openSUSE Security Announce
Threads by month
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
July 2021
- 2 participants
- 144 discussions
openSUSE-SU-2021:2353-1: important: Security update for nodejs10
by opensuse-security@opensuse.org 15 Jul '21
by opensuse-security@opensuse.org 15 Jul '21
15 Jul '21
openSUSE Security Update: Security update for nodejs10
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2353-1
Rating: important
References: #1183155 #1183851 #1183852 #1184450 #1187973
#1187976 #1187977
Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362
CVE-2021-27290 CVE-2021-3449 CVE-2021-3450
CVSS scores:
CVE-2020-7774 (NVD) : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-22918 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2021-23362 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-23362 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-27290 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-27290 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3449 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3449 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3450 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-3450 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 6 vulnerabilities and has one errata
is now available.
Description:
This update for nodejs10 fixes the following issues:
Update nodejs10 to 10.24.1.
Including fixes for
- CVE-2021-22918: libuv upgrade - Out of bounds read (bsc#1187973)
- CVE-2021-27290: ssri Regular Expression Denial of Service (bsc#1187976)
- CVE-2021-23362: hosted-git-info Regular Expression Denial of Service
(bsc#1187977)
- CVE-2020-7774: y18n Prototype Pollution (bsc#1184450)
- CVE-2021-3450: OpenSSL - CA certificate check bypass with
X509_V_FLAG_X509_STRICT (bsc#1183851)
- CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms
processing (bsc#1183852)
- reduce memory footprint of test-worker-stdio (bsc#1183155)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2353=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs10-10.24.1-1.36.1
nodejs10-debuginfo-10.24.1-1.36.1
nodejs10-debugsource-10.24.1-1.36.1
nodejs10-devel-10.24.1-1.36.1
npm10-10.24.1-1.36.1
- openSUSE Leap 15.3 (noarch):
nodejs10-docs-10.24.1-1.36.1
References:
https://www.suse.com/security/cve/CVE-2020-7774.html
https://www.suse.com/security/cve/CVE-2021-22918.html
https://www.suse.com/security/cve/CVE-2021-23362.html
https://www.suse.com/security/cve/CVE-2021-27290.html
https://www.suse.com/security/cve/CVE-2021-3449.html
https://www.suse.com/security/cve/CVE-2021-3450.html
https://bugzilla.suse.com/1183155
https://bugzilla.suse.com/1183851
https://bugzilla.suse.com/1183852
https://bugzilla.suse.com/1184450
https://bugzilla.suse.com/1187973
https://bugzilla.suse.com/1187976
https://bugzilla.suse.com/1187977
1
0
openSUSE-SU-2021:2354-1: important: Security update for nodejs14
by opensuse-security@opensuse.org 15 Jul '21
by opensuse-security@opensuse.org 15 Jul '21
15 Jul '21
openSUSE Security Update: Security update for nodejs14
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2354-1
Rating: important
References: #1184450 #1187973 #1187976 #1187977
Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362
CVE-2021-27290
CVSS scores:
CVE-2020-7774 (NVD) : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-22918 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
CVE-2021-23362 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-23362 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-27290 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-27290 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for nodejs14 fixes the following issues:
Update nodejs14 to 14.17.2.
Including fixes for:
- CVE-2021-22918: libuv upgrade - Out of bounds read (bsc#1187973)
- CVE-2021-27290: ssri Regular Expression Denial of Service (bsc#1187976)
- CVE-2021-23362: hosted-git-info Regular Expression Denial of Service
(bsc#1187977)
- CVE-2020-7774: y18n Prototype Pollution (bsc#1184450)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2354=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.17.2-5.12.1
nodejs14-debuginfo-14.17.2-5.12.1
nodejs14-debugsource-14.17.2-5.12.1
nodejs14-devel-14.17.2-5.12.1
npm14-14.17.2-5.12.1
- openSUSE Leap 15.3 (noarch):
nodejs14-docs-14.17.2-5.12.1
References:
https://www.suse.com/security/cve/CVE-2020-7774.html
https://www.suse.com/security/cve/CVE-2021-22918.html
https://www.suse.com/security/cve/CVE-2021-23362.html
https://www.suse.com/security/cve/CVE-2021-27290.html
https://bugzilla.suse.com/1184450
https://bugzilla.suse.com/1187973
https://bugzilla.suse.com/1187976
https://bugzilla.suse.com/1187977
1
0
openSUSE-SU-2021:2352-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 15 Jul '21
by opensuse-security@opensuse.org 15 Jul '21
15 Jul '21
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2352-1
Rating: important
References: #1152489 #1153274 #1154353 #1155518 #1164648
#1176447 #1176774 #1176919 #1177028 #1178134
#1182470 #1184212 #1184685 #1185486 #1185675
#1185677 #1186206 #1186666 #1186949 #1187171
#1187263 #1187356 #1187402 #1187403 #1187404
#1187407 #1187408 #1187409 #1187410 #1187411
#1187412 #1187413 #1187452 #1187554 #1187595
#1187601 #1187795 #1187867 #1187883 #1187886
#1187927 #1187972 #1187980
Cross-References: CVE-2021-0512 CVE-2021-0605 CVE-2021-33624
CVE-2021-34693 CVE-2021-3573
CVSS scores:
CVE-2021-0512 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-0605 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE-2021-0605 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33624 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-33624 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-34693 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-3573 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 5 vulnerabilities and has 38 fixes is
now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3573: Fixed an UAF vulnerability in function that can allow
attackers to corrupt kernel heaps and adopt further exploitations.
(bsc#1186666)
- CVE-2021-0605: Fixed an out-of-bounds read which could lead to local
information disclosure in the kernel with System execution privileges
needed. (bsc#1187601)
- CVE-2021-0512: Fixed a possible out-of-bounds write which could lead to
local escalation of privilege with no additional execution privileges
needed. (bsc#1187595)
- CVE-2021-33624: Fixed a bug which allows unprivileged BPF program to
leak the contents of arbitrary kernel memory (and therefore, of all
physical memory) via a side-channel. (bsc#1187554)
- CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local
users to obtain sensitive information from kernel stack memory because
parts of a data structure are uninitialized. (bsc#1187452)
The following non-security bugs were fixed:
- 0001-x86-sched-Treat-Intel-SNC-topology-as-default-COD-as.patch:
(bsc#1187263).
- alx: Fix an error handling path in 'alx_probe()' (git-fixes).
- ASoC: fsl-asoc-card: Set .owner attribute when registering card
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet
(git-fixes).
- ASoC: max98088: fix ni clock divider calculation (git-fixes).
- ASoC: rt5659: Fix the lost powers for the HDA header (git-fixes).
- ASoC: rt5682: Fix the fast discharge for headset unplugging in soundwire
mode (git-fixes).
- ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: tas2562: Fix TDM_CFG0_SAMPRATE values (git-fixes).
- batman-adv: Avoid WARN_ON timing related checks (git-fixes).
- be2net: Fix an error handling path in 'be_probe()' (git-fixes).
- block: Discard page cache of zone reset target range (bsc#1187402).
- Bluetooth: Add a new USB ID for RTL8822CE (git-fixes).
- Bluetooth: use correct lock to prevent UAF of hdev object (git-fixes).
- bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path
(jsc#SLE-8371 bsc#1153274).
- bnxt_en: Fix TQM fastpath ring backing store computation (jsc#SLE-8371
bsc#1153274).
- bnxt_en: Rediscover PHY capabilities after firmware reset (jsc#SLE-8371
bsc#1153274).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
(bsc#1177028).
- bpf: Fix libelf endian handling in resolv_btfids (bsc#1177028).
- bpfilter: Specify the log level for the kmsg message (bsc#1155518).
- can: mcba_usb: fix memory leak in mcba_usb (git-fixes).
- ceph: must hold snap_rwsem when filling inode for async create
(bsc#1187927).
- cfg80211: avoid double free of PMSR request (git-fixes).
- cfg80211: make certificate generation more robust (git-fixes).
- cgroup1: do not allow '\n' in renaming (bsc#1187972).
- cxgb4: fix endianness when flashing boot image (jsc#SLE-15131).
- cxgb4: fix sleep in atomic when flashing PHY firmware (jsc#SLE-15131).
- cxgb4: fix wrong ethtool n-tuple rule lookup (jsc#SLE-15131).
- cxgb4: fix wrong shift (git-fixes).
- cxgb4: halt chip before flashing PHY firmware image (jsc#SLE-15131).
- dax: Add a wakeup mode parameter to put_unlocked_entry() (bsc#1187411).
- dax: Add an enum for specifying dax wakup mode (bsc#1187411).
- dax: fix ENOMEM handling in grab_mapping_entry() (bsc#1184212).
- dax: Wake up all waiters after invalidating dax entry (bsc#1187411).
- dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (git-fixes).
- dmaengine: fsl-dpaa2-qdma: Fix error return code in two functions
(git-fixes).
- dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc
(git-fixes).
- dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (git-fixes).
- dmaengine: stedma40: add missing iounmap() on error in d40_probe()
(git-fixes).
- drm: Fix use-after-free read in drm_getunique() (git-fixes).
- drm: Lock pointer access in drm_master_release() (git-fixes).
- drm/amd/amdgpu:save psp ring wptr to avoid attack (git-fixes).
- drm/amd/display: Allow bandwidth validation for 0 streams (git-fixes).
- drm/amd/display: Fix potential memory leak in DMUB hw_init (git-fixes).
- drm/amdgpu: refine amdgpu_fru_get_product_info (git-fixes).
- drm/sun4i: dw-hdmi: Make HDMI PHY into a platform device (git-fixes).
- drm/tegra: sor: Do not leak runtime PM reference (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (git-fixes).
- drm/vc4: hdmi: Move the HSM clock enable to runtime_pm (git-fixes).
- dt-bindings: reset: meson8b: fix duplicate reset IDs (git-fixes).
- ethtool: strset: fix message length calculation (bsc#1176447).
- ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
(bsc#1187408).
- ext4: fix check to prevent false positive report of incorrect used
inodes (bsc#1187404).
- ext4: fix error code in ext4_commit_super (bsc#1187407).
- ext4: fix memory leak in ext4_fill_super (bsc#1187409).
- FCOE: fcoe_wwn_from_mac kABI fix (bsc#1187886).
- fs: fix reporting supported extra file attributes for statx()
(bsc#1187410).
- ftrace: Do not blindly read the ip address in ftrace_bug() (git-fixes).
- ftrace: Free the trampoline when ftrace_startup() fails (git-fixes).
- fuse: BUG_ON correction in fuse_dev_splice_write() (bsc#1187356).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-input: add mapping for emoji picker key (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure
(git-fixes).
- HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- HID: usbhid: Fix race between usbhid_close() and usbhid_stop()
(git-fixes).
- hwmon: (scpi-hwmon) shows the negative temperature properly (git-fixes).
- i2c: mpc: Make use of i2c_recover_bus() (git-fixes).
- ice: add ndo_bpf callback for safe mode netdev ops (jsc#SLE-7926).
- ice: parameterize functions responsible for Tx ring management
(jsc#SLE-12878).
- isdn: mISDN: netjet: Fix crash in nj_probe: (git-fixes).
- kernel-binary.spec.in: Regenerate makefile when not using mkmakefile.
- kernel: kexec_file: fix error return code of
kexec_calculate_store_digests() (git-fixes).
- kthread_worker: split code for canceling the delayed work timer
(bsc#1187867).
- kthread: prevent deadlock when kthread_mod_delayed_work() races with
kthread_cancel_delayed_work_sync() (bsc#1187867).
- kyber: fix out of bounds access when preempted (bsc#1187403).
- lib: vdso: Remove CROSS_COMPILE_COMPAT_VDSO (bsc#1164648,jsc#SLE-11493).
- media: mtk-mdp: Check return value of of_clk_get (git-fixes).
- media: mtk-mdp: Fix a refcounting bug on error in init (git-fixes).
- media: s5p-g2d: Fix a memory leak in an error handling path in
'g2d_probe()' (git-fixes).
- mlxsw: reg: Spectrum-3: Enforce lowest max-shaper burst size of 11
(bsc#1176774).
- mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk (git-fixes).
- module: limit enabling module.sig_enforce (git-fixes).
- net: mvpp2: add mvpp2_phylink_to_port() helper (bsc#1187171).
- net/mlx5: Consider RoCE cap before init RDMA resources (git-fixes).
- net/mlx5: E-Switch, Allow setting GUID for host PF vport (jsc#SLE-15172).
- net/mlx5: E-Switch, Read PF mac address (jsc#SLE-15172).
- net/mlx5: Fix PBMC register mapping (git-fixes).
- net/mlx5: Fix placement of log_max_flow_counter (git-fixes).
- net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa (git-fixes).
- net/mlx5: Reset mkey index on creation (jsc#SLE-15172).
- net/mlx5e: Block offload of outer header csum for UDP tunnels
(git-fixes).
- net/mlx5e: Fix page reclaim for dead peer hairpin (git-fixes).
- net/mlx5e: Remove dependency in IPsec initialization flows (git-fixes).
- net/nfc/rawsock.c: fix a permission check bug (git-fixes).
- net/sched: act_ct: handle DNAT tuple collision (bsc#1154353).
- net/x25: Return the correct errno code (git-fixes).
- netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
(git-fixes).
- NFS: Fix a potential NULL dereference in nfs_get_client() (git-fixes).
- NFS: Fix use-after-free in nfs4_init_client() (git-fixes).
- NFS: Fix deadlock between nfs4_evict_inode() and
nfs4_opendata_get_inode() (git-fixes).
- nvmem: rmem: fix undefined reference to memremap (git-fixes).
- ocfs2: fix data corruption by fallocate (bsc#1187412).
- PCI: aardvark: Do not rely on jiffies while holding spinlock (git-fixes).
- PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- perf/x86/intel/uncore: Fix a kernel WARNING triggered by maxcpus=1
(git-fixes).
- perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3
(bsc#1184685).
- powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not
set (jsc#SLE-13513 bsc#1176919 ltc#186162 git-fixes).
- qla2xxx: synchronize rport dev_loss_tmo setting (bsc#1182470
bsc#1185486).
- qlcnic: Fix an error handling path in 'qlcnic_probe()' (git-fixes).
- radeon: use memcpy_to/fromio for UVD fw upload (git-fixes).
- regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting
(git-fixes).
- Removed patch that was incorrectly added to SLE15-SP2 (bsc#1186949)
- Revert "ecryptfs: replace BUG_ON with error handling code" (bsc#1187413).
- Revert "ibmvnic: simplify reset_long_term_buff function" (bsc#1186206
ltc#191041).
- Revert "PCI: PM: Do not read power state in pci_enable_device_flags()"
(git-fixes).
- Revert "video: hgafb: fix potential NULL pointer dereference"
(git-fixes).
- Revert "video: imsttfb: fix potential NULL pointer dereferences"
(bsc#1152489)
- s390/dasd: add missing discipline function (git-fixes).
- s390/stack: fix possible register corruption with stack switch helper
(bsc#1185677).
- sched/debug: Fix cgroup_path[] serialization (git-fixes)
- sched/fair: Keep load_avg and load_sum synced (git-fixes)
- scsi: core: Fix race between handling STS_RESOURCE and completion
(bsc#1187883).
- scsi: fcoe: Fix mismatched fcoe_wwn_from_mac declaration (bsc#1187886).
- scsi: ufs: Fix imprecise load calculation in devfreq window
(bsc#1187795).
- SCSI: ufs: fix ktime_t kabi change (bsc#1187795).
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).
- spi: spi-nxp-fspi: move the register operation after the clock enable
(git-fixes).
- spi: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
- spi: stm32-qspi: Always wait BUSY bit to be cleared in
stm32_qspi_wait_cmd() (git-fixes).
- SUNRPC: Handle major timeout in xprt_adjust_timeout() (git-fixes).
- SUNRPC: Handle major timeout in xprt_adjust_timeout() (git-fixes).
- tracing: Correct the length check which causes memory corruption
(git-fixes).
- tracing: Do no increment trace_clock_global() by one (git-fixes).
- tracing: Do not stop recording cmdlines when tracing is off (git-fixes).
- tracing: Do not stop recording comms if the trace file is being read
(git-fixes).
- tracing: Restructure trace_clock_global() to never block (git-fixes).
- USB: core: hub: Disable autosuspend for Cypress CY7C65632 (git-fixes).
- USB: dwc3: core: fix kernel panic when do reboot (git-fixes).
- USB: dwc3: core: fix kernel panic when do reboot (git-fixes).
- USB: dwc3: debugfs: Add and remove endpoint dirs dynamically (git-fixes).
- USB: dwc3: ep0: fix NULL pointer exception (git-fixes).
- USB: f_ncm: only first packet of aggregate needs to start timer
(git-fixes).
- USB: f_ncm: only first packet of aggregate needs to start timer
(git-fixes).
- USB: fix various gadget panics on 10gbps cabling (git-fixes).
- USB: fix various gadget panics on 10gbps cabling (git-fixes).
- USB: gadget: eem: fix wrong eem header operation (git-fixes).
- USB: gadget: eem: fix wrong eem header operation (git-fixes).
- USB: gadget: f_fs: Ensure io_completion_wq is idle during unbind
(git-fixes).
- USB: gadget: f_fs: Ensure io_completion_wq is idle during unbind
(git-fixes).
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID (git-fixes).
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID (git-fixes).
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus (git-fixes).
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus (git-fixes).
- video: hgafb: correctly handle card detect failure during probe
(git-fixes).
- video: hgafb: fix potential NULL pointer dereference (git-fixes).
- vrf: fix maximum MTU (git-fixes).
- x86/elf: Use _BITUL() macro in UAPI headers (bsc#1178134).
- x86/fpu: Preserve supervisor states in sanitize_restored_user_xstate()
(bsc#1178134).
- x86/pkru: Write hardware init value to PKRU when xstate is init
(bsc#1152489).
- x86/process: Check PF_KTHREAD and not current->mm for kernel threads
(bsc#1152489).
- xen-blkback: fix compatibility bug with single page rings (git-fixes).
- xen-pciback: reconfigure also from backend watch handler (git-fixes).
- xen-pciback: redo VF placement in the virtual topology (git-fixes).
- xen/evtchn: Change irq_info lock to raw_spinlock_t (git-fixes).
- xfrm: policy: Read seqcount outside of rcu-read side in
xfrm_policy_lookup_bytype (bsc#1185675).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2352=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-59.13.1
cluster-md-kmp-default-debuginfo-5.3.18-59.13.1
dlm-kmp-default-5.3.18-59.13.1
dlm-kmp-default-debuginfo-5.3.18-59.13.1
gfs2-kmp-default-5.3.18-59.13.1
gfs2-kmp-default-debuginfo-5.3.18-59.13.1
kernel-default-5.3.18-59.13.1
kernel-default-base-5.3.18-59.13.1.18.6.1
kernel-default-base-rebuild-5.3.18-59.13.1.18.6.1
kernel-default-debuginfo-5.3.18-59.13.1
kernel-default-debugsource-5.3.18-59.13.1
kernel-default-devel-5.3.18-59.13.1
kernel-default-devel-debuginfo-5.3.18-59.13.1
kernel-default-extra-5.3.18-59.13.1
kernel-default-extra-debuginfo-5.3.18-59.13.1
kernel-default-livepatch-5.3.18-59.13.1
kernel-default-livepatch-devel-5.3.18-59.13.1
kernel-default-optional-5.3.18-59.13.1
kernel-default-optional-debuginfo-5.3.18-59.13.1
kernel-obs-build-5.3.18-59.13.1
kernel-obs-build-debugsource-5.3.18-59.13.1
kernel-obs-qa-5.3.18-59.13.1
kernel-syms-5.3.18-59.13.1
kselftests-kmp-default-5.3.18-59.13.1
kselftests-kmp-default-debuginfo-5.3.18-59.13.1
ocfs2-kmp-default-5.3.18-59.13.1
ocfs2-kmp-default-debuginfo-5.3.18-59.13.1
reiserfs-kmp-default-5.3.18-59.13.1
reiserfs-kmp-default-debuginfo-5.3.18-59.13.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-59.13.1
kernel-debug-debuginfo-5.3.18-59.13.1
kernel-debug-debugsource-5.3.18-59.13.1
kernel-debug-devel-5.3.18-59.13.1
kernel-debug-devel-debuginfo-5.3.18-59.13.1
kernel-debug-livepatch-devel-5.3.18-59.13.1
kernel-kvmsmall-5.3.18-59.13.1
kernel-kvmsmall-debuginfo-5.3.18-59.13.1
kernel-kvmsmall-debugsource-5.3.18-59.13.1
kernel-kvmsmall-devel-5.3.18-59.13.1
kernel-kvmsmall-devel-debuginfo-5.3.18-59.13.1
kernel-kvmsmall-livepatch-devel-5.3.18-59.13.1
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-59.13.1
cluster-md-kmp-preempt-debuginfo-5.3.18-59.13.1
dlm-kmp-preempt-5.3.18-59.13.1
dlm-kmp-preempt-debuginfo-5.3.18-59.13.1
gfs2-kmp-preempt-5.3.18-59.13.1
gfs2-kmp-preempt-debuginfo-5.3.18-59.13.1
kernel-preempt-5.3.18-59.13.1
kernel-preempt-debuginfo-5.3.18-59.13.1
kernel-preempt-debugsource-5.3.18-59.13.1
kernel-preempt-devel-5.3.18-59.13.1
kernel-preempt-devel-debuginfo-5.3.18-59.13.1
kernel-preempt-extra-5.3.18-59.13.1
kernel-preempt-extra-debuginfo-5.3.18-59.13.1
kernel-preempt-livepatch-devel-5.3.18-59.13.1
kernel-preempt-optional-5.3.18-59.13.1
kernel-preempt-optional-debuginfo-5.3.18-59.13.1
kselftests-kmp-preempt-5.3.18-59.13.1
kselftests-kmp-preempt-debuginfo-5.3.18-59.13.1
ocfs2-kmp-preempt-5.3.18-59.13.1
ocfs2-kmp-preempt-debuginfo-5.3.18-59.13.1
reiserfs-kmp-preempt-5.3.18-59.13.1
reiserfs-kmp-preempt-debuginfo-5.3.18-59.13.1
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-59.13.1
cluster-md-kmp-64kb-debuginfo-5.3.18-59.13.1
dlm-kmp-64kb-5.3.18-59.13.1
dlm-kmp-64kb-debuginfo-5.3.18-59.13.1
gfs2-kmp-64kb-5.3.18-59.13.1
gfs2-kmp-64kb-debuginfo-5.3.18-59.13.1
kernel-64kb-5.3.18-59.13.1
kernel-64kb-debuginfo-5.3.18-59.13.1
kernel-64kb-debugsource-5.3.18-59.13.1
kernel-64kb-devel-5.3.18-59.13.1
kernel-64kb-devel-debuginfo-5.3.18-59.13.1
kernel-64kb-extra-5.3.18-59.13.1
kernel-64kb-extra-debuginfo-5.3.18-59.13.1
kernel-64kb-livepatch-devel-5.3.18-59.13.1
kernel-64kb-optional-5.3.18-59.13.1
kernel-64kb-optional-debuginfo-5.3.18-59.13.1
kselftests-kmp-64kb-5.3.18-59.13.1
kselftests-kmp-64kb-debuginfo-5.3.18-59.13.1
ocfs2-kmp-64kb-5.3.18-59.13.1
ocfs2-kmp-64kb-debuginfo-5.3.18-59.13.1
reiserfs-kmp-64kb-5.3.18-59.13.1
reiserfs-kmp-64kb-debuginfo-5.3.18-59.13.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-59.13.1
kernel-docs-5.3.18-59.13.1
kernel-docs-html-5.3.18-59.13.1
kernel-macros-5.3.18-59.13.1
kernel-source-5.3.18-59.13.1
kernel-source-vanilla-5.3.18-59.13.1
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-59.13.1
kernel-zfcpdump-debuginfo-5.3.18-59.13.1
kernel-zfcpdump-debugsource-5.3.18-59.13.1
References:
https://www.suse.com/security/cve/CVE-2021-0512.html
https://www.suse.com/security/cve/CVE-2021-0605.html
https://www.suse.com/security/cve/CVE-2021-33624.html
https://www.suse.com/security/cve/CVE-2021-34693.html
https://www.suse.com/security/cve/CVE-2021-3573.html
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153274
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1155518
https://bugzilla.suse.com/1164648
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1176919
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1182470
https://bugzilla.suse.com/1184212
https://bugzilla.suse.com/1184685
https://bugzilla.suse.com/1185486
https://bugzilla.suse.com/1185675
https://bugzilla.suse.com/1185677
https://bugzilla.suse.com/1186206
https://bugzilla.suse.com/1186666
https://bugzilla.suse.com/1186949
https://bugzilla.suse.com/1187171
https://bugzilla.suse.com/1187263
https://bugzilla.suse.com/1187356
https://bugzilla.suse.com/1187402
https://bugzilla.suse.com/1187403
https://bugzilla.suse.com/1187404
https://bugzilla.suse.com/1187407
https://bugzilla.suse.com/1187408
https://bugzilla.suse.com/1187409
https://bugzilla.suse.com/1187410
https://bugzilla.suse.com/1187411
https://bugzilla.suse.com/1187412
https://bugzilla.suse.com/1187413
https://bugzilla.suse.com/1187452
https://bugzilla.suse.com/1187554
https://bugzilla.suse.com/1187595
https://bugzilla.suse.com/1187601
https://bugzilla.suse.com/1187795
https://bugzilla.suse.com/1187867
https://bugzilla.suse.com/1187883
https://bugzilla.suse.com/1187886
https://bugzilla.suse.com/1187927
https://bugzilla.suse.com/1187972
https://bugzilla.suse.com/1187980
1
0
openSUSE-SU-2021:2327-1: important: Security update for nodejs12
by opensuse-security@opensuse.org 14 Jul '21
by opensuse-security@opensuse.org 14 Jul '21
14 Jul '21
openSUSE Security Update: Security update for nodejs12
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2327-1
Rating: important
References: #1183851 #1183852 #1184450 #1187973 #1187976
#1187977
Cross-References: CVE-2020-7774 CVE-2021-22918 CVE-2021-23362
CVE-2021-27290 CVE-2021-3449 CVE-2021-3450
CVSS scores:
CVE-2020-7774 (NVD) : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-23362 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-23362 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-27290 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-27290 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3449 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3449 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3450 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-3450 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for nodejs12 fixes the following issues:
- update to 12.22.2:
- CVE-2021-22918: Out of bounds read (bsc#1187973)
- CVE-2021-23362: ssri Regular Expression Denial of Service and
hosted-git-info (bsc#1187977)
- CVE-2021-27290: Regular Expression Denial of Service (bsc#1187976)
- CVE-2021-3450: OpenSSL - CA certificate check bypass with
X509_V_FLAG_X509_STRICT (bsc#1183851)
- CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms
processing (bsc#1183852)
- CVE-2020-7774: npm - Update y18n to fix Prototype-Pollution (bsc#1184450)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2327=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.2-4.16.1
nodejs12-debuginfo-12.22.2-4.16.1
nodejs12-debugsource-12.22.2-4.16.1
nodejs12-devel-12.22.2-4.16.1
npm12-12.22.2-4.16.1
- openSUSE Leap 15.3 (noarch):
nodejs12-docs-12.22.2-4.16.1
References:
https://www.suse.com/security/cve/CVE-2020-7774.html
https://www.suse.com/security/cve/CVE-2021-22918.html
https://www.suse.com/security/cve/CVE-2021-23362.html
https://www.suse.com/security/cve/CVE-2021-27290.html
https://www.suse.com/security/cve/CVE-2021-3449.html
https://www.suse.com/security/cve/CVE-2021-3450.html
https://bugzilla.suse.com/1183851
https://bugzilla.suse.com/1183852
https://bugzilla.suse.com/1184450
https://bugzilla.suse.com/1187973
https://bugzilla.suse.com/1187976
https://bugzilla.suse.com/1187977
1
0
openSUSE-SU-2021:2320-1: important: Security update for sqlite3
by opensuse-security@opensuse.org 14 Jul '21
by opensuse-security@opensuse.org 14 Jul '21
14 Jul '21
openSUSE Security Update: Security update for sqlite3
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2320-1
Rating: important
References: #1157818 #1158812 #1158958 #1158959 #1158960
#1159491 #1159715 #1159847 #1159850 #1160309
#1160438 #1160439 #1164719 #1172091 #1172115
#1172234 #1172236 #1172240 #1173641 #928700
#928701 SLE-16032
Cross-References: CVE-2015-3414 CVE-2015-3415 CVE-2019-19244
CVE-2019-19317 CVE-2019-19603 CVE-2019-19645
CVE-2019-19646 CVE-2019-19880 CVE-2019-19923
CVE-2019-19924 CVE-2019-19925 CVE-2019-19926
CVE-2019-19959 CVE-2019-20218 CVE-2020-13434
CVE-2020-13435 CVE-2020-13630 CVE-2020-13631
CVE-2020-13632 CVE-2020-15358 CVE-2020-9327
CVSS scores:
CVE-2019-19244 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19244 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19317 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-19317 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2019-19603 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19603 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19645 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19645 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19646 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-19646 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE-2019-19880 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19923 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19923 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE-2019-19924 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2019-19924 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2019-19925 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19925 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2019-19926 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19926 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-19959 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2019-19959 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2019-20218 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2019-20218 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-13434 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-13434 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-13435 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-13435 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2020-13630 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-13630 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CVE-2020-13631 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2020-13631 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2020-13632 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-13632 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2020-15358 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-15358 (SUSE): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE-2020-9327 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-9327 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 21 vulnerabilities, contains one
feature is now available.
Description:
This update for sqlite3 fixes the following issues:
- Update to version 3.36.0
- CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to
mishandling of query-flattener
optimization (bsc#1173641)
- CVE-2020-9327: NULL pointer dereference and segmentation fault because
of generated column optimizations in isAuxiliaryVtabOperator
(bsc#1164719)
- CVE-2019-20218: selectExpander in select.c proceeds with WITH stack
unwinding even after a parsing error (bsc#1160439)
- CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving
embedded '\0' input (bsc#1160438)
- CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT
in flattenSubquery may lead to null pointer dereference (bsc#1160309)
- CVE-2019-19924: improper error handling in sqlite3WindowRewrite()
(bsc#1159850)
- CVE-2019-19925: improper handling of NULL pathname during an update of a
ZIP archive (bsc#1159847)
- CVE-2019-19926: improper handling of certain errors during parsing
multiSelect in select.c (bsc#1159715)
- CVE-2019-19880: exprListAppendList in window.c allows attackers to
trigger an invalid pointer dereference (bsc#1159491)
- CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW
statements, does not consider confusion with a shadow table name
(bsc#1158960)
- CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check
PRAGMA command in certain cases of generated columns (bsc#1158959)
- CVE-2019-19645: alter.c allows attackers to trigger infinite recursion
via certain types of self-referential views in conjunction with ALTER
TABLE statements (bsc#1158958)
- CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed
bitmask in the case of a generated column, which allows attackers to
cause a denial of service (bsc#1158812)
- CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in
select.c allows a crash if a sub-select uses both DISTINCT and window
functions, and also has certain ORDER BY usage (bsc#1157818)
- CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability
(bsc#928701)
- CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names
(bsc#928700)
- CVE-2020-13434: integer overflow in sqlite3_str_vappendf (bsc#1172115)
- CVE-2020-13630: (bsc#1172234: use-after-free in fts3EvalNextRow
- CVE-2020-13631: virtual table allowed to be renamed to one of its shadow
tables (bsc#1172236)
- CVE-2020-13632: NULL pointer dereference via crafted matchinfo() query
(bsc#1172240)
- CVE-2020-13435: Malicious SQL statements could have crashed the process
that is running SQLite (bsc#1172091)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2320=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libsqlite3-0-3.36.0-3.12.1
libsqlite3-0-debuginfo-3.36.0-3.12.1
sqlite3-3.36.0-3.12.1
sqlite3-debuginfo-3.36.0-3.12.1
sqlite3-debugsource-3.36.0-3.12.1
sqlite3-devel-3.36.0-3.12.1
- openSUSE Leap 15.3 (noarch):
sqlite3-doc-3.36.0-3.12.1
- openSUSE Leap 15.3 (x86_64):
libsqlite3-0-32bit-3.36.0-3.12.1
libsqlite3-0-32bit-debuginfo-3.36.0-3.12.1
References:
https://www.suse.com/security/cve/CVE-2015-3414.html
https://www.suse.com/security/cve/CVE-2015-3415.html
https://www.suse.com/security/cve/CVE-2019-19244.html
https://www.suse.com/security/cve/CVE-2019-19317.html
https://www.suse.com/security/cve/CVE-2019-19603.html
https://www.suse.com/security/cve/CVE-2019-19645.html
https://www.suse.com/security/cve/CVE-2019-19646.html
https://www.suse.com/security/cve/CVE-2019-19880.html
https://www.suse.com/security/cve/CVE-2019-19923.html
https://www.suse.com/security/cve/CVE-2019-19924.html
https://www.suse.com/security/cve/CVE-2019-19925.html
https://www.suse.com/security/cve/CVE-2019-19926.html
https://www.suse.com/security/cve/CVE-2019-19959.html
https://www.suse.com/security/cve/CVE-2019-20218.html
https://www.suse.com/security/cve/CVE-2020-13434.html
https://www.suse.com/security/cve/CVE-2020-13435.html
https://www.suse.com/security/cve/CVE-2020-13630.html
https://www.suse.com/security/cve/CVE-2020-13631.html
https://www.suse.com/security/cve/CVE-2020-13632.html
https://www.suse.com/security/cve/CVE-2020-15358.html
https://www.suse.com/security/cve/CVE-2020-9327.html
https://bugzilla.suse.com/1157818
https://bugzilla.suse.com/1158812
https://bugzilla.suse.com/1158958
https://bugzilla.suse.com/1158959
https://bugzilla.suse.com/1158960
https://bugzilla.suse.com/1159491
https://bugzilla.suse.com/1159715
https://bugzilla.suse.com/1159847
https://bugzilla.suse.com/1159850
https://bugzilla.suse.com/1160309
https://bugzilla.suse.com/1160438
https://bugzilla.suse.com/1160439
https://bugzilla.suse.com/1164719
https://bugzilla.suse.com/1172091
https://bugzilla.suse.com/1172115
https://bugzilla.suse.com/1172234
https://bugzilla.suse.com/1172236
https://bugzilla.suse.com/1172240
https://bugzilla.suse.com/1173641
https://bugzilla.suse.com/928700
https://bugzilla.suse.com/928701
1
0
openSUSE-SU-2021:2322-1: important: Security update for ffmpeg
by opensuse-security@opensuse.org 14 Jul '21
by opensuse-security@opensuse.org 14 Jul '21
14 Jul '21
openSUSE Security Update: Security update for ffmpeg
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2322-1
Rating: important
References: #1172640 #1186406 #1186583 #1186586 #1186587
#1186596 #1186597 #1186598 #1186600 #1186603
#1186604 #1186605 #1186613 #1186614 #1186615
#1186616 #1186658 #1186660 #1186757 #1186758
#1186762 #1186763
Cross-References: CVE-2019-17539 CVE-2020-13904 CVE-2020-20448
CVE-2020-20451 CVE-2020-21041 CVE-2020-22015
CVE-2020-22016 CVE-2020-22017 CVE-2020-22019
CVE-2020-22020 CVE-2020-22021 CVE-2020-22022
CVE-2020-22023 CVE-2020-22025 CVE-2020-22026
CVE-2020-22031 CVE-2020-22032 CVE-2020-22033
CVE-2020-22034 CVE-2020-22038 CVE-2020-22039
CVE-2020-22043 CVE-2020-22044
CVSS scores:
CVE-2019-17539 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-17539 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-13904 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-13904 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
CVE-2020-20448 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-20451 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-20451 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-21041 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22015 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22015 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22016 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22016 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2020-22017 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22017 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22019 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22019 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22020 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22020 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22021 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22021 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22022 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22022 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22023 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22023 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22025 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22025 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22026 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22026 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22031 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22031 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22032 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22033 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22033 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22034 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2020-22034 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22038 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22039 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22043 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2020-22044 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 23 vulnerabilities is now available.
Description:
This update for ffmpeg fixes the following issues:
- CVE-2020-13904: Fixed use-after-free via a crafted EXTINF duration in an
m3u8 file (bsc#1172640).
- CVE-2020-21041: Fixed buffer overflow vulnerability via
apng_do_inverse_blend in libavcodec/pngenc.c (bsc#1186406).
- CVE-2019-17539: Fixed NULL pointer dereference in avcodec_open2 in
libavcodec/utils.c (bsc# 1154065).
- CVE-2020-22026: Fixed buffer overflow vulnerability in config_input() at
libavfilter/af_tremolo.c (bsc#1186583).
- CVE-2020-22021: Fixed buffer overflow vulnerability in filter_edges
function in libavfilter/vf_yadif.c (bsc#1186586).
- CVE-2020-22020: Fixed buffer overflow vulnerability in build_diff_map()
in libavfilter/vf_fieldmatch.c (bsc#1186587).
- CVE-2020-22015: Fixed buffer overflow vulnerability in
mov_write_video_tag() due to the out of bounds in libavformat/movenc.c
(bsc#1186596).
- CVE-2020-22016: Fixed a heap-based Buffer Overflow vulnerability at
libavcodec/get_bits.h when writing .mov files (bsc#1186598).
- CVE-2020-22017: Fixed a heap-based Buffer Overflow vulnerability in
ff_fill_rectangle() in libavfilter/drawutils.c (bsc#1186600).
- CVE-2020-22022: Fixed a heap-based Buffer Overflow vulnerability in
filter_frame at libavfilter/vf_fieldorder.c (bsc#1186603).
- CVE-2020-22023: Fixed a heap-based Buffer Overflow vulnerability in
filter_frame at libavfilter/vf_bitplanenoise.c (bsc#1186604)
- CVE-2020-22025: Fixed a heap-based Buffer Overflow vulnerability in
gaussian_blur at libavfilter/vf_edgedetect.c (bsc#1186605).
- CVE-2020-22031: Fixed a heap-based Buffer Overflow vulnerability at
libavfilter/vf_w3fdif.c in filter16_complex_low() (bsc#1186613).
- CVE-2020-22032: Fixed a heap-based Buffer Overflow vulnerability at
libavfilter/vf_edgedetect.c in gaussian_blur() (bsc#1186614).
- CVE-2020-22034: Fixed a heap-based Buffer Overflow vulnerability at
libavfilter/vf_floodfill.c (bsc#1186616).
- CVE-2020-20451: Fixed denial of service issue due to resource management
errors via fftools/cmdutils.c (bsc#1186658).
- CVE-2020-20448: Fixed divide by zero issue via libavcodec/ratecontrol.c
(bsc#1186660).
- CVE-2020-22038: Fixed denial of service vulnerability due to a memory
leak in the ff_v4l2_m2m_create_context function in v4l2_m2m.c
(bsc#1186757).
- CVE-2020-22039: Fixed denial of service vulnerability due to a memory
leak in the inavi_add_ientry function (bsc#1186758).
- CVE-2020-22043: Fixed denial of service vulnerability due to a memory
leak at the fifo_alloc_common function in libavutil/fifo.c (bsc#1186762).
- CVE-2020-22044: Fixed denial of service vulnerability due to a memory
leak in the url_open_dyn_buf_internal function in libavformat/aviobuf.c
(bsc#1186763).
- CVE-2020-22033,CVE-2020-22019: Fixed a heap-based Buffer Overflow
Vulnerability at libavfilter/vf_vmafmotion.c in convolution_y_8bit() and
in convolution_y_10bit() in libavfilter/vf_vmafmotion.c (bsc#1186615,
bsc#1186597).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2322=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ffmpeg-3.4.2-11.3.1
ffmpeg-debuginfo-3.4.2-11.3.1
ffmpeg-debugsource-3.4.2-11.3.1
ffmpeg-private-devel-3.4.2-11.3.1
libavcodec-devel-3.4.2-11.3.1
libavcodec57-3.4.2-11.3.1
libavcodec57-debuginfo-3.4.2-11.3.1
libavdevice-devel-3.4.2-11.3.1
libavdevice57-3.4.2-11.3.1
libavdevice57-debuginfo-3.4.2-11.3.1
libavfilter-devel-3.4.2-11.3.1
libavfilter6-3.4.2-11.3.1
libavfilter6-debuginfo-3.4.2-11.3.1
libavformat-devel-3.4.2-11.3.1
libavformat57-3.4.2-11.3.1
libavformat57-debuginfo-3.4.2-11.3.1
libavresample-devel-3.4.2-11.3.1
libavresample3-3.4.2-11.3.1
libavresample3-debuginfo-3.4.2-11.3.1
libavutil-devel-3.4.2-11.3.1
libavutil55-3.4.2-11.3.1
libavutil55-debuginfo-3.4.2-11.3.1
libpostproc-devel-3.4.2-11.3.1
libpostproc54-3.4.2-11.3.1
libpostproc54-debuginfo-3.4.2-11.3.1
libswresample-devel-3.4.2-11.3.1
libswresample2-3.4.2-11.3.1
libswresample2-debuginfo-3.4.2-11.3.1
libswscale-devel-3.4.2-11.3.1
libswscale4-3.4.2-11.3.1
libswscale4-debuginfo-3.4.2-11.3.1
- openSUSE Leap 15.3 (x86_64):
libavcodec57-32bit-3.4.2-11.3.1
libavcodec57-32bit-debuginfo-3.4.2-11.3.1
libavdevice57-32bit-3.4.2-11.3.1
libavdevice57-32bit-debuginfo-3.4.2-11.3.1
libavfilter6-32bit-3.4.2-11.3.1
libavfilter6-32bit-debuginfo-3.4.2-11.3.1
libavformat57-32bit-3.4.2-11.3.1
libavformat57-32bit-debuginfo-3.4.2-11.3.1
libavresample3-32bit-3.4.2-11.3.1
libavresample3-32bit-debuginfo-3.4.2-11.3.1
libavutil55-32bit-3.4.2-11.3.1
libavutil55-32bit-debuginfo-3.4.2-11.3.1
libpostproc54-32bit-3.4.2-11.3.1
libpostproc54-32bit-debuginfo-3.4.2-11.3.1
libswresample2-32bit-3.4.2-11.3.1
libswresample2-32bit-debuginfo-3.4.2-11.3.1
libswscale4-32bit-3.4.2-11.3.1
libswscale4-32bit-debuginfo-3.4.2-11.3.1
References:
https://www.suse.com/security/cve/CVE-2019-17539.html
https://www.suse.com/security/cve/CVE-2020-13904.html
https://www.suse.com/security/cve/CVE-2020-20448.html
https://www.suse.com/security/cve/CVE-2020-20451.html
https://www.suse.com/security/cve/CVE-2020-21041.html
https://www.suse.com/security/cve/CVE-2020-22015.html
https://www.suse.com/security/cve/CVE-2020-22016.html
https://www.suse.com/security/cve/CVE-2020-22017.html
https://www.suse.com/security/cve/CVE-2020-22019.html
https://www.suse.com/security/cve/CVE-2020-22020.html
https://www.suse.com/security/cve/CVE-2020-22021.html
https://www.suse.com/security/cve/CVE-2020-22022.html
https://www.suse.com/security/cve/CVE-2020-22023.html
https://www.suse.com/security/cve/CVE-2020-22025.html
https://www.suse.com/security/cve/CVE-2020-22026.html
https://www.suse.com/security/cve/CVE-2020-22031.html
https://www.suse.com/security/cve/CVE-2020-22032.html
https://www.suse.com/security/cve/CVE-2020-22033.html
https://www.suse.com/security/cve/CVE-2020-22034.html
https://www.suse.com/security/cve/CVE-2020-22038.html
https://www.suse.com/security/cve/CVE-2020-22039.html
https://www.suse.com/security/cve/CVE-2020-22043.html
https://www.suse.com/security/cve/CVE-2020-22044.html
https://bugzilla.suse.com/1172640
https://bugzilla.suse.com/1186406
https://bugzilla.suse.com/1186583
https://bugzilla.suse.com/1186586
https://bugzilla.suse.com/1186587
https://bugzilla.suse.com/1186596
https://bugzilla.suse.com/1186597
https://bugzilla.suse.com/1186598
https://bugzilla.suse.com/1186600
https://bugzilla.suse.com/1186603
https://bugzilla.suse.com/1186604
https://bugzilla.suse.com/1186605
https://bugzilla.suse.com/1186613
https://bugzilla.suse.com/1186614
https://bugzilla.suse.com/1186615
https://bugzilla.suse.com/1186616
https://bugzilla.suse.com/1186658
https://bugzilla.suse.com/1186660
https://bugzilla.suse.com/1186757
https://bugzilla.suse.com/1186758
https://bugzilla.suse.com/1186762
https://bugzilla.suse.com/1186763
1
0
openSUSE-SU-2021:1043-1: moderate: Security update for qemu
by opensuse-security@opensuse.org 14 Jul '21
by opensuse-security@opensuse.org 14 Jul '21
14 Jul '21
openSUSE Security Update: Security update for qemu
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1043-1
Rating: moderate
References: #1149813 #1163019 #1172380 #1175534 #1176681
#1178683 #1178935 #1179477 #1179484 #1182846
#1182975 #1183979 #1184574 #1185591 #1185981
#1185990 #1186010 #1186290 #1187013 SLE-17785
Cross-References: CVE-2019-15890 CVE-2020-10756 CVE-2020-14364
CVE-2020-25085 CVE-2020-25707 CVE-2020-25723
CVE-2020-29129 CVE-2020-29130 CVE-2020-8608
CVE-2021-20257 CVE-2021-3419 CVE-2021-3544
CVE-2021-3545 CVE-2021-3546
CVSS scores:
CVE-2019-15890 (SUSE): 5.8 CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2020-10756 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2020-10756 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2020-14364 (NVD) : 5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-14364 (SUSE): 5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-25085 (NVD) : 5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-25085 (SUSE): 5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-25707 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2020-25723 (NVD) : 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
CVE-2020-25723 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
CVE-2020-29129 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2020-29129 (SUSE): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CVE-2020-29130 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2020-29130 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2020-8608 (NVD) : 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2020-8608 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
CVE-2021-20257 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
CVE-2021-3419 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3544 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-3544 (SUSE): 5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3545 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2021-3545 (SUSE): 5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVE-2021-3546 (NVD) : 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-3546 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that solves 14 vulnerabilities, contains one
feature and has 5 fixes is now available.
Description:
This update for qemu fixes the following issues:
Security issues fixed:
- CVE-2021-3546: Fix out-of-bounds write in virgl_cmd_get_capset
(bsc#1185981)
- CVE-2021-3544: Fix memory leaks found in the virtio vhost-user GPU
device (bsc#1186010)
- CVE-2021-3545: Fix information disclosure due to uninitialized memory
read (bsc#1185990)
- CVE-2020-25085: Fix out-of-bounds access issue while doing multi block
SDMA (bsc#1176681)
- CVE-2020-10756: Fix out-of-bounds read information disclosure in
icmp6_send_echoreply(bsc#1172380)
- For the record, these issues are fixed in this package already. Most are
alternate references to previously mentioned issues: (CVE-2019-15890,
bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534,
CVE-2020-25707, bsc#1178683, CVE-2020-25723, bsc#1178935,
CVE-2020-29130, bsc#1179477, CVE-2020-29129, bsc#1179484,
CVE-2021-20257, bsc#1182846, CVE-2021-3419, bsc#1182975)
Non-security issues fixed:
- Fix issue where s390 guest fails to find zipl boot menu index
(bsc#1183979)
- QEMU BIOS fails to read stage2 loader on s390x (bsc#1186290)
- Host CPU microcode revision will be visible inside VMs when the proper
CPU-model is used (jsc#SLE-17785):
- Fix testsuite error (bsc#1184574)
- Fix qemu crash with iothread when block commit after snapshot
(bsc#1187013)
- Fix qemu hang while cancelling migrating hugepage vm (bsc#1185591)
- Use RCU to avoid race during scsi hotplug/hotunplug (bsc#1184574)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1043=1
Package List:
- openSUSE Leap 15.2 (x86_64):
qemu-4.2.1-lp152.9.16.2
qemu-arm-4.2.1-lp152.9.16.2
qemu-arm-debuginfo-4.2.1-lp152.9.16.2
qemu-audio-alsa-4.2.1-lp152.9.16.2
qemu-audio-alsa-debuginfo-4.2.1-lp152.9.16.2
qemu-audio-pa-4.2.1-lp152.9.16.2
qemu-audio-pa-debuginfo-4.2.1-lp152.9.16.2
qemu-audio-sdl-4.2.1-lp152.9.16.2
qemu-audio-sdl-debuginfo-4.2.1-lp152.9.16.2
qemu-block-curl-4.2.1-lp152.9.16.2
qemu-block-curl-debuginfo-4.2.1-lp152.9.16.2
qemu-block-dmg-4.2.1-lp152.9.16.2
qemu-block-dmg-debuginfo-4.2.1-lp152.9.16.2
qemu-block-gluster-4.2.1-lp152.9.16.2
qemu-block-gluster-debuginfo-4.2.1-lp152.9.16.2
qemu-block-iscsi-4.2.1-lp152.9.16.2
qemu-block-iscsi-debuginfo-4.2.1-lp152.9.16.2
qemu-block-nfs-4.2.1-lp152.9.16.2
qemu-block-nfs-debuginfo-4.2.1-lp152.9.16.2
qemu-block-rbd-4.2.1-lp152.9.16.2
qemu-block-rbd-debuginfo-4.2.1-lp152.9.16.2
qemu-block-ssh-4.2.1-lp152.9.16.2
qemu-block-ssh-debuginfo-4.2.1-lp152.9.16.2
qemu-debuginfo-4.2.1-lp152.9.16.2
qemu-debugsource-4.2.1-lp152.9.16.2
qemu-extra-4.2.1-lp152.9.16.2
qemu-extra-debuginfo-4.2.1-lp152.9.16.2
qemu-guest-agent-4.2.1-lp152.9.16.2
qemu-guest-agent-debuginfo-4.2.1-lp152.9.16.2
qemu-ksm-4.2.1-lp152.9.16.2
qemu-kvm-4.2.1-lp152.9.16.2
qemu-lang-4.2.1-lp152.9.16.2
qemu-linux-user-4.2.1-lp152.9.16.1
qemu-linux-user-debuginfo-4.2.1-lp152.9.16.1
qemu-linux-user-debugsource-4.2.1-lp152.9.16.1
qemu-ppc-4.2.1-lp152.9.16.2
qemu-ppc-debuginfo-4.2.1-lp152.9.16.2
qemu-s390-4.2.1-lp152.9.16.2
qemu-s390-debuginfo-4.2.1-lp152.9.16.2
qemu-testsuite-4.2.1-lp152.9.16.7
qemu-tools-4.2.1-lp152.9.16.2
qemu-tools-debuginfo-4.2.1-lp152.9.16.2
qemu-ui-curses-4.2.1-lp152.9.16.2
qemu-ui-curses-debuginfo-4.2.1-lp152.9.16.2
qemu-ui-gtk-4.2.1-lp152.9.16.2
qemu-ui-gtk-debuginfo-4.2.1-lp152.9.16.2
qemu-ui-sdl-4.2.1-lp152.9.16.2
qemu-ui-sdl-debuginfo-4.2.1-lp152.9.16.2
qemu-ui-spice-app-4.2.1-lp152.9.16.2
qemu-ui-spice-app-debuginfo-4.2.1-lp152.9.16.2
qemu-vhost-user-gpu-4.2.1-lp152.9.16.2
qemu-vhost-user-gpu-debuginfo-4.2.1-lp152.9.16.2
qemu-x86-4.2.1-lp152.9.16.2
qemu-x86-debuginfo-4.2.1-lp152.9.16.2
- openSUSE Leap 15.2 (noarch):
qemu-ipxe-1.0.0+-lp152.9.16.2
qemu-microvm-4.2.1-lp152.9.16.2
qemu-seabios-1.12.1+-lp152.9.16.2
qemu-sgabios-8-lp152.9.16.2
qemu-vgabios-1.12.1+-lp152.9.16.2
References:
https://www.suse.com/security/cve/CVE-2019-15890.html
https://www.suse.com/security/cve/CVE-2020-10756.html
https://www.suse.com/security/cve/CVE-2020-14364.html
https://www.suse.com/security/cve/CVE-2020-25085.html
https://www.suse.com/security/cve/CVE-2020-25707.html
https://www.suse.com/security/cve/CVE-2020-25723.html
https://www.suse.com/security/cve/CVE-2020-29129.html
https://www.suse.com/security/cve/CVE-2020-29130.html
https://www.suse.com/security/cve/CVE-2020-8608.html
https://www.suse.com/security/cve/CVE-2021-20257.html
https://www.suse.com/security/cve/CVE-2021-3419.html
https://www.suse.com/security/cve/CVE-2021-3544.html
https://www.suse.com/security/cve/CVE-2021-3545.html
https://www.suse.com/security/cve/CVE-2021-3546.html
https://bugzilla.suse.com/1149813
https://bugzilla.suse.com/1163019
https://bugzilla.suse.com/1172380
https://bugzilla.suse.com/1175534
https://bugzilla.suse.com/1176681
https://bugzilla.suse.com/1178683
https://bugzilla.suse.com/1178935
https://bugzilla.suse.com/1179477
https://bugzilla.suse.com/1179484
https://bugzilla.suse.com/1182846
https://bugzilla.suse.com/1182975
https://bugzilla.suse.com/1183979
https://bugzilla.suse.com/1184574
https://bugzilla.suse.com/1185591
https://bugzilla.suse.com/1185981
https://bugzilla.suse.com/1185990
https://bugzilla.suse.com/1186010
https://bugzilla.suse.com/1186290
https://bugzilla.suse.com/1187013
1
0
openSUSE-SU-2021:2305-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 13 Jul '21
by opensuse-security@opensuse.org 13 Jul '21
13 Jul '21
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2305-1
Rating: important
References: #1152489 #1153274 #1154353 #1155518 #1164648
#1176447 #1176774 #1176919 #1177028 #1178134
#1182470 #1183682 #1184212 #1184685 #1185486
#1185675 #1185677 #1186071 #1186206 #1186666
#1186949 #1187171 #1187263 #1187356 #1187402
#1187403 #1187404 #1187407 #1187408 #1187409
#1187410 #1187411 #1187412 #1187413 #1187452
#1187554 #1187595 #1187601 #1187795 #1187867
#1187883 #1187886 #1187927 #1187972 #1187980
Cross-References: CVE-2021-0512 CVE-2021-0605 CVE-2021-33624
CVE-2021-34693 CVE-2021-3573
CVSS scores:
CVE-2021-0512 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-0605 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVE-2021-0605 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33624 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-33624 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-34693 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-3573 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 5 vulnerabilities and has 40 fixes is
now available.
