Packages changed: aaa_base (84.87+git20190404.8684de3 -> 84.87+git20190418.d83e9d6) apparmor autofs bash bash-completion bind blog branding-openSUSE (15.0 -> 84.87.20180403) btrfsprogs (4.20.1 -> 5.1) bzip2 ceph (14.2.0.300+gacd2f2b9e1 -> 14.2.1.463+g99339b576a) cloud-init cni (0.6.0 -> 0.7.0) cri-o (1.14.0 -> 1.14.1) curl (7.64.0 -> 7.65.0) dbus-1 dhcp dracut e2fsprogs (1.45.0 -> 1.45.1) elfutils ethtool (5.0 -> 5.1) fuse gcc9 (8.3.1+r269200 -> 9.1.1+r271393) glib-networking (2.60.0.1 -> 2.60.2) glib2 (2.60.0 -> 2.60.3) glibc gnutls (3.6.6 -> 3.6.7) gpg2 (2.2.15 -> 2.2.16) grub2 gsettings-desktop-schemas (3.28.1 -> 3.32.0) health-checker (1.2.2 -> 1.2.3) hwdata (0.321 -> 0.323) hwinfo (21.64 -> 21.66) installation-images-MicroOS (14.420 -> 14.427) iproute2 (4.20 -> 5.1) iputils (s20180629 -> s20190515) kdump kernel-default-base (5.0.6 -> 5.1.4) kernel-firmware (20190312 -> 20190514) kernel-source (5.0.6 -> 5.1.7) kmod (25 -> 26) krb5 kubernetes (1.14.0 -> 1.14.1) kured (1.1.0 -> 1.2.0) ldb (1.4.3 -> 1.5.4) libaio libapparmor libcroco (0.6.12 -> 0.6.13) libedit libostree libpng16 (1.6.36 -> 1.6.37) libpsl (0.20.2 -> 0.21.0) libselinux libselinux-bindings libsoup (2.66.0 -> 2.66.2) libssh libtasn1 libx86emu (2.2 -> 2.3) libxslt libyaml (0.2.1 -> 0.2.2) logrotate (3.14.0 -> 3.15.0) lsof lzo mozilla-nspr (4.20 -> 4.21) mozilla-nss (3.42.1 -> 3.43) multipath-tools (0.7.9+139+suse.ed9d450 -> 0.8.1+8+suse.8c11498) ncurses netcfg nghttp2 (1.36.0 -> 1.38.0) numactl open-lldp open-vm-tools openldap2 openssh openssl (1.1.0h -> 1.1.1b) openssl-1_1 (1.1.0h -> 1.1.1b) p11-kit pam pam-config (0.96 -> 1.0) patterns-containers patterns-microos pcre2 (10.32 -> 10.33) permissions (20190212 -> 20190429) podman (1.2.0 -> 1.3.1) python-Jinja2 (2.10 -> 2.10.1) python-base (2.7.15 -> 2.7.16) python-cffi (1.12.2 -> 1.12.3) python-ecdsa (0.13 -> 0.13.2) python-ipy (0.83 -> 1.00) python-jsonpatch python-jsonschema (3.0.1 -> 2.6.0) python-pycryptodome (3.7.2 -> 3.8.1) python-pyparsing (2.3.0+git.1546912853.bf348d6 -> 2.4.0) python-pyserial python-pytz (2018.9 -> 2019.1) python-requests (2.21.0 -> 2.22.0) python-rpm-macros (20190402.c88be49 -> 20190430.5260267) python-semanage python-setuptools (40.8.0 -> 41.0.1) python-urllib3 (1.24.1 -> 1.24.2) rdma-core (22.1 -> 23.1) reiserfs rpm rpm-config-SUSE (0.g11 -> 0.g14) rsync runc (1.0.0~rc6 -> 1.0.0~rc8) salt (2018.3.2 -> 2019.2.0) sg3_utils (1.43 -> 1.45~815+5.6aa67ed) shadow shared-mime-info socat (1.7.3.2 -> 1.7.3.3) sssd (2.0.0 -> 2.1.0) suse-module-tools system-user-root (20170617 -> 20190513) systemd (241 -> 242) systemd-presets-common-SUSE sysuser-tools sysvinit talloc (2.1.14 -> 2.1.16) tdb (1.3.16 -> 1.3.18) tevent (0.9.37 -> 0.9.39) transactional-update (2.14.1 -> 2.14.2) ucode-intel (20190312 -> 20190514) util-linux (2.33.1 -> 2.33.2) util-linux-systemd (2.33.1 -> 2.33.2) vim (8.1.1066 -> 8.1.1330) xen (4.12.0_08 -> 4.12.0_12) xfsprogs (4.20.0 -> 5.0.0) xmlsec1 (1.2.26 -> 1.2.28) yast2 (4.1.67 -> 4.2.3) zstd (1.3.8 -> 1.4.0) === Details === ==== aaa_base ==== Version update (84.87+git20190404.8684de3 -> 84.87+git20190418.d83e9d6) - Update to version 84.87+git20190418.d83e9d6: * convert_sysctl isn't needed anymore - Update to version 84.87+git20190418.f488c70: * Remove sysconfig/sysctl to sysctl.conf merge, there is no active distribution anymore from which we support an update with this. - Update to version 84.87+git20190418.155e7f0: * Remove sysconfig/cron to tmpfiles, we don't support upgrade from such old distributions to Factory anymore. * /etc/sysconfig/boot and /etc/sysconfig/shutdown don't exist anymore, no need to remove single variables from it. * Remove obsolete code for /etc/psdevtab and YaST - Remove over 12 year old compat provides - Remove BuildRequires for net-tools, the code was removed and this package does not contain the wanted tool anymore - Replace net-tools with successors in Recommends - Update to version 84.87+git20190418.a543e8e: * Remove rc.splash and rc.status, now part of insserv-compat [bsc#1132738] ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils perl-apparmor python3-apparmor - Disable LTO (boo#1133091). - update lessopen.sh profile for usrMerge (bash and tar) (boo#1132350) ==== autofs ==== - Remove legacy LSB-init script code, we don't have that anymore. ==== bash ==== - Add official patch bash50-004 * In bash-5.0, the `wait' builtin without arguments waits for all children of the shell. This includes children it `inherited' at shell invocation time. This patch modifies the behavior to not wait for these inherited children, some of which might be long-lived. - Add official patch bash50-005 * In certain cases, bash optimizes out a fork() call too early and prevents traps from running. - Add official patch bash50-006 * Bash-5.0 did not build successfully if SYSLOG_HISTORY was defined without also defining SYSLOG_SHOPT. - Add official patch bash50-007 * Running `exec' when job control was disabled, even temporarily, but after it had been initialized, could leave the terminal in the wrong process group for the executed process. ==== bash-completion ==== - Add patch gcc-564d068.patch from pull request 564d068 of Martin to upstream of bash-completion ==== bind ==== Subpackages: bind-utils libbind9-160 libdns169 libirs160 libisc166 libisccc160 libisccfg160 liblwres160 python3-bind - Add FIPS patch back into bind (bsc#1128220) - File: bind-fix-fips.patch ==== blog ==== - Implement shared library packaging guideline. ==== branding-openSUSE ==== Version update (15.0 -> 84.87.20180403) - Rewrite the spec and makefile to make it easier to contibute - Change the default plymouth theme to bgrt ==== btrfsprogs ==== Version update (4.20.1 -> 5.1) Subpackages: btrfsprogs-udev-rules libbtrfs0 - update to version 5.1 * repair: flush/FUA support to avoid breaking metadata COW * file extents repair no longer relies on data in extent tree * lowmem: fix false error reports about gaps between extents * add inode mode check and repair for various objects * add check for invalid combination of nocow/compressed extents * device scan option to forget scanned devices [new] * mkfs: use same chunk size as kernel for initial creation * dev-repace: better report when other exclusive operation runs * help for sntax errors on command lines, print relevant msgs * defrag: able to open files in RO mode * dump-tree: --block can be specified multiple times - update to version 4.20.2 * dump-super: minor output fixup * revert fix for prefix detection of receive path, this is temporary and unbreaks existing user setups ==== bzip2 ==== - add bzip2-1.0.6-CVE-2016-3189.patch to fix a heap use after free vulnerability that was reported in bzip2recover [bsc#985657] [CVE-2016-3189] ==== ceph ==== Version update (14.2.0.300+gacd2f2b9e1 -> 14.2.1.463+g99339b576a) Subpackages: ceph-common libcephfs2 librados2 libradosstriper1 librbd1 librgw2 python3-ceph-argparse python3-cephfs python3-rados python3-rbd python3-rgw - Update to 14.2.1-463-g99339b576a: + qa/deepsea: redirect journalctl output to a logfile + spec: install/package ceph-volume lvmcache plugin + common: make ms_bind_msgr2 default to "false" (bsc#1124957) - Update to 14.2.1-457-gb42e3171b3: + qa/deepsea/salt: * 1node5disks salt configuration * grafana_service_check validation test * Disk drive replacement test * use "ceph_cm_ansible: false" instead of "ceph_cm: salt" + spec: Disable LTO in spec when being used (bsc#1135030) - civetweb: fix file descriptor leak (bsc#1125080, CVE-2019-3821) (fix has been in since February 2019) - rgw: sanitize customer encryption keys from log output in v4 auth (bsc#1121567, CVE-2018-16889) (fix has been in since February 2019) - Update to 14.2.1-448-g1bd10a856f: + monitoring: update Grafana dashboards + mgr/dashboard: fix some performance data are not displayed + monitoring: SNMP OID per every Prometheus alert rule + mgr/dashboard: Validate if any client belongs to more than one group + mgr/dashboard: Admin resource not honored + mgr/dashboard: Unable to see tcmu-runner perf counters (bsc#1135388) + mgr/dashboard: iSCSI form does not support IPv6 - Update to 14.2.1-440-g0ac6920288: + rebase on top of upstream nautilus branch, SHA1 1dc43a036fcc0121e3a0c1fe7ca6cd77cde1bf60 + client: fix vxattr nanosecond field padding (bsc#1135219, bsc#1135221) - Update to 14.2.1-431-gd032e5dd80: + ReplicatedPG: add CHECKSUM->CMPEXT req translation (bsc#1123360) + MDS + libcephfs snapshot btime support (jsc#SES-183) - Update to 14.2.1-423-g3df171fd28: + rgw: cloud sync fixes (jsc#SES-97) - Update to 14.2.1-419-gb72ca927c1: + rebase on top of upstream nautilus branch, SHA1 8e188313cf2f790f131e21a3a02094e32cf02087 + replaced ~25 downstream ceph-volume lvmcache commits with a single squashed commit + rgw: object expirer fixes (bsc#1133139) + rgw_lc: use a new bl while encoding RGW_ATTR_LC (jsc#SES-327) + rgw: beast IPv6 (jsc#SES-454) - Update to 14.2.1-426-g7a12897012: + nautilus: core: Give recovery for inactive PGs a higher priority (bsc#1133461) + spec: new subpackage ceph-prometheus-alerts + nautilus: librbd: re-add support for nautilus clients talking to jewel clusters + systemd: ceph-mgr: set MemoryDenyWriteExecute to false - Update to 14.2.1-345-g040ffffe0e: + Upstream v14.2.1 release draft release notes: https://github.com/ceph/ceph/pull/27793 + rpm: have pybind RPMs provide/obsolete their python2 predecessors (bsc#1125899) + ceph-volume: add lvmcache plugin (jsc#SES-267) - Update to 14.2.0-636-g19cfb53b0c: + rebase on top of upstream nautilus branch, SHA1 d947e804dd316c89c28d25948947927fa290e227 + downstream branding no longer displays Ceph logo in error popup (bsc#1131984) + mgr: make run-tox.sh scripts more robust (jsc#SES-478) - Update to 14.2.0-465-gdfed19b089: + rebase on top of upstream nautilus branch, SHA1 c09e90d1847fc4ffdd7384c9adf7f60c13479095 * dashboard improvements: [#] Add Polish language [#] Add date range and log search functionality [#] Add refresh interval to the dashboard landing page [#] Add separate option to config SSL port [#] Filter iSCSI target images based on required features [#] Fixed auth TTL expired error [#] Fixed error when trying to create NFS export without "NFSv3" [#] Fixed error when trying to create NFS export without "UDP" - Update to 14.2.0-345-g183e6fe4f5: + rebase on top of upstream nautilus branch, upstream SHA1 d4290f8edcbadbfecb9396a43a586afe0d0afd00 * common/blkdev: get_device_id: behave if model is lvm and id_model_enc isn't there * mon/Monitor.cc: print min_mon_release correctly * mgr/dashboard: dashboard giving 401 unauthorized - _constraints: increase x86_64 ceph memory constraint to 10G after seeing "memory exhausted" build failure on a machine with 9.8G total memory (including swap) - Update to 14.2.0-328-gf3638ba646: + rebase on top of upstream nautilus branch, upstream SHA1 41b9e7f94f1f08e8607ef574befaaaf6998a89dd * librbd: ignore -EOPNOTSUPP errors when retrieving image group membership * crush: various fixes for weight-sets, the osd_crush_update_weight_set option, and tests * osd/OSDMap: add 'zone' to default crush map * common/blkdev: handle devices with ID_MODEL as "LVM PV ..." but valid ID_MODEL_ENC * mgr/orchestrator: Add error handling to interface * mon/OSDMonitor: allow 'osd pool set pgp_num_actual' * rgw: ldap: fix early return in LDAPAuthEngine::init w/uri not empty() * mon/MgrStatMonitor: ensure only one copy of initial service map + drop downstream patch "rgw: dmclock: async scheduler: wrap yield_ctx around ifdefs" (replaced by https://github.com/ceph/ceph/pull/26634) - _constraints: increase aarch64 ceph memory constraint to 10G after seeing "memory exhausted" build failure on a machine with 9.8G total memory (including swap) ==== cloud-init ==== - Update cloud-init-write-routes.patch (bsc#1132692) + Properly accumulate all the defined routes for a given network device. Previously only the last defined route was written to the routes file. - Update cloud-init-trigger-udev.patch (bsc#1125950) + Write the udev rules to a different file than the default + Settle udev if not all configured devices are in the device tree to avoid race condition between udev and cloud-init ==== cni ==== Version update (0.6.0 -> 0.7.0) - Update to version 0.7.0: * Spec changes: + Use more RFC2119 style language in specification (must, should...) + add notes about ADD/DEL ordering + Make the container ID required and unique. + remove the version parameter from ADD and DEL commands. + Network interface name matters + be explicit about optional and required structure members + add CHECK method + Add a well-known error for "try again" + SPEC.md: clarify meaning of 'routes' * Library changes: + pkg/types: Makes IPAM concrete type + libcni: return error if Type is empty + skel: VERSION shouldn't block on stdin + non-pointer instances of types.Route now correctly marshal to JSON + libcni: add ValidateNetwork and ValidateNetworkList functions + pkg/skel: return error if JSON config has no network name + skel: add support for plugin version string + libcni: make exec handling an interface for better downstream testing + libcni: api now takes a Context to allow operations to be timed out or cancelled + types/version: add helper to parse PrevResult + skel: only print about message, not errors + skel,invoke,libcni: implementation of CHECK method + cnitool: Honor interface name supplied via CNI_IFNAME environment variable. + cnitool: validate correct number of args + Don't copy gw from IP4.Gateway to Route.GW When converting from 0.2.0 + add PrintTo method to Result interface + Return a better error when the plugin returns none - Install sleep binary into CNI plugin directory - Restore build.sh script which was removed upstream ==== cri-o ==== Version update (1.14.0 -> 1.14.1) Subpackages: cri-o-kubeadm-criconfig - Add _constraints to avoid OOM - Update cri-o to v1.14.1 * Add min memory limit check to sandbox_run_linux.go * Fix crash when network namespace is not setup * Log oom_handling_score failure to debug * Fix possible out of bounds access during log parsing * Fix sandbox segfault with manage_network_ns_lifecycle - Add registry-mirror.patch - Update repository paths from `kubernetes-sigs` to `cri-o` - Remove unnecessary ostree dependency - Use /opt/cni/bin as the additional directory where cri-o is going to look up for CNI plugins installed by DaemonSets running on Kubernetes (i.e. Cilium). - Update the configuration to fallback to the storage driver specified in libcontainers-common (`/etc/containers/storage.conf`) - Update go version to >= 1.12 to be in sync with upstream ==== curl ==== Version update (7.64.0 -> 7.65.0) Subpackages: libcurl4 - Update to 7.65.0 [bsc#1135176, CVE-2019-5435][bsc#1135170, CVE-2019-5436] * Changes: - CURLOPT_DNS_USE_GLOBAL_CACHE: removed - CURLOPT_MAXAGE_CONN: set the maximum allowed age for conn reuse - pipelining: removed * Bugfixes: - CVE-2019-5435: Integer overflows in curl_url_set - CVE-2019-5436: tftp: use the current blksize for recvfrom() - --config: clarify that initial : and = might need quoting - CURLMOPT_TIMERFUNCTION.3: warn about the recursive risk - CURLOPT_ADDRESS_SCOPE: fix range check and more - CURLOPT_CHUNK_BGN_FUNCTION.3: document the struct and time value - CURLOPT_READFUNCTION.3: see also CURLOPT_UPLOAD_BUFFERSIZE - CURL_MAX_INPUT_LENGTH: largest acceptable string input size - Curl_disconnect: treat all CONNECT_ONLY connections as "dead" - OS400/ccsidcurl: replace use of Curl_vsetopt - OpenSSL: Report -fips in version if OpenSSL is built with FIPS - WRITEFUNCTION: add missing set_in_callback around callback - altsvc: Fix building with cookies disabled - auth: Rename the various authentication clean up functions - base64: build conditionally if there are users - cmake: avoid linking executable for some tests with cmake 3.6+ - cmake: clear CMAKE_REQUIRED_LIBRARIES after each use - cmake: set SSL_BACKENDS - configure: avoid unportable '==' test(1) operator - configure: error out if OpenSSL wasn't detected when asked for - configure: fix default location for fish completions - cookie: Guard against possible NULL ptr deref - curl: make code work with protocol-disabled libcurl - curl: report error for "--no-" on non-boolean options - curlver.h: use parenthesis in CURL_VERSION_BITS macro - docs/INSTALL: fix broken link - doh: acknowledge CURL_DISABLE_DOH - doh: disable DOH for the cases it doesn't work - examples: remove unused variables - ftplistparser: fix LGTM alert "Empty block without comment" - hostip: acknowledge CURL_DISABLE_SHUFFLE_DNS - http: Ignore HTTP/2 prior knowledge setting for HTTP proxies - http: acknowledge CURL_DISABLE_HTTP_AUTH - http: mark bundle as not for multiuse on < HTTP/2 response - http_digest: Don't expose functions when HTTP and Crypto Auth are disabled - http_negotiate: do not treat failure of gss_init_sec_context() as fatal - http_ntlm: Corrected the name of the include guard - http_ntlm_wb: Handle auth for only a single request - http_ntlm_wb: Return the correct error on receiving an empty auth message - lib509: add missing include for strdup - lib557: initialize variables - mbedtls: enable use of EC keys - mime: acknowledge CURL_DISABLE_MIME - multi: improved HTTP_1_1_REQUIRED handling - netrc: acknowledge CURL_DISABLE_NETRC - nss: allow fifos and character devices for certificates - nss: provide more specific error messages on failed init - ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup - ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4 - openssl: mark connection for close on TLS close_notify - openvms: Remove pre-processor for SecureTransport - parse_proxy: use the URL parser API - parsedate: disabled on CURL_DISABLE_PARSEDATE - pingpong: disable more when no pingpong protocols are enabled - polarssl_threadlock: remove conditionally unused code - progress: acknowledge CURL_DISABLE_PROGRESS_METER - proxy: acknowledge DISABLE_PROXY more - resolve: apply Happy Eyeballs philosophy to parallel c-ares queries - revert "multi: support verbose conncache closure handle" - sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616 - sasl: only enable if there's a protocol enabled using it - singleipconnect: show port in the verbose "Trying ..." message - socks5: user name and passwords must be shorter than 256 - socks: fix error message - socksd: new SOCKS 4+5 server for tests - spnego_gssapi: fix return code on gss_init_sec_context() failure - ssh-libssh: remove unused variable - ssh: define USE_SSH if SSH is enabled (any backend) - ssh: move variable declaration to where it's used - test1002: correct the name - test2100: Fix typos in test description - tests: Run global cleanup at end of tests - tests: make Impacket (SMB server) Python 3 compatible - tool_cb_wrt: fix bad-function-cast warning - tool_formparse: remove redundant assignment - tool_help: Warn if curl and libcurl versions do not match - tool_help: include for strcasecmp - url: always clone the CUROPT_CURLU handle - url: convert the zone id from a IPv6 URL to correct scope id - urlapi: add CURLUPART_ZONEID to set and get - urlapi: increase supported scheme length to 40 bytes - urlapi: require a non-zero host name length when parsing URL - urlapi: stricter CURLUPART_PORT parsing - urlapi: strip off zone id from numerical IPv6 addresses - urlapi: urlencode characters above 0x7f correctly - vauth/cleartext: update the PLAIN login to match RFC 4616 - vauth/oauth2: Fix OAUTHBEARER token generation - vauth: Fix incorrect function description for Curl_auth_user_contains_domain - vtls: fix potential ssl_buffer stack overflow - wildcard: disable from build when FTP isn't present - xattr: skip unittest on unsupported platforms - Install curl.fish completions file from curl rather than from the fish package - update to version 7.64.1 * Changes: - alt-svc: experiemental support added - configure: add --with-amissl * Bugfixes: - AppVeyor: switch VS 2015 builds to VS 2017 image - CURLU: fix NULL dereference when used over proxy - Curl_easy: remove req.maxfd - never used! - Curl_resolv: fix a gcc -Werror=maybe-uninitialized warning - DoH: inherit some SSL options from user's easy handle - Secure Transport: no more "darwinssl" - Secure Transport: tvOS 11 is required for ALPN support - cirrus: Added FreeBSD builds using Cirrus CI - cleanup: make local functions static - cli tool: do not use mime.h private structures - cmdline-opts/proxytunnel.d: the option tunnnels all protocols - configure: add additional libraries to check for LDAP support - configure: remove the unused fdopen macro - configure: show features as well in the final summary - conncache: use conn->data to know if a transfer owns it - connection: never reuse CONNECT_ONLY connections - connection_check: restore original conn->data after the check - connection_check: set ->data to the transfer doing the check - cookie: Add support for cookie prefixes - cookies: dotless names can set cookies again - cookies: fix NULL dereference if flushing cookies with no CookieInfo set - curl.1: --user and --proxy-user are hidden from ps output - curl.1: mark the argument to --cookie as - curl.h: use __has_declspec_attribute for shared builds - curl: display --version features sorted alphabetically - curl: fix FreeBSD compiler warning in the --xattr code - curl: remove MANUAL from -M output - curl_easy_duphandle.3: clarify that a duped handle has no shares - curl_multi_remove_handle.3: use at any time, just not from within callbacks - curl_url.3: this API is not experimental anymore - dns: release sharelock as soon as possible - docs: update max-redirs.d phrasing - examples/10-at-a-time.c: improve readability and simplify - examples/cacertinmem.c: use multiple certificates for loading CA-chain - examples/crawler: Fix the Accept-Encoding setting - examples/ephiperfifo.c: various fixes - examples/externalsocket: add missing close socket calls - examples/http2-download: cleaned up - examples/http2-serverpush: add some sensible error checks - examples/http2-upload: cleaned up - examples/httpcustomheader: Value stored to 'res' is never read - examples/postinmemory: Potential leak of memory pointed to by 'chunk.memory' - examples/sftpuploadresume: Value stored to 'result' is never read - examples: only include - examples: remove recursive calls to curl_multi_socket_action - examples: remove superfluous null-pointer checks - file: fix "Checking if unsigned variable 'readcount' is less than zero." - fnmatch: disable if FTP is disabled - gnutls: remove call to deprecated gnutls_compression_get_name - gopher: remove check for path == NULL - gssapi: fix deprecated header warnings - hostip: make create_hostcache_id avoid alloc + free - http2: multi_connchanged() moved from multi.c, only used for h2 - http2: verify :athority in push promise requests - http: make adding a blank header thread-safe - http: send payload when (proxy) authentication is done - http: set state.infilesize when sending multipart formposts - makefile: make checksrc and hugefile commands "silent" - mbedtls: make it build even if MBEDTLS_VERSION_C isn't set - mbedtls: release sessionid resources on error - memdebug: log pointer before freeing its data - memdebug: make debug-specific functions use curl_dbg_ prefix - mime: put the boundary buffer into the curl_mime struct - multi: call multi_done on connect timeouts, fixes CURLINFO_TOTAL_TIME - multi: remove verbose "Expire in" ... messages - multi: removed unused code for request retries - multi: support verbose conncache closure handle - negotiate: fix for HTTP POST with Negotiate - openssl: add support for TLS ASYNC state - openssl: if cert type is ENG and no key specified, key is ENG too - pretransfer: don't strlen() POSTFIELDS set for GET requests - rand: Fix a mismatch between comments in source and header - runtests: detect "schannel" as an alias for "winssl" - schannel: be quiet - remove verbose output - schannel: close TLS before removing conn from cache - schannel: support CALG_ECDH_EPHEM algorithm - scripts/completion.pl: also generate fish completion file - singlesocket: fix the 'sincebefore' placement - source: fix two 'nread' may be used uninitialized warnings - ssh: fix Condition '!status' is always true - ssh: loop the state machine if not done and not blocking - strerror: make the strerror function use local buffers - test578: make it read data from the correct test - tests: Fixed XML validation errors in some test files - tests: add stderr comparison to the test suite - tests: fix multiple may be used uninitialized warnings - threaded-resolver: shutdown the resolver thread without error message - tool_cb_wrt: fix writing to Windows null device NUL - tool_getpass: termios.h is present on AmigaOS 3, but no tcgetattr/tcsetattr - tool_operate: build on AmigaOS - tool_operate: fix typecheck warning - transfer.c: do not compute length of undefined hex buffer - travis: add build using gnutls - travis: add scan-build - travis: bump the used wolfSSL version to 4.0.0 - travis: enable valgrind for the iconv tests - travis: use updated compiler versions: clang 7 and gcc 8 - unit1307: require FTP support - unit1651: survive curl_easy_init() fails - url/idnconvert: remove scan for <= 32 ascii values - url: change conn shutdown order to ensure SOCKETFUNCTION callbacks - urlapi: reduce variable scope, remove unreachable 'break' - urldata: convert bools to bitfields and move to end - urldata: simplify bytecounters - urlglob: Argument with 'nonnull' attribute passed null - version.c: silent scan-build even when librtmp is not enabled - vtls: rename some of the SSL functions - wolfssl: stop custom-adding curves - x509asn1: "Dereference of null pointer" - x509asn1: cleanup and unify code layout - zsh.pl: escape ':' character - zsh.pl: update regex to better match curl -h output - Dropped patches fixed upstream: * 0001-connection_check-set-data-to-the-transfer-doing-the-.patch * 0002-connection_check-restore-original-conn-data-after-th.patch * curl-singlesocket-sincebefore-placement.patch ==== dbus-1 ==== Subpackages: libdbus-1-3 - Replace DISABLE_RESTART_ON_UPDATE with %service_del_postun_without_restart - Remove version specific code to block all updates on restart as hopefully no tumbleweed versions still have code causing those issues (was only present for a few snapshots) - Remove the Leap42 conditionals that cause file conflict with filesystem package ==== dhcp ==== Subpackages: dhcp-client - Add workaround to require insserv-compat until the package is converted to full systemd units (boo#1133632). ==== dracut ==== Subpackages: dracut-ima - dracut-lib.sh:dev_unit_name() guard against $dev beginning with "-" (bsc#1132448) * adds 0601-base-dracut-lib.sh-dev_unit_name-guard-against-dev-b.patch - 95iscsi: avoid error messages when building initrd, multipath timeouts (bsc#1130114, bsc#1130107, bsc#1121238) * adds 0595-iscsi-don-t-continue-waiting-if-the-root-device-is-p.patch * adds 0596-network-stop-waiting-for-interfaces-if-root-device-i.patch * adds 0597-iscsiroot-parse_iscsi_root-overwrites-command-line-a.patch * adds 0598-iscsiroot-there-s-never-more-than-one-target-per-cal.patch * adds 0599-iscsiroot-try-targets-only-once.patch * adds 0600-iscsiroot-remove-bashisms.patch ==== e2fsprogs ==== Version update (1.45.0 -> 1.45.1) Subpackages: libcom_err2 libext2fs2 - Remove unused configure-Fix-autoheader-failure.patch. - Update to 1.45.1 * Remove configure-Fix-autoheader-failure.patch (fixed upstream) * Debugfs now supports non-printable chars * E2fsck now checks to make sure all unused bits in block are set * E2fsck now supports writing out a problem code log * Fixed various casefold bugs * Fix mke2fs support for < 900TB disks * E2scrub will take its snapshots with UDISK_IGNORE * Dropped utf8/nls symbols from libext2fs shared library ==== elfutils ==== Subpackages: libasm1 libdw1 libebl-plugins libelf1 - Add gcc9-tests-Don-t-printf-a-known-NULL-symname.patch in order to fix boo#1120864. ==== ethtool ==== Version update (5.0 -> 5.1) - Update to new upstream release 5.1 * support for 200Gbps (50Gbps per lane) link modes * support for new PHY tunable Fast Link Down * new 'start N' option when setting Rx flow indirection table * add bash completion script * support show and set of per queue coalescing * fec: add pretty dump ==== fuse ==== - Move definition of _lto_cflags into %build. - Disable LTO (boo#1133101). ==== gcc9 ==== Version update (8.3.1+r269200 -> 9.1.1+r271393) Subpackages: libgcc_s1 libstdc++6 - Update to gcc-9-branch head (r271393). - Always use ISL for crosses like for native compilers. - Update to gcc-9-branch head (r271050). - Strip -flto from $optflags as we use LTO bootstrap config. - Update to GCC 9.1.0 release. - Update to gcc-9-branch head (r270796). - Enable D for s390x. - Enable D for aarch64 and riscv64 - Update to gcc-9-branch head (r270689). * GCC 9.1 RC2. - Update to gcc-9-branch head (r270591). - Update to SVN trunk head (r270403). - Use --enable-link-mutex for LTO builds to limit peak memory use. - Omit libbacktrace .log files from gcc-testresults package to fix build. - Update to SVN trunk head (r270275). * Includes gcc9-pgo-lto-bootstrap.patch. - Update to SVN trunk head (r270202). - Add gcc9-pgo-lto-bootstrap.patch in order to enable LTO on platforms where we use PGO (except i386). - Limit LTO to new openSUSE. - Increase constraints for targets that use LTO bootstrap. - Do not use PGO and LTO in gcc9-testresults package. - Define 'build_d' in cross.spec.in in order to repair cross package builds. - Update to SVN trunk head (r270012). - Update to SVN trunk head (r269761). - Change URLs to use https. - Update to SVN trunk head (r269411). ==== glib-networking ==== Version update (2.60.0.1 -> 2.60.2) - Update to version 2.60.2: + OpenSSL backend now defaults to system trust store. + Fix client auth failure error with GnuTLS 3.6.7. - Drop 0001-gnutls-Handle-new-GNUTLS_E_CERTIFICATE_REQUIRED.patch: fixed upstream. - Handle new GnuTLS error GNUTLS_E_CERTIFICATE_REQUIRED + https://gitlab.gnome.org/GNOME/glib-networking/issues/70 + add 0001-gnutls-Handle-new-GNUTLS_E_CERTIFICATE_REQUIRED.patch - Update to version 2.60.1: + Improve reliability of client auth failure tests. + Fix excessive CPU usage after sync handshake. ==== glib2 ==== Version update (2.60.0 -> 2.60.3) Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 - Set umask to 022 before running glib-compile-schemas (boo#1131761). - Update to version 2.60.3: + * Various fixes to small key/value support in `GHashTable`. * Bugs fixed: - Critical in g_socket_client_async_connect_complete. - New GHashTable implementation confuses valgrind. - test_month_names: assertion failed. - GNetworkAddressAddressEnumerator unsafely modifies cache in GNetworkAddress. - Leaks in gsocketclient.c connection code. - glib/date test fails. - GDB pretty-printer for GHashTable no longer works + Updated translations. - Move glib2.macros to %_rpmmacrodir. /etc is for the system admin. - Update to version 2.60.2: + Fix crash when displaying notifications on macOS. + Improve network status detection with NetworkManager. + Bugs fixed: glgo#GNOME/GLib!790, glgo#GNOME/GLib!793, glgo#GNOME/GLib!803. + Updated translations. - Use FAT LTO objects in order to provide proper static library (boo#1133129). - Update to version 2.60.1: + Fix documentation for `gdbus-tool wait` to use correct units. + Bugs fixed: glgo#GNOME/GLib#1709, glgo#GNOME/GLib#1725, glgo#GNOME/GLib#1737, glgo#GNOME/GLib!711, glgo#GNOME/GLib!722, glgo#GNOME/GLib!727, glgo#GNOME/GLib!729, glgo#GNOME/GLib!758, glgo#GNOME/GLib!775. + Updated translations. - Drop upstream fixed patch: 0001-Handle-an-UNKNOWN-NetworkManager-connectivity-as-NONE.patch. ==== glibc ==== Subpackages: glibc-locale glibc-locale-base - dl-show-auxv.patch: Fix output of LD_SHOW_AUXV=1 - s390-vx-vxe-hwcap.patch: S390: Mark vx and vxe as important hwcap - taisho-era-string.patch: ja_JP: Change the offset for Taisho gan-nen from 2 to 1 (BZ #24162) - malloc-tracing-hooks.patch: malloc: Set and reset all hooks for tracing (BZ #16573) - pldd-inf-loop.patch: elf: Fix pldd (BZ#18035) - malloc-large-bin-corruption-check.patch: malloc: Check for large bin list corruption when inserting unsorted chunk (BZ #24216) - wfile-sync-crash.patch: Fix crash in _IO_wfile_sync (BZ #20568) ==== gnutls ==== Version update (3.6.6 -> 3.6.7) - Trim useless %if..