1240998). - commit dcb3d62 - wifi: ath12k: convert tasklet to BH workqueue for CE interrupts (bsc#1240998). - wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998). - wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998). - wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998). - wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998). - wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998). - wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998). - wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998). - wifi: ath12k: remove unused variable monitor_present (bsc#1240998). - commit 8ed2a0a - wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998). - Refresh patches.suse/wifi-ath12k-fix-read-pointer-after-free-in-ath12k_ma.patch. - commit 66e4cb1 - wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998). - wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998). - wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998). - wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998). - wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998). - wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998). - wifi: ath12k: prepare vif config caching for MLO (bsc#1240998). - wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998). - wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998). - commit e2a68c7 - wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998). - Refresh patches.suse/wifi-ath12k-Handle-error-cases-during-extended-skb-a.patch. - Refresh patches.suse/wifi-ath12k-fix-tx-power-max-reg-power-update-to-fir.patch. - commit be086ca - wifi: ath12k: Add firmware coredump collection support (bsc#1240998). - Update config files. - commit 13fc60a - wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998). - wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998). - wifi: ath12k: Support DMAC Reset Stats (bsc#1240998). - wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998). - wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998). - wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998). - commit 4d42f04 - wifi: ath12k: switch to using wiphy_lock() and remove ar->conf_mutex (bsc#1240998). - Refresh patches.suse/wifi-ath12k-fix-node-corruption-in-ar-arvifs-list.patch. - Refresh patches.suse/wifi-ath12k-fix-read-pointer-after-free-in-ath12k_ma.patch. - commit 728526a - wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998). - commit 91ddf3a - wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998). - wifi: ath12k: Support pdev CCA Stats (bsc#1240998). - wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998). - wifi: ath12k: Support Ring and SFM stats (bsc#1240998). - wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998). - wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998). - wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998). - wifi: ath12k: make read-only array svc_id static const (bsc#1240998). - commit 3509024 - x86/bugs: Restructure ITS mitigation (git-fixes). - commit 085abef - x86/bugs: Fix spectre_v2 mitigation default on Intel (git-fixes). - commit f344e75 - KVM: SVM: Set/clear SRSO's BP_SPEC_REDUCE on 0 <=> 1 VM count transitions (git-fixes). - commit b648f1d - platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094). - commit dc03ed2 - platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094). - commit d63496c - platform/x86/amd/hsmp: Report power via hwmon sensors (jsc#PED-13094). - commit 357c2f9 - platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all usmp modules (jsc#PED-13094). - commit 60b1624 - platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094). - Refresh patches.suse/x86-platform-amd-Move-the-asm-amd_hsmp.h-header-to-asm-amd.patch. - commit 02efe4c - x86/platform/amd: Move the header to (jsc#PED-13094). - commit cd8f689 - x86/amd_node, platform/x86/amd/hsmp: Have HSMP use SMN through AMD_NODE (jsc#PED-13094). - commit 84c6aed - x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094). - commit 7a96278 - x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094). - commit 4c71e32 - x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094). - commit e227b52 - x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094). - commit 4ab060a - x86/amd_nb: Simplify function 3 search (jsc#PED-13094). - commit 995c30f - x86/amd_nb: Use topology info to get AMD node count (jsc#PED-13094). - commit 92a3127 - x86/amd_nb: Simplify root device search (jsc#PED-13094). - commit 99743f8 - x86/amd_nb: Simplify function 4 search (jsc#PED-13094). - commit 969836a - x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094). - commit dedae8e - x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094). - commit 3e7ae58 - x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094). - commit 4581815 - x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094). - commit 5e367df - platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094). - commit 80da452 - platform/x86/amd/hsmp: Constify 'struct bin_attribute' (jsc#PED-13094). - commit ed01393 - Refresh patches.suse/drm-panel-simple-Update-timings-for-AUO-G101EVN010.patch. - Refresh patches.suse/drm-xe-Fix-and-re-enable-xe_print_blob_ascii85.patch. - commit 7527c99 - platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094). - commit 98c4882 - platform/x86/amd/hsmp: Change the error type (jsc#PED-13094). - commit a450822 - platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094). - commit 2c1e1e0 - platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094). - commit 25dfaea ++++ kernel-rt: - block/bdev: enable large folio support for large logical block sizes (git-fixes). - commit 03e169f - x86/amd_node: Add support for debugfs access to SMN registers (jsc#PED-13094). - commit 718f7f2 - x86/amd_node: Add SMN offsets to exclusive region access (jsc#PED-13094). - commit 8b0488f - x86/amd_node: Use defines for SMN register offsets (jsc#PED-13094). - commit fdceb0c - ima: Suspend PCR extends and log appends when rebooting (bsc#1210025 ltc#196650). - Refresh patches.suse/0008-ima-track-the-set-of-PCRs-ever-extended.patch. - commit 87b6eff - wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash (bsc#1240998). - wifi: ath12k: Resolve multicast packet drop by populating key_cipher in ath12k_install_key() (bsc#1240998). - commit 7530032 - wifi: ath12k: ath12k_mac_op_set_key(): fix uninitialized symbol 'ret' (bsc#1240998). - commit f7be9d8 - wifi: ath12k: Fix for out-of bound access error (bsc#1240998 CVE-2024-58015 bsc#1238995). - blacklist.conf: - commit 3c5bf1f - wifi: ath12k: fix key cache handling (bsc#1240998). - commit dcb3d62 - wifi: ath12k: convert tasklet to BH workqueue for CE interrupts (bsc#1240998). - wifi: ath12k: fix A-MSDU indication in monitor mode (bsc#1240998). - wifi: ath12k: use tail MSDU to get MSDU information (bsc#1240998). - wifi: ath12k: delete NSS and TX power setting for monitor vdev (bsc#1240998). - wifi: ath12k: fix struct hal_rx_mpdu_start (bsc#1240998). - wifi: ath12k: fix struct hal_rx_phyrx_rssi_legacy_info (bsc#1240998). - wifi: ath12k: fix struct hal_rx_ppdu_start (bsc#1240998). - wifi: ath12k: fix struct hal_rx_ppdu_end_user_stats (bsc#1240998). - wifi: ath12k: remove unused variable monitor_present (bsc#1240998). - commit 8ed2a0a - wifi: ath12k: modify link arvif creation and removal for MLO (bsc#1240998). - Refresh patches.suse/wifi-ath12k-fix-read-pointer-after-free-in-ath12k_ma.patch. - commit 66e4cb1 - wifi: ath12k: update ath12k_mac_op_update_vif_offload() for MLO (bsc#1240998). - wifi: ath12k: update ath12k_mac_op_conf_tx() for MLO (bsc#1240998). - wifi: ath12k: modify ath12k_mac_op_set_key() for MLO (bsc#1240998). - wifi: ath12k: modify ath12k_mac_op_bss_info_changed() for MLO (bsc#1240998). - wifi: ath12k: modify ath12k_get_arvif_iter() for MLO (bsc#1240998). - wifi: ath12k: modify ath12k_mac_vif_chan() for MLO (bsc#1240998). - wifi: ath12k: prepare vif config caching for MLO (bsc#1240998). - wifi: ath12k: prepare sta data structure for MLO handling (bsc#1240998). - wifi: ath12k: pass ath12k_link_vif instead of vif/ahvif (bsc#1240998). - commit e2a68c7 - wifi: ath12k: prepare vif data structure for MLO handling (bsc#1240998). - Refresh patches.suse/wifi-ath12k-Handle-error-cases-during-extended-skb-a.patch. - Refresh patches.suse/wifi-ath12k-fix-tx-power-max-reg-power-update-to-fir.patch. - commit be086ca - wifi: ath12k: Add firmware coredump collection support (bsc#1240998). - Update config files. - commit 13fc60a - wifi: ath12k: Support BE OFDMA Pdev Rate Stats (bsc#1240998). - wifi: ath12k: Support Pdev Scheduled Algorithm Stats (bsc#1240998). - wifi: ath12k: Support DMAC Reset Stats (bsc#1240998). - wifi: ath12k: add missing lockdep_assert_wiphy() for ath12k_mac_op_ functions (bsc#1240998). - wifi: ath12k: ath12k_mac_op_sta_state(): clean up update_wk cancellation (bsc#1240998). - wifi: ath12k: ath12k_mac_set_key(): remove exit label (bsc#1240998). - commit 4d42f04 - wifi: ath12k: switch to using wiphy_lock() and remove ar->conf_mutex (bsc#1240998). - Refresh patches.suse/wifi-ath12k-fix-node-corruption-in-ar-arvifs-list.patch. - Refresh patches.suse/wifi-ath12k-fix-read-pointer-after-free-in-ath12k_ma.patch. - commit 728526a - wifi: ath12k: convert struct ath12k_sta::update_wk to use struct wiphy_work (bsc#1240998). - commit 91ddf3a - wifi: ath12k: Support Pdev OBSS Stats (bsc#1240998). - wifi: ath12k: Support pdev CCA Stats (bsc#1240998). - wifi: ath12k: Support pdev Transmit Multi-user stats (bsc#1240998). - wifi: ath12k: Support Ring and SFM stats (bsc#1240998). - wifi: ath12k: Support Self-Generated Transmit stats (bsc#1240998). - wifi: ath12k: Modify print_array_to_buf() to support arrays with 1-based semantics (bsc#1240998). - wifi: ath12k: move txbaddr/rxbaddr into struct ath12k_dp (bsc#1240998). - wifi: ath12k: make read-only array svc_id static const (bsc#1240998). - commit 3509024 - x86/bugs: Restructure ITS mitigation (git-fixes). - commit 085abef - x86/bugs: Fix spectre_v2 mitigation default on Intel (git-fixes). - commit f344e75 - KVM: SVM: Set/clear SRSO's BP_SPEC_REDUCE on 0 <=> 1 VM count transitions (git-fixes). - commit b648f1d - platform/x86/amd/hsmp: fix building with CONFIG_HWMON=m (jsc#PED-13094). - commit dc03ed2 - platform/x86/amd/hsmp: acpi: Add sysfs files to display HSMP telemetry (jsc#PED-13094). - commit d63496c - platform/x86/amd/hsmp: Report power via hwmon sensors (jsc#PED-13094). - commit 357c2f9 - platform/x86/amd/hsmp: Use a single DRIVER_VERSION for all usmp modules (jsc#PED-13094). - commit 60b1624 - platform/x86/amd/hsmp: Make amd_hsmp and hsmp_acpi as mutually exclusive drivers (jsc#PED-13094). - Refresh patches.suse/x86-platform-amd-Move-the-asm-amd_hsmp.h-header-to-asm-amd.patch. - commit 02efe4c - x86/platform/amd: Move the header to (jsc#PED-13094). - commit cd8f689 - x86/amd_node, platform/x86/amd/hsmp: Have HSMP use SMN through AMD_NODE (jsc#PED-13094). - commit 84c6aed - x86/amd_node: Remove dependency on AMD_NB (jsc#PED-13094). - commit 7a96278 - x86/amd_node: Update __amd_smn_rw() error paths (jsc#PED-13094). - commit 4c71e32 - x86/amd_nb: Move SMN access code to a new amd_node driver (jsc#PED-13094). - commit e227b52 - x86/amd_nb, hwmon: (k10temp): Simplify amd_pci_dev_to_node_id() (jsc#PED-13094). - commit 4ab060a - x86/amd_nb: Simplify function 3 search (jsc#PED-13094). - commit 995c30f - x86/amd_nb: Use topology info to get AMD node count (jsc#PED-13094). - commit 92a3127 - x86/amd_nb: Simplify root device search (jsc#PED-13094). - commit 99743f8 - x86/amd_nb: Simplify function 4 search (jsc#PED-13094). - commit 969836a - x86: Start moving AMD node functionality out of AMD_NB (jsc#PED-13094). - commit dedae8e - x86/amd_nb: Clean up early_is_amd_nb() (jsc#PED-13094). - commit 3e7ae58 - x86/amd_nb: Restrict init function to AMD-based systems (jsc#PED-13094). - commit 4581815 - x86/mce/amd: Remove shared threshold bank plumbing (jsc#PED-13094). - commit 5e367df - platform/x86: amd: Use *-y instead of *-objs in Makefiles (jsc#PED-13094). - commit 80da452 - platform/x86/amd/hsmp: Constify 'struct bin_attribute' (jsc#PED-13094). - commit ed01393 - Refresh patches.suse/drm-panel-simple-Update-timings-for-AUO-G101EVN010.patch. - Refresh patches.suse/drm-xe-Fix-and-re-enable-xe_print_blob_ascii85.patch. - commit 7527c99 - platform/x86/amd/hsmp: Add support for HSMP protocol version 7 messages (jsc#PED-13094). - commit 98c4882 - platform/x86/amd/hsmp: Change the error type (jsc#PED-13094). - commit a450822 - platform/x86/amd/hsmp: Add new error code and error logs (jsc#PED-13094). - commit 2c1e1e0 - platform/x86/amd/hsmp: Make hsmp_pdev static instead of global (jsc#PED-13094). - commit 25dfaea ++++ ovmf: - Add the patch from edk2-stable202505 (bsc#1243199) - ovmf-OvmfPkg-CcExitLib-Use-the-proper-register-when-filte.patch 856bdc8eec0f OvmfPkg/CcExitLib: Use the proper register when filtering MSRs ------------------------------------------------------------------ ------------------ 2025-6-15 - Jun 15 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-firmware-bluetooth: - Update to version 20250613 (git commit 12fe085fa409): * QCA: Update WCN785x btusb firmware to 2.0.0-00799-5 ++++ kernel-firmware-mediatek: - Update to version 20250613 (git commit 12fe085fa409): * linux-firmware: update firmware for MT7986 * linux-firmware: update firmware for MT7981 * linux-firmware: update firmware for MT7916 ++++ kernel-firmware-qcom: - Update to version 20250613 (git commit 12fe085fa409): * qcom: sc8280xp: Updated power FW for X13s ++++ kernel-firmware-realtek: - Update to version 20250613 (git commit 12fe085fa409): * rtl_nic: update firmware of RTL8153A ++++ kernel-firmware-sound: - Update to version 20250613 (git commit 12fe085fa409): * cirrus: cs35l41: Add Firmware for ASUS NUC using CS35L41 ++++ nvidia-open-driver-G06-signed: - update non-CUDA variant to 570.169 (boo#1244614) ------------------------------------------------------------------ ------------------ 2025-6-14 - Jun 14 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - udmabuf: use sgtable-based scatterlist wrappers (git-fixes). - drm/meson: fix more rounding issues with 59.94Hz modes (git-fixes). - drm/meson: use vclk_freq instead of pixel_freq in debug print (git-fixes). - drm/meson: fix debug log statement when setting the HDMI clocks (git-fixes). - ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes). - spi: omap2-mcspi: Disable multi-mode when the previous message kept CS asserted (git-fixes). - spi: omap2-mcspi: Disable multi mode when CS should be kept asserted after message (git-fixes). - regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes). - commit 8d2d704 - config: arm64: default: enable mtu3 dual-role support for MediaTek platforms (bsc#1245206) MediaTek MTU3 dual-role switch with USB TYPE-C support is ready for most of the platforms since kernel 6.14. Hence to update the following default settings in arm64 default config. - disable CONFIG_USB_MTU3_HOST - enable CONFIG_USB_MTU3_DUAL_ROLE - commit 232c82c ++++ kernel-rt: - udmabuf: use sgtable-based scatterlist wrappers (git-fixes). - drm/meson: fix more rounding issues with 59.94Hz modes (git-fixes). - drm/meson: use vclk_freq instead of pixel_freq in debug print (git-fixes). - drm/meson: fix debug log statement when setting the HDMI clocks (git-fixes). - ACPI: CPPC: Fix NULL pointer dereference when nosmp is used (git-fixes). - spi: omap2-mcspi: Disable multi-mode when the previous message kept CS asserted (git-fixes). - spi: omap2-mcspi: Disable multi mode when CS should be kept asserted after message (git-fixes). - regulator: max20086: Fix refcount leak in max20086_parse_regulators_dt() (git-fixes). - commit 8d2d704 - config: arm64: default: enable mtu3 dual-role support for MediaTek platforms (bsc#1245206) MediaTek MTU3 dual-role switch with USB TYPE-C support is ready for most of the platforms since kernel 6.14. Hence to update the following default settings in arm64 default config. - disable CONFIG_USB_MTU3_HOST - enable CONFIG_USB_MTU3_DUAL_ROLE - commit 232c82c ------------------------------------------------------------------ ------------------ 2025-6-13 - Jun 13 2025 ------------------- ------------------------------------------------------------------ ++++ git: - Refresh gitk SHA256 patch and add SHA256 support to git-gui (bsc#1239989): 0001-gitk-Add-support-of-SHA256-repo.patch 0002-git-gui-Add-support-of-SHA256-repo.patch The previous patches are dropped: 0001-gitk-Add-a-basic-support-of-SHA256-repositories-into.patch 0002-gitk-Add-auto-select-length-preference-for-SHA256.patch ++++ glib2: - Update to version 2.84.3: + Bug fixed: gstring: Fix overflow check when expanding the string (CVE-2025-6052, boo#1244596). ++++ kernel-default: - Revert "openvswitch: switch to per-action label counting in conntrack" (CVE-2025-21958 bsc#1240758). - commit 99845fa - fgraph: Still initialize idle shadow stacks when starting (git-fixes). - commit bbb8b6d - platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094). - commit 0d0227e - tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes). - commit 1e81e5c - platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094). - commit 43e9d2b - platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094). - Update config files. - commit 1820255 - mm/damon: fix order of arguments in damos_before_apply tracepoint (git-fixes). - commit 573e8fc - platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094). - commit e81369a - platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094). - commit 4d8807d - platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094). - commit a6d1274 - platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094). - commit 226e6d8 - platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094). - commit cfa6b2b - platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094). - commit 7b2aa8b - tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes). - commit b955896 - platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094). - Refresh patches.suse/sysfs-treewide-constify-attribute-callback-of-bin_is.patch. - commit fb1429d - tracing: Fix function name for trampoline (git-fixes). - commit db0dd06 - tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes). - commit 58aed75 - trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes). - commit 4902f47 - x86/bugs: Restructure SRSO mitigation (git-fixes). - commit b308adf - x86/bugs: KVM: Add support for SRSO_MSR_FIX (git-fixes). - commit d3911cf - x86/bugs: Restructure L1TF mitigation (git-fixes). - Refresh patches.suse/x86-sme-Use-percpu-boolean-to-control-wbinvd-during-kexec.patch. - commit 1d465a8 - x86/bugs: Restructure SSB mitigation (git-fixes). - commit 4fad51e - x86/bugs: Restructure spectre_v2 mitigation (git-fixes). - commit 811ec5d - x86/bugs: Restructure BHI mitigation (git-fixes). - commit 185e70f - x86/bugs: Restructure spectre_v2_user mitigation (git-fixes). - commit 7ec3712 - x86/bugs: Remove X86_FEATURE_USE_IBPB (git-fixes). - commit fa88ebe - KVM: nVMX: Always use IBPB to properly virtualize IBRS (git-fixes). - blacklist.conf: Removed the patch - commit 557f9fb - x86/bugs: Use a static branch to guard IBPB on vCPU switch (git-fixes). - commit e724e81 - x86/bugs: Remove the X86_FEATURE_USE_IBPB check in ib_prctl_set() (git-fixes). - commit 42db235 - x86/mm: Remove X86_FEATURE_USE_IBPB checks in cond_mitigation() (git-fixes). - commit 4022f33 - x86/bugs: Move the X86_FEATURE_USE_IBPB check into callers (git-fixes). - Refresh patches.suse/x86-bugs-Fix-RSB-clearing-in-indirect_branch_prediction_ba.patch. - commit 68a66c6 - x86/bugs: Use the cpu_smt_possible() helper instead of open-coded code (git-fixes). - commit a3f48f2 - x86/bugs: Restructure