Description:
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-3573: Fixed an UAF vulnerability in function that can allow
attackers to corrupt kernel heaps and adopt further exploitations.
(bsc#1186666)
- CVE-2021-0605: Fixed an out-of-bounds read which could lead to local
information disclosure in the kernel with System execution privileges
needed. (bsc#1187601)
- CVE-2021-0512: Fixed a possible out-of-bounds write which could lead to
local escalation of privilege with no additional execution privileges
needed. (bsc#1187595)
- CVE-2021-33624: Fixed a bug which allows unprivileged BPF program to
leak the contents of arbitrary kernel memory (and therefore, of all
physical memory) via a side-channel. (bsc#1187554)
- CVE-2021-34693: Fixed a bug in net/can/bcm.c which could allow local
users to obtain sensitive information from kernel stack memory because
parts of a data structure are uninitialized. (bsc#1187452)
The following non-security bugs were fixed:
- 0001-x86-sched-Treat-Intel-SNC-topology-as-default-COD-as.patch:
(bsc#1187263).
- alx: Fix an error handling path in 'alx_probe()' (git-fixes).
- asm-generic/hyperv: Add missing function prototypes per -W1 warnings
(bsc#1186071).
- ASoC: fsl-asoc-card: Set .owner attribute when registering card
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Glavey TM800A550L tablet
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Lenovo Miix 3-830 tablet
(git-fixes).
- ASoC: max98088: fix ni clock divider calculation (git-fixes).
- ASoC: rt5659: Fix the lost powers for the HDA header (git-fixes).
- ASoC: rt5682: Fix the fast discharge for headset unplugging in soundwire
mode (git-fixes).
- ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (git-fixes).
- ASoC: tas2562: Fix TDM_CFG0_SAMPRATE values (git-fixes).
- batman-adv: Avoid WARN_ON timing related checks (git-fixes).
- be2net: Fix an error handling path in 'be_probe()' (git-fixes).
- block: Discard page cache of zone reset target range (bsc#1187402).
- Bluetooth: Add a new USB ID for RTL8822CE (git-fixes).
- Bluetooth: use correct lock to prevent UAF of hdev object (git-fixes).
- bnxt_en: Call bnxt_ethtool_free() in bnxt_init_one() error path
(jsc#SLE-8371 bsc#1153274).
- bnxt_en: Fix TQM fastpath ring backing store computation (jsc#SLE-8371
bsc#1153274).
- bnxt_en: Rediscover PHY capabilities after firmware reset (jsc#SLE-8371
bsc#1153274).
- bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
(bsc#1177028).
- bpf: Fix libelf endian handling in resolv_btfids (bsc#1177028).
- bpfilter: Specify the log level for the kmsg message (bsc#1155518).
- can: mcba_usb: fix memory leak in mcba_usb (git-fixes).
- ceph: must hold snap_rwsem when filling inode for async create
(bsc#1187927).
- cfg80211: avoid double free of PMSR request (git-fixes).
- cfg80211: make certificate generation more robust (git-fixes).
- cgroup1: do not allow '\n' in renaming (bsc#1187972).
- clocksource/drivers/hyper-v: Handle sched_clock differences inline
(bsc#1186071).
- clocksource/drivers/hyper-v: Move handling of STIMER0 interrupts
(bsc#1186071).
- clocksource/drivers/hyper-v: Set clocksource rating based on Hyper-V
feature (bsc#1186071).
- cxgb4: fix endianness when flashing boot image (jsc#SLE-15131).
- cxgb4: fix sleep in atomic when flashing PHY firmware (jsc#SLE-15131).
- cxgb4: fix wrong ethtool n-tuple rule lookup (jsc#SLE-15131).
- cxgb4: fix wrong shift (git-fixes).
- cxgb4: halt chip before flashing PHY firmware image (jsc#SLE-15131).
- dax: Add a wakeup mode parameter to put_unlocked_entry() (bsc#1187411).
- dax: Add an enum for specifying dax wakup mode (bsc#1187411).
- dax: fix ENOMEM handling in grab_mapping_entry() (bsc#1184212).
- dax: Wake up all waiters after invalidating dax entry (bsc#1187411).
- dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (git-fixes).
- dmaengine: fsl-dpaa2-qdma: Fix error return code in two functions
(git-fixes).
- dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc
(git-fixes).
- dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (git-fixes).
- dmaengine: stedma40: add missing iounmap() on error in d40_probe()
(git-fixes).
- drivers: hv: Create a consistent pattern for checking Hyper-V hypercall
status (bsc#1186071).
- drivers: hv: Fix EXPORT_SYMBOL and tab spaces issue (bsc#1186071).
- Drivers: hv: Redo Hyper-V synthetic MSR get/set functions (bsc#1186071).
- Drivers: hv: vmbus: Check for pending channel interrupts before taking a
CPU offline (bsc#1186071).
- Drivers: hv: vmbus: Drivers: hv: vmbus: Introduce
CHANNELMSG_MODIFYCHANNEL_RESPONSE (bsc#1186071).
- Drivers: hv: vmbus: Drop error message when 'No request id available'
(bsc#1183682).
- Drivers: hv: vmbus: Handle auto EOI quirk inline (bsc#1186071).
- Drivers: hv: vmbus: Introduce and negotiate VMBus protocol version 5.3
(bsc#1186071).
- Drivers: hv: vmbus: Move handling of VMbus interrupts (bsc#1186071).
- Drivers: hv: vmbus: Move hyperv_report_panic_msg to arch neutral code
(bsc#1186071).
- Drivers: hv: vmbus: remove unused function (bsc#1186071).
- Drivers: hv: vmbus: Remove unused linux/version.h header (bsc#1186071).
- drm/amd/amdgpu:save psp ring wptr to avoid attack (git-fixes).
- drm/amd/display: Allow bandwidth validation for 0 streams (git-fixes).
- drm/amd/display: Fix potential memory leak in DMUB hw_init (git-fixes).
- drm/amdgpu: refine amdgpu_fru_get_product_info (git-fixes).
- drm/sun4i: dw-hdmi: Make HDMI PHY into a platform device (git-fixes).
- drm/tegra: sor: Do not leak runtime PM reference (git-fixes).
- drm/vc4: hdmi: Make sure the controller is powered in detect (git-fixes).
- drm/vc4: hdmi: Move the HSM clock enable to runtime_pm (git-fixes).
- drm: Fix use-after-free read in drm_getunique() (git-fixes).
- drm: Lock pointer access in drm_master_release() (git-fixes).
- dt-bindings: reset: meson8b: fix duplicate reset IDs (git-fixes).
- ethtool: strset: fix message length calculation (bsc#1176447).
- ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed
(bsc#1187408).
- ext4: fix check to prevent false positive report of incorrect used
inodes (bsc#1187404).
- ext4: fix error code in ext4_commit_super (bsc#1187407).
- ext4: fix memory leak in ext4_fill_super (bsc#1187409).
- FCOE: fcoe_wwn_from_mac kABI fix (bsc#1187886).
- fs: fix reporting supported extra file attributes for statx()
(bsc#1187410).
- ftrace: Do not blindly read the ip address in ftrace_bug() (git-fixes).
- ftrace: Free the trampoline when ftrace_startup() fails (git-fixes).
- fuse: BUG_ON correction in fuse_dev_splice_write() (bsc#1187356).
- HID: Add BUS_VIRTUAL to hid_connect logging (git-fixes).
- HID: gt683r: add missing MODULE_DEVICE_TABLE (git-fixes).
- HID: hid-input: add mapping for emoji picker key (git-fixes).
- HID: hid-sensor-hub: Return error for hid_set_field() failure
(git-fixes).
- HID: quirks: Set INCREMENT_USAGE_ON_DUPLICATE for Saitek X65 (git-fixes).
- HID: usbhid: fix info leak in hid_submit_ctrl (git-fixes).
- HID: usbhid: Fix race between usbhid_close() and usbhid_stop()
(git-fixes).
- hv: hyperv.h: a few mundane typo fixes (bsc#1186071).
- hv_netvsc: Add a comment clarifying batching logic (bsc#1186071).
- hv_netvsc: Add error handling while switching data path (bsc#1186071).
- hv_netvsc: Make netvsc/VF binding check both MAC and serial number
(bsc#1186071).
- hwmon: (scpi-hwmon) shows the negative temperature properly (git-fixes).
- i2c: mpc: Make use of i2c_recover_bus() (git-fixes).
- ice: add ndo_bpf callback for safe mode netdev ops (jsc#SLE-7926).
- ice: parameterize functions responsible for Tx ring management
(jsc#SLE-12878).
- isdn: mISDN: netjet: Fix crash in nj_probe: (git-fixes).
- kernel-binary.spec.in: Regenerate makefile when not using mkmakefile.
- kernel: kexec_file: fix error return code of
kexec_calculate_store_digests() (git-fixes).
- kthread: prevent deadlock when kthread_mod_delayed_work() races with
kthread_cancel_delayed_work_sync() (bsc#1187867).
- kthread_worker: split code for canceling the delayed work timer
(bsc#1187867).
- kyber: fix out of bounds access when preempted (bsc#1187403).
- lib: vdso: Remove CROSS_COMPILE_COMPAT_VDSO (bsc#1164648,jsc#SLE-11493).
- media: mtk-mdp: Check return value of of_clk_get (git-fixes).
- media: mtk-mdp: Fix a refcounting bug on error in init (git-fixes).
- media: s5p-g2d: Fix a memory leak in an error handling path in
'g2d_probe()' (git-fixes).
- mlxsw: reg: Spectrum-3: Enforce lowest max-shaper burst size of 11
(bsc#1176774).
- mmc: meson-gx: use memcpy_to/fromio for dram-access-quirk (git-fixes).
- module: limit enabling module.sig_enforce (git-fixes).
- net/mlx5: Consider RoCE cap before init RDMA resources (git-fixes).
- net/mlx5: E-Switch, Allow setting GUID for host PF vport (jsc#SLE-15172).
- net/mlx5: E-Switch, Read PF mac address (jsc#SLE-15172).
- net/mlx5: Fix PBMC register mapping (git-fixes).
- net/mlx5: Fix placement of log_max_flow_counter (git-fixes).
- net/mlx5: Fix sleep while atomic in mlx5_eswitch_get_vepa (git-fixes).
- net/mlx5: Reset mkey index on creation (jsc#SLE-15172).
- net/mlx5e: Block offload of outer header csum for UDP tunnels
(git-fixes).
- net/mlx5e: Fix page reclaim for dead peer hairpin (git-fixes).
- net/mlx5e: Remove dependency in IPsec initialization flows (git-fixes).
- net/nfc/rawsock.c: fix a permission check bug (git-fixes).
- net/sched: act_ct: handle DNAT tuple collision (bsc#1154353).
- net/x25: Return the correct errno code (git-fixes).
- net: mvpp2: add mvpp2_phylink_to_port() helper (bsc#1187171).
- netxen_nic: Fix an error handling path in 'netxen_nic_probe()'
(git-fixes).
- NFS: Fix a potential NULL dereference in nfs_get_client() (git-fixes).
- NFS: Fix deadlock between nfs4_evict_inode() and
nfs4_opendata_get_inode() (git-fixes).
- NFS: Fix use-after-free in nfs4_init_client() (git-fixes).
- nvmem: rmem: fix undefined reference to memremap (git-fixes).
- ocfs2: fix data corruption by fallocate (bsc#1187412).
- PCI: aardvark: Do not rely on jiffies while holding spinlock (git-fixes).
- PCI: aardvark: Fix kernel panic during PIO transfer (git-fixes).
- PCI: Add ACS quirk for Broadcom BCM57414 NIC (git-fixes).
- PCI: hv: Drop msi_controller structure (bsc#1186071).
- PCI: Mark some NVIDIA GPUs to avoid bus reset (git-fixes).
- PCI: Mark TI C667X to avoid bus reset (git-fixes).
- PCI: Work around Huawei Intelligent NIC VF FLR erratum (git-fixes).
- perf/x86/intel/uncore: Fix a kernel WARNING triggered by maxcpus=1
(git-fixes).
- perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3
(bsc#1184685).
- powerpc/perf: Fix crash in perf_instruction_pointer() when ppmu is not
set (jsc#SLE-13513 bsc#1176919 ltc#186162 git-fixes).
- qla2xxx: synchronize rport dev_loss_tmo setting (bsc#1182470
bsc#1185486).
- qlcnic: Fix an error handling path in 'qlcnic_probe()' (git-fixes).
- radeon: use memcpy_to/fromio for UVD fw upload (git-fixes).
- regulator: bd70528: Fix off-by-one for buck123 .n_voltages setting
(git-fixes).
- Removed patch that was incorrectly added to SLE15-SP2 (bsc#1186949)
- Revert "ecryptfs: replace BUG_ON with error handling code" (bsc#1187413).
- Revert "ibmvnic: simplify reset_long_term_buff function" (bsc#1186206
ltc#191041).
- Revert "PCI: PM: Do not read power state in pci_enable_device_flags()"
(git-fixes).
- Revert "video: hgafb: fix potential NULL pointer dereference"
(git-fixes).
- Revert "video: imsttfb: fix potential NULL pointer dereferences"
(bsc#1152489)
- s390/dasd: add missing discipline function (git-fixes).
- s390/stack: fix possible register corruption with stack switch helper
(bsc#1185677).
- sched/debug: Fix cgroup_path[] serialization (git-fixes)
- sched/fair: Keep load_avg and load_sum synced (git-fixes)
- scsi: core: Fix race between handling STS_RESOURCE and completion
(bsc#1187883).
- scsi: fcoe: Fix mismatched fcoe_wwn_from_mac declaration (bsc#1187886).
- scsi: storvsc: Enable scatterlist entry lengths > 4Kbytes (bsc#1186071).
- scsi: storvsc: Parameterize number hardware queues (bsc#1186071).
- scsi: ufs: Fix imprecise load calculation in devfreq window
(bsc#1187795).
- SCSI: ufs: fix ktime_t kabi change (bsc#1187795).
- scsi: ufs: ufshcd-pltfrm depends on HAS_IOMEM (bsc#1187980).
- spi: spi-nxp-fspi: move the register operation after the clock enable
(git-fixes).
- spi: sprd: Add missing MODULE_DEVICE_TABLE (git-fixes).
- spi: stm32-qspi: Always wait BUSY bit to be cleared in
stm32_qspi_wait_cmd() (git-fixes).
- SUNRPC: Handle major timeout in xprt_adjust_timeout() (git-fixes).
- SUNRPC: Handle major timeout in xprt_adjust_timeout() (git-fixes).
- tracing: Correct the length check which causes memory corruption
(git-fixes).
- tracing: Do no increment trace_clock_global() by one (git-fixes).
- tracing: Do not stop recording cmdlines when tracing is off (git-fixes).
- tracing: Do not stop recording comms if the trace file is being read
(git-fixes).
- tracing: Restructure trace_clock_global() to never block (git-fixes).
- USB: core: hub: Disable autosuspend for Cypress CY7C65632 (git-fixes).
- USB: dwc3: core: fix kernel panic when do reboot (git-fixes).
- USB: dwc3: core: fix kernel panic when do reboot (git-fixes).
- USB: dwc3: debugfs: Add and remove endpoint dirs dynamically (git-fixes).
- USB: dwc3: ep0: fix NULL pointer exception (git-fixes).
- USB: f_ncm: only first packet of aggregate needs to start timer
(git-fixes).
- USB: f_ncm: only first packet of aggregate needs to start timer
(git-fixes).
- USB: fix various gadget panics on 10gbps cabling (git-fixes).
- USB: fix various gadget panics on 10gbps cabling (git-fixes).
- USB: gadget: eem: fix wrong eem header operation (git-fixes).
- USB: gadget: eem: fix wrong eem header operation (git-fixes).
- USB: gadget: f_fs: Ensure io_completion_wq is idle during unbind
(git-fixes).
- USB: gadget: f_fs: Ensure io_completion_wq is idle during unbind
(git-fixes).
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID (git-fixes).
- USB: serial: ftdi_sio: add NovaTech OrionMX product ID (git-fixes).
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus (git-fixes).
- USB: serial: omninet: add device id for Zyxel Omni 56K Plus (git-fixes).
- video: hgafb: correctly handle card detect failure during probe
(git-fixes).
- video: hgafb: fix potential NULL pointer dereference (git-fixes).
- vrf: fix maximum MTU (git-fixes).
- x86/elf: Use _BITUL() macro in UAPI headers (bsc#1178134).
- x86/fpu: Preserve supervisor states in sanitize_restored_user_xstate()
(bsc#1178134).
- x86/hyper-v: Move hv_message_type to architecture neutral module
- x86/hyperv: Fix unused variable 'hi' warning in hv_apic_read
(bsc#1186071).
- x86/hyperv: Fix unused variable 'msr_val' warning in hv_qlock_wait
(bsc#1186071).
- x86/hyperv: Move hv_do_rep_hypercall to asm-generic (bsc#1186071).
- x86/hyperv: remove unused linux/version.h header (bsc#1186071).
- x86/pkru: Write hardware init value to PKRU when xstate is init
(bsc#1152489).
- x86/process: Check PF_KTHREAD and not current->mm for kernel threads
(bsc#1152489).
- xen-blkback: fix compatibility bug with single page rings (git-fixes).
- xen-pciback: reconfigure also from backend watch handler (git-fixes).
- xen-pciback: redo VF placement in the virtual topology (git-fixes).
- xen/evtchn: Change irq_info lock to raw_spinlock_t (git-fixes).
- xfrm: policy: Read seqcount outside of rcu-read side in
xfrm_policy_lookup_bytype (bsc#1185675).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2305=1
Package List:
- openSUSE Leap 15.3 (noarch):
kernel-devel-azure-5.3.18-38.11.1
kernel-source-azure-5.3.18-38.11.1
- openSUSE Leap 15.3 (x86_64):
cluster-md-kmp-azure-5.3.18-38.11.1
cluster-md-kmp-azure-debuginfo-5.3.18-38.11.1
dlm-kmp-azure-5.3.18-38.11.1
dlm-kmp-azure-debuginfo-5.3.18-38.11.1
gfs2-kmp-azure-5.3.18-38.11.1
gfs2-kmp-azure-debuginfo-5.3.18-38.11.1
kernel-azure-5.3.18-38.11.1
kernel-azure-debuginfo-5.3.18-38.11.1
kernel-azure-debugsource-5.3.18-38.11.1
kernel-azure-devel-5.3.18-38.11.1
kernel-azure-devel-debuginfo-5.3.18-38.11.1
kernel-azure-extra-5.3.18-38.11.1
kernel-azure-extra-debuginfo-5.3.18-38.11.1
kernel-azure-livepatch-devel-5.3.18-38.11.1
kernel-azure-optional-5.3.18-38.11.1
kernel-azure-optional-debuginfo-5.3.18-38.11.1
kernel-syms-azure-5.3.18-38.11.1
kselftests-kmp-azure-5.3.18-38.11.1
kselftests-kmp-azure-debuginfo-5.3.18-38.11.1
ocfs2-kmp-azure-5.3.18-38.11.1
ocfs2-kmp-azure-debuginfo-5.3.18-38.11.1
reiserfs-kmp-azure-5.3.18-38.11.1
reiserfs-kmp-azure-debuginfo-5.3.18-38.11.1
References:
https://www.suse.com/security/cve/CVE-2021-0512.html
https://www.suse.com/security/cve/CVE-2021-0605.html
https://www.suse.com/security/cve/CVE-2021-33624.html
https://www.suse.com/security/cve/CVE-2021-34693.html
https://www.suse.com/security/cve/CVE-2021-3573.html
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153274
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1155518
https://bugzilla.suse.com/1164648
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1176919
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1182470
https://bugzilla.suse.com/1183682
https://bugzilla.suse.com/1184212
https://bugzilla.suse.com/1184685
https://bugzilla.suse.com/1185486
https://bugzilla.suse.com/1185675
https://bugzilla.suse.com/1185677
https://bugzilla.suse.com/1186071
https://bugzilla.suse.com/1186206
https://bugzilla.suse.com/1186666
https://bugzilla.suse.com/1186949
https://bugzilla.suse.com/1187171
https://bugzilla.suse.com/1187263
https://bugzilla.suse.com/1187356
https://bugzilla.suse.com/1187402
https://bugzilla.suse.com/1187403
https://bugzilla.suse.com/1187404
https://bugzilla.suse.com/1187407
https://bugzilla.suse.com/1187408
https://bugzilla.suse.com/1187409
https://bugzilla.suse.com/1187410
https://bugzilla.suse.com/1187411
https://bugzilla.suse.com/1187412
https://bugzilla.suse.com/1187413
https://bugzilla.suse.com/1187452
https://bugzilla.suse.com/1187554
https://bugzilla.suse.com/1187595
https://bugzilla.suse.com/1187601
https://bugzilla.suse.com/1187795
https://bugzilla.suse.com/1187867
https://bugzilla.suse.com/1187883
https://bugzilla.suse.com/1187886
https://bugzilla.suse.com/1187927
https://bugzilla.suse.com/1187972
https://bugzilla.suse.com/1187980
1
0
openSUSE-SU-2021:1031-1: important: Security update for jdom2
by opensuse-security@opensuse.org 13 Jul '21
by opensuse-security@opensuse.org 13 Jul '21
13 Jul '21
openSUSE Security Update: Security update for jdom2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1031-1
Rating: important
References: #1187446
Cross-References: CVE-2021-33813
CVSS scores:
CVE-2021-33813 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-33813 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jdom2 fixes the following issues:
- CVE-2021-33813: XXE issue in SAXBuilder can cause a denial of service
via a crafted HTTP request (bsc#1187446)
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1031=1
Package List:
- openSUSE Leap 15.2 (noarch):
jdom2-2.0.6-lp152.2.3.1
jdom2-javadoc-2.0.6-lp152.2.3.1
References:
https://www.suse.com/security/cve/CVE-2021-33813.html
https://bugzilla.suse.com/1187446
1
0
openSUSE-SU-2021:2291-1: moderate: Security update for bluez
by opensuse-security@opensuse.org 12 Jul '21
by opensuse-security@opensuse.org 12 Jul '21
12 Jul '21
openSUSE Security Update: Security update for bluez
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2291-1
Rating: moderate
References: #1186463
Cross-References: CVE-2020-26558 CVE-2021-0129
CVSS scores:
CVE-2020-26558 (NVD) : 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-26558 (SUSE): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2021-0129 (NVD) : 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-0129 (SUSE): 6.4 CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for bluez fixes the following issues:
- CVE-2021-0129,CVE-2020-26558: Check bluetooth security flags
(bsc#1186463).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2291=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
bluez-5.55-3.3.1
bluez-cups-5.55-3.3.1
bluez-cups-debuginfo-5.55-3.3.1
bluez-debuginfo-5.55-3.3.1
bluez-debugsource-5.55-3.3.1
bluez-deprecated-5.55-3.3.1
bluez-deprecated-debuginfo-5.55-3.3.1
bluez-devel-5.55-3.3.1
bluez-test-5.55-3.3.1
bluez-test-debuginfo-5.55-3.3.1
libbluetooth3-5.55-3.3.1
libbluetooth3-debuginfo-5.55-3.3.1
- openSUSE Leap 15.3 (noarch):
bluez-auto-enable-devices-5.55-3.3.1
- openSUSE Leap 15.3 (x86_64):
bluez-devel-32bit-5.55-3.3.1
libbluetooth3-32bit-5.55-3.3.1
libbluetooth3-32bit-debuginfo-5.55-3.3.1
References:
https://www.suse.com/security/cve/CVE-2020-26558.html
https://www.suse.com/security/cve/CVE-2021-0129.html
https://bugzilla.suse.com/1186463
1
0
openSUSE-SU-2021:2293-1: important: Security update for jdom2
by opensuse-security@opensuse.org 12 Jul '21
by opensuse-security@opensuse.org 12 Jul '21
12 Jul '21
openSUSE Security Update: Security update for jdom2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2293-1
Rating: important
References: #1187446
Cross-References: CVE-2021-33813
CVSS scores:
CVE-2021-33813 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-33813 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jdom2 fixes the following issues:
- CVE-2021-33813: XXE issue in SAXBuilder can cause a denial of service
via a crafted HTTP request (bsc#1187446)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2293=1
Package List:
- openSUSE Leap 15.3 (noarch):
jdom2-2.0.6-3.3.1
jdom2-javadoc-2.0.6-3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-33813.html
https://bugzilla.suse.com/1187446
1
0
openSUSE-SU-2021:2292-1: important: Security update for dbus-1
by opensuse-security@opensuse.org 12 Jul '21
by opensuse-security@opensuse.org 12 Jul '21
12 Jul '21
openSUSE Security Update: Security update for dbus-1
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2292-1
Rating: important
References: #1187105
Cross-References: CVE-2020-35512
CVSS scores:
CVE-2020-35512 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-35512 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for dbus-1 fixes the following issues:
- CVE-2020-35512: Fixed a use-after-free or potential undefined behaviour
caused by shared UID's (bsc#1187105)
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2292=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
dbus-1-1.12.2-8.6.1
dbus-1-debuginfo-1.12.2-8.6.1
dbus-1-debugsource-1.12.2-8.6.1
dbus-1-devel-1.12.2-8.6.1
dbus-1-x11-1.12.2-8.6.1
dbus-1-x11-debuginfo-1.12.2-8.6.1
dbus-1-x11-debugsource-1.12.2-8.6.1
libdbus-1-3-1.12.2-8.6.1
libdbus-1-3-debuginfo-1.12.2-8.6.1
- openSUSE Leap 15.3 (x86_64):
dbus-1-32bit-debuginfo-1.12.2-8.6.1
dbus-1-devel-32bit-1.12.2-8.6.1
libdbus-1-3-32bit-1.12.2-8.6.1
libdbus-1-3-32bit-debuginfo-1.12.2-8.6.1
- openSUSE Leap 15.3 (noarch):
dbus-1-devel-doc-1.12.2-8.6.1
References:
https://www.suse.com/security/cve/CVE-2020-35512.html
https://bugzilla.suse.com/1187105
1
0
openSUSE-SU-2021:2294-1: important: Security update for redis
by opensuse-security@opensuse.org 12 Jul '21
by opensuse-security@opensuse.org 12 Jul '21
12 Jul '21
openSUSE Security Update: Security update for redis
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2294-1
Rating: important
References: #1186722
Cross-References: CVE-2021-32625
CVSS scores:
CVE-2021-32625 (SUSE): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for redis fixes the following issues:
- Upgrade to 6.0.14
- CVE-2021-32625: An integer overflow bug could be exploited by using the
STRALGO LCS command to cause remote remote code execution (bsc#1186722)
- Fix crash in UNLINK on a stream key with deleted consumer groups
- SINTERSTORE: Add missing keyspace del event when none of the sources
exist
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2294=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
redis-6.0.14-6.5.1
redis-debuginfo-6.0.14-6.5.1
redis-debugsource-6.0.14-6.5.1
References:
https://www.suse.com/security/cve/CVE-2021-32625.html
https://bugzilla.suse.com/1186722
1
0
openSUSE-SU-2021:1029-1: moderate: Security update for icinga2
by opensuse-security@opensuse.org 12 Jul '21
by opensuse-security@opensuse.org 12 Jul '21
12 Jul '21
openSUSE Security Update: Security update for icinga2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1029-1
Rating: moderate
References: #1180147
Cross-References: CVE-2020-29663
CVSS scores:
CVE-2020-29663 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2020-29663 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for icinga2 fixes the following issues:
icinga2 was updated to 2.12.4
* Bugfixes
- Fix a crash when notification objects are deleted using the API #8782
- Fix crashes that might occur during downtime scheduling if host or
downtime objects are deleted using the API #8785
- Fix an issue where notifications may incorrectly be skipped after a
downtime ends #8775
- Don't send reminder notification if the notification is still
suppressed by a time period #8808
- Fix an issue where attempting to create a duplicate object using the
API might result in the original object being deleted #8787
- IDO: prioritize program status updates #8809
- Improve exceptions handling, including a fix for an uncaught
exception on Windows #8777
- Retry file rename operations on Windows to avoid intermittent
locking issues #8771
- Update to 2.12.3
* Security
- Fix that revoked certificates due for renewal will automatically be
renewed ignoring the CRL (Advisory / CVE-2020-29663 - fixes
boo#1180147 )
* Bugfixes
- Improve config sync locking - resolves high load issues on Windows
#8511
- Fix runtime config updates being ignored for objects without zone
#8549
- Use proper buffer size for OpenSSL error messages #8542
* Enhancements
- On checkable recovery: re-check children that have a problem #8506
- Update to 2.12.2
* Bugfixes
- Fix a connection leak with misconfigured agents #8483
- Properly sync changes of config objects in global zones done via the
API #8474 #8470
- Prevent other clients from being disconnected when replaying the
cluster log takes very long #8496
- Avoid duplicate connections between endpoints #8465
- Ignore incoming config object updates for unknown zones #8461
- Check timestamps before removing files in config sync #8495
* Enhancements
- Include HTTP status codes in log #8467
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1029=1
Package List:
- openSUSE Leap 15.2 (x86_64):
icinga2-2.12.4-lp152.3.6.1
icinga2-bin-2.12.4-lp152.3.6.1
icinga2-bin-debuginfo-2.12.4-lp152.3.6.1
icinga2-common-2.12.4-lp152.3.6.1
icinga2-debuginfo-2.12.4-lp152.3.6.1
icinga2-debugsource-2.12.4-lp152.3.6.1
icinga2-doc-2.12.4-lp152.3.6.1
icinga2-ido-mysql-2.12.4-lp152.3.6.1
icinga2-ido-mysql-debuginfo-2.12.4-lp152.3.6.1
icinga2-ido-pgsql-2.12.4-lp152.3.6.1
icinga2-ido-pgsql-debuginfo-2.12.4-lp152.3.6.1
nano-icinga2-2.12.4-lp152.3.6.1
vim-icinga2-2.12.4-lp152.3.6.1
References:
https://www.suse.com/security/cve/CVE-2020-29663.html
https://bugzilla.suse.com/1180147
1
0
openSUSE-SU-2021:2158-1: important: Security update for openexr
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for openexr
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2158-1
Rating: important
References: #1187310 #1187395
Cross-References: CVE-2021-3598 CVE-2021-3605
CVSS scores:
CVE-2021-3598 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2021-3605 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for openexr fixes the following issues:
- Fixed CVE-2021-3605 [bsc#1187395]: Heap buffer overflow in the
rleUncompress function
- Fixed CVE-2021-3598 [bsc#1187310]: Heap buffer overflow in
Imf_3_1:CharPtrIO:readChars
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2158=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libIlmImf-2_2-23-2.2.1-3.32.1
libIlmImf-2_2-23-debuginfo-2.2.1-3.32.1
libIlmImfUtil-2_2-23-2.2.1-3.32.1
libIlmImfUtil-2_2-23-debuginfo-2.2.1-3.32.1
openexr-2.2.1-3.32.1
openexr-debuginfo-2.2.1-3.32.1
openexr-debugsource-2.2.1-3.32.1
openexr-devel-2.2.1-3.32.1
openexr-doc-2.2.1-3.32.1
- openSUSE Leap 15.3 (x86_64):
libIlmImf-2_2-23-32bit-2.2.1-3.32.1
libIlmImf-2_2-23-32bit-debuginfo-2.2.1-3.32.1
libIlmImfUtil-2_2-23-32bit-2.2.1-3.32.1
libIlmImfUtil-2_2-23-32bit-debuginfo-2.2.1-3.32.1
References:
https://www.suse.com/security/cve/CVE-2021-3598.html
https://www.suse.com/security/cve/CVE-2021-3605.html
https://bugzilla.suse.com/1187310
https://bugzilla.suse.com/1187395
1
0
openSUSE-SU-2021:1819-1: important: Security update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base, gstreamer-plugins-good, gstreamer-plugins-ugly
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1819-1
Rating: important
References: #1181255 SLE-13843
Cross-References: CVE-2021-3185
CVSS scores:
CVE-2021-3185 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3185 (SUSE): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability, contains one
feature is now available.
Description:
This update for gstreamer, gstreamer-plugins-bad, gstreamer-plugins-base,
gstreamer-plugins-good, gstreamer-plugins-ugly fixes the following issues:
gstreamer was updated to version 1.16.3 (bsc#1181255):
- delay creation of threadpools
- bin: Fix `deep-element-removed` log message
- buffer: fix meta sequence number fallback on rpi
- bufferlist: foreach: always remove as parent if buffer is changed
- bus: Make setting/replacing/clearing the sync handler thread-safe
- elementfactory: Fix missing features in case a feature moves to another
filename
- element: When removing a ghost pad also unset its target
- meta: intern registered impl string
- registry: Use a toolchain-specific registry file on Windows
- systemclock: Invalid internal time calculation causes non-increasing
clock time on Windows
- value: don't write to `const char *`
- value: Fix segfault comparing empty GValueArrays
- Revert floating enforcing
- aggregator: fix iteration direction in skip_buffers
- sparsefile: fix possible crash when seeking
- baseparse: cache fix
- baseparse: fix memory leak when subclass skips whole input buffer
- baseparse: Set the private duration before posting a duration-changed
message
- basetransform: allow not passthrough if generate_output is implemented
- identity: Fix a minor leak using meta_str
- queue: protect against lost wakeups for iterm_del condition
- queue2: Avoid races when posting buffering messages
- queue2: Fix missing/dropped buffering messages at startup
- identity: Unblock condition variable on FLUSH_START
- check: Use `g_thread_yield()` instead of `g_usleep(1)`
- tests: use cpu_family for arch checks
- gst-launch: Follow up to missing `s/g_print/gst_print/g`
- gst-inspect: Add define guard for `g_log_writer_supports_color()`
- gst-launch: go back down to `GST_STATE_NULL` in one step.
- device-monitor: list hidden providers before listing devices
- autotools build fixes for GNU make 4.3
gstreamer-plugins-good was updated to version 1.16.3 (bsc#1181255):
- deinterlace: on-the-fly renegotiation
- flacenc: Pass audio info from set_format() to query_total_samples()
explicitly
- flacparse: fix broken reordering of flac metadata
- jack: Use jack_free(3) to release ports
- jpegdec: check buffer size before dereferencing
- pulse: fix discovery of newly added devices
- qtdemux fuzzing fixes
- qtdemux: Add 'mp3 ' fourcc that VLC seems to produce now
- qtdemux: Specify REDIRECT information in error message
- rtpbin: fix shutdown crash in rtpbin
- rtpsession: rename RTCP thread
- rtpvp8pay, rtpvp9pay: fix caps leak in set_caps()
- rtpjpegdepay: outputs framed jpeg
- rtpjitterbuffer: Properly free internal packets queue in finalize()
- rtspsrc: Don't return TRUE for unhandled query
- rtspsrc: Avoid stack overflow recursing waiting for response
- rtspsrc: Use the correct type for storing the max-rtcp-rtp-time-diff
property
- rtspsrc: Error out when failling to receive message response
- rtspsrc: Fix for segmentation fault when handling set/get_parameter
requests
- speex: Fix crash on Windows caused by cross-CRT issue
- speexdec: Crash when stopping the pipeline
- splitmuxsrc: Properly stop the loop if no part reader is present
- use gst_element_class_set_metadata when passing dynamic strings
- v4l2videodec: Increase internal bitstream pool size
- v4l2: fix crash when handling unsupported video format
- videocrop: allow properties to be animated by GstController
- videomixer: Don't leak peer caps
- vp8enc/vp8enc: set 1 for the default value of VP8E_SET_STATIC_THRESHOLD
- wavenc: Fix writing of the channel mask with >2 channels
gstreamer-plugins-bad was updated to version 1.16.3 (bsc#1181255):
- amcvideodec: fix sync meta copying not taking a reference
- audiobuffersplit: Perform discont tracking on running time
- audiobuffersplit: Specify in the template caps that only interleaved
audio is supported
- audiobuffersplit: Unset DISCONT flag if not discontinuous
- autoconvert: Fix lock-less exchange or free condition
- autoconvert: fix compiler warnings with g_atomic on recent GLib versions
- avfvideosrc: element requests camera permissions even with
capture-screen property is true
- codecparsers: h264parser: guard against ref_pic_markings overflow
- dtlsconnection: Avoid segmentation fault when no srtp capabilities are
negotiated
- dtls/connection: fix EOF handling with openssl 1.1.1e
- fdkaacdec: add support for mpegversion=2
- hls: Check nettle version to ensure AES128 support
- ipcpipeline: Rework compiler checks
- interlace: Increment phase_index before checking if we're at the end of
the phase
- lv2: Make it build with -fno-common
- h264parser: Do not allocate too large size of memory for registered user
data SEI
- ladspa: fix unbounded integer properties
- modplug: avoid division by zero
- msdkdec: Fix GstMsdkContext leak
- msdkenc: fix leaks on windows
- musepackdec: Don't fail all queries if no sample rate is known yet
- openslessink: Allow openslessink to handle 48kHz streams.
- opencv: allow compilation against 4.2.x
- proxysink: event_function needs to handle the event when it is
disconnecetd from proxysrc
- vulkan: Drop use of VK_RESULT_BEGIN_RANGE
- wasapi: added missing lock release in case of error in
gst_wasapi_xxx_reset
- wasapi: Fix possible deadlock while downwards state change
- waylandsink: Clear window when pipeline is stopped
- webrtc: Support non-trickle ICE candidates in the SDP
- webrtc: Unmap all non-binary buffers received via the datachannel
- meson: build with neon 0.31
- Drop upstream fixed patch: gstreamer-h264parser-fix-overflow.patch
- h264parser: guard against ref_pic_markings overflow (bsc#1181255
CVE-2021-3185)
- Disable the kate/libtiger plugin. Kate streams for karaoke are not used
anymore, and the source tarball for libtiger is no longer available
upstream. (jsc#SLE-13843)
gstreamer-plugins-ugly was updated to version 1.16.3 (bsc#1181255):
+ x264enc: corrected em_data value in CEA-708 CC SEI message
gstreamer-plugins-base was updated to version 1.16.3 (bsc#1181255):
- audioaggregator: Check all downstream allowed caps structures if they
support the upstream rate
- audioaggregator: Fix negotiation with downstream if there is no peer yet
- audioencoder: fix segment event leak
- discoverer: Fix caps handling in `pad-added` signal handler
- discoverer: Start discovering next URI from right thread
- fft: Update our kiss fft version, fixes thread-safety and concurrency
issues and misc other things
- gl: numerous memory fixes (use-after-free, leaks, missing NULL-ify)
- gl/display/egl: ensure debug category is initialized
- gstglwindow_x11: fix resize
- pbutils: Add latest H.264 level values
- rtpbuffer: fix header extension length validation
- video: Fix NV12_64Z32 number of component
- video-format: RGB16/15 are not 16 bit per component but only 5.333 and 5
- video: fix top/bottom field flags
- videodecoder: don't copy interlace-mode from reference state
- appsrc/appsink: Make setting/replacing callbacks thread-safe
- compositor: Fix checkerboard filling for BGRx/RGBx and UYVY/YUY2/YVYU
- decodebin3: only force streams-selected seqnum after a select-streams
- glupload: Fix fallback from direct dmabuf to dmabuf upload method
- glvideomixer: perform `_get_highest_precision()` on the GL thread
- libvisual: use `gst_element_class_set_metadata()` when passing dynamic
strings
- oggstream: Workaround for broken PAR in VP8 BOS
- subparse: accept WebVTT timestamps without an hour component
- playbin: Handle error message with redirection indication
- textrender: Fix AYUV output.
- typefind: Consider MPEG-PS PSM to be a PES type
- uridecodebin3: default to non-0 buffer-size and buffer-duration,
otherwise it could potentially cause big memory allocations over time
- videoaggregator: Don't configure NULL chroma-site/colorimetry
- videorate/videoscale/audioresample: Ensure that the caps returned from...
- build: Replace bashisms in configure for Wayland and GLES3
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1819=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
gstreamer-1.16.3-3.3.1
gstreamer-debuginfo-1.16.3-3.3.1
gstreamer-debugsource-1.16.3-3.3.1
gstreamer-devel-1.16.3-3.3.1
gstreamer-doc-1.16.3-3.3.1
gstreamer-plugins-base-1.16.3-4.3.1
gstreamer-plugins-base-debuginfo-1.16.3-4.3.1
gstreamer-plugins-base-debugsource-1.16.3-4.3.1
gstreamer-plugins-base-devel-1.16.3-4.3.1
gstreamer-plugins-base-doc-1.16.3-4.3.1
gstreamer-plugins-good-1.16.3-3.3.1
gstreamer-plugins-good-debuginfo-1.16.3-3.3.1
gstreamer-plugins-good-debugsource-1.16.3-3.3.1
gstreamer-plugins-good-doc-1.16.3-3.3.1
gstreamer-plugins-good-extra-1.16.3-3.3.1
gstreamer-plugins-good-extra-debuginfo-1.16.3-3.3.1
gstreamer-plugins-good-gtk-1.16.3-3.3.1
gstreamer-plugins-good-gtk-debuginfo-1.16.3-3.3.1
gstreamer-plugins-good-jack-1.16.3-3.3.1
gstreamer-plugins-good-jack-debuginfo-1.16.3-3.3.1
gstreamer-plugins-good-qtqml-1.16.3-3.3.1
gstreamer-plugins-good-qtqml-debuginfo-1.16.3-3.3.1
gstreamer-plugins-ugly-1.16.3-3.3.1
gstreamer-plugins-ugly-debuginfo-1.16.3-3.3.1
gstreamer-plugins-ugly-debugsource-1.16.3-3.3.1
gstreamer-plugins-ugly-doc-1.16.3-3.3.1
gstreamer-utils-1.16.3-3.3.1
gstreamer-utils-debuginfo-1.16.3-3.3.1
libgstallocators-1_0-0-1.16.3-4.3.1
libgstallocators-1_0-0-debuginfo-1.16.3-4.3.1
libgstapp-1_0-0-1.16.3-4.3.1
libgstapp-1_0-0-debuginfo-1.16.3-4.3.1
libgstaudio-1_0-0-1.16.3-4.3.1
libgstaudio-1_0-0-debuginfo-1.16.3-4.3.1
libgstfft-1_0-0-1.16.3-4.3.1
libgstfft-1_0-0-debuginfo-1.16.3-4.3.1
libgstgl-1_0-0-1.16.3-4.3.1
libgstgl-1_0-0-debuginfo-1.16.3-4.3.1
libgstpbutils-1_0-0-1.16.3-4.3.1
libgstpbutils-1_0-0-debuginfo-1.16.3-4.3.1
libgstreamer-1_0-0-1.16.3-3.3.1
libgstreamer-1_0-0-debuginfo-1.16.3-3.3.1
libgstriff-1_0-0-1.16.3-4.3.1
libgstriff-1_0-0-debuginfo-1.16.3-4.3.1
libgstrtp-1_0-0-1.16.3-4.3.1
libgstrtp-1_0-0-debuginfo-1.16.3-4.3.1
libgstrtsp-1_0-0-1.16.3-4.3.1
libgstrtsp-1_0-0-debuginfo-1.16.3-4.3.1
libgstsdp-1_0-0-1.16.3-4.3.1
libgstsdp-1_0-0-debuginfo-1.16.3-4.3.1
libgsttag-1_0-0-1.16.3-4.3.1
libgsttag-1_0-0-debuginfo-1.16.3-4.3.1
libgstvideo-1_0-0-1.16.3-4.3.1
libgstvideo-1_0-0-debuginfo-1.16.3-4.3.1
typelib-1_0-Gst-1_0-1.16.3-3.3.1
typelib-1_0-GstAllocators-1_0-1.16.3-4.3.1
typelib-1_0-GstApp-1_0-1.16.3-4.3.1
typelib-1_0-GstAudio-1_0-1.16.3-4.3.1
typelib-1_0-GstGL-1_0-1.16.3-4.3.1
typelib-1_0-GstPbutils-1_0-1.16.3-4.3.1
typelib-1_0-GstRtp-1_0-1.16.3-4.3.1
typelib-1_0-GstRtsp-1_0-1.16.3-4.3.1
typelib-1_0-GstSdp-1_0-1.16.3-4.3.1
typelib-1_0-GstTag-1_0-1.16.3-4.3.1
typelib-1_0-GstVideo-1_0-1.16.3-4.3.1
- openSUSE Leap 15.3 (noarch):
gstreamer-lang-1.16.3-3.3.1
gstreamer-plugins-base-lang-1.16.3-4.3.1
gstreamer-plugins-good-lang-1.16.3-3.3.1
gstreamer-plugins-ugly-lang-1.16.3-3.3.1
- openSUSE Leap 15.3 (x86_64):
gstreamer-32bit-1.16.3-3.3.1
gstreamer-32bit-debuginfo-1.16.3-3.3.1
gstreamer-plugins-base-32bit-1.16.3-4.3.1
gstreamer-plugins-base-32bit-debuginfo-1.16.3-4.3.1
gstreamer-plugins-base-devel-32bit-1.16.3-4.3.1
gstreamer-plugins-good-32bit-1.16.3-3.3.1
gstreamer-plugins-good-32bit-debuginfo-1.16.3-3.3.1
gstreamer-plugins-good-extra-32bit-1.16.3-3.3.1
gstreamer-plugins-good-extra-32bit-debuginfo-1.16.3-3.3.1
gstreamer-plugins-good-jack-32bit-1.16.3-3.3.1
gstreamer-plugins-good-jack-32bit-debuginfo-1.16.3-3.3.1
gstreamer-plugins-ugly-32bit-1.16.3-3.3.1
gstreamer-plugins-ugly-32bit-debuginfo-1.16.3-3.3.1
libgstallocators-1_0-0-32bit-1.16.3-4.3.1
libgstallocators-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstapp-1_0-0-32bit-1.16.3-4.3.1
libgstapp-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstaudio-1_0-0-32bit-1.16.3-4.3.1
libgstaudio-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstfft-1_0-0-32bit-1.16.3-4.3.1
libgstfft-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstgl-1_0-0-32bit-1.16.3-4.3.1
libgstgl-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstpbutils-1_0-0-32bit-1.16.3-4.3.1
libgstpbutils-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstreamer-1_0-0-32bit-1.16.3-3.3.1
libgstreamer-1_0-0-32bit-debuginfo-1.16.3-3.3.1
libgstriff-1_0-0-32bit-1.16.3-4.3.1
libgstriff-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstrtp-1_0-0-32bit-1.16.3-4.3.1
libgstrtp-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstrtsp-1_0-0-32bit-1.16.3-4.3.1
libgstrtsp-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstsdp-1_0-0-32bit-1.16.3-4.3.1
libgstsdp-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgsttag-1_0-0-32bit-1.16.3-4.3.1
libgsttag-1_0-0-32bit-debuginfo-1.16.3-4.3.1
libgstvideo-1_0-0-32bit-1.16.3-4.3.1
libgstvideo-1_0-0-32bit-debuginfo-1.16.3-4.3.1
References:
https://www.suse.com/security/cve/CVE-2021-3185.html
https://bugzilla.suse.com/1181255
1
0
openSUSE-SU-2021:2106-1: critical: Security update for salt
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for salt
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2106-1
Rating: critical
References: #1171257 #1176293 #1179831 #1181368 #1182281
#1182293 #1182382 #1185092 #1185281 #1186674
ECO-3212 SLE-18028 SLE-18033
Cross-References: CVE-2018-15750 CVE-2018-15751 CVE-2020-11651
CVE-2020-11652 CVE-2020-25592 CVE-2021-25315
CVE-2021-31607
CVSS scores:
CVE-2018-15750 (NVD) : 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2018-15750 (SUSE): 8.7 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N
CVE-2018-15751 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-15751 (SUSE): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-11651 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-11651 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-11652 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2020-11652 (SUSE): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2020-25592 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-25592 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-25315 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-25315 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-31607 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-31607 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 7 vulnerabilities, contains three
features and has three fixes is now available.
Description:
This update for salt fixes the following issues:
Update to Salt release version 3002.2 (jsc#ECO-3212, jsc#SLE-18033,
jsc#SLE-18028)
- Check if dpkgnotify is executable (bsc#1186674)
- Drop support for Python2. Obsoletes `python2-salt` package
(jsc#SLE-18028)
- virt module updates
* network: handle missing ipv4 netmask attribute
* more network support
* PCI/USB host devices passthrough support
- Set distro requirement to oldest supported version in
requirements/base.txt
- Bring missing part of async batch implementation back (CVE-2021-25315,
bsc#1182382)
- Always require `python3-distro` (bsc#1182293)
- Remove deprecated warning that breaks minion execution when
"server_id_use_crc" opts is missing
- Fix pkg states when DEB package has "all" arch
- Do not force beacons configuration to be a list.