%endif guards that do not affect the build. - Fix language errors in description again. - Update gnutls to 3.6.7 * * libgnutls, gnutls tools: Every gnutls_free() will automatically set the free'd pointer to NULL. This prevents possible use-after-free and double free issues. Use-after-free will be turned into NULL dereference. The counter-measure does not extend to applications using gnutls_free(). * * libgnutls: Fixed a memory corruption (double free) vulnerability in the certificate verification API. Reported by Tavis Ormandy; addressed with the change above. [GNUTLS-SA-2019-03-27, #694] [bsc#1130681] (CVE-2019-3829) * * libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages; Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704] [bsc#1130682] (CVE-2019-3836) * * libgnutls: enforce key usage limitations on certificates more actively. Previously we would enforce it for TLS1.2 protocol, now we enforce it even when TLS1.3 is negotiated, or on client certificates as well. When an inappropriate for TLS1.3 certificate is seen on the credentials structure GnuTLS will disable TLS1.3 support for that session (#690). * * libgnutls: the default number of tickets sent under TLS 1.3 was increased to two. This makes it easier for clients which perform multiple connections to the server to use the tickets sent by a default server. * * libgnutls: enforce the equality of the two signature parameters fields in a certificate. We were already enforcing the signature algorithm, but there was a bug in parameter checking code. * * libgnutls: fixed issue preventing sending and receiving from different threads when false start was enabled (#713). * * libgnutls: the flag GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO now implies a writable session, as non-writeable security officer sessions are undefined in PKCS#11 (#721). * * libgnutls: no longer send downgrade sentinel in TLS 1.3. Previously the sentinel value was embedded to early in version negotiation and was sent even on TLS 1.3. It is now sent only when TLS 1.2 or earlier is negotiated (#689). * * gnutls-cli: Added option --logfile to redirect informational messages output. - Disabled dane support in SLE since dane is not shipped there - Changed configure script to hardware guile site directory since command-line option '--with-guile-site-dir=' was removed from the configure script. * * Added gnutls-3.6.6-set_guile_site_dir.patch - Modified gnutls-3.6.0-disable-flaky-dtls_resume-test.patch to fix compilation issues on PPC ==== gpg2 ==== Version update (2.2.15 -> 2.2.16) - Update to 2.2.16 * gpg: Fixed i18n markup of some strings. * gpg: Allow deletion of subkeys with --delete-[secret-]key. * gpg: Do not bail on an invalid packet in the local keyring. * gpg: Do not allow creation of user ids larger than our parser allows. * gpg: Do not delete any keys if --dry-run is passed. * gpg: Fix using --decrypt along with --use-embedded-filename. * gpg: Improve the photo image viewer selection. * gpg: enable OpenPGP export of cleartext keys with comments. * gpg: Do not print a hint to use the deprecated --keyserver option. * gpg: Change update_keysig_packet to replace SHA-1 by SHA-256. * gpg: Use just the addrspec from the Signer's UID. * gpg: Accept also armored data from the WKD. * gpg: Set a limit of 5 to the number of keys imported from the WKD. * gpg: Don't use EdDSA algo ID for ECDSA curves. * agent: Stop scdaemon after reload when disable_scdaemon. * agent: For SSH key, don't put NUL-byte at the end. * agent: correct length for uri and comment on 64-bit big-endian platforms * dirmngr: Allow for other hash algorithms than SHA-1 in OCSP. * dirmngr: Improve domaininfo cache update algorithm. * dirmngr: Better error code for http status 413. * g10: Fix possible null dereference. * g10: Fix double free when locating by mbox. * g10: Fix symmetric cipher algo constant for ECDH. * sm: Avoid confusing diagnostic for the default key. * sm: Fix a warning in an es_fopencooie function. * gpgconf: Before --launch check that the config file is fine. * gpgconf: Support --homedir for --launch. * build: Update m4/iconv.m4. * doc: correct documentation for gpgconf --kill. * scd: Add dummy option --application-priority. * common: Fix AWK portability. ==== grub2 ==== Subpackages: grub2-i386-pc grub2-snapper-plugin grub2-x86_64-efi - Check/refresh zipl-kernel before hibernate on s390x. (bsc#940457) (Getting rid of hardcoded 'vmlinuz', which failed on PPC as well.) * grub2-systemd-sleep.sh - Try to refresh zipl-kernel on failed kexec. (bsc#1127293) * grub2-s390x-04-grub2-install.patch - Fully support "previous" zipl-kernel, with 'mem=1G' being available on dedicated entries. (bsc#928131) * grub2-s390x-09-improve-zipl-setup.patch - Refresh * grub2-zipl-setup-fix-btrfs-multipledev.patch - Fix GCC 9 build failure (bsc#1121208) * 0001-cpio-Disable-gcc9-Waddress-of-packed-member.patch * 0002-jfs-Disable-gcc9-Waddress-of-packed-member.patch * 0003-hfs-Fix-gcc9-error-Waddress-of-packed-member.patch * 0004-hfsplus-Fix-gcc9-error-with-Waddress-of-packed-membe.patch * 0005-acpi-Fix-gcc9-error-Waddress-of-packed-member.patch * 0006-usbtest-Disable-gcc9-Waddress-of-packed-member.patch * 0007-chainloader-Fix-gcc9-error-Waddress-of-packed-member.patch * 0008-efi-Fix-gcc9-error-Waddress-of-packed-member.patch ==== gsettings-desktop-schemas ==== Version update (3.28.1 -> 3.32.0) - Add adobe-sourcecodepro-fonts Recommends: New default font for monospace was added for version 3.32.x. - Rebase gsettings-desktop-schemas-fate324570-Add-key-for-GDM-background-configuration.patch - Update to version 3.32.0: + Updated translations. - Update to version 3.31.92: + Drop legacy build systems. + Updated translations. - Update to version 3.31.91: + Updated translations. - Update to version 3.31.90: + Updated default monospace font. + More meson build fixes. + Updated translations. - Switch to meson build system, add meson BuildRequires and macros. - Drop obsolete gnome-common and intltool BuildRequires. - Update to version 3.31.0.2: + Fixed generation of enums XML on meson builds. + Convert post-install script to python. + Updated translations. - Update to version 3.31.0.1: + Brown paper bag release, included several fixes to meson build. - Changes from version 3.31.0: + Add settings to inhibit microphone/camera. + Change tablets'/touchscreens' "display" setting to "output" one with different semantics. + Added meson build support. + Changed default clock settings. + Added XF86Keyboard keybinding to cycle the keyboard layout. - Disable gsettings-desktop-schemas-fate324570-Add-key-for-GDM-background-configuration.patch Needs rebase. - Add gnome-common BuildRequires and bootstrap tarball. - Replace glib2-devel with pkgconfig(gio-2.0) BuildRequires. ==== health-checker ==== Version update (1.2.2 -> 1.2.3) Subpackages: health-checker-plugins-MicroOS health-checker-plugins-kubic - Update to version 1.2.3 * Fix crio RPM name ==== hwdata ==== Version update (0.321 -> 0.323) - Update to version 0.323: * Updated pci, usb and vendor ids. - Update to version 0.322: * Updated pci, usb and vendor ids. ==== hwinfo ==== Version update (21.64 -> 21.66) - merge gh#openSUSE/hwinfo#80 - fix Makefile and allow building for old distros - 21.66 - merge gh#openSUSE/hwinfo#79 - return BIOS UUID in decoded (with '-'s) form (bsc#1135819) - 21.65 ==== installation-images-MicroOS ==== Version update (14.420 -> 14.427) - merge gh#openSUSE/installation-images#314 - set root password for rescue system explicitly (bsc#1134524) - 14.427 - merge gh#openSUSE/installation-images#313 - aarch64: ptp_qoriq.ko is now ptp-qoriq.ko - 14.426 - do not use openssl-1_1-hmac in openSUSE for now - merge gh#openSUSE/installation-images#312 - follow aaa_base package change - 14.425 - merge gh#openSUSE/installation-images#311 - prevent MD/RAID auto-assembly if linuxrc says so (bsc#1132688) - 14.424 - merge gh#openSUSE/installation-images#310 - Revert "add /dev/btrfs-control to initrd (bsc#1133368)" - autoload btrfs module to get /dev/btrfs-control (bsc#1133368) - 14.423 - merge gh#openSUSE/installation-images#308 - add /dev/btrfs-control to initrd (bsc#1133368) - 14.422 - merge gh#openSUSE/installation-images#307 - patch zypp config also for MicroOS (bsc#1132848) - adjust branding example - 14.421 ==== iproute2 ==== Version update (4.20 -> 5.1) - Revert-tc-ematch-fix-deprecated-yacc-warning.patch: fix build on SLE12 and openSUSE Leap 42.3 - Update to new upstream release 5.1 * bridge: fdb: add support for src_vni option * devlink: report cell size * devlink: add dev info and dev flash subcommands * devlink: add health subcommand * ip link: display netrom link type * ip link: bond_slave: add xstats support * ip link: bridge: support mcast to unicast flag * ip netns: add attach subcommand to attach existing netns * ip xfrm: add option to hide keys in state output * ip xfrm: support xfrm interfaces * rdma: add unbound workqueue to list of poll context types * rdma: provide parent context index for all objects except CM_ID * rdma: add prefix for driver attributes * ss: support AF_XDP * tc: add hit counter for matchall * tc: add kind property to csum action * tc: q_cake: support fwmark option * improve batch and dump performance by caching link lookups * more JSON support * many text/JSON output fixes - Update to new upstream release 5.0.0 * ip route: get print JSON output when -j is given * ip route: print route type in JSON output * tc: m_connmark: fix action error messages * ipaddress: print error messages on stderr * iprule: fix printing hint about unresolved iifname + oofname * man: Document COLORFGBG environment variable * tcpedit: Fix wrong pedit ipv6 structure id * ss: Render buffer to output every time a number of chunks alloc * ss: fix compilation under glibc < 2.18 - Add patches which enable support of BPF global data section, pulled from https://github.com/cilium/iproute2/tree/static-data * bpf-bss-section-poc.patch * bpf-data-section-support-poc.patch ==== iputils ==== Version update (s20180629 -> s20190515) - Update to version s20190515 (includes changes s20190324) * s20190324: 189 commits since s20180629 that include changing build system from autotools to meson, added rarpd and rdisc systemd service files, many fixes * s20190515 bugfix release (6 commits) - User visible change: arping and clockdiff are moved from /usr/sbin to /usr/bin (respect upstream path) - Backport patch 0001-build-sys-doc-Fix-the-dependency-on-xsltproc.patch (fixing build system) - Add workaround patch meson-remove-setcap-setuid.sh.patch - Remove 0001-tracepath-Fix-copying-input-IPv6-address.patch (included in s20190324 release) - Refresh old patches (iputils-ping-interrupt.diff, iputils-sec-ping-unblock.diff) - Changes caused by upstream switching to meson build system (drop sed build dependency) - Added locales - Fix typos ==== kdump ==== - kdump-kdumprd-Look-for-boot-image-and-boot-Image.patch: kdumprd: Look for /boot/image-* and /boot/Image-* (bsc#1132799). - kdump-Add-skip_balance-option-to-BTRFS-mounts.patch: Add skip_balance option to BTRFS mounts (bsc#1108255). ==== kernel-default-base ==== Version update (5.0.6 -> 5.1.4) - dw_mmc-bluefield is not needed in kernel-default-base (bsc#1131574). ==== kernel-firmware ==== Version update (20190312 -> 20190514) Subpackages: ucode-amd - Update to version 20190514: * linux-firmware: Update firmware file for Intel Bluetooth 8265 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 22161 * amlogic: add video decoder firmwares * iwlwifi: update -46 firmwares for 22260 and 9000 series * iwlwifi: add firmware for 22260 and update 9000 series -46 firmwares * iwlwifi: add -46.ucode firmwares for 9000 series - Update to version 20190502: * amdgpu: update vega20 to the latest 19.10 firmware * amdgpu: update vega12 to the latest 19.10 firmware * amdgpu: update vega10 to the latest 19.10 firmware * amdgpu: update polaris11 to the latest 19.10 firmware * amdgpu: update polaris10 to the latest 19.10 firmware * amdgpu: update raven2 to the latest 19.10 firmware * amdgpu: update raven to the latest 19.10 firmware * amdgpu: update picasso to the latest 19.10 firmware * linux-firmware: update fw for qat devices * Mellanox: Add new mlxsw_spectrum firmware 13.2000.1122 * drm/i915/firmware: Add ICL HuC v8.4.3238 * drm/i915/firmware: Add ICL GuC v32.0.3 * drm/i915/firmware: Add GLK HuC v03.01.2893 * drm/i915/firmware: Add GLK GuC v32.0.3 * drm/i915/firmware: Add KBL GuC v32.0.3 * drm/i915/firmware: Add SKL GuC v32.0.3 * drm/i915/firmware: Add BXT GuC v32.0.3 - Update to version 20190409: * linux-firmware: Add firmware file for Intel Bluetooth 22161 * cxgb4: update firmware to revision 1.23.4.0 * linux-firmware: Update NXP Management Complex firmware to version 10.14.3 * linux-firmware: add firmware for MT7615E * mediatek: update MT8173 VPU firmware to v1.1.2 [decoder] Enlarge struct vdec_pic_info to support more capture buffer plane and capture buffer format change. * linux-firmware: update Marvell 8797/8997 firmware images * nfp: update Agilio SmartNIC flower firmware to rev AOTC-2.10.A.23 * cxgb4: update firmware to revision 1.23.3.0 * linux-firmware: Update firmware file for Intel Bluetooth 8265 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * linux-firmware: Update firmware file for Intel Bluetooth 9560 ==== kernel-source ==== Version update (5.0.6 -> 5.1.7) Subpackages: kernel-debug kernel-default - Linux 5.1.7 (bnc#1012628). - tipc: fix modprobe tipc failed after switch order of device registration (bnc#1012628). - Revert "tipc: fix modprobe tipc failed after switch order of device registration" (bnc#1012628). - crypto: vmx - ghash: do nosimd fallback manually (bnc#1012628). - net: correct zerocopy refcnt with udp MSG_MORE (bnc#1012628). - cxgb4: Revert "cxgb4: Remove SGE_HOST_PAGE_SIZE dependency on page size" (bnc#1012628). - net/tls: don't ignore netdev notifications if no TLS features (bnc#1012628). - net/tls: fix state removal with feature flags off (bnc#1012628). - selftests/tls: add test for sleeping even though there is data (bnc#1012628). - net/tls: fix no wakeup on partial reads (bnc#1012628). - selftests/tls: test for lowat overshoot with multiple records (bnc#1012628). - net/tls: fix lowat calculation if some data came from previous record (bnc#1012628). - bnxt_en: Reduce memory usage when running in kdump kernel (bnc#1012628). - bnxt_en: Fix possible BUG() condition when calling pci_disable_msix() (bnc#1012628). - bnxt_en: Fix aggregation buffer leak under OOM condition (bnc#1012628). - net: stmmac: dma channel control register need to be init first (bnc#1012628). - net: stmmac: fix ethtool flow control not able to get/set (bnc#1012628). - net/mlx5e: Disable rxhash when CQE compress is enabled (bnc#1012628). - net/mlx5: Allocate root ns memory using kzalloc to match kfree (bnc#1012628). - tipc: Avoid copying bytes beyond the supplied data (bnc#1012628). - net/mlx5: Avoid double free in fs init error unwinding path (bnc#1012628). - usbnet: fix kernel crash after disconnect (bnc#1012628). - r8169: fix MAC address being lost in PCI D3 (bnc#1012628). - net: stmmac: fix reset gpio free missing (bnc#1012628). - net: sched: don't use tc_action->order during action dump (bnc#1012628). - net: phy: marvell10g: report if the PHY fails to boot firmware (bnc#1012628). - net: mvpp2: fix bad MVPP2_TXQ_SCHED_TOKEN_CNTR_REG queue value (bnc#1012628). - net: mvneta: Fix err code path of probe (bnc#1012628). - net-gro: fix use-after-free read in napi_gro_frags() (bnc#1012628). - net: fec: fix the clk mismatch in failed_reset path (bnc#1012628). - net: dsa: mv88e6xxx: fix handling of upper half of STATS_TYPE_PORT (bnc#1012628). - mlxsw: spectrum_acl: Avoid warning after identical rules insertion (bnc#1012628). - llc: fix skb leak in llc_build_and_send_ui_pkt() (bnc#1012628). - ipv6: Fix redirect with VRF (bnc#1012628). - ipv6: Consider sk_bound_dev_if when binding a raw socket to an address (bnc#1012628). - ipv4/igmp: fix build error if !CONFIG_IP_MULTICAST (bnc#1012628). - ipv4/igmp: fix another memory leak in igmpv3_del_delrec() (bnc#1012628). - inet: switch IP ID generator to siphash (bnc#1012628). - ethtool: Check for vlan etype or vlan tci when parsing flow_rule (bnc#1012628). - cxgb4: offload VLAN flows regardless of VLAN ethtype (bnc#1012628). - bonding/802.3ad: fix slave link initialization transition states (bnc#1012628). - commit 55f2451 - Refresh patches.suse/memcg-make-it-work-on-sparse-non-0-node-systems.patch. Update upstream status. - commit 2e484d7 - Linux 5.1.6 (bnc#1012628). - x86: Hide the int3_emulate_call/jmp functions from UML (bnc#1012628). - ext4: do not delete unlinked inode from orphan list on failed truncate (bnc#1012628). - ext4: wait for outstanding dio during truncate in nojournal mode (bnc#1012628). - KVM: x86: fix return value for reserved EFER (bnc#1012628). - bio: fix improper use of smp_mb__before_atomic() (bnc#1012628). - sbitmap: fix improper use of smp_mb__before_atomic() (bnc#1012628). - Revert "scsi: sd: Keep disk read-only when re-reading partition" (bnc#1012628). - crypto: hash - fix incorrect HASH_MAX_DESCSIZE (bnc#1012628). - crypto: vmx - CTR: always increment IV as quadword (bnc#1012628). - mmc: sdhci-iproc: cygnus: Set NO_HISPD bit to fix HS50 data hold time problem (bnc#1012628). - mmc: sdhci-iproc: Set NO_HISPD bit to fix HS50 data hold time problem (bnc#1012628). - tracing: Add a check_val() check before updating cond_snapshot() track_val (bnc#1012628). - dax: Arrange for dax_supported check to span multiple devices (bnc#1012628). - kvm: Check irqchip mode before assign irqfd (bnc#1012628). - kvm: svm/avic: fix off-by-one in checking host APIC ID (bnc#1012628). - KVM: nVMX: Fix using __this_cpu_read() in preemptible context (bnc#1012628). - libnvdimm/pmem: Bypass CONFIG_HARDENED_USERCOPY overhead (bnc#1012628). - arm64/kernel: kaslr: reduce module randomization range to 2 GB (bnc#1012628). - arm64: Kconfig: Make ARM64_PSEUDO_NMI depend on BROKEN for now (bnc#1012628). - arm64/iommu: handle non-remapped addresses in ->mmap and - >get_sgtable (bnc#1012628). - gfs2: Fix sign extension bug in gfs2_update_stats (bnc#1012628). - btrfs: don't double unlock on error in btrfs_punch_hole (bnc#1012628). - btrfs: Check the compression level before getting a workspace (bnc#1012628). - Btrfs: do not abort transaction at btrfs_update_root() after failure to COW path (bnc#1012628). - Btrfs: avoid fallback to transaction commit during fsync of files with holes (bnc#1012628). - Btrfs: fix race between ranged fsync and writeback of adjacent ranges (bnc#1012628). - btrfs: sysfs: Fix error path kobject memory leak (bnc#1012628). - btrfs: sysfs: don't leak memory when failing add fsid (bnc#1012628). - fbdev: fix divide error in fb_var_to_videomode (bnc#1012628). - arm64: errata: Add workaround for Cortex-A76 erratum #1463225 (bnc#1012628). - ovl: relax WARN_ON() for overlapping layers use case (bnc#1012628). - fbdev: fix WARNING in __alloc_pages_nodemask bug (bnc#1012628). - media: cpia2: Fix use-after-free in cpia2_exit (bnc#1012628). - media: serial_ir: Fix use-after-free in serial_ir_init_module (bnc#1012628). - media: vb2: add waiting_in_dqbuf flag (bnc#1012628). - media: vivid: use vfree() instead of kfree() for dev->bitmap_cap (bnc#1012628). - ssb: Fix possible NULL pointer dereference in ssb_host_pcmcia_exit (bnc#1012628). - bpf: devmap: fix use-after-free Read in __dev_map_entry_free (bnc#1012628). - batman-adv: mcast: fix multicast tt/tvlv worker locking (bnc#1012628). - at76c50x-usb: Don't register led_trigger if usb_register_driver failed (bnc#1012628). - acct_on(): don't mess with freeze protection (bnc#1012628). - netfilter: ctnetlink: Resolve conntrack L3-protocol flush regression (bnc#1012628). - Revert "btrfs: Honour FITRIM range constraints during free space trim" (bnc#1012628). - gfs2: Fix lru_count going negative (bnc#1012628). - cxgb4: Fix error path in cxgb4_init_module (bnc#1012628). - afs: Fix getting the afs.fid xattr (bnc#1012628). - NFS: make nfs_match_client killable (bnc#1012628). - gfs2: fix race between gfs2_freeze_func and unmount (bnc#1012628). - io_uring: use cpu_online() to check p->sq_thread_cpu instead of cpu_possible() (bnc#1012628). - IB/hfi1: Fix WQ_MEM_RECLAIM warning (bnc#1012628). - gfs2: Fix occasional glock use-after-free (bnc#1012628). - mmc: core: Verify SD bus width (bnc#1012628). - tools/bpf: fix perf build error with uClibc (seen on ARC) (bnc#1012628). - i40e: Fix of memory leak and integer truncation in i40e_virtchnl.c (bnc#1012628). - libbpf: fix invalid munmap call (bnc#1012628). - selftests/bpf: set RLIMIT_MEMLOCK properly for test_libbpf_open.c (bnc#1012628). - bpftool: exclude bash-completion/bpftool from .gitignore pattern (bnc#1012628). - ice: Separate if conditions for ice_set_features() (bnc#1012628). - ice: Preserve VLAN Rx stripping settings (bnc#1012628). - blk-mq: split blk_mq_alloc_and_init_hctx into two parts (bnc#1012628). - blk-mq: grab .q_usage_counter when queuing request from plug code path (bnc#1012628). - dmaengine: tegra210-dma: free dma controller in remove() (bnc#1012628). - net: ena: gcc 8: fix compilation warning (bnc#1012628). - net: ena: fix: set freed objects to NULL to avoid failing future allocations (bnc#1012628). - hv_netvsc: fix race that may miss tx queue wakeup (bnc#1012628). - Bluetooth: Ignore CC events not matching the last HCI command (bnc#1012628). - pinctrl: zte: fix leaked of_node references (bnc#1012628). - ASoC: Intel: kbl_da7219_max98357a: Map BTN_0 to KEY_PLAYPAUSE (bnc#1012628). - usb: dwc2: gadget: Increase descriptors count for ISOC's (bnc#1012628). - usb: dwc3: move synchronize_irq() out of the spinlock protected block (bnc#1012628). - usb: gadget: f_fs: don't free buffer prematurely (bnc#1012628). - ASoC: hdmi-codec: unlock the device on startup errors (bnc#1012628). - powerpc/perf: Return accordingly on invalid chip-id in (bnc#1012628). - powerpc/boot: Fix missing check of lseek() return value (bnc#1012628). - powerpc/perf: Fix loop exit condition in nest_imc_event_init (bnc#1012628). - spi: atmel-quadspi: fix crash while suspending (bnc#1012628). - ASoC: imx: fix fiq dependencies (bnc#1012628). - spi: pxa2xx: fix SCR (divisor) calculation (bnc#1012628). - net/mlx5: E-Switch, Use atomic rep state to serialize state change (bnc#1012628). - brcm80211: potential NULL dereference in brcmf_cfg80211_vndr_cmds_dcmd_handler() (bnc#1012628). - ACPI / property: fix handling of data_nodes in acpi_get_next_subnode() (bnc#1012628). - drm/nouveau/bar/nv50: ensure BAR is mapped (bnc#1012628). - media: stm32-dcmi: return appropriate error codes during probe (bnc#1012628). - ARM: vdso: Remove dependency with the arch_timer driver internals (bnc#1012628). - arm64: Fix compiler warning from pte_unmap() with - Wunused-but-set-variable (bnc#1012628). - mt76: remove mt76_queue dependency from tx_queue_skb function pointer (bnc#1012628). - x86/ftrace: Set trampoline pages as executable (bnc#1012628). - powerpc/watchdog: Use hrtimers for per-CPU heartbeat (bnc#1012628). - cpufreq: Fix kobject memleak (bnc#1012628). - scsi: qla2xxx: Fix a qla24xx_enable_msix() error path (bnc#1012628). - scsi: qla2xxx: Fix abort handling in tcm_qla2xxx_write_pending() (bnc#1012628). - scsi: qla2xxx: Avoid that lockdep complains about unsafe locking in tcm_qla2xxx_close_session() (bnc#1012628). - scsi: qla2xxx: Fix hardirq-unsafe locking (bnc#1012628). - x86/modules: Avoid breaking W^X while loading modules (bnc#1012628). - Btrfs: fix data bytes_may_use underflow with fallocate due to failed quota reserve (bnc#1012628). - btrfs: fix panic during relocation after ENOSPC before writeback happens (bnc#1012628). - btrfs: Don't panic when we can't find a root key (bnc#1012628). - iwlwifi: pcie: don't crash on invalid RX interrupt (bnc#1012628). - rtc: 88pm860x: prevent use-after-free on device remove (bnc#1012628). - rtc: stm32: manage the get_irq probe defer case (bnc#1012628). - scsi: qedi: Abort ep termination if offload not scheduled (bnc#1012628). - s390/kexec_file: Fix detection of text segment in ELF loader (bnc#1012628). - ALSA: hda: fix unregister device twice on ASoC driver (bnc#1012628). - sched/nohz: Run NOHZ idle load balancer on HK_FLAG_MISC CPUs (bnc#1012628). - net: ethernet: ti: cpsw: fix allmulti cfg in dual_mac mode (bnc#1012628). - w1: fix the resume command API (bnc#1012628). - net: hns3: fix pause configure fail problem (bnc#1012628). - net: hns3: fix for TX clean num when cleaning TX BD (bnc#1012628). - net: phy: improve genphy_soft_reset (bnc#1012628). - s390: qeth: address type mismatch warning (bnc#1012628). - arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (bnc#1012628). - net: hns3: use atomic_t replace u32 for arq's count (bnc#1012628). - dmaengine: pl330: _stop: clear interrupt status (bnc#1012628). - mac80211/cfg80211: update bss channel on channel switch (bnc#1012628). - drm: prefix header search paths with $(srctree)/ (bnc#1012628). - libbpf: fix samples/bpf build failure due to undefined UINT32_MAX (bnc#1012628). - slimbus: fix a potential NULL pointer dereference in of_qcom_slim_ngd_register (bnc#1012628). - regulator: core: Actually put the gpiod after use (bnc#1012628). - ASoC: fsl_sai: Update is_slave_mode with correct value (bnc#1012628). - Fix nfs4.2 return -EINVAL when do dedupe operation (bnc#1012628). - mwifiex: prevent an array overflow (bnc#1012628). - rsi: Fix NULL pointer dereference in kmalloc (bnc#1012628). - net: cw1200: fix a NULL pointer dereference (bnc#1012628). - nvme: set 0 capacity if namespace block size exceeds PAGE_SIZE (bnc#1012628). - nvme-rdma: fix a NULL deref when an admin connect times out (bnc#1012628). - nvme-tcp: fix a NULL deref when an admin connect times out (bnc#1012628). - crypto: sun4i-ss - Fix invalid calculation of hash end (bnc#1012628). - bcache: avoid potential memleak of list of journal_replay(s) in the CACHE_SYNC branch of run_cache_set (bnc#1012628). - bcache: return error immediately in bch_journal_replay() (bnc#1012628). - bcache: fix failure in journal relplay (bnc#1012628). - bcache: add failure check to run_cache_set() for journal replay (bnc#1012628). - bcache: avoid clang -Wunintialized warning (bnc#1012628). - RDMA/cma: Consider scope_id while binding to ipv6 ll address (bnc#1012628). - vfio-ccw: Do not call flush_workqueue while holding the spinlock (bnc#1012628). - vfio-ccw: Release any channel program when releasing/removing vfio-ccw mdev (bnc#1012628). - x86/build: Move _etext to actual end of .text (bnc#1012628). - smpboot: Place the __percpu annotation correctly (bnc#1012628). - x86/uaccess: Dont leak the AC flag into __put_user() argument evaluation (bnc#1012628). - x86/mm: Remove in_nmi() warning from 64-bit implementation of vmalloc_fault() (bnc#1012628). - mm/uaccess: Use 'unsigned long' to placate UBSAN warnings on older GCC versions (bnc#1012628). - Bluetooth: hci_qca: Fix crash with non-serdev devices (bnc#1012628). - Bluetooth: hci_qca: Give enough time to ROME controller to bootup (bnc#1012628). - Bluetooth: btbcm: Add default address for BCM43341B (bnc#1012628). - Bluetooth: mediatek: Fixed incorrect type in assignment (bnc#1012628). - HID: logitech-hidpp: use RAP instead of FAP to get the protocol version (bnc#1012628). - pinctrl: pistachio: fix leaked of_node references (bnc#1012628). - pinctrl: st: fix leaked of_node references (bnc#1012628). - pinctrl: samsung: fix leaked of_node references (bnc#1012628). - clk: rockchip: undo several noc and special clocks as critical on rk3288 (bnc#1012628). - perf/arm-cci: Remove broken race mitigation (bnc#1012628). - dmaengine: at_xdmac: remove BUG_ON macro in tasklet (bnc#1012628). - media: coda: clear error return value before picture run (bnc#1012628). - media: ov6650: Move v4l2_clk_get() to ov6650_video_probe() helper (bnc#1012628). - media: au0828: stop video streaming only when last user stops (bnc#1012628). - media: ov2659: make S_FMT succeed even if requested format doesn't match (bnc#1012628). - audit: fix a memory leak bug (bnc#1012628). - media: stm32-dcmi: fix crash when subdev do not expose any formats (bnc#1012628). - media: au0828: Fix NULL pointer dereference in au0828_analog_stream_enable() (bnc#1012628). - media: pvrusb2: Prevent a buffer overflow (bnc#1012628). - iio: adc: stm32-dfsdm: fix unmet direct dependencies detected (bnc#1012628). - block: fix use-after-free on gendisk (bnc#1012628). - powerpc/numa: improve control of topology updates (bnc#1012628). - powerpc/64: Fix booting large kernels with STRICT_KERNEL_RWX (bnc#1012628). - random: fix CRNG initialization when random.trust_cpu=1 (bnc#1012628). - random: add a spinlock_t to struct