retbleed mitigation (git-fixes). - commit 57e9149 - x86/bugs: Allow retbleed=stuff only on Intel (git-fixes). - commit be36749 - x86/bugs: Restructure spectre_v1 mitigation (git-fixes). - commit 9d9c4f9 - x86/bugs: Restructure GDS mitigation (git-fixes). - commit 07ce138 - x86/bugs: Restructure SRBDS mitigation (git-fixes). - commit 985324a - x86/bugs: Remove md_clear_*_mitigation() (git-fixes). - commit 3670fb7 - x86/bugs: Restructure RFDS mitigation (git-fixes). - commit 5f6d514 - x86/bugs: Restructure MMIO mitigation (git-fixes). - commit fbecfda - x86/bugs: Rename mmio_stale_data_clear to cpu_buf_vm_clear (git-fixes). - commit 6562e0a - x86/bugs: Restructure TAA mitigation (git-fixes). - commit 2b3c942 - x86/bugs: Restructure MDS mitigation (git-fixes). - commit d61c636 - x86/bugs: Add AUTO mitigations for mds/taa/mmio/rfds (git-fixes). - commit 8f40133 - x86/bugs: Relocate mds/taa/mmio/rfds defines (git-fixes). - commit dd6ad69 - x86/bugs: Add X86_BUG_SPECTRE_V2_USER (git-fixes). - Refresh patches.suse/x86-its-Add-vmexit-option-to-skip-mitigation-on-some-CPUs.patch. - Refresh patches.suse/x86-its-Enumerate-Indirect-Target-Selection-ITS-bug.patch. - commit 2251acf - net: ibmveth: Refactored veth_pool_store for better maintainability (jsc#PED-3944). - net: ibmveth: added KUnit tests for some buffer pool functions (jsc#PED-3944). - net: ibmveth: Reset the adapter when unexpected states are detected (jsc#PED-3944). - net: ibmveth: Indented struct ibmveth_adapter correctly (jsc#PED-3944). - commit 8a53c7b - patches.suse/block-make-sure-nr_integrity_segments-is-cloned-in-blk_rq_.patch: (git-fixes, bsc#1243874). Patch metadata - commit 3065561 - x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes). - commit 497daab - Bluetooth: MGMT: Fix sparse errors (git-fixes). - commit f4127bc - wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes). - ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes). - Revert "wifi: mwifiex: Fix HT40 bandwidth issue." (git-fixes). - Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes). - Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes). - Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes). - net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes). - net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes). - Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes). - Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes). - Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git-fixes). - Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git-fixes). - Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes). - ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes). - pinctrl: st: Drop unused st_gpio_bank() function (git-fixes). - pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes). - ptp: ocp: Limit signal/freq counts in summary output functions (git-fixes). - ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes). - ptp: ocp: reject unsupported periodic output flags (git-fixes). - ptp: Properly handle compat ioctls (git-fixes). - commit ad94026 - PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes). - PCI: apple: Set only available ports up (git-fixes). - PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes). - kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes). - PCI/pwrctrl: Cancel outstanding rescan work when unregistering (git-fixes). - serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes). - kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes). - PCI: apple: Use helper function for_each_child_of_node_scoped() (git-fixes). - x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes). - commit f6125e9 ++++ kernel-rt: - Revert "openvswitch: switch to per-action label counting in conntrack" (CVE-2025-21958 bsc#1240758). - commit 99845fa - fgraph: Still initialize idle shadow stacks when starting (git-fixes). - commit bbb8b6d - platform/x86/amd/hsmp: Use dev_groups in the driver structure (jsc#PED-13094). - commit 0d0227e - tracing/eprobe: Fix to release eprobe when failed to add dyn_event (git-fixes). - commit 1e81e5c - platform/x86/amd/hsmp: Use name space while exporting module symbols (jsc#PED-13094). - commit 43e9d2b - platform/x86/amd/hsmp: Create separate ACPI, plat and common drivers (jsc#PED-13094). - Update config files. - commit 1820255 - mm/damon: fix order of arguments in damos_before_apply tracepoint (git-fixes). - commit 573e8fc - platform/x86/amd/hsmp: Change generic plat_dev name to hsmp_pdev (jsc#PED-13094). - commit e81369a - platform/x86/amd/hsmp: Move ACPI code to acpi.c (jsc#PED-13094). - commit 4d8807d - platform/x86/amd/hsmp: Move platform device specific code to plat.c (jsc#PED-13094). - commit a6d1274 - platform/x86/amd/hsmp: Move structure and macros to header file (jsc#PED-13094). - commit 226e6d8 - platform/x86/amd/hsmp: Convert amd_hsmp_rdwr() to a function pointer (jsc#PED-13094). - commit cfa6b2b - platform/x86/amd/hsmp: Create wrapper function init_acpi() (jsc#PED-13094). - commit 7b2aa8b - tracing: Fix cmp_entries_dup() to respect sort() comparison rules (git-fixes). - commit b955896 - platform/x86/amd/hsmp: Create hsmp/ directory (jsc#PED-13094). - Refresh patches.suse/sysfs-treewide-constify-attribute-callback-of-bin_is.patch. - commit fb1429d - tracing: Fix function name for trampoline (git-fixes). - commit db0dd06 - tracing: Use atomic64_inc_return() in trace_clock_counter() (git-fixes). - commit 58aed75 - trace/trace_event_perf: remove duplicate samples on the first tracepoint event (git-fixes). - commit 4902f47 - x86/bugs: Restructure SRSO mitigation (git-fixes). - commit b308adf - x86/bugs: KVM: Add support for SRSO_MSR_FIX (git-fixes). - commit d3911cf - x86/bugs: Restructure L1TF mitigation (git-fixes). - Refresh patches.suse/x86-sme-Use-percpu-boolean-to-control-wbinvd-during-kexec.patch. - commit 1d465a8 - x86/bugs: Restructure SSB mitigation (git-fixes). - commit 4fad51e - x86/bugs: Restructure spectre_v2 mitigation (git-fixes). - commit 811ec5d - x86/bugs: Restructure BHI mitigation (git-fixes). - commit 185e70f - x86/bugs: Restructure spectre_v2_user mitigation (git-fixes). - commit 7ec3712 - x86/bugs: Remove X86_FEATURE_USE_IBPB (git-fixes). - commit fa88ebe - KVM: nVMX: Always use IBPB to properly virtualize IBRS (git-fixes). - blacklist.conf: Removed the patch - commit 557f9fb - x86/bugs: Use a static branch to guard IBPB on vCPU switch (git-fixes). - commit e724e81 - x86/bugs: Remove the X86_FEATURE_USE_IBPB check in ib_prctl_set() (git-fixes). - commit 42db235 - x86/mm: Remove X86_FEATURE_USE_IBPB checks in cond_mitigation() (git-fixes). - commit 4022f33 - x86/bugs: Move the X86_FEATURE_USE_IBPB check into callers (git-fixes). - Refresh patches.suse/x86-bugs-Fix-RSB-clearing-in-indirect_branch_prediction_ba.patch. - commit 68a66c6 - x86/bugs: Use the cpu_smt_possible() helper instead of open-coded code (git-fixes). - commit a3f48f2 - x86/bugs: Restructure retbleed mitigation (git-fixes). - commit 57e9149 - x86/bugs: Allow retbleed=stuff only on Intel (git-fixes). - commit be36749 - x86/bugs: Restructure spectre_v1 mitigation (git-fixes). - commit 9d9c4f9 - x86/bugs: Restructure GDS mitigation (git-fixes). - commit 07ce138 - x86/bugs: Restructure SRBDS mitigation (git-fixes). - commit 985324a - x86/bugs: Remove md_clear_*_mitigation() (git-fixes). - commit 3670fb7 - x86/bugs: Restructure RFDS mitigation (git-fixes). - commit 5f6d514 - x86/bugs: Restructure MMIO mitigation (git-fixes). - commit fbecfda - x86/bugs: Rename mmio_stale_data_clear to cpu_buf_vm_clear (git-fixes). - commit 6562e0a - x86/bugs: Restructure TAA mitigation (git-fixes). - commit 2b3c942 - x86/bugs: Restructure MDS mitigation (git-fixes). - commit d61c636 - x86/bugs: Add AUTO mitigations for mds/taa/mmio/rfds (git-fixes). - commit 8f40133 - x86/bugs: Relocate mds/taa/mmio/rfds defines (git-fixes). - commit dd6ad69 - x86/bugs: Add X86_BUG_SPECTRE_V2_USER (git-fixes). - Refresh patches.suse/x86-its-Add-vmexit-option-to-skip-mitigation-on-some-CPUs.patch. - Refresh patches.suse/x86-its-Enumerate-Indirect-Target-Selection-ITS-bug.patch. - commit 2251acf - net: ibmveth: Refactored veth_pool_store for better maintainability (jsc#PED-3944). - net: ibmveth: added KUnit tests for some buffer pool functions (jsc#PED-3944). - net: ibmveth: Reset the adapter when unexpected states are detected (jsc#PED-3944). - net: ibmveth: Indented struct ibmveth_adapter correctly (jsc#PED-3944). - commit 8a53c7b - patches.suse/block-make-sure-nr_integrity_segments-is-cloned-in-blk_rq_.patch: (git-fixes, bsc#1243874). Patch metadata - commit 3065561 - x86/mm/init: Handle the special case of device private pages in add_pages(), to not increase max_pfn and trigger dma_addressing_limited() bounce buffers (git-fixes). - commit 497daab - Bluetooth: MGMT: Fix sparse errors (git-fixes). - commit f4127bc - wifi: ath11k: validate ath11k_crypto_mode on top of ath11k_core_qmi_firmware_ready (git-fixes). - ath10k: snoc: fix unbalanced IRQ enable in crash recovery (git-fixes). - Revert "wifi: mwifiex: Fix HT40 bandwidth issue." (git-fixes). - Bluetooth: eir: Fix possible crashes on eir_create_adv_data (git-fixes). - Bluetooth: hci_sync: Fix broadcast/PA when using an existing instance (git-fixes). - Bluetooth: Fix NULL pointer deference on eir_get_service_data (git-fixes). - net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (git-fixes). - net/mdiobus: Fix potential out-of-bounds read/write access (git-fixes). - Bluetooth: MGMT: Fix UAF on mgmt_remove_adv_monitor_complete (git-fixes). - Bluetooth: btintel_pcie: Reduce driver buffer posting to prevent race condition (git-fixes). - Bluetooth: btintel_pcie: Increase the tx and rx descriptor count (git-fixes). - Bluetooth: btintel_pcie: Fix driver not posting maximum rx buffers (git-fixes). - Bluetooth: hci_core: fix list_for_each_entry_rcu usage (git-fixes). - ptp: remove ptp->n_vclocks check logic in ptp_vclock_in_use() (git-fixes). - pinctrl: st: Drop unused st_gpio_bank() function (git-fixes). - pinctrl: qcom: pinctrl-qcm2290: Add missing pins (git-fixes). - ptp: ocp: Limit signal/freq counts in summary output functions (git-fixes). - ptp: ocp: fix start time alignment in ptp_ocp_signal_set (git-fixes). - ptp: ocp: reject unsupported periodic output flags (git-fixes). - ptp: Properly handle compat ioctls (git-fixes). - commit ad94026 - PCI/MSI: Size device MSI domain with the maximum number of vectors (git-fixes). - PCI: apple: Set only available ports up (git-fixes). - PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes). - kABI: PCI: endpoint: Retain fixed-size BAR size as well as aligned size (git-fixes). - PCI/pwrctrl: Cancel outstanding rescan work when unregistering (git-fixes). - serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes). - kABI: serial: mctrl_gpio: split disable_ms into sync and no_sync APIs (git-fixes). - PCI: apple: Use helper function for_each_child_of_node_scoped() (git-fixes). - x86/kaslr: Reduce KASLR entropy on most x86 systems (git-fixes). - commit f6125e9 ++++ libguestfs: - Drop gzip mtime from base.tar.gz (bsc#1216986) ++++ osinfo-db: - Update to database version 20250606 (jsc#PED-12706) osinfo-db-20250606.tar.xz - Drop add-Windows-Server-2025.patch ------------------------------------------------------------------ ------------------ 2025-6-12 - Jun 12 2025 ------------------- ------------------------------------------------------------------ ++++ transactional-update: - Version 5.0.4 - Don't override soft-reboot with hard reboot - Fix stdio when returning from selfupdate [boo#1243910], [gh#openSUSE/transactional-update#151] ++++ jq: - Add patch CVE-2024-23337.patch (CVE-2024-23337, bsc#1243450) ++++ kernel-default: - scsi: dc395x: Remove leftover if statement in reselect() (git-fixes). - commit 6750876 - scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes). - scsi: dc395x: Remove DEBUG conditional compilation (git-fixes). - scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes). - scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes). - scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes). - scsi: mpi3mr: Add level check to control event logging (git-fixes). - scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes). - scsi: st: ERASE does not change tape location (git-fixes). - scsi: logging: Fix scsi_logging_level bounds (git-fixes). - scsi: mpi3mr: Update timestamp only for supervisor IOCs (git-fixes). - scsi: scsi_debug: First fixes for tapes (git-fixes). - scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes). - scsi: st: Restore some drive settings after reset (git-fixes). - commit edc8361 - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000 bsc#1244277). - commit 57fc275 - ring-buffer: Limit time with disabled interrupts in rb_check_pages() (git-fixes). - commit eb4c51a - bpf: Force uprobe bpf program to always return 0 (git-fixes). - commit 8c62ccf - tracing: Fix function timing profiler to initialize hashtable (git-fixes). - commit bb3c8fc - xfs: don't lose solo dquot update transactions (bsc#1244502). - commit de784a3 - xfs: don't lose solo superblock counter update transactions (bsc#1244502). - commit d46099b - xfs: avoid nested calls to __xfs_trans_commit (bsc#1244502). - commit 0e219be - netfilter: ipset: fix region locking in hash types (CVE-2025-37997 bsc#1243832). - commit 7805bf7 - Revert "sysctl: update common tuning parameters for SAP workloads" This reverts commit 86d9b0692912bbfa298dbe77683f16d0872aaf27. jsc#PED-11676 has been rejected. - commit 346a6d9 - supported.conf: mark mana drivers as external - uio_hv_generic: Set event for all channels on the device (git-fixes). - Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes). - Drivers: hv: vmbus: Add comments about races with "channels" sysfs dir (git-fixes). - PCI: hv: Remove unnecessary flex array in struct pci_packet (git-fixes). - Drivers: hv: Use kzalloc for panic page allocation (git-fixes). - uio_hv_generic: Align ring size to system page (git-fixes). - uio_hv_generic: Use correct size for interrupt and monitor pages (git-fixes). - Drivers: hv: Allocate interrupt and monitor pages aligned to system page boundary (git-fixes). - x86/hyperv: Fix APIC ID and VP index confusion in hv_snp_boot_ap() (git-fixes). - Drivers: hv: vmbus: Introduce hv_get_vmbus_root_device() (git-fixes). - Drivers: hv: vmbus: Get the IRQ number from DeviceTree (git-fixes). - arm64, x86: hyperv: Report the VTL the system boots in (git-fixes). - arm64: hyperv: Initialize the Virtual Trust Level field (git-fixes). - Drivers: hv: Provide arch-neutral implementation of get_vtl() (git-fixes). - Drivers: hv: Enable VTL mode for arm64 (git-fixes). - tools: hv: Enable debug logs for hv_kvp_daemon (git-fixes). - net: mana: Add support for auxiliary device servicing events (git-fixes). - RDMA/mana_ib: unify mana_ib functions to support any gdma device (git-fixes). - RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes). - net: mana: Probe rdma device in mana driver (git-fixes). - RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes). - RDMA/mana_ib: support of the zero based MRs (git-fixes). - RDMA/mana_ib: Access remote atomic for MRs (git-fixes). - net: mana: Add support for Multi Vports on Bare metal (bsc#1244229). - commit e5bb2a2 ++++ kernel-firmware-nvidia: - Fix zypper conflict about directory -> symlink workaround (bsc#1244458) ++++ kernel-firmware-qcom: - Better workaround for directory -> symlink change (bsc#1244458) ++++ kernel-rt: - scsi: dc395x: Remove leftover if statement in reselect() (git-fixes). - commit 6750876 - scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels (git-fixes). - scsi: dc395x: Remove DEBUG conditional compilation (git-fixes). - scsi: hisi_sas: Call I_T_nexus after soft reset for SATA disk (git-fixes). - scsi: qedf: Use designated initializer for struct qed_fcoe_cb_ops (git-fixes). - scsi: sd_zbc: block: Respect bio vector limits for REPORT ZONES buffer (git-fixes). - scsi: mpi3mr: Add level check to control event logging (git-fixes). - scsi: st: Tighten the page format heuristics with MODE SELECT (git-fixes). - scsi: st: ERASE does not change tape location (git-fixes). - scsi: logging: Fix scsi_logging_level bounds (git-fixes). - scsi: mpi3mr: Update timestamp only for supervisor IOCs (git-fixes). - scsi: scsi_debug: First fixes for tapes (git-fixes). - scsi: mpt3sas: Send a diag reset if target reset fails (git-fixes). - scsi: st: Restore some drive settings after reset (git-fixes). - commit edc8361 - sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (CVE-2025-38000 bsc#1244277). - commit 57fc275 - ring-buffer: Limit time with disabled interrupts in rb_check_pages() (git-fixes). - commit eb4c51a - bpf: Force uprobe bpf program to always return 0 (git-fixes). - commit 8c62ccf - tracing: Fix function timing profiler to initialize hashtable (git-fixes). - commit bb3c8fc - xfs: don't lose solo dquot update transactions (bsc#1244502). - commit de784a3 - xfs: don't lose solo superblock counter update transactions (bsc#1244502). - commit d46099b - xfs: avoid nested calls to __xfs_trans_commit (bsc#1244502). - commit 0e219be - netfilter: ipset: fix region locking in hash types (CVE-2025-37997 bsc#1243832). - commit 7805bf7 - Revert "sysctl: update common tuning parameters for SAP workloads" This reverts commit 86d9b0692912bbfa298dbe77683f16d0872aaf27. jsc#PED-11676 has been rejected. - commit 346a6d9 - supported.conf: mark mana drivers as external - uio_hv_generic: Set event for all channels on the device (git-fixes). - Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes). - Drivers: hv: vmbus: Add comments about races with "channels" sysfs dir (git-fixes). - PCI: hv: Remove unnecessary flex array in struct pci_packet (git-fixes). - Drivers: hv: Use kzalloc for panic page allocation (git-fixes). - uio_hv_generic: Align ring size to system page (git-fixes). - uio_hv_generic: Use correct size for interrupt and monitor pages (git-fixes). - Drivers: hv: Allocate interrupt and monitor pages aligned to system page boundary (git-fixes). - x86/hyperv: Fix APIC ID and VP index confusion in hv_snp_boot_ap() (git-fixes). - Drivers: hv: vmbus: Introduce hv_get_vmbus_root_device() (git-fixes). - Drivers: hv: vmbus: Get the IRQ number from DeviceTree (git-fixes). - arm64, x86: hyperv: Report the VTL the system boots in (git-fixes). - arm64: hyperv: Initialize the Virtual Trust Level field (git-fixes). - Drivers: hv: Provide arch-neutral implementation of get_vtl() (git-fixes). - Drivers: hv: Enable VTL mode for arm64 (git-fixes). - tools: hv: Enable debug logs for hv_kvp_daemon (git-fixes). - net: mana: Add support for auxiliary device servicing events (git-fixes). - RDMA/mana_ib: unify mana_ib functions to support any gdma device (git-fixes). - RDMA/mana_ib: Add support of mana_ib for RNIC and ETH nic (git-fixes). - net: mana: Probe rdma device in mana driver (git-fixes). - RDMA/mana_ib: Add support of 4M, 1G, and 2G pages (git-fixes). - RDMA/mana_ib: support of the zero based MRs (git-fixes). - RDMA/mana_ib: Access remote atomic for MRs (git-fixes). - net: mana: Add support for Multi Vports on Bare metal (bsc#1244229). - commit e5bb2a2 ++++ ndctl: - Update to version 82 * adds libcxl enumeration of FWCTL character devices - Linux 6.15 compatibility ++++ virt-manager: - Upstream bug fixes (bsc#1027942) 050-Validation-allow-spaces-disallow-slashes.patch 051-fix-default-start_folder-to-None.patch 052-Add-Ctrl+Alt+Shift+Esc-key-command-for-loginds-SecureAttentionKey.patch ------------------------------------------------------------------ ------------------ 2025-6-11 - Jun 11 2025 ------------------- ------------------------------------------------------------------ ++++ NetworkManager: - document static ip