- Remove msgpack < 1.0.0 from base requirements (bsc#1176293)
- msgpack support for version >= 1.0.0 (bsc#1171257)
- Fix issue parsing errors in ansiblegate state module
- Prevent command injection in the snapper module (bsc#1185281,
CVE-2021-31607)
- transactional_update: detect recursion in the executor
- Add subpackage salt-transactional-update (jsc#SLE-18033)
- Improvements on "ansiblegate" module (bsc#1185092):
* New methods: ansible.targets / ansible.discover_playbooks
- Add support for Alibaba Cloud Linux 2 (Aliyun Linux)
- Regression fix of salt-ssh on processing targets
- Update target fix for salt-ssh and avoiding race condition on salt-ssh
event processing (bsc#1179831, bsc#1182281)
- Add notify beacon for Debian/Ubuntu systems
- Fix zmq bug that causes salt-call to freeze (bsc#1181368)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2106=1
Package List:
- openSUSE Leap 15.3 (noarch):
python2-distro-1.5.0-3.5.1
python3-distro-1.5.0-3.5.1
References:
https://www.suse.com/security/cve/CVE-2018-15750.html
https://www.suse.com/security/cve/CVE-2018-15751.html
https://www.suse.com/security/cve/CVE-2020-11651.html
https://www.suse.com/security/cve/CVE-2020-11652.html
https://www.suse.com/security/cve/CVE-2020-25592.html
https://www.suse.com/security/cve/CVE-2021-25315.html
https://www.suse.com/security/cve/CVE-2021-31607.html
https://bugzilla.suse.com/1171257
https://bugzilla.suse.com/1176293
https://bugzilla.suse.com/1179831
https://bugzilla.suse.com/1181368
https://bugzilla.suse.com/1182281
https://bugzilla.suse.com/1182293
https://bugzilla.suse.com/1182382
https://bugzilla.suse.com/1185092
https://bugzilla.suse.com/1185281
https://bugzilla.suse.com/1186674
1
0
openSUSE-SU-2021:1761-1: moderate: Security update for hivex
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for hivex
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1761-1
Rating: moderate
References: #1185013
Cross-References: CVE-2021-3504
CVSS scores:
CVE-2021-3504 (NVD) : 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
CVE-2021-3504 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for hivex fixes the following issues:
- CVE-2021-3504: hivex: missing bounds check within hivex_open()
(bsc#1185013)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1761=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
hivex-1.3.14-5.3.1
hivex-debuginfo-1.3.14-5.3.1
hivex-debugsource-1.3.14-5.3.1
hivex-devel-1.3.14-5.3.1
libhivex0-1.3.14-5.3.1
libhivex0-debuginfo-1.3.14-5.3.1
ocaml-hivex-1.3.14-5.3.1
ocaml-hivex-debuginfo-1.3.14-5.3.1
ocaml-hivex-devel-1.3.14-5.3.1
perl-Win-Hivex-1.3.14-5.3.1
perl-Win-Hivex-debuginfo-1.3.14-5.3.1
python-hivex-1.3.14-5.3.1
python-hivex-debuginfo-1.3.14-5.3.1
- openSUSE Leap 15.3 (noarch):
hivex-lang-1.3.14-5.3.1
References:
https://www.suse.com/security/cve/CVE-2021-3504.html
https://bugzilla.suse.com/1185013
1
0
openSUSE-SU-2021:1977-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1977-1
Rating: important
References: #1055117 #1065729 #1087082 #1113295 #1133021
#1152457 #1152472 #1152489 #1153274 #1154353
#1155518 #1156395 #1160634 #1164648 #1167260
#1167574 #1167773 #1168777 #1168838 #1169709
#1171295 #1173485 #1174416 #1174426 #1175995
#1176447 #1176774 #1177028 #1177326 #1177666
#1178089 #1178134 #1178163 #1178330 #1178378
#1178418 #1179243 #1179519 #1179825 #1179827
#1179851 #1180197 #1180814 #1180846 #1181104
#1181383 #1181507 #1181674 #1181862 #1182077
#1182257 #1182377 #1182552 #1182574 #1182613
#1182712 #1182715 #1182717 #1182999 #1183022
#1183069 #1183252 #1183277 #1183278 #1183279
#1183280 #1183281 #1183282 #1183283 #1183284
#1183285 #1183286 #1183287 #1183288 #1183289
#1183310 #1183311 #1183312 #1183313 #1183314
#1183315 #1183316 #1183317 #1183318 #1183319
#1183320 #1183321 #1183322 #1183323 #1183324
#1183326 #1183346 #1183366 #1183369 #1183386
#1183405 #1183412 #1183427 #1183428 #1183445
#1183447 #1183491 #1183501 #1183509 #1183530
#1183534 #1183540 #1183593 #1183596 #1183598
#1183637 #1183646 #1183658 #1183662 #1183686
#1183692 #1183750 #1183757 #1183775 #1183815
#1183868 #1183871 #1183873 #1183947 #1183976
#1184074 #1184081 #1184082 #1184120 #1184167
#1184168 #1184170 #1184171 #1184192 #1184193
#1184194 #1184196 #1184197 #1184198 #1184199
#1184208 #1184209 #1184211 #1184217 #1184218
#1184219 #1184220 #1184224 #1184264 #1184386
#1184388 #1184391 #1184393 #1184436 #1184485
#1184514 #1184585 #1184611 #1184615 #1184650
#1184710 #1184724 #1184728 #1184730 #1184731
#1184736 #1184737 #1184738 #1184740 #1184741
#1184742 #1184769 #1184811 #1184855 #1184934
#1184942 #1184943 #1184955 #1184969 #1184984
#1185010 #1185113 #1185233 #1185269 #1185428
#1185491 #1185495 #1185549 #1185550 #1185558
#1185573 #1185581 #1185586 #1185587 #1185606
#1185640 #1185641 #1185642 #1185645 #1185670
#1185680 #1185703 #1185725 #1185736 #1185758
#1185796 #1185840 #1185857 #1185898 #1185899
#1185911 #1185938 #1185950 #1185980 #1185988
#1186009 #1186061 #1186111 #1186118 #1186219
#1186285 #1186320 #1186349 #1186352 #1186353
#1186354 #1186355 #1186356 #1186357 #1186401
#1186408 #1186439 #1186441 #1186479 #1186484
#1186498 #1186501 #1186512 #1186681
Cross-References: CVE-2019-18814 CVE-2019-19769 CVE-2020-24586
CVE-2020-24587 CVE-2020-24588 CVE-2020-25670
CVE-2020-25671 CVE-2020-25672 CVE-2020-25673
CVE-2020-26139 CVE-2020-26141 CVE-2020-26145
CVE-2020-26147 CVE-2020-27170 CVE-2020-27171
CVE-2020-27673 CVE-2020-27815 CVE-2020-35519
CVE-2020-36310 CVE-2020-36311 CVE-2020-36312
CVE-2020-36322 CVE-2021-20268 CVE-2021-23134
CVE-2021-27363 CVE-2021-27364 CVE-2021-27365
CVE-2021-28038 CVE-2021-28375 CVE-2021-28660
CVE-2021-28688 CVE-2021-28950 CVE-2021-28952
CVE-2021-28964 CVE-2021-28971 CVE-2021-28972
CVE-2021-29154 CVE-2021-29155 CVE-2021-29264
CVE-2021-29265 CVE-2021-29647 CVE-2021-29650
CVE-2021-30002 CVE-2021-32399 CVE-2021-33034
CVE-2021-33200 CVE-2021-3428 CVE-2021-3444
CVE-2021-3483 CVE-2021-3489 CVE-2021-3490
CVE-2021-3491
CVSS scores:
CVE-2019-18814 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-18814 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE-2019-19769 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2019-19769 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H
CVE-2020-24586 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2020-24586 (SUSE): 4.7 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
CVE-2020-24587 (NVD) : 2.6 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2020-24587 (SUSE): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-24588 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2020-24588 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-25670 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-25670 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25671 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-25671 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25672 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25672 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25673 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25673 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2020-26139 (NVD) : 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-26139 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2020-26141 (SUSE): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-26145 (SUSE): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-26147 (NVD) : 5.4 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
CVE-2020-27170 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2020-27170 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2020-27171 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
CVE-2020-27171 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
CVE-2020-27673 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-27673 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-27815 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-27815 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-35519 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-35519 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-36310 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36310 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36311 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36311 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-36312 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36312 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2020-36322 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36322 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2021-20268 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20268 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-23134 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-23134 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-27363 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2021-27363 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27364 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27364 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27365 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-27365 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28038 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28038 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28375 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28375 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28660 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28660 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-28688 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28688 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28950 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28950 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28952 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28964 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28964 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28971 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28971 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28972 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28972 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29154 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29155 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-29155 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-29264 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29264 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29265 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29265 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29647 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-29647 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-29650 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29650 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-30002 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-30002 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-32399 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-32399 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33034 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33034 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2021-33200 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33200 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3428 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-3444 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3444 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3483 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3483 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
CVE-2021-3489 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-3489 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3490 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-3490 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3491 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-3491 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 52 vulnerabilities and has 187 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic
operations by the BPF verifier could be abused to perform out-of-bounds
reads and writes in kernel memory (bsc#1186484).
- CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This
could lead to writing an arbitrary values. (bsc#1186111)
- CVE-2020-26139: Fixed a denial-of-service when an Access Point (AP)
forwards EAPOL frames to other clients even though the sender has not
yet successfully authenticated to the AP. (bnc#1186062)
- CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed
local attackers to elevate their privileges. (bnc#1186060)
- CVE-2021-3491: Fixed a potential heap overflow in mem_rw(). This
vulnerability is related to the PROVIDE_BUFFERS operation, which allowed
the MAX_RW_COUNT limit to be bypassed (bsc#1185642).
- CVE-2021-32399: Fixed a race condition when removing the HCI controller
(bnc#1184611).
- CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected
Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't
require that received fragments be cleared from memory after
(re)connecting to a network. Under the right circumstances this can be
abused to inject arbitrary network packets and/or exfiltrate user data
(bnc#1185859).
- CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected
Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't
require that all fragments of a frame are encrypted under the same key.
An adversary can abuse this to decrypt selected fragments when another
device sends fragmented frames and the WEP, CCMP, or GCMP encryption key
is periodically renewed (bnc#1185859 bnc#1185862).
- CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected
Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't
require that the A-MSDU flag in the plaintext QoS header field is
authenticated. Against devices that support receiving non-SSP A-MSDU
frames (which is mandatory as part of 802.11n), an adversary can abuse
this to inject arbitrary network packets. (bnc#1185861)
- CVE-2020-26147: The WEP, WPA, WPA2, and WPA3 implementations reassemble
fragments, even though some of them were sent in plaintext. This
vulnerability can be abused to inject packets and/or exfiltrate selected
fragments when another device sends fragmented frames and the WEP, CCMP,
or GCMP data-confidentiality protocol is used (bnc#1185859).
- CVE-2020-26145: An issue was discovered with Samsung Galaxy S3 i9305
4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept
second (or subsequent) broadcast fragments even when sent in plaintext
and process them as full unfragmented frames. An adversary can abuse
this to inject arbitrary network packets independent of the network
configuration. (bnc#1185860)
- CVE-2020-26141: An issue was discovered in the ALFA driver for AWUS036H,
where the Message Integrity Check (authenticity) of fragmented TKIP
frames was not verified. An adversary can abuse this to inject and
possibly decrypt packets in WPA or WPA2 networks that support the TKIP
data-confidentiality protocol. (bnc#1185987)
- CVE-2021-29650: Fixed an issue with the netfilter subsystem that allowed
attackers to cause a denial of service (panic) because
net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a
full memory barrier upon the assignment of a new table value
(bnc#1184208).
- CVE-2021-29155: Fixed an issue that was discovered in
kernel/bpf/verifier.c that performs undesirable out-of-bounds
speculation on pointer arithmetic, leading to side-channel attacks that
defeat Spectre mitigations and obtain sensitive information from kernel
memory. Specifically, for sequences of pointer arithmetic operations,
the pointer modification performed by the first operation was not
correctly accounted for when restricting subsequent operations
(bnc#1184942).
- CVE-2021-3444: Fixed an issue with the bpf verifier which did not
properly handle mod32 destination register truncation when the source
register was known to be 0 leading to out of bounds read (bsc#1184170).
- CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent
(bsc#1173485).
- CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed
attackers to obtain sensitive information from kernel memory because of
a partially uninitialized data structure (bsc#1184192 ).
- CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have
allowed attackers to cause a denial of service due to race conditions
during an update of the local and shared status (bsc#1184167).
- CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver
which could have allowed attackers to cause a system crash due to a
calculation of negative fragment size (bsc#1184168).
- CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a
new device name to the driver from userspace, allowing userspace to
write data to the kernel stack frame directly (bsc#1184198).
- CVE-2021-28971: Fixed an issue in intel_pmu_drain_pebs_nhm which could
have caused a system crash because the PEBS status in a PEBS record was
mishandled (bsc#1184196 ).
- CVE-2021-28964: Fixed a race condition in get_old_root which could have
allowed attackers to cause a denial of service (bsc#1184193).
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc#1183646).
- CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan
(bsc#1183593 ).
- CVE-2021-28375: Fixed an issue in fastrpc_internal_invoke which did not
prevent user applications from sending kernel RPC messages (bsc#1183596).
- CVE-2021-28038: Fixed an issue with the netback driver which was lacking
necessary treatment of errors such as failed memory allocations
(bsc#1183022).
- CVE-2021-27365: Fixed an issue where an unprivileged user can send a
Netlink message that is associated with iSCSI, and has a length up to
the maximum length of a Netlink message (bsc#1182715).
- CVE-2021-27364: Fixed an issue where an attacker could craft Netlink
messages (bsc#1182717).
- CVE-2021-27363: Fixed a kernel pointer leak which could have been used
to determine the address of the iscsi_transport structure (bsc#1182716).
- CVE-2020-35519: Fixed an out-of-bounds memory access was found in
x25_bind (bsc#1183696).
- CVE-2020-27815: Fixed an issue in JFS filesystem where could have
allowed an attacker to execute code (bsc#1179454).
- CVE-2020-27171: Fixed an off-by-one error affecting out-of-bounds
speculation on pointer arithmetic, leading to side-channel attacks that
defeat Spectre mitigations and obtain sensitive information from kernel
memory (bsc#1183775).
- CVE-2020-27170: Fixed potential side-channel attacks that defeat Spectre
mitigations and obtain sensitive information from kernel memory
(bsc#1183686).
- CVE-2019-19769: Fixed a use-after-free in the perf_trace_lock_acquire
function (bsc#1159280 ).
- CVE-2019-18814: Fixed a use-after-free when aa_label_parse() fails in
aa_audit_rule_init() (bsc#1156256).
- CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
- CVE-2021-30002: Fixed a memory leak for large arguments in
video_usercopy (bsc#1184120).
- CVE-2021-29154: Fixed incorrect computation of branch displacements,
allowing arbitrary code execution (bsc#1184391).
- CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop
continually was finding the same bad inode (bsc#1184194).
- CVE-2021-28952: Fixed a buffer overflow in the soundwire device driver,
triggered when an unexpected port ID number is encountered.
(bnc#1184197).
- CVE-2021-20268: Fixed an out-of-bounds access flaw in the implementation
of the eBPF code verifier. This flaw allowed a local user to crash the
system or possibly escalate their privileges. (bnc#1183077)
- CVE-2020-27673: Fixed a vulnerability with xen, where guest OS users
could cause a denial of service (host OS hang) via a high rate of events
to dom0 (bnc#1177411).
- CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509
).
- CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering
destruction of a large SEV VM (bsc#1184511).
- CVE-2020-36310: Fixed infinite loop for certain nested page faults
(bsc#1184512).
- CVE-2021-3489: Fixed an issue where the eBPF RINGBUF bpf_ringbuf_reserve
did not check that the allocated size was smaller than the ringbuf size
(bnc#1185640).
- CVE-2021-3490: Fixed an issue where the eBPF ALU32 bounds tracking for
bitwise ops (AND, OR and XOR) did not update the 32-bit bounds
(bnc#1185641 bnc#1185796 ).
- CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem
implementation which could have caused a system crash (bsc#1184211).
- CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed
multiple bugs in NFC subsytem (bsc#1178181).
The following non-security bugs were fixed:
- ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
(git-fixes).
- ACPI / idle: override c-state latency when not in conformance with s0ix
(bsc#1185840).
- ACPI: CPPC: Replace cppc_attr with kobj_attribute (git-fixes).
- ACPI: GTDT: Do not corrupt interrupt mappings on watchdow probe failure
(git-fixes).
- ACPI: PM: Add ACPI ID of Alder Lake Fan (git-fixes).
- ACPI: PM: s2idle: Add AMD support to handle _DSM (bsc#1185840).
- ACPI: PM: s2idle: Add missing LPS0 functions for AMD (bsc#1185840).
- ACPI: PM: s2idle: Drop unused local variables and related code
(bsc#1185840).
- ACPI: PM: s2idle: Move x86-specific code to the x86 directory
(bsc#1185840).
- ACPI: custom_method: fix a possible memory leak (git-fixes).
- ACPI: custom_method: fix potential use-after-free issue (git-fixes).
- ACPI: processor: Fix CPU0 wakeup in acpi_idle_play_dead() (git-fixes).
- ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m (git-fixes).
- ACPI: scan: Rearrange memory allocation in acpi_device_add() (git-fixes).
- ACPI: video: Add DMI quirk for GIGABYTE GB-BXBT-2807 (git-fixes).
- ACPI: video: Add missing callback back for Sony VPCEH3U1E (git-fixes).
- ACPICA: Always create namespace nodes using acpi_ns_create_node()
(git-fixes).
- ACPICA: Enable sleep button on ACPI legacy wake (bsc#1181383).
- ACPICA: Fix race in generic_serial_bus (I2C) and GPIO op_region
parameter handling (git-fixes).
- ALSA: Convert strlcpy to strscpy when return value is unused (git-fixes).
- ALSA: aloop: Fix initialization of controls (git-fixes).
- ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (git-fixes).
- ALSA: bebob: enable to deliver MIDI messages for multiple ports
(git-fixes).
- ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
(git-fixes).
- ALSA: dice: fix null pointer dereference when node is disconnected
(git-fixes).
- ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
(git-fixes).
- ALSA: dice: fix stream format for TC Electronic Konnekt Live at high
sampling transfer frequency (git-fixes).
- ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
(git-fixes).
- ALSA: firewire-lib: fix amdtp_packet tracepoints event for packet_index
field (git-fixes).
- ALSA: firewire-lib: fix calculation for size of IR context payload
(git-fixes).
- ALSA: firewire-lib: fix check for the size of isochronous packet payload
(git-fixes).
- ALSA: hda/ca0132: Add Sound BlasterX AE-5 Plus support (git-fixes).
- ALSA: hda/cirrus: Add Headphone and Headset MIC Volume Control
(git-fixes).
- ALSA: hda/cirrus: Add error handling into CS8409 I2C functions
(git-fixes).
- ALSA: hda/cirrus: Add jack detect interrupt support from CS42L42
companion codec (git-fixes).
- ALSA: hda/cirrus: Add support for CS8409 HDA bridge and CS42L42
companion codec (git-fixes).
- ALSA: hda/cirrus: Cleanup patch_cirrus.c code (git-fixes).
- ALSA: hda/cirrus: Fix CS42L42 Headset Mic volume control name
(git-fixes).
- ALSA: hda/cirrus: Make CS8409 driver more generic by using fixups
(git-fixes).
- ALSA: hda/cirrus: Set Initial DMIC volume for Bullseye to -26 dB
(git-fixes).
- ALSA: hda/cirrus: Use CS8409 filter to fix abnormal sounds on Bullseye
(git-fixes).
- ALSA: hda/conexant: Add quirk for mute LED control on HP ZBook G5
(git-fixes).
- ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
(git-fixes).
- ALSA: hda/conexant: Re-order CX5066 quirk table entries (git-fixes).
- ALSA: hda/conexant: Re-order CX5066 quirk table entries (git-fixes).
- ALSA: hda/hdmi: Cancel pending works before suspend (bsc#1182377).
- ALSA: hda/hdmi: Cancel pending works before suspend (git-fixes).
- ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
(git-fixes).
- ALSA: hda/realtek - Headset Mic issue on HP platform (git-fixes).
- ALSA: hda/realtek: ALC285 Thinkpad jack pin quirk is unreachable
(git-fixes).
- ALSA: hda/realtek: Add fixup for HP OMEN laptop (git-fixes).
- ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx (git-fixes).
- ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx (git-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Ideapad S740 (git-fixes).
- ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 (git-fixes).
- ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air
(git-fixes).
- ALSA: hda/realtek: Chain in pop reduction fixup for ThinkStation P340
(git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on
EliteBook 845 G8 (git-fixes).
- ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
(git-fixes).
- ALSA: hda/realtek: Fix speaker amp on HP Envy AiO 32 (git-fixes).
- ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).
- ALSA: hda/realtek: GA503 use same quirks as GA401 (git-fixes).
- ALSA: hda/realtek: Headphone volume is controlled by Front mixer
(git-fixes).
- ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC269 HP quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
(git-fixes).
- ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC662 quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries
(git-fixes).
- ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill
devices (git-fixes).
- ALSA: hda/realtek: apply pin quirk for XiaomiNotebook Pro (git-fixes).
- ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook
(git-fixes).
- ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO
(git-fixes).
- ALSA: hda/realtek: fix mic boost on Intel NUC 8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury
15 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury
17 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook G8
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 440 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 640 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 840 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 850 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 855 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G7
(git-fixes).
- ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops (git-fixes).
- ALSA: hda/realtek: reset eapd coeff to default value for alc287
(git-fixes).
- ALSA: hda/realtek: the bass speaker can't output sound on Yoga 9i
(git-fixes).
- ALSA: hda: Add missing sanity checks in PM prepare/complete callbacks
(git-fixes).
- ALSA: hda: Avoid spurious unsol event handling during S3/S4
(bsc#1182377).
- ALSA: hda: Avoid spurious unsol event handling during S3/S4 (git-fixes).
- ALSA: hda: Drop the BATCH workaround for AMD controllers (git-fixes).
- ALSA: hda: Flush pending unsolicited events before suspend (bsc#1182377).
- ALSA: hda: Re-add dropped snd_poewr_change_state() calls (git-fixes).
- ALSA: hda: fixup headset for ASUS GU502 laptop (git-fixes).
- ALSA: hda: fixup headset for ASUS GU502 laptop (git-fixes).
- ALSA: hda: generic: Fix the micmute led init state (git-fixes).
- ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
(git-fixes).
- ALSA: hda: ignore invalid NHLT table (git-fixes).
- ALSA: hdsp: do not disable if not enabled (git-fixes).
- ALSA: hdspm: do not disable if not enabled (git-fixes).
- ALSA: intel8x0: Do not update period unless prepared (git-fixes).
- ALSA: line6: Fix racy initialization of LINE6 MIDI (git-fixes).
- ALSA: rme9652: do not disable if not enabled (git-fixes).
- ALSA: sb: Fix two use after free in snd_sb_qsound_build (git-fixes).
- ALSA: usb-audio: Add DJM-450 to the quirks table (git-fixes).
- ALSA: usb-audio: Add DJM450 to Pioneer format quirk (git-fixes).
- ALSA: usb-audio: Add DJM450 to Pioneer format quirk (git-fixes).
- ALSA: usb-audio: Add DJM750 to Pioneer mixer quirk (git-fixes).
- ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX (git-fixes).
- ALSA: usb-audio: Add Pioneer DJM-850 to quirks-table (git-fixes).
- ALSA: usb-audio: Add dB range mapping for Sennheiser Communications
Headset PC 8 (git-fixes).
- ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
(git-fixes).
- ALSA: usb-audio: Add implicit feeback support for the BOSS GT-1
(git-fixes).
- ALSA: usb-audio: Add support for Pioneer DJM-750 (git-fixes).
- ALSA: usb-audio: Add support for many Roland devices' implicit feedback
quirks (git-fixes).
- ALSA: usb-audio: Apply implicit feedback mode for BOSS devices
(git-fixes).
- ALSA: usb-audio: Apply sample rate quirk to Logitech Connect (git-fixes).
- ALSA: usb-audio: Carve out connector value checking into a helper
(git-fixes).
- ALSA: usb-audio: Check connector value on resume (git-fixes).
- ALSA: usb-audio: Configure Pioneer DJM-850 samplerate (git-fixes).
- ALSA: usb-audio: Convert remaining strlcpy() to strscpy() (git-fixes).
- ALSA: usb-audio: Convert the last strlcpy() usage (git-fixes).
- ALSA: usb-audio: DJM-750: ensure format is set (git-fixes).
- ALSA: usb-audio: Declare Pioneer DJM-850 mixer controls (git-fixes).
- ALSA: usb-audio: Drop implicit fb quirk entries dubbed for capture
(git-fixes).
- ALSA: usb-audio: Explicitly set up the clock selector (git-fixes).
- ALSA: usb-audio: Fix "RANGE setting not yet supported" errors
(git-fixes).
- ALSA: usb-audio: Fix Pioneer DJM devices URB_CONTROL request direction
to set samplerate (git-fixes).
- ALSA: usb-audio: Fix Pioneer DJM devices URB_CONTROL request direction
to set samplerate (git-fixes).
- ALSA: usb-audio: Fix implicit sync clearance at stopping stream
(git-fixes).
- ALSA: usb-audio: Fix potential out-of-bounce access in MIDI EP parser
(git-fixes).
- ALSA: usb-audio: Fix unintentional sign extension issue (git-fixes).
- ALSA: usb-audio: Generic application of implicit fb to Roland/BOSS
devices (git-fixes).
- ALSA: usb-audio: Re-apply implicit feedback mode to Pioneer devices
(git-fixes).
- ALSA: usb-audio: Remove redundant assignment to len (git-fixes).
- ALSA: usb-audio: Skip probe of UA-101 devices (git-fixes).
- ALSA: usb-audio: Skip the clock selector inquiry for single connections
(git-fixes).
- ALSA: usb-audio: Validate MS endpoint descriptors (git-fixes).
- ALSA: usb-audio: add mixer quirks for Pioneer DJM-900NXS2 (git-fixes).
- ALSA: usb-audio: fix NULL ptr dereference in usb_audio_probe
(bsc#1182552).
- ALSA: usb-audio: fix Pioneer DJM-850 control label info (git-fixes).
- ALSA: usb-audio: fix control-request direction (git-fixes).
- ALSA: usb-audio: fix use after free in usb_audio_disconnect
(bsc#1182552).
- ALSA: usb-audio: generate midi streaming substream names from jack names
(git-fixes).
- ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci (git-fixes).
- ALSA: usb-audio: scarlett2: Improve driver startup messages (git-fixes).
- ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be
static (git-fixes).
- ALSA: usb-audio: use usb headers rather than define structs locally
(git-fixes).
- ALSA: usb: Use DIV_ROUND_UP() instead of open-coding it (git-fixes).
- ALSA: usb: midi: do not return -ENOMEM when usb_urb_ep_type_check fails
(git-fixes).
- ASoC: Intel: Add DMI quirk table to soc_intel_is_byt_cr() (git-fixes).
- ASoC: Intel: boards: sof-wm8804: add check for PLL setting (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R
tablet (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix HP Pavilion x2 10-p0XX OVCD current
threshold (git-fixes).
- ASoC: Intel: bytcr_rt5651: Add quirk for the Jumper EZpad 7 tablet
(git-fixes).
- ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function
(git-fixes).
- ASoC: Intel: sof_sdw: add quirk for HP Spectre x360 convertible
(git-fixes).
- ASoC: Intel: sof_sdw: add quirk for new ADL-P Rvp (git-fixes).
- ASoC: Intel: sof_sdw: reorganize quirks by generation (git-fixes).
- ASoC: SOF: Intel: HDA: fix core status verification (git-fixes).
- ASoC: SOF: Intel: HDA: fix core status verification (git-fixes).
- ASoC: SOF: Intel: hda: remove unnecessary parentheses (git-fixes).
- ASoC: SOF: Intel: unregister DMIC device on probe error (git-fixes).
- ASoC: SOF: intel: fix wrong poll bits in dsp power down (git-fixes).
- ASoC: ak4458: Add MODULE_DEVICE_TABLE (git-fixes).
- ASoC: ak5558: Add MODULE_DEVICE_TABLE (git-fixes).
- ASoC: ak5558: Fix s/show/slow/ typo (git-fixes).
- ASoC: ak5558: correct reset polarity (git-fixes).
- ASoC: codecs: wcd934x: add a sanity check in set channel map (git-fixes).
- ASoC: cs35l33: fix an error code in probe() (git-fixes).
- ASoC: cs42l42: Always wait at least 3ms after reset (git-fixes).
- ASoC: cs42l42: Do not enable/disable regulator at Bias Level (git-fixes).
- ASoC: cs42l42: Fix Bitclock polarity inversion (git-fixes).
- ASoC: cs42l42: Fix channel width support (git-fixes).
- ASoC: cs42l42: Fix mixer volume control (git-fixes).
- ASoC: cs42l42: Regmap must use_single_read/write (git-fixes).
- ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes).
- ASoC: es8316: Simplify adc_pga_gain_tlv table (git-fixes).
- ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).
- ASoC: fsl_ssi: Fix TDM slot setup for I2S mode (git-fixes).
- ASoC: intel: atom: Remove 44100 sample-rate from the media and
deep-buffer DAI descriptions (git-fixes).
- ASoC: intel: atom: Stop advertising non working S24LE support
(git-fixes).
- ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).
- ASoC: max98373: Changed amp shutdown register as volatile (git-fixes).
- ASoC: qcom: lpass-cpu: Fix lpass dai ids parse (git-fixes).
- ASoC: qcom: sdm845: Fix array out of bounds access (git-fixes).
- ASoC: qcom: sdm845: Fix array out of range on rx slim channels
(git-fixes).
- ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
(git-fixes).
- ASoC: rsnd: check all BUSIF status when error (git-fixes).
- ASoC: rsnd: core: Check convert rate in rsnd_hw_params (git-fixes).
- ASoC: rt1015: fix i2c communication error (git-fixes).
- ASoC: rt286: Generalize support for ALC3263 codec (git-fixes).
- ASoC: rt286: Make RT286_SET_GPIO_* readable and writable (git-fixes).
- ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of
10 (git-fixes).
- ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of
10 (git-fixes).
- ASoC: rt5659: Update MCLK rate in set_sysclk() (git-fixes).
- ASoC: rt5670: Add a quirk for the Dell Venue 10 Pro 5055 (git-fixes).
- ASoC: rt5670: Add emulated 'DAC1 Playback Switch' control (git-fixes).
- ASoC: rt5670: Remove 'HP Playback Switch' control (git-fixes).
- ASoC: rt5670: Remove 'OUT Channel Switch' control (git-fixes).
- ASoC: rt5670: Remove ADC vol-ctrl mute bits poking from Sto1 ADC mixer
settings (git-fixes).
- ASoC: rt711: add snd_soc_component remove callback (git-fixes).
- ASoC: samsung: snow: remove useless test (git-fixes).
- ASoC: samsung: tm2_wm5110: check of of_parse return value (git-fixes).
- ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on
probe (git-fixes).
- ASoC: simple-card-utils: Do not handle device clock (git-fixes).
- ASoC: simple-card: fix possible uninitialized single_cpu local variable
(git-fixes).
- ASoC: soc-core kABI workaround (git-fixes).
- ASoC: soc-core: Prevent warning if no DMI table is present (git-fixes).
- ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).
- ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
(git-fixes).
- ASoC: wm8960: Remove bitclk relax condition in wm8960_configure_sysclk
(git-fixes).
- Bluetooth: Fix incorrect status handling in LE PHY UPDATE event
(git-fixes).
- Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
(git-fixes).
- Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS (git-fixes).
- Bluetooth: SMP: Fail if remote and local public keys are identical
(git-fixes).
- Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default (git-fixes).
- Bluetooth: avoid deadlock between hci_dev->lock and socket lock
(git-fixes).
- Bluetooth: btqca: Add valid le states quirk (git-fixes).
- Bluetooth: btusb: Enable quirk boolean flag for Mediatek Chip
(git-fixes).
- Bluetooth: check for zapped sk before connecting (git-fixes).
- Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl
(git-fixes).
- Bluetooth: initialize skb_queue_head at l2cap_chan_create() (git-fixes).
- Drivers: hv: vmbus: Fix Suspend-to-Idle for Generation-2 VM (git-fixes).
- Drivers: hv: vmbus: Increase wait time for VMbus unload (bsc#1185725).
- Drivers: hv: vmbus: Initialize unload_event statically (bsc#1185725).
- Drivers: hv: vmbus: Use after free in __vmbus_open() (git-fixes).
- EDAC/amd64: Check for memory before fully initializing an instance
(bsc#1183815).
- EDAC/amd64: Get rid of the ECC disabled long message (bsc#1183815).
- EDAC/amd64: Use cached data when checking for ECC (bsc#1183815).
- Goodix Fingerprint device is not a modem (git-fixes).
- HID: alps: fix error return code in alps_input_configured() (git-fixes).
- HID: google: add don USB id (git-fixes).
- HID: i2c-hid: Add I2C_HID_QUIRK_NO_IRQ_AFTER_RESET for ITE8568 EC on
Voyo Winpad A15 (git-fixes).
- HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube
Adapter (git-fixes).
- HID: plantronics: Workaround for double volume key presses (git-fixes).
- HID: wacom: Assign boolean values to a bool variable (git-fixes).
- HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of
devices (git-fixes).
- HSI: Fix PM usage counter unbalance in ssi_hw_init (git-fixes).
- IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS
(jsc#SLE-13208).
- IB/hfi1: Rework AIP and VNIC dummy netdev usage (jsc#SLE-13208).
- Input: applespi - do not wait for responses to commands indefinitely
(git-fixes).
- Input: elantech - fix protocol errors for some trackpoints in SMBus mode
(git-fixes).
- Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated
devices (git-fixes).
- Input: i8042 - fix Pegatron C15B ID entry (git-fixes).
- Input: nspire-keypad - enable interrupts only when opened (git-fixes).
- Input: s6sy761 - fix coordinate read bit shift (git-fixes).
- Input: silead - add workaround for x86 BIOS-es which bring the chip up
in a stuck state (git-fixes).
- KEYS: trusted: Fix TPM reservation for seal/unseal (git-fixes).
- KEYS: trusted: Fix memory leak on object td (git-fixes).
- KVM x86: Extend AMD specific guest behavior to Hygon virtual CPUs
(bsc#1183447).
- KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
(bsc#1156395).
- KVM: PPC: Make the VMX instruction emulation routines static
(bsc#1156395).
- KVM: SVM: Clear the CR4 register on reset (bsc#1183252).
- KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (bsc#1152489).
- KVM: nVMX: Properly handle userspace interrupt window request
(bsc#1183427).
- KVM: s390: fix guarded storage control register handling (bsc#1133021).
- KVM: x86: Add helpers to perform CPUID-based guest vendor check
(bsc#1183445).
- KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off
(bsc#1183287).
- KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off
(bsc#1183323).
- KVM: x86: Expose XSAVEERPTR to the guest (jsc#SLE-13573).
- KVM: x86: Return -E2BIG when KVM_GET_SUPPORTED_CPUID hits max entries
(bsc#1183428).
- KVM: x86: Set so called 'reserved CR3 bits in LM mask' at vCPU reset
(bsc#1183288).
- KVM: x86: Set so called 'reserved CR3 bits in LM mask' at vCPU reset
(bsc#1183324).
- KVM: x86: do not reset microcode version on INIT or RESET (bsc#1183412).
- KVM: x86: list MSR_IA32_UCODE_REV as an emulated MSR (bsc#1183369).
- NFC: nci: fix memory leak in nci_allocate_device (git-fixes).
- PCI/AER: Add RCEC AER error injection support (bsc#1174426).
- PCI/AER: Add pcie_walk_rcec() to RCEC AER handling (bsc#1174426).
- PCI/AER: Clear AER status from Root Port when resetting Downstream Port
(bsc#1174426).
- PCI/AER: Specify the type of Port that was reset (bsc#1174426).
- PCI/AER: Use "aer" variable for capability offset (bsc#1174426).
- PCI/AER: Write AER Capability only when we control it (bsc#1174426).
- PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery() (bsc#1174426).
- PCI/ERR: Add pcie_link_rcec() to associate RCiEPs (bsc#1174426).
- PCI/ERR: Avoid negated conditional for clarity (bsc#1174426).
- PCI/ERR: Bind RCEC devices to the Root Port driver (bsc#1174426).
- PCI/ERR: Bind RCEC devices to the Root Port driver (jsc#SLE-13736
jsc#SLE-14845).
- PCI/ERR: Cache RCEC EA Capability offset in pci_init_capabilities()
(bsc#1174426).
- PCI/ERR: Clear AER status only when we control AER (bsc#1174426).
- PCI/ERR: Clear PCIe Device Status errors only if OS owns AER
(bsc#1174426).
- PCI/ERR: Clear status of the reporting device (bsc#1174426).
- PCI/ERR: Recover from RCEC AER errors (bsc#1174426).
- PCI/ERR: Recover from RCiEP AER errors (bsc#1174426).
- PCI/ERR: Rename reset_link() to reset_subordinates() (bsc#1174426).
- PCI/ERR: Retain status from error notification (bsc#1174426).
- PCI/ERR: Simplify by computing pci_pcie_type() once (bsc#1174426).
- PCI/ERR: Simplify by using pci_upstream_bridge() (bsc#1174426).
- PCI/ERR: Use "bridge" for clarity in pcie_do_recovery() (bsc#1174426).
- PCI/PME: Add pcie_walk_rcec() to RCEC PME handling (bsc#1174426).
- PCI/RCEC: Fix RCiEP device to RCEC association (git-fixes).
- PCI/RCEC: Fix RCiEP device to RCEC association (jsc#SLE-13736
jsc#SLE-14845 git-fixes).
- PCI/portdrv: Report reset for frozen channel (bsc#1174426).
- PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse (git-fixes).
- PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
(git-fixes).
- PCI: Allow VPD access for QLogic ISP2722 (git-fixes).
- PCI: Fix pci_register_io_range() memory leak (git-fixes).
- PCI: PM: Do not read power state in pci_enable_device_flags()
(git-fixes).
- PCI: Release OF node in pci_scan_device()'s error path (git-fixes).
- PCI: designware-ep: Fix the Header Type check (git-fixes).
- PCI: dwc: Move iATU detection earlier (git-fixes).
- PCI: endpoint: Fix missing destroy_workqueue() (git-fixes).
- PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc() (git-fixes).
- PCI: keystone: Let AM65 use the pci_ops defined in
pcie-designware-host.c (git-fixes).
- PCI: mediatek: Add missing of_node_put() to fix reference leak
(git-fixes).
- PCI: tegra: Fix ASPM-L1SS advertisement disable code (git-fixes).
- PCI: tegra: Move "dbi" accesses to post common DWC initialization
(git-fixes).
- PCI: thunder: Fix compile testing (git-fixes).
- PCI: xgene-msi: Fix race in installing chained irq handler (git-fixes).
- PM / devfreq: Use more accurate returned new_freq as resume_freq
(git-fixes).
- PM: EM: postpone creating the debugfs dir till fs_initcall (git-fixes).
- PM: runtime: Add documentation for pm_runtime_resume_and_get()
(git-fixes).
- PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter
(bsc#1183366).
- PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
- PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
- PM: runtime: Fix race getting/putting suppliers at probe (git-fixes).
- Platform: OLPC: Fix probe error handling (git-fixes).
- RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1152489).
- RDMA/addr: create addr_wq with WQ_MEM_RECLAIM flag (bsc#1183346).
- RDMA/cm: Fix IRQ restore in ib_send_cm_sidr_rep (jsc#SLE-15176).
- RDMA/core: create ib_cm with WQ_MEM_RECLAIM flag (bsc#1183346).
- RDMA/hns: Delete redundant abnormal interrupt status (git-fixes).
- RDMA/hns: Delete redundant condition judgment related to eq (git-fixes).
- RDMA/mlx5: Fix drop packet rule in egress table (jsc#SLE-15175).
- RDMA/qedr: Fix error return code in qedr_iw_connect() (jsc#SLE-8215).
- RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session
files (jsc#SLE-15176).
- RDMA/rtrs-clt: destroy sysfs after removing session from active list
(jsc#SLE-15176).
- RDMA/srp: Fix support for unpopulated and unbalanced NUMA nodes
(bsc#1169709)
- RDMA/srp: Fix support for unpopulated and unbalanced NUMA nodes
(bsc#1169709)
- RDMA/srpt: Fix error return code in srpt_cm_req_recv() (git-fixes).
- Re-enable yenta socket driver for x86_64 (bsc#1186349)
- SUNRPC in case of backlog, hand free slots directly to waiting task
(bsc#1185428).
- USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
(git-fixes).
- USB: Add reset-resume quirk for WD19's Realtek Hub (git-fixes).
- USB: CDC-ACM: fix poison/unpoison imbalance (bsc#1184984).
- USB: CDC-ACM: fix poison/unpoison imbalance (git-fixes).
- USB: cdc-acm: downgrade message to debug (git-fixes).
- USB: cdc-acm: fix TIOCGSERIAL implementation (git-fixes).
- USB: cdc-acm: fix double free on probe failure (git-fixes).
- USB: cdc-acm: fix unprivileged TIOCCSERIAL (git-fixes).
- USB: cdc-acm: fix use-after-free after probe failure (git-fixes).
- USB: cdc-acm: untangle a circular dependency between callback and
softint (git-fixes).
- USB: gadget: u_ether: Fix a configfs return code (git-fixes).
- USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
(git-fixes).
- USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
(git-fixes).
- USB: replace hardcode maximum usb string length by definition
(git-fixes).
- USB: serial: ark3116: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: ch341: add new Product ID (git-fixes).
- USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter
(git-fixes).
- USB: serial: cp210x: add some more GE USB IDs (git-fixes).
- USB: serial: f81232: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: f81534: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: fix return value for unsupported ioctls (git-fixes).
- USB: serial: io_edgeport: fix memory leak in edge_startup (git-fixes).
- USB: serial: mos7720: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: opticon: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: pl2303: add support for PL2303HXN (bsc#1186320).
- USB: serial: pl2303: fix line-speed handling on newer chips
(bsc#1186320).
- USB: serial: quatech2: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: ssu100: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: ti_usb_3410_5052: fix TIOCSSERIAL permission check
(git-fixes).
- USB: serial: usb_wwan: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions (git-fixes).
- USB: serial: usb_wwan: fix unprivileged TIOCCSERIAL (git-fixes).
- USB: usblp: fix a hang in poll() if disconnected (git-fixes).
- Update bug reference for USB-audio fixes (bsc#1182552 bsc#1183598)
- amd/amdgpu: Disable VCN DPG mode for Picasso (git-fixes).
- amdgpu: avoid incorrect %hu format string (git-fixes).
- apparmor: Fix aa_label refcnt leak in policy_update (git-fixes).
- apparmor: check/put label on apparmor_sk_clone_security() (git-fixes).
- appletalk: Fix skb allocation size in loopback case (git-fixes).
- arm64: make STACKPROTECTOR_PER_TASK configurable (bsc#1181862).
- ata: ahci: Disable SXS for Hisilicon Kunpeng920 (git-fixes).
- ata: libahci_platform: fix IRQ check (git-fixes).
- ath10k: Fix a use after free in ath10k_htc_send_bundle (git-fixes).
- ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
(git-fixes).
- ath10k: fix wmi mgmt tx queue full due to race condition (git-fixes).
- ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr()
(git-fixes).
- ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
(git-fixes).
- ath9k: fix transmitting to stations in dynamic SMPS mode (git-fixes).
- atl1c: fix error return code in atl1c_probe() (git-fixes).
- atl1e: fix error return code in atl1e_probe() (git-fixes).
- backlight: journada720: Fix Wmisleading-indentation warning (git-fixes).
- batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
(git-fixes).
- binfmt_misc: fix possible deadlock in bm_register_write (git-fixes).
- binfmt_misc: fix possible deadlock in bm_register_write (git-fixes).
- blk-iocost: ioc_pd_free() shouldn't assume irq disabled (git-fixes).
- blk-mq: plug request for shared sbitmap (jsc#SLE-15442 bsc#1180814
ltc#187461 git-fixes).
- blk-mq: set default elevator as deadline in case of hctx shared tagset
(jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- blkcg: fix memleak for iolatency (git-fixes).
- block, bfq: set next_rq to waker_bfqq->next_rq in waker injection
(bsc#1168838).
- block: fix get_max_io_size() (git-fixes).
- block: recalculate segment count for multi-segment discards correctly
(bsc#1184724).
- block: rsxx: fix error return code of rsxx_pci_probe() (git-fixes).
- block: rsxx: select CONFIG_CRC32 (git-fixes).
- bluetooth: eliminate the potential race condition when removing the HCI
controller (git-fixes).
- bnxt_en: Fix RX consumer index logic in the error path (git-fixes).
- bnxt_en: Fix RX consumer index logic in the error path (git-fixes).
- bnxt_en: fix ternary sign extension bug in bnxt_show_temp() (git-fixes).
- bnxt_en: reliably allocate IRQ table on reset to avoid crash
(jsc#SLE-8371 bsc#1153274).
- bnxt_en: reverse order of TX disable and carrier off (git-fixes).
- bpf, sockmap: Fix sk->prot unhash op reset (bsc#1155518).
- bpf,x64: Pad NOPs to make images converge more easily (bsc#1178163).
- bpf: Add sanity check for upper ptr_limit (bsc#1183686 bsc#1183775).
- bpf: Avoid warning when re-casting __bpf_call_base into
__bpf_call_base_args (bsc#1155518).
- bpf: Declare __bpf_free_used_maps() unconditionally (bsc#1155518).
- bpf: Do not do bpf_cgroup_storage_set() for kuprobe/tp programs
(bsc#1155518).
- bpf: Enforce that struct_ops programs be GPL-only (bsc#1177028).
- bpf: Fix 32 bit src register truncation on div/mod (bsc#1184170).
- bpf: Fix an unitialized value in bpf_iter (bsc#1177028).
- bpf: Fix leakage of uninitialized bpf stack under speculation
(bsc#1155518).
- bpf: Fix masking negation logic upon negative dst register (bsc#1155518).
- bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
(bsc#1177028).
- bpf: Fix verifier jsgt branch analysis on max bound (bsc#1155518).
- bpf: Refcount task stack in bpf_get_task_stack (bsc#1177028).
- bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518).
- bpf: Simplify alu_limit masking for pointer arithmetic (bsc#1183686
bsc#1183775).
- bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET (bsc#1177028).
- bpf_lru_list: Read double-checked variable once without lock
(bsc#1155518).
- brcmfmac: Add DMI nvram filename quirk for Predia Basic tablet
(git-fixes).
- brcmfmac: Add DMI nvram filename quirk for Voyo winpad A15 tablet
(git-fixes).
- brcmfmac: clear EAP/association status bits on linkdown events
(git-fixes).
- bsg: free the request before return error code (git-fixes).
- btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root
(bsc#1184217).
- btrfs: always pin deleted leaves when there are active tree mod log
users (bsc#1184224).
- btrfs: fix exhaustion of the system chunk array due to concurrent
allocations (bsc#1183386).
- btrfs: fix extent buffer leak on failure to copy root (bsc#1184218).
- btrfs: fix qgroup data rsv leak caused by falloc failure (bsc#1185549).
- btrfs: fix race between swap file activation and snapshot creation
(bsc#1185587).
- btrfs: fix race between swap file activation and snapshot creation
(bsc#1185587).
- btrfs: fix race between transaction aborts and fsyncs leading to
use-after-free (bsc#1186441).
- btrfs: fix race between transaction aborts and fsyncs leading to
use-after-free (bsc#1186441).
- btrfs: fix race between writes to swap files and scrub (bsc#1185586).
- btrfs: fix race between writes to swap files and scrub (bsc#1185586).
- btrfs: fix race when cloning extent buffer during rewind of an old root
(bsc#1184193).
- btrfs: fix race when picking most recent mod log operation for an old
root (bsc#1186439).
- btrfs: fix race when picking most recent mod log operation for an old
root (bsc#1186439).
- btrfs: fix stale data exposure after cloning a hole with NO_HOLES
enabled (bsc#1184220).
- btrfs: fix subvolume/snapshot deletion not triggered on mount
(bsc#1184219).
- btrfs: track qgroup released data in own variable in
insert_prealloc_file_extent (bsc#1185549).
- bus: fsl-mc: add the dpdbg device type (bsc#1185670).
- bus: fsl-mc: list more commands as accepted through the ioctl
(bsc#1185670).
- bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (git-fixes).
- bus: qcom: Put child node before return (git-fixes).
- bus: ti-sysc: Fix warning on unbind if reset is not deasserted
(git-fixes).
- can: c_can: move runtime PM enable/disable to c_can_platform (git-fixes).
- can: c_can_pci: c_can_pci_remove(): fix use-after-free (git-fixes).
- can: flexcan: assert FRZ bit in flexcan_chip_freeze() (git-fixes).
- can: flexcan: enable RX FIFO after FRZ/HALT valid (git-fixes).
- can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate
(git-fixes).
- can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode
(git-fixes).
- can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning
(git-fixes).
- can: peak_usb: Revert "can: peak_usb: add forgotten supported devices"
(git-fixes).
- can: peak_usb: add forgotten supported devices (git-fixes).
- can: skb: can_skb_set_owner(): fix ref counting if socket was closed
before setting skb ownership (git-fixes).
- cdc-acm: fix BREAK rx code path adding necessary calls (git-fixes).
- cdc-wdm: untangle a circular dependency between callback and softint
(git-fixes).
- ceph: do not clobber i_snap_caps on non-I_NEW inode (bsc#1186501).
- ceph: fix inode leak on getattr error in __fh_to_dentry (bsc#1186501).
- ceph: fix up error handling with snapdirs (bsc#1186501).
- ceph: only check pool permissions for regular files (bsc#1186501).
- cfg80211: remove WARN_ON() in cfg80211_sme_connect (git-fixes).
- cfg80211: scan: drop entry from hidden_list on overflow (git-fixes).
- ch_ktls: Fix kernel panic (jsc#SLE-15131).
- ch_ktls: do not send snd_una update to TCB in middle (jsc#SLE-15131).
- ch_ktls: fix device connection close (jsc#SLE-15131).
- ch_ktls: fix enum-conversion warning (jsc#SLE-15129).
- ch_ktls: tcb close causes tls connection failure (jsc#SLE-15131).
- cifs: New optype for session operations (bsc#1181507).
- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
- cifs: change noisy error message to FYI (bsc#1181507).
- cifs: check pointer before freeing (bsc#1183534).
- cifs: do not send close in compound create+close requests (bsc#1181507).
- cifs: print MIDs in decimal notation (bsc#1181507).
- cifs: return proper error code in statfs(2) (bsc#1181507).
- cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
- clk: exynos7: Mark aclk_fsys1_200 as critical (git-fixes).
- clk: fix invalid usage of list cursor in register (git-fixes).
- clk: fix invalid usage of list cursor in unregister (git-fixes).
- clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1
GHz (git-fixes).
- clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to
L0 (git-fixes).
- clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM
clock (git-fixes).
- clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE (git-fixes).
- clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
(git-fixes).
- clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).
- clk: uniphier: Fix potential infinite loop (git-fixes).
- clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
(git-fixes).
- completion: Drop init_completion define (git-fixes).
- configfs: fix a use-after-free in __configfs_open_file (git-fixes).
- coresight: etm4x: Fix issues on trcseqevr access (git-fixes).
- coresight: etm4x: Fix save and restore of TRCVMIDCCTLR1 register
(git-fixes).
- coresight: remove broken __exit annotations (git-fixes).
- coresight: tmc-etr: Fix barrier packet insertion for perf buffer
(git-fixes).
- cpufreq: Kconfig: fix documentation links (git-fixes).
- cpufreq: armada-37xx: Fix determining base CPU frequency (git-fixes).
- cpufreq: armada-37xx: Fix driver cleanup when registration failed
(git-fixes).
- cpufreq: armada-37xx: Fix setting TBG parent for load levels (git-fixes).
- cpufreq: armada-37xx: Fix the AVS value for load L1 (git-fixes).
- cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode
(bsc#1185758).
- cpuidle/pseries: Fixup CEDE0 latency only for POWER10 onwards
(bsc#1185550 ltc#192610).
- crypto: api - check for ERR pointers in crypto_destroy_tfm() (git-fixes).
- crypto: arm/curve25519 - Move '.fpu' after '.arch' (git-fixes).
- crypto: chelsio - Read rxchannel-id from firmware (git-fixes).
- crypto: mips/poly1305 - enable for all MIPS processors (git-fixes).
- crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
(git-fixes).
- crypto: qat - Fix a double free in adf_create_ring (git-fixes).
- crypto: qat - do not release uninitialized resources (git-fixes).
- crypto: qat - fix error path in adf_isr_resource_alloc() (git-fixes).
- crypto: qat - fix unmap invalid dma address (git-fixes).
- crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS
(git-fixes).
- crypto: stm32/cryp - Fix PM reference leak on stm32-cryp.c (git-fixes).
- crypto: stm32/hash - Fix PM reference leak on stm32-hash.c (git-fixes).
- crypto: tcrypt - avoid signed overflow in byte count (git-fixes).
- cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in
cxgb4 and ulds (git-fixes).
- cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in
cxgb4 and ulds (git-fixes).
- cxgb4: Fix unintentional sign extension issues (git-fixes).
- cxgb4: avoid collecting SGE_QBASE regs during traffic (git-fixes).
- dm era: Fix bitset memory leaks (git-fixes).
- dm era: Recover committed writeset after crash (git-fixes).
- dm era: Reinitialize bitset cache before digesting a new writeset
(git-fixes).
- dm era: Update in-core bitset after committing the metadata (git-fixes).
- dm era: Use correct value size in equality function of writeset tree
(git-fixes).
- dm era: Verify the data block size hasn't changed (git-fixes).
- dm era: only resize metadata in preresume (git-fixes).
- dm integrity: fix error reporting in bitmap mode after creation
(git-fixes).
- dm ioctl: fix error return code in target_message (git-fixes).
- dm mpath: fix racey management of PG initialization (git-fixes).
- dm mpath: switch paths in dm_blk_ioctl() code path (bsc#1167574,
bsc#1175995, bsc#1184485).
- dm raid: fix discard limits for raid1 (git-fixes).
- dm rq: fix double free of blk_mq_tag_set in dev remove after table load
fails (bsc#1185581).
- dm writecache: fix the maximum number of arguments (git-fixes).
- dm writecache: handle DAX to partitions on persistent memory correctly
(git-fixes).
- dm writecache: remove BUG() and fail gracefully instead (git-fixes).
- dm zoned: select CONFIG_CRC32 (git-fixes).
- dm: avoid filesystem lookup in dm_get_dev_t() (git-fixes).
- dm: eliminate potential source of excessive kernel log noise (git-fixes).
- dm: fix bug with RCU locking in dm_blk_report_zones (git-fixes).
- dm: remove invalid sparse __acquires and __releases annotations
(git-fixes).
- dmaengine: Fix a double free in dma_async_device_register (git-fixes).
- dmaengine: dw-edma: Fix crash on loading/unloading driver (git-fixes).
- dmaengine: dw: Make it dependent to HAS_IOMEM (git-fixes).
- dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
(git-fixes).
- dmaengine: idxd: Fix potential null dereference on pointer status
(git-fixes).
- dmaengine: idxd: cleanup pci interrupt vector allocation management
(git-fixes).
- dmaengine: idxd: clear MSIX permission entry on shutdown (git-fixes).
- dmaengine: idxd: fix cdev setup and free device lifetime issues
(git-fixes).
- dmaengine: idxd: fix delta_rec and crc size field for completion record
(git-fixes).
- dmaengine: idxd: fix dma device lifetime (git-fixes).
- dmaengine: idxd: fix opcap sysfs attribute output (git-fixes).
- dmaengine: idxd: fix wq cleanup of WQCFG registers (git-fixes).
- dmaengine: idxd: fix wq size store permission state (git-fixes).
- dmaengine: idxd: removal of pcim managed mmio mapping (git-fixes).
- docs: kernel-parameters: Add gpio_mockup_named_lines (git-fixes).
- docs: kernel-parameters: Move gpio-mockup for alphabetic order
(git-fixes).
- dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom
(git-fixes).
- dpaa_eth: Use random MAC address when none is given (bsc#1184811).
- dpaa_eth: copy timestamp fields to new skb in A-050385 workaround
(git-fixes).
- dpaa_eth: fix the RX headroom size alignment (git-fixes).
- dpaa_eth: update the buffer layout for non-A050385 erratum scenarios
(git-fixes).
- drivers: hv: Fix whitespace errors (bsc#1185725).
- drivers: net: xgene: Fix the order of the arguments of
'alloc_etherdev_mqs()' (git-fixes).
- drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
(git-fixes).
- drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
(git-fixes).
- drm/amd/display/dc/dce/dce_aux: Remove duplicate line causing 'field
overwritten' issue (git-fixes).
- drm/amd/display: Check for DSC support instead of ASIC revision
(git-fixes).
- drm/amd/display: Correct algorithm for reversed gamma (git-fixes).
- drm/amd/display: DCHUB underflow counter increasing in some scenarios
(git-fixes).
- drm/amd/display: Do not optimize bandwidth before disabling planes
(git-fixes).
- drm/amd/display: Fix UBSAN warning for not a valid value for type
'_Bool' (git-fixes).
- drm/amd/display: Fix UBSAN: shift-out-of-bounds warning (git-fixes).
- drm/amd/display: Fix debugfs link_settings entry (git-fixes).
- drm/amd/display: Fix nested FPU context in dcn21_validate_bandwidth()
(git-fixes).