batched_entropy (bnc#1012628). - cgroup: protect cgroup->nr_(dying_)descendants by css_set_lock (bnc#1012628). - sched/core: Check quota and period overflow at usec to nsec conversion (bnc#1012628). - sched/rt: Check integer overflow at usec to nsec conversion (bnc#1012628). - sched/core: Handle overflow in cpu_shares_write_u64 (bnc#1012628). - staging: vc04_services: handle kzalloc failure (bnc#1012628). - drm/msm/dpu: release resources on modeset failure (bnc#1012628). - drm/msm: a5xx: fix possible object reference leak (bnc#1012628). - drm/msm: dpu: Don't set frame_busy_mask for async updates (bnc#1012628). - drm/msm: Fix NULL pointer dereference (bnc#1012628). - irq_work: Do not raise an IPI when queueing work on the local CPU (bnc#1012628). - thunderbolt: Take domain lock in switch sysfs attribute callbacks (bnc#1012628). - s390/qeth: handle error from qeth_update_from_chp_desc() (bnc#1012628). - USB: core: Don't unbind interfaces following device reset failure (bnc#1012628). - x86/irq/64: Limit IST stack overflow check to #DB stack (bnc#1012628). - drm: etnaviv: avoid DMA API warning when importing buffers (bnc#1012628). - dt-bindings: phy-qcom-qmp: Add UFS PHY reset (bnc#1012628). - phy: sun4i-usb: Make sure to disable PHY0 passby for peripheral mode (bnc#1012628). - phy: mapphone-mdm6600: add gpiolib dependency (bnc#1012628). - phy: ti: usb2: fix OMAP_CONTROL_PHY dependency (bnc#1012628). - dpaa2-eth: Fix Rx classification status (bnc#1012628). - i40e: Able to add up to 16 MAC filters on an untrusted VF (bnc#1012628). - i40e: don't allow changes to HW VLAN stripping on active port VLANs (bnc#1012628). - ACPI/IORT: Reject platform device creation on NUMA node mapping failure (bnc#1012628). - arm64: vdso: Fix clock_getres() for CLOCK_REALTIME (bnc#1012628). - RDMA/cxgb4: Fix null pointer dereference on alloc_skb failure (bnc#1012628). - fscrypt: use READ_ONCE() to access ->i_crypt_info (bnc#1012628). - perf/x86/msr: Add Icelake support (bnc#1012628). - perf/x86/intel/rapl: Add Icelake support (bnc#1012628). - perf/x86/intel/cstate: Add Icelake support (bnc#1012628). - PM / devfreq: Fix static checker warning in try_then_request_governor (bnc#1012628). - hwmon: (vt1211) Use request_muxed_region for Super-IO accesses (bnc#1012628). - hwmon: (smsc47m1) Use request_muxed_region for Super-IO accesses (bnc#1012628). - hwmon: (smsc47b397) Use request_muxed_region for Super-IO accesses (bnc#1012628). - hwmon: (pc87427) Use request_muxed_region for Super-IO accesses (bnc#1012628). - hwmon: (f71805f) Use request_muxed_region for Super-IO accesses (bnc#1012628). - scsi: libsas: Do discovery on empty PHY to update PHY info (bnc#1012628). - mmc: core: make pwrseq_emmc (partially) support sleepy GPIO controllers (bnc#1012628). - mmc_spi: add a status check for spi_sync_locked (bnc#1012628). - mmc: sdhci-of-esdhc: add erratum eSDHC5 support (bnc#1012628). - mmc: sdhci-of-esdhc: add erratum A-009204 support (bnc#1012628). - mmc: sdhci-of-esdhc: add erratum eSDHC-A001 and A-008358 support (bnc#1012628). - net: hns3: free the pending skb when clean RX ring (bnc#1012628). - drm/amdgpu: fix old fence check in amdgpu_fence_emit (bnc#1012628). - PM / core: Propagate dev->power.wakeup_path when no callbacks (bnc#1012628). - clk: rockchip: Fix video codec clocks on rk3288 (bnc#1012628). - extcon: arizona: Disable mic detect if running when driver is removed (bnc#1012628). - clk: rockchip: Make rkpwm a critical clock on rk3288 (bnc#1012628). - clk: zynqmp: fix check for fractional clock (bnc#1012628). - s390: zcrypt: initialize variables before_use (bnc#1012628). - x86/microcode: Fix the ancient deprecated microcode loading method (bnc#1012628). - drm/amd/display: Initialize stream_update with memset (bnc#1012628). - s390/mm: silence compiler warning when compiling without CONFIG_PGSTE (bnc#1012628). - s390: cio: fix cio_irb declaration (bnc#1012628). - drm/amd/display: use proper formula to calculate bandwidth from timing (bnc#1012628). - selftests: cgroup: fix cleanup path in test_memcg_subtree_control() (bnc#1012628). - net: hns3: fix keep_alive_timer not stop problem (bnc#1012628). - qmi_wwan: Add quirk for Quectel dynamic config (bnc#1012628). - net: hns3: add error handler for initializing command queue (bnc#1012628). - cpufreq: ppc_cbe: fix possible object reference leak (bnc#1012628). - cpufreq/pasemi: fix possible object reference leak (bnc#1012628). - cpufreq: pmac32: fix possible object reference leak (bnc#1012628). - cpufreq: kirkwood: fix possible object reference leak (bnc#1012628). - cpufreq: imx6q: fix possible object reference leak (bnc#1012628). - cpufreq: ap806: fix possible object reference leak (bnc#1012628). - block: sed-opal: fix IOC_OPAL_ENABLE_DISABLE_MBR (bnc#1012628). - habanalabs: prevent device PTE read/write during hard-reset (bnc#1012628). - habanalabs: all FD must be closed before removing device (bnc#1012628). - samples/bpf: fix build with new clang (bnc#1012628). - x86/build: Keep local relocations with ld.lld (bnc#1012628). - spi: Don't call spi_get_gpio_descs() before device name is set (bnc#1012628). - regulator: core: Avoid potential deadlock on regulator_unregister (bnc#1012628). - ASoC: core: remove link components before cleaning up card resources (bnc#1012628). - drm/pl111: fix possible object reference leak (bnc#1012628). - iio: ad_sigma_delta: Properly handle SPI bus locking vs CS assertion (bnc#1012628). - iio: hmc5843: fix potential NULL pointer dereferences (bnc#1012628). - iio: common: ssp_sensors: Initialize calculated_time in ssp_common_process_data (bnc#1012628). - iio: adc: ti-ads7950: Fix improper use of mlock (bnc#1012628). - net: hns3: check resetting status in hns3_get_stats() (bnc#1012628). - net: hns3: add protect when handling mac addr list (bnc#1012628). - selftests/bpf: ksym_search won't check symbols exists (bnc#1012628). - rtlwifi: fix a potential NULL pointer dereference (bnc#1012628). - mwifiex: Fix mem leak in mwifiex_tm_cmd (bnc#1012628). - brcmfmac: fix missing checks for kmemdup (bnc#1012628). - b43: shut up clang -Wuninitialized variable warning (bnc#1012628). - brcmfmac: convert dev_init_lock mutex to completion (bnc#1012628). - brcmfmac: fix WARNING during USB disconnect in case of unempty psq (bnc#1012628). - brcmfmac: fix race during disconnect when USB completion is in progress (bnc#1012628). - brcmfmac: fix Oops when bringing up interface during USB disconnect (bnc#1012628). - rtc: xgene: fix possible race condition (bnc#1012628). - spi: Add missing error handling for CS GPIOs (bnc#1012628). - rtlwifi: fix potential NULL pointer dereference (bnc#1012628). - scsi: ufs: Fix regulator load and icc-level configuration (bnc#1012628). - scsi: ufs: Avoid configuring regulator with undefined voltage range (bnc#1012628). - drm/panel: otm8009a: Add delay at the end of initialization (bnc#1012628). - drm/amd/display: Prevent cursor hotspot overflow for RV overlay planes (bnc#1012628). - arm64: cpu_ops: fix a leaked reference by adding missing of_node_put (bnc#1012628). - locking/static_key: Fix false positive warnings on concurrent dec/inc (bnc#1012628). - wil6210: fix return code of wmi_mgmt_tx and wmi_mgmt_tx_ext (bnc#1012628). - x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP (bnc#1012628). - iwlwifi: mvm: IBSS: use BE FIFO for multicast (bnc#1012628). - x86/uaccess, signal: Fix AC=1 bloat (bnc#1012628). - x86/ia32: Fix ia32_restore_sigcontext() AC leak (bnc#1012628). - x86/uaccess: Fix up the fixup (bnc#1012628). - chardev: add additional check for minor range overlap (bnc#1012628). - RDMA/hns: Fix bad endianess of port_pd variable (bnc#1012628). - sh: sh7786: Add explicit I/O cast to sh7786_mm_sel() (bnc#1012628). - HID: core: move Usage Page concatenation to Main item (bnc#1012628). - ASoC: eukrea-tlv320: fix a leaked reference by adding missing of_node_put (bnc#1012628). - ASoC: fsl_utils: fix a leaked reference by adding missing of_node_put (bnc#1012628). - ASoC: wcd9335: fix a leaked reference by adding missing of_node_put (bnc#1012628). - cxgb3/l2t: Fix undefined behaviour (bnc#1012628). - clk: renesas: rcar-gen3: Correct parent clock of SYS-DMAC (bnc#1012628). - block: avoid to break XEN by multi-page bvec (bnc#1012628). - block: pass page to xen_biovec_phys_mergeable (bnc#1012628). - clk: renesas: rcar-gen3: Correct parent clock of Audio-DMAC (bnc#1012628). - HID: logitech-hidpp: change low battery level threshold from 31 to 30 percent (bnc#1012628). - spi: tegra114: reset controller on probe (bnc#1012628). - habanalabs: prevent CPU soft lockup on Palladium (bnc#1012628). - kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice (bnc#1012628). - media: video-mux: fix null pointer dereferences (bnc#1012628). - media: wl128x: prevent two potential buffer overflows (bnc#1012628). - media: gspca: Kill URBs on USB device disconnect (bnc#1012628). - media: mtk-vcodec: fix access to incorrect planes member (bnc#1012628). - thunderbolt: property: Fix a missing check of kzalloc (bnc#1012628). - thunderbolt: Fix to check the return value of kmemdup (bnc#1012628). - drm: rcar-du: lvds: Set LVEN and LVRES bits together on D3 (bnc#1012628). - drm: rcar-du: lvds: Fix post-DLL divider calculation (bnc#1012628). - timekeeping: Force upper bound for setting CLOCK_REALTIME (bnc#1012628). - IB/mlx5: Compare only index part of a memory window rkey (bnc#1012628). - scsi: qedf: Add missing return in qedf_post_io_req() in the fcport offload check (bnc#1012628). - misc: fastrpc: consider address offset before sending to DSP (bnc#1012628). - misc: fastrpc: make sure memory read and writes are visible (bnc#1012628). - misc: fastrpc: Fix a possible double free (bnc#1012628). - virtio_console: initialize vtermno value for ports (bnc#1012628). - tty: ipwireless: fix missing checks for ioremap (bnc#1012628). - staging: mt7621-mmc: Initialize completions a single time during probe (bnc#1012628). - overflow: Fix -Wtype-limits compilation warnings (bnc#1012628). - x86/mce: Fix machine_check_poll() tests for error types (bnc#1012628). - rcutorture: Fix cleanup path for invalid torture_type strings (bnc#1012628). - x86/mce: Handle varying MCA bank counts (bnc#1012628). - rcuperf: Fix cleanup path for invalid perf_type strings (bnc#1012628). - rcu: Do a single rhp->func read in rcu_head_after_call_rcu() (bnc#1012628). - x86/platform/uv: Fix missing checks of kcalloc() return values (bnc#1012628). - RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later (bnc#1012628). - spi: stm32-qspi: add spi_master_put in release function (bnc#1012628). - usb: core: Add PM runtime calls to usb_hcd_platform_shutdown (bnc#1012628). - ice: Fix for adaptive interrupt moderation (bnc#1012628). - scsi: qla4xxx: avoid freeing unallocated dma memory (bnc#1012628). - scsi: lpfc: avoid uninitialized variable warning (bnc#1012628). - media: vicodec: bugfix - call v4l2_m2m_buf_copy_metadata also if decoding fails (bnc#1012628). - ice: Prevent unintended multiple chain resets (bnc#1012628). - selinux: avoid uninitialized variable warning (bnc#1012628). - batman-adv: allow updating DAT entry timeouts on incoming ARP Replies (bnc#1012628). - dmaengine: tegra210-adma: use devm_clk_*() helpers (bnc#1012628). - x86/CPU/hygon: Fix phys_proc_id calculation logic for multi-die processors (bnc#1012628). - net/mlx5e: Fix compilation warning in en_tc.c (bnc#1012628). - staging: mt7621-mmc: Check for nonzero number of scatterlist entries (bnc#1012628). - hwrng: omap - Set default quality (bnc#1012628). - thunderbolt: Fix to check return value of ida_simple_get (bnc#1012628). - thunderbolt: Fix to check for kmemdup failure (bnc#1012628). - spi: export tracepoint symbols to modules (bnc#1012628). - regulator: add regulator_get_linear_step() stub helper (bnc#1012628). - drm/amd/display: fix releasing planes when exiting odm (bnc#1012628). - drm/amd/display: Link train only when link is DP and backend is enabled (bnc#1012628). - drm/amd/display: Update ABM crtc state on non-modeset (bnc#1012628). - drm/amd/display: Reset alpha state for planes to the correct values (bnc#1012628). - thunderbolt: property: Fix a NULL pointer dereference (bnc#1012628). - media: v4l2-fwnode: The first default data lane is 0 on C-PHY (bnc#1012628). - media: ov7670: restore default settings after power-up (bnc#1012628). - media: staging/intel-ipu3: mark PM function as __maybe_unused (bnc#1012628). - media: vicodec: reset last_src/dst_buf based on the IS_OUTPUT (bnc#1012628). - ice: Fix issue with VF reset and multiple VFs support on PFs (bnc#1012628). - e1000e: Disable runtime PM on CNP+ (bnc#1012628). - tinydrm/mipi-dbi: Use dma-safe buffers for all SPI transfers (bnc#1012628). - igb: Exclude device from suspend direct complete optimization (bnc#1012628). - media: si2165: fix a missing check of return value (bnc#1012628). - media: dvbsky: Avoid leaking dvb frontend (bnc#1012628). - media: m88ds3103: serialize reset messages in m88ds3103_set_frontend (bnc#1012628). - drm/amd/display: add pipe lock during stream update (bnc#1012628). - media: staging: davinci_vpfe: disallow building with COMPILE_TEST (bnc#1012628). - drm/amd/display: Fix Divide by 0 in memory calculations (bnc#1012628). - drm/amd/display: Re-add custom degamma support (bnc#1012628). - drm/amd/display: half bandwidth for YCbCr420 during validation (bnc#1012628). - drm/amd/display: Set stream->mode_changed when connectors change (bnc#1012628). - scsi: ufs: fix a missing check of devm_reset_control_get (bnc#1012628). - media: vimc: stream: fix thread state before sleep (bnc#1012628). - media: gspca: do not resubmit URBs when streaming has stopped (bnc#1012628). - media: vicodec: avoid clang frame size warning (bnc#1012628). - media: go7007: avoid clang frame overflow warning with KASAN (bnc#1012628). - media: mtk-vcodec: fix access to vb2_v4l2_buffer struct (bnc#1012628). - media: imx: vdic: Restore default case to prepare_vdi_in_buffers() (bnc#1012628). - media: vimc: zero the media_device on probe (bnc#1012628). - media: vim2m: replace devm_kzalloc by kzalloc (bnc#1012628). - media: cedrus: Add a quirk for not setting DMA offset (bnc#1012628). - scsi: lpfc: Fix FDMI manufacturer attribute value (bnc#1012628). - scsi: lpfc: Fix fc4type information for FDMI (bnc#1012628). - scsi: lpfc: Fix io lost on host resets (bnc#1012628). - media: saa7146: avoid high stack usage with clang (bnc#1012628). - scsi: lpfc: Fix SLI3 commands being issued on SLI4 devices (bnc#1012628). - scsi: lpfc: Fix mailbox hang on adapter init (bnc#1012628). - scsi: lpfc: Resolve inconsistent check of hdwq in lpfc_scsi_cmd_iocb_cmpl (bnc#1012628). - scsi: lpfc: Resolve irq-unsafe lockdep heirarchy warning in lpfc_io_free (bnc#1012628). - scsi: lpfc: Fix use-after-free mailbox cmd completion (bnc#1012628). - audit: fix a memleak caused by auditing load module (bnc#1012628). - spi : spi-topcliff-pch: Fix to handle empty DMA buffers (bnc#1012628). - drm: writeback: Fix leak of writeback job (bnc#1012628). - drm/omap: dsi: Fix PM for display blank with paired dss_pll calls (bnc#1012628). - drm/omap: Notify all devices in the pipeline of output disconnection (bnc#1012628). - spi: rspi: Fix sequencer reset during initialization (bnc#1012628). - regulator: wm831x ldo: Fix notifier mutex lock warning (bnc#1012628). - regulator: wm831x isink: Fix notifier mutex lock warning (bnc#1012628). - regulator: ltc3676: Fix notifier mutex lock warning (bnc#1012628). - regulator: ltc3589: Fix notifier mutex lock warning (bnc#1012628). - regulator: pv88060: Fix notifier mutex lock warning (bnc#1012628). - spi: imx: stop buffer overflow in RX FIFO flush (bnc#1012628). - regulator: lp8755: Fix notifier mutex lock warning (bnc#1012628). - regulator: da9211: Fix notifier mutex lock warning (bnc#1012628). - regulator: da9063: Fix notifier mutex lock warning (bnc#1012628). - regulator: pv88080: Fix notifier mutex lock warning (bnc#1012628). - regulator: wm831x: Fix notifier mutex lock warning (bnc#1012628). - regulator: pv88090: Fix notifier mutex lock warning (bnc#1012628). - regulator: da9062: Fix notifier mutex lock warning (bnc#1012628). - regulator: da9055: Fix notifier mutex lock warning (bnc#1012628). - spi: Fix zero length xfer bug (bnc#1012628). - ASoC: davinci-mcasp: Fix clang warning without CONFIG_PM (bnc#1012628). - ASoC: ti: fix davinci_mcasp_probe dependencies (bnc#1012628). - drm/v3d: Handle errors from IRQ setup (bnc#1012628). - drm/amd/display: Fix exception from AUX acquire failure (bnc#1012628). - drm/amd/display: Reset planes that were disabled in init_pipes (bnc#1012628). - drm/drv: Hold ref on parent device during drm_device lifetime (bnc#1012628). - drm: Wake up next in drm_read() chain if we are forced to putback the event (bnc#1012628). - drm/sun4i: dsi: Change the start delay calculation (bnc#1012628). - drm/sun4i: dsi: Restrict DSI tcon clock divider (bnc#1012628). - vfio-ccw: Prevent quiesce function going into an infinite loop (bnc#1012628). - extcon: axp288: Add a depends on ACPI to the Kconfig entry (bnc#1012628). - ice: Put __ICE_PREPARED_FOR_RESET check in ice_prepare_for_reset (bnc#1012628). - drm/sun4i: dsi: Enforce boundaries on the start delay (bnc#1012628). - NFS: Fix a double unlock from nfs_match,get_client (bnc#1012628). - Update config files. - commit 7375706 - Update config files. - commit 6ad4f79 - Linux 5.1.5 (bnc#1012628). - ipv6: fix src addr routing with the exception table (bnc#1012628). - ipv6: prevent possible fib6 leaks (bnc#1012628). - net: Always descend into dsa/ (bnc#1012628). - net: avoid weird emergency message (bnc#1012628). - net/mlx4_core: Change the error print to info print (bnc#1012628). - net: test nouarg before dereferencing zerocopy pointers (bnc#1012628). - net: usb: qmi_wwan: add Telit 0x1260 and 0x1261 compositions (bnc#1012628). - nfp: flower: add rcu locks when accessing netdev for tunnels (bnc#1012628). - ppp: deflate: Fix possible crash in deflate_init (bnc#1012628). - rtnetlink: always put IFLA_LINK for links with a link-netnsid (bnc#1012628). - tipc: switch order of device registration to fix a crash (bnc#1012628). - vsock/virtio: free packets during the socket release (bnc#1012628). - tipc: fix modprobe tipc failed after switch order of device registration (bnc#1012628). - mlxsw: core: Prevent QSFP module initialization for old hardware (bnc#1012628). - mlxsw: core: Prevent reading unsupported slave address from SFP EEPROM (bnc#1012628). - flow_offload: support CVLAN match (bnc#1012628). - net/mlx5e: Fix calling wrong function to get inner vlan key and mask (bnc#1012628). - net/mlx5: Fix peer pf disable hca command (bnc#1012628). - vsock/virtio: Initialize core virtio vsock before registering the driver (bnc#1012628). - net/mlx5e: Add missing ethtool driver info for representors (bnc#1012628). - net/mlx5e: Additional check for flow destination comparison (bnc#1012628). - net/mlx5: Imply MLXFW in mlx5_core (bnc#1012628). - net/mlx5e: Fix ethtool rxfh commands when CONFIG_MLX5_EN_RXNFC is disabled (bnc#1012628). - blk-mq: free hw queue's resource in hctx's release handler (bnc#1012628). - regulator: core: fix error path for regulator_set_voltage_unlocked (bnc#1012628). - parisc: Export running_on_qemu symbol for modules (bnc#1012628). - parisc: Add memory clobber to TLB purges (bnc#1012628). - parisc: Skip registering LED when running in QEMU (bnc#1012628). - parisc: Add memory barrier to asm pdc and sync instructions (bnc#1012628). - parisc: Allow live-patching of __meminit functions (bnc#1012628). - parisc: Use PA_ASM_LEVEL in boot code (bnc#1012628). - parisc: Rename LEVEL to PA_ASM_LEVEL to avoid name clash with DRBD code (bnc#1012628). - stm class: Fix channel free in stm output free path (bnc#1012628). - stm class: Fix channel bitmap on 32-bit systems (bnc#1012628). - brd: re-enable __GFP_HIGHMEM in brd_insert_page() (bnc#1012628). - proc: prevent changes to overridden credentials (bnc#1012628). - Revert "MD: fix lock contention for flush bios" (bnc#1012628). - md: batch flush requests (bnc#1012628). - md: add mddev->pers to avoid potential NULL pointer dereference (bnc#1012628). - md: add a missing endianness conversion in check_sb_changes (bnc#1012628). - dcache: sort the freeing-without-RCU-delay mess for good (bnc#1012628). - intel_th: msu: Fix single mode with IOMMU (bnc#1012628). - p54: drop device reference count if fails to enable device (bnc#1012628). - of: fix clang -Wunsequenced for be32_to_cpu() (bnc#1012628). - brcmfmac: Add DMI nvram filename quirk for ACEPC T8 and T11 mini PCs (bnc#1012628). - cifs: fix credits leak for SMB1 oplock breaks (bnc#1012628). - cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() (bnc#1012628). - phy: ti-pipe3: fix missing bit-wise or operator when assigning val (bnc#1012628). - media: ov6650: Fix sensor possibly not detected on probe (bnc#1012628). - media: seco-cec: fix building with RC_CORE=m (bnc#1012628). - media: imx: csi: Allow unknown nearest upstream entities (bnc#1012628). - media: imx: Clear fwnode link struct for each endpoint iteration (bnc#1012628). - media: imx: Rename functions that add IPU-internal subdevs (bnc#1012628). - media: imx: Don't register IPU subdevs/links if CSI port missing (bnc#1012628). - RDMA/mlx5: Use get_zeroed_page() for clock_info (bnc#1012628). - RDMA/ipoib: Allow user space differentiate between valid dev_port (bnc#1012628). - NFS4: Fix v4.0 client state corruption when mount (bnc#1012628). - PNFS fallback to MDS if no deviceid found (bnc#1012628). - clk: hi3660: Mark clk_gate_ufs_subsys as critical (bnc#1012628). - clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider (bnc#1012628). - clk: mediatek: Disable tuner_en before change PLL rate (bnc#1012628). - clk: rockchip: fix wrong clock definitions for rk3328 (bnc#1012628). - udlfb: delete the unused parameter for dlfb_handle_damage (bnc#1012628). - udlfb: fix sleeping inside spinlock (bnc#1012628). - udlfb: introduce a rendering mutex (bnc#1012628). - fuse: fix writepages on 32bit (bnc#1012628). - fuse: honor RLIMIT_FSIZE in fuse_file_fallocate (bnc#1012628). - ovl: fix missing upper fs freeze protection on copy up for ioctl (bnc#1012628). - fsnotify: fix unlink performance regression (bnc#1012628). - gcc-plugins: arm_ssp_per_task_plugin: Fix for older GCC < 6 (bnc#1012628). - iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114 (bnc#1012628). - ceph: flush dirty inodes before proceeding with remount (bnc#1012628). - x86_64: Add gap to int3 to allow for call emulation (bnc#1012628). - x86_64: Allow breakpoints to emulate call instructions (bnc#1012628). - ftrace/x86_64: Emulate call function while updating in breakpoint handler (bnc#1012628). - tracing: Fix partial reading of trace event's id file (bnc#1012628). - tracing: probeevent: Fix to make the type of $comm string (bnc#1012628). - memory: tegra: Fix integer overflow on tick value calculation (bnc#1012628). - perf intel-pt: Fix instructions sampling rate (bnc#1012628). - perf intel-pt: Fix improved sample timestamp (bnc#1012628). - perf intel-pt: Fix sample timestamp wrt non-taken branches (bnc#1012628). - MIPS: perf: Fix build with CONFIG_CPU_BMIPS5000 enabled (bnc#1012628). - objtool: Allow AR to be overridden with HOSTAR (bnc#1012628). - x86/mpx, mm/core: Fix recursive munmap() corruption (bnc#1012628). - fbdev/efifb: Ignore framebuffer memmap entries that lack any memory types (bnc#1012628). - fbdev: sm712fb: fix brightness control on reboot, don't set SR30 (bnc#1012628). - fbdev: sm712fb: fix VRAM detection, don't set SR70/71/74/75 (bnc#1012628). - fbdev: sm712fb: fix white screen of death on reboot, don't set CR3B-CR3F (bnc#1012628). - fbdev: sm712fb: fix boot screen glitch when sm712fb replaces VGA (bnc#1012628). - fbdev: sm712fb: fix crashes during framebuffer writes by correctly mapping VRAM (bnc#1012628). - fbdev: sm712fb: fix support for 1024x768-16 mode (bnc#1012628). - fbdev: sm712fb: use 1024x768 by default on non-MIPS, fix garbled display (bnc#1012628). - fbdev: sm712fb: fix crashes and garbled display during DPMS modesetting (bnc#1012628). - PCI: Mark AMD Stoney Radeon R7 GPU ATS as broken (bnc#1012628). - PCI: Mark Atheros AR9462 to avoid bus reset (bnc#1012628). - PCI: Reset Lenovo ThinkPad P50 nvgpu at boot if necessary (bnc#1012628). - PCI: Init PCIe feature bits for managed host bridge alloc (bnc#1012628). - PCI/AER: Change pci_aer_init() stub to return void (bnc#1012628). - PCI: rcar: Add the initialization of PCIe link in resume_noirq() (bnc#1012628). - PCI: Factor out pcie_retrain_link() function (bnc#1012628). - PCI: Work around Pericom PCIe-to-PCI bridge Retrain Link erratum (bnc#1012628). - dm cache metadata: Fix loading discard bitset (bnc#1012628). - dm zoned: Fix zone report handling (bnc#1012628). - dm init: fix max devices/targets checks (bnc#1012628). - dm delay: fix a crash when invalid device is specified (bnc#1012628). - dm crypt: move detailed message into debug level (bnc#1012628). - dm integrity: correctly calculate the size of metadata area (bnc#1012628). - dm ioctl: fix hang in early create error condition (bnc#1012628). - dm mpath: always free attached_handler_name in parse_path() (bnc#1012628). - fuse: Add FOPEN_STREAM to use stream_open() (bnc#1012628). - md/raid: raid5 preserve the writeback action after the parity check (bnc#1012628). - dmaengine: imx-sdma: Only check ratio on parts that support 1:1 (bnc#1012628). - driver core: Postpone DMA tear-down until after devres release for probe failure (bnc#1012628). - bpf: relax inode permission check for retrieving bpf program (bnc#1012628). - bpf: add map_lookup_elem_sys_only for lookups from syscall side (bnc#1012628). - bpf, lru: avoid messing with eviction heuristics upon syscall lookup (bnc#1012628). - y2038: Make CONFIG_64BIT_TIME unconditional (bnc#1012628). - btrfs: reloc: Fix NULL pointer dereference due to expanded reloc_root lifespan (bnc#1012628). - ARM: dts: imx6q-logicpd: Reduce inrush current on USBH1 (bnc#1012628). - ARM: dts: imx6q-logicpd: Reduce inrush current on start (bnc#1012628). - fbdev: sm712fb: fix memory frequency by avoiding a switch/case fallthrough (bnc#1012628). - Update config files. - commit bde30e1 - Bluetooth: Check key sizes only when Secure Simple Pairing is enabled (bsc#1135556). - commit ed1f493 - Delete patches.suse/Revert-Bluetooth-btusb-driver-to-enable-the-usb-wake.patch (boo#1130448). Should be fixed in 5.1-rc5 commit 771acc7e4a6e5dba779cb1a7fd851a164bc81033 Author: Brian Norris Date: Tue Apr 9 11:49:17 2019 -0700 Bluetooth: btusb: request wake pin with NOAUTOEN - commit 817786b - Update config files. - commit 0739fa4 - dm: make sure to obey max_io_len_target_boundary (bnc#1135868). - commit 4be0add - Linux 5.1.4 (bnc#1012628). - s390/mm: convert to the generic get_user_pages_fast code (bnc#1012628). - s390/mm: make the pxd_offset functions more robust (bnc#1012628). - libnvdimm/namespace: Fix label tracking error (bnc#1012628). - powerpc/32s: fix flush_hash_pages() on SMP (bnc#1012628). - xen/pvh: correctly setup the PV EFI interface for dom0 (bnc#1012628). - xen/pvh: set xen_domain_type to HVM in xen_pvh_init (bnc#1012628). - kbuild: turn auto.conf.cmd into a mandatory include file (bnc#1012628). - smb3: display session id in debug data (bnc#1012628). - KVM: lapic: Busy wait for timer to expire when using hv_timer (bnc#1012628). - KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes (bnc#1012628). - KVM: Fix the bitmap range to copy during clear dirty (bnc#1012628). - Revert "KVM: nVMX: Expose RDPMC-exiting only when guest supports PMU" (bnc#1012628). - jbd2: fix potential double free (bnc#1012628). - ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug (bnc#1012628). - ALSA: hda/realtek - Fixup headphone noise via runtime suspend (bnc#1012628). - ALSA: hda/realtek - Corrected fixup for System76 Gazelle (gaze14) (bnc#1012628). - ext4: avoid panic during forced reboot due to aborted journal (bnc#1012628). - ext4: fix use-after-free in dx_release() (bnc#1012628). - ext4: fix data corruption caused by overlapping unaligned and aligned IO (bnc#1012628). - ext4: zero out the unused memory region in the extent tree block (bnc#1012628). - tty: Don't force RISCV SBI console as preferred console (bnc#1012628). - fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount (bnc#1012628). - mm/compaction.c: correct zone boundary handling when isolating pages from a pageblock (bnc#1012628). - ARM: dts: imx: Fix the AR803X phy-mode (bnc#1012628). - ipmi:ssif: compare block number correctly for multi-part return messages (bnc#1012628). - ipmi: Add the i2c-addr property for SSIF interfaces (bnc#1012628). - bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() (bnc#1012628). - bcache: fix a race between cache register and cacheset unregister (bnc#1012628). - Btrfs: fix race between send and deduplication that lead to failures and crashes (bnc#1012628). - Btrfs: do not start a transaction at iterate_extent_inodes() (bnc#1012628). - Btrfs: do not start a transaction during fiemap (bnc#1012628). - Btrfs: send, flush dellaloc in order to avoid data loss (bnc#1012628). - btrfs: Honour FITRIM range constraints during free space trim (bnc#1012628). - btrfs: Correctly free extent buffer in case btree_read_extent_buffer_pages fails (bnc#1012628). - btrfs: Check the first key and level for cached extent buffer (bnc#1012628). - ext4: fix ext4_show_options for file systems w/o journal (bnc#1012628). - ext4: actually request zeroing of inode table after grow (bnc#1012628). - ext4: fix use-after-free race with debug_want_extra_isize (bnc#1012628). - ext4: avoid drop reference to iloc.bh twice (bnc#1012628). - ext4: ignore e_value_offs for xattrs with value-in-ea-inode (bnc#1012628). - ext4: make sanity check in mballoc more strict (bnc#1012628). - jbd2: check superblock mapped prior to committing (bnc#1012628). - tty/vt: fix write/write race in ioctl(KDSKBSENT) handler (bnc#1012628). - tty: vt.c: Fix TIOCL_BLANKSCREEN console blanking if blankinterval == 0 (bnc#1012628). - mtd: maps: Allow MTD_PHYSMAP with MTD_RAM (bnc#1012628). - mtd: maps: physmap: Store gpio_values correctly (bnc#1012628). - mtd: spi-nor: intel-spi: Avoid crossing 4K address boundary on read/write (bnc#1012628). - mfd: max77620: Fix swapped FPS_PERIOD_MAX_US values (bnc#1012628). - mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L (bnc#1012628). - ACPICA: Linux: move ACPI_DEBUG_DEFAULT flag out of ifndef (bnc#1012628). - ACPI: PM: Set enable_for_wake for wakeup GPEs during suspend-to-idle (bnc#1012628). - userfaultfd: use RCU to free the task struct when fork fails (bnc#1012628). - ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (bnc#1012628). - hugetlb: use same fault hash key for shared and private mappings (bnc#1012628). - mm/hugetlb.c: don't put_page in lock of hugetlb_lock (bnc#1012628). - mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (bnc#1012628). - mm/mincore.c: make mincore() more conservative (bnc#1012628). - crypto: ccree - handle tee fips error during power management resume (bnc#1012628). - crypto: ccree - add function to handle cryptocell tee fips error (bnc#1012628). - crypto: ccree - HOST_POWER_DOWN_EN should be the last CC access during suspend (bnc#1012628). - crypto: ccree - pm resume first enable the source clk (bnc#1012628). - crypto: ccree - don't map AEAD key and IV on stack (bnc#1012628). - crypto: ccree - use correct internal state sizes for export (bnc#1012628). - crypto: ccree - don't map MAC key on stack (bnc#1012628). - crypto: ccree - fix mem leak on error path (bnc#1012628). - crypto: ccree - remove special handling of chained sg (bnc#1012628). - bpf: fix out of bounds backwards jmps due to dead code removal (bnc#1012628). - bpf, arm64: remove prefetch insn in xadd mapping (bnc#1012628). - ASoC: codec: hdac_hdmi add device_link to card device (bnc#1012628). - ASoC: fsl_esai: Fix missing break in switch statement (bnc#1012628). - ASoC: RT5677-SPI: Disable 16Bit SPI Transfers (bnc#1012628). - ASoC: max98090: Fix restore of DAPM Muxes (bnc#1012628). - ALSA: hdea/realtek - Headset fixup for System76 Gazelle (gaze14) (bnc#1012628). - ALSA: hda/realtek - EAPD turn on later (bnc#1012628). - ALSA: hda/hdmi - Consider eld_valid when reporting jack event (bnc#1012628). - ALSA: hda/hdmi - Read the pin sense from register when repolling (bnc#1012628). - ALSA: usb-audio: Fix a memory leak bug (bnc#1012628). - ALSA: line6: toneport: Fix broken usage of timer for delayed execution (bnc#1012628). - mmc: sdhci-pci: Fix BYT OCP setting (bnc#1012628). - mmc: core: Fix tag set memory leak (bnc#1012628). - mmc: tegra: fix ddr signaling for non-ddr modes (bnc#1012628). - dt-bindings: mmc: Add disable-cqe-dcmd property (bnc#1012628). - drivers/dax: Allow to include DEV_DAX_PMEM as builtin (bnc#1012628). - crypto: arm64/aes-neonbs - don't access already-freed walk.iv (bnc#1012628). - crypto: arm/aes-neonbs - don't access already-freed walk.iv (bnc#1012628). - crypto: caam/qi2 - generate hash keys in-place (bnc#1012628). - crypto: caam/qi2 - fix DMA mapping of stack memory (bnc#1012628). - crypto: caam/qi2 - fix zero-length buffer DMA mapping (bnc#1012628). - crypto: rockchip - update IV buffer to contain the next IV (bnc#1012628). - crypto: gcm - fix incompatibility between "gcm" and "gcm_base" (bnc#1012628). - crypto: arm64/gcm-aes-ce - fix no-NEON fallback code (bnc#1012628). - crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() (bnc#1012628). - crypto: crct10dif-generic - fix use via crypto_shash_digest() (bnc#1012628). - crypto: skcipher - don't WARN on unprocessed data after slow walk step (bnc#1012628). - crypto: vmx - fix copy-paste error in CTR mode (bnc#1012628). - crypto: ccp - Do not free psp_master when PLATFORM_INIT fails (bnc#1012628). - crypto: ccm - fix incompatibility between "ccm" and "ccm_base" (bnc#1012628). - crypto: chacha20poly1305 - set cra_name correctly (bnc#1012628). - crypto: chacha-generic - fix use as arm64 no-NEON fallback (bnc#1012628). - crypto: lrw - don't access already-freed walk.iv (bnc#1012628). - crypto: salsa20 - don't access already-freed walk.iv (bnc#1012628). - crypto: crypto4xx - fix cfb and ofb "overran dst buffer" issues (bnc#1012628). - crypto: crypto4xx - fix ctr-aes missing output IV (bnc#1012628). - x86/MCE/AMD: Don't report L1 BTB MCA errors on some family 17h models (bnc#1012628). - x86/MCE: Add an MCE-record filtering function (bnc#1012628). - sched/x86: Save [ER]FLAGS on context switch (bnc#1012628). - arm64: Save and restore OSDLR_EL1 across suspend/resume (bnc#1012628). - arm64: Clear OSDLR_EL1 on CPU boot (bnc#1012628). - arm64: compat: Reduce address limit (bnc#1012628). - arm64: arch_timer: Ensure counter register reads occur with seqlock held (bnc#1012628). - arm64: mmap: Ensure file offset is treated as unsigned (bnc#1012628). - power: supply: axp288_fuel_gauge: Add ACEPC T8 and T11 mini PCs to the blacklist (bnc#1012628). - power: supply: axp288_charger: Fix unchecked return value (bnc#1012628). - ARM: exynos: Fix a leaked reference by adding missing of_node_put (bnc#1012628). - mmc: sdhci-of-arasan: Add DTS property to disable DCMDs (bnc#1012628). - ARM: dts: exynos: Fix audio (microphone) routing on Odroid XU3 (bnc#1012628). - ARM: dts: exynos: Fix audio routing on Odroid XU3 (bnc#1012628). - ARM: dts: exynos: Fix interrupt for shared EINTs on Exynos5260 (bnc#1012628). - ARM: dts: qcom: ipq4019: enlarge PCIe BAR range (bnc#1012628). - arm64: dts: rockchip: Disable DCMDs on RK3399's eMMC controller (bnc#1012628). - arm64: dts: rockchip: fix IO domain voltage setting of APIO5 on rockpro64 (bnc#1012628). - objtool: Fix function fallthrough detection (bnc#1012628). - x86/speculation/mds: Improve CPU buffer clear documentation (bnc#1012628). - x86/speculation/mds: Revert CPU buffer clear on double fault exit (bnc#1012628). - locking/rwsem: Prevent decrement of reader count before increment (bnc#1012628). - commit 047096a - TTY: serial_core, add ->install (bnc#1129693). - commit da4e6dd - Refresh patches.suse/memcg-make-it-work-on-sparse-non-0-node-systems.patch. Update to a solution proposed by upstream. - commit 53906c9 - Revert "selinux: do not report error on connect(AF_UNSPEC)" (git-fixes). - Revert "Don't jump to compute_result state from check_result state" (git-fixes). - commit 3d34296 - Linux 5.1.3 (bnc#1012628). - f2fs: Fix use of number of devices (bnc#1012628). - PCI: hv: Add pci_destroy_slot() in pci_devices_present_work(), if necessary (bnc#1012628). - PCI: hv: Add hv_pci_remove_slots() when we unload the driver (bnc#1012628). - PCI: hv: Fix a memory leak in hv_eject_device_work() (bnc#1012628). - virtio_ring: Fix potential mem leak in virtqueue_add_indirect_packed (bnc#1012628). - powerpc/booke64: set RI in default MSR (bnc#1012628). - powerpc/powernv/idle: Restore IAMR after idle (bnc#1012628). - powerpc/book3s/64: check for NULL pointer in pgd_alloc() (bnc#1012628). - drivers/virt/fsl_hypervisor.c: prevent integer overflow in ioctl (bnc#1012628). - drivers/virt/fsl_hypervisor.c: dereferencing error pointers in ioctl (bnc#1012628). - isdn: bas_gigaset: use usb_fill_int_urb() properly (bnc#1012628). - flow_dissector: disable preemption around BPF calls (bnc#1012628). - net: phy: fix phy_validate_pause (bnc#1012628). - tuntap: synchronize through tfiles array instead of tun->numqueues (bnc#1012628). - tuntap: fix dividing by zero in ebpf queue selection (bnc#1012628). - vrf: sit mtu should not be updated when vrf netdev is the link (bnc#1012628). - vlan: disable SIOCSHWTSTAMP in container (bnc#1012628). - tipc: fix hanging clients using poll with EPOLLOUT flag (bnc#1012628). - selinux: do not report error on connect(AF_UNSPEC) (bnc#1012628). - packet: Fix error path in packet_init (bnc#1012628). - net: ucc_geth - fix Oops when changing number of buffers in the ring (bnc#1012628). - net: seeq: fix crash caused by not set dev.parent (bnc#1012628). - net: macb: Change interrupt and napi enable order in open (bnc#1012628). - net: ethernet: stmmac: dwmac-sun8i: enable support of unicast filtering (bnc#1012628). - net: dsa: Fix error cleanup path in dsa_init_module (bnc#1012628). - ipv4: Fix raw socket lookup for local traffic (bnc#1012628). - fib_rules: return 0 directly if an exactly same rule exists when NLM_F_EXCL not supplied (bnc#1012628). - dpaa_eth: fix SG frame cleanup (bnc#1012628). - bridge: Fix error path for kobject_init_and_add() (bnc#1012628). - bonding: fix arp_validate toggling in active-backup mode (bnc#1012628). - Don't jump to compute_result state from check_result state (bnc#1012628). - rtlwifi: rtl8723ae: Fix missing break in switch statement (bnc#1012628). - mwl8k: Fix rate_idx underflow (bnc#1012628). - USB: serial: fix unthrottle races (bnc#1012628). - virt: vbox: Sanity-check parameter types for hgcm-calls coming from userspace (bnc#1012628). - kernfs: fix barrier usage in __kernfs_new_node() (bnc#1012628). - i2c: core: ratelimit 'transfer when suspended' errors (bnc#1012628). - selftests/seccomp: Handle namespace failures gracefully (bnc#1012628). - hwmon: (occ) Fix extended status bits (bnc#1012628). - hwmon: (pwm-fan) Disable PWM if fetching cooling data fails (bnc#1012628). - platform/x86: dell-laptop: fix rfkill functionality (bnc#1012628). - platform/x86: thinkpad_acpi: Disable Bluetooth for some machines (bnc#1012628). - platform/x86: sony-laptop: Fix unintentional fall-through (bnc#1012628). - commit 073196d - Update config files: disable CONFIG_IDE for ppc64/ppc64le (bsc#1135333) - commit 012b7ed - x86/kvm/pmu: Set AMD's virt PMU version to 1 (https://patchwork.kernel.org/patch/10936271/). - commit d737fc7 - Linux 5.1.2 (bnc#1012628). - x86/speculation/mds: Fix documentation typo (bnc#1012628). - Documentation: Correct the possible MDS sysfs values (bnc#1012628). - x86/mds: Add MDSUM variant to the MDS documentation (bnc#1012628). - x86/speculation/mds: Add 'mitigations=' support for MDS (bnc#1012628). - s390/speculation: Support 'mitigations=' cmdline option (bnc#1012628). - powerpc/speculation: Support 'mitigations=' cmdline option (bnc#1012628). - x86/speculation: Support 'mitigations=' cmdline option (bnc#1012628). - cpu/speculation: Add 'mitigations=' cmdline option (bnc#1012628). - x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (bnc#1012628). - x86/speculation/mds: Fix comment (bnc#1012628). - x86/speculation/mds: Add SMT warning message (bnc#1012628). - x86/speculation: Move arch_smt_update() call to after mitigation decisions (bnc#1012628). - x86/speculation/mds: Add mds=full,nosmt cmdline option (bnc#1012628). - Documentation: Add MDS vulnerability documentation (bnc#1012628). - Documentation: Move L1TF to separate directory (bnc#1012628). - x86/speculation/mds: Add mitigation mode VMWERV (bnc#1012628). - x86/speculation/mds: Add sysfs reporting for MDS (bnc#1012628). - x86/speculation/mds: Add mitigation control for MDS (bnc#1012628). - x86/speculation/mds: Conditionally clear CPU buffers on idle entry (bnc#1012628). - x86/kvm/vmx: Add MDS protection when L1D Flush is not active (bnc#1012628). - x86/speculation/mds: Clear CPU buffers on exit to user (bnc#1012628). - x86/speculation/mds: Add mds_clear_cpu_buffers() (bnc#1012628). - x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (bnc#1012628). - x86/speculation/mds: Add BUG_MSBDS_ONLY (bnc#1012628). - x86/speculation/mds: Add basic bug infrastructure for MDS (bnc#1012628). - x86/speculation: Consolidate CPU whitelists (bnc#1012628). - x86/msr-index: Cleanup bit defines (bnc#1012628). - commit 5a8c05f - config: keep LSM empty in s390x/zfcpdump This config doesn't really build AppArmor and always had DEFAULT_SECURITY_DAC so it seems more consistent to keep LSM list empty. - commit 3073856 - config: enable AppArmor by default again (bsc#1134906) AppArmor used to be enabled in kernel by default by after the recent introduction of CONFIG_LSM, we disabled all LSM modules. Enable AppArmor again. - commit 953db35 - Update upstream reference: patches.suse/efifb-Omit-memory-map-check-on-legacy-boot.patch - commit 133a780 - Linux 5.1.1 (bnc#1012628). - arm64: futex: Bound number of LDXR/STXR loops in FUTEX_WAKE_OP (bnc#1012628). - locking/futex: Allow low-level atomic operations to return - EAGAIN (bnc#1012628). - i3c: Fix a shift wrap bug in i3c_bus_set_addr_slot_status() (bnc#1012628). - ASoC: Intel: avoid Oops if DMA setup fails (bnc#1012628). - UAS: fix alignment of scatter/gather segments (bnc#1012628). - Bluetooth: hci_bcm: Fix empty regulator supplies for Intel Macs (bnc#1012628). - Bluetooth: Fix not initializing L2CAP tx_credits (bnc#1012628). - Bluetooth: Align minimum encryption key size for LE and BR/EDR connections (bnc#1012628). - Bluetooth: hidp: fix buffer overflow (bnc#1012628). - scsi: qla2xxx: Fix device staying in blocked state (bnc#1012628). - scsi: qla2xxx: Set remote port devloss timeout to 0 (bnc#1012628). - scsi: qla2xxx: Fix incorrect region-size setting in optrom SYSFS routines (bnc#1012628). - scsi: lpfc: change snprintf to scnprintf for possible overflow (bnc#1012628). - soc: sunxi: Fix missing dependency on REGMAP_MMIO (bnc#1012628). - ACPI / LPSS: Use acpi_lpss_* instead of acpi_subsys_* functions for hibernate (bnc#1012628). - cpufreq: armada-37xx: fix frequency calculation for opp (bnc#1012628). - iio: adc: qcom-spmi-adc5: Fix of-based module autoloading (bnc#1012628). - intel_th: pci: Add Comet Lake support (bnc#1012628). - genirq: Prevent use-after-free and work list corruption (bnc#1012628). - usb-storage: Set virt_boundary_mask to avoid SG overflows (bnc#1012628). - USB: cdc-acm: fix unthrottle races (bnc#1012628). - USB: serial: f81232: fix interrupt worker not stop (bnc#1012628). - usb: dwc3: Fix default lpm_nyet_threshold value (bnc#1012628). - usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON (bnc#1012628). - staging: most: sound: pass correct device when creating a sound card (bnc#1012628). - staging: most: cdev: fix chrdev_region leak in mod_exit (bnc#1012628). - staging: wilc1000: Avoid GFP_KERNEL allocation from atomic context (bnc#1012628). - staging: greybus: power_supply: fix prop-descriptor request size (bnc#1012628). - ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings (bnc#1012628). - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() (bnc#1012628). - commit 8e0a089 - Sign non-x86 kernels when possible (boo#1134303) - commit bac621c - Update to 5.1 final - Eliminated 1 patch - New config options: - PCI: - PCIE_BW=n (recommended default) - commit a974d8b - Linux 5.0.13 (bnc#1012628). - ipv4: ip_do_fragment: Preserve skb_iif during fragmentation (bnc#1012628). - ipv6: A few fixes on dereferencing rt->from (bnc#1012628). - ipv6: fix races in ip6_dst_destroy() (bnc#1012628). - ipv6/flowlabel: wait rcu grace period before put_pid() (bnc#1012628). - ipv6: invert flowlabel sharing check in process and user mode (bnc#1012628). - l2ip: fix possible use-after-free (bnc#1012628). - l2tp: use rcu_dereference_sk_user_data() in l2tp_udp_encap_recv() (bnc#1012628). - net: dsa: bcm_sf2: fix buffer overflow doing set_rxnfc (bnc#1012628). - net: phy: marvell: Fix buffer overrun with stats counters (bnc#1012628). - net/tls: avoid NULL pointer deref on nskb->sk in fallback (bnc#1012628). - rxrpc: Fix net namespace cleanup (bnc#1012628). - sctp: avoid running the sctp state machine recursively (bnc#1012628). - selftests: fib_rule_tests: print the result and return 1 if any tests failed (bnc#1012628). - packet: validate msg_namelen in send directly (bnc#1012628). - packet: in recvmsg msg_name return at least sizeof sockaddr_ll (bnc#1012628). - selftests: fib_rule_tests: Fix icmp proto with ipv6 (bnc#1012628). - tcp: add sanity tests in tcp_add_backlog() (bnc#1012628). - udp: fix GRO reception in case of length mismatch (bnc#1012628). - udp: fix GRO packet of death (bnc#1012628). - bnxt_en: Improve multicast address setup logic (bnc#1012628). - bnxt_en: Free short FW command HWRM memory in error path in bnxt_init_one() (bnc#1012628). - bnxt_en: Fix possible crash in bnxt_hwrm_ring_free() under error conditions (bnc#1012628). - bnxt_en: Pass correct extended TX port statistics size to firmware (bnc#1012628). - bnxt_en: Fix statistics context reservation logic (bnc#1012628). - bnxt_en: Fix uninitialized variable usage in bnxt_rx_pkt() (bnc#1012628). - net/tls: don't copy negative amounts of data in reencrypt (bnc#1012628). - net/tls: fix copy to fragments in reencrypt (bnc#1012628). - KVM: nVMX: Fix size checks in vmx_set_nested_state (bnc#1012628). - ALSA: line6: use dynamic buffers (bnc#1012628). - iwlwifi: mvm: properly check debugfs dentry before using it (bnc#1012628). - ath10k: Drop WARN_ON()s that always trigger during system resume (bnc#1012628). - commit b11e2d7 - Linux 5.0.12 (bnc#1012628). - selinux: use kernel linux/socket.h for genheaders and mdp (bnc#1012628). - drm/i915: Do not enable FEC without DSC (bnc#1012628). - mm: make page ref count overflow check tighter and more explicit (bnc#1012628). - mm: add 'try_get_page()' helper function (bnc#1012628). - mm: prevent get_user_pages() from overflowing page refcount (bnc#1012628). - fs: prevent page refcount overflow in pipe_buf_get (bnc#1012628). - arm64: dts: renesas: r8a77990: Fix SCIF5 DMA channels (bnc#1012628). - ARM: dts: bcm283x: Fix hdmi hpd gpio pull (bnc#1012628). - s390: limit brk randomization to 32MB (bnc#1012628). - mt76x02: fix hdr pointer in write txwi for USB (bnc#1012628). - mt76: mt76x2: fix external LNA gain settings (bnc#1012628). - mt76: mt76x2: fix 2.4 GHz channel gain settings (bnc#1012628). - net: ieee802154: fix a potential NULL pointer dereference (bnc#1012628). - ieee802154: hwsim: propagate genlmsg_reply return code (bnc#1012628). - Btrfs: fix file corruption after snapshotting due to mix of buffered/DIO writes (bnc#1012628). - net: stmmac: don't set own bit too early for jumbo frames (bnc#1012628). - net: stmmac: fix jumbo frame sending with non-linear skbs (bnc#1012628). - qlcnic: Avoid potential NULL pointer dereference (bnc#1012628). - xsk: fix umem memory leak on cleanup (bnc#1012628). - staging: axis-fifo: add CONFIG_OF dependency (bnc#1012628). - staging, mt7621-pci: fix build without pci support (bnc#1012628). - netfilter: nft_set_rbtree: check for inactive element after flag mismatch (bnc#1012628). - netfilter: bridge: set skb transport_header before entering NF_INET_PRE_ROUTING (bnc#1012628). - netfilter: fix NETFILTER_XT_TARGET_TEE dependencies (bnc#1012628). - netfilter: ip6t_srh: fix NULL pointer dereferences (bnc#1012628). - s390/qeth: fix race when initializing the IP address table (bnc#1012628). - ARM: imx51: fix a leaked reference by adding missing of_node_put (bnc#1012628). - sc16is7xx: missing unregister/delete driver on error in sc16is7xx_init() (bnc#1012628). - serial: ar933x_uart: Fix build failure with disabled console (bnc#1012628). - KVM: arm64: Reset the PMU in preemptible context (bnc#1012628). - arm64: KVM: Always set ICH_HCR_EL2.EN if GICv4 is enabled (bnc#1012628). - KVM: arm/arm64: vgic-its: Take the srcu lock when writing to guest memory (bnc#1012628). - KVM: arm/arm64: vgic-its: Take the srcu lock when parsing the memslots (bnc#1012628). - usb: dwc3: pci: add support for Comet Lake PCH ID (bnc#1012628). - usb: gadget: net2280: Fix overrun of OUT messages (bnc#1012628). - usb: gadget: net2280: Fix net2280_dequeue() (bnc#1012628). - usb: gadget: net2272: Fix net2272_dequeue() (bnc#1012628). - ARM: dts: pfla02: increase phy reset duration (bnc#1012628). - i2c: i801: Add support for Intel Comet Lake (bnc#1012628). - KVM: arm/arm64: Fix handling of stage2 huge mappings (bnc#1012628). - net: ks8851: Dequeue RX packets explicitly (bnc#1012628). - net: ks8851: Reassert reset pin if chip ID check fails (bnc#1012628). - net: ks8851: Delay requesting IRQ until opened (bnc#1012628). - net: ks8851: Set initial carrier state to down (bnc#1012628). - staging: rtl8188eu: Fix potential NULL pointer dereference of kcalloc (bnc#1012628). - staging: rtlwifi: rtl8822b: fix to avoid potential NULL pointer dereference (bnc#1012628). - staging: rtl8712: uninitialized memory in read_bbreg_hdl() (bnc#1012628). - staging: rtlwifi: Fix potential NULL pointer dereference of kzalloc (bnc#1012628). - net: phy: Add DP83825I to the DP83822 driver (bnc#1012628). - net: macb: Add null check for PCLK and HCLK (bnc#1012628). - net/sched: don't dereference a->goto_chain to read the chain index (bnc#1012628). - ARM: dts: imx6qdl: Fix typo in imx6qdl-icore-rqs.dtsi (bnc#1012628). - drm/tegra: hub: Fix dereference before check (bnc#1012628). - NFS: Fix a typo in nfs_init_timeout_values() (bnc#1012628). - net: xilinx: fix possible object reference leak (bnc#1012628). - net: ibm: fix possible object reference leak (bnc#1012628). - net: ethernet: ti: fix possible object reference leak (bnc#1012628). - drm: Fix drm_release() and device unplug (bnc#1012628). - gpio: aspeed: fix a potential NULL pointer dereference (bnc#1012628). - drm/meson: Fix invalid pointer in meson_drv_unbind() (bnc#1012628). - drm/meson: Uninstall IRQ handler (bnc#1012628). - ARM: davinci: fix build failure with allnoconfig (bnc#1012628). - sbitmap: order READ/WRITE freed instance and setting clear bit (bnc#1012628). - staging: vc04_services: Fix an error code in vchiq_probe() (bnc#1012628). - scsi: mpt3sas: Fix kernel panic during expander reset (bnc#1012628). - scsi: aacraid: Insure we don't access PCIe space during AER/EEH (bnc#1012628). - scsi: qla4xxx: fix a potential NULL pointer dereference (bnc#1012628). - usb: usb251xb: fix to avoid potential NULL pointer dereference (bnc#1012628). - leds: trigger: netdev: fix refcnt leak on interface rename (bnc#1012628). - SUNRPC: fix uninitialized variable warning (bnc#1012628). - x86/realmode: Don't leak the trampoline kernel address (bnc#1012628). - usb: u132-hcd: fix resource leak (bnc#1012628). - ceph: fix use-after-free on symlink traversal (bnc#1012628). - scsi: zfcp: reduce flood of fcrscn1 trace records on multi-element RSCN (bnc#1012628). - x86/mm: Don't exceed the valid physical address space (bnc#1012628). - libata: fix using DMA buffers on stack (bnc#1012628). - kbuild: skip parsing pre sub-make code for recursion (bnc#1012628). - afs: Fix StoreData op marshalling (bnc#1012628). - gpio: of: Check propname before applying "cs-gpios" quirks (bnc#1012628). - gpio: of: Check for "spi-cs-high" in child instead of parent node (bnc#1012628). - KVM: nVMX: Do not inherit quadrant and invalid for the root shadow EPT (bnc#1012628). - KVM: SVM: Workaround errata#1096 (insn_len maybe zero on SMAP violation) (bnc#1012628). - kvm/x86: Move MSR_IA32_ARCH_CAPABILITIES to array emulated_msrs (bnc#1012628). - x86/kvm/hyper-v: avoid spurious pending stimer on vCPU init (bnc#1012628). - KVM: selftests: assert on exit reason in CR4/cpuid sync test (bnc#1012628). - KVM: selftests: explicitly disable PIE for tests (bnc#1012628). - KVM: selftests: disable stack protector for all KVM tests (bnc#1012628). - KVM: selftests: complete IO before migrating guest state (bnc#1012628). - gpio: of: Fix of_gpiochip_add() error path (bnc#1012628). - nvme-multipath: relax ANA state check (bnc#1012628). - nvmet: fix building bvec from sg list (bnc#1012628). - nvmet: fix error flow during ns enable (bnc#1012628). - perf cs-etm: Add missing case value (bnc#1012628). - perf machine: Update kernel map address and re-order properly (bnc#1012628). - kconfig/[mn]conf: handle backspace (^H) key (bnc#1012628). - iommu/amd: Reserve exclusion range in iova-domain (bnc#1012628). - kasan: fix variable 'tag' set but not used warning (bnc#1012628). - ptrace: take into account saved_sigmask in PTRACE{GET,SET}SIGMASK (bnc#1012628). - leds: pca9532: fix a potential NULL pointer dereference (bnc#1012628). - leds: trigger: netdev: use memcpy in device_name_store (bnc#1012628). - commit 0b5ff0f - Refresh patches.suse/KVM-x86-Whitelist-port-0x7e-for-pre-incrementing-rip.patch. Update upstream status. - commit 410b1c0 - Linux 5.0.11 (bnc#1012628). - netfilter: nf_tables: bogus EBUSY when deleting set after flush (bnc#1012628). - netfilter: nf_tables: bogus EBUSY in helper removal from transaction (bnc#1012628). - intel_th: gth: Fix an off-by-one in output unassigning (bnc#1012628). - powerpc/vdso32: fix CLOCK_MONOTONIC on PPC64 (bnc#1012628). - ALSA: hda/realtek - Move to ACT_INIT state (bnc#1012628). - fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (bnc#1012628). - block, bfq: fix use after free in bfq_bfqq_expire (bnc#1012628). - cifs: fix memory leak in SMB2_read (bnc#1012628). - cifs: fix page reference leak with readv/writev (bnc#1012628). - cifs: do not attempt cifs operation on smb2+ rename error (bnc#1012628). - tracing: Fix a memory leak by early error exit in trace_pid_write() (bnc#1012628). - tracing: Fix buffer_ref pipe ops (bnc#1012628). - crypto: xts - Fix atomic sleep when walking skcipher (bnc#1012628). - crypto: lrw - Fix atomic sleep when walking skcipher (bnc#1012628). - gpio: eic: sprd: Fix incorrect irq type setting for the sync EIC (bnc#1012628). - zram: pass down the bvec we need to read into in the work struct (bnc#1012628). - lib/Kconfig.debug: fix build error without CONFIG_BLOCK (bnc#1012628). - MIPS: scall64-o32: Fix indirect syscall number load (bnc#1012628). - trace: Fix preempt_enable_no_resched() abuse (bnc#1012628). - mm: do not boost watermarks to avoid fragmentation for the DISCONTIG memory model (bnc#1012628). - arm64: mm: Ensure tail of unaligned initrd is reserved (bnc#1012628). - IB/rdmavt: Fix frwr memory registration (bnc#1012628). - RDMA/mlx5: Do not allow the user to write to the clock page (bnc#1012628). - RDMA/mlx5: Use rdma_user_map_io for mapping BAR pages (bnc#1012628). - RDMA/ucontext: Fix regression with disassociate (bnc#1012628). - sched/numa: Fix a possible divide-by-zero (bnc#1012628). - ceph: only use d_name directly when parent is locked (bnc#1012628). - ceph: ensure d_name stability in ceph_dentry_hash() (bnc#1012628). - ceph: fix ci->i_head_snapc leak (bnc#1012628). - nfsd: Don't release the callback slot unless it was actually held (bnc#1012628). - nfsd: wake waiters blocked on file_lock before deleting it (bnc#1012628). - nfsd: wake blocked file lock waiters before sending callback (bnc#1012628). - sunrpc: don't mark uninitialised items as VALID (bnc#1012628). - perf/x86/intel: Update KBL Package C-state events to also include PC8/PC9/PC10 counters (bnc#1012628). - Input: synaptics-rmi4 - write config register values to the right offset (bnc#1012628). - dmaengine: sh: rcar-dmac: With cyclic DMA residue 0 is valid (bnc#1012628). - dmaengine: sh: rcar-dmac: Fix glitch in dmaengine_tx_status (bnc#1012628). - dmaengine: mediatek-cqdma: fix wrong register usage in mtk_cqdma_start (bnc#1012628). - ARM: 8857/1: efi: enable CP15 DMB instructions before cleaning the cache (bnc#1012628). - powerpc/mm/radix: Make Radix require HUGETLB_PAGE (bnc#1012628). - drm/vc4: Fix memory leak during gpu reset (bnc#1012628). - drm/ttm: fix re-init of global structures (bnc#1012628). - drm/vc4: Fix compilation error reported by kbuild test bot (bnc#1012628). - USB: Add new USB LPM helpers (bnc#1012628). - USB: Consolidate LPM checks to avoid enabling LPM twice (bnc#1012628). - ext4: fix some error pointer dereferences (bnc#1012628). - loop: do not print warn message if partition scan is successful (bnc#1012628). - tipc: handle the err returned from cmd header function (bnc#1012628). - slip: make slhc_free() silently accept an error pointer (bnc#1012628). - workqueue: Try to catch flush_work() without INIT_WORK() (bnc#1012628). - binder: fix handling of misaligned binder object (bnc#1012628). - sched/deadline: Correctly handle active 0-lag timers (bnc#1012628). - mac80211_hwsim: calculate if_combination.max_interfaces (bnc#1012628). - NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family (bnc#1012628). - netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON (bnc#1012628). - fm10k: Fix a potential NULL pointer dereference (bnc#1012628). - tipc: check bearer name with right length in tipc_nl_compat_bearer_enable (bnc#1012628). - tipc: check link name with right length in tipc_nl_compat_link_set (bnc#1012628). - net: netrom: Fix error cleanup path of nr_proto_init (bnc#1012628). - net/rds: Check address length before reading address family (bnc#1012628). - rxrpc: fix race condition in rxrpc_input_packet() (bnc#1012628). - pin iocb through aio (bnc#1012628). - aio: fold lookup_kiocb() into its sole caller (bnc#1012628). - aio: keep io_event in aio_kiocb (bnc#1012628). - aio: store event at final iocb_put() (bnc#1012628). - Fix aio_poll() races (bnc#1012628). - x86, retpolines: Raise limit for generating indirect calls from switch-case (bnc#1012628). - x86/retpolines: Disable switch jump tables when retpolines are enabled (bnc#1012628). - rdma: fix build errors on s390 and MIPS due to bad ZERO_PAGE use (bnc#1012628). - ipv4: add sanity checks in ipv4_link_failure() (bnc#1012628). - ipv4: set the tcp_min_rtt_wlen range from 0 to one day (bnc#1012628). - mlxsw: spectrum: Fix autoneg status in ethtool (bnc#1012628). - net/mlx5e: ethtool, Remove unsupported SFP EEPROM high pages query (bnc#1012628). - net: rds: exchange of 8K and 1M pool (bnc#1012628). - net/rose: fix unbound loop in rose_loopback_timer() (bnc#1012628). - net: stmmac: move stmmac_check_ether_addr() to driver probe (bnc#1012628). - net/tls: fix refcount adjustment in fallback (bnc#1012628). - stmmac: pci: Adjust IOT2000 matching (bnc#1012628). - team: fix possible recursive locking when add slaves (bnc#1012628). - net: socionext: replace napi_alloc_frag with the netdev variant on init (bnc#1012628). - net/ncsi: handle overflow when incrementing mac address (bnc#1012628). - mlxsw: pci: Reincrease PCI reset timeout (bnc#1012628). - mlxsw: spectrum: Put MC TCs into DWRR mode (bnc#1012628). - net/mlx5e: Fix the max MTU check in case of XDP (bnc#1012628). - net/mlx5e: Fix use-after-free after xdp_return_frame (bnc#1012628). - net/tls: avoid potential deadlock in tls_set_device_offload_rx() (bnc#1012628). - net/tls: don't leak IV and record seq when offload fails (bnc#1012628). - commit 07c5318 - Revert "ACPICA: Clear status of GPEs before enabling them" (bsc#1132943). - commit 13cf3aa - HID: i2c-hid: Ignore input report if there's no data present on Elan touchpanels (bsc#1133486). - commit 5a94296 - rdma: fix build errors on s390 and MIPS due to bad ZERO_PAGE use (http://lkml.kernel.org/r/20190429052136.GA21672@unicorn.suse.cz). - Delete patches.suse/rdma-fix-argument-of-ZERO_PAGE-in-rdma_umap_fault.patch. - commit a764394 - KVM: x86: Whitelist port 0x7e for pre-incrementing %rip (bnc#1132694). - Delete patches.suse/kvm-Workaround-OUT-0x7E.patch. Update per upstream. - commit 93ba681 - memcg: make it work on sparse non-0-node systems (bnc#1133616). - commit c0ba22a - Workaround Qemu "OUT 0x7E" handling in KVM (bnc#1132694). - commit e8fc1e9 - Update to 5.1-rc7 - add patches.suse/rdma-fix-argument-of-ZERO_PAGE-in-rdma_umap_fault.patch (tentative s390x build