setup on boot (bsc#1244072) add 0001-man-document-static-ip-setup-differences-to-dracut-n.patch ++++ fde-tools: - Add fde-tools-bsc1244323-firstboot-fix-lsinitrd.patch to fix the empty LUKS header checksum from lsinitrd (bsc#1244323) ++++ kernel-default: - Revert "ipv6: save dontfrag in cork (git-fixes)." This reverts commit f07ae24f52481201baa11e1e91aab0812e1043c6. See https://lore.kernel.org/all/aElivdUXqd1OqgMY@karahi.gladserv.com/ and https://bugzilla.suse.com/show_bug.cgi?id=1244313. - commit a4337cd - Revert "kABI: ipv6: save dontfrag in cork (git-fixes)." This reverts commit c19b92367fe535ac505c72a32609b2b5aa190746. See https://lore.kernel.org/all/aElivdUXqd1OqgMY@karahi.gladserv.com/ and https://bugzilla.suse.com/show_bug.cgi?id=1244313. - commit d9787d8 - rxrpc: Fix handling of received connection abort (CVE-2024-58053 bsc#1238982). - commit 6192989 - tipc: fix memory leak in tipc_link_xmit (CVE-2025-37757 bsc#1242521) - commit c36615f - isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774). Return the correct upper limit of the allocated cpumask. modified: - patches.suse/lib-group_cpus-honor-housekeeping-config-when-grouping-cpus.patch. - patches.suse/lib-group_cpus-let-group_cpu_evenly-return-number-initialized-masks.patch. - commit 55c520e - Refresh patches.suse/sd-always-retry-READ-CAPACITY-for-ALUA-state-transit.patch This patch has two identical hunks but there is only one site where the hunk can be applied. - commit da23587 - arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes) - commit 5fb1a6c - Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes) - commit 0ba4e57 - xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes) - commit 1f1b63d - ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes). - commit ba34170 - ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes). - ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes). - ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes). - ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes). - commit db6d17b - ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes). - ALSA: hda: hda-intel: add Wildcat Lake support (stable-fixes). - ALSA: hda: add HDMI codec ID for Intel WCL (stable-fixes). - PCI: Add Intel Wildcat Lake audio Device ID (stable-fixes). - ALSA: hda: cs35l41: Fix swapped l/r audio channels for Acer Helios laptops (stable-fixes). - commit b41ea81 - accel/ivpu: Trigger device recovery on engine reset/resume failure (git-fixes). - accel/ivpu: Use firmware names from upstream repo (git-fixes). - commit cfcd050 - USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes). - usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes). - usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes). - thunderbolt: Do not double dequeue a configuration request (stable-fixes). - Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands (git-fixes). - rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes). - net: lan743x: Fix memleak issue when GSO enabled (git-fixes). - accel/ivpu: Add handling of VPU_JSM_STATUS_MVNCI_CONTEXT_VIOLATION_HW (stable-fixes). - PCI/ASPM: Disable L1 before disabling L1 PM Substates (stable-fixes). - accel/ivpu: Update power island delays (stable-fixes). - accel/ivpu: Add initial Panther Lake support (stable-fixes). - commit 122402d ++++ kernel-rt: - Revert "ipv6: save dontfrag in cork (git-fixes)." This reverts commit f07ae24f52481201baa11e1e91aab0812e1043c6. See https://lore.kernel.org/all/aElivdUXqd1OqgMY@karahi.gladserv.com/ and https://bugzilla.suse.com/show_bug.cgi?id=1244313. - commit a4337cd - Revert "kABI: ipv6: save dontfrag in cork (git-fixes)." This reverts commit c19b92367fe535ac505c72a32609b2b5aa190746. See https://lore.kernel.org/all/aElivdUXqd1OqgMY@karahi.gladserv.com/ and https://bugzilla.suse.com/show_bug.cgi?id=1244313. - commit d9787d8 - rxrpc: Fix handling of received connection abort (CVE-2024-58053 bsc#1238982). - commit 6192989 - tipc: fix memory leak in tipc_link_xmit (CVE-2025-37757 bsc#1242521) - commit c36615f - isolcpus: fix bug in returning number of allocated cpumask (bsc#1243774). Return the correct upper limit of the allocated cpumask. modified: - patches.suse/lib-group_cpus-honor-housekeeping-config-when-grouping-cpus.patch. - patches.suse/lib-group_cpus-let-group_cpu_evenly-return-number-initialized-masks.patch. - commit 55c520e - Refresh patches.suse/sd-always-retry-READ-CAPACITY-for-ALUA-state-transit.patch This patch has two identical hunks but there is only one site where the hunk can be applied. - commit da23587 - arm64: dts: marvell: uDPU: define pinctrl state for alarm LEDs (git-fixes) - commit 5fb1a6c - Revert "arm64: dts: allwinner: h6: Use RSB for AXP805 PMIC (git-fixes) - commit 0ba4e57 - xen/arm: call uaccess_ttbr0_enable for dm_op hypercall (git-fixes) - commit 1f1b63d - ALSA: usb-audio: Add a quirk for Lenovo Thinkpad Thunderbolt 3 dock (stable-fixes). - commit ba34170 - ALSA: usb-audio: Add implicit feedback quirk for RODE AI-1 (stable-fixes). - ALSA: usb-audio: Rename Pioneer mixer channel controls (git-fixes). - ALSA: usb-audio: Add Pioneer DJ DJM-V10 support (stable-fixes). - ALSA: usb-audio: enable support for Presonus Studio 1824c within 1810c file (stable-fixes). - commit db6d17b - ALSA: hda: Add new pci id for AMD GPU display HD audio controller (stable-fixes). - ALSA: hda: hda-intel: add Wildcat Lake support (stable-fixes). - ALSA: hda: add HDMI codec ID for Intel WCL (stable-fixes). - PCI: Add Intel Wildcat Lake audio Device ID (stable-fixes). - ALSA: hda: cs35l41: Fix swapped l/r audio channels for Acer Helios laptops (stable-fixes). - commit b41ea81 - accel/ivpu: Trigger device recovery on engine reset/resume failure (git-fixes). - accel/ivpu: Use firmware names from upstream repo (git-fixes). - commit cfcd050 - USB: serial: pl2303: add new chip PL2303GC-Q20 and PL2303GT-2AB (stable-fixes). - usb: storage: Ignore UAS driver for SanDisk 3.2 Gen2 storage device (stable-fixes). - usb: quirks: Add NO_LPM quirk for SanDisk Extreme 55AE (stable-fixes). - thunderbolt: Do not double dequeue a configuration request (stable-fixes). - Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands (git-fixes). - rtc: Make rtc_time64_to_tm() support dates before 1970 (stable-fixes). - net: lan743x: Fix memleak issue when GSO enabled (git-fixes). - accel/ivpu: Add handling of VPU_JSM_STATUS_MVNCI_CONTEXT_VIOLATION_HW (stable-fixes). - PCI/ASPM: Disable L1 before disabling L1 PM Substates (stable-fixes). - accel/ivpu: Update power island delays (stable-fixes). - accel/ivpu: Add initial Panther Lake support (stable-fixes). - commit 122402d ++++ libguestfs: - Update to version 1.56.0 (jsc#PED-12706) * Add support for Windows 2025 (thanks Ming Xie). * Add support for TencentOS (Denise Cheng). * Inspection of Ubuntu 22+ guests that use a split /usr configuration now works properly (thanks Jaroslav Spanko, Daniel Berrange). * Inspecting guests that have duplicated root mountpoints now works. * Inspection of SUSE Linux guests using btrfs snapshots now ignores snapshots that mirror content in the root filesystem (thanks Ming Xie). * Inspection of SUSE Linux >= 15 now returns the correct osinfo short name (eg. "sle15") (thanks Ming Xie). * New command_out and sh_out APIs which allow you to capture output from guest commands that generate more output than the protocol limit allows. * New btrfs_scrub_full API which runs a full Btrfs scrub, synchronously. It works more like fsck for other filesystems. * The fstrim API has been modified to work around several issues in upstream and RHEL 9 kernels related to XFS support (Eric Sandeen, Dave Chinner). * The existing e2fsck API has a new FORCENO option enabling use of the command line -n flag. * json-c is now required. This replaces Jansson which was previously used for parsing JSON input files. * OCaml ≥ 4.08 is now required. * When using ./configure --disable-daemon we no longer require augeas and hivex (thanks Mohamed Akram). * zfs-fuse support has been dropped. The project is unmaintained upstream (thanks Paul Bolle, Gwyn Ciesla, Timothée Ravier). * Fix compatibility with GNU gettext 0.25. * Fix dhcpcd failing on systemd-resolved stub (Thomas Wouters). * Add support for dhcpcd and sfdisk on Debian (Daniel Gomez). * Print the kernel utsname in debug output. * We no longer emit a false warning about BLKDISCARD when creating a block device. * If qemu-img(1) commands fail during snapshot creation, make sure we capture and print stderr from the qemu command (Cole Robinson). * For a complete list of changes and bug fixes see, https://libguestfs.org/guestfs-release-notes-1.56.1.html - bsc#1216986 - libguestfs: embeds /etc/hosts reproducible-builds.patch ++++ python313-core: - Update to 3.13.5: - Tests - gh-135120: Add test.support.subTests(). - Library - gh-133967: Do not normalize locale name ‘C.UTF-8’ to ‘en_US.UTF-8’. - gh-135326: Restore support of integer-like objects with __index__() in random.getrandbits(). - gh-135321: Raise a correct exception for values greater than 0x7fffffff for the BINSTRING opcode in the C implementation of pickle. - gh-135276: Backported bugfixes in zipfile.Path from zipp 3.23. Fixed .name, .stem and other basename-based properties on Windows when working with a zipfile on disk. - gh-134151: email: Fix TypeError in email.utils.decode_params() when sorting RFC 2231 continuations that contain an unnumbered section. - gh-134152: email: Fix parsing of email message ID with invalid domain. - gh-127081: Fix libc thread safety issues with os by replacing getlogin with getlogin_r re-entrant version. - gh-131884: Fix formatting issues in json.dump() when both indent and skipkeys are used. - Core and Builtins - gh-135171: Roll back changes to generator and list comprehensions that went into 3.13.4 to fix gh-127682, but which involved semantic and bytecode changes not appropriate for a