- drm/amd/display: Fix off by one in hdmi_14_process_transaction()
(git-fixes).
- drm/amd/display: Fix two cursor duplication when using overlay
(git-fixes).
- drm/amd/display: Force vsync flip when reconfiguring MPCC (git-fixes).
- drm/amd/display: Guard against NULL pointer deref when get_i2c_info
fails (git-fixes).
- drm/amd/display: Initialize attribute for hdcp_srm sysfs file
(git-fixes).
- drm/amd/display: Reject non-zero src_y and src_x for video planes
(git-fixes).
- drm/amd/display: Revert dram_clock_change_latency for DCN2.1 (git-fixes).
- drm/amd/display: Try YCbCr420 color when YCbCr444 fails (git-fixes).
- drm/amd/display: add handling for hdcp2 rx id list validation
(git-fixes).
- drm/amd/display: changing sr exit latency (git-fixes).
- drm/amd/display: fix dml prefetch validation (git-fixes).
- drm/amd/display: fixed divide by zero kernel crash during dsc enablement
(git-fixes).
- drm/amd/display: turn DPMS off on connector unplug (git-fixes).
- drm/amd/pm: fix workload mismatch on vega10 (git-fixes).
- drm/amd/powerplay: fix spelling mistake "smu_state_memroy_block" ->
(bsc#1152489) Backporting notes: * rename amd/pm to amd/powerplay *
context changes
- drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f
(git-fixes).
- drm/amdgpu/display/dm: add missing parameter documentation (git-fixes).
- drm/amdgpu/display: buffer INTERRUPT_LOW_IRQ_CONTEXT interrupt work
(git-fixes).
- drm/amdgpu/display: remove redundant continue statement (git-fixes).
- drm/amdgpu/display: restore AUX_DPHY_TX_CONTROL for DCN2.x (git-fixes).
- drm/amdgpu/display: use GFP_ATOMIC in dcn21_validate_bandwidth_fp()
(git-fixes).
- drm/amdgpu/swsmu: add interrupt work function (git-fixes).
- drm/amdgpu/swsmu: add interrupt work handler for smu11 parts (git-fixes).
- drm/amdgpu: Add additional Sienna Cichlid PCI ID (git-fixes).
- drm/amdgpu: Add check to prevent IH overflow (git-fixes).
- drm/amdgpu: Add mem sync flag for IB allocated by SA (git-fixes).
- drm/amdgpu: Fix GPU TLB update error when PAGE_SIZE > AMDGPU_PAGE_SIZE
(git-fixes).
- drm/amdgpu: Fix some unload driver issues (git-fixes).
- drm/amdgpu: Init GFX10_ADDR_CONFIG for VCN v3 in DPG mode (git-fixes).
- drm/amdgpu: check alignment on CPU page for bo map (git-fixes).
- drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
(git-fixes).
- drm/amdgpu: fb BO should be ttm_bo_type_device (git-fixes).
- drm/amdgpu: fix NULL pointer dereference (git-fixes).
- drm/amdgpu: fix concurrent VM flushes on Vega/Navi v2 (git-fixes).
- drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings()
(git-fixes).
- drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie
(git-fixes).
- drm/amdgpu: mask the xgmi number of hops reported from psp to kfd
(git-fixes).
- drm/amdgpu: remove unused variable from struct amdgpu_bo (git-fixes).
- drm/amdgpu: update gc golden setting for Navi12 (git-fixes).
- drm/amdgpu: update sdma golden setting for Navi12 (git-fixes).
- drm/amdkfd: Fix UBSAN shift-out-of-bounds warning (git-fixes).
- drm/amdkfd: Fix cat debugfs hang_hws file causes system crash bug
(git-fixes).
- drm/amdkfd: Put ACPI table after using it (bsc#1152489) Backporting
notes: * context changes
- drm/amdkfd: dqm fence memory corruption (git-fixes).
- drm/amdkfd: fix build error with AMD_IOMMU_V2=m (git-fixes).
- drm/ast: AST2500 fixups (bsc#1174416).
- drm/ast: AST2500 fixups (bsc#1174416).
- drm/ast: Add 25MHz refclk support (bsc#1174416).
- drm/ast: Add 25MHz refclk support (bsc#1174416).
- drm/ast: Add support for 1152x864 mode (bsc#1174416).
- drm/ast: Add support for 1152x864 mode (bsc#1174416).
- drm/ast: Add support for AIP200 (bsc#1174416).
- drm/ast: Add support for AIP200 (bsc#1174416).
- drm/ast: Correct mode table for AST2500 precatch (bsc#1174416).
- drm/ast: Correct mode table for AST2500 precatch (bsc#1174416).
- drm/ast: Disable VGA decoding while driver is active (bsc#1174416).
- drm/ast: Disable VGA decoding while driver is active (bsc#1174416).
- drm/ast: Disable screen on register init (bsc#1174416).
- drm/ast: Disable screen on register init (bsc#1174416).
- drm/ast: Fix P2A config detection (bsc#1174416).
- drm/ast: Fix P2A config detection (bsc#1174416).
- drm/ast: Fix invalid usage of AST_MAX_HWC_WIDTH in cursor atomic_check
(git-fixes).
- drm/ast: Fix register access in non-P2A mode for DP501 (bsc#1174416).
- drm/ast: Fix register access in non-P2A mode for DP501 (bsc#1174416).
- drm/ast: Keep MISC fields when enabling VGA (bsc#1174416).
- drm/ast: Keep MISC fields when enabling VGA (bsc#1174416).
- drm/ast: drm/ast: Fix boot address for AST2500 (bsc#1174416).
- drm/ast: drm/ast: Fix boot address for AST2500 (bsc#1174416).
- drm/compat: Clear bounce structures (git-fixes).
- drm/dp_mst: Revise broadcast msg lct & lcr (git-fixes).
- drm/dp_mst: Set CLEAR_PAYLOAD_ID_TABLE as broadcast (git-fixes).
- drm/hisilicon: Fix use-after-free (git-fixes).
- drm/i915/display: fix compiler warning about array overrun (git-fixes).
- drm/i915/gt: Clear CACHE_MODE prior to clearing residuals (git-fixes).
- drm/i915/gt: Disable HiZ Raw Stall Optimization on broken gen7
(git-fixes).
- drm/i915/gvt: Fix error code in intel_gvt_init_device() (git-fixes).
- drm/i915/gvt: Set SNOOP for PAT3 on BXT/APL to workaround GPU BB hang
(git-fixes).
- drm/i915/overlay: Fix active retire callback alignment (git-fixes).
- drm/i915/selftests: Fix some error codes (git-fixes).
- drm/i915: Avoid div-by-zero on gen2 (git-fixes).
- drm/i915: Fix ICL MG PHY vswing handling (git-fixes).
- drm/i915: Fix crash in auto_retire (git-fixes).
- drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
- drm/i915: Hold onto an explicit ref to i915_vma_work.pinned (git-fixes).
- drm/i915: Read C0DRB3/C1DRB3 as 16 bits again (git-fixes).
- drm/i915: Wedge the GPU if command parser setup fails (git-fixes).
- drm/imx: imx-ldb: fix out of bounds array access warning (git-fixes).
- drm/ingenic: Fix non-OSD mode (git-fixes).
- drm/ingenic: Register devm action to cleanup encoders (git-fixes).
- drm/komeda: Fix bit check to import to value of proper type (git-fixes).
- drm/lima: fix reference leak in lima_pm_busy (git-fixes).
- drm/mcde/panel: Inverse misunderstood flag (git-fixes).
- drm/mediatek: Fix aal size config (bsc#1152489) Backporting notes: *
replaced mtk_ddp_write() with writel()
- drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register
(git-fixes).
- drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs
(git-fixes).
- drm/msm/gem: Add obj->lock wrappers (bsc#1152489) Backporting notes: *
taken for 9b73bde39cf2 ("drm/msm: Fix use-after-free in msm_gem with
carveout") * context changes
- drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal (git-fixes).
- drm/msm/mdp5: Do not multiply vclk line count by 100 (git-fixes).
- drm/msm: Fix WARN_ON() splat in _free_object() (bsc#1152489) Backporting
notes: * context changes
- drm/msm: Fix a5xx/a6xx timestamps (git-fixes).
- drm/msm: Fix races managing the OOB state for timestamp vs (bsc#1152489)
Backporting notes: * context changes
- drm/msm: Fix suspend/resume on i.MX5 (git-fixes).
- drm/msm: Fix use-after-free in msm_gem with carveout (bsc#1152489)
Backporting notes: * context changes
- drm/msm: Ratelimit invalid-fence message (git-fixes).
- drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes).
- drm/msm: fix shutdown hook in case GPU components failed to bind
(git-fixes).
- drm/nouveau/kms/nv50-: Get rid of bogus nouveau_conn_mode_valid()
(git-fixes).
- drm/omap: fix misleading indentation in pixinc() (git-fixes).
- drm/panfrost: Clear MMU irqs before handling the fault (git-fixes).
- drm/panfrost: Do not corrupt the queue mutex on open/close (bsc#1152472)
Backporting notes: * context changes
- drm/panfrost: Do not try to map pages that are already mapped
(git-fixes).
- drm/panfrost: Fix job timeout handling (bsc#1152472) Backporting notes:
* context changes
- drm/panfrost: Remove unused variables in panfrost_job_close()
(bsc#1152472)
- drm/probe-helper: Check epoch counter in output_poll_execute()
(git-fixes).
- drm/qxl: do not run release if qxl failed to init (git-fixes).
- drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz
monitors are connected (git-fixes).
- drm/radeon: Avoid power table parsing memory leaks (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect()
(git-fixes).
- drm/radeon: Fix off-by-one power_state index heap overwrite (git-fixes).
- drm/radeon: fix AGP dependency (git-fixes).
- drm/radeon: fix copy of uninitialized variable back to userspace
(git-fixes).
- drm/shmem-helper: Check for purged buffers in fault handler (git-fixes).
- drm/shmem-helper: Do not remove the offset in vm_area_struct pgoff
(git-fixes).
- drm/shmem-helpers: vunmap: Do not put pages for dma-buf (git-fixes).
- drm/sun4i: tcon: fix inverted DCLK polarity (bsc#1152489) Backporting
notes: * context changes
- drm/tegra: Fix reference leak when pm_runtime_get_sync() fails
(git-fixes).
- drm/tegra: dc: Do not set PLL clock to 0Hz (git-fixes).
- drm/tegra: dc: Restore coupling of display controllers (git-fixes).
- drm/tegra: sor: Grab runtime PM reference across reset (git-fixes).
- drm/tilcdc: send vblank event when disabling crtc (git-fixes).
- drm/vc4: crtc: Reduce PV fifo threshold on hvs4 (git-fixes).
- drm/vc4: hdmi: Restore cec physical address on reconnect (bsc#1152472)
Backporting notes: * context changes * change vc4_hdmi to vc4->hdmi *
removed references to encoder->hdmi_monitor
- drm/vkms: fix misuse of WARN_ON (git-fixes).
- drm: Added orientation quirk for OneGX1 Pro (git-fixes).
- drm: meson_drv add shutdown function (git-fixes).
- drm: rcar-du: Fix PM reference leak in rcar_cmm_enable() (git-fixes).
- drm: rcar-du: Fix crash when using LVDS1 clock for CRTC (bsc#1152489)
Backporting notes: * context changes
- drm: rcar-du: Fix leak of CMM platform device reference (git-fixes).
- drm: xlnx: zynqmp: fix a memset in zynqmp_dp_train() (git-fixes).
- e1000e: Fix duplicate include guard (git-fixes).
- e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (git-fixes).
- e1000e: add rtnl_lock() to e1000_reset_task (git-fixes).
- efi: use 32-bit alignment for efi_guid_t literals (git-fixes).
- enetc: Fix reporting of h/w packet counters (git-fixes).
- enetc: Let the hardware auto-advance the taprio base-time of 0
(git-fixes).
- enetc: Workaround for MDIO register access issue (git-fixes).
- epoll: check for events when removing a timed out thread from the wait
queue (git-fixes).
- ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
(git-fixes).
- ethernet: alx: fix order of calls on resume (git-fixes).
- ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
(git-fixes).
- ethtool: fix incorrect datatype in set_eee ops (bsc#1176447).
- ethtool: fix missing NLM_F_MULTI flag when dumping (bsc#1176447).
- ethtool: pause: make sure we init driver stats (jsc#SLE-15075).
- exec: Move would_dump into flush_old_exec (git-fixes).
- ext4: do not try to set xattr into ea_inode if value is empty
(bsc#1184730).
- ext4: find old entry again if failed to rename whiteout (bsc#1184742).
- ext4: fix potential error in ext4_do_update_inode (bsc#1184731).
- ext4: fix potential htree index checksum corruption (bsc#1184728).
- extcon: Add stubs for extcon_register_notifier_all() functions
(git-fixes).
- extcon: Fix error handling in extcon_dev_register (git-fixes).
- extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has
been unplugged (git-fixes).
- extcon: arizona: Fix various races on driver unbind (git-fixes).
- fbdev: zero-fill colormap in fbcmap.c (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware/efi: Fix a use after bug in efi_mem_reserve_persistent
(git-fixes).
- firmware: arm_scpi: Prevent the ternary sign expansion bug (git-fixes).
- firmware: qcom-scm: Fix QCOM_SCM configuration (git-fixes).
- firmware: qcom_scm: Fix kernel-doc function names to match (git-fixes).
- firmware: qcom_scm: Make __qcom_scm_is_call_available() return bool
(git-fixes).
- firmware: qcom_scm: Reduce locking section for __get_convention()
(git-fixes).
- firmware: qcom_scm: Workaround lack of "is available" call on SC7180
(git-fixes).
- flow_dissector: fix byteorder of dissected ICMP ID (bsc#1154353).
- fnic: use scsi_host_busy_iter() to traverse commands (bsc#1179851).
- fotg210-udc: Complete OUT requests on short packets (git-fixes).
- fotg210-udc: Do not DMA more than the buffer can take (git-fixes).
- fotg210-udc: Fix DMA on EP0 for length > max packet size (git-fixes).
- fotg210-udc: Fix EP0 IN requests bigger than two packets (git-fixes).
- fotg210-udc: Mask GRP2 interrupts we do not handle (git-fixes).
- fotg210-udc: Remove a dubious condition leading to fotg210_done
(git-fixes).
- fs/epoll: restore waking from ep_done_scan() (bsc#1183868).
- fs/jfs: fix potential integer overflow on shift of a int (bsc#1184741).
- fs: direct-io: fix missing sdio->boundary (bsc#1184736).
- fsl/fman: check dereferencing null pointer (git-fixes).
- fsl/fman: fix dereference null return value (git-fixes).
- fsl/fman: fix eth hash table allocation (git-fixes).
- fsl/fman: fix unreachable code (git-fixes).
- fsl/fman: reuse set_mac_address() in dtsec init() (bsc#1184811).
- fsl/fman: tolerate missing MAC address in device tree (bsc#1184811).
- fsl/fman: use 32-bit unsigned integer (git-fixes).
- ftrace/x86: Tell objtool to ignore nondeterministic ftrace stack layout
(bsc#1177028).
- ftrace: Fix modify_ftrace_direct (bsc#1177028).
- ftrace: Handle commands when closing set_ftrace_filter file (git-fixes).
- fuse: fix bad inode (bsc#1184211).
- fuse: fix bad inode (bsc#1184211).
- fuse: fix live lock in fuse_iget() (bsc#1184211).
- fuse: fix live lock in fuse_iget() (bsc#1184211).
- fuse: fix write deadlock (bsc#1185573).
- fuse: verify write return (git-fixes).
- futex: Change utime parameter to be 'const ... *' (git-fixes).
- futex: Do not apply time namespace adjustment on FUTEX_LOCK_PI
(bsc#1164648).
- futex: Get rid of the val2 conditional dance (git-fixes).
- futex: Make syscall entry points less convoluted (git-fixes).
- gcc-plugins: drop support for GCC <= 4.7 (bcs#1181862).
- gcc-plugins: make it possible to disable CONFIG_GCC_PLUGINS again
(bcs#1181862).
- gcc-plugins: simplify GCC plugin-dev capability test (bsc#1181862).
- geneve: do not modify the shared tunnel info when PMTU triggers an ICMP
reply (bsc#1176447).
- geneve: do not modify the shared tunnel info when PMTU triggers an ICMP
reply (git-fixes).
- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
- genirq: Disable interrupts for force threaded handlers (git-fixes)
- genirq: Reduce irqdebug cacheline bouncing (bsc#1185703 ltc#192641).
- gianfar: Account for Tx PTP timestamp in the skb headroom (git-fixes).
- gianfar: Fix TX timestamping with a stacked DSA driver (git-fixes).
- gianfar: Handle error code at MAC address change (git-fixes).
- gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP
(git-fixes).
- gpio: omap: Save and restore sysconfig (git-fixes).
- gpio: pca953x: Set IRQ type when handle Intel Galileo Gen 2 (git-fixes).
- gpio: sysfs: Obey valid_mask (git-fixes).
- gpio: xilinx: Correct kernel doc for xgpio_probe() (git-fixes).
- gpio: zynq: fix reference leak in zynq_gpio functions (git-fixes).
- gpiolib: Do not free if pin ranges are not defined (git-fixes).
- gpiolib: acpi: Add missing IRQF_ONESHOT (git-fixes).
- gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
(git-fixes).
- gpu/xen: Fix a use after free in xen_drm_drv_init (git-fixes).
- hrtimer: Update softirq_expires_next correctly after (git-fixes)
- hv_netvsc: Reset the RSC count if NVSP_STAT_FAIL in netvsc_receive()
(git-fixes).
- hwmon: (ina3221) Fix PM usage counter unbalance in ina3221_write_enable
(git-fixes).
- hwmon: (occ) Fix poll rate limiting (git-fixes).
- i2c: Add I2C_AQ_NO_REP_START adapter quirk (git-fixes).
- i2c: bail out early when RDWR parameters are wrong (git-fixes).
- i2c: cadence: add IRQ check (git-fixes).
- i2c: emev2: add IRQ check (git-fixes).
- i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
(git-fixes).
- i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
(git-fixes).
- i2c: jz4780: add IRQ check (git-fixes).
- i2c: mlxbf: add IRQ check (git-fixes).
- i2c: omap: fix reference leak when pm_runtime_get_sync fails (git-fixes).
- i2c: rcar: faster irq code to minimize HW race condition (git-fixes).
- i2c: rcar: optimize cacheline to minimize HW race condition (git-fixes).
- i2c: sh7760: add IRQ check (git-fixes).
- i2c: sh7760: fix IRQ error path (git-fixes).
- i2c: sprd: fix reference leak when pm_runtime_get_sync fails (git-fixes).
- i2c: tegra: Add missing pm_runtime_put() (bsc#1184386).
- i2c: tegra: Check errors for both positive and negative values
(bsc#1184386).
- i2c: tegra: Clean up and improve comments (bsc#1184386).
- i2c: tegra: Clean up printk messages (bsc#1184386).
- i2c: tegra: Clean up probe function (bsc#1184386).
- i2c: tegra: Clean up variable names (bsc#1184386).
- i2c: tegra: Clean up variable types (bsc#1184386).
- i2c: tegra: Clean up whitespaces, newlines and indentation (bsc#1184386).
- i2c: tegra: Create i2c_writesl_vi() to use with VI I2C for filling TX
FIFO (bsc#1184386).
- i2c: tegra: Factor out error recovery from tegra_i2c_xfer_msg()
(bsc#1184386).
- i2c: tegra: Factor out hardware initialization into separate function
(bsc#1184386).
- i2c: tegra: Factor out packet header setup from tegra_i2c_xfer_msg()
(bsc#1184386).
- i2c: tegra: Factor out register polling into separate function
(bsc#1184386).
- i2c: tegra: Handle potential error of tegra_i2c_flush_fifos()
(bsc#1184386).
- i2c: tegra: Improve driver module description (bsc#1184386).
- i2c: tegra: Improve formatting of variables (bsc#1184386).
- i2c: tegra: Initialize div-clk rate unconditionally (bsc#1184386).
- i2c: tegra: Make tegra_i2c_flush_fifos() usable in atomic transfer
(bsc#1184386).
- i2c: tegra: Mask interrupt in tegra_i2c_issue_bus_clear() (bsc#1184386).
- i2c: tegra: Move out all device-tree parsing into tegra_i2c_parse_dt()
(bsc#1184386).
- i2c: tegra: Remove "dma" variable from tegra_i2c_xfer_msg()
(bsc#1184386).
- i2c: tegra: Remove error message used for devm_request_irq() failure
(bsc#1184386).
- i2c: tegra: Remove i2c_dev.clk_divisor_non_hs_mode member (bsc#1184386).
- i2c: tegra: Remove likely/unlikely from the code (bsc#1184386).
- i2c: tegra: Remove outdated barrier() (bsc#1184386).
- i2c: tegra: Remove redundant check in tegra_i2c_issue_bus_clear()
(bsc#1184386).
- i2c: tegra: Rename wait/poll functions (bsc#1184386).
- i2c: tegra: Reorder location of functions in the code (bsc#1184386).
- i2c: tegra: Runtime PM always available on Tegra (bsc#1184386).
- i2c: tegra: Use clk-bulk helpers (bsc#1184386).
- i2c: tegra: Use devm_platform_get_and_ioremap_resource() (bsc#1184386).
- i2c: tegra: Use platform_get_irq() (bsc#1184386).
- i2c: tegra: Use reset_control_reset() (bsc#1184386).
- i2c: tegra: Use threaded interrupt (bsc#1184386).
- i2c: tegra: Wait for config load atomically while in ISR (bsc#1184386).
- i40e: Add zero-initialization of AQ command structures (git-fixes).
- i40e: Added Asym_Pause to supported link modes (git-fixes).
- i40e: Fix PHY type identifiers for 2.5G and 5G adapters (git-fixes).
- i40e: Fix add TC filter for IPv6 (git-fixes).
- i40e: Fix addition of RX filters after enabling FW LLDP agent
(git-fixes).
- i40e: Fix display statistics for veb_tc (git-fixes).
- i40e: Fix endianness conversions (git-fixes).
- i40e: Fix flow for IPv6 next header (extension header) (git-fixes).
- i40e: Fix kernel oops when i40e driver removes VF's (git-fixes).
- i40e: Fix overwriting flow control settings during driver loading
(git-fixes).
- i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025).
- i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025).
- i40e: Fix sparse error: uninitialized symbol 'ring' (jsc#SLE-13701).
- i40e: Fix sparse errors in i40e_txrx.c (git-fixes).
- i40e: Fix sparse errors in i40e_txrx.c (git-fixes).
- i40e: Fix sparse warning: missing error code 'err' (git-fixes).
- i40e: Fix use-after-free in i40e_client_subtask() (git-fixes).
- i40e: fix broken XDP support (git-fixes).
- i40e: fix the panic when running bpf in xdpdrv mode (git-fixes).
- i40e: fix the restart auto-negotiation after FEC modified (git-fixes).
- i915/perf: Start hrtimer only if sampling the OA buffer (git-fixes).
- iavf: Fix incorrect adapter get in iavf_resume (git-fixes).
- iavf: use generic power management (git-fixes).
- ibmvfc: Avoid move login if fast fail is enabled (bsc#1185938
ltc#192043).
- ibmvfc: Handle move login failure (bsc#1185938 ltc#192043).
- ibmvfc: Reinit target retries (bsc#1185938 ltc#192043).
- ibmvnic: add comments for spinlock_t definitions (bsc#1183871
ltc#192139).
- ibmvnic: avoid calling napi_disable() twice (bsc#1065729).
- ibmvnic: avoid multiple line dereference (bsc#1183871 ltc#192139).
- ibmvnic: clean up the remaining debugfs data structures (bsc#1065729).
- ibmvnic: correctly use dev_consume/free_skb_irq (jsc#SLE-17268
jsc#SLE-17043 bsc#1179243 ltc#189290 git-fixes).
- ibmvnic: fix block comments (bsc#1183871 ltc#192139).
- ibmvnic: fix braces (bsc#1183871 ltc#192139).
- ibmvnic: fix miscellaneous checks (bsc#1183871 ltc#192139).
- ibmvnic: improve failover sysfs entry (bsc#1043990 ltc#155681 git-fixes).
- ibmvnic: merge do_change_param_reset into do_reset (bsc#1183871
ltc#192139).
- ibmvnic: prefer 'unsigned long' over 'unsigned long int' (bsc#1183871
ltc#192139).
- ibmvnic: prefer strscpy over strlcpy (bsc#1183871 ltc#192139).
- ibmvnic: print adapter state as a string (bsc#1152457 ltc#174432
git-fixes).
- ibmvnic: print reset reason as a string (bsc#1152457 ltc#174432
git-fixes).
- ibmvnic: queue reset work in system_long_wq (bsc#1152457 ltc#174432
git-fixes).
- ibmvnic: remove default label from to_string switch (bsc#1152457
ltc#174432 git-fixes).
- ibmvnic: remove duplicate napi_schedule call in do_reset function
(bsc#1065729).
- ibmvnic: remove duplicate napi_schedule call in open function
(bsc#1065729).
- ibmvnic: remove unnecessary rmb() inside ibmvnic_poll (bsc#1183871
ltc#192139).
- ibmvnic: remove unused spinlock_t stats_lock definition (bsc#1183871
ltc#192139).
- ibmvnic: rework to ensure SCRQ entry reads are properly ordered
(bsc#1183871 ltc#192139).
- ice: Account for port VLAN in VF max packet size calculation (git-fixes).
- ice: Account for port VLAN in VF max packet size calculation (git-fixes).
- ice: Cleanup fltr list in case of allocation issues (git-fixes).
- ice: Continue probe on link/PHY errors (jsc#SLE-12878).
- ice: Fix for dereference of NULL pointer (git-fixes).
- ice: Increase control queue timeout (git-fixes).
- ice: Use port number instead of PF ID for WoL (jsc#SLE-12878).
- ice: fix memory allocation call (jsc#SLE-12878).
- ice: fix memory leak if register_netdev_fails (git-fixes).
- ice: fix memory leak in ice_vsi_setup (git-fixes).
- ice: fix memory leak of aRFS after resuming from suspend (jsc#SLE-12878).
- ice: prevent ice_open and ice_stop during reset (git-fixes).
- ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).
- ics932s401: fix broken handling of errors when word reading fails
(git-fixes).
- igb: Fix duplicate include guard (git-fixes).
- igb: XDP extack message on error (jsc#SLE-13536).
- igb: XDP xmit back fix error code (jsc#SLE-13536).
- igb: avoid premature Rx buffer reuse (jsc#SLE-13536).
- igb: avoid transmit queue timeout in xdp path (jsc#SLE-13536).
- igb: check timestamp validity (git-fixes).
- igb: skb add metasize for xdp (jsc#SLE-13536).
- igb: take VLAN double header into account (jsc#SLE-13536).
- igb: use xdp_do_flush (jsc#SLE-13536).
- igc: Fix Pause Frame Advertising (git-fixes).
- igc: Fix Supported Pause Frame Link Setting (git-fixes).
- igc: Fix igc_ptp_rx_pktstamp() (bsc#1160634).
- igc: Fix igc_ptp_rx_pktstamp() (bsc#1160634).
- igc: reinit_locked() should be called with rtnl_lock (git-fixes).
- igc: reinit_locked() should be called with rtnl_lock (git-fixes).
- iio: adc: ad7949: fix wrong ADC result due to incorrect bit mask
(git-fixes).
- iio: adis16400: Fix an error code in adis16400_initial_setup()
(git-fixes).
- iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler
(git-fixes).
- iio: gyro: mpu3050: Fix reported temperature value (git-fixes).
- iio: hid-sensor-humidity: Fix alignment issue of timestamp channel
(git-fixes).
- iio: hid-sensor-prox: Fix scale not correct issue (git-fixes).
- iio: hid-sensor-temperature: Fix issues of timestamp channel (git-fixes).
- iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
(git-fixes).
- iio: tsl2583: Fix division by a zero lux_val (git-fixes).
- iio:accel:adis16201: Fix wrong axis assignment that prevents loading
(git-fixes).
- iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel
(git-fixes).
- ima: Free IMA measurement buffer after kexec syscall (git-fixes).
- include/linux/sched/mm.h: use rcu_dereference in in_vfork() (git-fixes).
- intel_th: Consistency and off-by-one fix (git-fixes).
- intel_th: pci: Add Alder Lake-M support (git-fixes).
- intel_th: pci: Add Rocket Lake CPU support (git-fixes).
- interconnect: core: fix error return code of icc_link_destroy()
(git-fixes).
- iommu/amd: Add support for map/unmap_resource (jsc#ECO-3482).
- iommu/amd: Fix sleeping in atomic in increase_address_space()
(bsc#1183277).
- iommu/amd: Fix sleeping in atomic in increase_address_space()
(bsc#1183310).
- iommu/intel: Fix memleak in intel_irq_remapping_alloc (bsc#1183278).
- iommu/intel: Fix memleak in intel_irq_remapping_alloc (bsc#1183312).
- iommu/qcom: add missing put_device() call in qcom_iommu_of_xlate()
(bsc#1183313).
- iommu/qcom: add missing put_device() call in qcom_iommu_of_xlate()
(bsc#1183637).
- iommu/vt-d: Add get_domain_info() helper (bsc#1183279).
- iommu/vt-d: Avoid panic if iommu init fails in tboot system
(bsc#1183280).
- iommu/vt-d: Avoid panic if iommu init fails in tboot system
(bsc#1183315).
- iommu/vt-d: Correctly check addr alignment in qi_flush_dev_iotlb_pasid()
(bsc#1183281).
- iommu/vt-d: Correctly check addr alignment in qi_flush_dev_iotlb_pasid()
(bsc#1183316).
- iommu/vt-d: Do not use flush-queue when caching-mode is on (bsc#1183282).
- iommu/vt-d: Do not use flush-queue when caching-mode is on (bsc#1183317).
- iommu/vt-d: Fix general protection fault in aux_detach_device()
(bsc#1183283).
- iommu/vt-d: Fix general protection fault in aux_detach_device()
(bsc#1183318).
- iommu/vt-d: Fix ineffective devTLB invalidation for subdevices
(bsc#1183284).
- iommu/vt-d: Fix ineffective devTLB invalidation for subdevices
(bsc#1183319).
- iommu/vt-d: Fix status code for Allocate/Free PASID command
(bsc#1183320).
- iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev()
(bsc#1183285).
- iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev()
(bsc#1183321).
- iommu/vt-d: Move intel_iommu info from struct intel_svm to struct
intel_svm_dev (bsc#1183286).
- iommu/vt-d: Move intel_iommu info from struct intel_svm to struct
intel_svm_dev (bsc#1183322).
- iommu/vt-d: Use device numa domain if RHSA is missing (bsc#1184585).
- iommu: Check dev->iommu in dev_iommu_priv_get() before dereferencing it
(bsc#1183311).
- iommu: Switch gather->end to the inclusive end (bsc#1183314).
- ionic: linearize tso skb with too many frags (bsc#1167773).
- ionic: linearize tso skb with too many frags (bsc#1167773).
- iopoll: introduce read_poll_timeout macro (git-fixes).
- ipc/mqueue, msg, sem: Avoid relying on a stack reference past its expiry
(bsc#1185988).
- ipmi/watchdog: Stop watchdog timer when the current action is 'none'
(bsc#1184855).
- ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
(git-fixes).
- irqchip/ls-extirq: Add LS1043A, LS1088A external interrupt support
(bsc#1184264).
- irqchip/ls-extirq: Add LS1043A, LS1088A external interrupt support
(bsc#1185233).
- irqchip/ls-extirq: add IRQCHIP_SKIP_SET_WAKE to the irqchip flags
(bsc#1184264).
- irqchip/ls-extirq: add IRQCHIP_SKIP_SET_WAKE to the irqchip flags
(bsc#1185233).
- irqchip: Add support for Layerscape external interrupt lines
(bsc#1185233).
- isofs: release buffer head before return (bsc#1182613).
- iwlwifi: add support for Qu with AX201 device (git-fixes).
- iwlwifi: pcie: make cfg vs. trans_cfg more robust (git-fixes).
- ixgbe: fail to create xfrm offload of IPsec tunnel mode SA (git-fixes).
- ixgbe: fix unbalanced device enable/disable in suspend/resume
(jsc#SLE-13706).
- jffs2: fix use after free in jffs2_sum_write_data() (bsc#1184740).
- kABI: Fix kABI caused by fixes for bsc#1174426 (bsc#1174426).
- kABI: cover up change in struct kvm_arch (bsc#1184969).
- kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- kABI: powerpc/pseries: Add shutdown() to vio_driver and vio_bus
(bsc#1184209 ltc#190917).
- kbuild: Fail if gold linker is detected (bcs#1181862).
- kbuild: add dummy toolchains to enable all cc-option etc. in Kconfig
(bcs#1181862).
- kbuild: change *FLAGS_<basetarget>.o to take the path relative to
$(obj) (bcs#1181862).
- kbuild: dummy-tools, fix inverted tests for gcc (bcs#1181862).
- kbuild: dummy-tools, support MPROFILE_KERNEL checks for ppc
(bsc#1181862).
- kbuild: improve cc-option to clean up all temporary files (bsc#1178330).
- kbuild: include scripts/Makefile.* only when relevant CONFIG is enabled
(bcs#1181862).
- kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc (bcs#1181862).
- kbuild: stop filtering out $(GCC_PLUGINS_CFLAGS) from cc-option base
(bcs#1181862).
- kbuild: use -S instead of -E for precise cc-option test in Kconfig
(bsc#1178330).
- kconfig: introduce m32-flag and m64-flag (bcs#1181862).
- kernel-docs.spec.in: Build using an utf-8 locale. Sphinx cannot handle
UTF-8 input in non-UTF-8 locale.
- kernel/smp: make csdlock timeout depend on boot parameter (bsc#1180846).
- kvm: svm: Update svm_xsaves_supported (jsc#SLE-13573).
- kvm: x86: Enumerate support for CLZERO instruction (jsc#SLE-13573).
- leds: lp5523: check return value of lp5xx_read and jump to cleanup code
(git-fixes).
- lib/syscall: fix syscall registers retrieval on 32-bit platforms
(git-fixes).
- libbpf: Add explicit padding to bpf_xdp_set_link_opts (bsc#1177028).
- libbpf: Add explicit padding to btf_dump_emit_type_decl_opts
(bsc#1177028).
- libbpf: Clear map_info before each bpf_obj_get_info_by_fd (bsc#1155518).
- libbpf: Fix BTF dump of pointer-to-array-of-struct (bsc#1155518).
- libbpf: Fix INSTALL flag order (bsc#1155518).
- libbpf: Fix bail out from 'ringbuf_process_ring()' on error
(bsc#1177028).
- libbpf: Fix error path in bpf_object__elf_init() (bsc#1177028).
- libbpf: Fix signed overflow in ringbuf_process_ring (bsc#1177028).
- libbpf: Initialize the bpf_seq_printf parameters array field by field
(bsc#1177028).
- libbpf: Only create rx and tx XDP rings when necessary (bsc#1155518).
- libbpf: Use SOCK_CLOEXEC when opening the netlink socket (bsc#1155518).
- libnvdimm/label: Return -ENXIO for no slot in __blk_label_update
(bsc#1185269).
- libnvdimm/namespace: Fix reaping of invalidated block-window-namespace
labels (bsc#1185269).
- libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
(bsc#1184969 git-fixes).
- libnvdimm/security: ensure sysfs poll thread woke up and fetch updated
attr (git-fixes).
- liquidio: Fix unintented sign extension of a left shift of a u16
(git-fixes).
- locking/mutex: Fix non debug version of mutex_lock_io_nested()
(git-fixes).
- locking/qrwlock: Fix ordering in queued_write_lock_slowpath()
(bsc#1185041).
- lpfc: Decouple port_template and vport_template (bsc#185032).
- mISDN: fix crash in fritzpci (git-fixes).
- mac80211: Allow HE operation to be longer than expected (git-fixes).
- mac80211: bail out if cipher schemes are invalid (git-fixes).
- mac80211: choose first enabled channel for monitor (git-fixes).
- mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
(git-fixes).
- mac80211: clear the beacon's CRC after channel switch (git-fixes).
- mac80211: fix TXQ AC confusion (git-fixes).
- mac80211: fix double free in ibss_leave (git-fixes).
- mac80211: fix rate mask reset (git-fixes).
- macvlan: macvlan_count_rx() needs to be aware of preemption (git-fixes).
- md-cluster: fix use-after-free issue when removing rdev (bsc#1184082).
- md/raid1: properly indicate failure when ending a failed write request
(bsc#1185680).
- md: do not flush workqueue unconditionally in md_open (bsc#1184081).
- md: factor out a mddev_find_locked helper from mddev_find (bsc#1184081).
- md: md_open returns -EBUSY when entering racing area (bsc#1184081).
- md: split mddev_find (bsc#1184081).
- mdio: fix mdio-thunder.c dependency & build error (git-fixes).
- media: adv7604: fix possible use-after-free in adv76xx_remove()
(git-fixes).
- media: cros-ec-cec: do not bail on device_init_wakeup failure
(git-fixes).
- media: cx23885: add more quirks for reset DMA on some AMD IOMMU
(git-fixes).
- media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB
(git-fixes).
- media: dvb-usb: fix memory leak in dvb_usb_adapter_init (git-fixes).
- media: dvbdev: Fix memory leak in dvb_media_device_free() (git-fixes).
- media: em28xx: fix memory leak (git-fixes).
- media: gspca/sq905.c: fix uninitialized variable (git-fixes).
- media: i2c: adv7511-v4l2: fix possible use-after-free in
adv7511_remove() (git-fixes).
- media: i2c: adv7842: fix possible use-after-free in adv7842_remove()
(git-fixes).
- media: i2c: tda1997: Fix possible use-after-free in tda1997x_remove()
(git-fixes).
- media: imx: capture: Return -EPIPE from __capture_legacy_try_fmt()
(git-fixes).
- media: ite-cir: check for receive overflow (git-fixes).
- media: m88rs6000t: avoid potential out-of-bounds reads on arrays
(git-fixes).
- media: mantis: remove orphan mantis_core.c (git-fixes).
- media: mceusb: sanity check for prescaler value (git-fixes).
- media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
(git-fixes).
- media: omap4iss: return error code when omap4iss_get() failed
(git-fixes).
- media: platform: sti: Fix runtime PM imbalance in regs_show (git-fixes).
- media: platform: sunxi: sun6i-csi: fix error return code of
sun6i_video_start_streaming() (git-fixes).
- media: rc: compile rc-cec.c into rc-core (git-fixes).
- media: saa7134: use sg_dma_len when building pgtable (git-fixes).
- media: saa7146: use sg_dma_len when building pgtable (git-fixes).
- media: staging/intel-ipu3: Fix memory leak in imu_fmt (git-fixes).
- media: staging/intel-ipu3: Fix race condition during set_fmt (git-fixes).
- media: staging/intel-ipu3: Fix set_fmt error handling (git-fixes).
- media: tc358743: fix possible use-after-free in tc358743_remove()
(git-fixes).
- media: usbtv: Fix deadlock on suspend (git-fixes).
- media: uvcvideo: Allow entities with no pads (git-fixes).
- media: v4l2-ctrls.c: fix race condition in hdl->requests list
(git-fixes).
- media: v4l2-ctrls.c: fix shift-out-of-bounds in std_validate (git-fixes).
- media: v4l: vsp1: Fix bru null pointer access (git-fixes).
- media: v4l: vsp1: Fix uif null pointer access (git-fixes).
- media: vicodec: add missing v4l2_ctrl_request_hdl_put() (git-fixes).
- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
(git-fixes).
- memory: mtk-smi: Fix PM usage counter unbalance in mtk_smi ops
(bsc#1183325).
- memory: pl353: fix mask of ECC page_size config register (git-fixes).
- mfd: arizona: Fix rumtime PM imbalance on error (git-fixes).
- mfd: intel_pmt: Fix nuisance messages and handling of disabled
capabilities (git-fixes).
- mfd: lpc_sch: Partially revert "Add support for Intel Quark X1000"
(git-fixes).
- mfd: stm32-timers: Avoid clearing auto reload register (git-fixes).
- misc/pvpanic: Export module FDT device table (git-fixes).
- misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
(git-fixes).
- misc: fastrpc: restrict user apps from sending kernel RPC messages
(git-fixes).
- misc: lis3lv02d: Fix false-positive WARN on various HP models
(git-fixes).
- misc: vmw_vmci: explicitly initialize vmci_datagram payload (git-fixes).
- misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
(git-fixes).
- mlxsw: spectrum_mr: Update egress RIF list before route's action
(git-fixes).
- mm, numa: fix bad pmd by atomically check for pmd_trans_huge when
marking page tables prot_numa (bsc#1168777).
- mm/rmap: fix potential pte_unmap on an not mapped pte (git-fixes).
- mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
(git-fixes).
- mm: memcontrol: fix cpuhotplug statistics flushing (bsc#1185606).
- mmc: block: Update ext_csd.cache_ctrl if it was written (git-fixes).
- mmc: core: Correct descriptions in mmc_of_parse() (git-fixes).
- mmc: core: Do a power cycle when the CMD11 fails (git-fixes).
- mmc: core: Fix partition switch time for eMMC (git-fixes).
- mmc: core: Set read only for SD cards with permanent write protect bit
(git-fixes).
- mmc: cqhci: Add cqhci_deactivate() (git-fixes).
- mmc: cqhci: Fix random crash when remove mmc module/card (git-fixes).
- mmc: mmc_spi: Drop unused NO_IRQ definition (git-fixes).
- mmc: mxs-mmc: Fix a resource leak in an error handling path in
'mxs_mmc_probe()' (git-fixes).
- mmc: sdhci-iproc: Cap min clock frequency on BCM2711 (bsc#1186009)
- mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
(bsc#1186009)
- mmc: sdhci-of-arasan: Add missed checks for devm_clk_register()
(git-fixes).
- mmc: sdhci-of-dwcmshc: fix rpmb access (git-fixes).
- mmc: sdhci-of-dwcmshc: implement specific set_uhs_signaling (git-fixes).
- mmc: sdhci-of-dwcmshc: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (git-fixes).
- mmc: sdhci-of-esdhc: make sure delay chain locked for HS400 (git-fixes).
- mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes).
- mmc: sdhci-pci-gli: increase 1.8V regulator wait (git-fixes).
- mmc: sdhci-pci: Add PCI IDs for Intel LKF (git-fixes).
- mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based
controllers (git-fixes).
- mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based
controllers (git-fixes).
- mmc: sdhci: Check for reset prior to DMA address unmap (git-fixes).
- mmc: sdhci: Use Auto CMD Auto Select only when v4_mode is true
(git-fixes).
- mmc: uniphier-sd: Fix a resource leak in the remove function (git-fixes).
- mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe()
(git-fixes).
- mount: fix mounting of detached mounts onto targets that reside on
shared mounts (git-fixes).
- mt7601u: fix always true expression (git-fixes).
- mt76: dma: do not report truncated frames to mac80211 (git-fixes).
- mt76: mt7615: fix entering driver-own state on mt7663 (git-fixes).
- mt76: mt7615: support loading EEPROM for MT7613BE (git-fixes).
- mt76: mt76x0: disable GTK offloading (git-fixes).
- mt76: mt7915: fix aggr len debugfs node (git-fixes).
- mt76: mt7915: fix txpower init for TSSI off chips (git-fixes).
- mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
(git-fixes).
- mtd: rawnand: atmel: Update ecc_stats.corrected counter (git-fixes).
- mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC (git-fixes).
- mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe() (git-fixes).
- mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init (git-fixes).
- mtd: rawnand: qcom: Return actual error code instead of -ENODEV
(git-fixes).
- mtd: require write permissions for locking and badblock ioctls
(git-fixes).
- mtd: spi-nor: Rename "n25q512a" to "mt25qu512a (n25q512a)" (bsc#1167260).
- mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two (bsc#1167260).
- mtd: spinand: core: add missing MODULE_DEVICE_TABLE() (git-fixes).
- mwifiex: pcie: skip cancel_work_sync() on reset failure path (git-fixes).
- nbd: fix a block_device refcount leak in nbd_release (git-fixes).
- net, xdp: Update pkt_type if generic XDP changes unicast MAC (git-fixes).
- net/mlx4_core: Add missed mlx4_free_cmd_mailbox() (git-fixes).
- net/mlx4_en: update moderation when config reset (git-fixes).
- net/mlx5: Add back multicast stats for uplink representor
(jsc#SLE-15172).
- net/mlx5: Delete extra dump stack that gives nothing (git-fixes).
- net/mlx5: Do not request more than supported EQs (git-fixes).
- net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).
- net/mlx5: Fix bit-wise and with zero (jsc#SLE-15172).
- net/mlx5: Fix health error state handling (bsc#1186467).
- net/mlx5e: Allow to match on MPLS parameters only for MPLS over UDP
(jsc#SLE-15172).
- net/mlx5e: Do not match on Geneve options in case option masks are all
zero (git-fixes).
- net/mlx5e: E-switch, Fix rate calculation division (jsc#SLE-8464).
- net/mlx5e: Fix error path for ethtool set-priv-flag (git-fixes).
- net/mlx5e: Fix ethtool indication of connector type (git-fixes).
- net/mlx5e: Fix setting of RS FEC mode (jsc#SLE-15172).
- net/mlx5e: Offload tuple rewrite for non-CT flows (jsc#SLE-15172).
- net/mlx5e: RX, Mind the MPWQE gaps when calculating offsets
(jsc#SLE-15172).
- net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
(jsc#SLE-8464).
- net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template
(git-fixes).
- net/sched: act_ct: fix wild memory access when clearing fragments
(bsc#1176447).
- net: arc_emac: Fix memleak in arc_mdio_probe (git-fixes).
- net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
- net: atlantic: fix out of range usage of active_vlans array (git-fixes).
- net: atlantic: fix potential error handling (git-fixes).
- net: atlantic: fix use after free kasan warn (git-fixes).
- net: b44: fix error return code in b44_init_one() (git-fixes).
- net: bonding: fix error return code of bond_neigh_init() (bsc#1154353).
- net: cdc-phonet: fix data-interface release on probe failure (git-fixes).
- net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb
(bsc#1176447).
- net: dsa: felix: implement port flushing on .phylink_mac_link_down
(git-fixes).
- net: dsa: rtl8366: Fix VLAN semantics (git-fixes).
- net: dsa: rtl8366: Fix VLAN set-up (git-fixes).
- net: dsa: rtl8366rb: Support all 4096 VLANs (git-fixes).
- net: enetc: allow hardware timestamping on TX queues with tc-etf enabled
(git-fixes).
- net: enetc: do not disable VLAN filtering in IFF_PROMISC mode
(git-fixes).
- net: enetc: fix link error again (git-fixes).
- net: enetc: remove bogus write to SIRXIDR from enetc_setup_rxbdr
(git-fixes).
- net: enetc: take the MDIO lock only once per NAPI poll cycle (git-fixes).
- net: enic: Cure the enic api locking trainwreck (git-fixes).
- net: ethernet: aquantia: Fix wrong return value (git-fixes).
- net: ethernet: cavium: octeon_mgmt: use phy_start and phy_stop
(git-fixes).
- net: ethernet: ibm: ibmvnic: Fix some kernel-doc misdemeanours
(bsc#1183871 ltc#192139).
- net: ethernet: ti: cpsw: fix clean up of vlan mc entries for host port
(git-fixes).
- net: ethernet: ti: cpsw: fix error return code in cpsw_probe()
(git-fixes).
- net: fec: Fix PHY init after phy_reset_after_clk_enable() (git-fixes).
- net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
(git-fixes).
- net: fec: Fix reference count leak in fec series ops (git-fixes).
- net: gemini: Fix another missing clk_disable_unprepare() in probe
(git-fixes).
- net: gemini: Fix missing free_netdev() in error path of
gemini_ethernet_port_probe() (git-fixes).
- net: geneve: check skb is large enough for IPv4/IPv6 header (git-fixes).
- net: geneve: modify IP header check in geneve6_xmit_skb and
geneve_xmit_skb (git-fixes).
- net: gianfar: Add of_node_put() before goto statement (git-fixes).
- net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
(git-fixes).
- net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
ether_setup (git-fixes).
- net: hns3: Fix for geneve tx checksum bug (git-fixes).
- net: hns3: Remove the left over redundant check & assignment
(bsc#1154353).
- net: hns3: Remove un-necessary 'else-if' in the hclge_reset_event()
(git-fixes).
- net: hns3: add check for HNS3_NIC_STATE_INITED in
hns3_reset_notify_up_enet() (git-fixes).
- net: hns3: clear VF down state bit before request link status
(git-fixes).
- net: hns3: clear unnecessary reset request in hclge_reset_rebuild
(git-fixes).
- net: hns3: disable phy loopback setting in hclge_mac_start_phy
(git-fixes).
- net: hns3: fix bug when calculating the TCAM table info (git-fixes).
- net: hns3: fix for vxlan gpe tx checksum bug (git-fixes).
- net: hns3: fix incorrect configuration for igu_egu_hw_err (git-fixes).
- net: hns3: fix query vlan mask value error for flow director (git-fixes).
- net: hns3: initialize the message content in hclge_get_link_mode()
(git-fixes).
- net: hns3: use netif_tx_disable to stop the transmit queue (git-fixes).
- net: korina: cast KSEG0 address to pointer in kfree (git-fixes).
- net: korina: fix kfree of rx/tx descriptor array (git-fixes).
- net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).
- net: ll_temac: Add more error handling of dma_map_single() calls
(git-fixes).
- net: ll_temac: Fix RX buffer descriptor handling on GFP_ATOMIC pressure
(git-fixes).
- net: ll_temac: Fix race condition causing TX hang (git-fixes).
- net: ll_temac: Handle DMA halt condition caused by buffer underrun
(git-fixes).
- net: mvneta: fix double free of txq->buf (git-fixes).
- net: mvneta: make tx buffer array agnostic (git-fixes).
- net: pasemi: fix error return code in pasemi_mac_open() (git-fixes).
- net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).
- net: phy: intel-xway: enable integrated led functions (git-fixes).
- net: phy: marvell: fix m88e1011_set_downshift (git-fixes).
- net: phy: marvell: fix m88e1111_set_downshift (git-fixes).
- net: qcom/emac: add missed clk_disable_unprepare in error path of
emac_clks_phase1_init (git-fixes).
- net: qualcomm: rmnet: Fix incorrect receive packet handling during
cleanup (git-fixes).
- net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
- net: smc911x: Adjust indentation in smc911x_phy_configure (git-fixes).
- net: spider_net: Fix the size used in a 'dma_free_coherent()' call
(git-fixes).
- net: stmmac: Fix incorrect location to set real_num_rx|tx_queues
(git-fixes).
- net: stmmac: Use rtnl_lock/unlock on netif_set_real_num_rx_queues() call
(git-fixes).
- net: stmmac: fix missing IFF_MULTICAST check in dwmac4_set_filter
(git-fixes).
- net: stmmac: removed enabling eee in EEE set callback (git-fixes).
- net: stmmac: use netif_tx_start|stop_all_queues() function (git-fixes).
- net: stmmac: xgmac: fix missing IFF_MULTICAST checki in
dwxgmac2_set_filter (git-fixes).
- net: thunderx: Fix unintentional sign extension issue (git-fixes).
- net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
(git-fixes).
- net: usb: ax88179_178a: fix missing stop entry in driver_info
(git-fixes).
- net: usb: qmi_wwan: allow qmimux add/del with master up (git-fixes).
- net: usb: qmi_wwan: support ZTE P685M modem (git-fixes).
- net: wan/lmc: unregister device when no matching device is found
(git-fixes).
- net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
(git-fixes).
- netdevice: Add missing IFF_PHONY_HEADROOM self-definition (git-fixes).
- netdevsim: init u64 stats for 32bit hardware (git-fixes).
- netfilter: conntrack: Make global sysctls readonly in non-init netns
(bsc#1176447).
- netfilter: conntrack: add new sysctl to disable RST check (bsc#1183947
bsc#1185950).
- netfilter: conntrack: avoid misleading 'invalid' in log message
(bsc#1183947 bsc#1185950).
- netfilter: conntrack: improve RST handling when tuple is re-used
(bsc#1183947 bsc#1185950).
- netfilter: flowtable: Make sure GC works periodically in idle system
(bsc#1176447).
- netfilter: flowtable: fix NAT IPv6 offload mangling (bsc#1176447).
- netfilter: nftables: allow to update flowtable flags (bsc#1176447).
- netfilter: nftables: report EOPNOTSUPP on unsupported flowtable flags
(bsc#1176447).
- netsec: restore phy power state after controller reset (bsc#1183757).
- nfc: pn533: prevent potential memory corruption (git-fixes).
- nfp: devlink: initialize the devlink port attribute "lanes"
(bsc#1176447).
- nfp: flower: add ipv6 bit to pre_tunnel control message (bsc#1176447).
- nfp: flower: fix pre_tun mask id allocation (bsc#1154353).
- nfp: flower: ignore duplicate merge hints from FW (git-fixes).
- node: fix device cleanups in error handling code (git-fixes).
- null_blk: fix passing of REQ_FUA flag in null_handle_rq (git-fixes).
- nvme-core: add cancel tagset helpers (bsc#1183976).
- nvme-fabrics: decode host pathing error for connect (bsc#1179827).
- nvme-fabrics: fix kato initialization (bsc#1182591).
- nvme-fabrics: only reserve a single tag (bsc#1182077).
- nvme-fabrics: reject I/O to offline device (bsc#1181161).
- nvme-fc: check sgl supported by target (bsc#1179827).
- nvme-fc: clear q_live at beginning of association teardown (bsc#1186479).
- nvme-fc: fix racing controller reset and create association
(bsc#1183048).
- nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted
(bsc#1180197).
- nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted
(bsc#1184259).
- nvme-fc: set NVME_REQ_CANCELLED in nvme_fc_terminate_exchange()
(bsc#1180197).
- nvme-fc: set NVME_REQ_CANCELLED in nvme_fc_terminate_exchange()
(bsc#1184259).
- nvme-fc: short-circuit reconnect retries (bsc#1179827).
- nvme-hwmon: Return error code when registration fails (bsc#1177326).
- nvme-hwmon: Return error code when registration fails (bsc#1177326).
- nvme-multipath: fix double initialization of ANA state (bsc#1178612,
bsc#1184259).
- nvme-multipath: reset bdev to ns head when failover (bsc#178378
bsc#1182999).
- nvme-tcp: Fix possible race of io_work and direct send (git-fixes).
- nvme-tcp: Fix warning with CONFIG_DEBUG_PREEMPT (git-fixes).
- nvme-tcp: add clean action for failed reconnection (bsc#1183976).
- nvme-tcp: fix kconfig dependency warning when !CRYPTO (git-fixes).
- nvme-tcp: fix misuse of __smp_processor_id with preemption (git-fixes).
- nvme-tcp: fix possible hang waiting for icresp response (bsc#1179519).
- nvme-tcp: fix possible hang when failing to set io queues (bsc#1181161).
- nvme-tcp: use cancel tagset helper for tear down (bsc#1183976).
- nvme: Fix NULL dereference for pci nvme controllers (bsc#1182378).
- nvme: add 'kato' sysfs attribute (bsc#1179825).
- nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() (bsc#1180197).
- nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() (bsc#1184259).
- nvme: allocate the keep alive request using BLK_MQ_REQ_NOWAIT
(bsc#1182077).
- nvme: call nvme_identify_ns as the first thing in nvme_alloc_ns_block
(bsc#1180197).
- nvme: clean up the check for too large logic block sizes (bsc#1180197).
- nvme: define constants for identification values (git-fixes).
- nvme: do not intialize hwmon for discovery controllers (bsc#1184259).
- nvme: do not intialize hwmon for discovery controllers (git-fixes).
- nvme: explicitly update mpath disk capacity on revalidation (git-fixes).
- nvme: expose reconnect_delay and ctrl_loss_tmo via sysfs (bsc#1182378).
- nvme: factor out a nvme_configure_metadata helper (bsc#1180197).
- nvme: fix controller instance leak (git-fixes).
- nvme: fix initialization of the zone bitmaps (bsc#1180197).
- nvme: fix possible deadlock when I/O is blocked (git-fixes).
- nvme: freeze the queue over ->lba_shift updates (bsc#1180197).
- nvme: lift the check for an unallocated namespace into nvme_identify_ns
(bsc#1180197).
- nvme: merge nvme_keep_alive into nvme_keep_alive_work (bsc#1182077).
- nvme: move nvme_validate_ns (bsc#1180197).
- nvme: opencode revalidate_disk in nvme_validate_ns (bsc#1180197).
- nvme: query namespace identifiers before adding the namespace
(bsc#1180197).
- nvme: refactor nvme_validate_ns (bsc#1180197).
- nvme: remove nvme_identify_ns_list (bsc#1180197).
- nvme: remove nvme_update_formats (bsc#1180197).
- nvme: remove superfluous else in nvme_ctrl_loss_tmo_store (bsc#1182378).
- nvme: remove the 0 lba_shift check in nvme_update_ns_info (bsc#1180197).
- nvme: remove the disk argument to nvme_update_zone_info (bsc#1180197).
- nvme: rename __nvme_revalidate_disk (bsc#1180197).
- nvme: rename _nvme_revalidate_disk (bsc#1180197).
- nvme: rename nvme_validate_ns to nvme_validate_or_alloc_ns (bsc#1180197).
- nvme: retrigger ANA log update if group descriptor isn't found
(git-fixes)
- nvme: return an error if nvme_set_queue_count() fails (bsc#1180197).
- nvme: revalidate zone bitmaps in nvme_update_ns_info (bsc#1180197).
- nvme: sanitize KATO setting (bsc#1179825).
- nvme: set the queue limits in nvme_update_ns_info (bsc#1180197).
- nvme: simplify error logic in nvme_validate_ns() (bsc#1180197).
- nvme: simplify error logic in nvme_validate_ns() (bsc#1184259).
- nvme: update the known admin effects (bsc#1180197).
- nvmet-rdma: Fix list_del corruption on queue establishment failure
(bsc#1183501).
- nvmet: fix a memory leak (git-fixes).
- nvmet: seset ns->file when open fails (bsc#1183873).
- nvmet: use new ana_log_size instead the old one (bsc#1184259).
- ocfs2: fix a use after free on error (bsc#1184738).
- ovl: fix dentry leak in ovl_get_redirect (bsc#1184176).
- ovl: fix out of date comment and unreachable code (bsc#1184176).
- ovl: fix regression with re-formatted lower squashfs (bsc#1184176).
- ovl: fix unneeded call to ovl_change_flags() (bsc#1184176).
- ovl: fix value of i_ino for lower hardlink corner case (bsc#1184176).
- ovl: initialize error in ovl_copy_xattr (bsc#1184176).
- ovl: relax WARN_ON() when decoding lower directory file handle
(bsc#1184176).
- pata_arasan_cf: fix IRQ check (git-fixes).
- pata_ipx4xx_cf: fix IRQ check (git-fixes).
- perf/amd/uncore: Fix sysfs type mismatch (bsc#1178134).
- phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y,
unconditionally (git-fixes).
- phy: phy-twl4030-usb: Fix possible use-after-free in
twl4030_usb_remove() (git-fixes).
- partitions/ibm: fix non-DASD devices (bsc#1185857 LTC#192526).
- pinctrl: Ingenic: Add missing pins to the JZ4770 MAC MII group
(git-fixes).
- pinctrl: core: Fix kernel doc string for pin_get_name() (git-fixes).
- pinctrl: ingenic: Improve unreachable code generation (git-fixes).
- pinctrl: lewisburg: Update number of pins in community (git-fixes).
- pinctrl: qcom: spmi-gpio: fix warning about irq chip reusage (git-fixes).
- pinctrl: rockchip: fix restore error in resume (git-fixes).
- pinctrl: samsung: use 'int' for register masks in Exynos (git-fixes).
- platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue (git-fixes).
- platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire
Switch 10E SW3-016 (git-fixes).
- platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag
(git-fixes).
- platform/x86: acer-wmi: Add new force_caps module parameter (git-fixes).
- platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices
(git-fixes).
- platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines (git-fixes).
- platform/x86: acer-wmi: Cleanup accelerometer device handling
(git-fixes).
- platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2
(git-fixes).
- platform/x86: intel-vbtn: Stop reporting SW_DOCK events (git-fixes).
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when
using s2idle (git-fixes).
- platform/x86: intel_pmc_core: Do not use global pmcdev in quirks
(git-fixes).
- platform/x86: intel_pmt_crashlog: Fix incorrect macros (git-fixes).
- platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards
with critclk_systems DMI table (git-fixes).
- platform/x86: thinkpad_acpi: Allow the FnLock LED to change state
(git-fixes).
- platform/x86: thinkpad_acpi: Correct thermal sensor allocation
(git-fixes).
- posix-timers: Preserve return value in clock_adjtime32() (git-fixes)
- post.sh: Return an error when module update fails (bsc#1047233
bsc#1184388).
- power: supply: Use IRQF_ONESHOT (git-fixes).
- power: supply: generic-adc-battery: fix possible use-after-free in
gab_remove() (git-fixes).
- power: supply: s3c_adc_battery: fix possible use-after-free in
s3c_adc_bat_remove() (git-fixes).
- powerepc/book3s64/hash: Align start/end address correctly with bolt
mapping (bsc#1184957).
- powerpc/64s/exception: Clean up a missed SRR specifier (jsc#SLE-9246
git-fixes).
- powerpc/64s: Fix crashes when toggling entry flush barrier (bsc#1177666
git-fixes).
- powerpc/64s: Fix crashes when toggling stf barrier (bsc#1087082
git-fixes).
- powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
(bsc#1065729).
- powerpc/64s: Fix pte update for kernel memory on radix (bsc#1055117
git-fixes).
- powerpc/asm-offsets: GPR14 is not needed either (bsc#1065729).
- powerpc/book3s64/radix: Remove WARN_ON in destroy_context() (bsc#1183692
ltc#191963).
- powerpc/eeh: Fix EEH handling for hugepages in ioremap space
(bsc#1156395).
- powerpc/fadump: Mark fadump_calculate_reserve_size as __init
(bsc#1065729).
- powerpc/kexec_file: Use current CPU info while setting up FDT
(bsc#1184615 ltc#189835).
- powerpc/kuap: Restore AMR after replaying soft interrupts (bsc#1156395).
- powerpc/mm: Add cond_resched() while removing hpte mappings (bsc#1183289
ltc#191637).
- powerpc/papr_scm: Fix build error due to wrong printf specifier
(bsc#1184969).
- powerpc/papr_scm: Implement support for H_SCM_FLUSH hcall (bsc#1184969).
- powerpc/perf: Fix PMU constraint check for EBB events (bsc#1065729).
- powerpc/perf: Fix sampled instruction type for larx/stcx (jsc#SLE-13513).
- powerpc/perf: Fix the threshold event selection for memory events in
power10 (jsc#SLE-13513).
- powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- powerpc/prom: Mark identical_pvr_fixup as __init (bsc#1065729).
- powerpc/pseries/mobility: handle premature return from H_JOIN
(bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922).
- powerpc/pseries/mobility: use struct for shared state (bsc#1181674
ltc#189159 git-fixes bsc#1183662 ltc#191922).
- powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
- powerpc/pseries: Add shutdown() to vio_driver and vio_bus (bsc#1184209
ltc#190917).
- powerpc/pseries: Do not trace hcall tracing wrapper (bsc#1185110
ltc#192091).
- powerpc/pseries: Fix hcall tracing recursion in pv queued spinlocks
(bsc#1185110 ltc#192091).
- powerpc/pseries: use notrace hcall variant for H_CEDE idle (bsc#1185110
ltc#192091).
- powerpc/pseries: warn if recursing into the hcall tracing code
(bsc#1185110 ltc#192091).
- powerpc/smp: Reintroduce cpu_core_mask (jsc#SLE-13615 bsc#1180100
ltc#190257 git-fixes).
- powerpc/sstep: Check instruction validity against ISA version before
emulation (bsc#1156395).
- powerpc/sstep: Check instruction validity against ISA version before
emulation (bsc#1156395).
- powerpc/sstep: Fix darn emulation (bsc#1156395).
- powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).
- powerpc/sstep: Fix load-store and update emulation (bsc#1156395).
- powerpc/time: Enable sched clock for irqtime (bsc#1156395).
- powerpc/uaccess: Avoid might_fault() when user access is enabled
(bsc#1156395).
- powerpc/uaccess: Perform barrier_nospec() in KUAP allowance helpers
(bsc#1156395).
- powerpc/uaccess: Simplify unsafe_put_user() implementation (bsc#1156395).
- powerpc/xive: Drop check on irq_data in xive_core_debug_show()
(bsc#1177437 ltc#188522 jsc#SLE-13294 git-fixes).
- powerpc/xmon: Fix build failure for 8xx (jsc#SLE-12936 git-fixes).
- powerpc: Fix inverted SET_FULL_REGS bitop (jsc#SLE-9246 git-fixes).
- powerpc: Fix missing declaration ofable_kernel_vsx() (git-fixes).
- proc: fix lookup in /proc/net subdirectories after setns(2) (git-fixes).
- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
- qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
(git-fixes).
- qxl: Fix uninitialised struct field head.surface_id (git-fixes).
- r8169: do not advertise pause in jumbo mode (git-fixes).
- r8169: fix DMA being used after buffer free if WoL is enabled
(git-fixes).
- r8169: tweak max read request size for newer chips also in jumbo mtu
mode (git-fixes).
- regmap: set debugfs_name to NULL after it is freed (git-fixes).
- regulator: Avoid a double 'of_node_get' in
'regulator_of_get_init_node()' (git-fixes).
- regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes).
- reintroduce cqhci_suspend for kABI (git-fixes).
- reiserfs: update reiserfs_xattrs_initialized() condition (bsc#1184737).
- rsi: Fix TX EAPOL packet handling against iwlwifi AP (git-fixes).
- rsi: Move card interrupt handling to RX thread (git-fixes).
- rsi: Use resume_noirq for SDIO (git-fixes).
- rsxx: remove extraneous 'const' qualifier (git-fixes).
- rtc: ds1307: Fix wday settings for rx8130 (git-fixes).
- rtc: fsl-ftm-alarm: add MODULE_TABLE() (bsc#1185454).
- rtc: fsl-ftm-alarm: avoid struct rtc_time conversions (bsc#1185454).
- rtc: fsl-ftm-alarm: enable acpi support (bsc#1185454).
- rtc: fsl-ftm-alarm: fix freeze(s2idle) failed to wake (bsc#1185454).
- rtc: fsl-ftm-alarm: report alarm to core (bsc#1185454).
- rtc: fsl-ftm-alarm: switch to ktime_get_real_seconds (bsc#1185454).
- rtc: fsl-ftm-alarm: switch to rtc_time64_to_tm/rtc_tm_to_time64
(bsc#1185454).
- rtc: fsl-ftm-alarm: update acpi device id (bsc#1185454).
- rtc: pcf2127: add alarm support (bsc#1185233).
- rtc: pcf2127: add pca2129 device id (bsc#1185233).
- rtc: pcf2127: add tamper detection support (bsc#1185233).
- rtc: pcf2127: add watchdog feature support (bsc#1185233).
- rtc: pcf2127: bugfix: watchdog build dependency (bsc#1185233).
- rtc: pcf2127: cleanup register and bit defines (bsc#1185233).
- rtc: pcf2127: convert to devm_rtc_allocate_device (bsc#1185233).
- rtc: pcf2127: fix a bug when not specify interrupts property
(bsc#1185233).
- rtc: pcf2127: fix alarm handling (bsc#1185233).
- rtc: pcf2127: fix pcf2127_nvmem_read/write() returns (bsc#1185233).
- rtc: pcf2127: handle boot-enabled watchdog feature (bsc#1185233).
- rtc: pcf2127: handle timestamp interrupts (bsc#1185495).
- rtc: pcf2127: let the core handle rtc range (bsc#1185233).
- rtc: pcf2127: move watchdog initialisation to a separate function
(bsc#1185233).
- rtc: pcf2127: only use watchdog when explicitly available (bsc#1185233).
- rtc: pcf2127: properly set flag WD_CD for rtc chips(pcf2129, pca2129)
(bsc#1185233).
- rtc: pcf2127: remove unnecessary #ifdef (bsc#1185233).
- rtc: pcf2127: set regmap max_register (bsc#1185233).
- rtc: pcf2127: watchdog: handle nowayout feature (bsc#1185233).
- rtlwifi: 8821ae: upgrade PHY and RF parameters (git-fixes).
- rtw88: Fix an error code in rtw_debugfs_set_rsvd_page() (git-fixes).
- rtw88: Fix array overrun in rtw_get_tx_power_params() (git-fixes).
- rtw88: coex: 8821c: correct antenna switch function (git-fixes).
- s390/cio: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/cio: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/crypto: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/dasd: fix hanging DASD driver unbind (bsc#1183932 LTC#192153).
- s390/dasd: fix hanging IO request during DASD driver unbind (git-fixes).
- s390/entry: save the caller of psw_idle (bsc#1185677).
- s390/ipl: support NVMe IPL kernel parameters (bsc#1185980 LTC#192679).
- s390/kdump: fix out-of-memory with PCI (bsc#1182257 LTC#191375).
- s390/pci: fix leak of PCI device structure (git-fixes).
- s390/qeth: fix memory leak after failed TX Buffer allocation (git-fixes).
- s390/qeth: fix notification for pending buffers during teardown
(git-fixes).
- s390/qeth: improve completion of pending TX buffers (git-fixes).
- s390/qeth: schedule TX NAPI on QAOB completion (git-fixes).
- s390/vtime: fix increased steal time accounting (bsc#1183859).
- s390/zcrypt: return EIO when msg retry limit reached (git-fixes).
- samples, bpf: Add missing munmap in xdpsock (bsc#1155518).
- samples/bpf: Fix possible hang in xdpsock with multiple threads
(bsc#1155518).
- sata_mv: add IRQ checks (git-fixes).
- sched/eas: Do not update misfit status if the task is pinned (git-fixes)
- sched/fair: Avoid stale CPU util_est value for schedutil in (git-fixes)
- sched/fair: Fix shift-out-of-bounds in load_balance() (git fixes
(sched)).
- sched/fair: Fix unfairness caused by missing load decay (git-fixes)
- scripts/git_sort/git_sort.py: add bpf git repo
- scsi: aacraid: Improve compat_ioctl handlers (bsc#1186352).
- scsi: block: Fix a race in the runtime power management code (git-fixes).
- scsi: core: Only return started requests from scsi_host_find_tag()
(bsc#1179851).
- scsi: core: Run queue in case of I/O resource contention failure
(bsc#1186416).
- scsi: core: add scsi_host_busy_iter() (bsc#1179851).
- scsi: fnic: Kill 'exclude_id' argument to fnic_cleanup_io()
(bsc#1179851).
- scsi: fnic: Remove bogus ratelimit messages (bsc#1183249).
- scsi: libfc: Avoid invoking response handler twice if ep is already
completed (bsc#1186573).
- scsi: lpfc: Add a option to enable interlocked ABTS before job
completion (bsc#1186451).
- scsi: lpfc: Add ndlp kref accounting for resume RPI path (bsc#1186451).
- scsi: lpfc: Change wording of invalid pci reset log message
(bsc#1182574).
- scsi: lpfc: Correct function header comments related to ndlp reference
counting (bsc#1182574).
- scsi: lpfc: Eliminate use of LPFC_DRIVER_NAME in lpfc_attr.c
(bsc#1185472).
- scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology
(bsc#1186451).
- scsi: lpfc: Fix ADISC handling that never frees nodes (bsc#1182574).
- scsi: lpfc: Fix DMA virtual address ptr assignment in bsg (bsc#1185365).
- scsi: lpfc: Fix FLOGI failure due to accessing a freed node
(bsc#1182574).
- scsi: lpfc: Fix NMI crash during rmmod due to circular hbalock
dependency (bsc#1185472).
- scsi: lpfc: Fix Node recovery when driver is handling simultaneous
PLOGIs (bsc#1186451).
- scsi: lpfc: Fix PLOGI ACC to be transmit after REG_LOGIN (bsc#1182574).
- scsi: lpfc: Fix a bunch of kernel-doc issues (bsc#1185472).
- scsi: lpfc: Fix a bunch of kernel-doc misdemeanours (bsc#1185472).
- scsi: lpfc: Fix a bunch of misnamed functions (bsc#1185472).
- scsi: lpfc: Fix a few incorrectly named functions (bsc#1185472).
- scsi: lpfc: Fix a typo (bsc#1185472).
- scsi: lpfc: Fix bad memory access during VPD DUMP mailbox command
(bsc#1186451).
- scsi: lpfc: Fix crash caused by switch reboot (bsc#1182574).
- scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO
response (bsc#1185472).
- scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the
SGLs (bsc#1186451).
- scsi: lpfc: Fix dropped FLOGI during pt2pt discovery recovery
(bsc#1182574).
- scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode
(bsc#1185472).
- scsi: lpfc: Fix formatting and misspelling issues (bsc#1185472).
- scsi: lpfc: Fix gcc -Wstringop-overread warning (bsc#1185472).
- scsi: lpfc: Fix illegal memory access on Abort IOCBs (bsc#1183203).
- scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
(bsc#1182574).
- scsi: lpfc: Fix incorrect naming of __lpfc_update_fcf_record()
(bsc#1185472).
- scsi: lpfc: Fix incorrectly documented function
lpfc_debugfs_commonxripools_data() (bsc#1185472).
- scsi: lpfc: Fix kernel-doc formatting issue (bsc#1185472).
- scsi: lpfc: Fix lack of device removal on port swaps with PRLIs
(bsc#1185472).
- scsi: lpfc: Fix lpfc_els_retry() possible null pointer dereference
(bsc#1182574).
- scsi: lpfc: Fix lpfc_hdw_queue attribute being ignored (bsc#1185472).
- scsi: lpfc: Fix missing FDMI registrations after Mgmt Svc login
(bsc#1185472).
- scsi: lpfc: Fix node handling for Fabric Controller and Domain
Controller (bsc#1186451).
- scsi: lpfc: Fix nodeinfo debugfs output (bsc#1182574).
- scsi: lpfc: Fix non-optimized ERSP handling (bsc#1186451).
- scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()
(bsc#1182574).
- scsi: lpfc: Fix pt2pt connection does not recover after LOGO
(bsc#1182574).
- scsi: lpfc: Fix pt2pt state transition causing rmmod hang (bsc#1182574).
- scsi: lpfc: Fix reference counting errors in lpfc_cmpl_els_rsp()
(bsc#1185472).
- scsi: lpfc: Fix reftag generation sizing errors (bsc#1182574).
- scsi: lpfc: Fix rmmod crash due to bad ring pointers to abort_iotag
(bsc#1185472).
- scsi: lpfc: Fix silent memory allocation failure in
lpfc_sli4_bsg_link_diag_test() (bsc#1185472).
- scsi: lpfc: Fix some error codes in debugfs (bsc#1185472).
- scsi: lpfc: Fix stale node accesses on stale RRQ request (bsc#1182574).
- scsi: lpfc: Fix status returned in lpfc_els_retry() error exit path
(bsc#1182574).
- scsi: lpfc: Fix unnecessary null check in lpfc_release_scsi_buf
(bsc#1182574).
- scsi: lpfc: Fix unreleased RPIs when NPIV ports are created
(bsc#1186451).
- scsi: lpfc: Fix use after free in lpfc_els_free_iocb (bsc#1182574).
- scsi: lpfc: Fix use-after-free on unused nodes after port swap
(bsc#1185472).
- scsi: lpfc: Fix various trivial errors in comments and log messages
(bsc#1185472).
- scsi: lpfc: Fix vport indices in lpfc_find_vport_by_vpid() (bsc#1182574).
- scsi: lpfc: Ignore GID-FT response that may be received after a link
flip (bsc#1186451).
- scsi: lpfc: Reduce LOG_TRACE_EVENT logging for vports (bsc#1182574).
- scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
(bsc#1185472).
- scsi: lpfc: Reregister FPIN types if ELS_RDF is received from fabric
controller (bsc#1186451).
- scsi: lpfc: Standardize discovery object logging format (bsc#1185472).
- scsi: lpfc: Update copyrights for 12.8.0.7 and 12.8.0.8 changes
(bsc#1182574).
- scsi: lpfc: Update lpfc version to 12.8.0.10 (bsc#1186451).
- scsi: lpfc: Update lpfc version to 12.8.0.8 (bsc#1182574).
- scsi: lpfc: Update lpfc version to 12.8.0.9 (bsc#1185472).
- scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES
(bsc#1185954).
- scsi: pm80xx: Do not sleep in atomic context (bsc#1186353).
- scsi: pm80xx: Fix chip initialization failure (bsc#1186354).
- scsi: pm80xx: Fix potential infinite loop (bsc#1186354).
- scsi: pm80xx: Increase timeout for pm80xx mpi_uninit_check()
(bsc#1186355).
- scsi: qla2xxx: Add H:C:T info in the log message for fc ports
(bsc#1185491).
- scsi: qla2xxx: Add error counters to debugfs node (bsc#1185491).
- scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
(bsc#1185491).
- scsi: qla2xxx: Assign boolean values to a bool variable (bsc#1185491).
- scsi: qla2xxx: Check kzalloc() return value (bsc#1185491).
- scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
(bsc#1185491).
- scsi: qla2xxx: Constify struct qla_tgt_func_tmpl (bsc#1185491).
- scsi: qla2xxx: Do logout even if fabric scan retries got exhausted
(bsc#1185491).
- scsi: qla2xxx: Enable NVMe CONF (BIT_7) when enabling SLER (bsc#1185491).
- scsi: qla2xxx: Fix IOPS drop seen in some adapters (bsc#1185491).
- scsi: qla2xxx: Fix RISC RESET completion polling (bsc#1185491).
- scsi: qla2xxx: Fix a couple of misdocumented functions (bsc#1185491).
- scsi: qla2xxx: Fix a couple of misnamed functions (bsc#1185491).
- scsi: qla2xxx: Fix broken #endif placement (bsc#1185491).
- scsi: qla2xxx: Fix crash in PCIe error handling (bsc#1185491).
- scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() (bsc#1185491).
- scsi: qla2xxx: Fix endianness annotations (bsc#1185491).
- scsi: qla2xxx: Fix incorrectly named function qla8044_check_temp()
(bsc#1185491).
- scsi: qla2xxx: Fix mailbox Ch erroneous error (bsc#1185491).
- scsi: qla2xxx: Fix mailbox recovery during PCIe error (bsc#1185491).
- scsi: qla2xxx: Fix some incorrect formatting/spelling issues
(bsc#1185491).
- scsi: qla2xxx: Fix some memory corruption (bsc#1185491).
- scsi: qla2xxx: Fix stuck session (bsc#1185491).
- scsi: qla2xxx: Fix use after free in bsg (bsc#1185491).
- scsi: qla2xxx: Implementation to get and manage host, target stats and
initiator port (bsc#1185491).
- scsi: qla2xxx: Move some messages from debug to normal log level
(bsc#1185491).
- scsi: qla2xxx: Remove redundant NULL check (bsc#1185491).
- scsi: qla2xxx: Remove unnecessary NULL check (bsc#1185491).
- scsi: qla2xxx: Remove unneeded if-null-free check (bsc#1185491).
- scsi: qla2xxx: Replace __qla2x00_marker()'s missing underscores
(bsc#1185491).
- scsi: qla2xxx: Reserve extra IRQ vectors (bsc#1184436).
- scsi: qla2xxx: Reuse existing error handling path (bsc#1185491).
- scsi: qla2xxx: Simplify if statement (bsc#1185491).
- scsi: qla2xxx: Simplify qla8044_minidump_process_control() (bsc#1185491).
- scsi: qla2xxx: Simplify the calculation of variables (bsc#1185491).
- scsi: qla2xxx: Suppress Coverity complaints about dseg_r* (bsc#1185491).
- scsi: qla2xxx: Update default AER debug mask (bsc#1185491).
- scsi: qla2xxx: Update version to 10.02.00.105-k (bsc#1185491).
- scsi: qla2xxx: Update version to 10.02.00.106-k (bsc#1185491).
- scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1185491).
- scsi: qla2xxx: Wait for ABTS response on I/O timeouts for NVMe
(bsc#1185491).
- scsi: qla2xxx: fc_remote_port_chkready() returns a SCSI result value
(bsc#1185491).
- scsi: smartpqi: Correct driver removal with HBA disks (bsc#1178089).
- scsi: smartpqi: Correct driver removal with HBA disks (bsc#1178089).
- scsi: smartpqi: Correct pqi_sas_smp_handler busy condition (bsc#1178089).
- scsi: smartpqi: Correct pqi_sas_smp_handler busy condition (bsc#1178089).
- scsi: smartpqi: Update version to 1.2.16-012 (bsc#1178089).
- scsi: smartpqi: Update version to 1.2.16-012 (bsc#1178089).
- scsi: target: pscsi: Avoid OOM in pscsi_map_sg() (bsc#1183843).
- scsi: target: pscsi: Clean up after failure in pscsi_map_sg()
(bsc#1183843).
- scsi: target: tcmu: Fix use-after-free of se_cmd->priv (bsc#1186356).
- scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
(bsc#1186357).
- sctp: delay auto_asconf init until binding the first addr
(<cover.1620748346.git.mkubecek(a)suse.cz>).
- security: keys: trusted: fix TPM2 authorizations (git-fixes).
- selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro (bsc#1177028).
- selftests/bpf: Fix the ASSERT_ERR_PTR macro (bsc#1177028).
- selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in
test_verifier (bsc#1155518).
- selftests/bpf: No need to drop the packet when there is no geneve opt
(bsc#1155518).
- selftests/bpf: Re-generate vmlinux.h and BPF skeletons if bpftool
changed (bsc#1177028).
- selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed
(bsc#1155518).
- selftests/powerpc: Add pkey helpers for rights (bsc#1184934 ltc#191460).
- selftests/powerpc: Add test for execute-disabled pkeys (bsc#1184934
ltc#191460).
- selftests/powerpc: Add test for pkey siginfo verification (bsc#1184934
ltc#191460).
- selftests/powerpc: Add wrapper for gettid (bsc#1184934 ltc#191460).
- selftests/powerpc: Fix L1D flushing tests for Power10 (bsc#1184934
ltc#191460).
- selftests/powerpc: Fix exit status of pkey tests (bsc#1184934
ltc#191460).
- selftests/powerpc: Fix pkey syscall redefinitions (bsc#1184934
ltc#191460).
- selftests/powerpc: Move pkey helpers to headers (bsc#1184934 ltc#191460).
- selftests/powerpc: refactor entry and rfi_flush tests (bsc#1184934
ltc#191460).
- selftests: mlxsw: Remove a redundant if statement in tc_flower_scale
test (bsc#1176774).
- selinux: Fix error return code in sel_ib_pkey_sid_slow() (git-fixes).
- selinux: fix error initialization in inode_doinit_with_dentry()
(git-fixes).
- selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling
(git-fixes).
- serial: core: return early on unsupported ioctls (git-fixes).
- serial: stm32: fix incorrect characters on console (git-fixes).
- serial: stm32: fix tx_empty condition (git-fixes).
- smb3: Fix out-of-bounds bug in SMB2_negotiate() (bsc#1183540).
- smb3: add dynamic trace point to trace when credits obtained
(bsc#1181507).
- smb3: fix crediting for compounding when only one request in flight
(bsc#1181507).
- smc: disallow TCP_ULP in smc_setsockopt() (git-fixes).
- soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).
- soc: aspeed: fix a ternary sign expansion bug (git-fixes).
- soc: fsl: qe: replace qe_io{read,write}* wrappers by generic
io{read,write}* (git-fixes).
- soc: qcom: mdt_loader: Detect truncated read of segments (git-fixes).
- soc: qcom: mdt_loader: Validate that p_filesz < p_memsz (git-fixes).
- software node: Fix node registration (git-fixes).
- soundwire: bus: Fix device found flag correctly (git-fixes).
- soundwire: stream: fix memory leak in stream config error path
(git-fixes).
- spi: Introduce dspi_slave_abort() function for NXP's dspi SPI driver
(bsc#1167260).
- spi: ath79: always call chipselect function (git-fixes).
- spi: ath79: remove spi-master setup and cleanup assignment (git-fixes).
- spi: cadence: set cqspi to the driver_data field of struct device
(git-fixes).
- spi: dln2: Fix reference leak to master (git-fixes).
- spi: fsl-dspi: fix NULL pointer dereference (bsc#1167260).
- spi: fsl-dspi: fix use-after-free in remove path (bsc#1167260).
- spi: fsl-dspi: fix wrong pointer in suspend/resume (bsc#1167260).
- spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
(git-fixes).
- spi: omap-100k: Fix reference leak to master (git-fixes).
- spi: qup: fix PM reference leak in spi_qup_remove() (git-fixes).
- spi: spi-fsl-dspi: Accelerate transfers using larger word size if
possible (bsc#1167260).
- spi: spi-fsl-dspi: Add comments around dspi_pop_tx and dspi_push_rx
functions (bsc#1167260).
- spi: spi-fsl-dspi: Add support for LS1028A (bsc#1167260).
- spi: spi-fsl-dspi: Adding shutdown hook (bsc#1167260).
- spi: spi-fsl-dspi: Always use the TCFQ devices in poll mode
(bsc#1167260).
- spi: spi-fsl-dspi: Avoid NULL pointer in dspi_slave_abort for non-DMA
mode (bsc#1167260).
- spi: spi-fsl-dspi: Avoid reading more data than written in EOQ mode
(bsc#1167260).
- spi: spi-fsl-dspi: Change usage pattern of SPI_MCR_* and SPI_CTAR_*
macros (bsc#1167260).
- spi: spi-fsl-dspi: Convert TCFQ users to XSPI FIFO mode (bsc#1167260).
- spi: spi-fsl-dspi: Convert the instantiations that support it to DMA
(bsc#1167260).
- spi: spi-fsl-dspi: Demistify magic value in SPI_SR_CLEAR (bsc#1167260).
- spi: spi-fsl-dspi: Do not access reserved fields in SPI_MCR
(bsc#1167260).
- spi: spi-fsl-dspi: Do not mask off undefined bits (bsc#1167260).
- spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours
(bsc#1167260).
- spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode
(bsc#1167260).
- spi: spi-fsl-dspi: Fix a resource leak in an error handling path
(git-fixes).
- spi: spi-fsl-dspi: Fix bits-per-word acceleration in DMA mode
(bsc#1167260).
- spi: spi-fsl-dspi: Fix code alignment (bsc#1167260).
- spi: spi-fsl-dspi: Fix external abort on interrupt in resume or exit
paths (bsc#1167260).
- spi: spi-fsl-dspi: Fix interrupt-less DMA mode taking an XSPI code path
(bsc#1167260).
- spi: spi-fsl-dspi: Fix little endian access to PUSHR CMD and TXDATA
(bsc#1167260).
- spi: spi-fsl-dspi: Fix lockup if device is removed during SPI transfer
(bsc#1167260).
- spi: spi-fsl-dspi: Fix lockup if device is shutdown during SPI transfer
(bsc#1167260).
- spi: spi-fsl-dspi: Fix race condition in TCFQ/EOQ interrupt
(bsc#1167260).
- spi: spi-fsl-dspi: Fix typos (bsc#1167260).
- spi: spi-fsl-dspi: Free DMA memory with matching function (bsc#1167260).
- spi: spi-fsl-dspi: Implement .max_message_size method for EOQ mode
(bsc#1167260).
- spi: spi-fsl-dspi: Initialize completion before possible interrupt
(bsc#1167260).
- spi: spi-fsl-dspi: LS2080A and LX2160A support XSPI mode (bsc#1167260).
- spi: spi-fsl-dspi: Make bus-num property optional (bsc#1167260).
- spi: spi-fsl-dspi: Move dspi_interrupt above dspi_transfer_one_message
(bsc#1167260).
- spi: spi-fsl-dspi: Move invariant configs out of
dspi_transfer_one_message (bsc#1167260).
- spi: spi-fsl-dspi: Optimize dspi_setup_accel for lowest interrupt count
(bsc#1167260).
- spi: spi-fsl-dspi: Parameterize the FIFO size and DMA buffer size
(bsc#1167260).
- spi: spi-fsl-dspi: Protect against races on dspi->words_in_flight
(bsc#1167260).
- spi: spi-fsl-dspi: Reduce indentation in dspi_release_dma()
(bsc#1167260).
- spi: spi-fsl-dspi: Reduce indentation level in dspi_interrupt
(bsc#1167260).
- spi: spi-fsl-dspi: Remove impossible to reach error check (bsc#1167260).
- spi: spi-fsl-dspi: Remove pointless assignment of master->transfer to
NULL (bsc#1167260).
- spi: spi-fsl-dspi: Remove unused chip->void_write_data (bsc#1167260).
- spi: spi-fsl-dspi: Remove unused defines and includes (bsc#1167260).
- spi: spi-fsl-dspi: Remove unused initialization of 'ret' in dspi_probe
(bsc#1167260).
- spi: spi-fsl-dspi: Rename fifo_{read,write} and {tx,cmd}_fifo_write
(bsc#1167260).
- spi: spi-fsl-dspi: Replace interruptible wait queue with a simple
completion (bsc#1167260).
- spi: spi-fsl-dspi: Replace legacy spi_master names with spi_controller
(bsc#1167260).
- spi: spi-fsl-dspi: Simplify bytes_per_word gymnastics (bsc#1167260).
- spi: spi-fsl-dspi: Take software timestamp in dspi_fifo_write
(bsc#1167260).
- spi: spi-fsl-dspi: Use BIT() and GENMASK() macros (bsc#1167260).
- spi: spi-fsl-dspi: Use EOQ for last word in buffer even for XSPI mode
(bsc#1167260).
- spi: spi-fsl-dspi: Use dma_request_chan() instead
dma_request_slave_channel() (bsc#1167260).
- spi: spi-fsl-dspi: Use poll mode in case the platform IRQ is missing
(bsc#1167260).
- spi: spi-fsl-dspi: Use reverse Christmas tree declaration order
(bsc#1167260).
- spi: spi-fsl-dspi: Use specific compatible strings for all SoC
instantiations (bsc#1167260).
- spi: spi-fsl-dspi: delete EOQ transfer mode (bsc#1167260).
- spi: spi-fsl-dspi: fix DMA mapping (bsc#1167260).
- spi: spi-fsl-dspi: fix native data copy (bsc#1167260).
- spi: spi-fsl-dspi: remove git-fixes Remove git-fixes. Prepare to update
the driver. References: bsc#1167260
- spi: spi-fsl-dspi: set ColdFire to DMA mode (bsc#1167260).
- spi: spi-fsl-dspi: use XSPI mode instead of DMA for DPAA2 SoCs
(bsc#1167260).
- spi: spi-ti-qspi: Free DMA resources (git-fixes).
- spi: stm32: make spurious and overrun interrupts visible (git-fixes).
- squashfs: fix inode lookup sanity checks (bsc#1183750).
- squashfs: fix xattr id and id lookup sanity checks (bsc#1183750).
- staging: bcm2835-audio: Replace unsafe strcpy() with strscpy()
(git-fixes).
- staging: comedi: addi_apci_1032: Fix endian problem for COS sample
(git-fixes).
- staging: comedi: addi_apci_1500: Fix endian problem for command sample
(git-fixes).
- staging: comedi: adv_pci1710: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: cb_pcidas64: fix request_irq() warn (git-fixes).
- staging: comedi: cb_pcidas: fix request_irq() warn (git-fixes).
- staging: comedi: das6402: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: das800: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: dmm32at: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: me4000: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: pcl711: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: pcl818: Fix endian problem for AI command data
(git-fixes).
- staging: fwserial: Fix error handling in fwserial_create (git-fixes).
- staging: fwserial: fix TIOCGSERIAL implementation (git-fixes).
- staging: fwserial: fix TIOCSSERIAL implementation (git-fixes).
- staging: fwserial: fix TIOCSSERIAL jiffies conversions (git-fixes).
- staging: fwserial: fix TIOCSSERIAL permission check (git-fixes).
- staging: ks7010: prevent buffer overflow in ks_wlan_set_scan()
(git-fixes).
- staging: most: sound: add sanity check for function argument (git-fixes).
- staging: rtl8188eu: fix potential memory corruption in
rtw_check_beacon_data() (git-fixes).
- staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()
(git-fixes).
- staging: rtl8192e: Change state information from u16 to u8 (git-fixes).
- staging: rtl8192e: Fix incorrect source in memcpy() (git-fixes).
- staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan
(git-fixes).
- staging: rtl8192u: Fix potential infinite loop (git-fixes).
- staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan()
(git-fixes).
- staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd
(git-fixes).
- staging: rtl8712: unterminated string leads to read overflow (git-fixes).
- stop_machine: mark helpers __always_inline (git-fixes).
- supported.conf:
- supported.conf: add bsc1185010 dependency
- supported.conf: mark usb_otg_fsm as supported (bsc#1185010)
- tcp: fix to update snd_wl1 in bulk receiver fast path
(<cover.1620748346.git.mkubecek(a)suse.cz>).
- tee: optee: remove need_resched() before cond_resched() (git-fixes).
- tee: optee: replace might_sleep with cond_resched (git-fixes).
- thermal/core: Add NULL pointer check before using cooling device stats
(git-fixes).
- thermal/drivers/cpufreq_cooling: Update cpufreq_state only if state has
changed (git-fixes).
- thermal/drivers/ti-soc-thermal/bandgap Remove unused variable 'val'
(git-fixes).
- thermal: thermal_of: Fix error return code of
thermal_of_populate_bind_params() (git-fixes).
- thunderbolt: Fix a leak in tb_retimer_add() (git-fixes).
- thunderbolt: Fix a leak in tb_retimer_add() (git-fixes).
- thunderbolt: Fix off by one in tb_port_find_retimer() (git-fixes).
- thunderbolt: Fix off by one in tb_port_find_retimer() (git-fixes).
- thunderbolt: Initialize HopID IDAs in tb_switch_alloc() (git-fixes).
- tools/resolve_btfids: Fix build error with older host toolchains
(bsc#1177028).
- tpm: acpi: Check eventlog signature before using it (git-fixes).
- tracing: Map all PIDs to command lines (git-fixes).
- tty: amiserial: fix TIOCSSERIAL permission check (git-fixes).
- tty: fix memory leak in vc_deallocate (git-fixes).
- tty: moxa: fix TIOCSSERIAL jiffies conversions (git-fixes).
- tty: moxa: fix TIOCSSERIAL permission check (git-fixes).
- tty: serial: lpuart: fix lpuart32_write usage (git-fixes).
- tty: serial: ucc_uart: replace qe_io{read,write}* wrappers by generic
io{read,write}* (git-fixes).
- udlfb: Fix memory leak in dlfb_usb_probe (git-fixes).
- uio: uio_hv_generic: use devm_kzalloc() for private data alloc
(git-fixes).
- uio_hv_generic: Fix a memory leak in error handling paths (git-fixes).
- uio_hv_generic: Fix another memory leak in error handling paths
(git-fixes).
- uio_hv_generic: add missed sysfs_remove_bin_file (git-fixes).
- usb-storage: Add quirk to defeat Kindle's automatic unload (git-fixes).
- usb: Remove dev_err() usage after platform_get_irq() (git-fixes).
- usb: core: hub: Fix PM reference leak in usb_port_resume() (git-fixes).
- usb: core: hub: fix race condition about TRSMRCY of resume (git-fixes).
- usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board (git-fixes).
- usb: dwc2: Fix gadget DMA unmap direction (git-fixes).
- usb: dwc2: Fix hibernation between host and device modes (git-fixes).
- usb: dwc2: Fix host mode hibernation exit with remote wakeup flow
(git-fixes).
- usb: dwc2: Fix session request interrupt handler (git-fixes).
- usb: dwc2: Prevent core suspend when port connection flag is 0
(git-fixes).
- usb: dwc3: Switch to use device_property_count_u32() (git-fixes).
- usb: dwc3: Update soft-reset wait polling rate (git-fixes).
- usb: dwc3: gadget: Fix START_TRANSFER link state check (git-fixes).
- usb: dwc3: gadget: Return success always for kick transfer in ep queue
(git-fixes).
- usb: dwc3: keystone: use devm_platform_ioremap_resource() to simplify
code (git-fixes).
- usb: dwc3: meson-g12a: use devm_platform_ioremap_resource() to simplify
code (git-fixes).
- usb: dwc3: omap: improve extcon initialization (git-fixes).
- usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
(git-fixes).
- usb: dwc3: qcom: Add missing DWC3 OF node refcount decrement (git-fixes).
- usb: dwc3: qcom: Honor wakeup enabled/disabled state (git-fixes).
- usb: fotg210-hcd: Fix an error message (git-fixes).
- usb: gadget/function/f_fs string table fix for multiple languages
(git-fixes).
- usb: gadget: Fix double free of device descriptor pointers (git-fixes).
- usb: gadget: aspeed: fix dma map failure (git-fixes).
- usb: gadget: configfs: Fix KASAN use-after-free (git-fixes).
- usb: gadget: dummy_hcd: fix gpf in gadget_setup (git-fixes).
- usb: gadget: f_uac1: stop playback on function disable (git-fixes).
- usb: gadget: f_uac1: validate input parameters (git-fixes).
- usb: gadget: f_uac2: always increase endpoint max_packet_size by one
audio slot (git-fixes).
- usb: gadget: f_uac2: validate input parameters (git-fixes).
- usb: gadget: pch_udc: Check for DMA mapping error (git-fixes).
- usb: gadget: pch_udc: Check if driver is present before calling
->setup() (git-fixes).
- usb: gadget: pch_udc: Move pch_udc_init() to satisfy kernel doc
(git-fixes).
- usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
(git-fixes).
- usb: gadget: pch_udc: Revert d3cb25a12138 completely (git-fixes).
- usb: gadget: r8a66597: Add missing null check on return from
platform_get_resource (git-fixes).
- usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference (git-fixes).
- usb: gadget: uvc: add bInterval checking for HS mode (git-fixes).
- usb: musb: Fix suspend with devices connected for a64 (git-fixes).
- usb: musb: fix PM reference leak in musb_irq_work() (git-fixes).
- usb: pci-quirks: disable D3cold on xhci suspend for s2idle on AMD
Renoire (bsc#1185840).
- usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM
(git-fixes).
- usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode()
(git-fixes).
- usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode()
(git-fixes).
- usb: sl811-hcd: improve misleading indentation (git-fixes).
- usb: typec: Remove vdo[3] part of tps6598x_rx_identity_reg struct
(git-fixes).
- usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
(git-fixes).
- usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply
(git-fixes).
- usb: typec: tcpm: Honour pSnkStdby requirement during negotiation
(git-fixes).
- usb: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy-
(git-fixes).
- usb: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy-
(git-fixes).
- usb: typec: tps6598x: Fix return value check in tps6598x_probe()
(git-fixes).
- usb: typec: tps6598x: Fix return value check in tps6598x_probe()
(git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: webcam: Invalid size of Processing Unit Descriptor (git-fixes).
- usb: xhci-mtk: fix broken streams issue on 0.96 xHCI (git-fixes).
- usb: xhci-mtk: improve bandwidth scheduling with TT (git-fixes).
- usb: xhci-mtk: remove or operator for setting schedule parameters
(git-fixes).
- usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing (git-fixes).
- usb: xhci: Fix port minor revision (git-fixes).
- usb: xhci: Increase timeout for HC halt (git-fixes).
- usb: xhci: do not perform Soft Retry for some xHCI hosts (git-fixes).
- usbip: Fix incorrect double assignment to udc->ud.tcp_rx (git-fixes).
- usbip: fix stub_dev to check for stream socket (git-fixes).
- usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
(git-fixes).
- usbip: fix vhci_hcd attach_store() races leading to gpf (git-fixes).
- usbip: fix vhci_hcd to check for stream socket (git-fixes).
- usbip: fix vudc to check for stream socket (git-fixes).
- usbip: fix vudc usbip_sockfd_store races leading to gpf (git-fixes).
- usbip: tools: fix build error for multiple definition (git-fixes).
- usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control()
(git-fixes).
- use __netdev_notify_peers in ibmvnic (bsc#1183871 ltc#192139).
- veth: Store queue_mapping independently of XDP prog presence (git-fixes).
- vfio-pci/zdev: fix possible segmentation fault issue (git-fixes).
- vfio/iommu_type1: Populate full dirty when detach non-pinned group
(bsc#1183326).
- vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
(git-fixes).
- vfio/mdev: Make to_mdev_device() into a static inline (git-fixes).
- vfio/pci: Add missing range check in vfio_pci_mmap (git-fixes).
- vfio/pci: Move VGA and VF initialization to functions (git-fixes).
- vfio/pci: Re-order vfio_pci_probe() (git-fixes).
- vgacon: Record video mode changes with VT_RESIZEX (git-fixes).
- video: fbdev: acornfb: remove free_unused_pages() (bsc#1152489)
- video: hyperv_fb: Add ratelimit on error message (bsc#1185725).
- video: hyperv_fb: Fix a double free in hvfb_probe (git-fixes).
- virt_wifi: Return micros for BSS TSF values (git-fixes).
- virtiofs: fix memory leak in virtio_fs_probe() (bsc#1185558).
- vrf: fix a comment about loopback device (git-fixes).
- vt/consolemap: do font sum unsigned (git-fixes).
- vxlan: do not modify the shared tunnel info when PMTU triggers an ICMP
reply (bsc#1176447).
- vxlan: move debug check after netdev unregister (git-fixes).
- watchdog/softlockup: Remove obsolete check of last reported task
(bsc#1185982).
- watchdog/softlockup: report the overall time of softlockups
(bsc#1185982).
- watchdog: explicitly update timestamp when reporting softlockup
(bsc#1185982).
- watchdog: rename __touch_watchdog() to a better descriptive name
(bsc#1185982).
- whitespace cleanup
- wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join (git-fixes).
- wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt (git-fixes).
- wlcore: Fix command execute failure 19 for wl12xx (git-fixes).
- workqueue: Minor follow-ups to the rescuer destruction change
(bsc#1185911).
- workqueue: Move the position of debug_work_activate() in __queue_work()
(bsc#1184893).
- workqueue: more destroy_workqueue() fixes (bsc#1185911).
- x86,swiotlb: Adjust SWIOTLB bounce buffer size for SEV guests
(bsc#1186219).
- x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
(bsc#1152489).
- x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task (bsc#1152489).
- x86/insn: Add some Intel instructions to the opcode map (bsc#1184760).
- x86/insn: Add some more Intel instructions to the opcode map
(bsc#1184760).
- x86/ioapic: Ignore IRQ2 again (bsc#1152489).
- x86/mem_encrypt: Correct physical address calculation in
__set_clr_pte_enc() (bsc#1152489).
- x86/microcode: Check for offline CPUs before requesting new microcode
(bsc#1152489).
- x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
(bsc#1152489).
- x86/platform/uv: Set section block size for hubless architectures
(bsc#1152489).
- x86/reboot: Force all cpus to exit VMX root if VMX is supported
(bsc#1152489).
- x86/sev-es: Invalidate the GHCB after completing VMGEXIT (bsc#1178134).
- x86/sev-es: Move sev_es_put_ghcb() in prep for follow on patch
(bsc#1178134).
- x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall()
(bsc#1152489).
- xen/events: avoid handling the same event on two cpus at the same time
(git-fixes).
- xen/events: do not unmask an event channel when an eoi is pending
(git-fixes).
- xen/events: reset affinity of 2-level event when tearing it down
(git-fixes).
- xen/evtchn: Change irq_info lock to raw_spinlock_t (git-fixes).
- xfrm: Provide private skb extensions for segmented and hw offloaded ESP
packets (bsc#1176447).
- xfs: group quota should return EDQUOT when prj quota enabled
(bsc#1180980).
- xhci: Do not use GFP_KERNEL in (potentially) atomic context (git-fixes).
- xhci: Fix repeated xhci wake after suspend due to uncleared internal
wake state (git-fixes).
- xhci: Improve detection of device initiated wake signal (git-fixes).
- xhci: check control context is valid before dereferencing it (git-fixes).
- xhci: fix potential array out of bounds with several interrupters
(git-fixes).
- xsk: Respect device's headroom and tailroom on generic xmit path
(git-fixes).