fix) - New config options: - ARM: - KEYBOARD_SNVS_PWRKEY=m - armv7hl: - FRAME_POINTER=y - UNWINDER_FRAME_POINTER=y - commit 04c1966 - Linux 5.0.10 (bnc#1012628). - bonding: fix event handling for stacked bonds (bnc#1012628). - failover: allow name change on IFF_UP slave interfaces (bnc#1012628). - net: atm: Fix potential Spectre v1 vulnerabilities (bnc#1012628). - net: bridge: fix per-port af_packet sockets (bnc#1012628). - net: bridge: multicast: use rcu to access port list from br_multicast_start_querier (bnc#1012628). - net: fec: manage ahb clock in runtime pm (bnc#1012628). - net: Fix missing meta data in skb with vlan packet (bnc#1012628). - net: fou: do not use guehdr after iptunnel_pull_offloads in gue_udp_recv (bnc#1012628). - tcp: tcp_grow_window() needs to respect tcp_space() (bnc#1012628). - team: set slave to promisc if team is already in promisc mode (bnc#1012628). - tipc: missing entries in name table of publications (bnc#1012628). - vhost: reject zero size iova range (bnc#1012628). - ipv4: recompile ip options in ipv4_link_failure (bnc#1012628). - ipv4: ensure rcu_read_lock() in ipv4_link_failure() (bnc#1012628). - mlxsw: spectrum_switchdev: Add MDB entries in prepare phase (bnc#1012628). - mlxsw: core: Do not use WQ_MEM_RECLAIM for EMAD workqueue (bnc#1012628). - mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw ordered workqueue (bnc#1012628). - mlxsw: core: Do not use WQ_MEM_RECLAIM for mlxsw workqueue (bnc#1012628). - mlxsw: spectrum_router: Do not check VRF MAC address (bnc#1012628). - net: thunderx: raise XDP MTU to 1508 (bnc#1012628). - net: thunderx: don't allow jumbo frames with XDP (bnc#1012628). - net/tls: fix the IV leaks (bnc#1012628). - net/tls: don't leak partially sent record in device mode (bnc#1012628). - net: strparser: partially revert "strparser: Call skb_unclone conditionally" (bnc#1012628). - net/tls: fix build without CONFIG_TLS_DEVICE (bnc#1012628). - net: bridge: fix netlink export of vlan_stats_per_port option (bnc#1012628). - net/mlx5e: XDP, Avoid checksum complete when XDP prog is loaded (bnc#1012628). - net/mlx5e: Protect against non-uplink representor for encap (bnc#1012628). - net/mlx5e: Switch to Toeplitz RSS hash by default (bnc#1012628). - net/mlx5e: Rx, Fixup skb checksum for packets with tail padding (bnc#1012628). - net/mlx5e: Rx, Check ip headers sanity (bnc#1012628). - Revert "net/mlx5e: Enable reporting checksum unnecessary also for L3 packets" (bnc#1012628). - net/mlx5: FPGA, tls, hold rcu read lock a bit longer (bnc#1012628). - net/tls: prevent bad memory access in tls_is_sk_tx_device_offloaded() (bnc#1012628). - net/mlx5: FPGA, tls, idr remove on flow delete (bnc#1012628). - route: Avoid crash from dereferencing NULL rt->from (bnc#1012628). - nfp: flower: replace CFI with vlan present (bnc#1012628). - nfp: flower: remove vlan CFI bit from push vlan action (bnc#1012628). - sch_cake: Use tc_skb_protocol() helper for getting packet protocol (bnc#1012628). - sch_cake: Make sure we can write the IP header before changing DSCP bits (bnc#1012628). - NFC: nci: Add some bounds checking in nci_hci_cmd_received() (bnc#1012628). - nfc: nci: Potential off by one in ->pipes[] array (bnc#1012628). - sch_cake: Simplify logic in cake_select_tin() (bnc#1012628). - CIFS: keep FileInfo handle live during oplock break (bnc#1012628). - cifs: Fix lease buffer length error (bnc#1012628). - cifs: Fix use-after-free in SMB2_write (bnc#1012628). - cifs: Fix use-after-free in SMB2_read (bnc#1012628). - cifs: fix handle leak in smb2_query_symlink() (bnc#1012628). - fs/dax: Deposit pagetable even when installing zero page (bnc#1012628). - KVM: x86: Don't clear EFER during SMM transitions for 32-bit vCPU (bnc#1012628). - KVM: x86: svm: make sure NMI is injected after nmi_singlestep (bnc#1012628). - Staging: iio: meter: fixed typo (bnc#1012628). - staging: iio: ad7192: Fix ad7193 channel address (bnc#1012628). - iio: gyro: mpu3050: fix chip ID reading (bnc#1012628). - iio/gyro/bmg160: Use millidegrees for temperature scale (bnc#1012628). - iio:chemical:bme680: Fix, report temperature in millidegrees (bnc#1012628). - iio:chemical:bme680: Fix SPI read interface (bnc#1012628). - iio: cros_ec: Fix the maths for gyro scale calculation (bnc#1012628). - iio: ad_sigma_delta: select channel when reading register (bnc#1012628). - iio: dac: mcp4725: add missing powerdown bits in store eeprom (bnc#1012628). - iio: Fix scan mask selection (bnc#1012628). - iio: adc: at91: disable adc channel interrupt in timeout case (bnc#1012628). - iio: core: fix a possible circular locking dependency (bnc#1012628). - io: accel: kxcjk1013: restore the range after resume (bnc#1012628). - staging: most: core: use device description as name (bnc#1012628). - staging: comedi: vmk80xx: Fix use of uninitialized semaphore (bnc#1012628). - staging: comedi: vmk80xx: Fix possible double-free of - >usb_rx_buf (bnc#1012628). - staging: comedi: ni_usb6501: Fix use of uninitialized mutex (bnc#1012628). - staging: comedi: ni_usb6501: Fix possible double-free of - >usb_rx_buf (bnc#1012628). - ALSA: hda/realtek - add two more pin configuration sets to quirk table (bnc#1012628). - ALSA: core: Fix card races between register and disconnect (bnc#1012628). - Input: elan_i2c - add hardware ID for multiple Lenovo laptops (bnc#1012628). - serial: sh-sci: Fix HSCIF RX sampling point adjustment (bnc#1012628). - serial: sh-sci: Fix HSCIF RX sampling point calculation (bnc#1012628). - vt: fix cursor when clearing the screen (bnc#1012628). - scsi: core: set result when the command cannot be dispatched (bnc#1012628). - Revert "scsi: fcoe: clear FC_RP_STARTED flags when receiving a LOGO" (bnc#1012628). - i3c: dw: Fix dw_i3c_master_disable controller by using correct mask (bnc#1012628). - i3c: Fix the verification of random PID (bnc#1012628). - Revert "svm: Fix AVIC incomplete IPI emulation" (bnc#1012628). - coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping (bnc#1012628). - x86/kvm: move kvm_load/put_guest_xcr0 into atomic context (bnc#1012628). - ipmi: fix sleep-in-atomic in free_user at cleanup SRCU user->release_barrier (bnc#1012628). - crypto: x86/poly1305 - fix overflow during partial reduction (bnc#1012628). - drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (bnc#1012628). - arm64: futex: Restore oldval initialization to work around buggy compilers (bnc#1012628). - x86/kprobes: Verify stack frame on kretprobe (bnc#1012628). - kprobes: Mark ftrace mcount handler functions nokprobe (bnc#1012628). - x86/kprobes: Avoid kretprobe recursion bug (bnc#1012628). - kprobes: Fix error check when reusing optimized probes (bnc#1012628). - rt2x00: do not increment sequence number while re-transmitting (bnc#1012628). - mac80211: do not call driver wake_tx_queue op during reconfig (bnc#1012628). - s390/mem_detect: Use IS_ENABLED(CONFIG_BLK_DEV_INITRD) (bnc#1012628). - drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (bnc#1012628). - perf/x86/amd: Add event map for AMD Family 17h (bnc#1012628). - x86/cpu/bugs: Use __initconst for 'const' init data (bnc#1012628). - perf/x86: Fix incorrect PEBS_REGS (bnc#1012628). - x86/speculation: Prevent deadlock on ssb_state::lock (bnc#1012628). - timers/sched_clock: Prevent generic sched_clock wrap caused by tick_freeze() (bnc#1012628). - nfit/ars: Remove ars_start_flags (bnc#1012628). - nfit/ars: Introduce scrub_flags (bnc#1012628). - nfit/ars: Allow root to busy-poll the ARS state machine (bnc#1012628). - nfit/ars: Avoid stale ARS results (bnc#1012628). - tpm/tpm_i2c_atmel: Return -E2BIG when the transfer is incomplete (bnc#1012628). - tpm: Fix the type of the return value in calc_tpm2_event_size() (bnc#1012628). - Revert "kbuild: use -Oz instead of -Os when using clang" (bnc#1012628). - sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (bnc#1012628). - tpm: fix an invalid condition in tpm_common_poll (bnc#1012628). - mt76x02: avoid status_list.lock and sta->rate_ctrl_lock dependency (bnc#1012628). - device_cgroup: fix RCU imbalance in error case (bnc#1012628). - perf/ring_buffer: Fix AUX record suppression (bnc#1012628). - mm/memory_hotplug: do not unlock after failing to take the device_hotplug_lock (bnc#1012628). - mm/vmstat.c: fix /proc/vmstat format for CONFIG_DEBUG_TLBFLUSH=y CONFIG_SMP=n (bnc#1012628). - ALSA: info: Fix racy addition/deletion of nodes (bnc#1012628). - percpu: stop printing kernel addresses (bnc#1012628). - commit 048e1d2 - kernel/sysctl.c: fix out-of-bounds access when setting file-max (kasan). - commit 09ca824 - Update to v5.1-rc6 - New config options: - IIO: - SENSIRION_SGP30=n - commit ab97af0 - Linux 5.0.9 (bnc#1012628). - paride/pcd: Fix potential NULL pointer dereference and mem leak (bnc#1012628). - paride/pf: Fix potential NULL pointer dereference (bnc#1012628). - IB/hfi1: Failed to drain send queue when QP is put into error state (bnc#1012628). - bpf: fix use after free in bpf_evict_inode (bnc#1012628). - include/linux/swap.h: use offsetof() instead of custom __swapoffset macro (bnc#1012628). - f2fs: fix to add refcount once page is tagged PG_private (bnc#1012628). - f2fs: fix to use kvfree instead of kzfree (bnc#1012628). - f2fs: fix to dirty inode for i_mode recovery (bnc#1012628). - rxrpc: Fix client call connect/disconnect race (bnc#1012628). - lib/div64.c: off by one in shift (bnc#1012628). - cifs: return -ENODATA when deleting an xattr that does not exist (bnc#1012628). - appletalk: Fix use-after-free in atalk_proc_exit (bnc#1012628). - drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (bnc#1012628). - ARM: 8839/1: kprobe: make patch_lock a raw_spinlock_t (bnc#1012628). - platform/x86: intel_pmc_core: Quirk to ignore XTAL shutdown (bnc#1012628). - drm/nouveau/volt/gf117: fix speedo readout register (bnc#1012628). - f2fs: sync filesystem after roll-forward recovery (bnc#1012628). - PCI/ASPM: Save LTR Capability for suspend/resume (bnc#1012628). - PCI: Blacklist power management of Gigabyte X299 DESIGNARE EX PCIe ports (bnc#1012628). - coresight: cpu-debug: Support for CA73 CPUs (bnc#1012628). - RDMA/hns: Fix the Oops during rmmod or insmod ko when reset occurs (bnc#1012628). - Revert "ACPI / EC: Remove old CLEAR_ON_RESUME quirk" (bnc#1012628). - crypto: axis - fix for recursive locking from bottom half (bnc#1012628). - net: hns3: Fix NULL deref when unloading driver (bnc#1012628). - drm/panel: panel-innolux: set display off in innolux_panel_unprepare (bnc#1012628). - drm/amdgpu: psp_ring_destroy cause psp->km_ring.ring_mem NULL (bnc#1012628). - lkdtm: Add tests for NULL pointer dereference (bnc#1012628). - lkdtm: Print real addresses (bnc#1012628). - ext4: prohibit fstrim in norecovery mode (bnc#1012628). - x86/gart: Exclude GART aperture from kcore (bnc#1012628). - cifs: Fix slab-out-of-bounds when tracing SMB tcon (bnc#1012628). - fix incorrect error code mapping for OBJECTID_NOT_FOUND (bnc#1012628). - cifs: fix that return -EINVAL when do dedupe operation (bnc#1012628). - x86/hw_breakpoints: Make default case in hw_breakpoint_arch_parse() return an error (bnc#1012628). - iommu/vt-d: Save the right domain ID used by hardware (bnc#1012628). - iommu/vt-d: Check capability before disabling protected memory (bnc#1012628). - drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure (bnc#1012628). - x86/cpu/cyrix: Use correct macros for Cyrix calls on Geode processors (bnc#1012628). - x86/hyperv: Prevent potential NULL pointer dereference (bnc#1012628). - x86/hpet: Prevent potential NULL pointer dereference (bnc#1012628). - irqchip/mbigen: Don't clear eventid when freeing an MSI (bnc#1012628). - irqchip/stm32: Don't set rising configuration registers at init (bnc#1012628). - irqchip/stm32: Don't clear rising/falling config registers at init (bnc#1012628). - drm/exynos/mixer: fix MIXER shadow registry synchronisation code (bnc#1012628). - blk-iolatency: #include "blk.h" (bnc#1012628). - PM / Domains: Avoid a potential deadlock (bnc#1012628). - ACPI / utils: Drop reference in test for device presence (bnc#1012628). - perf tests: Fix a memory leak in test__perf_evsel__tp_sched_test() (bnc#1012628). - perf tests: Fix memory leak by expr__find_other() in test__expr() (bnc#1012628). - perf tests: Fix a memory leak of cpu_map object in the openat_syscall_event_on_all_cpus test (bnc#1012628). - perf evsel: Free evsel->counts in perf_evsel__exit() (bnc#1012628). - perf top: Fix global-buffer-overflow issue (bnc#1012628). - perf maps: Purge all maps from the 'names' tree (bnc#1012628). - perf map: Remove map from 'names' tree in __maps__remove() (bnc#1012628). - perf hist: Add missing map__put() in error case (bnc#1012628). - perf top: Fix error handling in cmd_top() (bnc#1012628). - perf build-id: Fix memory leak in print_sdt_events() (bnc#1012628). - perf config: Fix a memory leak in collect_config() (bnc#1012628). - perf config: Fix an error in the config template documentation (bnc#1012628). - perf tools: Fix errors under optimization level '-Og' (bnc#1012628). - perf list: Don't forget to drop the reference to the allocated thread_map (bnc#1012628). - perf stat: Fix --no-scale (bnc#1012628). - scsi: qla2xxx: Fix NULL pointer crash due to stale CPUID (bnc#1012628). - scsi: core: Also call destroy_rcu_head() for passthrough requests (bnc#1012628). - tools/power turbostat: return the exit status of a command (bnc#1012628). - x86/mm: Don't leak kernel addresses (bnc#1012628). - sched/core: Fix buffer overflow in cgroup2 property cpu.max (bnc#1012628). - sched/cpufreq: Fix 32-bit math overflow (bnc#1012628). - scsi: iscsi: flush running unbind operations when removing a session (bnc#1012628). - thermal/intel_powerclamp: fix truncated kthread name (bnc#1012628). - thermal/int340x_thermal: fix mode setting (bnc#1012628). - thermal/int340x_thermal: Add additional UUIDs (bnc#1012628). - thermal: bcm2835: Fix crash in bcm2835_thermal_debugfs (bnc#1012628). - thermal: samsung: Fix incorrect check after code merge (bnc#1012628). - thermal/intel_powerclamp: fix __percpu declaration of worker_data (bnc#1012628). - paride/pcd: cleanup queues when detection fails (bnc#1012628). - paride/pf: cleanup queues when detection fails (bnc#1012628). - ALSA: opl3: fix mismatch between snd_opl3_drum_switch definition and declaration (bnc#1012628). - mmc: davinci: remove extraneous __init annotation (bnc#1012628). - i40iw: Avoid panic when handling the inetdev event (bnc#1012628). - IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bnc#1012628). - drm/udl: use drm_gem_object_put_unlocked (bnc#1012628). - auxdisplay: hd44780: Fix memory leak on ->remove() (bnc#1012628). - ALSA: sb8: add a check for request_region (bnc#1012628). - ALSA: echoaudio: add a check for ioremap_nocache (bnc#1012628). - ext4: report real fs size after failed resize (bnc#1012628). - ext4: add missing brelse() in add_new_gdb_meta_bg() (bnc#1012628). - ext4: avoid panic during forced reboot (bnc#1012628). - mips: bcm47xx: Enable USB power on Netgear WNDR3400v2 (bnc#1012628). - perf/core: Restore mmap record type correctly (bnc#1012628). - inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch() (bnc#1012628). - arc: hsdk_defconfig: Enable CONFIG_BLK_DEV_RAM (bnc#1012628). - ARC: u-boot args: check that magic number is correct (bnc#1012628). - commit 7bd8353 - brcmfmac: assure SSID length from firmware is limited (CVE-2019-9500,bsc#1132681). - brcmfmac: add subtype check for event handling in data path (CVE-2019-8564,bsc#1132673). - commit 4835ec0 - Move the vfio patch from kernel.org to suse. kernel.org is only for stable patches. - commit 6daf8be - Linux 5.0.8 (bnc#1012628). - drm/i915/gvt: do not let pin count of shadow mm go negative (bnc#1012628). - kbuild: pkg: use -f $(srctree)/Makefile to recurse to top Makefile (bnc#1012628). - netfilter: nft_compat: use .release_ops and remove list of extension (bnc#1012628). - netfilter: nf_tables: use-after-free in dynamic operations (bnc#1012628). - netfilter: nf_tables: add missing ->release_ops() in error path of newrule() (bnc#1012628). - hv_netvsc: Fix unwanted wakeup after tx_disable (bnc#1012628). - ibmvnic: Fix completion structure initialization (bnc#1012628). - ip6_tunnel: Match to ARPHRD_TUNNEL6 for dev type (bnc#1012628). - ipv6: Fix dangling pointer when ipv6 fragment (bnc#1012628). - ipv6: sit: reset ip header pointer in ipip6_rcv (bnc#1012628). - net: ethtool: not call vzalloc for zero sized memory request (bnc#1012628). - net-gro: Fix GRO flush when receiving a GSO packet (bnc#1012628). - net/mlx5: Decrease default mr cache size (bnc#1012628). - netns: provide pure entropy for net_hash_mix() (bnc#1012628). - net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock() (bnc#1012628). - net/sched: act_sample: fix divide by zero in the traffic path (bnc#1012628). - net/sched: fix ->get helper of the matchall cls (bnc#1012628). - openvswitch: fix flow actions reallocation (bnc#1012628). - qmi_wwan: add Olicard 600 (bnc#1012628). - r8169: disable ASPM again (bnc#1012628). - sctp: initialize _pad of sockaddr_in before copying to user memory (bnc#1012628). - tcp: Ensure DCTCP reacts to losses (bnc#1012628). - tcp: fix a potential NULL pointer dereference in tcp_sk_exit (bnc#1012628). - vrf: check accept_source_route on the original netdevice (bnc#1012628). - net/mlx5e: Fix error handling when refreshing TIRs (bnc#1012628). - net/mlx5e: Add a lock on tir list (bnc#1012628). - nfp: validate the return code from dev_queue_xmit() (bnc#1012628). - nfp: disable netpoll on representors (bnc#1012628). - bnxt_en: Improve RX consumer index validity check (bnc#1012628). - bnxt_en: Reset device on RX buffer errors (bnc#1012628). - net: ip_gre: fix possible use-after-free in erspan_rcv (bnc#1012628). - net: ip6_gre: fix possible use-after-free in ip6erspan_rcv (bnc#1012628). - net: bridge: always clear mcast matching struct on reports and leaves (bnc#1012628). - net: thunderx: fix NULL pointer dereference in nicvf_open/nicvf_stop (bnc#1012628). - net: vrf: Fix ping failed when vrf mtu is set to 0 (bnc#1012628). - net: core: netif_receive_skb_list: unlist skb before passing to pt->func (bnc#1012628). - r8169: disable default rx interrupt coalescing on RTL8168 (bnc#1012628). - net: mlx5: Add a missing check on idr_find, free buf (bnc#1012628). - net/mlx5e: Update xoff formula (bnc#1012628). - net/mlx5e: Update xon formula (bnc#1012628). - kbuild: clang: choose GCC_TOOLCHAIN_DIR not on LD (bnc#1012628). - lib/string.c: implement a basic bcmp (bnc#1012628). - Revert "clk: meson: clean-up clock registration" (bnc#1012628). - tty: mark Siemens R3964 line discipline as BROKEN (bnc#1012628). - tty: ldisc: add sysctl to prevent autoloading of ldiscs (bnc#1012628). - hwmon: (w83773g) Select REGMAP_I2C to fix build error (bnc#1012628). - hwmon: (occ) Fix power sensor indexing (bnc#1012628). - SMB3: Allow persistent handle timeout to be configurable on mount (bnc#1012628). - HID: logitech: Handle 0 scroll events for the m560 (bnc#1012628). - ACPICA: Clear status of GPEs before enabling them (bnc#1012628). - ACPICA: Namespace: remove address node from global list after method termination (bnc#1012628). - ALSA: seq: Fix OOB-reads from strlcpy (bnc#1012628). - ALSA: hda/realtek: Enable headset MIC of Acer TravelMate B114-21 with ALC233 (bnc#1012628). - ALSA: hda/realtek - Add quirk for Tuxedo XC 1509 (bnc#1012628). - ALSA: xen-front: Do not use stream buffer size before it is set (bnc#1012628). - ALSA: hda - Add two more machines to the power_save_blacklist (bnc#1012628). - mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd() (bnc#1012628). - arm64: dts: rockchip: fix rk3328 sdmmc0 write errors (bnc#1012628). - mmc: alcor: don't write data before command has completed (bnc#1012628). - mmc: sdhci-omap: Don't finish_mrq() on a command error during tuning (bnc#1012628). - parisc: Detect QEMU earlier in boot process (bnc#1012628). - parisc: regs_return_value() should return gpr28 (bnc#1012628). - parisc: also set iaoq_b in instruction_pointer_set() (bnc#1012628). - alarmtimer: Return correct remaining time (bnc#1012628). - drm/i915/gvt: do not deliver a workload if its creation fails (bnc#1012628). - drm/sun4i: DW HDMI: Lower max. supported rate for H6 (bnc#1012628). - drm/udl: add a release method and delay modeset teardown (bnc#1012628). - kvm: svm: fix potential get_num_contig_pages overflow (bnc#1012628). - include/linux/bitrev.h: fix constant bitrev (bnc#1012628). - mm: writeback: use exact memcg dirty counts (bnc#1012628). - ASoC: intel: Fix crash at suspend/resume after failed codec registration (bnc#1012628). - ASoC: fsl_esai: fix channel swap issue when stream starts (bnc#1012628). - Btrfs: do not allow trimming when a fs is mounted with the nologreplay option (bnc#1012628). - btrfs: prop: fix zstd compression parameter validation (bnc#1012628). - btrfs: prop: fix vanished compression property after failed set (bnc#1012628). - riscv: Fix syscall_get_arguments() and syscall_set_arguments() (bnc#1012628). - block: Revert v5.0 blk_mq_request_issue_directly() changes (bnc#1012628). - block: do not leak memory in bio_copy_user_iov() (bnc#1012628). - block: fix the return errno for direct IO (bnc#1012628). - genirq: Respect IRQCHIP_SKIP_SET_WAKE in irq_chip_set_wake_parent() (bnc#1012628). - genirq: Initialize request_mutex if CONFIG_SPARSE_IRQ=n (bnc#1012628). - virtio: Honour 'may_reduce_num' in vring_create_virtqueue (bnc#1012628). - ARM: OMAP1: ams-delta: Fix broken GPIO ID allocation (bnc#1012628). - ARM: dts: rockchip: fix rk3288 cpu opp node reference (bnc#1012628). - ARM: dts: am335x-evmsk: Correct the regulators for the audio codec (bnc#1012628). - ARM: dts: am335x-evm: Correct the regulators for the audio codec (bnc#1012628). - ARM: dts: rockchip: Fix SD card detection on rk3288-tinker (bnc#1012628). - ARM: dts: at91: Fix typo in ISC_D0 on PC9 (bnc#1012628). - arm64: futex: Fix FUTEX_WAKE_OP atomic ops with non-zero result value (bnc#1012628). - arm64: dts: rockchip: Fix vcc_host1_5v GPIO polarity on rk3328-rock64 (bnc#1012628). - arm64: dts: rockchip: fix rk3328 rgmii high tx error rate (bnc#1012628). - arm64: backtrace: Don't bother trying to unwind the userspace stack (bnc#1012628). - arm64/ftrace: fix inadvertent BUG() in trampoline check (bnc#1012628). - IB/mlx5: Reset access mask when looping inside page fault handler (bnc#1012628). - xen: Prevent buffer overflow in privcmd ioctl (bnc#1012628). - sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (bnc#1012628). - xtensa: fix return_address (bnc#1012628). - csky: Fix syscall_get_arguments() and syscall_set_arguments() (bnc#1012628). - x86/asm: Remove dead __GNUC__ conditionals (bnc#1012628). - x86/asm: Use stricter assembly constraints in bitops (bnc#1012628). - x86/perf/amd: Resolve race condition when disabling PMC (bnc#1012628). - x86/perf/amd: Resolve NMI latency issues for active PMCs (bnc#1012628). - x86/perf/amd: Remove need to check "running" bit in NMI handler (bnc#1012628). - PCI: Add function 1 DMA alias quirk for Marvell 9170 SATA controller (bnc#1012628). - PCI: pciehp: Ignore Link State Changes after powering off a slot (bnc#1012628). - xprtrdma: Fix helper that drains the transport (bnc#1012628). - powerpc/64s/radix: Fix radix segment exception handling (bnc#1012628). - dm integrity: change memcmp to strncmp in dm_integrity_ctr (bnc#1012628). - dm: revert 8f50e358153d ("dm: limit the max bio size as BIO_MAX_PAGES * PAGE_SIZE") (bnc#1012628). - dm table: propagate BDI_CAP_STABLE_WRITES to fix sporadic checksum errors (bnc#1012628). - dm: disable DISCARD if the underlying storage no longer supports it (bnc#1012628). - dm integrity: fix deadlock with overlapping I/O (bnc#1012628). - drm/virtio: do NOT reuse resource ids (bnc#1012628). - Update config files: keep LDISC_AUTOLOAD and let R3964 go * LDISC_AUTOLOAD is new and =y preserves the original behaviour. * R3964 was marked as BROKEN. - commit 33c0e93 - series.conf: cleanup patches.suse/ext2-fsync-err was deleted in 2011 but its (commented out) line in series.conf was left behind. - commit d2aebe3 - Delete patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. - Delete patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. - Delete patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. - Delete patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. - Delete patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. Drop SUSE-specific IBRS-on-SKL implementation. Please refer to page 16 of Intel's paper [1]: "Intel considers the risk of an attack based on exploiting deep call stacks low." [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf - Delete patches.suse/0001-x86-speculation-Add-basic-IBRS-support-infrastructur.patch. - Delete patches.suse/0002-x86-speculation-Add-inlines-to-control-Indirect-Bran.patch. - Delete patches.suse/0003-x86-idle-Control-Indirect-Branch-Speculation-in-idle.patch. - Delete patches.suse/0004-x86-enter-Create-macros-to-restrict-unrestrict-Indir.patch. - Delete patches.suse/0005-x86-enter-Use-IBRS-on-syscall-and-interrupts.patch. Drop SUSE-specific IBRS-on-SKL implementation. Please refer to page 16 of [1] [1] https://software.intel.com/security-software-guidance/api-app/sites/default/files/Retpoline-A-Branch-Target-Injection-Mitigation.pdf - commit 2cfda4d - Refresh patches.suse/drm-i915-dp-revert-back-to-max-link-rate-and-lane-count-on-eDP.patch. - commit 8a6bcaf - Update to 5.1-rc5 - commit 2fd333d - vfio/type1: Limit DMA mappings per container (CVE-2019-3882 bsc#1131427). - commit 012b5f1 - KVM: x86: nVMX: fix x2APIC VTPR read intercept (CVE-2019-3887 bsc#1131800). - KVM: x86: nVMX: close leak of L0's x2APIC MSRs (CVE-2019-3887) (CVE-2019-3887 bsc#1131800). - commit d597027 - Do not provide kernel-default from kernel-default-base (boo#1132154, bsc#1106751). - commit 0e54e61 - rpm/kernel-subpackage-spec: only provide firmware actually present in subpackage. - commit 839debd - kcm: switch order of device registration to fix a crash (bnc#1130527). - commit 508a450 - kernel-subpackage-spec: Add dummy package to ensure subpackages are rebuilt with kernel update (bsc#1106751). In factory packages are not rebuilt automatically so a dependency is needed on the old kernel to get a rebuild with the new kernel. THe subpackage itself cannot depend on the kernel so add another empty pacakge that does depend on it. - commit 6d14837 - drm/i915/dp: revert back to max link rate and lane count on eDP (bsc#1132033). - commit d7dabeb - Disable CONFIG_SERIO_OLPC_APSP on all but armv7 This driver is only used by ARMv7-based OLPC laptops. - commit 7b1b640 - Disable CONFIG_SENSORS_OCC_* These drivers are running on the BMC of PowerPC servers. The BMC runs OpenBMC and is not a target for SUSE distributions. - commit a82eb87 - config: disable DEVKMEM (bsc#1128045) - commit 8b88553 - Update to 5.1-rc4 - Refresh configs - commit e334e4f - Linux 5.0.7 (bnc#1012628). - ext4: cleanup bh release code in ext4_ind_remove_space() (bnc#1012628). - CIFS: fix POSIX lock leak and invalid ptr deref (bnc#1012628). - nvme-fc: fix numa_node when dev is null (bnc#1012628). - nvme-loop: init nvmet_ctrl fatal_err_work when allocate (bnc#1012628). - h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- (bnc#1012628). - f2fs: fix to adapt small inline xattr space in __find_inline_xattr() (bnc#1012628). - f2fs: fix to avoid deadlock in f2fs_read_inline_dir() (bnc#1012628). - apparmor: fix double free when unpack of secmark rules fails (bnc#1012628). - tracing: kdb: Fix ftdump to not sleep (bnc#1012628). - net/mlx5e: Fix access to non-existing receive queue (bnc#1012628). - net/mlx5: Avoid panic when setting vport rate (bnc#1012628). - net/mlx5: Avoid panic when setting vport mac, getting vport config (bnc#1012628). - xsk: fix to reject invalid flags in xsk_bind (bnc#1012628). - clk: ti: clkctrl: Fix clkdm_name regression for TI_CLK_CLKCTRL_COMPAT (bnc#1012628). - gpio: gpio-omap: fix level interrupt idling (bnc#1012628). - include/linux/relay.h: fix percpu annotation in struct rchan (bnc#1012628). - sysctl: handle overflow for file-max (bnc#1012628). - net: stmmac: Avoid sometimes uninitialized Clang warnings (bnc#1012628). - enic: fix build warning without CONFIG_CPUMASK_OFFSTACK (bnc#1012628). - libbpf: force fixdep compilation at the start of the build (bnc#1012628). - scsi: hisi_sas: Set PHY linkrate when disconnected (bnc#1012628). - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bnc#1012628). - iio: adc: fix warning in Qualcomm PM8xxx HK/XOADC driver (bnc#1012628). - x86/hyperv: Fix kernel panic when kexec on HyperV (bnc#1012628). - perf c2c: Fix c2c report for empty numa node (bnc#1012628). - mm/sparse: fix a bad comparison (bnc#1012628). - mm/cma.c: cma_declare_contiguous: correct err handling (bnc#1012628). - mm/page_ext.c: fix an imbalance with kmemleak (bnc#1012628). - mm, swap: bounds check swap_info array accesses to avoid NULL derefs (bnc#1012628). - docs/core-api/mm: fix user memory accessors formatting (bnc#1012628). - mm,oom: don't kill global init via memory.oom.group (bnc#1012628). - memcg: killed threads should not invoke memcg OOM killer (bnc#1012628). - mm, mempolicy: fix uninit memory access (bnc#1012628). - mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! (bnc#1012628). - mm/slab.c: kmemleak no scan alien caches (bnc#1012628). - ocfs2: fix a panic problem caused by o2cb_ctl (bnc#1012628). - f2fs: do not use mutex lock in atomic context (bnc#1012628). - f2fs: fix to data block override node segment by mistake (bnc#1012628). - fs/file.c: initialize init_files.resize_wait (bnc#1012628). - page_poison: play nicely with KASAN (bnc#1012628). - kasan: fix kasan_check_read/write definitions (bnc#1012628). - cifs: use correct format characters (bnc#1012628). - dm thin: add sanity checks to thin-pool and external snapshot creation (bnc#1012628). - f2fs: fix to check inline_xattr_size boundary correctly (bnc#1012628). - cifs: Accept validate negotiate if server return NT_STATUS_NOT_SUPPORTED (bnc#1012628). - perf beauty msg_flags: Add missing %s lost when adding prefix suppression logic (bnc#1012628). - netfilter: nf_tables: check the result of dereferencing base_chain->stats (bnc#1012628). - PCI: mediatek: Fix memory mapped IO range size computation (bnc#1012628). - netfilter: conntrack: tcp: only close if RST matches exact sequence (bnc#1012628). - iommu/vt-d: Disable ATS support on untrusted devices (bnc#1012628). - jbd2: fix invalid descriptor block checksum (bnc#1012628). - ext4: fix bigalloc cluster freeing when hole punching under load (bnc#1012628). - fs: fix guard_bio_eod to check for real EOD errors (bnc#1012628). - tools lib traceevent: Fix buffer overflow in arg_eval (bnc#1012628). - mm/resource: Return real error codes from walk failures (bnc#1012628). - PCI/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove() (bnc#1012628). - wil6210: check null pointer in _wil_cfg80211_merge_extra_ies (bnc#1012628). - mt76: fix a leaked reference by adding a missing of_node_put (bnc#1012628). - ath10k: Fix the wrong updation of BW in tx_stats debugfs entry (bnc#1012628). - lockdep/lib/tests: Fix run_tests.sh (bnc#1012628). - crypto: crypto4xx - add missing of_node_put after of_device_is_available (bnc#1012628). - crypto: cavium/zip - fix collision with generic cra_driver_name (bnc#1012628). - tools/bpf: selftests: add map lookup to test_map_in_map bpf prog (bnc#1012628). - usb: chipidea: Grab the (legacy) USB PHY by phandle first (bnc#1012628). - powerpc/powernv/ioda: Fix locked_vm counting for memory used by IOMMU tables (bnc#1012628). - scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c (bnc#1012628). - kbuild: invoke syncconfig if include/config/auto.conf.cmd is missing (bnc#1012628). - kbuild: make -r/-R effective in top Makefile for old Make versions (bnc#1012628). - btrfs: save drop_progress if we drop refs at all (bnc#1012628). - drm/amd/display: Fix reference counting for struct dc_sink (bnc#1012628). - ath10k: don't report unset rssi values to mac80211 (bnc#1012628). - powerpc/xmon: Fix opcode being uninitialized in print_insn_powerpc (bnc#1012628). - coresight: etm4x: Add support to enable ETMv4.2 (bnc#1012628). - serial: 8250_pxa: honor the port number from devicetree (bnc#1012628). - ARM: 8840/1: use a raw_spinlock_t in unwind (bnc#1012628). - ARM: 8845/1: use unified assembler in c files (bnc#1012628). - iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables (bnc#1012628). - powerpc/hugetlb: Handle mmap_min_addr correctly in get_unmapped_area callback (bnc#1012628). - net: dsa: mv88e6xxx: Default CMODE to 1000BaseX only on 6390X (bnc#1012628). - ice: fix ice_remove_rule_internal vsi_list handling (bnc#1012628). - perf script: Handle missing fields with -F +. (bnc#1012628). - btrfs: qgroup: Make qgroup async transaction commit more aggressive (bnc#1012628). - btrfs: don't enospc all tickets on flush failure (bnc#1012628). - mmc: omap: fix the maximum timeout setting (bnc#1012628). - net: dsa: mv88e6xxx: Add lockdep classes to fix false positive splat (bnc#1012628). - net: hns3: fix setting of the hns reset_type for rdma hw errors (bnc#1012628). - veth: Fix -Wformat-truncation (bnc#1012628). - e1000e: Fix -Wformat-truncation warnings (bnc#1012628). - mlxsw: spectrum: Avoid -Wformat-truncation warnings (bnc#1012628). - i2c: Allow recovery of the initial IRQ by an I2C client device (bnc#1012628). - platform/x86: ideapad-laptop: Fix no_hw_rfkill_list for Lenovo RESCUER R720-15IKBN (bnc#1012628). - platform/mellanox: mlxreg-hotplug: Fix KASAN warning (bnc#1012628). - loop: set GENHD_FL_NO_PART_SCAN after blkdev_reread_part() (bnc#1012628). - i2c: designware: Do not allow i2c_dw_xfer() calls while suspended (bnc#1012628). - IB/mlx4: Increase the timeout for CM cache (bnc#1012628). - clk: fractional-divider: check parent rate only if flag is set (bnc#1012628). - perf annotate: Fix getting source line failure (bnc#1012628). - powerpc/44x: Force PCI on for CURRITUCK (bnc#1012628). - ASoC: qcom: Fix of-node refcount unbalance in qcom_snd_parse_of() (bnc#1012628). - cpufreq: acpi-cpufreq: Report if CPU doesn't support boost technologies (bnc#1012628). - efi: cper: Fix possible out-of-bounds access (bnc#1012628). - s390/ism: ignore some errors during deregistration (bnc#1012628). - scsi: megaraid_sas: return error when create DMA pool failed (bnc#1012628). - scsi: fcoe: make use of fip_mode enum complete (bnc#1012628). - drm/amd/display: Clear stream->mode_changed after commit (bnc#1012628). - perf test: Fix failure of 'evsel-tp-sched' test on s390 (bnc#1012628). - mwifiex: don't advertise IBSS features without FW support (bnc#1012628). - perf report: Don't shadow inlined symbol with different addr range (bnc#1012628). - SoC: imx-sgtl5000: add missing put_device() (bnc#1012628). - media: ov7740: fix runtime pm initialization (bnc#1012628). - media: sh_veu: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: s5p-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: rockchip/rga: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: s5p-g2d: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: mx2_emmaprp: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: mtk-jpeg: Correct return type for mem2mem buffer helpers (bnc#1012628). - media: rockchip/vpu: Correct return type for mem2mem buffer helpers (bnc#1012628). - mt76: usb: do not run mt76u_queues_deinit twice (bnc#1012628). - gpio: of: Apply regulator-gpio quirk only to enable-gpios (bnc#1012628). - xen/gntdev: Do not destroy context while dma-bufs are in use (bnc#1012628). - vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1 (bnc#1012628). - HID: intel-ish-hid: avoid binding wrong ishtp_cl_device (bnc#1012628). - cgroup, rstat: Don't flush subtree root unless necessary (bnc#1012628). - efi: Fix build error due to enum collision between efi.h and ima.h (bnc#1012628). - drm/sched: Fix entities with 0 rqs (bnc#1012628). - regulator: core: Take lock before applying system load (bnc#1012628). - jbd2: fix race when writing superblock (bnc#1012628). - leds: lp55xx: fix null deref on firmware load failure (bnc#1012628). - tools build: Add -lrt to FEATURE_CHECK_LDFLAGS-libaio (bnc#1012628). - tools build: Add test-reallocarray.c to test-all.c to fix the build (bnc#1012628). - perf beauty waitid options: Fix up prefix showing logic (bnc#1012628). - perf trace: Check if the 'fd' is negative when mapping it to pathname (bnc#1012628). - perf report: Add s390 diagnosic sampling descriptor size (bnc#1012628). - perf coresight: Do not test for libopencsd by default (bnc#1012628). - iwlwifi: pcie: fix emergency path (bnc#1012628). - ACPI / video: Refactor and fix dmi_is_desktop() (bnc#1012628). - =?UTF-8?q?selftests:=20ir:=20fix=20warning:=20"%s"=20dire?= =?UTF-8?q?ctive=20output=20may=20be=20truncated=20=E2=80=99=20directive?= =?UTF-8?q?=20output=20may=20be=20truncated?= (bnc#1012628). - selftests: skip seccomp get_metadata test if not real root (bnc#1012628). - kprobes: Prohibit probing on bsearch() (bnc#1012628). - kprobes: Prohibit probing on RCU debug routine (bnc#1012628). - netfilter: conntrack: fix cloned unconfirmed skb->_nfct race in __nf_conntrack_confirm (bnc#1012628). - ARM: 8833/1: Ensure that NEON code always compiles with Clang (bnc#1012628). - ARM: dts: meson8b: fix the Ethernet data line signals in eth_rgmii_pins (bnc#1012628). - ALSA: PCM: check if ops are defined before suspending PCM (bnc#1012628). - ath10k: fix shadow register implementation for WCN3990 (bnc#1012628). - usb: f_fs: Avoid crash due to out-of-scope stack ptr access (bnc#1012628). - sched/topology: Fix percpu data types in struct sd_data & struct s_data (bnc#1012628). - bcache: fix input overflow to cache set sysfs file io_error_halflife (bnc#1012628). - bcache: fix input overflow to sequential_cutoff (bnc#1012628). - bcache: fix potential div-zero error of writeback_rate_i_term_inverse (bnc#1012628). - bcache: improve sysfs_strtoul_clamp() (bnc#1012628). - genirq: Avoid summation loops for /proc/stat (bnc#1012628). - net: marvell: mvpp2: fix stuck in-band SGMII negotiation (bnc#1012628). - iw_cxgb4: fix srqidx leak during connection abort (bnc#1012628). - net: phy: consider latched link-down status in polling mode (bnc#1012628). - fbdev: fbmem: fix memory access if logo is bigger than the screen (bnc#1012628). - cdrom: Fix race condition in cdrom_sysctl_register (bnc#1012628). - drm: rcar-du: add missing of_node_put (bnc#1012628). - drm/amd/display: Don't re-program planes for DPMS changes (bnc#1012628). - bpf: test_maps: fix possible out of bound access warning (bnc#1012628). - x86/kexec: Fill in acpi_rsdp_addr from the first kernel (bnc#1012628). - powerpc/ptrace: Mitigate potential Spectre v1 (bnc#1012628). - drm/amd/display: Disconnect mpcc when changing tg (bnc#1012628). - perf/aux: Make perf_event accessible to setup_aux() (bnc#1012628). - e1000e: fix cyclic resets at link up with active tx (bnc#1012628). - e1000e: Exclude device from suspend direct complete optimization (bnc#1012628). - platform/x86: intel_pmc_core: Fix PCH IP sts reading (bnc#1012628). - i2c: of: Try to find an I2C adapter matching the parent (bnc#1012628). - staging: spi: mt7621: Add return code check on device_reset() (bnc#1012628). - iwlwifi: mvm: fix RFH config command with >=10 CPUs (bnc#1012628). - ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe (bnc#1012628). - sched/debug: Initialize sd_sysctl_cpus if !CONFIG_CPUMASK_OFFSTACK (bnc#1012628). - efi/memattr: Don't bail on zero VA if it equals the region's PA (bnc#1012628). - sched/core: Use READ_ONCE()/WRITE_ONCE() in move_queued_task()/task_rq_lock() (bnc#1012628). - drm/vkms: Bugfix racing hrtimer vblank handle (bnc#1012628). - drm/vkms: Bugfix extra vblank frame (bnc#1012628). - ARM: dts: lpc32xx: Remove leading 0x and 0s from bindings notation (bnc#1012628). - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (bnc#1012628). - soc: qcom: gsbi: Fix error handling in gsbi_probe() (bnc#1012628). - drm/msm/dpu: Convert to a chained irq chip (bnc#1012628). - mt7601u: bump supported EEPROM version (bnc#1012628). - ARM: 8830/1: NOMMU: Toggle only bits in EXC_RETURN we are really care of (bnc#1012628). - ARM: avoid Cortex-A9 livelock on tight dmb loops (bnc#1012628). - block, bfq: fix in-service-queue check for queue merging (bnc#1012628). - block, bfq: fix queue removal from weights tree (bnc#1012628). - bpf: fix missing prototype warnings (bnc#1012628). - selftests/bpf: skip verifier tests for unsupported program types (bnc#1012628). - powerpc/64s: Clear on-stack exception marker upon exception return (bnc#1012628). - cgroup/pids: turn cgroup_subsys->free() into cgroup_subsys->release() to fix the accounting (bnc#1012628). - backlight: pwm_bl: Use gpiod_get_value_cansleep() to get initial state (bnc#1012628). - tty: increase the default flip buffer limit to 2*640K (bnc#1012628). - powerpc/pseries: Perform full re-add of CPU for topology update post-migration (bnc#1012628). - drm/amd/display: Enable vblank interrupt during CRC capture (bnc#1012628). - ALSA: dice: add support for Solid State Logic Duende Classic/Mini (bnc#1012628). - regulator: mcp16502: Include linux/gpio/consumer.h to fix build error (bnc#1012628). - usb: dwc3: gadget: Fix OTG events when gadget driver isn't loaded (bnc#1012628). - platform/x86: intel-hid: Missing power button release on some Dell models (bnc#1012628). - perf trace: Fixup etcsnoop example (bnc#1012628). - perf script python: Use PyBytes for attr in trace-event-python (bnc#1012628). - perf script python: Add trace_context extension module to sys.modules (bnc#1012628). - media: mt9m111: set initial frame size other than 0x0 (bnc#1012628). - hwrng: virtio - Avoid repeated init of completion (bnc#1012628). - soc/tegra: fuse: Fix illegal free of IO base address (bnc#1012628). - selftests/bpf: suppress readelf stderr when probing for BTF support (bnc#1012628). - HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit (bnc#1012628). - f2fs: UBSAN: set boolean value iostat_enable correctly (bnc#1012628). - f2fs: fix to initialize variable to avoid UBSAN/smatch warning (bnc#1012628). - hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable (bnc#1012628). - pinctrl: meson: fix G12A ao pull registers base address (bnc#1012628). - pinctrl: sh-pfc: r8a77990: Fix MOD_SEL bit numbering (bnc#1012628). - pinctrl: sh-pfc: r8a77995: Fix MOD_SEL bit numbering (bnc#1012628). - cpu/hotplug: Mute hotplug lockdep during init (bnc#1012628). - dmaengine: imx-dma: fix warning comparison of distinct pointer types (bnc#1012628). - dmaengine: qcom_hidma: assign channel cookie correctly (bnc#1012628). - dmaengine: qcom_hidma: initialize tx flags in hidma_prep_dma_* (bnc#1012628). - netfilter: physdev: relax br_netfilter dependency (bnc#1012628). - media: rcar-vin: Allow independent VIN link enablement (bnc#1012628). - media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration (bnc#1012628). - PCI: pciehp: Assign ctrl->slot_ctrl before writing it to hardware (bnc#1012628). - audit: hand taken context to audit_kill_trees for syscall logging (bnc#1012628). - regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting (bnc#1012628). - pinctrl: meson: meson8b: add the eth_rxd2 and eth_rxd3 pins (bnc#1012628). - drm: Auto-set allow_fb_modifiers when given modifiers at plane init (bnc#1012628). - drm/nouveau: Stop using drm_crtc_force_disable (bnc#1012628). - x86/build: Specify elf_i386 linker emulation explicitly for i386 objects (bnc#1012628). - selinux: do not override context on context mounts (bnc#1012628). - brcmfmac: Use firmware_request_nowarn for the clm_blob (bnc#1012628). - wlcore: Fix memory leak in case wl12xx_fetch_firmware failure (bnc#1012628). - x86/build: Mark per-CPU symbols as absolute explicitly for LLD (bnc#1012628). - drm/fb-helper: fix leaks in error path of drm_fb_helper_fbdev_setup (bnc#1012628). - clk: meson: clean-up clock registration (bnc#1012628). - ARM: shmobile: Fix R-Car Gen2 regulator quirk (bnc#1012628). - clk: rockchip: fix frac settings of GPLL clock for rk3328 (bnc#1012628). - dmaengine: tegra: avoid overflow of byte tracking (bnc#1012628). - staging: iio: adt7316: fix dac_bits assignment (bnc#1012628). - Input: soc_button_array - fix mapping of the 5th GPIO in a PNP0C40 device (bnc#1012628). - ASoC: simple-card-utils: check "reg" property on asoc_simple_card_get_dai_id() (bnc#1012628). - drm: Reorder set_property_atomic to avoid returning with an active ww_ctx (bnc#1012628). - drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (bnc#1012628). - net: stmmac: Avoid one more sometimes uninitialized Clang warning (bnc#1012628). - appletalk: Fix compile regression (bnc#1012628). - gpio: of: Restrict enable-gpio quirk to regulator-gpio (bnc#1012628). - ACPI / video: Extend chassis-type detection with a "Lunch Box" check (bnc#1012628). - bcache: fix potential div-zero error of writeback_rate_p_term_inverse (bnc#1012628). - kbuild: add workaround for Debian make-kpkg (bnc#1012628). - kbuild: skip sub-make for in-tree build with GNU Make 4.x (bnc#1012628). - commit 8f18342 ==== kmod ==== Version update (25 -> 26) Subpackages: kmod-compat libkmod2 - Enable PKCS#7 signature parsing again - requires openssl - Update to new upstream release 26 * depmod now handles parallel invocations better by protecting the temporary files being used. * modprobe has a new --show-exports option. Under the hood, this reads the .symtab and .strtab sections rather than __versions so it shows useful data even if kernel is configured without modversions (CONFIG_MODVERSIONS). * modinfo supports PKCS#7 parsing by using openssl. - Replaced the asn1c-based parser by an openssl-based PKCS parser. - Remove libkmod-signature-Fix-crash-when-module-signature-is.patch, libkmod-signature-pkcs-7-fix-crash-when-signer-info-.patch, libkmod-signature-implement-pkcs7-parsing-with-asn1c.patch (not accepted upstream) - Remove enum.patch, depmod-Prevent-module-dependency-files-corruption-du.patch, depmod-Prevent-module-dependency-files-missing-durin.patch, depmod-shut-up-gcc-insufficinet-buffer-warning.patch (accepted upstream) ==== krb5 ==== - Move LDAP schema files from /usr/share/doc/packages/krb5 to /usr/share/kerberos/ldap; (bsc#1134217); ==== kubernetes ==== Version update (1.14.0 -> 1.14.1) Subpackages: kubernetes-client kubernetes-common kubernetes-kubeadm kubernetes-kubelet - Update to version 1.14.1: * Avoid panic in cronjob sorting * fix-kubeadm-upgrade-12-13-14 * kubeadm: fix "upgrade plan" not working without k8s version * Full Changelog: https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.14.md#v1141 - Fix go 1.12.1 BuildRequires - Reformat spec file with spec-cleaner - Remove references to 'is_susecaasp' macro in spec file - Remove unused config files related to previous version of CaaSP ==== kured ==== Version update (1.1.0 -> 1.2.0) - Update to version 1.2.0 - support newer kubernetes versions - Adjust kured-telemetrics.patch - Update vendor.tar.gz with recent versions - Enable building on s390x ==== ldb ==== Version update (1.4.3 -> 1.5.4) - Update to 1.5.4 + Fix standalone build of ldb. + C99 build fixes. + CVE-2019-3824 out of bounds read in wildcard compare (bug#13773) - Update to 1.5.3 + Avoid inefficient one-level searches (bug#13762) + The test api.py should not rely on order of entries in dict (bug#13772) - Update to 1.5.2 + dirsync: Allow arbitrary length cookies (bug #13686) + The build uses python3 by default: --extra-python would take python2 now + To build with python2 only use: PYTHON=python2 ./configure PYTHON=python2 make PYTHON=python2 make install ==== libaio ==== - Disable LTO (boo#1133233). ==== libapparmor ==== - Disable LTO (boo#1133091). ==== libcroco ==== Version update (0.6.12 -> 0.6.13) - Add libcroco-CVE-2017-8834.patch: fix infinite loop on invalid UTF-8 (boo#1043898 boo#1043899 bgo#782647 CVE-2017-8834 CVE-2017-8871). - Update to version 0.6.13: + Visual Studio builds: Enhance security of x64 binaries. + win32/replace.py: Fix replacing items in files with UTF-8 content. + tknzr: support only max long rgb values. + input: check end of input before reading a byte. - Drop upstream fixed patches: + libcroco-fix-CVE-2017-7960.patch. + libcroco-fix-CVE-2017-7961.patch. - Stop exporting -fno-strict-aliasing" to configure, no longer needed. - Update URL to new gitlab home. ==== libedit ==== - Update to version 20190324-3.1: * Sync with upstream sources ==== libostree ==== - Disable LTO (boo#1133120). ==== libpng16 ==== Version update (1.6.36 -> 1.6.37) - make check actually works under asan - version update to 1.6.37 Fixed a use-after-free vulnerability (CVE-2019-7317) in png_image_free. Fixed a memory leak in the ARM NEON implementation of png_do_expand_palette. Fixed a memory leak in pngtest.c. Fixed two vulnerabilities (CVE-2018-14048, CVE-2018-14550) in contrib/pngminus; refactor. Changed the license of contrib/pngminus to MIT; refresh makefile and docs. (Contributed by Willem van Schaik) Added makefiles for AddressSanitizer-enabled builds. - deleted patches - libpng-arm-free.patch (upstreamed) ==== libpsl ==== Version update (0.20.2 -> 0.21.0) - update to 0.21.0: * Add -b/--batch to 'psl' to suppress printing the domain ==== libselinux ==== Subpackages: libselinux1 selinux-tools - Set License: to correct value (bsc#1135710) - Disable LTO (boo#1133244). ==== libselinux-bindings ==== - Set License: to correct value (bsc#1135710) ==== libsoup ==== Version update (2.66.0 -> 2.66.2) - Update to version 2.66.2: + Make gettext optional (might not be available in Windows). + MSVC: set encoding to UTF-8 to avoid errors. + MinGW tests build fix. + Check for TLS support only when external glib dependency is available. - Update to version 2.66.1: + Fix dylib versioning in MacOS. + Visual Studio build fixes. + MinGW build fixes. + Meson build system improvements. + Fix random CI failures due to parallel apache tests. + Code cleanups. ==== libssh ==== - Add support for new AES-GCM encryption types; (bsc#1134193) * Add 0001-libcrypto-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch * Add 0001-libgcrypt-Implement-OpenSSH-compatible-AES-GCM-ciphe.patch * Add 0001-tests-Add-aes-gcm-ciphers-tests.patch ==== libtasn1 ==== Subpackages: libtasn1-6 - Add libtasn1-object-id-recursion.patch: limit recursion in _asn1_expand_object_id (boo#1105435 CVE-2018-1000654 (https://gitlab.com/gnutls/libtasn1/merge_requests/8) ==== libx86emu ==== Version update (2.2 -> 2.3) - merge gh#wfeldt/libx86emu#15 - include: Fix GCC strict-prototypes warning - include: Fix 'multiple definition of' linker errors - Small fixes - 2.3 ==== libxslt ==== - Security fix: [bsc#1132160, CVE-2019-11068] * Bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. * Added libxslt-CVE-2019-11068.patch ==== libyaml ==== Version update (0.2.1 -> 0.2.2) - update to 0.2.2 - refreshed libyaml-revert-emitter-changes.patch * Fix comparison in tests/run-emitter.c * Allow colons in plain scalars inside flow collections * The closing single quote needs to be indented... * Revert removing of open_ended after top level plain scalar ==== logrotate ==== Version update (3.14.0 -> 3.15.0) - Version update to 3.15.0: * timer unit: change trigger fuzz from 12h to 1h * service unit: only run if /var/log is mounted * preserve fractional part of timestamps when compressing * re-indent source code using spaces only * minage: avoid rounding issue while comparing the amount of seconds * never remove old log files if rotate -1 is specified * return non-zero exit status if a config file contains an error * make copytruncate work with rotate 0 * warn user if both size and the time interval options are used * pass rotated log file name as the 2nd argument of the postrotate script when sharedscript is not enabled * rename logrotate-default to logrotate.conf - Added asc file. ==== lsof ==== - Add lsof-glibc-linux-5.0.patch: Fix build with linux-glibc-devel-5.0 by including sysmacros.h as needed. ==== lzo ==== - Use FAT LTO objects in order to provide proper static library (boo#1133259). ==== mozilla-nspr ==== Version update (4.20 -> 4.21) - update to version 4.21 * Use MAP_SHARED for read-only file mappings on MacOS and Android * Changed prbit.h to use builtin function on aarch64 * Test program build fixes * Minor fixes to support unified builds * Update library copyright notices * Removed Gonk/B2G references ==== mozilla-nss ==== Version update (3.42.1 -> 3.43) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs - update to NSS 3.43 * required by Firefox 67.0 New functions * HASH_GetHashOidTagByHashType - convert type HASH_HashType to type SECOidTag * SSL_SendCertificateRequest - allow server to request post-handshake client authentication. To use this both peers need to enable the SSL_ENABLE_POST_HANDSHAKE_AUTH option. Note that while the mechanism is present, post-handshake authentication is currently not TLS 1.3 compliant due to bug 1532312 Notable changes * The following CA certificates were Added: - emSign Root CA - G1 - emSign ECC Root CA - G3 - emSign Root CA - C1 - emSign ECC Root CA - C3 - Hongkong Post Root CA 3 Bugs fixed * Improve Gyp build system handling (bmo#1528669, bmo#1529308) * Improve NSS S/MIME tests for Thunderbird (bmo#1529950, bmo#1521174) * If Docker isn't installed, try running a local clang-format as a fallback (bmo#1530134) * Enable FIPS mode automatically if the system FIPS mode flag is set (bmo#1531267) * Add a -J option to the strsclnt command to specify sigschemes (bmo#1528262) * Add manual for nss-policy-check (bmo#1513909) * Fix a deref after a null check in SECKEY_SetPublicValue (bmo#1531074) * Properly handle ESNI with HRR (bmo#1517714) * Expose HKDF-Expand-Label with mechanism (bmo#1529813) * Align TLS 1.3 HKDF trace levels (bmo#1535122) * Use getentropy on compatible versions of FreeBSD (bmo#1530102) ==== multipath-tools ==== Version update (0.7.9+139+suse.ed9d450 -> 0.8.1+8+suse.8c11498) Subpackages: kpartx - Disable kmod() style dependencies again (bsc#1119414) * For TW, dependencies will be autogenerated (gh#openSUSE/rpm-config-SUSE#3) * For SLE, feature is currently rejected (jsc#SLE-3853) - Update to version 0.8.1+8+suse.8c11498: * Avoid deadlock situation during udev settle (bsc#1131789, bsc#1125145) - multipath -u: test socket connection in non-blocking mode * Fix priority handling for offline paths (bsc#1118495) - Update to upstream 0.8.1 * Avoid device IO in "multipath -u" (bsc#1125145) * multipathd: protect all access to running_state (bsc##1110060, bsc#1110439) * Improve handling of changed WWIDs and temporary failure to obtain WWID. Option "disable_changed_wwids" is now ignored. * Fixes for PATH_PENDING state handling (bsc#1125043) - Trim %if..%endif guards that do not affect the build result. - Combine %service_* calls to reduce generated code. - Make use of %make_install. - Re-enable kmod-style dependencies for multipath-tools package (bsc#1119414) - Separate out libmpath0 (bsc#1119414) - Spec file improvements * Add Conflicts: for older multipath-tools to libmpath0 * Move license files to the libmpath0 package, which contains the code with complex licensing. The executables are GPL-2.0 anyway. * Remove bogus dependency of -devel package on device-mapper * -devel package depends on libmpath0, not multipath-tools * Remove %dir %{_defaultlicensedir} for SLE12-SP3 and newer (John Vandenberg ) * Remove unused /var/cache/multipath directory * Remove check for multipath maps in %pre and %post * Remove SLE11-specific multipathd service stop / start from %pre / %post * Remove obsolete tools from package description (bsc#1129827) * Add -n to %service_del_{pre,post}un for multipathd.socket - Update to version 0.8.0+17+suse.a28893f: * Code-identical to 0.7.9+139+suse.ed9d450, except for new version number - Disable kmod() style dependencies for now, as they are causing problems with image builds (bsc#1119414). They'd been active for SLE15-SP1 only, anyway. - _service: determine "tag offset" manually, the patch count determined by git is far too high. ==== ncurses ==== Subpackages: libncurses6 ncurses-utils terminfo terminfo-base - Make pkg-config files .pc consistent - Add ncurses patch 20190511 + fix a spurious blank line seen with "infocmp -1fx xterm+x11mouse" + add checks in repair_subwindows() to keep the current position and scroll-margins inside the resized subwindow. + add a limit check in newline_forces_scroll() for the case where the row is inside scroll-margins, but not at the end (report by Toshio Kuratomi, cf: 20170729). + corrected a warning message in tic for extended capabilities versus number of parameters. - Add ncurses patch 20190504 + improve workaround for Solaris wcwidth versus line-drawing characters (report by Pavel Stehule). + add special case in tic to validate RGB string-capability extension. + corrected string/parameter-field for RGB in Caps-ncurses. - Add ncurses patch 20190427 + corrected problem in terminfo load/realignment which prevented infocmp from comparing extended capabilities with the same name but different types. - Add ncurses patch 20190420 + improve ifdef's for TABSIZE variable, to help with AIX/HPUX ports. - Add ncurses patch 20190413 + check for TABSIZE variable in test/configure script. + used test/test_arrays.c to improve Caps.aix1 and Caps.hpux11 + corrected filtering of comments in MKparametrized.sh + reduce duplication across Caps* files by moving some parts which do not depend on order into Caps-ncurses. - Add ncurses patch 20190406 + modify MKcaptab.sh, MKkey_defs.sh, and MKhashsize.sh to handle split-up Caps-files. + build-fixes if extended-functions are disabled. - Add ncurses patch 20190330 + add "screen5", to mention italics (report by Stefan Assmann) + modify description of xterm+x11hilite to eliminate unused p5 -TD + add configure script checks to help with a port to Ultrix 3.1 (report by Dennis Grevenstein). + check if "b" binary feature of fopen works + check for missing feature of locale.h + add fallback for strstr() in test-programs + add fallback for STDOUT_FILENO in test-programs + update config.guess, config.sub ==== netcfg ==== - Remove pre/post install to get rid of coreutils dependency. We don't support upgrading of this old code anymore and coreutils is not wanted in busybox containers. - Update services.bz2 ==== nghttp2 ==== Version update (1.36.0 -> 1.38.0) - Update to 1.38.0: * This release fixes the bug that authority and path altered by per-pattern mruby script can affect backend selection on retry. * It also fixes the bug that HTTP/1.1 chunked request stalls. * Now nghttpx does not log authorization request header field value with -LINFO. * This release fixes possible backend stall when header and request body are sent in their own packets. * The backend option gets weight parameter to influence backend selection. * This release fixes compile error with BoringSSL. - Add patch from upstream to build with new boost bsc#1134616: * boost170.patch ==== numactl ==== - Disable LTO (boo#1133098). ==== open-lldp ==== Subpackages: liblldp_clif1 - Add disable-werror.patch. - Disable -Werror (boo#1128299) and remove gcc9-fix-werror.patch. ==== open-vm-tools ==== Subpackages: libvmtools0 - Update vmtoolsd.service tools to run after the network service is ready. (bsc#1133623) - Link VGAuthService to libxmlsec1 rather than libxml-security-c in SLES 12 SP3. (bsc#1122435) ==== openldap2 ==== - bsc#1111388 - incorrect post script call causes tmpfiles create not to be run. ==== openssh ==== - Fix a crash with GSSAPI key exchange (bsc#1136104) * modify openssh-7.7p1-gssapi_key_exchange.patch ==== openssl ==== Version update (1.1.0h -> 1.1.1b) - Update to 1.1.1b release - Update to 1.1.1a release - Update to 1.1.1 release - Update to 1.1.1~pre9 (Beta 7) - Update to 1.1.0i release ==== openssl-1_1 ==== Version update (1.1.0h -> 1.1.1b) Subpackages: libopenssl1_1 - Drop bc and ed BuildRequires: I could not find any reference to these tools being used during build or check. - Use upstream-approved patch for the handling of strerror_r * https://github.com/openssl/openssl/pull/8371 - add openssl-fix-handling-of-GNU-strerror_r.patch - drop strerror.patch - Update to 1.1.1b * Added SCA hardening for modular field inversion in EC_GROUP through a new dedicated field_inv() pointer in EC_METHOD. * Change the info callback signals for the start and end of a post-handshake message exchange in TLSv1.3. In 1.1.1/1.1.1a we used SSL_CB_HANDSHAKE_START and SSL_CB_HANDSHAKE_DONE. Experience has shown that many applications get confused by this and assume that a TLSv1.2 renegotiation has started. This can break KeyUpdate handling. Instead we no longer signal the start and end of a post handshake message exchange (although the messages themselves are still signalled). This could break some applications that were expecting the old signals. However without this KeyUpdate is not usable for many applications. * Fix a bug in the computation of the endpoint-pair shared secret used by DTLS over SCTP. This breaks interoperability with older versions of OpenSSL like OpenSSL 1.1.0 and