bugfix release. - C API - gh-134989: Fix Py_RETURN_NONE, Py_RETURN_TRUE and Py_RETURN_FALSE macros in the limited C API 3.11 and older: don’t treat Py_None, Py_True and Py_False as immortal. Patch by Victor Stinner. - gh-134989: Implement PyObject_DelAttr() and PyObject_DelAttrString() as macros in the limited C API 3.12 and older. Patch by Victor Stinner. - Substantially rewritten doc-py38-to-py36.patch patch to be more flexible and covering even unexpected changes. ++++ nvidia-open-driver-G06-signed: - 60-nvidia-$flavor.conf * Don't try to load the driver if config and GSP firmware files are not available. Otherwise let the default install rule 'install nvidia-drm /sbin/modprobe --ignore-install nvidia-drm' of 50-nvidia.conf win, which comes together with config and GSP firmware files (package nvidia-common-G06). ++++ python313: - Update to 3.13.5: - Tests - gh-135120: Add test.support.subTests(). - Library - gh-133967: Do not normalize locale name ‘C.UTF-8’ to ‘en_US.UTF-8’. - gh-135326: Restore support of integer-like objects with __index__() in random.getrandbits(). - gh-135321: Raise a correct exception for values greater than 0x7fffffff for the BINSTRING opcode in the C implementation of pickle. - gh-135276: Backported bugfixes in zipfile.Path from zipp 3.23. Fixed .name, .stem and other basename-based properties on Windows when working with a zipfile on disk. - gh-134151: email: Fix TypeError in email.utils.decode_params() when sorting RFC 2231 continuations that contain an unnumbered section. - gh-134152: email: Fix parsing of email message ID with invalid domain. - gh-127081: Fix libc thread safety issues with os by replacing getlogin with getlogin_r re-entrant version. - gh-131884: Fix formatting issues in json.dump() when both indent and skipkeys are used. - Core and Builtins - gh-135171: Roll back changes to generator and list comprehensions that went into 3.13.4 to fix gh-127682, but which involved semantic and bytecode changes not appropriate for a bugfix release. - C API - gh-134989: Fix Py_RETURN_NONE, Py_RETURN_TRUE and Py_RETURN_FALSE macros in the limited C API 3.11 and older: don’t treat Py_None, Py_True and Py_False as immortal. Patch by Victor Stinner. - gh-134989: Implement PyObject_DelAttr() and PyObject_DelAttrString() as macros in the limited C API 3.12 and older. Patch by Victor Stinner. - Substantially rewritten doc-py38-to-py36.patch patch to be more flexible and covering even unexpected changes. ++++ python-argcomplete: - Remove executable bit on files installed outside of the path. (bsc#1244435) ++++ xfsprogs: - update to 6.14.0 - xfs_scrub_all: localize the strings in the program - xfs_protofile: add messages to localization catalog - Makefile: inject package name/version/bugreport into pot file - xfs_scrub_all: rename source code to .py.in - xfs_protofile: rename source code to .py.in - xfs_repair: handling a block with bad crc, bad uuid, and bad magic number needs fixing - xfs_repair: fix stupid argument error in verify_inode_chunk - xfs_repair: fix infinite loop in longform_dir2_entry_check* - xfs_repair: fix crash in reset_rt_metadir_inodes - xfs_repair: don't recreate /quota metadir if there are no quota inodes - xfs_repair: fix wording of error message about leftover CoW blocks on the rt device - xfs_io: Add cachestat syscall support - xfs_io: Add RWF_DONTCACHE support to preadv2 - xfs_io: Add RWF_DONTCACHE support to pwritev2 - xfs_io: Add support for preadv2 - make: remove the .extradep file in libxfs on "make clean" - xfs_{admin,repair},man5: tell the user to mount with nouuid for snapshots - xfsprogs: Fix mismatched return type of filesize() - xfs_io: don't fail FS_IOC_FSGETXATTR on filesystems that lack support - configure: additionally get icu-uc from pkg-config - xfs_scrub: use the display mountpoint for reporting file corruptions - xfs_scrub: don't warn about zero width joiner control characters - xfs_scrub: fix buffer overflow in string_escape - xfs_db: add command to copy directory trees out of filesystems - xfs_db: make listdir more generally useful - xfs_db: use an empty transaction to try to prevent livelocks in path_navigate - xfs_db: pass const pointers when we're not modifying them - mkfs: enable reflink on the realtime device - mkfs: validate CoW extent size hint when rtinherit is set - xfs_logprint: report realtime CUIs - xfs_repair: validate CoW extent size hint on rtinherit directories - xfs_repair: allow realtime files to have the reflink flag set - xfs_repair: rebuild the realtime refcount btree - xfs_repair: reject unwritten shared extents - xfs_repair: check existing realtime refcountbt entries against observed refcounts - xfs_repair: compute refcount data for the realtime groups - xfs_repair: find and mark the rtrefcountbt inode - xfs_repair: use realtime refcount btree data to check block types - xfs_repair: allow CoW staging extents in the realtime rmap records - xfs_spaceman: report health of the realtime refcount btree - xfs_db: add rtrefcount reservations to the rgresv command - xfs_db: copy the realtime refcount btree - xfs_db: support the realtime refcountbt - xfs_db: display the realtime refcount btree contents - man: document userspace API changes due to rt reflink - mkfs: create the realtime rmap inode - xfs_logprint: report realtime RUIs - xfs_repair: reserve per-AG space while rebuilding rt metadata - xfs_repair: rebuild the bmap btree for realtime files - xfs_repair: check for global free space concerns with default btree slack levels - xfs_repair: rebuild the realtime rmap btree - xfs_repair: always check realtime file mappings against incore info - xfs_repair: check existing realtime rmapbt entries against observed rmaps - xfs_repair: find and mark the rtrmapbt inodes - xfs_repair: refactor realtime inode check - xfs_repair: create a new set of incore rmap information for rt groups - xfs_repair: use realtime rmap btree data to check block types - xfs_repair: flag suspect long-format btree blocks - xfs_repair: tidy up rmap_diffkeys - xfs_spaceman: report health status of the realtime rmap btree - xfs_db: add an rgresv command - xfs_db: make fsmap query the realtime reverse mapping tree - xfs_db: copy the realtime rmap btree - xfs_db: support the realtime rmapbt - xfs_db: display the realtime rmap btree contents - xfs_db: don't abort when bmapping on a non-extents/bmbt fork - xfs_db: compute average btree height - man: document userspace API changes due to rt rmap - xfs_scrub: try harder to fill the bulkstat array with bulkstat() - xfs_scrub: ignore freed inodes when single-stepping during phase 3 - xfs_scrub: hoist the phase3 bulkstat single stepping code - xfs_scrub: don't blow away new inodes in bulkstat_single_step - xfs_scrub: return early from bulkstat_for_inumbers if no bulkstat data - xfs_scrub: don't complain if bulkstat fails - xfs_scrub: don't - xfs_scrub: don't double-scan inodes during phase 3 - xfs_scrub: actually iterate all the bulkstat records - xfs_scrub: selectively re-run bulkstat after re-running inumbers - xfs_scrub: remove flags argument from scrub_scan_all_inodes - xfs_scrub: call bulkstat directly if we're only scanning user files - xfs_scrub: don't report data loss in unlinked inodes twice - man: document new XFS_BULK_IREQ_METADIR flag to bulkstat - xfs_db: obfuscate rt superblock label when metadumping - mkfs,xfs_repair: don't pass a daddr as the flags argument - drop mkfs-fix-filesize-function-compilation-error-on-32-b.patch - now part of the release (merged in v6.14.0) ------------------------------------------------------------------ ------------------ 2025-6-10 - Jun 10 2025 ------------------- ------------------------------------------------------------------ ++++ branding-SLE: - Merge all files from distributions-logos-SLE into distributions-logos-branding-SLE. ++++ python-kiwi: - Fixed rootfs size calculation with spare part In case a spare_part setup is combined with the root_clone feature, the size calculation for the rootfs did not take the cloning into account and lead to the wrong value. In addition when requesting the spare part to be last and no size information was given, the partition was not created at all. This commit fixes both defects and Fixes #2831 ++++ iputils: - Security fix [bsc#1243772, CVE-2025-48964] * Fix integer overflow in ping statistics via zero timestamp * Add iputils-CVE-2025-48964_01.patch * Add iputils-CVE-2025-48964_02.patch * Add iputils-CVE-2025-48964_03.patch * Add iputils-CVE-2025-48964_regression.patch ++++ kernel-default: - net: lan743x: Fix memleak issue when GSO enabled (CVE-2025-37909 bsc#1243467). - vxlan: vnifilter: Fix unlocked deletion of default FDB entry (CVE-2025-37921 bsc#1243480). - commit 1e0ef1b - ucsi_debugfs_entry: restore u32 respectively s32 for int (git-fixes). - commit 94a62e7 - tracing: Verify event formats that have "%*p.." (CVE-2025-37938 bsc#1243544). - tracing: Have process_string() also allow arrays (git-fixes). - tracing: Check "%s" dereference via the field and not the TP_printk format (git-fixes). - tracing: Add "%s" check in test_event_printk() (git-fixes). - tracing: Add missing helper functions in event pointer dereference check (git-fixes). - tracing: Fix test_event_printk() to process entire print argument (git-fixes). - tracing: Add __print_dynamic_array() helper (git-fixes). - commit 4da5a05 - usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes). - Refresh patches.suse/paddings-add-paddings-to-TypeC-stuff.patch. - commit f07681a - usb: acpi: Prevent null pointer dereference in usb_acpi_add_usb4_devlink() (git-fixes). - commit 31571ee - module: ensure that kobject_put() is safe for module type kobjects (CVE-2025-37995 bsc#1243827) - commit ca96390 - ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations (CVE-2025-37910 bsc#1243468) - commit c0e3266 - mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337). - commit 