- xsk: Respect device's headroom and tailroom on generic xmit path
(git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1977=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-59.5.2
cluster-md-kmp-default-debuginfo-5.3.18-59.5.2
dlm-kmp-default-5.3.18-59.5.2
dlm-kmp-default-debuginfo-5.3.18-59.5.2
gfs2-kmp-default-5.3.18-59.5.2
gfs2-kmp-default-debuginfo-5.3.18-59.5.2
kernel-default-5.3.18-59.5.2
kernel-default-base-5.3.18-59.5.2.18.2.2
kernel-default-base-rebuild-5.3.18-59.5.2.18.2.2
kernel-default-debuginfo-5.3.18-59.5.2
kernel-default-debugsource-5.3.18-59.5.2
kernel-default-devel-5.3.18-59.5.2
kernel-default-devel-debuginfo-5.3.18-59.5.2
kernel-default-extra-5.3.18-59.5.2
kernel-default-extra-debuginfo-5.3.18-59.5.2
kernel-default-livepatch-5.3.18-59.5.2
kernel-default-livepatch-devel-5.3.18-59.5.2
kernel-default-optional-5.3.18-59.5.2
kernel-default-optional-debuginfo-5.3.18-59.5.2
kernel-obs-build-5.3.18-59.5.1
kernel-obs-build-debugsource-5.3.18-59.5.1
kernel-obs-qa-5.3.18-59.5.1
kernel-syms-5.3.18-59.5.1
kselftests-kmp-default-5.3.18-59.5.2
kselftests-kmp-default-debuginfo-5.3.18-59.5.2
ocfs2-kmp-default-5.3.18-59.5.2
ocfs2-kmp-default-debuginfo-5.3.18-59.5.2
reiserfs-kmp-default-5.3.18-59.5.2
reiserfs-kmp-default-debuginfo-5.3.18-59.5.2
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-59.5.2
cluster-md-kmp-preempt-debuginfo-5.3.18-59.5.2
dlm-kmp-preempt-5.3.18-59.5.2
dlm-kmp-preempt-debuginfo-5.3.18-59.5.2
gfs2-kmp-preempt-5.3.18-59.5.2
gfs2-kmp-preempt-debuginfo-5.3.18-59.5.2
kernel-preempt-5.3.18-59.5.2
kernel-preempt-debuginfo-5.3.18-59.5.2
kernel-preempt-debugsource-5.3.18-59.5.2
kernel-preempt-devel-5.3.18-59.5.2
kernel-preempt-devel-debuginfo-5.3.18-59.5.2
kernel-preempt-extra-5.3.18-59.5.2
kernel-preempt-extra-debuginfo-5.3.18-59.5.2
kernel-preempt-livepatch-devel-5.3.18-59.5.2
kernel-preempt-optional-5.3.18-59.5.2
kernel-preempt-optional-debuginfo-5.3.18-59.5.2
kselftests-kmp-preempt-5.3.18-59.5.2
kselftests-kmp-preempt-debuginfo-5.3.18-59.5.2
ocfs2-kmp-preempt-5.3.18-59.5.2
ocfs2-kmp-preempt-debuginfo-5.3.18-59.5.2
reiserfs-kmp-preempt-5.3.18-59.5.2
reiserfs-kmp-preempt-debuginfo-5.3.18-59.5.2
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-59.5.2
kernel-debug-debuginfo-5.3.18-59.5.2
kernel-debug-debugsource-5.3.18-59.5.2
kernel-debug-devel-5.3.18-59.5.2
kernel-debug-devel-debuginfo-5.3.18-59.5.2
kernel-debug-livepatch-devel-5.3.18-59.5.2
kernel-kvmsmall-5.3.18-59.5.2
kernel-kvmsmall-debuginfo-5.3.18-59.5.2
kernel-kvmsmall-debugsource-5.3.18-59.5.2
kernel-kvmsmall-devel-5.3.18-59.5.2
kernel-kvmsmall-devel-debuginfo-5.3.18-59.5.2
kernel-kvmsmall-livepatch-devel-5.3.18-59.5.2
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-59.5.2
cluster-md-kmp-64kb-debuginfo-5.3.18-59.5.2
dlm-kmp-64kb-5.3.18-59.5.2
dlm-kmp-64kb-debuginfo-5.3.18-59.5.2
gfs2-kmp-64kb-5.3.18-59.5.2
gfs2-kmp-64kb-debuginfo-5.3.18-59.5.2
kernel-64kb-5.3.18-59.5.2
kernel-64kb-debuginfo-5.3.18-59.5.2
kernel-64kb-debugsource-5.3.18-59.5.2
kernel-64kb-devel-5.3.18-59.5.2
kernel-64kb-devel-debuginfo-5.3.18-59.5.2
kernel-64kb-extra-5.3.18-59.5.2
kernel-64kb-extra-debuginfo-5.3.18-59.5.2
kernel-64kb-livepatch-devel-5.3.18-59.5.2
kernel-64kb-optional-5.3.18-59.5.2
kernel-64kb-optional-debuginfo-5.3.18-59.5.2
kselftests-kmp-64kb-5.3.18-59.5.2
kselftests-kmp-64kb-debuginfo-5.3.18-59.5.2
ocfs2-kmp-64kb-5.3.18-59.5.2
ocfs2-kmp-64kb-debuginfo-5.3.18-59.5.2
reiserfs-kmp-64kb-5.3.18-59.5.2
reiserfs-kmp-64kb-debuginfo-5.3.18-59.5.2
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-59.5.2
kernel-docs-5.3.18-59.5.2
kernel-docs-html-5.3.18-59.5.2
kernel-macros-5.3.18-59.5.2
kernel-source-5.3.18-59.5.2
kernel-source-vanilla-5.3.18-59.5.2
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-59.5.2
kernel-zfcpdump-debuginfo-5.3.18-59.5.2
kernel-zfcpdump-debugsource-5.3.18-59.5.2
References:
https://www.suse.com/security/cve/CVE-2019-18814.html
https://www.suse.com/security/cve/CVE-2019-19769.html
https://www.suse.com/security/cve/CVE-2020-24586.html
https://www.suse.com/security/cve/CVE-2020-24587.html
https://www.suse.com/security/cve/CVE-2020-24588.html
https://www.suse.com/security/cve/CVE-2020-25670.html
https://www.suse.com/security/cve/CVE-2020-25671.html
https://www.suse.com/security/cve/CVE-2020-25672.html
https://www.suse.com/security/cve/CVE-2020-25673.html
https://www.suse.com/security/cve/CVE-2020-26139.html
https://www.suse.com/security/cve/CVE-2020-26141.html
https://www.suse.com/security/cve/CVE-2020-26145.html
https://www.suse.com/security/cve/CVE-2020-26147.html
https://www.suse.com/security/cve/CVE-2020-27170.html
https://www.suse.com/security/cve/CVE-2020-27171.html
https://www.suse.com/security/cve/CVE-2020-27673.html
https://www.suse.com/security/cve/CVE-2020-27815.html
https://www.suse.com/security/cve/CVE-2020-35519.html
https://www.suse.com/security/cve/CVE-2020-36310.html
https://www.suse.com/security/cve/CVE-2020-36311.html
https://www.suse.com/security/cve/CVE-2020-36312.html
https://www.suse.com/security/cve/CVE-2020-36322.html
https://www.suse.com/security/cve/CVE-2021-20268.html
https://www.suse.com/security/cve/CVE-2021-23134.html
https://www.suse.com/security/cve/CVE-2021-27363.html
https://www.suse.com/security/cve/CVE-2021-27364.html
https://www.suse.com/security/cve/CVE-2021-27365.html
https://www.suse.com/security/cve/CVE-2021-28038.html
https://www.suse.com/security/cve/CVE-2021-28375.html
https://www.suse.com/security/cve/CVE-2021-28660.html
https://www.suse.com/security/cve/CVE-2021-28688.html
https://www.suse.com/security/cve/CVE-2021-28950.html
https://www.suse.com/security/cve/CVE-2021-28952.html
https://www.suse.com/security/cve/CVE-2021-28964.html
https://www.suse.com/security/cve/CVE-2021-28971.html
https://www.suse.com/security/cve/CVE-2021-28972.html
https://www.suse.com/security/cve/CVE-2021-29154.html
https://www.suse.com/security/cve/CVE-2021-29155.html
https://www.suse.com/security/cve/CVE-2021-29264.html
https://www.suse.com/security/cve/CVE-2021-29265.html
https://www.suse.com/security/cve/CVE-2021-29647.html
https://www.suse.com/security/cve/CVE-2021-29650.html
https://www.suse.com/security/cve/CVE-2021-30002.html
https://www.suse.com/security/cve/CVE-2021-32399.html
https://www.suse.com/security/cve/CVE-2021-33034.html
https://www.suse.com/security/cve/CVE-2021-33200.html
https://www.suse.com/security/cve/CVE-2021-3428.html
https://www.suse.com/security/cve/CVE-2021-3444.html
https://www.suse.com/security/cve/CVE-2021-3483.html
https://www.suse.com/security/cve/CVE-2021-3489.html
https://www.suse.com/security/cve/CVE-2021-3490.html
https://www.suse.com/security/cve/CVE-2021-3491.html
https://bugzilla.suse.com/1055117
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1087082
https://bugzilla.suse.com/1113295
https://bugzilla.suse.com/1133021
https://bugzilla.suse.com/1152457
https://bugzilla.suse.com/1152472
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153274
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1155518
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1160634
https://bugzilla.suse.com/1164648
https://bugzilla.suse.com/1167260
https://bugzilla.suse.com/1167574
https://bugzilla.suse.com/1167773
https://bugzilla.suse.com/1168777
https://bugzilla.suse.com/1168838
https://bugzilla.suse.com/1169709
https://bugzilla.suse.com/1171295
https://bugzilla.suse.com/1173485
https://bugzilla.suse.com/1174416
https://bugzilla.suse.com/1174426
https://bugzilla.suse.com/1175995
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1177326
https://bugzilla.suse.com/1177666
https://bugzilla.suse.com/1178089
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1178163
https://bugzilla.suse.com/1178330
https://bugzilla.suse.com/1178378
https://bugzilla.suse.com/1178418
https://bugzilla.suse.com/1179243
https://bugzilla.suse.com/1179519
https://bugzilla.suse.com/1179825
https://bugzilla.suse.com/1179827
https://bugzilla.suse.com/1179851
https://bugzilla.suse.com/1180197
https://bugzilla.suse.com/1180814
https://bugzilla.suse.com/1180846
https://bugzilla.suse.com/1181104
https://bugzilla.suse.com/1181383
https://bugzilla.suse.com/1181507
https://bugzilla.suse.com/1181674
https://bugzilla.suse.com/1181862
https://bugzilla.suse.com/1182077
https://bugzilla.suse.com/1182257
https://bugzilla.suse.com/1182377
https://bugzilla.suse.com/1182552
https://bugzilla.suse.com/1182574
https://bugzilla.suse.com/1182613
https://bugzilla.suse.com/1182712
https://bugzilla.suse.com/1182715
https://bugzilla.suse.com/1182717
https://bugzilla.suse.com/1182999
https://bugzilla.suse.com/1183022
https://bugzilla.suse.com/1183069
https://bugzilla.suse.com/1183252
https://bugzilla.suse.com/1183277
https://bugzilla.suse.com/1183278
https://bugzilla.suse.com/1183279
https://bugzilla.suse.com/1183280
https://bugzilla.suse.com/1183281
https://bugzilla.suse.com/1183282
https://bugzilla.suse.com/1183283
https://bugzilla.suse.com/1183284
https://bugzilla.suse.com/1183285
https://bugzilla.suse.com/1183286
https://bugzilla.suse.com/1183287
https://bugzilla.suse.com/1183288
https://bugzilla.suse.com/1183289
https://bugzilla.suse.com/1183310
https://bugzilla.suse.com/1183311
https://bugzilla.suse.com/1183312
https://bugzilla.suse.com/1183313
https://bugzilla.suse.com/1183314
https://bugzilla.suse.com/1183315
https://bugzilla.suse.com/1183316
https://bugzilla.suse.com/1183317
https://bugzilla.suse.com/1183318
https://bugzilla.suse.com/1183319
https://bugzilla.suse.com/1183320
https://bugzilla.suse.com/1183321
https://bugzilla.suse.com/1183322
https://bugzilla.suse.com/1183323
https://bugzilla.suse.com/1183324
https://bugzilla.suse.com/1183326
https://bugzilla.suse.com/1183346
https://bugzilla.suse.com/1183366
https://bugzilla.suse.com/1183369
https://bugzilla.suse.com/1183386
https://bugzilla.suse.com/1183405
https://bugzilla.suse.com/1183412
https://bugzilla.suse.com/1183427
https://bugzilla.suse.com/1183428
https://bugzilla.suse.com/1183445
https://bugzilla.suse.com/1183447
https://bugzilla.suse.com/1183491
https://bugzilla.suse.com/1183501
https://bugzilla.suse.com/1183509
https://bugzilla.suse.com/1183530
https://bugzilla.suse.com/1183534
https://bugzilla.suse.com/1183540
https://bugzilla.suse.com/1183593
https://bugzilla.suse.com/1183596
https://bugzilla.suse.com/1183598
https://bugzilla.suse.com/1183637
https://bugzilla.suse.com/1183646
https://bugzilla.suse.com/1183658
https://bugzilla.suse.com/1183662
https://bugzilla.suse.com/1183686
https://bugzilla.suse.com/1183692
https://bugzilla.suse.com/1183750
https://bugzilla.suse.com/1183757
https://bugzilla.suse.com/1183775
https://bugzilla.suse.com/1183815
https://bugzilla.suse.com/1183868
https://bugzilla.suse.com/1183871
https://bugzilla.suse.com/1183873
https://bugzilla.suse.com/1183947
https://bugzilla.suse.com/1183976
https://bugzilla.suse.com/1184074
https://bugzilla.suse.com/1184081
https://bugzilla.suse.com/1184082
https://bugzilla.suse.com/1184120
https://bugzilla.suse.com/1184167
https://bugzilla.suse.com/1184168
https://bugzilla.suse.com/1184170
https://bugzilla.suse.com/1184171
https://bugzilla.suse.com/1184192
https://bugzilla.suse.com/1184193
https://bugzilla.suse.com/1184194
https://bugzilla.suse.com/1184196
https://bugzilla.suse.com/1184197
https://bugzilla.suse.com/1184198
https://bugzilla.suse.com/1184199
https://bugzilla.suse.com/1184208
https://bugzilla.suse.com/1184209
https://bugzilla.suse.com/1184211
https://bugzilla.suse.com/1184217
https://bugzilla.suse.com/1184218
https://bugzilla.suse.com/1184219
https://bugzilla.suse.com/1184220
https://bugzilla.suse.com/1184224
https://bugzilla.suse.com/1184264
https://bugzilla.suse.com/1184386
https://bugzilla.suse.com/1184388
https://bugzilla.suse.com/1184391
https://bugzilla.suse.com/1184393
https://bugzilla.suse.com/1184436
https://bugzilla.suse.com/1184485
https://bugzilla.suse.com/1184514
https://bugzilla.suse.com/1184585
https://bugzilla.suse.com/1184611
https://bugzilla.suse.com/1184615
https://bugzilla.suse.com/1184650
https://bugzilla.suse.com/1184710
https://bugzilla.suse.com/1184724
https://bugzilla.suse.com/1184728
https://bugzilla.suse.com/1184730
https://bugzilla.suse.com/1184731
https://bugzilla.suse.com/1184736
https://bugzilla.suse.com/1184737
https://bugzilla.suse.com/1184738
https://bugzilla.suse.com/1184740
https://bugzilla.suse.com/1184741
https://bugzilla.suse.com/1184742
https://bugzilla.suse.com/1184769
https://bugzilla.suse.com/1184811
https://bugzilla.suse.com/1184855
https://bugzilla.suse.com/1184934
https://bugzilla.suse.com/1184942
https://bugzilla.suse.com/1184943
https://bugzilla.suse.com/1184955
https://bugzilla.suse.com/1184969
https://bugzilla.suse.com/1184984
https://bugzilla.suse.com/1185010
https://bugzilla.suse.com/1185113
https://bugzilla.suse.com/1185233
https://bugzilla.suse.com/1185269
https://bugzilla.suse.com/1185428
https://bugzilla.suse.com/1185491
https://bugzilla.suse.com/1185495
https://bugzilla.suse.com/1185549
https://bugzilla.suse.com/1185550
https://bugzilla.suse.com/1185558
https://bugzilla.suse.com/1185573
https://bugzilla.suse.com/1185581
https://bugzilla.suse.com/1185586
https://bugzilla.suse.com/1185587
https://bugzilla.suse.com/1185606
https://bugzilla.suse.com/1185640
https://bugzilla.suse.com/1185641
https://bugzilla.suse.com/1185642
https://bugzilla.suse.com/1185645
https://bugzilla.suse.com/1185670
https://bugzilla.suse.com/1185680
https://bugzilla.suse.com/1185703
https://bugzilla.suse.com/1185725
https://bugzilla.suse.com/1185736
https://bugzilla.suse.com/1185758
https://bugzilla.suse.com/1185796
https://bugzilla.suse.com/1185840
https://bugzilla.suse.com/1185857
https://bugzilla.suse.com/1185898
https://bugzilla.suse.com/1185899
https://bugzilla.suse.com/1185911
https://bugzilla.suse.com/1185938
https://bugzilla.suse.com/1185950
https://bugzilla.suse.com/1185980
https://bugzilla.suse.com/1185988
https://bugzilla.suse.com/1186009
https://bugzilla.suse.com/1186061
https://bugzilla.suse.com/1186111
https://bugzilla.suse.com/1186118
https://bugzilla.suse.com/1186219
https://bugzilla.suse.com/1186285
https://bugzilla.suse.com/1186320
https://bugzilla.suse.com/1186349
https://bugzilla.suse.com/1186352
https://bugzilla.suse.com/1186353
https://bugzilla.suse.com/1186354
https://bugzilla.suse.com/1186355
https://bugzilla.suse.com/1186356
https://bugzilla.suse.com/1186357
https://bugzilla.suse.com/1186401
https://bugzilla.suse.com/1186408
https://bugzilla.suse.com/1186439
https://bugzilla.suse.com/1186441
https://bugzilla.suse.com/1186479
https://bugzilla.suse.com/1186484
https://bugzilla.suse.com/1186498
https://bugzilla.suse.com/1186501
https://bugzilla.suse.com/1186512
https://bugzilla.suse.com/1186681
1
0
openSUSE-SU-2021:1843-1: important: Security update for polkit
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for polkit
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1843-1
Rating: important
References: #1186497
Cross-References: CVE-2021-3560
CVSS scores:
CVE-2021-3560 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for polkit fixes the following issues:
- CVE-2021-3560: Fixed a local privilege escalation using
polkit_system_bus_name_get_creds_sync() (bsc#1186497).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1843=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libpolkit0-0.116-3.3.1
libpolkit0-debuginfo-0.116-3.3.1
polkit-0.116-3.3.1
polkit-debuginfo-0.116-3.3.1
polkit-debugsource-0.116-3.3.1
polkit-devel-0.116-3.3.1
polkit-devel-debuginfo-0.116-3.3.1
typelib-1_0-Polkit-1_0-0.116-3.3.1
- openSUSE Leap 15.3 (x86_64):
libpolkit0-32bit-0.116-3.3.1
libpolkit0-32bit-debuginfo-0.116-3.3.1
- openSUSE Leap 15.3 (noarch):
polkit-doc-0.116-3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-3560.html
https://bugzilla.suse.com/1186497
1
0
openSUSE-SU-2021:1806-1: moderate: Security update for python-httplib2
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for python-httplib2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1806-1
Rating: moderate
References: #1171998 #1182053
Cross-References: CVE-2020-11078 CVE-2021-21240
CVSS scores:
CVE-2020-11078 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
CVE-2020-11078 (SUSE): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N
CVE-2021-21240 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21240 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for python-httplib2 fixes the following issues:
- Update to version 0.19.0 (bsc#1182053).
- CVE-2021-21240: Fixed regular expression denial of service via malicious
header (bsc#1182053).
- CVE-2020-11078: Fixed unescaped part of uri where an attacker could
change request headers and body (bsc#1182053).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1806=1
Package List:
- openSUSE Leap 15.3 (noarch):
python2-httplib2-0.19.0-3.3.1
python3-httplib2-0.19.0-3.3.1
References:
https://www.suse.com/security/cve/CVE-2020-11078.html
https://www.suse.com/security/cve/CVE-2021-21240.html
https://bugzilla.suse.com/1171998
https://bugzilla.suse.com/1182053
1
0
openSUSE-SU-2021:1896-1: moderate: Security update for pam_radius
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for pam_radius
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1896-1
Rating: moderate
References: #1163933
Cross-References: CVE-2015-9542
CVSS scores:
CVE-2015-9542 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2015-9542 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pam_radius fixes the following issues:
- CVE-2015-9542: pam_radius: buffer overflow in password field
(bsc#1163933)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1896=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
pam_radius-1.4.0-3.3.1
pam_radius-debuginfo-1.4.0-3.3.1
pam_radius-debugsource-1.4.0-3.3.1
- openSUSE Leap 15.3 (x86_64):
pam_radius-32bit-1.4.0-3.3.1
pam_radius-32bit-debuginfo-1.4.0-3.3.1
References:
https://www.suse.com/security/cve/CVE-2015-9542.html
https://bugzilla.suse.com/1163933
1
0
openSUSE-SU-2021:1975-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1975-1
Rating: important
References: #1043990 #1047233 #1055117 #1065729 #1087082
#1113295 #1133021 #1152457 #1152472 #1152489
#1153274 #1154353 #1155518 #1156256 #1156395
#1159280 #1160634 #1164648 #1167260 #1167574
#1167773 #1168777 #1168838 #1169709 #1171295
#1173485 #1174416 #1174426 #1175995 #1176447
#1176774 #1177028 #1177326 #1177411 #1177437
#1177666 #1178089 #1178134 #1178163 #1178181
#1178330 #1178378 #1178418 #1178612 #1179243
#1179454 #1179458 #1179519 #1179825 #1179827
#1179851 #1180100 #1180197 #1180814 #1180846
#1180980 #1181104 #1181161 #1181383 #1181507
#1181674 #1181862 #1182077 #1182257 #1182377
#1182378 #1182552 #1182574 #1182591 #1182613
#1182712 #1182713 #1182715 #1182716 #1182717
#1182999 #1183022 #1183048 #1183069 #1183077
#1183095 #1183120 #1183203 #1183249 #1183252
#1183277 #1183278 #1183279 #1183280 #1183281
#1183282 #1183283 #1183284 #1183285 #1183286
#1183287 #1183288 #1183289 #1183310 #1183311
#1183312 #1183313 #1183314 #1183315 #1183316
#1183317 #1183318 #1183319 #1183320 #1183321
#1183322 #1183323 #1183324 #1183325 #1183326
#1183346 #1183366 #1183369 #1183386 #1183405
#1183412 #1183427 #1183428 #1183445 #1183447
#1183491 #1183501 #1183509 #1183530 #1183534
#1183540 #1183593 #1183596 #1183598 #1183637
#1183646 #1183658 #1183662 #1183686 #1183692
#1183696 #1183750 #1183757 #1183775 #1183815
#1183843 #1183859 #1183868 #1183871 #1183873
#1183932 #1183947 #1183976 #1184074 #1184081
#1184082 #1184120 #1184167 #1184168 #1184170
#1184171 #1184176 #1184192 #1184193 #1184194
#1184196 #1184197 #1184198 #1184199 #1184208
#1184209 #1184211 #1184217 #1184218 #1184219
#1184220 #1184224 #1184259 #1184264 #1184386
#1184388 #1184391 #1184393 #1184436 #1184485
#1184509 #1184511 #1184512 #1184514 #1184583
#1184585 #1184611 #1184615 #1184650 #1184710
#1184724 #1184728 #1184730 #1184731 #1184736
#1184737 #1184738 #1184740 #1184741 #1184742
#1184760 #1184769 #1184811 #1184855 #1184893
#1184934 #1184942 #1184943 #1184952 #1184953
#1184955 #1184957 #1184969 #1184984 #1185010
#1185041 #1185110 #1185113 #1185233 #1185269
#1185365 #1185428 #1185454 #1185472 #1185491
#1185495 #1185497 #1185549 #1185550 #1185558
#1185573 #1185581 #1185586 #1185587 #1185589
#1185606 #1185640 #1185641 #1185642 #1185645
#1185670 #1185677 #1185680 #1185703 #1185725
#1185736 #1185758 #1185796 #1185840 #1185857
#1185859 #1185860 #1185861 #1185862 #1185863
#1185898 #1185899 #1185911 #1185938 #1185950
#1185954 #1185980 #1185982 #1185987 #1185988
#1186009 #1186060 #1186061 #1186062 #1186111
#1186118 #1186219 #1186285 #1186320 #1186349
#1186352 #1186353 #1186354 #1186355 #1186356
#1186357 #1186390 #1186401 #1186408 #1186416
#1186439 #1186441 #1186451 #1186460 #1186467
#1186479 #1186484 #1186498 #1186501 #1186512
#1186573 #1186681
Cross-References: CVE-2019-18814 CVE-2019-19769 CVE-2020-24586
CVE-2020-24587 CVE-2020-24588 CVE-2020-25670
CVE-2020-25671 CVE-2020-25672 CVE-2020-25673
CVE-2020-26139 CVE-2020-26141 CVE-2020-26145
CVE-2020-26147 CVE-2020-27170 CVE-2020-27171
CVE-2020-27673 CVE-2020-27815 CVE-2020-35519
CVE-2020-36310 CVE-2020-36311 CVE-2020-36312
CVE-2020-36322 CVE-2021-20268 CVE-2021-23134
CVE-2021-27363 CVE-2021-27364 CVE-2021-27365
CVE-2021-28038 CVE-2021-28375 CVE-2021-28660
CVE-2021-28688 CVE-2021-28950 CVE-2021-28952
CVE-2021-28964 CVE-2021-28971 CVE-2021-28972
CVE-2021-29154 CVE-2021-29155 CVE-2021-29264
CVE-2021-29265 CVE-2021-29647 CVE-2021-29650
CVE-2021-30002 CVE-2021-32399 CVE-2021-33034
CVE-2021-33200 CVE-2021-3428 CVE-2021-3444
CVE-2021-3483 CVE-2021-3489 CVE-2021-3490
CVE-2021-3491
CVSS scores:
CVE-2019-18814 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2019-18814 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CVE-2019-19769 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2019-19769 (SUSE): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H
CVE-2020-24586 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2020-24586 (SUSE): 4.7 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
CVE-2020-24587 (NVD) : 2.6 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
CVE-2020-24587 (SUSE): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-24588 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CVE-2020-24588 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2020-25670 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-25670 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25671 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-25671 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25672 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25672 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25673 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-25673 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
CVE-2020-26139 (NVD) : 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-26139 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2020-26141 (SUSE): 4.2 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-26145 (SUSE): 5.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2020-26147 (NVD) : 5.4 CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N
CVE-2020-27170 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2020-27170 (SUSE): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2020-27171 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
CVE-2020-27171 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H
CVE-2020-27673 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-27673 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-27815 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-27815 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2020-35519 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-35519 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-36310 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36310 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36311 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36311 (SUSE): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CVE-2020-36312 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36312 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVE-2020-36322 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-36322 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2021-20268 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-20268 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-23134 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-23134 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-27363 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CVE-2021-27363 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27364 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27364 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-27365 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-27365 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28038 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28038 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28375 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28375 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28660 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28660 (SUSE): 8 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-28688 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28688 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28950 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28950 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28952 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28964 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28964 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28971 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28971 (SUSE): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28972 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-28972 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29154 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29154 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29155 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-29155 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-29264 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29264 (SUSE): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29265 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29265 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29647 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-29647 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-29650 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29650 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-30002 (NVD) : 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-30002 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-32399 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-32399 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33034 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33034 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
CVE-2021-33200 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-33200 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3428 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2021-3444 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3444 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3483 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3483 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
CVE-2021-3489 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-3489 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3490 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-3490 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3491 (NVD) : 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-3491 (SUSE): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 52 vulnerabilities and has 250 fixes
is now available.
Description:
The SUSE Linux Enterprise 15 SP3 Azure kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2021-33200: Enforcing incorrect limits for pointer arithmetic
operations by the BPF verifier could be abused to perform out-of-bounds
reads and writes in kernel memory (bsc#1186484).
- CVE-2021-33034: Fixed a use-after-free when destroying an hci_chan. This
could lead to writing an arbitrary values. (bsc#1186111)
- CVE-2020-26139: Fixed a denial-of-service when an Access Point (AP)
forwards EAPOL frames to other clients even though the sender has not
yet successfully authenticated to the AP. (bnc#1186062)
- CVE-2021-23134: A Use After Free vulnerability in nfc sockets allowed
local attackers to elevate their privileges. (bnc#1186060)
- CVE-2021-3491: Fixed a potential heap overflow in mem_rw(). This
vulnerability is related to the PROVIDE_BUFFERS operation, which allowed
the MAX_RW_COUNT limit to be bypassed (bsc#1185642).
- CVE-2021-32399: Fixed a race condition when removing the HCI controller
(bnc#1184611).
- CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected
Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't
require that received fragments be cleared from memory after
(re)connecting to a network. Under the right circumstances this can be
abused to inject arbitrary network packets and/or exfiltrate user data
(bnc#1185859).
- CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected
Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't
require that all fragments of a frame are encrypted under the same key.
An adversary can abuse this to decrypt selected fragments when another
device sends fragmented frames and the WEP, CCMP, or GCMP encryption key
is periodically renewed (bnc#1185859 bnc#1185862).
- CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected
Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't
require that the A-MSDU flag in the plaintext QoS header field is
authenticated. Against devices that support receiving non-SSP A-MSDU
frames (which is mandatory as part of 802.11n), an adversary can abuse
this to inject arbitrary network packets. (bnc#1185861)
- CVE-2020-26147: The WEP, WPA, WPA2, and WPA3 implementations reassemble
fragments, even though some of them were sent in plaintext. This
vulnerability can be abused to inject packets and/or exfiltrate selected
fragments when another device sends fragmented frames and the WEP, CCMP,
or GCMP data-confidentiality protocol is used (bnc#1185859).
- CVE-2020-26145: An issue was discovered with Samsung Galaxy S3 i9305
4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept
second (or subsequent) broadcast fragments even when sent in plaintext
and process them as full unfragmented frames. An adversary can abuse
this to inject arbitrary network packets independent of the network
configuration. (bnc#1185860)
- CVE-2020-26141: An issue was discovered in the ALFA driver for AWUS036H,
where the Message Integrity Check (authenticity) of fragmented TKIP
frames was not verified. An adversary can abuse this to inject and
possibly decrypt packets in WPA or WPA2 networks that support the TKIP
data-confidentiality protocol. (bnc#1185987)
- CVE-2021-29650: Fixed an issue with the netfilter subsystem that allowed
attackers to cause a denial of service (panic) because
net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a
full memory barrier upon the assignment of a new table value
(bnc#1184208).
- CVE-2021-29155: Fixed an issue that was discovered in
kernel/bpf/verifier.c that performs undesirable out-of-bounds
speculation on pointer arithmetic, leading to side-channel attacks that
defeat Spectre mitigations and obtain sensitive information from kernel
memory. Specifically, for sequences of pointer arithmetic operations,
the pointer modification performed by the first operation was not
correctly accounted for when restricting subsequent operations
(bnc#1184942).
- CVE-2021-3444: Fixed an issue with the bpf verifier which did not
properly handle mod32 destination register truncation when the source
register was known to be 0 leading to out of bounds read (bsc#1184170).
- CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent
(bsc#1173485).
- CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed
attackers to obtain sensitive information from kernel memory because of
a partially uninitialized data structure (bsc#1184192 ).
- CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have
allowed attackers to cause a denial of service due to race conditions
during an update of the local and shared status (bsc#1184167).
- CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver
which could have allowed attackers to cause a system crash due to a
calculation of negative fragment size (bsc#1184168).
- CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a
new device name to the driver from userspace, allowing userspace to
write data to the kernel stack frame directly (bsc#1184198).
- CVE-2021-28971: Fixed an issue in intel_pmu_drain_pebs_nhm which could
have caused a system crash because the PEBS status in a PEBS record was
mishandled (bsc#1184196 ).
- CVE-2021-28964: Fixed a race condition in get_old_root which could have
allowed attackers to cause a denial of service (bsc#1184193).
- CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc#1183646).
- CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan
(bsc#1183593 ).
- CVE-2021-28375: Fixed an issue in fastrpc_internal_invoke which did not
prevent user applications from sending kernel RPC messages (bsc#1183596).
- CVE-2021-28038: Fixed an issue with the netback driver which was lacking
necessary treatment of errors such as failed memory allocations
(bsc#1183022).
- CVE-2021-27365: Fixed an issue where an unprivileged user can send a
Netlink message that is associated with iSCSI, and has a length up to
the maximum length of a Netlink message (bsc#1182715).
- CVE-2021-27364: Fixed an issue where an attacker could craft Netlink
messages (bsc#1182717).
- CVE-2021-27363: Fixed a kernel pointer leak which could have been used
to determine the address of the iscsi_transport structure (bsc#1182716).
- CVE-2020-35519: Fixed an out-of-bounds memory access was found in
x25_bind (bsc#1183696).
- CVE-2020-27815: Fixed an issue in JFS filesystem where could have
allowed an attacker to execute code (bsc#1179454).
- CVE-2020-27171: Fixed an off-by-one error affecting out-of-bounds
speculation on pointer arithmetic, leading to side-channel attacks that
defeat Spectre mitigations and obtain sensitive information from kernel
memory (bsc#1183775).
- CVE-2020-27170: Fixed potential side-channel attacks that defeat Spectre
mitigations and obtain sensitive information from kernel memory
(bsc#1183686).
- CVE-2019-19769: Fixed a use-after-free in the perf_trace_lock_acquire
function (bsc#1159280 ).
- CVE-2019-18814: Fixed a use-after-free when aa_label_parse() fails in
aa_audit_rule_init() (bsc#1156256).
- CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).
- CVE-2021-30002: Fixed a memory leak for large arguments in
video_usercopy (bsc#1184120).
- CVE-2021-29154: Fixed incorrect computation of branch displacements,
allowing arbitrary code execution (bsc#1184391).
- CVE-2021-28950: Fixed an issue in fs/fuse/fuse_i.h due to a retry loop
continually was finding the same bad inode (bsc#1184194).
- CVE-2021-28952: Fixed a buffer overflow in the soundwire device driver,
triggered when an unexpected port ID number is encountered.
(bnc#1184197).
- CVE-2021-20268: Fixed an out-of-bounds access flaw in the implementation
of the eBPF code verifier. This flaw allowed a local user to crash the
system or possibly escalate their privileges. (bnc#1183077)
- CVE-2020-27673: Fixed a vulnerability with xen, where guest OS users
could cause a denial of service (host OS hang) via a high rate of events
to dom0 (bnc#1177411).
- CVE-2020-36312: Fixed a memory leak upon a kmalloc failure (bsc#1184509
).
- CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering
destruction of a large SEV VM (bsc#1184511).
- CVE-2020-36310: Fixed infinite loop for certain nested page faults
(bsc#1184512).
- CVE-2021-3489: Fixed an issue where the eBPF RINGBUF bpf_ringbuf_reserve
did not check that the allocated size was smaller than the ringbuf size
(bnc#1185640).
- CVE-2021-3490: Fixed an issue where the eBPF ALU32 bounds tracking for
bitwise ops (AND, OR and XOR) did not update the 32-bit bounds
(bnc#1185641 bnc#1185796 ).
- CVE-2020-36322: Fixed an issue was discovered in FUSE filesystem
implementation which could have caused a system crash (bsc#1184211).
- CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed
multiple bugs in NFC subsytem (bsc#1178181).
The following non-security bugs were fixed:
- ACPI / hotplug / PCI: Fix reference count leak in enable_slot()
(git-fixes).
- ACPI / idle: override c-state latency when not in conformance with s0ix
(bsc#1185840).
- ACPI: CPPC: Replace cppc_attr with kobj_attribute (git-fixes).
- ACPI: GTDT: Do not corrupt interrupt mappings on watchdow probe failure
(git-fixes).
- ACPI: PM: Add ACPI ID of Alder Lake Fan (git-fixes).
- ACPI: PM: s2idle: Add AMD support to handle _DSM (bsc#1185840).
- ACPI: PM: s2idle: Add missing LPS0 functions for AMD (bsc#1185840).
- ACPI: PM: s2idle: Drop unused local variables and related code
(bsc#1185840).
- ACPI: PM: s2idle: Move x86-specific code to the x86 directory
(bsc#1185840).
- ACPI: custom_method: fix a possible memory leak (git-fixes).
- ACPI: custom_method: fix potential use-after-free issue (git-fixes).
- ACPI: processor: Fix CPU0 wakeup in acpi_idle_play_dead() (git-fixes).
- ACPI: processor: Fix build when CONFIG_ACPI_PROCESSOR=m (git-fixes).
- ACPI: scan: Rearrange memory allocation in acpi_device_add() (git-fixes).
- ACPI: video: Add DMI quirk for GIGABYTE GB-BXBT-2807 (git-fixes).
- ACPI: video: Add missing callback back for Sony VPCEH3U1E (git-fixes).
- ACPICA: Always create namespace nodes using acpi_ns_create_node()
(git-fixes).
- ACPICA: Enable sleep button on ACPI legacy wake (bsc#1181383).
- ACPICA: Fix race in generic_serial_bus (I2C) and GPIO op_region
parameter handling (git-fixes).
- ALSA: Convert strlcpy to strscpy when return value is unused (git-fixes).
- ALSA: aloop: Fix initialization of controls (git-fixes).
- ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (git-fixes).
- ALSA: bebob: enable to deliver MIDI messages for multiple ports
(git-fixes).
- ALSA: core: remove redundant spin_lock pair in snd_card_disconnect
(git-fixes).
- ALSA: dice: fix null pointer dereference when node is disconnected
(git-fixes).
- ALSA: dice: fix stream format at middle sampling rate for Alesis iO 26
(git-fixes).
- ALSA: dice: fix stream format for TC Electronic Konnekt Live at high
sampling transfer frequency (git-fixes).
- ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer
(git-fixes).
- ALSA: firewire-lib: fix amdtp_packet tracepoints event for packet_index
field (git-fixes).
- ALSA: firewire-lib: fix calculation for size of IR context payload
(git-fixes).
- ALSA: firewire-lib: fix check for the size of isochronous packet payload
(git-fixes).
- ALSA: hda/ca0132: Add Sound BlasterX AE-5 Plus support (git-fixes).
- ALSA: hda/cirrus: Add Headphone and Headset MIC Volume Control
(git-fixes).
- ALSA: hda/cirrus: Add error handling into CS8409 I2C functions
(git-fixes).
- ALSA: hda/cirrus: Add jack detect interrupt support from CS42L42
companion codec (git-fixes).
- ALSA: hda/cirrus: Add support for CS8409 HDA bridge and CS42L42
companion codec (git-fixes).
- ALSA: hda/cirrus: Cleanup patch_cirrus.c code (git-fixes).
- ALSA: hda/cirrus: Fix CS42L42 Headset Mic volume control name
(git-fixes).
- ALSA: hda/cirrus: Make CS8409 driver more generic by using fixups
(git-fixes).
- ALSA: hda/cirrus: Set Initial DMIC volume for Bullseye to -26 dB
(git-fixes).
- ALSA: hda/cirrus: Use CS8409 filter to fix abnormal sounds on Bullseye
(git-fixes).
- ALSA: hda/conexant: Add quirk for mute LED control on HP ZBook G5
(git-fixes).
- ALSA: hda/conexant: Apply quirk for another HP ZBook G5 model
(git-fixes).
- ALSA: hda/conexant: Re-order CX5066 quirk table entries (git-fixes).
- ALSA: hda/conexant: Re-order CX5066 quirk table entries (git-fixes).
- ALSA: hda/hdmi: Cancel pending works before suspend (bsc#1182377).
- ALSA: hda/hdmi: Cancel pending works before suspend (git-fixes).
- ALSA: hda/hdmi: fix race in handling acomp ELD notification at resume
(git-fixes).
- ALSA: hda/realtek - Headset Mic issue on HP platform (git-fixes).
- ALSA: hda/realtek: ALC285 Thinkpad jack pin quirk is unreachable
(git-fixes).
- ALSA: hda/realtek: Add fixup for HP OMEN laptop (git-fixes).
- ALSA: hda/realtek: Add fixup for HP Spectre x360 15-df0xxx (git-fixes).
- ALSA: hda/realtek: Add quirk for Intel Clevo PCx0Dx (git-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Ideapad S740 (git-fixes).
- ALSA: hda/realtek: Add some CLOVE SSIDs of ALC293 (git-fixes).
- ALSA: hda/realtek: Apply headset-mic quirks for Xiaomi Redmibook Air
(git-fixes).
- ALSA: hda/realtek: Chain in pop reduction fixup for ThinkStation P340
(git-fixes).
- ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on
EliteBook 845 G8 (git-fixes).
- ALSA: hda/realtek: Fix silent headphone output on ASUS UX430UA
(git-fixes).
- ALSA: hda/realtek: Fix speaker amp on HP Envy AiO 32 (git-fixes).
- ALSA: hda/realtek: Fix speaker amp setup on Acer Aspire E1 (git-fixes).
- ALSA: hda/realtek: GA503 use same quirks as GA401 (git-fixes).
- ALSA: hda/realtek: Headphone volume is controlled by Front mixer
(git-fixes).
- ALSA: hda/realtek: Re-order ALC269 ASUS quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC269 Acer quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC269 Dell quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC269 HP quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries
(git-fixes).
- ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC662 quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC882 Clevo quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order ALC882 Sony quirk table entries (git-fixes).
- ALSA: hda/realtek: Re-order remaining ALC269 quirk table entries
(git-fixes).
- ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill
devices (git-fixes).
- ALSA: hda/realtek: apply pin quirk for XiaomiNotebook Pro (git-fixes).
- ALSA: hda/realtek: call alc_update_headset_mode() in hp_automute_hook
(git-fixes).
- ALSA: hda/realtek: fix a determine_headset_type issue for a Dell AIO
(git-fixes).
- ALSA: hda/realtek: fix mic boost on Intel NUC 8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury
15 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury
17 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook G8
(git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 440 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 640 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 840 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 850 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP 855 G8 (git-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs for HP ProBook 445 G7
(git-fixes).
- ALSA: hda/realtek: fix static noise on ALC285 Lenovo laptops (git-fixes).
- ALSA: hda/realtek: reset eapd coeff to default value for alc287
(git-fixes).
- ALSA: hda/realtek: the bass speaker can't output sound on Yoga 9i
(git-fixes).
- ALSA: hda: Add missing sanity checks in PM prepare/complete callbacks
(git-fixes).
- ALSA: hda: Avoid spurious unsol event handling during S3/S4
(bsc#1182377).
- ALSA: hda: Avoid spurious unsol event handling during S3/S4 (git-fixes).
- ALSA: hda: Drop the BATCH workaround for AMD controllers (git-fixes).
- ALSA: hda: Flush pending unsolicited events before suspend (bsc#1182377).
- ALSA: hda: Re-add dropped snd_poewr_change_state() calls (git-fixes).
- ALSA: hda: fixup headset for ASUS GU502 laptop (git-fixes).
- ALSA: hda: fixup headset for ASUS GU502 laptop (git-fixes).
- ALSA: hda: generic: Fix the micmute led init state (git-fixes).
- ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP
(git-fixes).
- ALSA: hda: ignore invalid NHLT table (git-fixes).
- ALSA: hdsp: do not disable if not enabled (git-fixes).
- ALSA: hdspm: do not disable if not enabled (git-fixes).
- ALSA: intel8x0: Do not update period unless prepared (git-fixes).
- ALSA: line6: Fix racy initialization of LINE6 MIDI (git-fixes).
- ALSA: rme9652: do not disable if not enabled (git-fixes).
- ALSA: sb: Fix two use after free in snd_sb_qsound_build (git-fixes).
- ALSA: usb-audio: Add DJM-450 to the quirks table (git-fixes).
- ALSA: usb-audio: Add DJM450 to Pioneer format quirk (git-fixes).
- ALSA: usb-audio: Add DJM450 to Pioneer format quirk (git-fixes).
- ALSA: usb-audio: Add DJM750 to Pioneer mixer quirk (git-fixes).
- ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX (git-fixes).
- ALSA: usb-audio: Add Pioneer DJM-850 to quirks-table (git-fixes).
- ALSA: usb-audio: Add dB range mapping for Sennheiser Communications
Headset PC 8 (git-fixes).
- ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls
(git-fixes).
- ALSA: usb-audio: Add implicit feeback support for the BOSS GT-1
(git-fixes).
- ALSA: usb-audio: Add support for Pioneer DJM-750 (git-fixes).
- ALSA: usb-audio: Add support for many Roland devices' implicit feedback
quirks (git-fixes).
- ALSA: usb-audio: Apply implicit feedback mode for BOSS devices
(git-fixes).
- ALSA: usb-audio: Apply sample rate quirk to Logitech Connect (git-fixes).
- ALSA: usb-audio: Carve out connector value checking into a helper
(git-fixes).
- ALSA: usb-audio: Check connector value on resume (git-fixes).
- ALSA: usb-audio: Configure Pioneer DJM-850 samplerate (git-fixes).
- ALSA: usb-audio: Convert remaining strlcpy() to strscpy() (git-fixes).
- ALSA: usb-audio: Convert the last strlcpy() usage (git-fixes).
- ALSA: usb-audio: DJM-750: ensure format is set (git-fixes).
- ALSA: usb-audio: Declare Pioneer DJM-850 mixer controls (git-fixes).
- ALSA: usb-audio: Drop implicit fb quirk entries dubbed for capture
(git-fixes).
- ALSA: usb-audio: Explicitly set up the clock selector (git-fixes).
- ALSA: usb-audio: Fix "RANGE setting not yet supported" errors
(git-fixes).
- ALSA: usb-audio: Fix Pioneer DJM devices URB_CONTROL request direction
to set samplerate (git-fixes).
- ALSA: usb-audio: Fix Pioneer DJM devices URB_CONTROL request direction
to set samplerate (git-fixes).
- ALSA: usb-audio: Fix implicit sync clearance at stopping stream
(git-fixes).
- ALSA: usb-audio: Fix potential out-of-bounce access in MIDI EP parser
(git-fixes).
- ALSA: usb-audio: Fix unintentional sign extension issue (git-fixes).
- ALSA: usb-audio: Generic application of implicit fb to Roland/BOSS
devices (git-fixes).
- ALSA: usb-audio: Re-apply implicit feedback mode to Pioneer devices
(git-fixes).
- ALSA: usb-audio: Remove redundant assignment to len (git-fixes).
- ALSA: usb-audio: Skip probe of UA-101 devices (git-fixes).
- ALSA: usb-audio: Skip the clock selector inquiry for single connections
(git-fixes).
- ALSA: usb-audio: Validate MS endpoint descriptors (git-fixes).
- ALSA: usb-audio: add mixer quirks for Pioneer DJM-900NXS2 (git-fixes).
- ALSA: usb-audio: fix NULL ptr dereference in usb_audio_probe
(bsc#1182552).
- ALSA: usb-audio: fix Pioneer DJM-850 control label info (git-fixes).
- ALSA: usb-audio: fix control-request direction (git-fixes).
- ALSA: usb-audio: fix use after free in usb_audio_disconnect
(bsc#1182552).
- ALSA: usb-audio: generate midi streaming substream names from jack names
(git-fixes).
- ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci (git-fixes).
- ALSA: usb-audio: scarlett2: Improve driver startup messages (git-fixes).
- ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be
static (git-fixes).
- ALSA: usb-audio: use usb headers rather than define structs locally
(git-fixes).
- ALSA: usb: Use DIV_ROUND_UP() instead of open-coding it (git-fixes).
- ALSA: usb: midi: do not return -ENOMEM when usb_urb_ep_type_check fails
(git-fixes).
- ARM64: vdso32: Install vdso32 from vdso_install (git-fixes).
- ASoC: Intel: Add DMI quirk table to soc_intel_is_byt_cr() (git-fixes).
- ASoC: Intel: boards: sof-wm8804: add check for PLL setting (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for ARCHOS Cesium 140 (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Chuwi Hi8 tablet
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R
tablet (git-fixes).
- ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Enable jack-detect support on Asus T100TAF
(git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix HP Pavilion x2 10-p0XX OVCD current
threshold (git-fixes).
- ASoC: Intel: bytcr_rt5651: Add quirk for the Jumper EZpad 7 tablet
(git-fixes).
- ASoC: Intel: kbl_da7219_max98927: Fix kabylake_ssp_fixup function
(git-fixes).
- ASoC: Intel: sof_sdw: add quirk for HP Spectre x360 convertible
(git-fixes).
- ASoC: Intel: sof_sdw: add quirk for new ADL-P Rvp (git-fixes).
- ASoC: Intel: sof_sdw: reorganize quirks by generation (git-fixes).
- ASoC: SOF: Intel: HDA: fix core status verification (git-fixes).
- ASoC: SOF: Intel: HDA: fix core status verification (git-fixes).
- ASoC: SOF: Intel: hda: remove unnecessary parentheses (git-fixes).
- ASoC: SOF: Intel: unregister DMIC device on probe error (git-fixes).
- ASoC: SOF: intel: fix wrong poll bits in dsp power down (git-fixes).
- ASoC: ak4458: Add MODULE_DEVICE_TABLE (git-fixes).
- ASoC: ak5558: Add MODULE_DEVICE_TABLE (git-fixes).
- ASoC: ak5558: Fix s/show/slow/ typo (git-fixes).
- ASoC: ak5558: correct reset polarity (git-fixes).
- ASoC: codecs: wcd934x: add a sanity check in set channel map (git-fixes).
- ASoC: cs35l33: fix an error code in probe() (git-fixes).
- ASoC: cs42l42: Always wait at least 3ms after reset (git-fixes).
- ASoC: cs42l42: Do not enable/disable regulator at Bias Level (git-fixes).
- ASoC: cs42l42: Fix Bitclock polarity inversion (git-fixes).
- ASoC: cs42l42: Fix channel width support (git-fixes).
- ASoC: cs42l42: Fix mixer volume control (git-fixes).
- ASoC: cs42l42: Regmap must use_single_read/write (git-fixes).
- ASoC: cygnus: fix for_each_child.cocci warnings (git-fixes).
- ASoC: es8316: Simplify adc_pga_gain_tlv table (git-fixes).
- ASoC: fsl_esai: Fix TDM slot setup for I2S mode (git-fixes).
- ASoC: fsl_ssi: Fix TDM slot setup for I2S mode (git-fixes).
- ASoC: intel: atom: Remove 44100 sample-rate from the media and
deep-buffer DAI descriptions (git-fixes).
- ASoC: intel: atom: Stop advertising non working S24LE support
(git-fixes).
- ASoC: max98373: Added 30ms turn on/off time delay (git-fixes).
- ASoC: max98373: Changed amp shutdown register as volatile (git-fixes).
- ASoC: qcom: lpass-cpu: Fix lpass dai ids parse (git-fixes).
- ASoC: qcom: sdm845: Fix array out of bounds access (git-fixes).
- ASoC: qcom: sdm845: Fix array out of range on rx slim channels
(git-fixes).
- ASoC: rsnd: call rsnd_ssi_master_clk_start() from rsnd_ssi_init()
(git-fixes).
- ASoC: rsnd: check all BUSIF status when error (git-fixes).
- ASoC: rsnd: core: Check convert rate in rsnd_hw_params (git-fixes).
- ASoC: rt1015: fix i2c communication error (git-fixes).
- ASoC: rt286: Generalize support for ALC3263 codec (git-fixes).
- ASoC: rt286: Make RT286_SET_GPIO_* readable and writable (git-fixes).
- ASoC: rt5640: Fix dac- and adc- vol-tlv values being off by a factor of
10 (git-fixes).
- ASoC: rt5651: Fix dac- and adc- vol-tlv values being off by a factor of
10 (git-fixes).
- ASoC: rt5659: Update MCLK rate in set_sysclk() (git-fixes).
- ASoC: rt5670: Add a quirk for the Dell Venue 10 Pro 5055 (git-fixes).
- ASoC: rt5670: Add emulated 'DAC1 Playback Switch' control (git-fixes).
- ASoC: rt5670: Remove 'HP Playback Switch' control (git-fixes).
- ASoC: rt5670: Remove 'OUT Channel Switch' control (git-fixes).
- ASoC: rt5670: Remove ADC vol-ctrl mute bits poking from Sto1 ADC mixer
settings (git-fixes).
- ASoC: rt711: add snd_soc_component remove callback (git-fixes).
- ASoC: samsung: snow: remove useless test (git-fixes).
- ASoC: samsung: tm2_wm5110: check of of_parse return value (git-fixes).
- ASoC: sgtl5000: set DAP_AVC_CTRL register to correct default value on
probe (git-fixes).
- ASoC: simple-card-utils: Do not handle device clock (git-fixes).
- ASoC: simple-card: fix possible uninitialized single_cpu local variable
(git-fixes).
- ASoC: soc-core kABI workaround (git-fixes).
- ASoC: soc-core: Prevent warning if no DMI table is present (git-fixes).
- ASoC: sunxi: sun4i-codec: fill ASoC card owner (git-fixes).
- ASoC: wm8960: Fix wrong bclk and lrclk with pll enabled for some chips
(git-fixes).
- ASoC: wm8960: Remove bitclk relax condition in wm8960_configure_sysclk
(git-fixes).
- Bluetooth: Fix incorrect status handling in LE PHY UPDATE event
(git-fixes).
- Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
(git-fixes).
- Bluetooth: L2CAP: Fix handling LE modes by L2CAP_OPTIONS (git-fixes).
- Bluetooth: SMP: Fail if remote and local public keys are identical
(git-fixes).
- Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default (git-fixes).
- Bluetooth: avoid deadlock between hci_dev->lock and socket lock
(git-fixes).
- Bluetooth: btqca: Add valid le states quirk (git-fixes).
- Bluetooth: btusb: Enable quirk boolean flag for Mediatek Chip
(git-fixes).
- Bluetooth: check for zapped sk before connecting (git-fixes).
- Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl
(git-fixes).
- Bluetooth: initialize skb_queue_head at l2cap_chan_create() (git-fixes).
- Documentation/ABI: sysfs-platform-ideapad-laptop: update device
attribute paths (git-fixes).
- Drivers: hv: vmbus: Fix Suspend-to-Idle for Generation-2 VM (git-fixes).
- Drivers: hv: vmbus: Increase wait time for VMbus unload (bsc#1185725).
- Drivers: hv: vmbus: Initialize unload_event statically (bsc#1185725).
- Drivers: hv: vmbus: Use after free in __vmbus_open() (git-fixes).
- EDAC/amd64: Check for memory before fully initializing an instance
(bsc#1183815).
- EDAC/amd64: Get rid of the ECC disabled long message (bsc#1183815).
- EDAC/amd64: Use cached data when checking for ECC (bsc#1183815).
- Goodix Fingerprint device is not a modem (git-fixes).
- HID: alps: fix error return code in alps_input_configured() (git-fixes).
- HID: google: add don USB id (git-fixes).
- HID: i2c-hid: Add I2C_HID_QUIRK_NO_IRQ_AFTER_RESET for ITE8568 EC on
Voyo Winpad A15 (git-fixes).
- HID: mf: add support for 0079:1846 Mayflash/Dragonrise USB Gamecube
Adapter (git-fixes).
- HID: plantronics: Workaround for double volume key presses (git-fixes).
- HID: wacom: Assign boolean values to a bool variable (git-fixes).
- HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of
devices (git-fixes).
- HSI: Fix PM usage counter unbalance in ssi_hw_init (git-fixes).
- Hibernation: Fix Hibernate not blocked in Secure Boot with no EFI secret
key
- IB/hfi1: Fix probe time panic when AIP is enabled with a buggy BIOS
(jsc#SLE-13208).
- IB/hfi1: Rework AIP and VNIC dummy netdev usage (jsc#SLE-13208).
- Input: applespi - do not wait for responses to commands indefinitely
(git-fixes).
- Input: elantech - fix protocol errors for some trackpoints in SMBus mode
(git-fixes).
- Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated
devices (git-fixes).
- Input: i8042 - fix Pegatron C15B ID entry (git-fixes).
- Input: nspire-keypad - enable interrupts only when opened (git-fixes).
- Input: s6sy761 - fix coordinate read bit shift (git-fixes).