OpenSSL 1.0.2. There is a runtime switch SSL_MODE_DTLS_SCTP_LABEL_LENGTH_BUG (off by default) enabling interoperability with such broken implementations. However, enabling this switch breaks interoperability with correct implementations. * Fix a use after free bug in d2i_X509_PUBKEY when overwriting a re-used X509_PUBKEY object if the second PUBKEY is malformed. * Move strictness check from EVP_PKEY_asn1_new() to EVP_PKEY_asn1_add0() - Add strerror.patch to avoid problems with strerror_r() not setting the provided buf - Add s390x poly1305 vectorized implementation (fate#326351) * https://github.com/openssl/openssl/pull/7991 - add 0001-crypto-poly1305-asm-poly1305-s390x.pl-add-vx-code-pa.patch - Add s390x chacha20 vectorized implementation (fate#326561) * https://github.com/openssl/openssl/pull/6919 - added patches: 0001-s390x-assembly-pack-perlasm-support.patch 0002-crypto-chacha-asm-chacha-s390x.pl-add-vx-code-path.patch - Update to 1.1.1a * Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). The old names are retained for backwards compatibility. * Fixed the issue that RAND_add()/RAND_seed() silently discards random input if its length exceeds 4096 bytes. The limit has been raised to a buffer size of two gigabytes and the error handling improved. - drop upstream patches: * 0001-Add-a-constant-time-flag-to-one-of-the-bignums-to-av.patch * 0001-DSA-Check-for-sanity-of-input-parameters.patch * 0001-DSA-mod-inverse-fix.patch * openssl-CVE-2018-0734.patch * openssl-CVE-2018-0735.patch - OpenSSL Security Advisory [30 October 2018] * Timing vulnerability in ECDSA signature generation (bsc#1113651, CVE-2018-0735) * Timing vulnerability in DSA signature generation (bsc#1113652, CVE-2018-0734) * And more timing fixes - Add patches: * openssl-CVE-2018-0734.patch * openssl-CVE-2018-0735.patch * 0001-DSA-mod-inverse-fix.patch * 0001-Add-a-constant-time-flag-to-one-of-the-bignums-to-av.patch - Fix infinite loop in DSA generation with incorrect parameters (bsc#1112209) * 0001-DSA-Check-for-sanity-of-input-parameters.patch - Explictly select "getrandom" system call as the seed source, it is the safer/best performing choice on linux. - do not force -std=gnu99, pick the compiler default. - Update to 1.1.1 release * This is the first official release of the OpenSSL 1.1.1 branch which brings TLS 1.3 support - remove all TLS 1.3 ciphers from the DEFAULT_SUSE cipher list as they are configured differently * modified openssl-DEFAULT_SUSE_cipher.patch - drop obsolete openssl-pretend_we_are_not_beta.patch - Update to 1.1.1-pre9 (Beta 7) * Support for TLSv1.3 added * Move the display of configuration data to configdata.pm. * Allow GNU style "make variables" to be used with Configure. * Add a STORE module (OSSL_STORE) * Claim the namespaces OSSL and OPENSSL, represented as symbol prefixes * Add multi-prime RSA (RFC 8017) support * Add SM3 implemented according to GB/T 32905-2016 * Add SM4 implemented according to GB/T 32907-2016. * Add 'Maximum Fragment Length' TLS extension negotiation and support * Add ARIA support * Add SHA3 * Rewrite of devcrypto engine * Add support for SipHash * Grand redesign of the OpenSSL random generator - pretend the release is not a Beta, to avoid "OpenSSL version mismatch" with OpenSSH * add openssl-pretend_we_are_not_beta.patch - drop FIPS support * don't build with FIPS mode (not supported in 1.1.1) * don't create the -hmac subpackages - drop FIPS patches * openssl-fips-clearerror.patch * openssl-fips-dont-fall-back-to-default-digest.patch * openssl-fips-dont_run_FIPS_module_installed.patch * openssl-fips-fix-odd-rsakeybits.patch * openssl-fips-rsagen-d-bits.patch * openssl-fips-selftests_in_nonfips_mode.patch * openssl-fips_disallow_ENGINE_loading.patch * openssl-rsakeygen-minimum-distance.patch * openssl-1.1.0-fips.patch * openssl-urandom-reseeding.patch * openssl-CVE-2018-0737-fips.patch - add TLS 1.3 ciphers to DEFAULT_SUSE - merge openssl-1.0.1e-add-suse-default-cipher.patch and openssl-1.0.1e-add-test-suse-default-cipher-suite.patch to openssl-DEFAULT_SUSE_cipher.patch - drop patches: * openssl-static-deps.patch (upstream) * 0001-Resume-reading-from-randfile-when-interrupted-by-a-s.patch * openssl-disable_rsa_keygen_tests_with_small_modulus.patch * 0001-Axe-builtin-printf-implementation-use-glibc-instead.patch - drop s390x patches * 0002-crypto-modes-asm-ghash-s390x.pl-fix-gcm_gmult_4bit-K.patch * 0004-s390x-assembly-pack-add-OPENSSL_s390xcap-environment.patch * 0005-s390x-assembly-pack-add-OPENSSL_s390xcap-man-page.patch * 0006-s390x-assembly-pack-extended-s390x-capability-vector.patch * 0007-crypto-evp-e_aes.c-add-foundations-for-extended-s390.patch * 0008-s390x-assembly-pack-extended-s390x-capability-vector.patch * 0009-crypto-aes-asm-aes-s390x.pl-add-KMA-code-path.patch * 0010-doc-man3-OPENSSL_s390xcap.pod-update-KMA.patch * 0011-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch * 0012-s390x-assembly-pack-add-KMA-code-path-for-aes-gcm.patch * 0013-crypto-aes-asm-aes-s390x.pl-add-CFI-annotations-KMA-.patch - Update to 1.1.0i OpenSSL Security Advisory [12 June 2018] * Reject excessively large primes in DH key generation (bsc#1097158, CVE-2018-0732) * Make EVP_PKEY_asn1_new() a bit stricter about its input * Revert blinding in ECDSA sign and instead make problematic addition length-invariant. Switch even to fixed-length Montgomery multiplication. * Change generating and checking of primes so that the error rate of not being prime depends on the intended use based on the size of the input. * Increase the number of Miller-Rabin rounds for DSA key generating to 64. * Add blinding to ECDSA and DSA signatures to protect against side channel attacks * When unlocking a pass phrase protected PEM file or PKCS#8 container, we now allow empty (zero character) pass phrases. * Certificate time validation (X509_cmp_time) enforces stricter compliance with RFC 5280. Fractional seconds and timezone offsets are no longer allowed. * Fixed a text canonicalisation bug in CMS - drop patches (upstream): * 0001-Limit-scope-of-CN-name-constraints.patch * 0001-Revert-util-dofile.pl-only-quote-stuff-that-actually.patch * 0001-Tolerate-a-Certificate-using-a-non-supported-group-o.patch * 0002-Skip-CN-DNS-name-constraint-checks-when-not-needed.patch - refresh patches: * openssl-1.1.0-fips.patch * openssl-disable_rsa_keygen_tests_with_small_modulus.patch - rename openssl-CVE-2018-0737.patch to openssl-CVE-2018-0737-fips.patch as it now only includes changes to the fips code ==== p11-kit ==== Subpackages: libp11-kit0 p11-kit-tools - Move RPM macros to %_rpmmacrodir. ==== pam ==== - Add virtual symbols for login.defs compatibility (bsc#1121197). - Add login.defs safety check pam-login_defs-check.sh (bsc#1121197). ==== pam-config ==== Version update (0.96 -> 1.0) - Update to version 1.0: - Add search in different locations for config files - Add support for pam_mktemp [bsc#1123878] ==== patterns-containers ==== Subpackages: patterns-containers-container_runtime patterns-containers-container_runtime_kubernetes patterns-containers-kubeadm - kubeadm pattern: - add cilium-k8s-yaml - kubeadm pattern: - remove multipath-tools, no need to install it by default - kubeadm pattern: - Adjust name of kured yaml file to kured-k8s-yaml - Add metallb-k8s-yaml - Add kubic_worker and kubic_admin patterns [boo#1134332] - Correctly obsolete patterns-caasp-* version 4.0 ==== patterns-microos ==== Subpackages: patterns-microos-alt_onlyDVD patterns-microos-apparmor patterns-microos-base patterns-microos-basesystem patterns-microos-cloud patterns-microos-defaults patterns-microos-hardware patterns-microos-ima_evm patterns-microos-onlyDVD patterns-microos-selinux patterns-microos-sssd_ldap - Add multipath-tools to DVD for the case the installer needs it - Add wpa_supplicant to media [boo#1134429] - Add cryptsetup to media [bsc#1134139] - Remove salt-master and -minion from onlyDVD pattern Not needed for MicroOS, will be used in Kubic via system_roles - Correctly obsolete patterns-caasp-* version 4.0 ==== pcre2 ==== Version update (10.32 -> 10.33) - Update to 10.33-RC1 to fix issue with LTO (boo#1133274). * Callouts from pcre2_substitute() are now available. * The POSIX functions are now all called pcre2_regcomp() etc., with wrapper functions that use the standard POSIX names. However, in pcre2posix.h the POSIX names are defined as macros. This should help avoid linking with the wrong library in some environments, while still exporting the POSIX names for pre-existing programs that use them. * Some new options: (a) PCRE2_EXTRA_ESCAPED_CR_IS_LF makes \r behave as \n. (b) PCRE2_EXTRA_ALT_BSUX enables support for ECMAScript 6's \u{hh...} construct. (c) PCRE2_COPY_MATCHED_SUBJECT causes a copy of a matched subject to be made, instead of just remembering a pointer. * Some new Perl features: (a) Perl 5.28's experimental alphabetic names for atomic groups and lookaround assertions, for example, (*pla:...) and (*atomic:...). (b) The new Perl "script run" features (*script_run:...) and (*atomic_script_run:...) aka (*sr:...) and (*asr:...). (c) When PCRE2_UTF is set, allow non-ASCII letters and decimal digits in capture group names. * --disable-percent-zt disables the use of %zu and %td in formatting strings in pcre2test. They were already automatically disabled for VC and older C compilers. * Some changes related to callouts in pcre2grep: (a) Support for running an external program under VMS has been added, in addition to Windows and fork() support. (b) --disable-pcre2grep-callout-fork restricts the callout support in to the inbuilt echo facility. - Disable LTO (boo#1133274). ==== permissions ==== Version update (20190212 -> 20190429) - Fixed versions. Removed set_version from _service file, doesn't work with the new packaging. Call fix_version.sh to set current date as version instead - Fixed requires for -config and -zypp-plugin - Update to version 20190429: * removed entry for /var/cache/man. Conflicts with packaging and man:man is the better setting anyway (bsc#1133678) * fixed error in description of permissions.paranoid. Make it clear that this is not a usable profile, but intended as a base for own developments - Fix RPM group, fix hard requirement on documentation. Update description typography. - Created new subpackages -config, -doc and standalone package chkstat where we can start a better versioning scheme and require it from the original package ==== podman ==== Version update (1.2.0 -> 1.3.1) Subpackages: podman-cni-config - Update podman to v1.3.1: - The podman cp command can now read input redirected to STDIN, and output to STDOUT instead of a file, using - instead of an argument. - The Podman remote client now displays version information from both the client and server in podman version - The podman unshare command has been added, allowing easy entry into the user namespace set up by rootless Podman (allowing the removal of files created by rootless Podman, among other things) - Fixed a bug where Podman containers with the --rm flag were removing created volumes when they were automatically removed - Fixed a bug where container and pod locks were incorrectly marked as released after a system reboot, causing errors on container and pod removal - Fixed a bug where Podman pods could not be removed if any container in the pod encountered an error during removal - Fixed a bug where Podman pods run with the cgroupfs CGroup driver would encounter a race condition during removal, potentially failing to remove the pod CGroup - Fixed a bug where the podman container checkpoint and podman container restore commands were not visible in the remote client - Fixed a bug where podman remote ps --ns would not print the container's namespaces - Fixed a bug where removing stopped containers with healthchecks could cause an error - Fixed a bug where the default libpod.conf file was causing parsing errors - Fixed a bug where pod locks were not being freed when pods were removed, potentially leading to lock exhaustion - Fixed a bug where 'podman run' with SD_NOTIFY set could, on short-running containers, create an inconsistent state rendering the container unusable - The remote Podman client now uses the Varlink bridge to establish remote connections by default - Update conmon to 0.2.0 and switched to containers/conmon upstream project - Update `systemd-devel` to actually be `pkgconfig(libsystemd)` to allow OBS to shortcut through systemd-mini-devel - Update podman to v1.3.0 * Podman now supports container restart policies! The --restart-policy flag on podman create and podman run allows containers to be restarted after they exit. Please note that Podman cannot restart containers after a system reboot - for that, see our next feature * Podman podman generate systemd command was added to generate systemd unit files for managing Podman containers * The podman runlabel command now allows a $GLOBAL_OPTS variable, which will be populated by global options passed to the podman runlabel command, allowing custom storage configurations to be passed into containers run with runlabel * The podman play kube command now allows File and FileOrCreate volumes * The podman pod prune command was added to prune unused pods * Added the podman system migrate command to migrate containers using older configurations to allow their use by newer Libpod versions * Podman containers now forward proxy-related environment variables from the host into the container with the --http-proxy flag (enabled by default) * Read-only Podman containers can now create tmpfs filesystems on /tmp, /var/tmp, and /run with the --read-only-tmpfs flag (enabled by default) * The podman init command was added, performing all container pre-start tasks without starting the container to allow pre-run debugging - Update conmon to cri-o v1.14.1 - Update libpod.conf to match latest feature set ==== python-Jinja2 ==== Version update (2.10 -> 2.10.1) - Trim bias from descriptions. Make sure % is escaped. - update to version 2.10.1 (bsc#1132323, CVE-2019-10906, bsc#1125815, CVE-2019-8341): * "SandboxedEnvironment" securely handles "str.format_map" in order to prevent code execution through untrusted format strings. The sandbox already handled "str.format". ==== python-base ==== Version update (2.7.15 -> 2.7.16) Subpackages: libpython2_7-1_0 - bsc#1130847 (CVE-2019-9948) add CVE-2019-9948-avoid_local-file.patch removing unnecessary (and potentially harmful) URL scheme local-file://. - bsc#1129346: add CVE-2019-9636-netloc-no-decompose-characters.patch Characters in the netloc attribute that decompose under NFKC normalization (as used by the IDNA encoding) into any of ``/``, ``?``, ``#``, ``@``, or ``:`` will raise a ValueError. If the URL is decomposed before parsing, or is not a Unicode string, no error will be raised. Upstream commits e37ef41 and 507bd8c. - Update to 2.7.16: * bugfix-only release: complete list of changes on https://github.com/python/cpython/blob/2.7/Misc/NEWS.d/2.7.16rc1.rst * Removed openssl-111.patch and CVE-2018-1000802-shutil_use_subprocess_no_spawn.patch which are fully included in the tarball. * Updated patches to apply cleanly: CVE-2019-5010-null-defer-x509-cert-DOS.patch bpo36160-init-sysconfig_vars.patch do-not-use-non-ascii-in-test_ssl.patch openssl-111-middlebox-compat.patch openssl-111-ssl_options.patch python-2.5.1-sqlite.patch python-2.6-gettext-plurals.patch python-2.7-dirs.patch python-2.7.2-fix_date_time_compiler.patch python-2.7.4-canonicalize2.patch python-2.7.5-multilib.patch python-2.7.9-ssl_ca_path.patch python-bsddb6.diff remove-static-libpython.diff * Update python-2.7.5-multilib.patch to pass with new platlib regime. ==== python-cffi ==== Version update (1.12.2 -> 1.12.3) - Update to 1.12.3 * Fix for nested struct types that end in a var-sized array (#405). * Add support for using U and L characters at the end of integer constants in ffi.cdef() (thanks Guillaume). * More 3.8 fixes. ==== python-ecdsa ==== Version update (0.13 -> 0.13.2) - update to 0.13.2 - enable tests - fix requires * python packaging fixes ==== python-ipy ==== Version update (0.83 -> 1.00) - version update to 1.00 * Fix IPv6 string interpretation for small ints * Various Python3 language fixes * consider 127.0 range LOOPBACK not PRIVATE ==== python-jsonpatch ==== - Removing conflict with jsondiff * Reasoning: - moto requires cfn-lint and jsondiff - cfn-lint requires jsonpatch ==== python-jsonschema ==== Version update (3.0.1 -> 2.6.0) - Add non-updating note to the SPEC file - downgrade to < 3.0.0 again to fix all openstack clients ==== python-pycryptodome ==== Version update (3.7.2 -> 3.8.1) - Use -fno-strict-aliasing in order to bypass: https://github.com/Legrandin/pycryptodome/issues/291. - Update to 3.8.1 * Add support for loading PEM files encrypted with AES192-CBC, AES256-CBC, and AES256-GCM. * When importing ECC keys, ignore EC PARAMS section that was included by some openssl commands. * repr() did not work for ECC.EccKey. * Minimal length for Blowfish cipher is 32 bits, not 40 bits. 3.8.0 * Speed-up ECC performance. ECDSA is 33 times faster on the NIST P-256 curve. * Added support for NIST P-384 and P-521 curves. * EccKey has new methods size_in_bits() and size_in_bytes(). * Support HMAC-SHA224, HMAC-SHA256, HMAC-SHA384, and HMAC-SHA512 in PBE2/PBKDF2. * DER objects were not rejected if their length field had a leading zero. * Allow legacy RC2 ciphers to have 40-bit keys. * point_at_infinity() becomes an instance method for Crypto.PublicKey.ECC.EccKey, from a static one. 3.7.3 * GH#258: False positive on PSS signatures when externally provided salt is too long. ==== python-pyparsing ==== Version update (2.3.0+git.1546912853.bf348d6 -> 2.4.0) - update to 2.4.0 - drop nose_to_unittest.patch - drop _service * Adds a pyparsing.__compat__ object for specifying compatibility with future breaking changes. * Conditionalizes the API-breaking behavior, based on the value pyparsing.__compat__.collect_all_And_tokens. By default, this value will be set to True, reflecting the new bugfixed behavior. * User code that is dependent on the pre-bugfix behavior can restore it by setting this value to False. * Updated unitTests.py and simple_unit_tests.py to be compatible with "python setup.py test". * Fixed bug in runTests handling '\n' literals in quoted strings. * Added tag_body attribute to the start tag expressions generated by makeHTMLTags, so that you can avoid using SkipTo to roll your own tag body expression: * indentedBlock failure handling was improved * Address Py2 incompatibility in simpleUnitTests, plus explain() and Forward str() cleanup * Fixed docstring with embedded '\w', which creates SyntaxWarnings in Py3.8. * Added example parser for rosettacode.org tutorial compiler. * Added example to show how an HTML table can be parsed into a collection of Python lists or dicts, one per row. * Updated SimpleSQL.py example to handle nested selects, reworked 'where' expression to use infixNotation. * Added include_preprocessor.py, similar to macroExpander.py. * Examples using makeHTMLTags use new tag_body expression when retrieving a tag's body text. * Updated examples that are runnable as unit tests - Do not BuildRequire python-unittest2 when no tests are executed. This breaks a build cycle for pyparsing->unittest2->traceback2->pbr-> Pygments->pytest->setuptools_scm->packaging which needs pyparsing ==== python-pyserial ==== - Remove unnecessary Windows and OSX modules from runtime package - Remove Mono and Java CLI modules from runtime package - Activate test suite - Fix fdupes, hashbangs and executable bits - Remove non-break-space in python-pyserial.changes with normal space ==== python-pytz ==== Version update (2018.9 -> 2019.1) - update to 2019.1 * Raise UnknownTimeZoneError if provided timezone name is None * Use early python2 compatible str formatting * timezone constructor arg is case-insensitive * Add _all_timezones_lower_to_standard to gen_tzinfo ==== python-requests ==== Version update (2.21.0 -> 2.22.0) - Update to 2.22.0: * Requests now supports urllib3 v1.25.2. (note: 1.25.0 and 1.25.1 are incompatible) - Rebase requests-no-hardcoded-version.patch - Do not hardcode version requirements in setup.py allowing us to update and verify functionality on our own: * requests-no-hardcoded-version.patch ==== python-rpm-macros ==== Version update (20190402.c88be49 -> 20190430.5260267) - Update to version 20190430.5260267: * Yet another attempt to preserve $PYTHONPATH set in the environment. * Document also %pytest_arch * Document %pytest in README.md - Update to version 20190408.32abece bsc#1128323: * Multiline macros don't work correctly on older RPMs. ==== python-semanage ==== - Disable LTO (boo#1133280). ==== python-setuptools ==== Version update (40.8.0 -> 41.0.1) - update to version 41.0.1: * #1671: Fixed issue with the PEP 517 backend that prevented building a wheel when the dist/ directory contained existing .whl files. * #1709: In test.paths_on_python_path, avoid adding unnecessary duplicates to the PYTHONPATH. * #1741: In package_index, now honor "current directory" during a checkout of git and hg repositories under Windows - update to 41.0.0 * #1735: When parsing setup.cfg files, setuptools now requires the files to be encoded as UTF-8. Any other encoding will lead to a UnicodeDecodeError. This change removes support for specifying an encoding using a 'coding: ' directive in the header of the file, a feature that was introduces in 40.7. Given the recent release of the aforementioned feature, it is assumed that few if any projects are utilizing the feature to specify an encoding other than UTF-8. ==== python-urllib3 ==== Version update (1.24.1 -> 1.24.2) - Update to 1.24.2: - Implemented a more efficient HTTPResponse.__iter__() method. (Issue #1483) - Upgraded urllib3.utils.parse_url() to be RFC 3986 compliant. (Pull #1487) - Remove Authorization header regardless of case when redirecting to cross-site. (Issue #1510) - Added support for key_password for HTTPSConnectionPool to use encrypted key_file without creating your own SSLContext object. (Pull #1489) - Fixed issue where OpenSSL would block if an encrypted client private key was given and no password was given. Instead an SSLError is raised. (Pull #1489) - Require and validate certificates by default when using HTTPS (Pull #1507) - Added support for Brotli content encoding. It is enabled automatically if brotlipy package is installed which can be requested with urllib3[brotli] extra. (Pull #1532) - Add TLSv1.3 support to CPython, pyOpenSSL, and SecureTransport SSLContext implementations. (Pull #1496) - Drop ciphers using DSS key exchange from default TLS cipher suites. Improve default ciphers when using SecureTransport. (Pull #1496) - Add support for IPv6 addresses in subjectAltName section of certificates. (Issue #1269) - Switched the default multipart header encoder from RFC 2231 to HTML 5 working draft. (Issue #303, PR #1492) ==== rdma-core ==== Version update (22.1 -> 23.1) Subpackages: libibverbs libibverbs1 libmlx4-1 libmlx5-1 librdmacm1 - Update to rdma-core v23.1 - No release notes available - Replace prebuild-pandoc.sh by post_download.sh to patch the spec file form upstream for OBS setup - Update to rdma-core v23 - No release notes available - Enable pyverbs package - Remove patches that were merged upstream - Update-kernel-headers.patch - bnxt_re-lib-Enable-Broadcom-s-57500-RoCE-adapter.patch ==== reiserfs ==== - Use %make_build. - Use FAT LTO objects in order to provide proper static library (boo#1133282). - fix build for older distros ==== rpm ==== - backport "push name/epoch/version/release macro before invoking depgens" change for correct generation of dependencies by other dep generators * new patch: rpmfc-push-name-epoch-version-release-macro-before-invoking-depgens.patch ==== rpm-config-SUSE ==== Version update (0.g11 -> 0.g14) - Don't use bash syntax in %install_info macro [bsc#1131957] ==== rsync ==== - Fixed bug numbers in spec file - Add patch: rsync-fix-prealloc-to-keep-file-size-0-when-possible.patch (boo#1108562) ==== runc ==== Version update (1.0.0~rc6 -> 1.0.0~rc8) - Upgrade to runc v1.0.0~rc8. Upstream changelog is available from https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc8 - Includes upstreamed patches for regressions (bsc#1131314 bsc#1131553). - Remove upstreamed patches: - CVE-2019-5736.patch ==== salt ==== Version update (2018.3.2 -> 2019.2.0) Subpackages: python3-salt salt-master salt-minion - Switch firewalld state to use change_interface (bsc#1132076) - Added: * switch-firewalld-state-to-use-change_interface.patch - Fix async-batch to fire a single done event - Added: * fix-async-batch-multiple-done-events.patch - Do not make Salt CLI to crash when there are IPv6 established connections (bsc#1130784) - Added: * do-not-crash-when-there-are-ipv6-established-connect.patch - Include aliases in FQDNS grain (bsc#1121439) - Fix issue preventing syndic to start - Update year on spec copyright notice - Added: * fix-syndic-start-issue.patch - Use ThreadPool from multiprocessing.pool to avoid leakings when calculating FQDNs - Do not report patches as installed on RHEL systems when not all the related packages are installed (bsc#1128061) - Added: * use-threadpool-from-multiprocessing.pool-to-avoid-le.patch * do-not-report-patches-as-installed-when-not-all-the-.patch - Update to 2019.2.0 complete (FATE#327138, bsc#1133523) - Fix batch/batch-async related issues - Calculate FQDNs in parallel to avoid blockings (bsc#1129079) - Incorporate virt.volume_info fixes (PR#131) - Re-adds patch because of increased offset due to previous patch removal - Removing patch to add root parameter to zypper module - Fix for -t parameter in mount module - Added: * mount-fix-extra-t-parameter.patch * add-batch_presence_ping_timeout-and-batch_presence_p.patch * fix-async-batch-race-conditions.patch * calculate-fqdns-in-parallel-to-avoid-blockings-bsc-1.patch - Modified: * don-t-call-zypper-with-more-than-one-no-refresh.patch * add-virt.volume_infos-and-virt.volume_delete.patch - Removed: * zypper-add-root-configuration-parameter.patch - No longer limiting Python3 version to <3.7 - Async batch implementation - Added: * async-batch-implementation.patch - Update to Salt 2019.2.0 release For further information see: https://docs.saltstack.com/en/latest/topics/releases/2019.2.0.html - Added: * add-virt.all_capabilities.patch * add-virt.volume_infos-and-virt.volume_delete.patch * don-t-call-zypper-with-more-than-one-no-refresh.patch * include-aliases-in-the-fqdns-grains.patch * temporary-fix-extend-the-whitelist-of-allowed-comman.patch - Removed: * accounting-for-when-files-in-an-archive-contain-non-.patch * add-engine-relaying-libvirt-events.patch * add-other-attribute-to-gecos-fields-to-avoid-inconsi.patch * add-support-for-python-3.7.patch * align-suse-salt-master.service-limitnofiles-limit-wi.patch * avoid-incomprehensive-message-if-crashes.patch * change-stringio-import-in-python2-to-import-the-clas.patch * decode-file-contents-for-python2-bsc-1102013.patch * do-not-override-jid-on-returners-only-sending-back-t.patch * don-t-error-on-retcode-0-in-libcrypto.openssl_init_c.patch * feat-add-grain-for-all-fqdns.patch * fix-async-call-to-process-manager.patch * fix-decrease-loglevel-when-unable-to-resolve-addr.patch * fix-deprecation-warning-bsc-1095507.patch * fix-diffing-binary-files-in-file.get_diff-bsc-109839.patch * fix-for-ec2-rate-limit-failures.patch * fix-for-errno-0-resolver-error-0-no-error-bsc-108758.patch * fix-for-sorting-of-multi-version-packages-bsc-109717.patch * fix-index-error-when-running-on-python-3.patch * fix-latin1-encoding-problems-on-file-module-bsc-1116.patch * fix-mine.get-not-returning-data-workaround-for-48020.patch * fix-unboundlocalerror-in-file.get_diff.patch * fixed-usage-of-ipaddress.patch * fixing-issue-when-a-valid-token-is-generated-even-wh.patch * get-os_family-for-rpm-distros-from-the-rpm-macros.