7c95ae0 - powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790). - powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790). - commit 43c5814 - xen/x86: fix initial memory balloon target (git-fixes). - commit af7a319 - kABI: kabi fix after vsock/virtio: fix `rx_bytes` accounting (git-fixes). - commit d25e930 - vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes). - commit 86c965e - Delete patches.suse/Restore-kABI-for-NVidia-vGPU-driver.patch. - commit 56249f7 - gfs2: Don't start unnecessary transactions during log flush (bsc#1243993). - dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854). - dlm: mask sk_shutdown value (bsc#1228854). - commit 691de31 - bpf: Search and add kfuncs in struct_ops prologue and epilogue (git-fixes). - selftests/bpf: Fix stdout race condition in traffic monitor (git-fixes). - selftests/bpf: Fix freplace_link segfault in tailcalls prog test (git-fixes). - selftests: bpf: test batch lookup on array of maps with holes (git-fixes). - bpf: skip non exist keys in generic_map_lookup_batch (git-fixes). - commit 63fb01b - selftests/bpf: Add distilled BTF test about marking BTF_IS_EMBEDDED (git-fixes). - libbpf: Fix incorrect traversal end type ID when marking BTF_IS_EMBEDDED (git-fixes). - libbpf: Fix return zero when elf_begin failed (git-fixes). - selftests/bpf: Fix btf leak on new btf alloc failure in btf_distill test (git-fixes). - libbpf: Fix segfault due to libelf functions not setting errno (git-fixes). - libbpf: Prevent compiler warnings/errors (git-fixes). - resolve_btfids: Fix compiler warnings (git-fixes). - commit f3a284f ++++ kernel-firmware-iwlwifi: - Update to version 20250609 (git commit 0d92efb540f4): * Revert "iwlwifi: add Bz/gl FW for core96-76 release" ++++ kernel-rt: - net: lan743x: Fix memleak issue when GSO enabled (CVE-2025-37909 bsc#1243467). - vxlan: vnifilter: Fix unlocked deletion of default FDB entry (CVE-2025-37921 bsc#1243480). - commit 1e0ef1b - ucsi_debugfs_entry: restore u32 respectively s32 for int (git-fixes). - commit 94a62e7 - tracing: Verify event formats that have "%*p.." (CVE-2025-37938 bsc#1243544). - tracing: Have process_string() also allow arrays (git-fixes). - tracing: Check "%s" dereference via the field and not the TP_printk format (git-fixes). - tracing: Add "%s" check in test_event_printk() (git-fixes). - tracing: Add missing helper functions in event pointer dereference check (git-fixes). - tracing: Fix test_event_printk() to process entire print argument (git-fixes). - tracing: Add __print_dynamic_array() helper (git-fixes). - commit 4da5a05 - usb: typec: ucsi: fix Clang -Wsign-conversion warning (git-fixes). - Refresh patches.suse/paddings-add-paddings-to-TypeC-stuff.patch. - commit f07681a - usb: acpi: Prevent null pointer dereference in usb_acpi_add_usb4_devlink() (git-fixes). - commit 31571ee - module: ensure that kobject_put() is safe for module type kobjects (CVE-2025-37995 bsc#1243827) - commit ca96390 - ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations (CVE-2025-37910 bsc#1243468) - commit c0e3266 - mkspec: Exclude rt flavor from kernel-syms dependencies (bsc#1244337). - commit 7c95ae0 - powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (bsc#1244309 ltc#213790). - powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (bsc#1244309 ltc#213790). - commit 43c5814 - xen/x86: fix initial memory balloon target (git-fixes). - commit af7a319 - kABI: kabi fix after vsock/virtio: fix `rx_bytes` accounting (git-fixes). - commit d25e930 - vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes). - commit 86c965e - Delete patches.suse/Restore-kABI-for-NVidia-vGPU-driver.patch. - commit 56249f7 - gfs2: Don't start unnecessary transactions during log flush (bsc#1243993). - dlm: use SHUT_RDWR for SCTP shutdown (bsc#1228854). - dlm: mask sk_shutdown value (bsc#1228854). - commit 691de31 - bpf: Search and add kfuncs in struct_ops prologue and epilogue (git-fixes). - selftests/bpf: Fix stdout race condition in traffic monitor (git-fixes). - selftests/bpf: Fix freplace_link segfault in tailcalls prog test (git-fixes). - selftests: bpf: test batch lookup on array of maps with holes (git-fixes). - bpf: skip non exist keys in generic_map_lookup_batch (git-fixes). - commit 63fb01b - selftests/bpf: Add distilled BTF test about marking BTF_IS_EMBEDDED (git-fixes). - libbpf: Fix incorrect traversal end type ID when marking BTF_IS_EMBEDDED (git-fixes). - libbpf: Fix return zero when elf_begin failed (git-fixes). - selftests/bpf: Fix btf leak on new btf alloc failure in btf_distill test (git-fixes). - libbpf: Fix segfault due to libelf functions not setting errno (git-fixes). - libbpf: Prevent compiler warnings/errors (git-fixes). - resolve_btfids: Fix compiler warnings (git-fixes). - commit f3a284f ++++ util-linux-systemd: - Fix libmount --no-canonicalize regression (boo#1244251, gh#util-linux/util-linux#3479, libmount-fix-no-canonicalize-regression.patch). ++++ gcc15: - Remove all %gcc_icecream mode cross-compilers and the corresponding icecream backend subpackages. Instead use glibc-bootstrap only configs for cross-x86_64-gcc (ipxe,ovmf,qemu), cross-ppc64-gcc (qemu) and cross-arm-gcc (ovmf). ++++ util-linux: - Fix libmount --no-canonicalize regression (boo#1244251, gh#util-linux/util-linux#3479, libmount-fix-no-canonicalize-regression.patch). ++++ python-requests: - update to 2.32.4: * CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file * Numerous documentation improvements * Added support for pypy 3.11 for Linux and macOS. * Dropped support for pypy 3.9 following its end of support. - drop CVE-2024-47081.patch (merged upstream) ------------------------------------------------------------------ ------------------ 2025-6-9 - Jun 9 2025 ------------------- ------------------------------------------------------------------ ++++ kernel-default: - s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1244280). - commit d830b32 - MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ("bs-upload-kernel: Pass limit_packages also on multibuild") - commit f4c6047 - MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed. - commit e4c2851 - KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1244278). - commit fb0286b - uprobes/x86: Harden uretprobe syscall trampoline check (CVE-2025-22046 bsc#1241434). - commit 5cc86ac - MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build") - commit 27588c9 - bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build") Fixes: 747f601d4156 ("bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)") - commit 8ef486c - ftrace: Avoid potential division by zero in function_stat_show() (CVE-2025-21898 bsc#1240610). - commit 13235ba - x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (git-fixes). - commit 2343c8f - sort series.conf - commit 7c822ea - tracing: Fix bad hist from corrupting named_triggers list (CVE-2025-21899 bsc#1240577). - commit b162509 - ring-buffer: Validate the persistent meta data subbuf array (CVE-2025-21777 bsc#1238764). - commit b030dbe - x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes). - commit 2e19a8b - x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2 (git-fixes). - commit 895937c - x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (git-fixes). - commit a46ec06 - x86/microcode/AMD: Add some forgotten models to the SHA check (git-fixes). - commit 5ed1d64 - x86/microcode/AMD: Load only SHA256-checksummed patches (git-fixes). - commit c395380 - x86/alternative: Remove unused header #defines (git-fixes). - commit 0ced93a - x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes). - commit 1051216 - x86/microcode/AMD: Add get_patch_level() (git-fixes). - commit 08a178d - x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes). - commit 563faf8 - x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes). - commit 409c545 - x86/microcode/AMD: Remove unused save_microcode_in_initrd_amd() declarations (git-fixes). - commit 5d4cce2 - x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes). - commit dc8a454 - x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes). - commit 3dd0b23 - x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes). - commit 31a173d - Sort series.conf - commit 4948d54 - iommu: Skip PASID validation for devices without PASID capability (bsc#1244100) - commit 913f1ca - selftests/bpf: Add selftest for may_goto (bsc#1241460 CVE-2025-22087). - selftests/bpf: Introduce __load_if_JITed annotation for tests (bsc#1241460 CVE-2025-22087). - bpf: Fix array bounds error with may_goto (bsc#1241460 CVE-2025-22087). - commit 4c36585 - selftests/bpf: Check for timeout in perf_link test (git-fixes). - commit 73ccf26 ++++ kernel-rt: - s390/pci: Fix __pcilg_mio_inuser() inline assembly (git-fixes bsc#1244280). - commit d830b32 - MyBS: Do not build kernel-obs-qa with limit_packages Fixes: 58e3f8c34b2b ("bs-upload-kernel: Pass limit_packages also on multibuild") - commit f4c6047 - MyBS: Simplify qa_expr generation Start with a 0 which makes the expression valid even if there are no QA repositories (currently does not happen). Then separator is always needed. - commit e4c2851 - KVM: s390: rename PROT_NONE to PROT_TYPE_DUMMY (git-fixes bsc#1244278). - commit fb0286b - uprobes/x86: Harden uretprobe syscall trampoline check (CVE-2025-22046 bsc#1241434). - commit 5cc86ac - MyBS: Correctly generate build flags for non-multibuild package limit (bsc# 1244241) Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build") - commit 27588c9 - bs-upload-kernel: Pass limit_packages also on multibuild Fixes: 0999112774fc ("MyBS: Use buildflags to set which package to build") Fixes: 747f601d4156 ("bs-upload-kernel, MyBS, Buildresults: Support multibuild (JSC-SLE#5501, boo#1211226, bsc#1218184)") - commit 8ef486c - ftrace: Avoid potential division by zero in function_stat_show() (CVE-2025-21898 bsc#1240610). - commit 13235ba - x86/microcode/AMD: Fix __apply_microcode_amd()'s return value (git-fixes). - commit 2343c8f - sort series.conf - commit 7c822ea - tracing: Fix bad hist from corrupting named_triggers list (CVE-2025-21899 bsc#1240577). - commit b162509 - ring-buffer: Validate the persistent meta data subbuf array (CVE-2025-21777 bsc#1238764). - commit b030dbe - x86/usercopy: Fix kernel-doc func param name in clean_cache_range()'s description (git-fixes). - commit 2e19a8b - x86/bugs: Make spectre user default depend on MITIGATION_SPECTRE_V2 (git-fixes). - commit 895937c - x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (git-fixes). - commit a46ec06 - x86/microcode/AMD: Add some forgotten models to the SHA check (git-fixes). - commit 5ed1d64 - x86/microcode/AMD: Load only SHA256-checksummed patches (git-fixes). - commit c395380 - x86/alternative: Remove unused header #defines (git-fixes). - commit 0ced93a - x86/idle: Remove MFENCEs for X86_BUG_CLFLUSH_MONITOR in mwait_idle_with_hints() and prefer_mwait_c1_over_halt() (git-fixes). - commit 1051216 - x86/microcode/AMD: Add get_patch_level() (git-fixes). - commit 08a178d - x86/microcode/AMD: Get rid of the _load_microcode_amd() forward declaration (git-fixes). - commit 563faf8 - x86/microcode/AMD: Merge early_apply_microcode() into its single callsite (git-fixes). - commit 409c545 - x86/microcode/AMD: Remove unused save_microcode_in_initrd_amd() declarations (git-fixes). - commit 5d4cce2 - x86/microcode/AMD: Remove ugly linebreak in __verify_patch_section() signature (git-fixes). - commit dc8a454 - x86/microcode/AMD: Have __apply_microcode_amd() return bool (git-fixes). - commit 3dd0b23 - x86/microcode/AMD: Return bool from find_blobs_in_containers() (git-fixes). - commit 31a173d - Sort series.conf - commit 4948d54 - iommu: Skip PASID validation for devices without PASID capability (bsc#1244100) - commit 913f1ca - selftests/bpf: Add selftest for may_goto (bsc#1241460 CVE-2025-22087). - selftests/bpf: Introduce __load_if_JITed annotation for tests (bsc#1241460 CVE-2025-22087). - bpf: Fix array bounds error with may_goto (bsc#1241460 CVE-2025-22087). - commit 4c36585 - selftests/bpf: Check for timeout in perf_link test (git-fixes). - commit 73ccf26 ++++ libgcrypt: - Security fix [bsc#1221107, CVE-2024-2236] * Add --enable-marvin-workaround to spec to enable workaround * Fix timing based side-channel in RSA implementation ( Marvin attack ) * Add libgcrypt-CVE-2024-2236.patch ++++ python313-core: - Update to 3.13.4: - Security - gh-135034: Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links. Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138 (bsc#1244059), CVE-2025-4330 (bsc#1244060), and CVE-2025-4517 (bsc#1244032). Also addresses CVE-2025-4435 (gh#135034, bsc#1244061). - gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler (CVE-2025-4516, bsc#1243273). - gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service. - Library - gh-134718: ast.dump() now only omits None and [] values if they are default values. - gh-128840: Fix parsing long IPv6 addresses with embedded IPv4 address. - gh-134696: Built-in HACL* and OpenSSL implementations of hash function constructors now correctly accept the same documented named arguments. For instance, md5() could be previously invoked as md5(data=data) or md5(string=string) depending on the underlying implementation but these calls were not compatible. Patch by Bénédikt Tran. - gh-134210: curses.window.getch() now correctly handles signals. Patch by Bénédikt Tran. - gh-80334: multiprocessing.freeze_support() now checks for work on any “spawn” start method platform rather than only on Windows. - gh-114177: Fix asyncio to not close subprocess pipes which would otherwise error out when the event loop is already closed. - gh-134152: Fixed UnboundLocalError that could occur during email header parsing if an expected trailing delimiter is missing in some contexts. - gh-62184: Remove import of C implementation of io.FileIO from Python implementation which has its own implementation - gh-133982: Emit RuntimeWarning in the Python implementation of io when the file-like object is not closed explicitly in the presence of multiple I/O layers. - gh-133890: The tarfile module now handles UnicodeEncodeError in the same way as OSError when cannot extract a member. - gh-134097: Fix interaction of the new REPL and -X showrefcount command line option. - gh-133889: The generated directory listing page in http.server.SimpleHTTPRequestHandler now only shows the decoded path component of the requested URL, and not the query and fragment. - gh-134098: Fix handling paths that end with a percent-encoded slash (%2f or %2F) in http.server.SimpleHTTPRequestHandler. - gh-134062: ipaddress: fix collisions in __hash__() for IPv4Network and IPv6Network objects. - gh-133745: In 3.13.3 we accidentally changed the signature of the asyncio create_task() family of methods and how it calls a custom task factory in a backwards incompatible way. Since some 3rd party libraries have already made changes to work around the issue that might break if we simply reverted the changes, we’re instead changing things to be backwards compatible with 3.13.2 while still supporting those workarounds for 3.13.3. In particular, the special-casing of name and context is back (until 3.14) and consequently eager tasks may still find that their name hasn’t been set before they execute their first yielding await. - gh-71253: Raise ValueError in open() if opener returns a negative file-descriptor in the Python implementation of io to match the C implementation. - gh-77057: Fix handling of invalid markup declarations in html.parser.HTMLParser. - gh-133489: random.getrandbits() can now generate more that 231 bits. random.randbytes() can now generate more that 256 MiB. - gh-133290: Fix attribute caching issue when setting ctypes._Pointer._type_ in the undocumented and deprecated ctypes.SetPointerType() function and the undocumented set_type() method. - gh-132876: ldexp() on Windows doesn’t round subnormal results before Windows 11, but should. Python’s math.ldexp() wrapper now does round them, so results may change slightly, in rare cases of very small results, on Windows versions before 11. - gh-133089: Use original timeout value for subprocess.TimeoutExpired when the func subprocess.run() is called with a timeout instead of sometimes a confusing partial remaining time out value used internally on the final wait(). - gh-133009: xml.etree.ElementTree: Fix a crash in Element.__deepcopy__ when the element is concurrently mutated. Patch by Bénédikt Tran. - gh-132995: Bump the version of pip bundled in ensurepip to version 25.1.1 - gh-132017: Fix error when pyrepl is suspended, then resumed and terminated. - gh-132673: Fix a crash when using _align_ = 0 and _fields_ = [] in a ctypes.Structure. - gh-132527: Include the valid typecode ‘w’ in the error message when an invalid typecode is passed to array.array. - gh-132439: Fix PyREPL on Windows: characters entered via AltGr are swallowed. Patch by Chris Eibl. - gh-132429: Fix support of Bluetooth sockets on NetBSD and DragonFly BSD. - gh-132106: QueueListener.start now raises a RuntimeError if the listener is already started. - gh-132417: Fix a NULL pointer dereference when a C function called using ctypes with restype py_object returns NULL. - gh-132385: Fix instance error suggestions trigger potential exceptions in object.__getattr__() in traceback. - gh-132308: A traceback.TracebackException now correctly renders the __context__ and __cause__ attributes from falsey Exception, and the exceptions attribute from falsey ExceptionGroup. - gh-132250: Fixed the SystemError in cProfile when locating the actual C function of a method raises an exception. - gh-132063: Prevent exceptions that evaluate as falsey (namely, when their __bool__ method returns False or their __len__ method returns 0) from being ignored by concurrent.futures.ProcessPoolExecutor and concurrent.futures.ThreadPoolExecutor. - gh-119605: Respect follow_wrapped for __init__() and __new__() methods when getting the class signature for a class with inspect.signature(). Preserve class signature after wrapping with warnings.deprecated(). Patch by Xuehai Pan. - gh-91555: Ignore log messages generated during handling of log messages, to avoid deadlock or infinite recursion. - gh-131434: Improve error reporting for incorrect format in time.strptime(). - gh-131127: Systems using LibreSSL now successfully build. - gh-130999: Avoid exiting the new REPL and offer suggestions even if there are non-string candidates when errors occur. - gh-130941: Fix configparser.ConfigParser parsing empty interpolation with allow_no_value set to True. - gh-129098: Fix REPL traceback reporting when using compile() with an inexisting file. Patch by Bénédikt Tran. - gh-130631: http.cookiejar.join_header_words() is now more similar to the original Perl version. It now quotes the same set of characters and always quote values that end with "\n". - gh-129719: Fix missing socket.CAN_RAW_ERR_FILTER constant in the socket module on Linux systems. It was missing since Python 3.11. - gh-124096: Turn on virtual terminal mode and enable bracketed paste in REPL on Windows console. (If the terminal does not support bracketed paste, enabling it does nothing.) - gh-122559: Remove __reduce__() and __reduce_ex__() methods that always raise TypeError in the C implementation of io.FileIO, io.BufferedReader, io.BufferedWriter and io.BufferedRandom and replace them with default __getstate__() methods that raise TypeError. This restores fine details of behavior of Python 3.11 and older versions. - gh-122179: hashlib.file_digest() now raises BlockingIOError when no data is available during non-blocking I/O. Before, it added spurious null bytes to the digest. - gh-86155: html.parser.HTMLParser.close() no longer loses data when the