- Input: silead - add workaround for x86 BIOS-es which bring the chip up
in a stuck state (git-fixes).
- KEYS: trusted: Fix TPM reservation for seal/unseal (git-fixes).
- KEYS: trusted: Fix memory leak on object td (git-fixes).
- KVM x86: Extend AMD specific guest behavior to Hygon virtual CPUs
(bsc#1183447).
- KVM: PPC: Book3S HV P9: Restore host CTRL SPR after guest exit
(bsc#1156395).
- KVM: PPC: Make the VMX instruction emulation routines static
(bsc#1156395).
- KVM: SVM: Clear the CR4 register on reset (bsc#1183252).
- KVM: kvmclock: Fix vCPUs > 64 can't be online/hotpluged (bsc#1152489).
- KVM: nVMX: Properly handle userspace interrupt window request
(bsc#1183427).
- KVM: s390: fix guarded storage control register handling (bsc#1133021).
- KVM: x86: Add helpers to perform CPUID-based guest vendor check
(bsc#1183445).
- KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off
(bsc#1183287).
- KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off
(bsc#1183323).
- KVM: x86: Expose XSAVEERPTR to the guest (jsc#SLE-13573).
- KVM: x86: Return -E2BIG when KVM_GET_SUPPORTED_CPUID hits max entries
(bsc#1183428).
- KVM: x86: Set so called 'reserved CR3 bits in LM mask' at vCPU reset
(bsc#1183288).
- KVM: x86: Set so called 'reserved CR3 bits in LM mask' at vCPU reset
(bsc#1183324).
- KVM: x86: do not reset microcode version on INIT or RESET (bsc#1183412).
- KVM: x86: list MSR_IA32_UCODE_REV as an emulated MSR (bsc#1183369).
- NFC: nci: fix memory leak in nci_allocate_device (git-fixes).
- PCI/AER: Add RCEC AER error injection support (bsc#1174426).
- PCI/AER: Add pcie_walk_rcec() to RCEC AER handling (bsc#1174426).
- PCI/AER: Clear AER status from Root Port when resetting Downstream Port
(bsc#1174426).
- PCI/AER: Specify the type of Port that was reset (bsc#1174426).
- PCI/AER: Use "aer" variable for capability offset (bsc#1174426).
- PCI/AER: Write AER Capability only when we control it (bsc#1174426).
- PCI/ERR: Add pci_walk_bridge() to pcie_do_recovery() (bsc#1174426).
- PCI/ERR: Add pcie_link_rcec() to associate RCiEPs (bsc#1174426).
- PCI/ERR: Avoid negated conditional for clarity (bsc#1174426).
- PCI/ERR: Bind RCEC devices to the Root Port driver (bsc#1174426).
- PCI/ERR: Bind RCEC devices to the Root Port driver (jsc#SLE-13736
jsc#SLE-14845).
- PCI/ERR: Cache RCEC EA Capability offset in pci_init_capabilities()
(bsc#1174426).
- PCI/ERR: Clear AER status only when we control AER (bsc#1174426).
- PCI/ERR: Clear PCIe Device Status errors only if OS owns AER
(bsc#1174426).
- PCI/ERR: Clear status of the reporting device (bsc#1174426).
- PCI/ERR: Recover from RCEC AER errors (bsc#1174426).
- PCI/ERR: Recover from RCiEP AER errors (bsc#1174426).
- PCI/ERR: Rename reset_link() to reset_subordinates() (bsc#1174426).
- PCI/ERR: Retain status from error notification (bsc#1174426).
- PCI/ERR: Simplify by computing pci_pcie_type() once (bsc#1174426).
- PCI/ERR: Simplify by using pci_upstream_bridge() (bsc#1174426).
- PCI/ERR: Use "bridge" for clarity in pcie_do_recovery() (bsc#1174426).
- PCI/PME: Add pcie_walk_rcec() to RCEC PME handling (bsc#1174426).
- PCI/RCEC: Fix RCiEP device to RCEC association (git-fixes).
- PCI/RCEC: Fix RCiEP device to RCEC association (jsc#SLE-13736
jsc#SLE-14845 git-fixes).
- PCI/portdrv: Report reset for frozen channel (bsc#1174426).
- PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse (git-fixes).
- PCI: Add function 1 DMA alias quirk for Marvell 9215 SATA controller
(git-fixes).
- PCI: Allow VPD access for QLogic ISP2722 (git-fixes).
- PCI: Fix pci_register_io_range() memory leak (git-fixes).
- PCI: PM: Do not read power state in pci_enable_device_flags()
(git-fixes).
- PCI: Release OF node in pci_scan_device()'s error path (git-fixes).
- PCI: designware-ep: Fix the Header Type check (git-fixes).
- PCI: dwc: Move iATU detection earlier (git-fixes).
- PCI: endpoint: Fix missing destroy_workqueue() (git-fixes).
- PCI: iproc: Fix return value of iproc_msi_irq_domain_alloc() (git-fixes).
- PCI: keystone: Let AM65 use the pci_ops defined in
pcie-designware-host.c (git-fixes).
- PCI: mediatek: Add missing of_node_put() to fix reference leak
(git-fixes).
- PCI: tegra: Fix ASPM-L1SS advertisement disable code (git-fixes).
- PCI: tegra: Move "dbi" accesses to post common DWC initialization
(git-fixes).
- PCI: thunder: Fix compile testing (git-fixes).
- PCI: xgene-msi: Fix race in installing chained irq handler (git-fixes).
- PM / devfreq: Use more accurate returned new_freq as resume_freq
(git-fixes).
- PM: EM: postpone creating the debugfs dir till fs_initcall (git-fixes).
- PM: runtime: Add documentation for pm_runtime_resume_and_get()
(git-fixes).
- PM: runtime: Add pm_runtime_resume_and_get to deal with usage counter
(bsc#1183366).
- PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
- PM: runtime: Fix ordering in pm_runtime_get_suppliers() (git-fixes).
- PM: runtime: Fix race getting/putting suppliers at probe (git-fixes).
- Platform: OLPC: Fix probe error handling (git-fixes).
- RAS/CEC: Correct ce_add_elem()'s returned values (bsc#1152489).
- RDMA/addr: create addr_wq with WQ_MEM_RECLAIM flag (bsc#1183346).
- RDMA/cm: Fix IRQ restore in ib_send_cm_sidr_rep (jsc#SLE-15176).
- RDMA/core: create ib_cm with WQ_MEM_RECLAIM flag (bsc#1183346).
- RDMA/hns: Delete redundant abnormal interrupt status (git-fixes).
- RDMA/hns: Delete redundant condition judgment related to eq (git-fixes).
- RDMA/mlx5: Fix drop packet rule in egress table (jsc#SLE-15175).
- RDMA/qedr: Fix error return code in qedr_iw_connect() (jsc#SLE-8215).
- RDMA/rtrs-clt: Close rtrs client conn before destroying rtrs clt session
files (jsc#SLE-15176).
- RDMA/rtrs-clt: destroy sysfs after removing session from active list
(jsc#SLE-15176).
- RDMA/srp: Fix support for unpopulated and unbalanced NUMA nodes
(bsc#1169709)
- RDMA/srp: Fix support for unpopulated and unbalanced NUMA nodes
(bsc#1169709)
- RDMA/srpt: Fix error return code in srpt_cm_req_recv() (git-fixes).
- Re-enable yenta socket driver for x86_64 (bsc#1186349)
- SUNRPC in case of backlog, hand free slots directly to waiting task
(bsc#1185428).
- SUNRPC: More fixes for backlog congestion (bsc#1185428).
- USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet
(git-fixes).
- USB: Add reset-resume quirk for WD19's Realtek Hub (git-fixes).
- USB: CDC-ACM: fix poison/unpoison imbalance (bsc#1184984).
- USB: CDC-ACM: fix poison/unpoison imbalance (git-fixes).
- USB: cdc-acm: downgrade message to debug (git-fixes).
- USB: cdc-acm: fix TIOCGSERIAL implementation (git-fixes).
- USB: cdc-acm: fix double free on probe failure (git-fixes).
- USB: cdc-acm: fix unprivileged TIOCCSERIAL (git-fixes).
- USB: cdc-acm: fix use-after-free after probe failure (git-fixes).
- USB: cdc-acm: untangle a circular dependency between callback and
softint (git-fixes).
- USB: gadget: u_ether: Fix a configfs return code (git-fixes).
- USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR()
(git-fixes).
- USB: quirks: ignore remote wake-up on Fibocom L850-GL LTE modem
(git-fixes).
- USB: replace hardcode maximum usb string length by definition
(git-fixes).
- USB: serial: ark3116: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: ch341: add new Product ID (git-fixes).
- USB: serial: cp210x: add ID for Acuity Brands nLight Air Adapter
(git-fixes).
- USB: serial: cp210x: add some more GE USB IDs (git-fixes).
- USB: serial: f81232: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: f81534: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: fix return value for unsupported ioctls (git-fixes).
- USB: serial: io_edgeport: fix memory leak in edge_startup (git-fixes).
- USB: serial: mos7720: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: opticon: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: pl2303: add support for PL2303HXN (bsc#1186320).
- USB: serial: pl2303: fix line-speed handling on newer chips
(bsc#1186320).
- USB: serial: quatech2: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: ssu100: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: ti_usb_3410_5052: fix TIOCSSERIAL permission check
(git-fixes).
- USB: serial: usb_wwan: fix TIOCGSERIAL implementation (git-fixes).
- USB: serial: usb_wwan: fix TIOCSSERIAL jiffies conversions (git-fixes).
- USB: serial: usb_wwan: fix unprivileged TIOCCSERIAL (git-fixes).
- USB: trancevibrator: fix control-request direction (git-fixes).
- USB: usblp: fix a hang in poll() if disconnected (git-fixes).
- Update config files. (bsc#1185010)
- amd/amdgpu: Disable VCN DPG mode for Picasso (git-fixes).
- amdgpu: avoid incorrect %hu format string (git-fixes).
- apparmor: Fix aa_label refcnt leak in policy_update (git-fixes).
- apparmor: check/put label on apparmor_sk_clone_security() (git-fixes).
- appletalk: Fix skb allocation size in loopback case (git-fixes).
- arm64/mm: Fix pfn_valid() for ZONE_DEVICE based memory (git-fixes).
- arm64: Add missing ISB after invalidating TLB in __primary_switch
(git-fixes).
- arm64: avoid -Woverride-init warning (git-fixes).
- arm64: kasan: fix page_alloc tagging with DEBUG_VIRTUAL (git-fixes).
- arm64: kdump: update ppos when reading elfcorehdr (git-fixes).
- arm64: kexec_file: fix memory leakage in create_dtb() when
fdt_open_into() fails (git-fixes).
- arm64: link with -z norelro for LLD or aarch64-elf (git-fixes).
- arm64: link with -z norelro regardless of CONFIG_RELOCATABLE (git-fixes).
- arm64: make STACKPROTECTOR_PER_TASK configurable (bsc#1181862).
- arm64: ptrace: Fix seccomp of traced syscall -1 (NO_SYSCALL) (git-fixes).
- arm64: ptrace: Use NO_SYSCALL instead of -1 in syscall_trace_enter()
(git-fixes).
- arm64: vdso32: make vdso32 install conditional (git-fixes).
- arm: mm: use __pfn_to_section() to get mem_section (git-fixes).
- ata: ahci: Disable SXS for Hisilicon Kunpeng920 (git-fixes).
- ata: libahci_platform: fix IRQ check (git-fixes).
- ath10k: Fix a use after free in ath10k_htc_send_bundle (git-fixes).
- ath10k: Fix ath10k_wmi_tlv_op_pull_peer_stats_info() unlock without lock
(git-fixes).
- ath10k: fix wmi mgmt tx queue full due to race condition (git-fixes).
- ath10k: hold RCU lock when calling ieee80211_find_sta_by_ifaddr()
(git-fixes).
- ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices
(git-fixes).
- ath9k: fix transmitting to stations in dynamic SMPS mode (git-fixes).
- atl1c: fix error return code in atl1c_probe() (git-fixes).
- atl1e: fix error return code in atl1e_probe() (git-fixes).
- backlight: journada720: Fix Wmisleading-indentation warning (git-fixes).
- batman-adv: initialize "struct batadv_tvlv_tt_vlan_data"->reserved field
(git-fixes).
- binfmt_misc: fix possible deadlock in bm_register_write (git-fixes).
- binfmt_misc: fix possible deadlock in bm_register_write (git-fixes).
- blk-iocost: ioc_pd_free() shouldn't assume irq disabled (git-fixes).
- blk-mq: Swap two calls in blk_mq_exit_queue() (git-fixes).
- blk-mq: plug request for shared sbitmap (jsc#SLE-15442 bsc#1180814
ltc#187461 git-fixes).
- blk-mq: set default elevator as deadline in case of hctx shared tagset
(jsc#SLE-15442 bsc#1180814 ltc#187461 git-fixes).
- blkcg: fix memleak for iolatency (git-fixes).
- block, bfq: set next_rq to waker_bfqq->next_rq in waker injection
(bsc#1168838).
- block/genhd: use atomic_t for disk_event->block (bsc#1185497).
- block: Fix three kernel-doc warnings (git-fixes).
- block: fix get_max_io_size() (git-fixes).
- block: recalculate segment count for multi-segment discards correctly
(bsc#1184724).
- block: rsxx: fix error return code of rsxx_pci_probe() (git-fixes).
- block: rsxx: select CONFIG_CRC32 (git-fixes).
- bluetooth: eliminate the potential race condition when removing the HCI
controller (git-fixes).
- bnxt_en: Fix RX consumer index logic in the error path (git-fixes).
- bnxt_en: Fix RX consumer index logic in the error path (git-fixes).
- bnxt_en: fix ternary sign extension bug in bnxt_show_temp() (git-fixes).
- bnxt_en: reliably allocate IRQ table on reset to avoid crash
(jsc#SLE-8371 bsc#1153274).
- bnxt_en: reverse order of TX disable and carrier off (git-fixes).
- bpf, sockmap: Fix sk->prot unhash op reset (bsc#1155518).
- bpf,x64: Pad NOPs to make images converge more easily (bsc#1178163).
- bpf: Add sanity check for upper ptr_limit (bsc#1183686 bsc#1183775).
- bpf: Avoid warning when re-casting __bpf_call_base into
__bpf_call_base_args (bsc#1155518).
- bpf: Declare __bpf_free_used_maps() unconditionally (bsc#1155518).
- bpf: Do not do bpf_cgroup_storage_set() for kuprobe/tp programs
(bsc#1155518).
- bpf: Enforce that struct_ops programs be GPL-only (bsc#1177028).
- bpf: Fix 32 bit src register truncation on div/mod (bsc#1184170).
- bpf: Fix an unitialized value in bpf_iter (bsc#1177028).
- bpf: Fix leakage of uninitialized bpf stack under speculation
(bsc#1155518).
- bpf: Fix masking negation logic upon negative dst register (bsc#1155518).
- bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
(bsc#1177028).
- bpf: Fix verifier jsgt branch analysis on max bound (bsc#1155518).
- bpf: Refcount task stack in bpf_get_task_stack (bsc#1177028).
- bpf: Remove MTU check in __bpf_skb_max_len (bsc#1155518).
- bpf: Simplify alu_limit masking for pointer arithmetic (bsc#1183686
bsc#1183775).
- bpf: link: Refuse non-O_RDWR flags in BPF_OBJ_GET (bsc#1177028).
- bpf_lru_list: Read double-checked variable once without lock
(bsc#1155518).
- brcmfmac: Add DMI nvram filename quirk for Predia Basic tablet
(git-fixes).
- brcmfmac: Add DMI nvram filename quirk for Voyo winpad A15 tablet
(git-fixes).
- brcmfmac: clear EAP/association status bits on linkdown events
(git-fixes).
- bsg: free the request before return error code (git-fixes).
- btrfs: abort the transaction if we fail to inc ref in btrfs_copy_root
(bsc#1184217).
- btrfs: always pin deleted leaves when there are active tree mod log
users (bsc#1184224).
- btrfs: fix exhaustion of the system chunk array due to concurrent
allocations (bsc#1183386).
- btrfs: fix extent buffer leak on failure to copy root (bsc#1184218).
- btrfs: fix qgroup data rsv leak caused by falloc failure (bsc#1185549).
- btrfs: fix race between swap file activation and snapshot creation
(bsc#1185587).
- btrfs: fix race between swap file activation and snapshot creation
(bsc#1185587).
- btrfs: fix race between transaction aborts and fsyncs leading to
use-after-free (bsc#1186441).
- btrfs: fix race between transaction aborts and fsyncs leading to
use-after-free (bsc#1186441).
- btrfs: fix race between writes to swap files and scrub (bsc#1185586).
- btrfs: fix race between writes to swap files and scrub (bsc#1185586).
- btrfs: fix race when cloning extent buffer during rewind of an old root
(bsc#1184193).
- btrfs: fix race when picking most recent mod log operation for an old
root (bsc#1186439).
- btrfs: fix race when picking most recent mod log operation for an old
root (bsc#1186439).
- btrfs: fix stale data exposure after cloning a hole with NO_HOLES
enabled (bsc#1184220).
- btrfs: fix subvolume/snapshot deletion not triggered on mount
(bsc#1184219).
- btrfs: track qgroup released data in own variable in
insert_prealloc_file_extent (bsc#1185549).
- bus: fsl-mc: add the dpdbg device type (bsc#1185670).
- bus: fsl-mc: list more commands as accepted through the ioctl
(bsc#1185670).
- bus: omap_l3_noc: mark l3 irqs as IRQF_NO_THREAD (git-fixes).
- bus: qcom: Put child node before return (git-fixes).
- bus: ti-sysc: Fix warning on unbind if reset is not deasserted
(git-fixes).
- can: c_can: move runtime PM enable/disable to c_can_platform (git-fixes).
- can: c_can_pci: c_can_pci_remove(): fix use-after-free (git-fixes).
- can: flexcan: assert FRZ bit in flexcan_chip_freeze() (git-fixes).
- can: flexcan: enable RX FIFO after FRZ/HALT valid (git-fixes).
- can: flexcan: flexcan_chip_freeze(): fix chip freeze for missing bitrate
(git-fixes).
- can: flexcan: invoke flexcan_chip_freeze() to enter freeze mode
(git-fixes).
- can: m_can: m_can_do_rx_poll(): fix extraneous msg loss warning
(git-fixes).
- can: peak_usb: Revert "can: peak_usb: add forgotten supported devices"
(git-fixes).
- can: peak_usb: add forgotten supported devices (git-fixes).
- can: skb: can_skb_set_owner(): fix ref counting if socket was closed
before setting skb ownership (git-fixes).
- cdc-acm: fix BREAK rx code path adding necessary calls (git-fixes).
- cdc-wdm: untangle a circular dependency between callback and softint
(git-fixes).
- cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom
(git-fixes).
- cdrom: gdrom: initialize global variable at init time (git-fixes).
- ceph: do not clobber i_snap_caps on non-I_NEW inode (bsc#1186501).
- ceph: do not clobber i_snap_caps on non-I_NEW inode (bsc#1186501).
- ceph: fix inode leak on getattr error in __fh_to_dentry (bsc#1186501).
- ceph: fix inode leak on getattr error in __fh_to_dentry (bsc#1186501).
- ceph: fix up error handling with snapdirs (bsc#1186501).
- ceph: fix up error handling with snapdirs (bsc#1186501).
- ceph: only check pool permissions for regular files (bsc#1186501).
- ceph: only check pool permissions for regular files (bsc#1186501).
- cfg80211: remove WARN_ON() in cfg80211_sme_connect (git-fixes).
- cfg80211: scan: drop entry from hidden_list on overflow (git-fixes).
- ch_ktls: Fix kernel panic (jsc#SLE-15131).
- ch_ktls: do not send snd_una update to TCB in middle (jsc#SLE-15131).
- ch_ktls: fix device connection close (jsc#SLE-15131).
- ch_ktls: fix enum-conversion warning (jsc#SLE-15129).
- ch_ktls: tcb close causes tls connection failure (jsc#SLE-15131).
- cifs: New optype for session operations (bsc#1181507).
- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
- cifs: change noisy error message to FYI (bsc#1181507).
- cifs: check pointer before freeing (bsc#1183534).
- cifs: do not send close in compound create+close requests (bsc#1181507).
- cifs: print MIDs in decimal notation (bsc#1181507).
- cifs: return proper error code in statfs(2) (bsc#1181507).
- cifs_debug: use %pd instead of messing with ->d_name (bsc#1181507).
- clk: exynos7: Mark aclk_fsys1_200 as critical (git-fixes).
- clk: fix invalid usage of list cursor in register (git-fixes).
- clk: fix invalid usage of list cursor in unregister (git-fixes).
- clk: mvebu: armada-37xx-periph: Fix switching CPU freq from 250 Mhz to 1
GHz (git-fixes).
- clk: mvebu: armada-37xx-periph: Fix workaround for switching from L1 to
L0 (git-fixes).
- clk: mvebu: armada-37xx-periph: remove .set_parent method for CPU PM
clock (git-fixes).
- clk: qcom: a53-pll: Add missing MODULE_DEVICE_TABLE (git-fixes).
- clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return
(git-fixes).
- clk: socfpga: fix iomem pointer cast on 64-bit (git-fixes).
- clk: uniphier: Fix potential infinite loop (git-fixes).
- clk: zynqmp: move zynqmp_pll_set_mode out of round_rate callback
(git-fixes).
- completion: Drop init_completion define (git-fixes).
- configfs: fix a use-after-free in __configfs_open_file (git-fixes).
- coresight: etm4x: Fix issues on trcseqevr access (git-fixes).
- coresight: etm4x: Fix save and restore of TRCVMIDCCTLR1 register
(git-fixes).
- coresight: remove broken __exit annotations (git-fixes).
- coresight: tmc-etr: Fix barrier packet insertion for perf buffer
(git-fixes).
- cpufreq: Kconfig: fix documentation links (git-fixes).
- cpufreq: armada-37xx: Fix determining base CPU frequency (git-fixes).
- cpufreq: armada-37xx: Fix driver cleanup when registration failed
(git-fixes).
- cpufreq: armada-37xx: Fix setting TBG parent for load levels (git-fixes).
- cpufreq: armada-37xx: Fix the AVS value for load L1 (git-fixes).
- cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode
(bsc#1185758).
- cpuidle/pseries: Fixup CEDE0 latency only for POWER10 onwards
(bsc#1185550 ltc#192610).
- crypto: api - check for ERR pointers in crypto_destroy_tfm() (git-fixes).
- crypto: arm/curve25519 - Move '.fpu' after '.arch' (git-fixes).
- crypto: chelsio - Read rxchannel-id from firmware (git-fixes).
- crypto: mips/poly1305 - enable for all MIPS processors (git-fixes).
- crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init
(git-fixes).
- crypto: qat - Fix a double free in adf_create_ring (git-fixes).
- crypto: qat - do not release uninitialized resources (git-fixes).
- crypto: qat - fix error path in adf_isr_resource_alloc() (git-fixes).
- crypto: qat - fix unmap invalid dma address (git-fixes).
- crypto: rng - fix crypto_rng_reset() refcounting when !CRYPTO_STATS
(git-fixes).
- crypto: stm32/cryp - Fix PM reference leak on stm32-cryp.c (git-fixes).
- crypto: stm32/hash - Fix PM reference leak on stm32-hash.c (git-fixes).
- crypto: tcrypt - avoid signed overflow in byte count (git-fixes).
- cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in
cxgb4 and ulds (git-fixes).
- cxgb4/chtls/cxgbit: Keeping the max ofld immediate data size same in
cxgb4 and ulds (git-fixes).
- cxgb4: Fix unintentional sign extension issues (git-fixes).
- cxgb4: avoid collecting SGE_QBASE regs during traffic (git-fixes).
- dm era: Fix bitset memory leaks (git-fixes).
- dm era: Recover committed writeset after crash (git-fixes).
- dm era: Reinitialize bitset cache before digesting a new writeset
(git-fixes).
- dm era: Update in-core bitset after committing the metadata (git-fixes).
- dm era: Use correct value size in equality function of writeset tree
(git-fixes).
- dm era: Verify the data block size hasn't changed (git-fixes).
- dm era: only resize metadata in preresume (git-fixes).
- dm integrity: fix error reporting in bitmap mode after creation
(git-fixes).
- dm ioctl: fix error return code in target_message (git-fixes).
- dm mpath: fix racey management of PG initialization (git-fixes).
- dm mpath: switch paths in dm_blk_ioctl() code path (bsc#1167574,
bsc#1175995, bsc#1184485).
- dm raid: fix discard limits for raid1 (git-fixes).
- dm rq: fix double free of blk_mq_tag_set in dev remove after table load
fails (bsc#1185581).
- dm writecache: fix the maximum number of arguments (git-fixes).
- dm writecache: handle DAX to partitions on persistent memory correctly
(git-fixes).
- dm writecache: remove BUG() and fail gracefully instead (git-fixes).
- dm zoned: select CONFIG_CRC32 (git-fixes).
- dm: avoid filesystem lookup in dm_get_dev_t() (git-fixes).
- dm: eliminate potential source of excessive kernel log noise (git-fixes).
- dm: fix bug with RCU locking in dm_blk_report_zones (git-fixes).
- dm: remove invalid sparse __acquires and __releases annotations
(git-fixes).
- dmaengine: Fix a double free in dma_async_device_register (git-fixes).
- dmaengine: dw-edma: Fix crash on loading/unloading driver (git-fixes).
- dmaengine: dw: Make it dependent to HAS_IOMEM (git-fixes).
- dmaengine: idxd: Fix clobbering of SWERR overflow bit on writeback
(git-fixes).
- dmaengine: idxd: Fix potential null dereference on pointer status
(git-fixes).
- dmaengine: idxd: cleanup pci interrupt vector allocation management
(git-fixes).
- dmaengine: idxd: clear MSIX permission entry on shutdown (git-fixes).
- dmaengine: idxd: fix cdev setup and free device lifetime issues
(git-fixes).
- dmaengine: idxd: fix delta_rec and crc size field for completion record
(git-fixes).
- dmaengine: idxd: fix dma device lifetime (git-fixes).
- dmaengine: idxd: fix opcap sysfs attribute output (git-fixes).
- dmaengine: idxd: fix wq cleanup of WQCFG registers (git-fixes).
- dmaengine: idxd: fix wq size store permission state (git-fixes).
- dmaengine: idxd: removal of pcim managed mmio mapping (git-fixes).
- docs: kernel-parameters: Add gpio_mockup_named_lines (git-fixes).
- docs: kernel-parameters: Move gpio-mockup for alphabetic order
(git-fixes).
- dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom
(git-fixes).
- dpaa_eth: Use random MAC address when none is given (bsc#1184811).
- dpaa_eth: copy timestamp fields to new skb in A-050385 workaround
(git-fixes).
- dpaa_eth: fix the RX headroom size alignment (git-fixes).
- dpaa_eth: update the buffer layout for non-A050385 erratum scenarios
(git-fixes).
- drivers: hv: Fix whitespace errors (bsc#1185725).
- drivers: net: xgene: Fix the order of the arguments of
'alloc_etherdev_mqs()' (git-fixes).
- drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
(git-fixes).
- drivers: video: fbcon: fix NULL dereference in fbcon_cursor()
(git-fixes).
- drm/amd/display/dc/dce/dce_aux: Remove duplicate line causing 'field
overwritten' issue (git-fixes).
- drm/amd/display: Check for DSC support instead of ASIC revision
(git-fixes).
- drm/amd/display: Correct algorithm for reversed gamma (git-fixes).
- drm/amd/display: DCHUB underflow counter increasing in some scenarios
(git-fixes).
- drm/amd/display: Do not optimize bandwidth before disabling planes
(git-fixes).
- drm/amd/display: Fix UBSAN warning for not a valid value for type
'_Bool' (git-fixes).
- drm/amd/display: Fix UBSAN: shift-out-of-bounds warning (git-fixes).
- drm/amd/display: Fix debugfs link_settings entry (git-fixes).
- drm/amd/display: Fix nested FPU context in dcn21_validate_bandwidth()
(git-fixes).
- drm/amd/display: Fix off by one in hdmi_14_process_transaction()
(git-fixes).
- drm/amd/display: Fix two cursor duplication when using overlay
(git-fixes).
- drm/amd/display: Force vsync flip when reconfiguring MPCC (git-fixes).
- drm/amd/display: Guard against NULL pointer deref when get_i2c_info
fails (git-fixes).
- drm/amd/display: Initialize attribute for hdcp_srm sysfs file
(git-fixes).
- drm/amd/display: Reject non-zero src_y and src_x for video planes
(git-fixes).
- drm/amd/display: Revert dram_clock_change_latency for DCN2.1 (git-fixes).
- drm/amd/display: Try YCbCr420 color when YCbCr444 fails (git-fixes).
- drm/amd/display: add handling for hdcp2 rx id list validation
(git-fixes).
- drm/amd/display: changing sr exit latency (git-fixes).
- drm/amd/display: fix dml prefetch validation (git-fixes).
- drm/amd/display: fixed divide by zero kernel crash during dsc enablement
(git-fixes).
- drm/amd/display: turn DPMS off on connector unplug (git-fixes).
- drm/amd/pm: fix workload mismatch on vega10 (git-fixes).
- drm/amd/powerplay: fix spelling mistake "smu_state_memroy_block"
(bsc#1152489)
- drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f
(git-fixes).
- drm/amdgpu/display/dm: add missing parameter documentation (git-fixes).
- drm/amdgpu/display: buffer INTERRUPT_LOW_IRQ_CONTEXT interrupt work
(git-fixes).
- drm/amdgpu/display: remove redundant continue statement (git-fixes).
- drm/amdgpu/display: restore AUX_DPHY_TX_CONTROL for DCN2.x (git-fixes).
- drm/amdgpu/display: use GFP_ATOMIC in dcn21_validate_bandwidth_fp()
(git-fixes).
- drm/amdgpu/swsmu: add interrupt work function (git-fixes).
- drm/amdgpu/swsmu: add interrupt work handler for smu11 parts (git-fixes).
- drm/amdgpu: Add additional Sienna Cichlid PCI ID (git-fixes).
- drm/amdgpu: Add check to prevent IH overflow (git-fixes).
- drm/amdgpu: Add mem sync flag for IB allocated by SA (git-fixes).
- drm/amdgpu: Fix GPU TLB update error when PAGE_SIZE > AMDGPU_PAGE_SIZE
(git-fixes).
- drm/amdgpu: Fix some unload driver issues (git-fixes).
- drm/amdgpu: Init GFX10_ADDR_CONFIG for VCN v3 in DPG mode (git-fixes).
- drm/amdgpu: check alignment on CPU page for bo map (git-fixes).
- drm/amdgpu: disable 3DCGCG on picasso/raven1 to avoid compute hang
(git-fixes).
- drm/amdgpu: fb BO should be ttm_bo_type_device (git-fixes).
- drm/amdgpu: fix NULL pointer dereference (git-fixes).
- drm/amdgpu: fix concurrent VM flushes on Vega/Navi v2 (git-fixes).
- drm/amdgpu: fix offset calculation in amdgpu_vm_bo_clear_mappings()
(git-fixes).
- drm/amdgpu: fix parameter error of RREG32_PCIE() in amdgpu_regs_pcie
(git-fixes).
- drm/amdgpu: mask the xgmi number of hops reported from psp to kfd
(git-fixes).
- drm/amdgpu: remove unused variable from struct amdgpu_bo (git-fixes).
- drm/amdgpu: update gc golden setting for Navi12 (git-fixes).
- drm/amdgpu: update sdma golden setting for Navi12 (git-fixes).
- drm/amdkfd: Fix UBSAN shift-out-of-bounds warning (git-fixes).
- drm/amdkfd: Fix cat debugfs hang_hws file causes system crash bug
(git-fixes).
- drm/amdkfd: Put ACPI table after using it (bsc#1152489) Backporting
notes: * context changes
- drm/amdkfd: dqm fence memory corruption (git-fixes).
- drm/amdkfd: fix build error with AMD_IOMMU_V2=m (git-fixes).
- drm/ast: AST2500 fixups (bsc#1174416).
- drm/ast: AST2500 fixups (bsc#1174416).
- drm/ast: Add 25MHz refclk support (bsc#1174416).
- drm/ast: Add 25MHz refclk support (bsc#1174416).
- drm/ast: Add support for 1152x864 mode (bsc#1174416).
- drm/ast: Add support for 1152x864 mode (bsc#1174416).
- drm/ast: Add support for AIP200 (bsc#1174416).
- drm/ast: Add support for AIP200 (bsc#1174416).
- drm/ast: Correct mode table for AST2500 precatch (bsc#1174416).
- drm/ast: Correct mode table for AST2500 precatch (bsc#1174416).
- drm/ast: Disable VGA decoding while driver is active (bsc#1174416).
- drm/ast: Disable VGA decoding while driver is active (bsc#1174416).
- drm/ast: Disable screen on register init (bsc#1174416).
- drm/ast: Disable screen on register init (bsc#1174416).
- drm/ast: Fix P2A config detection (bsc#1174416).
- drm/ast: Fix P2A config detection (bsc#1174416).
- drm/ast: Fix invalid usage of AST_MAX_HWC_WIDTH in cursor atomic_check
(git-fixes).
- drm/ast: Fix register access in non-P2A mode for DP501 (bsc#1174416).
- drm/ast: Fix register access in non-P2A mode for DP501 (bsc#1174416).
- drm/ast: Keep MISC fields when enabling VGA (bsc#1174416).
- drm/ast: Keep MISC fields when enabling VGA (bsc#1174416).
- drm/ast: drm/ast: Fix boot address for AST2500 (bsc#1174416).
- drm/ast: drm/ast: Fix boot address for AST2500 (bsc#1174416).
- drm/compat: Clear bounce structures (git-fixes).
- drm/dp_mst: Revise broadcast msg lct & lcr (git-fixes).
- drm/dp_mst: Set CLEAR_PAYLOAD_ID_TABLE as broadcast (git-fixes).
- drm/hisilicon: Fix use-after-free (git-fixes).
- drm/i915/display: fix compiler warning about array overrun (git-fixes).
- drm/i915/gt: Clear CACHE_MODE prior to clearing residuals (git-fixes).
- drm/i915/gt: Disable HiZ Raw Stall Optimization on broken gen7
(git-fixes).
- drm/i915/gvt: Fix error code in intel_gvt_init_device() (git-fixes).
- drm/i915/gvt: Set SNOOP for PAT3 on BXT/APL to workaround GPU BB hang
(git-fixes).
- drm/i915/overlay: Fix active retire callback alignment (git-fixes).
- drm/i915/selftests: Fix some error codes (git-fixes).
- drm/i915: Avoid div-by-zero on gen2 (git-fixes).
- drm/i915: Fix ICL MG PHY vswing handling (git-fixes).
- drm/i915: Fix crash in auto_retire (git-fixes).
- drm/i915: Fix invalid access to ACPI _DSM objects (bsc#1184074).
- drm/i915: Hold onto an explicit ref to i915_vma_work.pinned (git-fixes).
- drm/i915: Read C0DRB3/C1DRB3 as 16 bits again (git-fixes).
- drm/i915: Wedge the GPU if command parser setup fails (git-fixes).
- drm/imx: imx-ldb: fix out of bounds array access warning (git-fixes).
- drm/ingenic: Fix non-OSD mode (git-fixes).
- drm/ingenic: Register devm action to cleanup encoders (git-fixes).
- drm/komeda: Fix bit check to import to value of proper type (git-fixes).
- drm/lima: fix reference leak in lima_pm_busy (git-fixes).
- drm/mcde/panel: Inverse misunderstood flag (git-fixes).
- drm/mediatek: Fix aal size config (bsc#1152489) Backporting notes: *
replaced mtk_ddp_write() with writel()
- drm/meson: fix shutdown crash when component not probed (git-fixes).
- drm/msm/a5xx: Remove overwriting A5XX_PC_DBG_ECO_CNTL register
(git-fixes).
- drm/msm/adreno: a5xx_power: Do not apply A540 lm_setup to other GPUs
(git-fixes).
- drm/msm/gem: Add obj->lock wrappers (bsc#1152489) Backporting notes: *
taken for 9b73bde39cf2 ("drm/msm: Fix use-after-free in msm_gem with
carveout") * context changes
- drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal (git-fixes).
- drm/msm/mdp5: Do not multiply vclk line count by 100 (git-fixes).
- drm/msm: Fix WARN_ON() splat in _free_object() (bsc#1152489) Backporting
notes: * context changes
- drm/msm: Fix a5xx/a6xx timestamps (git-fixes).
- drm/msm: Fix races managing the OOB state for timestamp vs (bsc#1152489)
Backporting notes: * context changes
- drm/msm: Fix suspend/resume on i.MX5 (git-fixes).
- drm/msm: Fix use-after-free in msm_gem with carveout (bsc#1152489)
Backporting notes: * context changes
- drm/msm: Ratelimit invalid-fence message (git-fixes).
- drm/msm: Set drvdata to NULL when msm_drm_init() fails (git-fixes).
- drm/msm: fix shutdown hook in case GPU components failed to bind
(git-fixes).
- drm/nouveau/kms/nv50-: Get rid of bogus nouveau_conn_mode_valid()
(git-fixes).
- drm/nouveau: bail out of nouveau_channel_new if channel init fails
(bsc#1152489)
- drm/omap: fix misleading indentation in pixinc() (git-fixes).
- drm/panfrost: Clear MMU irqs before handling the fault (git-fixes).
- drm/panfrost: Do not corrupt the queue mutex on open/close (bsc#1152472)
Backporting notes: * context changes
- drm/panfrost: Do not try to map pages that are already mapped
(git-fixes).
- drm/panfrost: Fix job timeout handling (bsc#1152472) Backporting notes:
* context changes
- drm/panfrost: Remove unused variables in panfrost_job_close()
(bsc#1152472)
- drm/probe-helper: Check epoch counter in output_poll_execute()
(git-fixes).
- drm/qxl: do not run release if qxl failed to init (git-fixes).
- drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz
monitors are connected (git-fixes).
- drm/radeon: Avoid power table parsing memory leaks (git-fixes).
- drm/radeon: Fix a missing check bug in radeon_dp_mst_detect()
(git-fixes).
- drm/radeon: Fix off-by-one power_state index heap overwrite (git-fixes).
- drm/radeon: fix AGP dependency (git-fixes).
- drm/radeon: fix copy of uninitialized variable back to userspace
(git-fixes).
- drm/shmem-helper: Check for purged buffers in fault handler (git-fixes).
- drm/shmem-helper: Do not remove the offset in vm_area_struct pgoff
(git-fixes).
- drm/shmem-helpers: vunmap: Do not put pages for dma-buf (git-fixes).
- drm/sun4i: tcon: fix inverted DCLK polarity (bsc#1152489) Backporting
notes: * context changes
- drm/tegra: Fix reference leak when pm_runtime_get_sync() fails
(git-fixes).
- drm/tegra: dc: Do not set PLL clock to 0Hz (git-fixes).
- drm/tegra: dc: Restore coupling of display controllers (git-fixes).
- drm/tegra: sor: Grab runtime PM reference across reset (git-fixes).
- drm/tilcdc: send vblank event when disabling crtc (git-fixes).
- drm/vc4: crtc: Reduce PV fifo threshold on hvs4 (git-fixes).
- drm/vc4: hdmi: Restore cec physical address on reconnect (bsc#1152472)
Backporting notes: * context changes * change vc4_hdmi to vc4->hdmi *
removed references to encoder->hdmi_monitor
- drm/vkms: fix misuse of WARN_ON (git-fixes).
- drm: Added orientation quirk for OneGX1 Pro (git-fixes).
- drm: meson_drv add shutdown function (git-fixes).
- drm: rcar-du: Fix PM reference leak in rcar_cmm_enable() (git-fixes).
- drm: rcar-du: Fix crash when using LVDS1 clock for CRTC (bsc#1152489)
Backporting notes: * context changes
- drm: rcar-du: Fix leak of CMM platform device reference (git-fixes).
- drm: xlnx: zynqmp: fix a memset in zynqmp_dp_train() (git-fixes).
- e1000e: Fix duplicate include guard (git-fixes).
- e1000e: Fix error handling in e1000_set_d0_lplu_state_82571 (git-fixes).
- e1000e: add rtnl_lock() to e1000_reset_task (git-fixes).
- efi: use 32-bit alignment for efi_guid_t literals (git-fixes).
- enetc: Fix reporting of h/w packet counters (git-fixes).
- enetc: Let the hardware auto-advance the taprio base-time of 0
(git-fixes).
- enetc: Workaround for MDIO register access issue (git-fixes).
- epoll: check for events when removing a timed out thread from the wait
queue (git-fixes).
- ethernet/netronome/nfp: Fix a use after free in nfp_bpf_ctrl_msg_rx
(git-fixes).
- ethernet: alx: fix order of calls on resume (git-fixes).
- ethernet:enic: Fix a use after free bug in enic_hard_start_xmit
(git-fixes).
- ethtool: fix incorrect datatype in set_eee ops (bsc#1176447).
- ethtool: fix missing NLM_F_MULTI flag when dumping (bsc#1176447).
- ethtool: pause: make sure we init driver stats (jsc#SLE-15075).
- exec: Move would_dump into flush_old_exec (git-fixes).
- ext4: do not try to set xattr into ea_inode if value is empty
(bsc#1184730).
- ext4: find old entry again if failed to rename whiteout (bsc#1184742).
- ext4: fix potential error in ext4_do_update_inode (bsc#1184731).
- ext4: fix potential htree index checksum corruption (bsc#1184728).
- extcon: Add stubs for extcon_register_notifier_all() functions
(git-fixes).
- extcon: Fix error handling in extcon_dev_register (git-fixes).
- extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has
been unplugged (git-fixes).
- extcon: arizona: Fix various races on driver unbind (git-fixes).
- fbdev: zero-fill colormap in fbcmap.c (git-fixes).
- fbmem: add margin check to fb_check_caps() (git-fixes).
- firmware/efi: Fix a use after bug in efi_mem_reserve_persistent
(git-fixes).
- firmware: arm_scpi: Prevent the ternary sign expansion bug (git-fixes).
- firmware: qcom-scm: Fix QCOM_SCM configuration (git-fixes).
- firmware: qcom_scm: Fix kernel-doc function names to match (git-fixes).
- firmware: qcom_scm: Make __qcom_scm_is_call_available() return bool
(git-fixes).
- firmware: qcom_scm: Reduce locking section for __get_convention()
(git-fixes).
- firmware: qcom_scm: Workaround lack of "is available" call on SC7180
(git-fixes).
- flow_dissector: fix byteorder of dissected ICMP ID (bsc#1154353).
- fnic: use scsi_host_busy_iter() to traverse commands (bsc#1179851).
- fotg210-udc: Complete OUT requests on short packets (git-fixes).
- fotg210-udc: Do not DMA more than the buffer can take (git-fixes).
- fotg210-udc: Fix DMA on EP0 for length > max packet size (git-fixes).
- fotg210-udc: Fix EP0 IN requests bigger than two packets (git-fixes).
- fotg210-udc: Mask GRP2 interrupts we do not handle (git-fixes).
- fotg210-udc: Remove a dubious condition leading to fotg210_done
(git-fixes).
- fs/epoll: restore waking from ep_done_scan() (bsc#1183868).
- fs/jfs: fix potential integer overflow on shift of a int (bsc#1184741).
- fs: direct-io: fix missing sdio->boundary (bsc#1184736).
- fsl/fman: check dereferencing null pointer (git-fixes).
- fsl/fman: fix dereference null return value (git-fixes).
- fsl/fman: fix eth hash table allocation (git-fixes).
- fsl/fman: fix unreachable code (git-fixes).
- fsl/fman: reuse set_mac_address() in dtsec init() (bsc#1184811).
- fsl/fman: tolerate missing MAC address in device tree (bsc#1184811).
- fsl/fman: use 32-bit unsigned integer (git-fixes).
- ftrace/x86: Tell objtool to ignore nondeterministic ftrace stack layout
(bsc#1177028).
- ftrace: Fix modify_ftrace_direct (bsc#1177028).
- ftrace: Handle commands when closing set_ftrace_filter file (git-fixes).
- fuse: fix bad inode (bsc#1184211).
- fuse: fix bad inode (bsc#1184211).
- fuse: fix live lock in fuse_iget() (bsc#1184211).
- fuse: fix live lock in fuse_iget() (bsc#1184211).
- fuse: fix write deadlock (bsc#1185573).
- fuse: verify write return (git-fixes).
- futex: Change utime parameter to be 'const ... *' (git-fixes).
- futex: Do not apply time namespace adjustment on FUTEX_LOCK_PI
(bsc#1164648).
- futex: Get rid of the val2 conditional dance (git-fixes).
- futex: Make syscall entry points less convoluted (git-fixes).
- gcc-plugins: drop support for GCC <= 4.7 (bcs#1181862).
- gcc-plugins: make it possible to disable CONFIG_GCC_PLUGINS again
(bcs#1181862).
- gcc-plugins: simplify GCC plugin-dev capability test (bsc#1181862).
- geneve: do not modify the shared tunnel info when PMTU triggers an ICMP
reply (bsc#1176447).
- geneve: do not modify the shared tunnel info when PMTU triggers an ICMP
reply (git-fixes).
- genirq/irqdomain: Do not try to free an interrupt that has no (git-fixes)
- genirq: Disable interrupts for force threaded handlers (git-fixes)
- genirq: Reduce irqdebug cacheline bouncing (bsc#1185703 ltc#192641).
- gianfar: Account for Tx PTP timestamp in the skb headroom (git-fixes).
- gianfar: Fix TX timestamping with a stacked DSA driver (git-fixes).
- gianfar: Handle error code at MAC address change (git-fixes).
- gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP
(git-fixes).
- gpio: omap: Save and restore sysconfig (git-fixes).
- gpio: pca953x: Set IRQ type when handle Intel Galileo Gen 2 (git-fixes).
- gpio: sysfs: Obey valid_mask (git-fixes).
- gpio: xilinx: Correct kernel doc for xgpio_probe() (git-fixes).
- gpio: zynq: fix reference leak in zynq_gpio functions (git-fixes).
- gpiolib: Do not free if pin ranges are not defined (git-fixes).
- gpiolib: acpi: Add missing IRQF_ONESHOT (git-fixes).
- gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055
(git-fixes).
- gpu/xen: Fix a use after free in xen_drm_drv_init (git-fixes).
- hrtimer: Update softirq_expires_next correctly after (git-fixes)
- hv_netvsc: Reset the RSC count if NVSP_STAT_FAIL in netvsc_receive()
(git-fixes).
- hwmon: (ina3221) Fix PM usage counter unbalance in ina3221_write_enable
(git-fixes).
- hwmon: (occ) Fix poll rate limiting (git-fixes).
- i2c: Add I2C_AQ_NO_REP_START adapter quirk (git-fixes).
- i2c: bail out early when RDWR parameters are wrong (git-fixes).
- i2c: cadence: add IRQ check (git-fixes).
- i2c: emev2: add IRQ check (git-fixes).
- i2c: i801: Do not generate an interrupt on bus reset (git-fixes).
- i2c: img-scb: fix reference leak when pm_runtime_get_sync fails
(git-fixes).
- i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
(git-fixes).
- i2c: jz4780: add IRQ check (git-fixes).
- i2c: mlxbf: add IRQ check (git-fixes).
- i2c: omap: fix reference leak when pm_runtime_get_sync fails (git-fixes).
- i2c: rcar: faster irq code to minimize HW race condition (git-fixes).
- i2c: rcar: optimize cacheline to minimize HW race condition (git-fixes).
- i2c: s3c2410: fix possible NULL pointer deref on read message after
write (git-fixes).
- i2c: sh7760: add IRQ check (git-fixes).
- i2c: sh7760: fix IRQ error path (git-fixes).
- i2c: sh_mobile: Use new clock calculation formulas for RZ/G2E
(git-fixes).
- i2c: sprd: fix reference leak when pm_runtime_get_sync fails (git-fixes).
- i2c: tegra: Add missing pm_runtime_put() (bsc#1184386).
- i2c: tegra: Check errors for both positive and negative values
(bsc#1184386).
- i2c: tegra: Clean up and improve comments (bsc#1184386).
- i2c: tegra: Clean up printk messages (bsc#1184386).
- i2c: tegra: Clean up probe function (bsc#1184386).
- i2c: tegra: Clean up variable names (bsc#1184386).
- i2c: tegra: Clean up variable types (bsc#1184386).
- i2c: tegra: Clean up whitespaces, newlines and indentation (bsc#1184386).
- i2c: tegra: Create i2c_writesl_vi() to use with VI I2C for filling TX
FIFO (bsc#1184386).
- i2c: tegra: Factor out error recovery from tegra_i2c_xfer_msg()
(bsc#1184386).
- i2c: tegra: Factor out hardware initialization into separate function
(bsc#1184386).
- i2c: tegra: Factor out packet header setup from tegra_i2c_xfer_msg()
(bsc#1184386).
- i2c: tegra: Factor out register polling into separate function
(bsc#1184386).
- i2c: tegra: Handle potential error of tegra_i2c_flush_fifos()
(bsc#1184386).
- i2c: tegra: Improve driver module description (bsc#1184386).
- i2c: tegra: Improve formatting of variables (bsc#1184386).
- i2c: tegra: Initialize div-clk rate unconditionally (bsc#1184386).
- i2c: tegra: Make tegra_i2c_flush_fifos() usable in atomic transfer
(bsc#1184386).
- i2c: tegra: Mask interrupt in tegra_i2c_issue_bus_clear() (bsc#1184386).
- i2c: tegra: Move out all device-tree parsing into tegra_i2c_parse_dt()
(bsc#1184386).
- i2c: tegra: Remove "dma" variable from tegra_i2c_xfer_msg()
(bsc#1184386).
- i2c: tegra: Remove error message used for devm_request_irq() failure
(bsc#1184386).
- i2c: tegra: Remove i2c_dev.clk_divisor_non_hs_mode member (bsc#1184386).
- i2c: tegra: Remove likely/unlikely from the code (bsc#1184386).
- i2c: tegra: Remove outdated barrier() (bsc#1184386).
- i2c: tegra: Remove redundant check in tegra_i2c_issue_bus_clear()
(bsc#1184386).
- i2c: tegra: Rename wait/poll functions (bsc#1184386).
- i2c: tegra: Reorder location of functions in the code (bsc#1184386).
- i2c: tegra: Runtime PM always available on Tegra (bsc#1184386).
- i2c: tegra: Use clk-bulk helpers (bsc#1184386).
- i2c: tegra: Use devm_platform_get_and_ioremap_resource() (bsc#1184386).
- i2c: tegra: Use platform_get_irq() (bsc#1184386).
- i2c: tegra: Use reset_control_reset() (bsc#1184386).
- i2c: tegra: Use threaded interrupt (bsc#1184386).
- i2c: tegra: Wait for config load atomically while in ISR (bsc#1184386).
- i40e: Add zero-initialization of AQ command structures (git-fixes).
- i40e: Added Asym_Pause to supported link modes (git-fixes).
- i40e: Fix PHY type identifiers for 2.5G and 5G adapters (git-fixes).
- i40e: Fix add TC filter for IPv6 (git-fixes).
- i40e: Fix addition of RX filters after enabling FW LLDP agent
(git-fixes).
- i40e: Fix display statistics for veb_tc (git-fixes).
- i40e: Fix endianness conversions (git-fixes).
- i40e: Fix flow for IPv6 next header (extension header) (git-fixes).
- i40e: Fix kernel oops when i40e driver removes VF's (git-fixes).
- i40e: Fix overwriting flow control settings during driver loading
(git-fixes).
- i40e: Fix parameters in aq_get_phy_register() (jsc#SLE-8025).
- i40e: Fix sparse error: 'vsi->netdev' could be null (jsc#SLE-8025).
- i40e: Fix sparse error: uninitialized symbol 'ring' (jsc#SLE-13701).
- i40e: Fix sparse errors in i40e_txrx.c (git-fixes).
- i40e: Fix sparse errors in i40e_txrx.c (git-fixes).
- i40e: Fix sparse warning: missing error code 'err' (git-fixes).
- i40e: Fix use-after-free in i40e_client_subtask() (git-fixes).
- i40e: fix broken XDP support (git-fixes).
- i40e: fix the panic when running bpf in xdpdrv mode (git-fixes).
- i40e: fix the restart auto-negotiation after FEC modified (git-fixes).
- i915/perf: Start hrtimer only if sampling the OA buffer (git-fixes).
- iavf: Fix incorrect adapter get in iavf_resume (git-fixes).
- iavf: use generic power management (git-fixes).
- ibmvfc: Avoid move login if fast fail is enabled (bsc#1185938
ltc#192043).
- ibmvfc: Handle move login failure (bsc#1185938 ltc#192043).
- ibmvfc: Reinit target retries (bsc#1185938 ltc#192043).
- ibmvnic: add comments for spinlock_t definitions (bsc#1183871
ltc#192139).
- ibmvnic: avoid calling napi_disable() twice (bsc#1065729).
- ibmvnic: avoid multiple line dereference (bsc#1183871 ltc#192139).
- ibmvnic: clean up the remaining debugfs data structures (bsc#1065729).
- ibmvnic: correctly use dev_consume/free_skb_irq (jsc#SLE-17268
jsc#SLE-17043 bsc#1179243 ltc#189290 git-fixes).
- ibmvnic: fix block comments (bsc#1183871 ltc#192139).
- ibmvnic: fix braces (bsc#1183871 ltc#192139).
- ibmvnic: fix miscellaneous checks (bsc#1183871 ltc#192139).
- ibmvnic: improve failover sysfs entry (bsc#1043990 ltc#155681 git-fixes).
- ibmvnic: merge do_change_param_reset into do_reset (bsc#1183871
ltc#192139).