-u.patch * improved-handling-of-ldap-group-id.patch * only-do-reverse-dns-lookup-on-ips-for-salt-ssh.patch * option-to-merge-current-pillar-with-opts-pillar-duri.patch * prepend-current-directory-when-path-is-just-filename.patch * prevent-zypper-from-parsing-repo-configuration-from-.patch * remove-old-hack-when-reporting-multiversion-packages.patch * retire-md5-checksum-for-pkg-mgmt-plugins.patch * show-recommendations-for-salt-ssh-cross-version-pyth.patch * strip-trailing-commas-on-linux-user-gecos-fields.patch * support-use-of-gce-instance-credentials-109.patch * update-error-list-for-zypper.patch * x509-fixes-for-remote-signing-106.patch - Modified: * add-all_versions-parameter-to-include-all-installed-.patch * add-cpe_name-for-osversion-grain-parsing-u-49946.patch * add-environment-variable-to-know-if-yum-is-invoked-f.patch * add-hold-unhold-functions.patch * add-saltssh-multi-version-support-across-python-inte.patch * azurefs-gracefully-handle-attributeerror.patch * bugfix-any-unicode-string-of-length-16-will-raise-ty.patch * debian-info_installed-compatibility-50453.patch * do-not-load-pip-state-if-there-is-no-3rd-party-depen.patch * fall-back-to-pymysql.patch * fix-for-suse-expanded-support-detection.patch * fix-git_pillar-merging-across-multiple-__env__-repos.patch * fix-ipv6-scope-bsc-1108557.patch * fix-issue-2068-test.patch * fix-zypper.list_pkgs-to-be-aligned-with-pkg-state.patch * fixes-cve-2018-15750-cve-2018-15751.patch * get-os_arch-also-without-rpm-package-installed.patch * integration-of-msi-authentication-with-azurearm-clou.patch * loosen-azure-sdk-dependencies-in-azurearm-cloud-driv.patch * remove-arch-from-name-when-pkg.list_pkgs-is-called-w.patch * use-adler32-algorithm-to-compute-string-checksums.patch * x509-fixes-111.patch * zypper-add-root-configuration-parameter.patch - Add root parameter to Zypper module - Added: * zypper-add-root-configuration-parameter.patch ==== sg3_utils ==== Version update (1.43 -> 1.45~815+5.6aa67ed) - Update to version 1.45~815+5.6aa67ed: * 59-fc-wwpn-id.rules: fix rule syntax (bsc#1133418) - Update to svn r815: * sg_opcodes: expand MLU (spc5r20) * sg_inq: update version descriptors to spc5r21 * sg_vpd: 3pc VPD page add copy group descriptor * sg_xcopy: add --fco (fast copy only) (spc5r20) and --app=1 * add nanosecond durations with SG3_UTILS_LINUX_NANO - Earlier SUSE fixes now included upstream: * 58-scsi-sg3_symlink.rules: don't skip multipath members (bsc#1085212) [r815] * rescan-scsi-bus.sh: terminate scanning if last lun got removed (bsc#1087008) [r815] * Add scsi-enable-target-scan.sh (bsc#954600) [r814] * shellcheck cleanups for rescan-scsi-bus.sh [r814] - Replace old $RPM_* shell vars. - Spec file: * add fc_wwpn_id (bsc#1005063) * add lun masking service (bsc#954600) * drop BuildRequires on udev * replace unversioned "Provides: scsi" with versioned - Update to version sg3_utils-1.45~803+31.564be3d: * New versioning scheme for upstream pre-release: 1.45 - upstream release target, 803 - upstream svn id, +31: SUSE commits on top of svn, 564be3d - git hash * rescan-scsi-bus.sh: terminate scanning if last lun got removed (bsc#1087008) * 58-scsi-sg3_symlink.rules: don't skip multipath members (bsc#1085212) * Add scsi-enable-target-scan.sh (bsc#954600) - Update to svn r803: * sg_opcodes: expand MLU (18-102r0) * sg_format: add --dcrt used twice (FOV=1 DCRT=0) * rescan-scsi-bus: widen LUN 0 only scanning (bsc#1069384) - Earlier SUSE fixes included in 1.45: * rescan-scsi-bus.sh: use LUN wildcard in idlist (bsc#1069384) [svn: r795] * sg_ses: fixup page decoding (bsc#1077787) [svn: r795] * sg_ses: allow to decode raw data instead of reading from a device (bsc#1050943) [svn: r795] - Update to sg3_utils-1.44 [20180912] [svn: r791] * rescan-scsi-bus.sh: harden code - bump version to 20180615 - add --ignore-rev to ignore revision change * introduce SG3_UTILS_DSENSE environment variable * sginfo: don't open /dev/snapshot * sg_timestamp: add '--no-timestamp' option - add --elapsed and --hex options * sg_wr_mode: add --rtd option for RTD bi * sg_unmap: add --all=ST,RN[,LA] option * sgm_dd, sg_dd: add --dry-run and --verbose options * sg_inq+sg_vpd: update Extended inquiry data vpd page * sg_ses: add 'hw_reset' and 'sw_reset' to enclosure services controller electronics element type (18-047r1) * sg_decode sense: add --cdb and --err=ES options * sg_format: add --dry-run option - extend --wait timeout for > 4TB disks * sg_sanitize: add --dry-run option - Earlier SUSE fixes included in 1.44: * sg_inq: decode standard INQUIRY for CD-ROMs correctly (bsc#1065448, bsc#1070431) [svn: r742] * sg_inq: export all NAA values (bsc#1050767) [svn: r715] * Add fc_wwpn_id to generate by-path links for fibrechannel (bsc#1005063) (svn@715) * sg_vpd: struct opts_t misaligment (bsc#1050943) [svn: r707] ==== shadow ==== - Split shadow-login_defs.patch hunks to its logical components (bsc#1121197): * shadow-login_defs-unused-by-pam.patch * shadow-login_defs-comments.patch * shadow-login_defs-util-linux.patch * shadow-login_defs-suse.patch * Move appropriate hunks to chkname-regex.patch and encryption_method_nis.patch * Remove GROUPADD_CMD that is not supported (bsc#1121197#c14). - Split getdef-new-defs.patch hunks to its logical components (bsc#1121197): * encryption_method_nis.patch * chkname-regex.patch * shadow-util-linux.patch Add support for login: ALWAYS_SET_PATH and LOGIN_PLAIN_PROMPT. * useradd-script.patch, userdel-script.patch * Remove duplicated definitions of MOTD_FILE and ENV_PATH. - Add shadow-login_defs-unused-check.sh to allow verification of login.defs variable usage (bsc#1121197). - Add virtual symbols for login.defs compatibility (bsc#1121197). ==== shared-mime-info ==== - Move RPM macros to %_rpmmacrodir. - Move RPM macros file to correct directory in /usr ==== socat ==== Version update (1.7.3.2 -> 1.7.3.3) - Update to version 1.7.3.3: * bugfix release, see the CHANGES file for all changes - Drop patch: * socat-openssl-1.1-tests.patch (not longer needed) - Run spec-cleaner ==== sssd ==== Version update (2.0.0 -> 2.1.0) Subpackages: libsss_certmap0 libsss_idmap0 libsss_nss_idmap0 sssd-krb5-common sssd-ldap - Update to new upstream release 2.1.0 * Any provider can now match and map certificates to user identities. * pam_sss can now be configured to only perform Smart Card authentication or return an error if this is not possible. * pam_sss can also prompt the user to insert a Smart Card if, during an authentication it is not available. * A new configuration option ad_gpo_implicit_deny was added. This option (when set to True) can be used to deny access to users even if there is not applicable GPO. * The dynamic DNS update can now batch DNS updates to include all address family updates in a single transaction. ==== suse-module-tools ==== - Only ship RPM macros up to suse_version 1500: after that, the macros can be found in the rpm-config-SUSE package. - Move RPM macros to %_rpmmacrodir. ==== system-user-root ==== Version update (20170617 -> 20190513) - Bump to version 20190513: * Invalidate root password by default (bsc#1134524) ==== systemd ==== Version update (241 -> 242) Subpackages: libsystemd0 libudev1 systemd-logger systemd-sysvinit udev - Import commit eaa7b8b148927d471609de75e542dffcc1b36df4 7e58b89136 udevd: change the default value of udev.children-max (again) (bsc#1107617) - Add 0001-rc-local-generator-deprecate-halt.local-support.patch /etc/init.d/halt.local support will removed from the next systemd version (v243) so for now on warn (hopefully the few) users who rely on this script so they have a chance to switch to systemd-shutdown interface. - Add 0001-Revert-insserv.conf-generator.patch (bsc#1052837) All remaining packages have been fixed so they don't rely on the insser-generator to generate proper deps. So let's drop it as all services should carry the proper dependencies itself. - Drop debug-only-remove-new-policies.patch The new DBUS methods have been reviewed by the security team. - Import commit 9984a86d0d2259d54c7060f9c09f214202b4efa7 f2459bf373 random-util: eat up bad RDRAND values seen on AMD CPUs c90a2e9793 util-lib: fix a typo in rdrand 4db1cc9d46 random-util: rename "err" to "success" 981a62a102 random-util: hash AT_RANDOM getauxval() value before using it 64a9c3d918 random-util: use gcc's bit_RDRND definition if it exists c5d6ecfdca random-util: rename RANDOM_DONT_DRAIN ? RANDOM_MAY_FAIL 298d13df7e network: remove redunant link name in message 77cbde31f2 hwdb: Align airplane mode toggle key mapping for all Acer series 460f03794e Revert "hwdb: Apply Acer mappings to all Gateway and Packard Bell models" fe9271ad84 test: return a non-zero return code when 'nobody' user doesn't exist 29d355e755 fstab-generator: Prevent double free of reused FILE* f30f1adc11 meson: make source files including nspawn-settings.h depend on libseccomp 84bab914b8 alloc-util: don't use malloc_usable_size() to determine allocated size 5240972d8d units: drop reference to sushell man page 0a26de5e33 codespell: fix spelling errors 582de105c8 nspawn-expose-ports: fix a typo in error message - Buildrequire polkit so /usr/share/polkit-1/rules.d has an owner Otherwise the "post build checks" would complain and would force systemd to own this directory. The owner should still be "polkit" and the perms should be in sync with the perm set by polkit itself. - Add debug-only-remove-new-policies.patch A temporary patch to suppress the new DBUS methods introduced by v242 until they are reviewed and whitelisted by the secteam. - Add a comment explaining why static enablement symlinks in /etc are suppressed Also remove any /etc/systemd/system/*.requires/ symlinks for the same reason. - preset remote-cryptsetup.target during package installation This target is supposed to be part of the targets that should be enabled (or not depending on the presets) at package installation. - Upgrade to v242 (commit 071c380dcc434dca2a0c8b6de0519cc9e816c6d6) See https://github.com/openSUSE/systemd/blob/SUSE/v242/NEWS for details. - Drop "BuildRequires: -post-build-checks" from the specfile (bsc#1130230) The syntax of this directive is obsolete and should be replaced by "#!BuildIgnore: post-build-checks". However there's no good reasons to disable these SUSE extra checks, so let's re-enable them and fix the few errors it detected. - Import commit 4e6e66ea94cf5125f9044f0869939a86801ed2d8 430877e794 pam-systemd: use secure_getenv() rather than getenv() (bsc#1132348 CVE-2019-3842) 3cff2e6514 man: document that if the main process exits after SIGTERM we go directly to SIGKILL 26c4f7191c bus: fix memleak on invalid message - systemd-coredump: generate a stack trace of all core dumps (bsc#1128832) This stack trace is logged to the journal. ==== systemd-presets-common-SUSE ==== - Enable logwatch.timer (bsc#1112500). - enable nvmefc-boot-connections.service to discover network-provided nvme drives on boot (bsc#1128428) ==== sysuser-tools ==== - Fix default home directory [bsc#1105934] - Use _rpmmacrodir for macro file ==== sysvinit ==== - Add patch killproc-mntinf-optional.patch to handle various optional fields of /proc//mountinfo on the entry/ies before the hypen (bsc#1131982) ==== talloc ==== Version update (2.1.14 -> 2.1.16) - Update to version 2.1.16 + Fix standalone build of talloc. - Update to version 2.1.15 + Deprecate talloc_set_memlimit() and talloc_autofree_context() + Fix undefined behavior in talloc_memdup + The build uses python3 by default: + --extra-python would take python2 now + To build with python2 only use: PYTHON=python2 ./configure PYTHON=python2 make PYTHON=python2 make install ==== tdb ==== Version update (1.3.16 -> 1.3.18) - Update to 1.3.18 + Fix build problems with older python versions. + C99 build fixes. + Fix standalone build of tdb. - Update to 1.3.17 ==== tevent ==== Version update (0.9.37 -> 0.9.39) - Update to version 0.9.39 + py_tevent: add_timer takes float argument + C99 build fixes. + Fix standalone build of tevent. - Update to version 0.9.38 + Deprecate tevent wrapper api again + Build fixes + The build uses python3 by default: + --extra-python would take python2 now + To build with python2 only use: PYTHON=python2 ./configure PYTHON=python2 make PYTHON=python2 make install ==== transactional-update ==== Version update (2.14.1 -> 2.14.2) Subpackages: transactional-update-zypp-config - Update to version 2.14.2 - Prevent unnecessary error message on systems not installed with YaST (e.g. KIWI) - Add requires for bc, needed for some calculations ==== ucode-intel ==== Version update (20190312 -> 20190514) - Intel QSR 2019.1 Microcode release (bsc#1111331 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091) Processor Identifier Version Products Model Stepping F-MO-S/PI Old->New - --- new platforms ---------------------------------------- VLV C0 6-37-8/02 00000838 Atom Z series VLV C0 6-37-8/0C 00000838 Celeron N2xxx, Pentium N35xx VLV D0 6-37-9/0F 0000090c Atom E38xx CHV C0 6-4c-3/01 00000368 Atom X series CHV D0 6-4c-4/01 00000411 Atom X series CLX-SP B1 6-55-7/bf 05000021 Xeon Scalable Gen2 - --- updated platforms ------------------------------------ SNB D2/G1/Q0 6-2a-7/12 0000002e->0000002f Core Gen2 IVB E1/L1 6-3a-9/12 00000020->00000021 Core Gen3 HSW C0 6-3c-3/32 00000025->00000027 Core Gen4 BDW-U/Y E0/F0 6-3d-4/c0 0000002b->0000002d Core Gen5 IVB-E/EP C1/M1/S1 6-3e-4/ed 0000042e->0000042f Core Gen3 X Series; Xeon E5 v2 IVB-EX D1 6-3e-7/ed 00000714->00000715 Xeon E7 v2 HSX-E/EP Cx/M1 6-3f-2/6f 00000041->00000043 Core Gen4 X series; Xeon E5 v3 HSX-EX E0 6-3f-4/80 00000013->00000014 Xeon E7 v3 HSW-U C0/D0 6-45-1/72 00000024->00000025 Core Gen4 HSW-H C0 6-46-1/32 0000001a->0000001b Core Gen4 BDW-H/E3 E0/G0 6-47-1/22 0000001e->00000020 Core Gen5 SKL-U/Y D0/K1 6-4e-3/c0 000000c6->000000cc Core Gen6 BDX-ML B0/M0/R0 6-4f-1/ef 0b00002e->00000036 Xeon E5/E7 v4; Core i7-69xx/68xx SKX-SP H0/M0/U0 6-55-4/b7 0200005a->0000005e Xeon Scalable SKX-D M1 6-55-4/b7 0200005a->0000005e Xeon D-21xx BDX-DE V1 6-56-2/10 00000019->0000001a Xeon D-1520/40 BDX-DE V2/3 6-56-3/10 07000016->07000017 Xeon D-1518/19/21/27/28/31/33/37/41/48, Pentium D1507/08/09/17/19 BDX-DE Y0 6-56-4/10 0f000014->0f000015 Xeon D-1557/59/67/71/77/81/87 BDX-NS A0 6-56-5/10 0e00000c->0e00000d Xeon D-1513N/23/33/43/53 APL D0 6-5c-9/03 00000036->00000038 Pentium N/J4xxx, Celeron N/J3xxx, Atom x5/7-E39xx SKL-H/S R0/N0 6-5e-3/36 000000c6->000000cc Core Gen6; Xeon E3 v5 DNV B0 6-5f-1/01 00000024->0000002e Atom C Series GLK B0 6-7a-1/01 0000002c->0000002e Pentium Silver N/J5xxx, Celeron N/J4xxx AML-Y22 H0 6-8e-9/10 0000009e->000000b4 Core Gen8 Mobile KBL-U/Y H0 6-8e-9/c0 0000009a->000000b4 Core Gen7 Mobile CFL-U43e D0 6-8e-a/c0 0000009e->000000b4 Core Gen8 Mobile WHL-U W0 6-8e-b/d0 000000a4->000000b8 Core Gen8 Mobile WHL-U V0 6-8e-d/94 000000b2->000000b8 Core Gen8 Mobile KBL-G/H/S/E3 B0 6-9e-9/2a 0000009a->000000b4 Core Gen7; Xeon E3 v6 CFL-H/S/E3 U0 6-9e-a/22 000000aa->000000b4 Core Gen8 Desktop, Mobile, Xeon E CFL-S B0 6-9e-b/02 000000aa->000000b4 Core Gen8 CFL-H/S P0 6-9e-c/22 000000a2->000000ae Core Gen9 CFL-H R0 6-9e-d/22 000000b0->000000b8 Core Gen9 Mobile ==== util-linux ==== Version update (2.33.1 -> 2.33.2) Subpackages: libblkid1 libfdisk1 libmount1 libsmartcols1 libuuid1 - Update to version 2.33.2 (bsc#1134337): * agetty: Fix 8-bit processing in get_logname() (bsc#1125886). * mount: Fix "mount" output for net file systems (bsc#1122417). * Many Other fixes, see https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes - Fix problems in reading of login.defs values (bsc#1121197, util-linux-login_defs-priority1.patch, util-linux-login_defs-priority2.patch, util-linux-login_defs-SYS_UID.patch). - Perform one-time reset of /etc/default/su (bsc#1121197). - Add virtual symbols for login.defs compatibility (bsc#1121197). - Add login.defs safety check util-linux-login_defs-check.sh (bsc#1121197). ==== util-linux-systemd ==== Version update (2.33.1 -> 2.33.2) - Update to version 2.33.2 (bsc#1134337): * agetty: Fix 8-bit processing in get_logname() (bsc#1125886). * mount: Fix "mount" output for net file systems (bsc#1122417). * Many Other fixes, see https://www.kernel.org/pub/linux/utils/util-linux/v2.33/v2.33.2-ReleaseNotes - Fix problems in reading of login.defs values (bsc#1121197, util-linux-login_defs-priority1.patch, util-linux-login_defs-priority2.patch, util-linux-login_defs-SYS_UID.patch). - Perform one-time reset of /etc/default/su (bsc#1121197). - Add virtual symbols for login.defs compatibility (bsc#1121197). - Add login.defs safety check util-linux-login_defs-check.sh (bsc#1121197). ==== vim ==== Version update (8.1.1066 -> 8.1.1330) Subpackages: vim-data-common - Updated to version 8.1.1330, fixes the following problems - refreshed disable-unreliable-tests.patch * Running make in src/po leaves LINGUAS file behind. (Ken Takata) * Delaying half a second after the top-bot message. * Detecting *.tmpl as htmlcheetah is outdated. * Test17 is old style. * Running tests leaves XTest_tabpage_cmdheight file behind. * Cannot build with +eval but without +mouse. * Search stats don't show for mapped command. * May not have enough space to add "W" to search stats. * .hgignore and .gitignore are either distributed or in git, not both. * Not easy to change directory and restore. * Invalid command line arguments not tested. * When vimrun.exe does not exist external command may fail. * Crash when using invalid command line argument. * Invalid argument test fails without GTK. * Invalid argument test fails without X clipboard. * "extends" from 'listchars' is used when 'list' is off. (Hiroyuki Yoshinaga) * In a terminal 'ballooneval' does not work right away. * When compiled with VIMDLL some messages are not shown. * v:beval_text is not tested in Visual mode. * Not possible to hide a balloon. * There is no easy way to manipulate environment variables. * Borland support is outdated and doesn't work. * Cannot reconnect to the X server after it restarted. * The Normal highlight is not defined when compiled with GUI. * Test for Normal highlight fails on MS-Windows GUI. * Named function arguments are never optional. * Aborting an autocmd with an exception is not tested. * Coverity warning for using uninitialized variable. * Warnings for using localtime() and ctime(). * There is always a delay if a termrequest is never answered. * Duplicated localtime() call. * Output from Travis can be improved. * Code for text changes is in a "misc" file. * Computing function length name in many places. * It is not possible to track changes to a buffer. * No docs or tests for listener functions. * Cygwin makefile is not nicely indented. * 'mouse' option is reset when using GPM mouse. * Stray comma in VMS makefile. * Cannot build with +eval but without +channel and +timers. (John Marriott) * No test for listener with partial. * Unnecessary scroll after horizontal split. * No test for listener with undo operation. * Plans for popup window support are spread out. * Using bold attribute in terminal changes the color. (Jason Franklin) - Updated to version 8.1.1282, fixes the following problems - refresh disable-unreliable-tests.patch * Bracketed paste may remain active after Vim exists, because the terminal emulater restores the setting. * No test for :abclear. * Old style comments in debugger source. * Output of :command is hard to read. * Always get regexp debugging logs when building with -DDEBUG. * Some autocmd tests are old style. * Output of :command with address completion is not nice. * A BufReadPre autocommand may cause the cursor to move. * User command parsing and listing not properly tested. * Some compilers give warning messages. * Links to repository use wrong file name. * Clever compiler warns for buffer being too small. * Support for user commands is spread out. No good reason to make user commands optional. * Not all user command code is tested. * Signal PWR is not tested. * "make clean" in top dir does not cleanup indent test output. * Old style tests. * "make clean" does not remove generated src/po files. * Mouse middle click is not tested. * MS-Windows: no space reserved for font quality name. * Cannot set a directory for a tab page. * Not checking for NULL return from alloc(). * Build fails on MS-Windows. * Filtering does not work when listing marks. * Middle mouse click test fails without a clipboard. * {not in Vi} remarks get in the way of useful help text. * Duplicate entries in the generate .desktop files. (Ralf Schandl) * Not possible to process tags with a function. * Warning for posix_openpt() not declared. (Tony Mechelynck) * A lot of code is shared between vim.exe and gvim.exe. * Asking about existing swap file unnecessarily. * Cannot build tiny version. * Compiler warnings for using STRLEN() value. * sjiscorr.c not found in shadow directory. (Tony Mechelynck) * Error for using "compl", reserved word in C++. * MS-Windows: compiler warning for sprintf() format. * Key with byte sequence containing CSI does not work. * Runtime desktop files are overwritten by build. (Tony Mechelynck) * Ex command info contains confusing information. * No cmdline redraw when tabpages have different 'cmdheight'. * Compiler warnings for incomplete switch statement. (Tony Mechelynck) * No tests for CTRL-mouse-click. * ":copen 10" sets height in full-height window. (Daniel Hahler) * Cannot handle negative mouse coordinate from urxvt. * Urxvt mouse codes are not tested. * No test for dec mouse. * Compiler warning for uninitialized variable. * No test for netterm mouse. * No test for completion of mapping keys. * Not all mapping completion is tested. * Mapping completion test fails. * Mapping completion contains dead code. * Building desktop files fails on FreeBSD. (Adam Weinberger) * Cannot navigate through errors relative to the cursor. * The "N files to edit" message can not be surpressed. * Crash when exiting early. (Ralf Schandl) * Comparing with pointer instead of value. * No error for quickfix commands with negative range. * Cannot simulate a mouse click in a test. * Mouse clicks in WinBar not tested. * Crash when closing window from WinBar click. (Ben Jackson) * When GPM mouse support is enabled double clicks in xterm do not work. * Winbar test doesn't test enough. * Cannot check if GPM mouse support is working. * Map completion test fails in GUI. * Cannot see current match position. * Compiler warnings for use of STRNCPY(). (John Marriott) * Click on WinBar of other window not tested. * Compiler warning in direct write code. * After :unmenu can still execute the menu with :emenu. * Cannot navigate to errors before/after the cursor. * Cannot combine text properties with syntax highlighting. * Missing screenshot update. * Missing change for "combine" field. * Cannot set 'spellang' to "sr@latin". (Bojan Stipic) * Cannot specify a count with :chistory. * Running make in src/po leaves LINGUAS file behind. (Ken Takata) - Updated to version 8.1.1198, fixes the following problems * Xterm mouse wheel escape sequence is not tested. * Plugins don't get notified when the popup menu changes. * No test for what is fixed in patch 8.1.0716. * Not easy to find out what neighbors a window has. * Terminal winpos test fails with very large terminal. (Dominique Pelle) * No test for dragging the window separators with the mouse. * May pass weird strings to file name expansion. * Too strict checking of the 'spellfile' option. * Compiler warning for unused function. (Tony Mechelynck) * Desktop file translations are requiring manual updates. * CTRL-L with 'incsearch' does not pick up char under cursor. (Smylers) * Building desktop files fails with older msgfmt. * Generating desktop files not tested on Travis. * Build fails when using shadow directory. * Msgfmt complains about missing LINGUAS file. (Tony Mechelynck) * Getting a newer msgfmt on Travis is too complicated. * Termcodes tests can be improved. * Unicode emoji and other image characters not recognized. * Unicode tables are out of date. * Json encoded string is sometimes missing the final NUL. * Termcodes test would fail in a very big terminal. * Unreachable code. * Incorrect coverage information; typo in color name. * Codecov does not report all the coverage information. * Gettitle test is failing when server name differs. (Kenta Sato) * No test for mouse clicks in the terminal tabpage line. * Gettitle test can still fail when another Vim is running. * No test for closing tab by click in tabline. * Not all screen update code of the terminal window is executed in tests. * Writing coverage info in a separate dir is not needed. * Terminal ANSI color test does not cover all colors. * Statusline test could fail in large terminal. * Cursor properties were not fully tested. * Suspend test has duplicated lines. * No test for dragging a tab with the mouse and for creating a new tab by double clicking in the tabline. * Test for dragging a tab is flaky. * .ts files are recognized as xml, while typescript is more common. * When mouse click tests fails value of 'ttytype' is unknown. * No test for mouse clicks in the fold column. * Vim script debugger tests are old style. * Tests for mouse clicks are a bit flaky when run in an interactive terminal. * Some function prototypes are outdated. * Typos in VisVim comments. * Undo file left behind after running test. * Mapping for CTRL-X is inconsistent. * readdir() allocates list twice. * Cannot recognize Pipfile. * Not all Vim variables require the v: prefix. * Mode is not cleared when leaving Insert mode. * has('vimscript-3') does not work. * Not all debug commands are covered by a test. * Mode is not cleared when leaving Insert mode with mapped Esc. * Typos and small problems in test files. * Typos and small problems in source files. * Vim script debugger functionality needs cleanup. * Parallel build may fail. * When starting with multiple tabs file messages is confusing. - Updated to version 8.1.1137, fixes the following problems - refreshed disable-unreliable-tests.patch * Cannot get all the information about current completion. * Source README file doesn't look nice on github. * Issue templates are not good enough. * Cannot get composing characters from the screen. * Extending sign and foldcolumn below the text is confusing. * Space in number column is on wrong side with 'rightleft' set. * Python test doesn't wipe out hidden buffer. * Function reference count wrong in Python code. * File for Insert mode is much too big. * reg_executing() is reset by calling input(). * When 'listchars' is set a composing char on a space is wrong. * No need for a separate ScreenLinesUtf8() test function. * When a screendump test fails, moving the file is a hassle. current code page. * "Conceal" match is mixed up with 'hlsearch' match. * Cannot delete a match from another window. (Paul Jolly) * Compiler warning for possibly uninitialized variable. (Tony Mechelynck) * Too many curly braces. * tag stack is incorrect after CTRL-T and then :tag * Height of quickfix window not retained with vertical split. * Tutor does not check $LC_MESSAGES. * Setting 'guifont' when maximized resizes the Vim window. When 'guioptions' contains "k" gvim may open with a tiny window. * Support for outdated tags format slows down tag parsing. * Long line in tags file causes error. * Quickfix code duplication. * The do_tag() function is too long. * Tag file without trailing newline no longer works. (Marco Hinz) * Signals test may fail in the GUI. * Long escape sequences may be split up. * No test for 'writedelay'. * No test for 'visualbell'. * Test for 'visualbell' doesn't work. * Deleted file still in list of distributed files. * Composing chars on space wrong when 'listchars' is set. * It is not easy to check for infinity. * Duplicate code in quickfix file. * Making an autocommand trigger once is not so easy. * Confusing overloaded operator "." for string concatenation. * Cannot build with older C compiler. * Cannot enforce a Vim script style. * Build failure without the +eval feature. * A couple of conditions are hard to understand. * Cannot easily get directory entry matches. * Test for term_gettitle() was disabled. * char2nr() does not handle composing characters. * No way to avoid filtering for autocomplete function, causing flickering of the popup menu. * Insert completion flags are mixed up. * Libvterm does not handle the window position report. * Build failure with +terminal but without tgetent. * When making a new screendump test have to create the file. * Compiler warning for uninitialized struct member. (Yegappan Lakshmanan) * Buffer for quickfix window is reused for another file. * Build failure for small version. (Tony Mechelynck) * Decoding of mouse click escape sequence is not tested. * Xterm mouse wheel escape sequence is not tested. ==== xen ==== Version update (4.12.0_08 -> 4.12.0_12) - Disable LTO (boo#1133296). - Remove arm32 from ExclusiveArch to fix build - bsc#1111331 - VUL-0: CPU issues Q2 2019 aka "Group 4" xsa297-0a.patch xsa297-0b.patch xsa297-0c.patch xsa297-0d.patch xsa297-1.patch xsa297-2.patch xsa297-3.patch - Update 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch and drop 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch Refresh 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch - bsc#1131811 - [XEN] internal error: libxenlight failed to create new domain. This patch is a workaround for a systemd issue. See patch header for additional comments. xenstore-launch.patch - bsc#1125378 - [xen][pygrub] Can not restore sle11sp4 pv guest after upgrading host from sle11sp4 to sle15sp1 pygrub-python3-conversion.patch - Fix "TypeError: virDomainDefineXML() argument 2 must be str or None, not bytes" when converting VMs from using the xm/xend toolstack to the libxl/libvirt toolstack. (bsc#1123378) xen2libvirt.py - bsc#1124560 - Fully virtualized guests crash on boot 5cac6cba-vmx-Fixup-removals-of-MSR-load-save-list-entries.patch - bsc#1121391 - GCC 9: xen build fails 5c8f752c-x86-e820-build-with-gcc9.patch - Upstream bug fixes (bsc#1027519) 5c87b644-IOMMU-leave-enabled-for-kexec-crash.patch 5c87b6a2-x86-HVM-dont-crash-guest-in-find_mmio_cache.patch 5c87e6d1-x86-TSX-controls-for-RTM-force-abort-mode.patch 5c8fb92d-x86-HVM-split-linear-reads-and-writes.patch 5c8fb951-x86-HVM-finish-IOREQs-correctly-on-completion.patch 5c8fc6c0-x86-MSR-shorten-ARCH_CAPABILITIES.patch 5c8fc6c0-x86-SC-retpoline-safety-calculations-for-eIBRS.patch 5c9e63c5-credit2-SMT-idle-handling.patch 5ca46b68-x86emul-no-GPR-update-upon-AVX-gather-failures.patch 5ca773d1-x86emul-dont-read-mask-reg-without-AVX512F.patch 5cab1f66-timers-fix-memory-leak-with-cpu-plug.patch 5cac6219-xen-cpu-Fix-ARM-build-following-cs-597fbb8.patch - Install pkgconfig files into libdir instead of datadir ==== xfsprogs ==== Version update (4.20.0 -> 5.0.0) - Update to v5.0.0 * xfs_db: scan all sparse inodes when using 'frag' * Fix build with newer statx headers * libxfs: fix buffer & inode lifetimes * misc: fix strncpy length complaints from gcc * Merge libxfs from kernel 5.0 ==== xmlsec1 ==== Version update (1.2.26 -> 1.2.28) Subpackages: libxmlsec1-1 libxmlsec1-openssl1 - Update to 1.2.28: * Added BoringSSL support (chenbd). * Added gnutls-3.6.x support (alonbl). * Added DSA and ECDSA key size getter for MSCNG (vmiklos). * Added --enable-mans configuration option (alonbl). * Added coninuous build integration for MacOSX (vmiklos). * Several other small fixes (more details). - Make sure to recommend at least one backend when you install just xmlsec1 - Drop the gnutls backend as based on the tests it is quite borked: * We still have nss and openssl backend for people to use - Version update to 1.2.27: * Added AES-GCM support for OpenSSL and MSCNG (snargit). * Added DSA-SHA256 and ECDSA-SHA384 support for NSS (vmiklos). * Added RSA-OAEP support for MSCNG (vmiklos). * Continuous build integration in Travis and Appveyor. * Several other small fixes (more details). ==== yast2 ==== Version update (4.1.67 -> 4.2.3) - Make sure the wizard buttons always remain visible in NCurses (bsc#1133367) - 4.2.3 - give more verbose feedback in 'view_anymsg' client (bsc#1132658) - 4.2.2 - Uninstall the "SUSE-Manager-Proxy" product when upgrading from SLES12 + SUMA Proxy + SUMA Branch Server (bsc#1133215) - 4.2.1 - Allow not prescribing UI in yast2, to use YUILoader::loadUI. Required to load integration tests framework (poo#36712, bsc#1132247) - 4.2.0 - Updated map for evaluating upgraded products (e.g. for SUSE-Manager). (bsc#1131503) - Upgrade: Evaluating product obsoletes in order to show it in the proposal overview. - 4.1.68 - Use noun phrase in summary. ==== zstd ==== Version update (1.3.8 -> 1.4.0) - Update description with 1.4.0 statistics. - Use FAT LTO objects in order to provide proper static library (boo#1133297). - Update to new upstream release 1.4.0 * perf: level 1 compression speed was improved by ~6?8% * cli: added --[no-]compress-literals flag to enable or disable literal compression - Reword "real-time" in description by some actual statistics, because 603MB/s (lowest zstd level) is not "real-time" for quite some applications.