- ibmvnic: prefer 'unsigned long' over 'unsigned long int' (bsc#1183871
ltc#192139).
- ibmvnic: prefer strscpy over strlcpy (bsc#1183871 ltc#192139).
- ibmvnic: print adapter state as a string (bsc#1152457 ltc#174432
git-fixes).
- ibmvnic: print reset reason as a string (bsc#1152457 ltc#174432
git-fixes).
- ibmvnic: queue reset work in system_long_wq (bsc#1152457 ltc#174432
git-fixes).
- ibmvnic: remove default label from to_string switch (bsc#1152457
ltc#174432 git-fixes).
- ibmvnic: remove duplicate napi_schedule call in do_reset function
(bsc#1065729).
- ibmvnic: remove duplicate napi_schedule call in open function
(bsc#1065729).
- ibmvnic: remove unnecessary rmb() inside ibmvnic_poll (bsc#1183871
ltc#192139).
- ibmvnic: remove unused spinlock_t stats_lock definition (bsc#1183871
ltc#192139).
- ibmvnic: rework to ensure SCRQ entry reads are properly ordered
(bsc#1183871 ltc#192139).
- ice: Account for port VLAN in VF max packet size calculation (git-fixes).
- ice: Account for port VLAN in VF max packet size calculation (git-fixes).
- ice: Cleanup fltr list in case of allocation issues (git-fixes).
- ice: Continue probe on link/PHY errors (jsc#SLE-12878).
- ice: Fix for dereference of NULL pointer (git-fixes).
- ice: Increase control queue timeout (git-fixes).
- ice: Use port number instead of PF ID for WoL (jsc#SLE-12878).
- ice: fix memory allocation call (jsc#SLE-12878).
- ice: fix memory leak if register_netdev_fails (git-fixes).
- ice: fix memory leak in ice_vsi_setup (git-fixes).
- ice: fix memory leak of aRFS after resuming from suspend (jsc#SLE-12878).
- ice: prevent ice_open and ice_stop during reset (git-fixes).
- ice: remove DCBNL_DEVRESET bit from PF state (jsc#SLE-7926).
- ics932s401: fix broken handling of errors when word reading fails
(git-fixes).
- igb: Fix duplicate include guard (git-fixes).
- igb: XDP extack message on error (jsc#SLE-13536).
- igb: XDP xmit back fix error code (jsc#SLE-13536).
- igb: avoid premature Rx buffer reuse (jsc#SLE-13536).
- igb: avoid transmit queue timeout in xdp path (jsc#SLE-13536).
- igb: check timestamp validity (git-fixes).
- igb: skb add metasize for xdp (jsc#SLE-13536).
- igb: take VLAN double header into account (jsc#SLE-13536).
- igb: use xdp_do_flush (jsc#SLE-13536).
- igc: Fix Pause Frame Advertising (git-fixes).
- igc: Fix Supported Pause Frame Link Setting (git-fixes).
- igc: Fix igc_ptp_rx_pktstamp() (bsc#1160634).
- igc: Fix igc_ptp_rx_pktstamp() (bsc#1160634).
- igc: reinit_locked() should be called with rtnl_lock (git-fixes).
- igc: reinit_locked() should be called with rtnl_lock (git-fixes).
- iio: adc: ad7124: Fix missbalanced regulator enable / disable on error
(git-fixes).
- iio: adc: ad7124: Fix potential overflow due to non sequential channel
numbers (git-fixes).
- iio: adc: ad7768-1: Fix too small buffer passed to
iio_push_to_buffers_with_timestamp() (git-fixes).
- iio: adc: ad7793: Add missing error code in ad7793_setup() (git-fixes).
- iio: adc: ad7949: fix wrong ADC result due to incorrect bit mask
(git-fixes).
- iio: adis16400: Fix an error code in adis16400_initial_setup()
(git-fixes).
- iio: gyro: fxas21002c: balance runtime power in error path (git-fixes).
- iio: gyro: mpu3050: Fix error handling in mpu3050_trigger_handler
(git-fixes).
- iio: gyro: mpu3050: Fix reported temperature value (git-fixes).
- iio: hid-sensor-humidity: Fix alignment issue of timestamp channel
(git-fixes).
- iio: hid-sensor-prox: Fix scale not correct issue (git-fixes).
- iio: hid-sensor-temperature: Fix issues of timestamp channel (git-fixes).
- iio: proximity: pulsedlight: Fix rumtime PM imbalance on error
(git-fixes).
- iio: tsl2583: Fix division by a zero lux_val (git-fixes).
- iio:accel:adis16201: Fix wrong axis assignment that prevents loading
(git-fixes).
- iio:adc:qcom-spmi-vadc: add default scale to LR_MUX2_BAT_ID channel
(git-fixes).
- ima: Free IMA measurement buffer after kexec syscall (git-fixes).
- include/linux/sched/mm.h: use rcu_dereference in in_vfork() (git-fixes).
- intel_th: Consistency and off-by-one fix (git-fixes).
- intel_th: pci: Add Alder Lake-M support (git-fixes).
- intel_th: pci: Add Rocket Lake CPU support (git-fixes).
- interconnect: core: fix error return code of icc_link_destroy()
(git-fixes).
- iommu/amd: Add support for map/unmap_resource (jsc#ECO-3482).
- iommu/amd: Fix sleeping in atomic in increase_address_space()
(bsc#1183277).
- iommu/amd: Fix sleeping in atomic in increase_address_space()
(bsc#1183310).
- iommu/intel: Fix memleak in intel_irq_remapping_alloc (bsc#1183278).
- iommu/intel: Fix memleak in intel_irq_remapping_alloc (bsc#1183312).
- iommu/qcom: add missing put_device() call in qcom_iommu_of_xlate()
(bsc#1183313).
- iommu/qcom: add missing put_device() call in qcom_iommu_of_xlate()
(bsc#1183637).
- iommu/vt-d: Add get_domain_info() helper (bsc#1183279).
- iommu/vt-d: Avoid panic if iommu init fails in tboot system
(bsc#1183280).
- iommu/vt-d: Avoid panic if iommu init fails in tboot system
(bsc#1183315).
- iommu/vt-d: Correctly check addr alignment in qi_flush_dev_iotlb_pasid()
(bsc#1183281).
- iommu/vt-d: Correctly check addr alignment in qi_flush_dev_iotlb_pasid()
(bsc#1183316).
- iommu/vt-d: Do not use flush-queue when caching-mode is on (bsc#1183282).
- iommu/vt-d: Do not use flush-queue when caching-mode is on (bsc#1183317).
- iommu/vt-d: Fix general protection fault in aux_detach_device()
(bsc#1183283).
- iommu/vt-d: Fix general protection fault in aux_detach_device()
(bsc#1183318).
- iommu/vt-d: Fix ineffective devTLB invalidation for subdevices
(bsc#1183284).
- iommu/vt-d: Fix ineffective devTLB invalidation for subdevices
(bsc#1183319).
- iommu/vt-d: Fix status code for Allocate/Free PASID command
(bsc#1183320).
- iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev()
(bsc#1183285).
- iommu/vt-d: Fix unaligned addresses for intel_flush_svm_range_dev()
(bsc#1183321).
- iommu/vt-d: Move intel_iommu info from struct intel_svm to struct
intel_svm_dev (bsc#1183286).
- iommu/vt-d: Move intel_iommu info from struct intel_svm to struct
intel_svm_dev (bsc#1183322).
- iommu/vt-d: Use device numa domain if RHSA is missing (bsc#1184585).
- iommu: Check dev->iommu in dev_iommu_priv_get() before dereferencing it
(bsc#1183311).
- iommu: Switch gather->end to the inclusive end (bsc#1183314).
- ionic: linearize tso skb with too many frags (bsc#1167773).
- ionic: linearize tso skb with too many frags (bsc#1167773).
- iopoll: introduce read_poll_timeout macro (git-fixes).
- ipc/mqueue, msg, sem: Avoid relying on a stack reference past its expiry
(bsc#1185988).
- ipmi/watchdog: Stop watchdog timer when the current action is 'none'
(bsc#1184855).
- ipw2x00: potential buffer overflow in libipw_wx_set_encodeext()
(git-fixes).
- irqchip/ls-extirq: Add LS1043A, LS1088A external interrupt support
(bsc#1184264).
- irqchip/ls-extirq: Add LS1043A, LS1088A external interrupt support
(bsc#1185233).
- irqchip/ls-extirq: add IRQCHIP_SKIP_SET_WAKE to the irqchip flags
(bsc#1184264).
- irqchip/ls-extirq: add IRQCHIP_SKIP_SET_WAKE to the irqchip flags
(bsc#1185233).
- irqchip: Add support for Layerscape external interrupt lines
(bsc#1185233).
- isofs: release buffer head before return (bsc#1182613).
- iwlwifi: add support for Qu with AX201 device (git-fixes).
- iwlwifi: pcie: make cfg vs. trans_cfg more robust (git-fixes).
- ixgbe: fail to create xfrm offload of IPsec tunnel mode SA (git-fixes).
- ixgbe: fix unbalanced device enable/disable in suspend/resume
(jsc#SLE-13706).
- jffs2: fix use after free in jffs2_sum_write_data() (bsc#1184740).
- kABI: Fix kABI caused by fixes for bsc#1174426 (bsc#1174426).
- kABI: cover up change in struct kvm_arch (bsc#1184969).
- kABI: powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- kABI: powerpc/pseries: Add shutdown() to vio_driver and vio_bus
(bsc#1184209 ltc#190917).
- kABI: repair after "nVMX: Properly handle userspace interrupt window
request"
- kbuild: Fail if gold linker is detected (bcs#1181862).
- kbuild: add dummy toolchains to enable all cc-option etc. in Kconfig
(bcs#1181862).
- kbuild: change *FLAGS_<basetarget>.o to take the path relative to
$(obj) (bcs#1181862).
- kbuild: dummy-tools, fix inverted tests for gcc (bcs#1181862).
- kbuild: dummy-tools, support MPROFILE_KERNEL checks for ppc
(bsc#1181862).
- kbuild: improve cc-option to clean up all temporary files (bsc#1178330).
- kbuild: include scripts/Makefile.* only when relevant CONFIG is enabled
(bcs#1181862).
- kbuild: simplify GCC_PLUGINS enablement in dummy-tools/gcc (bcs#1181862).
- kbuild: stop filtering out $(GCC_PLUGINS_CFLAGS) from cc-option base
(bcs#1181862).
- kbuild: use -S instead of -E for precise cc-option test in Kconfig
(bsc#1178330).
- kconfig: introduce m32-flag and m64-flag (bcs#1181862).
- kernel-docs.spec.in: Build using an utf-8 locale. Sphinx cannot handle
UTF-8 input in non-UTF-8 locale.
- kernel/smp: make csdlock timeout depend on boot parameter (bsc#1180846).
- kvm: svm: Update svm_xsaves_supported (jsc#SLE-13573).
- kvm: x86: Enumerate support for CLZERO instruction (jsc#SLE-13573).
- leds: lp5523: check return value of lp5xx_read and jump to cleanup code
(git-fixes).
- lib/syscall: fix syscall registers retrieval on 32-bit platforms
(git-fixes).
- libbpf: Add explicit padding to bpf_xdp_set_link_opts (bsc#1177028).
- libbpf: Add explicit padding to btf_dump_emit_type_decl_opts
(bsc#1177028).
- libbpf: Clear map_info before each bpf_obj_get_info_by_fd (bsc#1155518).
- libbpf: Fix BTF dump of pointer-to-array-of-struct (bsc#1155518).
- libbpf: Fix INSTALL flag order (bsc#1155518).
- libbpf: Fix bail out from 'ringbuf_process_ring()' on error
(bsc#1177028).
- libbpf: Fix error path in bpf_object__elf_init() (bsc#1177028).
- libbpf: Fix signed overflow in ringbuf_process_ring (bsc#1177028).
- libbpf: Initialize the bpf_seq_printf parameters array field by field
(bsc#1177028).
- libbpf: Only create rx and tx XDP rings when necessary (bsc#1155518).
- libbpf: Use SOCK_CLOEXEC when opening the netlink socket (bsc#1155518).
- libnvdimm/label: Return -ENXIO for no slot in __blk_label_update
(bsc#1185269).
- libnvdimm/namespace: Fix reaping of invalidated block-window-namespace
labels (bsc#1185269).
- libnvdimm/region: Fix nvdimm_has_flush() to handle ND_REGION_ASYNC
(bsc#1184969 git-fixes).
- libnvdimm/security: ensure sysfs poll thread woke up and fetch updated
attr (git-fixes).
- liquidio: Fix unintented sign extension of a left shift of a u16
(git-fixes).
- locking/mutex: Fix non debug version of mutex_lock_io_nested()
(git-fixes).
- locking/qrwlock: Fix ordering in queued_write_lock_slowpath()
(bsc#1185041).
- lpfc: Decouple port_template and vport_template (bsc#185032).
- mISDN: fix crash in fritzpci (git-fixes).
- mac80211: Allow HE operation to be longer than expected (git-fixes).
- mac80211: bail out if cipher schemes are invalid (git-fixes).
- mac80211: choose first enabled channel for monitor (git-fixes).
- mac80211: clear sta->fast_rx when STA removed from 4-addr VLAN
(git-fixes).
- mac80211: clear the beacon's CRC after channel switch (git-fixes).
- mac80211: fix TXQ AC confusion (git-fixes).
- mac80211: fix double free in ibss_leave (git-fixes).
- mac80211: fix rate mask reset (git-fixes).
- macvlan: macvlan_count_rx() needs to be aware of preemption (git-fixes).
- md-cluster: fix use-after-free issue when removing rdev (bsc#1184082).
- md/raid1: properly indicate failure when ending a failed write request
(bsc#1185680).
- md: do not flush workqueue unconditionally in md_open (bsc#1184081).
- md: factor out a mddev_find_locked helper from mddev_find (bsc#1184081).
- md: md_open returns -EBUSY when entering racing area (bsc#1184081).
- md: split mddev_find (bsc#1184081).
- mdio: fix mdio-thunder.c dependency & build error (git-fixes).
- media: adv7604: fix possible use-after-free in adv76xx_remove()
(git-fixes).
- media: cros-ec-cec: do not bail on device_init_wakeup failure
(git-fixes).
- media: cx23885: add more quirks for reset DMA on some AMD IOMMU
(git-fixes).
- media: drivers: media: pci: sta2x11: fix Kconfig dependency on GPIOLIB
(git-fixes).
- media: dvb-usb: fix memory leak in dvb_usb_adapter_init (git-fixes).
- media: dvbdev: Fix memory leak in dvb_media_device_free() (git-fixes).
- media: em28xx: fix memory leak (git-fixes).
- media: gspca/sq905.c: fix uninitialized variable (git-fixes).
- media: i2c: adv7511-v4l2: fix possible use-after-free in
adv7511_remove() (git-fixes).
- media: i2c: adv7842: fix possible use-after-free in adv7842_remove()
(git-fixes).
- media: i2c: tda1997: Fix possible use-after-free in tda1997x_remove()
(git-fixes).
- media: imx: capture: Return -EPIPE from __capture_legacy_try_fmt()
(git-fixes).
- media: ite-cir: check for receive overflow (git-fixes).
- media: m88rs6000t: avoid potential out-of-bounds reads on arrays
(git-fixes).
- media: mantis: remove orphan mantis_core.c (git-fixes).
- media: mceusb: sanity check for prescaler value (git-fixes).
- media: media/saa7164: fix saa7164_encoder_register() memory leak bugs
(git-fixes).
- media: omap4iss: return error code when omap4iss_get() failed
(git-fixes).
- media: platform: sti: Fix runtime PM imbalance in regs_show (git-fixes).
- media: platform: sunxi: sun6i-csi: fix error return code of
sun6i_video_start_streaming() (git-fixes).
- media: rc: compile rc-cec.c into rc-core (git-fixes).
- media: saa7134: use sg_dma_len when building pgtable (git-fixes).
- media: saa7146: use sg_dma_len when building pgtable (git-fixes).
- media: staging/intel-ipu3: Fix memory leak in imu_fmt (git-fixes).
- media: staging/intel-ipu3: Fix race condition during set_fmt (git-fixes).
- media: staging/intel-ipu3: Fix set_fmt error handling (git-fixes).
- media: tc358743: fix possible use-after-free in tc358743_remove()
(git-fixes).
- media: usbtv: Fix deadlock on suspend (git-fixes).
- media: uvcvideo: Allow entities with no pads (git-fixes).
- media: v4l2-ctrls.c: fix race condition in hdl->requests list
(git-fixes).
- media: v4l2-ctrls.c: fix shift-out-of-bounds in std_validate (git-fixes).
- media: v4l: vsp1: Fix bru null pointer access (git-fixes).
- media: v4l: vsp1: Fix uif null pointer access (git-fixes).
- media: vicodec: add missing v4l2_ctrl_request_hdl_put() (git-fixes).
- memory: gpmc: fix out of bounds read and dereference on gpmc_cs[]
(git-fixes).
- memory: mtk-smi: Fix PM usage counter unbalance in mtk_smi ops
(bsc#1183325).
- memory: pl353: fix mask of ECC page_size config register (git-fixes).
- mfd: arizona: Fix rumtime PM imbalance on error (git-fixes).
- mfd: intel_pmt: Fix nuisance messages and handling of disabled
capabilities (git-fixes).
- mfd: lpc_sch: Partially revert "Add support for Intel Quark X1000"
(git-fixes).
- mfd: stm32-timers: Avoid clearing auto reload register (git-fixes).
- misc/pvpanic: Export module FDT device table (git-fixes).
- misc/uss720: fix memory leak in uss720_probe (git-fixes).
- misc: eeprom_93xx46: Add quirk to support Microchip 93LC46B eeprom
(git-fixes).
- misc: fastrpc: restrict user apps from sending kernel RPC messages
(git-fixes).
- misc: lis3lv02d: Fix false-positive WARN on various HP models
(git-fixes).
- misc: vmw_vmci: explicitly initialize vmci_datagram payload (git-fixes).
- misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct
(git-fixes).
- mlxsw: spectrum_mr: Update egress RIF list before route's action
(git-fixes).
- mm, numa: fix bad pmd by atomically check for pmd_trans_huge when
marking page tables prot_numa (bsc#1168777).
- mm/rmap: fix potential pte_unmap on an not mapped pte (git-fixes).
- mm: hugetlbfs: fix cannot migrate the fallocated HugeTLB page
(git-fixes).
- mm: memcontrol: fix cpuhotplug statistics flushing (bsc#1185606).
- mmc: block: Update ext_csd.cache_ctrl if it was written (git-fixes).
- mmc: core: Correct descriptions in mmc_of_parse() (git-fixes).
- mmc: core: Do a power cycle when the CMD11 fails (git-fixes).
- mmc: core: Fix partition switch time for eMMC (git-fixes).
- mmc: core: Set read only for SD cards with permanent write protect bit
(git-fixes).
- mmc: cqhci: Add cqhci_deactivate() (git-fixes).
- mmc: cqhci: Fix random crash when remove mmc module/card (git-fixes).
- mmc: mmc_spi: Drop unused NO_IRQ definition (git-fixes).
- mmc: mxs-mmc: Fix a resource leak in an error handling path in
'mxs_mmc_probe()' (git-fixes).
- mmc: sdhci-iproc: Cap min clock frequency on BCM2711 (bsc#1186009)
- mmc: sdhci-iproc: Set SDHCI_QUIRK_CAP_CLOCK_BASE_BROKEN on BCM2711
(bsc#1186009)
- mmc: sdhci-of-arasan: Add missed checks for devm_clk_register()
(git-fixes).
- mmc: sdhci-of-dwcmshc: fix rpmb access (git-fixes).
- mmc: sdhci-of-dwcmshc: implement specific set_uhs_signaling (git-fixes).
- mmc: sdhci-of-dwcmshc: set SDHCI_QUIRK2_PRESET_VALUE_BROKEN (git-fixes).
- mmc: sdhci-of-esdhc: make sure delay chain locked for HS400 (git-fixes).
- mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes).
- mmc: sdhci-pci-gli: increase 1.8V regulator wait (git-fixes).
- mmc: sdhci-pci: Add PCI IDs for Intel LKF (git-fixes).
- mmc: sdhci-pci: Fix SDHCI_RESET_ALL for CQHCI for Intel GLK-based
controllers (git-fixes).
- mmc: sdhci-pci: Fix initialization of some SD cards for Intel BYT-based
controllers (git-fixes).
- mmc: sdhci: Check for reset prior to DMA address unmap (git-fixes).
- mmc: sdhci: Use Auto CMD Auto Select only when v4_mode is true
(git-fixes).
- mmc: uniphier-sd: Fix a resource leak in the remove function (git-fixes).
- mmc: uniphier-sd: Fix an error handling path in uniphier_sd_probe()
(git-fixes).
- mount: fix mounting of detached mounts onto targets that reside on
shared mounts (git-fixes).
- mt7601u: fix always true expression (git-fixes).
- mt76: dma: do not report truncated frames to mac80211 (git-fixes).
- mt76: mt7615: fix entering driver-own state on mt7663 (git-fixes).
- mt76: mt7615: support loading EEPROM for MT7613BE (git-fixes).
- mt76: mt76x0: disable GTK offloading (git-fixes).
- mt76: mt7915: fix aggr len debugfs node (git-fixes).
- mt76: mt7915: fix txpower init for TSSI off chips (git-fixes).
- mtd: Handle possible -EPROBE_DEFER from parse_mtd_partitions()
(git-fixes).
- mtd: rawnand: atmel: Update ecc_stats.corrected counter (git-fixes).
- mtd: rawnand: brcmnand: fix OOB R/W with Hamming ECC (git-fixes).
- mtd: rawnand: fsmc: Fix error code in fsmc_nand_probe() (git-fixes).
- mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init (git-fixes).
- mtd: rawnand: qcom: Return actual error code instead of -ENODEV
(git-fixes).
- mtd: require write permissions for locking and badblock ioctls
(git-fixes).
- mtd: spi-nor: Rename "n25q512a" to "mt25qu512a (n25q512a)" (bsc#1167260).
- mtd: spi-nor: Split mt25qu512a (n25q512a) entry into two (bsc#1167260).
- mtd: spinand: core: add missing MODULE_DEVICE_TABLE() (git-fixes).
- mwifiex: pcie: skip cancel_work_sync() on reset failure path (git-fixes).
- nbd: fix a block_device refcount leak in nbd_release (git-fixes).
- net, xdp: Update pkt_type if generic XDP changes unicast MAC (git-fixes).
- net/mlx4_core: Add missed mlx4_free_cmd_mailbox() (git-fixes).
- net/mlx4_en: update moderation when config reset (git-fixes).
- net/mlx5: Add back multicast stats for uplink representor
(jsc#SLE-15172).
- net/mlx5: Delete extra dump stack that gives nothing (git-fixes).
- net/mlx5: Do not request more than supported EQs (git-fixes).
- net/mlx5: Fix PPLM register mapping (jsc#SLE-8464).
- net/mlx5: Fix bit-wise and with zero (jsc#SLE-15172).
- net/mlx5: Fix health error state handling (bsc#1186467).
- net/mlx5e: Allow to match on MPLS parameters only for MPLS over UDP
(jsc#SLE-15172).
- net/mlx5e: Do not match on Geneve options in case option masks are all
zero (git-fixes).
- net/mlx5e: E-switch, Fix rate calculation division (jsc#SLE-8464).
- net/mlx5e: Fix error path for ethtool set-priv-flag (git-fixes).
- net/mlx5e: Fix ethtool indication of connector type (git-fixes).
- net/mlx5e: Fix setting of RS FEC mode (jsc#SLE-15172).
- net/mlx5e: Offload tuple rewrite for non-CT flows (jsc#SLE-15172).
- net/mlx5e: RX, Mind the MPWQE gaps when calculating offsets
(jsc#SLE-15172).
- net/mlx5e: fix ingress_ifindex check in mlx5e_flower_parse_meta
(jsc#SLE-8464).
- net/qlcnic: Fix a use after free in qlcnic_83xx_get_minidump_template
(git-fixes).
- net/sched: act_ct: fix wild memory access when clearing fragments
(bsc#1176447).
- net: arc_emac: Fix memleak in arc_mdio_probe (git-fixes).
- net: atheros: switch from 'pci_' to 'dma_' API (git-fixes).
- net: atlantic: fix out of range usage of active_vlans array (git-fixes).
- net: atlantic: fix potential error handling (git-fixes).
- net: atlantic: fix use after free kasan warn (git-fixes).
- net: b44: fix error return code in b44_init_one() (git-fixes).
- net: bonding: fix error return code of bond_neigh_init() (bsc#1154353).
- net: cdc-phonet: fix data-interface release on probe failure (git-fixes).
- net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb
(bsc#1176447).
- net: dsa: felix: implement port flushing on .phylink_mac_link_down
(git-fixes).
- net: dsa: rtl8366: Fix VLAN semantics (git-fixes).
- net: dsa: rtl8366: Fix VLAN set-up (git-fixes).
- net: dsa: rtl8366rb: Support all 4096 VLANs (git-fixes).
- net: enetc: allow hardware timestamping on TX queues with tc-etf enabled
(git-fixes).
- net: enetc: do not disable VLAN filtering in IFF_PROMISC mode
(git-fixes).
- net: enetc: fix link error again (git-fixes).
- net: enetc: remove bogus write to SIRXIDR from enetc_setup_rxbdr
(git-fixes).
- net: enetc: take the MDIO lock only once per NAPI poll cycle (git-fixes).
- net: enic: Cure the enic api locking trainwreck (git-fixes).
- net: ethernet: aquantia: Fix wrong return value (git-fixes).
- net: ethernet: cavium: octeon_mgmt: use phy_start and phy_stop
(git-fixes).
- net: ethernet: ibm: ibmvnic: Fix some kernel-doc misdemeanours
(bsc#1183871 ltc#192139).
- net: ethernet: ti: cpsw: fix clean up of vlan mc entries for host port
(git-fixes).
- net: ethernet: ti: cpsw: fix error return code in cpsw_probe()
(git-fixes).
- net: fec: Fix PHY init after phy_reset_after_clk_enable() (git-fixes).
- net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
(git-fixes).
- net: fec: Fix reference count leak in fec series ops (git-fixes).
- net: gemini: Fix another missing clk_disable_unprepare() in probe
(git-fixes).
- net: gemini: Fix missing free_netdev() in error path of
gemini_ethernet_port_probe() (git-fixes).
- net: geneve: check skb is large enough for IPv4/IPv6 header (git-fixes).
- net: geneve: modify IP header check in geneve6_xmit_skb and
geneve_xmit_skb (git-fixes).
- net: gianfar: Add of_node_put() before goto statement (git-fixes).
- net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
(git-fixes).
- net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
ether_setup (git-fixes).
- net: hns3: Fix for geneve tx checksum bug (git-fixes).
- net: hns3: Remove the left over redundant check & assignment
(bsc#1154353).
- net: hns3: Remove un-necessary 'else-if' in the hclge_reset_event()
(git-fixes).
- net: hns3: add check for HNS3_NIC_STATE_INITED in
hns3_reset_notify_up_enet() (git-fixes).
- net: hns3: clear VF down state bit before request link status
(git-fixes).
- net: hns3: clear unnecessary reset request in hclge_reset_rebuild
(git-fixes).
- net: hns3: disable phy loopback setting in hclge_mac_start_phy
(git-fixes).
- net: hns3: fix bug when calculating the TCAM table info (git-fixes).
- net: hns3: fix for vxlan gpe tx checksum bug (git-fixes).
- net: hns3: fix incorrect configuration for igu_egu_hw_err (git-fixes).
- net: hns3: fix query vlan mask value error for flow director (git-fixes).
- net: hns3: initialize the message content in hclge_get_link_mode()
(git-fixes).
- net: hns3: use netif_tx_disable to stop the transmit queue (git-fixes).
- net: korina: cast KSEG0 address to pointer in kfree (git-fixes).
- net: korina: fix kfree of rx/tx descriptor array (git-fixes).
- net: lantiq: Wait for the GPHY firmware to be ready (git-fixes).
- net: ll_temac: Add more error handling of dma_map_single() calls
(git-fixes).
- net: ll_temac: Fix RX buffer descriptor handling on GFP_ATOMIC pressure
(git-fixes).
- net: ll_temac: Fix race condition causing TX hang (git-fixes).
- net: ll_temac: Handle DMA halt condition caused by buffer underrun
(git-fixes).
- net: mvneta: fix double free of txq->buf (git-fixes).
- net: mvneta: make tx buffer array agnostic (git-fixes).
- net: pasemi: fix error return code in pasemi_mac_open() (git-fixes).
- net: phy: broadcom: Only advertise EEE for supported modes (git-fixes).
- net: phy: intel-xway: enable integrated led functions (git-fixes).
- net: phy: marvell: fix m88e1011_set_downshift (git-fixes).
- net: phy: marvell: fix m88e1111_set_downshift (git-fixes).
- net: qcom/emac: add missed clk_disable_unprepare in error path of
emac_clks_phase1_init (git-fixes).
- net: qualcomm: rmnet: Fix incorrect receive packet handling during
cleanup (git-fixes).
- net: sched: disable TCQ_F_NOLOCK for pfifo_fast (bsc#1183405)
- net: smc911x: Adjust indentation in smc911x_phy_configure (git-fixes).
- net: spider_net: Fix the size used in a 'dma_free_coherent()' call
(git-fixes).
- net: stmmac: Fix incorrect location to set real_num_rx|tx_queues
(git-fixes).
- net: stmmac: Use rtnl_lock/unlock on netif_set_real_num_rx_queues() call
(git-fixes).
- net: stmmac: fix missing IFF_MULTICAST check in dwmac4_set_filter
(git-fixes).
- net: stmmac: removed enabling eee in EEE set callback (git-fixes).
- net: stmmac: use netif_tx_start|stop_all_queues() function (git-fixes).
- net: stmmac: xgmac: fix missing IFF_MULTICAST checki in
dwxgmac2_set_filter (git-fixes).
- net: thunderx: Fix unintentional sign extension issue (git-fixes).
- net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
(git-fixes).
- net: usb: ax88179_178a: fix missing stop entry in driver_info
(git-fixes).
- net: usb: fix memory leak in smsc75xx_bind (git-fixes).
- net: usb: qmi_wwan: allow qmimux add/del with master up (git-fixes).
- net: usb: qmi_wwan: support ZTE P685M modem (git-fixes).
- net: wan/lmc: unregister device when no matching device is found
(git-fixes).
- net:nfc:digital: Fix a double free in digital_tg_recv_dep_req
(git-fixes).
- netdevice: Add missing IFF_PHONY_HEADROOM self-definition (git-fixes).
- netdevsim: init u64 stats for 32bit hardware (git-fixes).
- netfilter: conntrack: Make global sysctls readonly in non-init netns
(bsc#1176447).
- netfilter: conntrack: add new sysctl to disable RST check (bsc#1183947
bsc#1185950).
- netfilter: conntrack: avoid misleading 'invalid' in log message
(bsc#1183947 bsc#1185950).
- netfilter: conntrack: improve RST handling when tuple is re-used
(bsc#1183947 bsc#1185950).
- netfilter: flowtable: Make sure GC works periodically in idle system
(bsc#1176447).
- netfilter: flowtable: fix NAT IPv6 offload mangling (bsc#1176447).
- netfilter: nftables: allow to update flowtable flags (bsc#1176447).
- netfilter: nftables: report EOPNOTSUPP on unsupported flowtable flags
(bsc#1176447).
- netsec: restore phy power state after controller reset (bsc#1183757).
- nfc: pn533: prevent potential memory corruption (git-fixes).
- nfp: devlink: initialize the devlink port attribute "lanes"
(bsc#1176447).
- nfp: flower: add ipv6 bit to pre_tunnel control message (bsc#1176447).
- nfp: flower: fix pre_tun mask id allocation (bsc#1154353).
- nfp: flower: ignore duplicate merge hints from FW (git-fixes).
- node: fix device cleanups in error handling code (git-fixes).
- null_blk: fix passing of REQ_FUA flag in null_handle_rq (git-fixes).
- nvme-core: add cancel tagset helpers (bsc#1183976).
- nvme-fabrics: decode host pathing error for connect (bsc#1179827).
- nvme-fabrics: fix kato initialization (bsc#1182591).
- nvme-fabrics: only reserve a single tag (bsc#1182077).
- nvme-fabrics: reject I/O to offline device (bsc#1181161).
- nvme-fc: check sgl supported by target (bsc#1179827).
- nvme-fc: clear q_live at beginning of association teardown (bsc#1186479).
- nvme-fc: fix racing controller reset and create association
(bsc#1183048).
- nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted
(bsc#1180197).
- nvme-fc: return NVME_SC_HOST_ABORTED_CMD when a command has been aborted
(bsc#1184259).
- nvme-fc: set NVME_REQ_CANCELLED in nvme_fc_terminate_exchange()
(bsc#1180197).
- nvme-fc: set NVME_REQ_CANCELLED in nvme_fc_terminate_exchange()
(bsc#1184259).
- nvme-fc: short-circuit reconnect retries (bsc#1179827).
- nvme-hwmon: Return error code when registration fails (bsc#1177326).
- nvme-hwmon: Return error code when registration fails (bsc#1177326).
- nvme-multipath: fix double initialization of ANA state (bsc#1178612,
bsc#1184259).
- nvme-multipath: reset bdev to ns head when failover (bsc#178378
bsc#1182999).
- nvme-pci: Remove tag from process cq (git-fixes).
- nvme-pci: Remove two-pass completions (git-fixes).
- nvme-pci: Simplify nvme_poll_irqdisable (git-fixes).
- nvme-pci: align io queue count with allocted nvme_queue in (git-fixes).
- nvme-pci: avoid race between nvme_reap_pending_cqes() and nvme_poll()
(git-fixes).
- nvme-pci: dma read memory barrier for completions (git-fixes).
- nvme-pci: fix "slimmer CQ head update" (git-fixes).
- nvme-pci: make sure write/poll_queues less or equal then cpu (git-fixes).
- nvme-pci: remove last_sq_tail (git-fixes).
- nvme-pci: remove volatile cqes (git-fixes).
- nvme-pci: slimmer CQ head update (git-fixes).
- nvme-pci: use simple suspend when a HMB is enabled (git-fixes).
- nvme-tcp: Fix possible race of io_work and direct send (git-fixes).
- nvme-tcp: Fix warning with CONFIG_DEBUG_PREEMPT (git-fixes).
- nvme-tcp: add clean action for failed reconnection (bsc#1183976).
- nvme-tcp: fix kconfig dependency warning when !CRYPTO (git-fixes).
- nvme-tcp: fix misuse of __smp_processor_id with preemption (git-fixes).
- nvme-tcp: fix possible hang waiting for icresp response (bsc#1179519).
- nvme-tcp: fix possible hang when failing to set io queues (bsc#1181161).
- nvme-tcp: use cancel tagset helper for tear down (bsc#1183976).
- nvme: Fix NULL dereference for pci nvme controllers (bsc#1182378).
- nvme: add 'kato' sysfs attribute (bsc#1179825).
- nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() (bsc#1180197).
- nvme: add NVME_REQ_CANCELLED flag in nvme_cancel_request() (bsc#1184259).
- nvme: allocate the keep alive request using BLK_MQ_REQ_NOWAIT
(bsc#1182077).
- nvme: call nvme_identify_ns as the first thing in nvme_alloc_ns_block
(bsc#1180197).
- nvme: clean up the check for too large logic block sizes (bsc#1180197).
- nvme: define constants for identification values (git-fixes).
- nvme: do not intialize hwmon for discovery controllers (bsc#1184259).
- nvme: do not intialize hwmon for discovery controllers (git-fixes).
- nvme: document nvme controller states (git-fixes).
- nvme: explicitly update mpath disk capacity on revalidation (git-fixes).
- nvme: expose reconnect_delay and ctrl_loss_tmo via sysfs (bsc#1182378).
- nvme: factor out a nvme_configure_metadata helper (bsc#1180197).
- nvme: fix controller instance leak (git-fixes).
- nvme: fix deadlock in disconnect during scan_work and/or ana_work
(git-fixes).
- nvme: fix initialization of the zone bitmaps (bsc#1180197).
- nvme: fix possible deadlock when I/O is blocked (git-fixes).
- nvme: freeze the queue over ->lba_shift updates (bsc#1180197).
- nvme: lift the check for an unallocated namespace into nvme_identify_ns
(bsc#1180197).
- nvme: merge nvme_keep_alive into nvme_keep_alive_work (bsc#1182077).
- nvme: move nvme_validate_ns (bsc#1180197).
- nvme: opencode revalidate_disk in nvme_validate_ns (bsc#1180197).
- nvme: query namespace identifiers before adding the namespace
(bsc#1180197).
- nvme: refactor nvme_validate_ns (bsc#1180197).
- nvme: remove nvme_identify_ns_list (bsc#1180197).
- nvme: remove nvme_update_formats (bsc#1180197).
- nvme: remove superfluous else in nvme_ctrl_loss_tmo_store (bsc#1182378).
- nvme: remove the 0 lba_shift check in nvme_update_ns_info (bsc#1180197).
- nvme: remove the disk argument to nvme_update_zone_info (bsc#1180197).
- nvme: rename __nvme_revalidate_disk (bsc#1180197).
- nvme: rename _nvme_revalidate_disk (bsc#1180197).
- nvme: rename nvme_validate_ns to nvme_validate_or_alloc_ns (bsc#1180197).
- nvme: retrigger ANA log update if group descriptor isn't found
(git-fixes)
- nvme: return an error if nvme_set_queue_count() fails (bsc#1180197).
- nvme: revalidate zone bitmaps in nvme_update_ns_info (bsc#1180197).
- nvme: sanitize KATO setting (bsc#1179825).
- nvme: set the queue limits in nvme_update_ns_info (bsc#1180197).
- nvme: simplify error logic in nvme_validate_ns() (bsc#1180197).
- nvme: simplify error logic in nvme_validate_ns() (bsc#1184259).
- nvme: update the known admin effects (bsc#1180197).
- nvmet-rdma: Fix list_del corruption on queue establishment failure
(bsc#1183501).
- nvmet: fix a memory leak (git-fixes).
- nvmet: seset ns->file when open fails (bsc#1183873).
- nvmet: use new ana_log_size instead the old one (bsc#1184259).
- nxp-i2c: restore includes for kABI (bsc#1185589).
- nxp-nci: add NXP1002 id (bsc#1185589).
- ocfs2: fix a use after free on error (bsc#1184738).
- ovl: fix dentry leak in ovl_get_redirect (bsc#1184176).
- ovl: fix out of date comment and unreachable code (bsc#1184176).
- ovl: fix regression with re-formatted lower squashfs (bsc#1184176).
- ovl: fix unneeded call to ovl_change_flags() (bsc#1184176).
- ovl: fix value of i_ino for lower hardlink corner case (bsc#1184176).
- ovl: initialize error in ovl_copy_xattr (bsc#1184176).
- ovl: relax WARN_ON() when decoding lower directory file handle
(bsc#1184176).
- partitions/ibm: fix non-DASD devices (bsc#1185857 LTC#192526).
- pata_arasan_cf: fix IRQ check (git-fixes).
- pata_ipx4xx_cf: fix IRQ check (git-fixes).
- perf/amd/uncore: Fix sysfs type mismatch (bsc#1178134).
- phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y,
unconditionally (git-fixes).
- phy: phy-twl4030-usb: Fix possible use-after-free in
twl4030_usb_remove() (git-fixes).
- pinctrl: Ingenic: Add missing pins to the JZ4770 MAC MII group
(git-fixes).
- pinctrl: core: Fix kernel doc string for pin_get_name() (git-fixes).
- pinctrl: ingenic: Improve unreachable code generation (git-fixes).
- pinctrl: lewisburg: Update number of pins in community (git-fixes).
- pinctrl: qcom: spmi-gpio: fix warning about irq chip reusage (git-fixes).
- pinctrl: rockchip: fix restore error in resume (git-fixes).
- pinctrl: samsung: use 'int' for register masks in Exynos (git-fixes).
- platform/mellanox: mlxbf-tmfifo: Fix a memory barrier issue (git-fixes).
- platform/x86: acer-wmi: Add ACER_CAP_KBD_DOCK quirk for the Aspire
Switch 10E SW3-016 (git-fixes).
- platform/x86: acer-wmi: Add ACER_CAP_SET_FUNCTION_MODE capability flag
(git-fixes).
- platform/x86: acer-wmi: Add new force_caps module parameter (git-fixes).
- platform/x86: acer-wmi: Add support for SW_TABLET_MODE on Switch devices
(git-fixes).
- platform/x86: acer-wmi: Cleanup ACER_CAP_FOO defines (git-fixes).
- platform/x86: acer-wmi: Cleanup accelerometer device handling
(git-fixes).
- platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2
(git-fixes).
- platform/x86: intel-vbtn: Stop reporting SW_DOCK events (git-fixes).
- platform/x86: intel_int0002_vgpio: Only call enable_irq_wake() when
using s2idle (git-fixes).
- platform/x86: intel_pmc_core: Do not use global pmcdev in quirks
(git-fixes).
- platform/x86: intel_pmt_crashlog: Fix incorrect macros (git-fixes).
- platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards
with critclk_systems DMI table (git-fixes).
- platform/x86: thinkpad_acpi: Allow the FnLock LED to change state
(git-fixes).
- platform/x86: thinkpad_acpi: Correct thermal sensor allocation
(git-fixes).
- posix-timers: Preserve return value in clock_adjtime32() (git-fixes)
- post.sh: Return an error when module update fails (bsc#1047233
bsc#1184388).
- power: supply: Use IRQF_ONESHOT (git-fixes).
- power: supply: generic-adc-battery: fix possible use-after-free in
gab_remove() (git-fixes).
- power: supply: s3c_adc_battery: fix possible use-after-free in
s3c_adc_bat_remove() (git-fixes).
- powerepc/book3s64/hash: Align start/end address correctly with bolt
mapping (bsc#1184957).
- powerpc/64s/exception: Clean up a missed SRR specifier (jsc#SLE-9246
git-fixes).
- powerpc/64s: Fix crashes when toggling entry flush barrier (bsc#1177666
git-fixes).
- powerpc/64s: Fix crashes when toggling stf barrier (bsc#1087082
git-fixes).
- powerpc/64s: Fix instruction encoding for lis in ppc_function_entry()
(bsc#1065729).
- powerpc/64s: Fix pte update for kernel memory on radix (bsc#1055117
git-fixes).
- powerpc/asm-offsets: GPR14 is not needed either (bsc#1065729).
- powerpc/book3s64/radix: Remove WARN_ON in destroy_context() (bsc#1183692
ltc#191963).
- powerpc/eeh: Fix EEH handling for hugepages in ioremap space
(bsc#1156395).
- powerpc/fadump: Mark fadump_calculate_reserve_size as __init
(bsc#1065729).
- powerpc/kexec_file: Use current CPU info while setting up FDT
(bsc#1184615 ltc#189835).
- powerpc/kuap: Restore AMR after replaying soft interrupts (bsc#1156395).
- powerpc/mm: Add cond_resched() while removing hpte mappings (bsc#1183289
ltc#191637).
- powerpc/papr_scm: Fix build error due to wrong printf specifier
(bsc#1184969).
- powerpc/papr_scm: Implement support for H_SCM_FLUSH hcall (bsc#1184969).
- powerpc/perf: Fix PMU constraint check for EBB events (bsc#1065729).
- powerpc/perf: Fix sampled instruction type for larx/stcx (jsc#SLE-13513).
- powerpc/perf: Fix the threshold event selection for memory events in
power10 (jsc#SLE-13513).
- powerpc/pmem: Include pmem prototypes (bsc#1113295 git-fixes).
- powerpc/prom: Mark identical_pvr_fixup as __init (bsc#1065729).
- powerpc/pseries/mobility: handle premature return from H_JOIN
(bsc#1181674 ltc#189159 git-fixes bsc#1183662 ltc#191922).
- powerpc/pseries/mobility: use struct for shared state (bsc#1181674
ltc#189159 git-fixes bsc#1183662 ltc#191922).
- powerpc/pseries/ras: Remove unused variable 'status' (bsc#1065729).
- powerpc/pseries: Add shutdown() to vio_driver and vio_bus (bsc#1184209
ltc#190917).
- powerpc/pseries: Do not trace hcall tracing wrapper (bsc#1185110
ltc#192091).
- powerpc/pseries: Fix hcall tracing recursion in pv queued spinlocks
(bsc#1185110 ltc#192091).
- powerpc/pseries: use notrace hcall variant for H_CEDE idle (bsc#1185110
ltc#192091).
- powerpc/pseries: warn if recursing into the hcall tracing code
(bsc#1185110 ltc#192091).
- powerpc/smp: Reintroduce cpu_core_mask (jsc#SLE-13615 bsc#1180100
ltc#190257 git-fixes).
- powerpc/sstep: Check instruction validity against ISA version before
emulation (bsc#1156395).
- powerpc/sstep: Check instruction validity against ISA version before
emulation (bsc#1156395).
- powerpc/sstep: Fix darn emulation (bsc#1156395).
- powerpc/sstep: Fix incorrect return from analyze_instr() (bsc#1156395).
- powerpc/sstep: Fix load-store and update emulation (bsc#1156395).
- powerpc/time: Enable sched clock for irqtime (bsc#1156395).
- powerpc/uaccess: Avoid might_fault() when user access is enabled
(bsc#1156395).
- powerpc/uaccess: Perform barrier_nospec() in KUAP allowance helpers
(bsc#1156395).
- powerpc/uaccess: Simplify unsafe_put_user() implementation (bsc#1156395).
- powerpc/xive: Drop check on irq_data in xive_core_debug_show()
(bsc#1177437 ltc#188522 jsc#SLE-13294 git-fixes).
- powerpc/xmon: Fix build failure for 8xx (jsc#SLE-12936 git-fixes).
- powerpc: Fix inverted SET_FULL_REGS bitop (jsc#SLE-9246 git-fixes).
- powerpc: Fix missing declaration ofable_kernel_vsx() (git-fixes).
- proc: fix lookup in /proc/net subdirectories after setns(2) (git-fixes).
- qlcnic: fix error return code in qlcnic_83xx_restart_hw() (git-fixes).
- qtnfmac: Fix possible buffer overflow in qtnf_event_handle_external_auth
(git-fixes).
- qxl: Fix uninitialised struct field head.surface_id (git-fixes).
- r8169: do not advertise pause in jumbo mode (git-fixes).
- r8169: fix DMA being used after buffer free if WoL is enabled
(git-fixes).
- r8169: tweak max read request size for newer chips also in jumbo mtu
mode (git-fixes).
- regmap: set debugfs_name to NULL after it is freed (git-fixes).
- regulator: Avoid a double 'of_node_get' in
'regulator_of_get_init_node()' (git-fixes).
- regulator: bd9571mwv: Fix AVS and DVFS voltage range (git-fixes).
- reintroduce cqhci_suspend for kABI (git-fixes).
- reiserfs: update reiserfs_xattrs_initialized() condition (bsc#1184737).
- rsi: Fix TX EAPOL packet handling against iwlwifi AP (git-fixes).
- rsi: Move card interrupt handling to RX thread (git-fixes).
- rsi: Use resume_noirq for SDIO (git-fixes).
- rsxx: remove extraneous 'const' qualifier (git-fixes).
- rtc: ds1307: Fix wday settings for rx8130 (git-fixes).
- rtc: fsl-ftm-alarm: add MODULE_TABLE() (bsc#1185454).
- rtc: fsl-ftm-alarm: avoid struct rtc_time conversions (bsc#1185454).
- rtc: fsl-ftm-alarm: enable acpi support (bsc#1185454).
- rtc: fsl-ftm-alarm: fix freeze(s2idle) failed to wake (bsc#1185454).
- rtc: fsl-ftm-alarm: report alarm to core (bsc#1185454).
- rtc: fsl-ftm-alarm: switch to ktime_get_real_seconds (bsc#1185454).
- rtc: fsl-ftm-alarm: switch to rtc_time64_to_tm/rtc_tm_to_time64
(bsc#1185454).
- rtc: fsl-ftm-alarm: update acpi device id (bsc#1185454).
- rtc: pcf2127: add alarm support (bsc#1185233).
- rtc: pcf2127: add pca2129 device id (bsc#1185233).
- rtc: pcf2127: add tamper detection support (bsc#1185233).
- rtc: pcf2127: add watchdog feature support (bsc#1185233).
- rtc: pcf2127: bugfix: watchdog build dependency (bsc#1185233).
- rtc: pcf2127: cleanup register and bit defines (bsc#1185233).
- rtc: pcf2127: convert to devm_rtc_allocate_device (bsc#1185233).
- rtc: pcf2127: fix a bug when not specify interrupts property
(bsc#1185233).
- rtc: pcf2127: fix alarm handling (bsc#1185233).
- rtc: pcf2127: fix pcf2127_nvmem_read/write() returns (bsc#1185233).
- rtc: pcf2127: handle boot-enabled watchdog feature (bsc#1185233).
- rtc: pcf2127: handle timestamp interrupts (bsc#1185495).
- rtc: pcf2127: let the core handle rtc range (bsc#1185233).
- rtc: pcf2127: move watchdog initialisation to a separate function
(bsc#1185233).
- rtc: pcf2127: only use watchdog when explicitly available (bsc#1185233).
- rtc: pcf2127: properly set flag WD_CD for rtc chips(pcf2129, pca2129)
(bsc#1185233).
- rtc: pcf2127: remove unnecessary #ifdef (bsc#1185233).
- rtc: pcf2127: set regmap max_register (bsc#1185233).
- rtc: pcf2127: watchdog: handle nowayout feature (bsc#1185233).
- rtlwifi: 8821ae: upgrade PHY and RF parameters (git-fixes).
- rtw88: Fix an error code in rtw_debugfs_set_rsvd_page() (git-fixes).
- rtw88: Fix array overrun in rtw_get_tx_power_params() (git-fixes).
- rtw88: coex: 8821c: correct antenna switch function (git-fixes).
- s390/cio: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/cio: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/crypto: return -EFAULT if copy_to_user() fails (git-fixes).
- s390/dasd: fix hanging DASD driver unbind (bsc#1183932 LTC#192153).
- s390/dasd: fix hanging IO request during DASD driver unbind (git-fixes).
- s390/entry: save the caller of psw_idle (bsc#1185677).
- s390/ipl: support NVMe IPL kernel parameters (bsc#1185980 LTC#192679).
- s390/kdump: fix out-of-memory with PCI (bsc#1182257 LTC#191375).
- s390/pci: fix leak of PCI device structure (git-fixes).
- s390/qeth: fix memory leak after failed TX Buffer allocation (git-fixes).
- s390/qeth: fix notification for pending buffers during teardown
(git-fixes).
- s390/qeth: improve completion of pending TX buffers (git-fixes).
- s390/qeth: schedule TX NAPI on QAOB completion (git-fixes).
- s390/vtime: fix increased steal time accounting (bsc#1183859).
- s390/zcrypt: return EIO when msg retry limit reached (git-fixes).
- samples, bpf: Add missing munmap in xdpsock (bsc#1155518).
- samples/bpf: Fix possible hang in xdpsock with multiple threads
(bsc#1155518).
- sata_mv: add IRQ checks (git-fixes).
- sched/eas: Do not update misfit status if the task is pinned (git-fixes)
- sched/fair: Avoid stale CPU util_est value for schedutil in (git-fixes)
- sched/fair: Fix shift-out-of-bounds in load_balance() (git fixes
(sched)).
- sched/fair: Fix unfairness caused by missing load decay (git-fixes)
- scripts/git_sort/git_sort.py: add bpf git repo
- scsi: aacraid: Improve compat_ioctl handlers (bsc#1186352).
- scsi: block: Fix a race in the runtime power management code (git-fixes).
- scsi: core: Only return started requests from scsi_host_find_tag()
(bsc#1179851).
- scsi: core: Run queue in case of I/O resource contention failure
(bsc#1186416).
- scsi: core: add scsi_host_busy_iter() (bsc#1179851).
- scsi: fnic: Kill 'exclude_id' argument to fnic_cleanup_io()
(bsc#1179851).
- scsi: fnic: Remove bogus ratelimit messages (bsc#1183249).
- scsi: libfc: Avoid invoking response handler twice if ep is already
completed (bsc#1186573).
- scsi: lpfc: Add a option to enable interlocked ABTS before job
completion (bsc#1186451).
- scsi: lpfc: Add ndlp kref accounting for resume RPI path (bsc#1186451).
- scsi: lpfc: Change wording of invalid pci reset log message
(bsc#1182574).
- scsi: lpfc: Copyright updates for 12.8.0.9 patches (bsc#1185472).
- scsi: lpfc: Correct function header comments related to ndlp reference
counting (bsc#1182574).
- scsi: lpfc: Eliminate use of LPFC_DRIVER_NAME in lpfc_attr.c
(bsc#1185472).
- scsi: lpfc: Fix "Unexpected timeout" error in direct attach topology
(bsc#1186451).
- scsi: lpfc: Fix ADISC handling that never frees nodes (bsc#1182574).
- scsi: lpfc: Fix DMA virtual address ptr assignment in bsg (bsc#1185365).
- scsi: lpfc: Fix FLOGI failure due to accessing a freed node
(bsc#1182574).
- scsi: lpfc: Fix NMI crash during rmmod due to circular hbalock
dependency (bsc#1185472).
- scsi: lpfc: Fix Node recovery when driver is handling simultaneous
PLOGIs (bsc#1186451).
- scsi: lpfc: Fix PLOGI ACC to be transmit after REG_LOGIN (bsc#1182574).
- scsi: lpfc: Fix a bunch of kernel-doc issues (bsc#1185472).
- scsi: lpfc: Fix a bunch of kernel-doc misdemeanours (bsc#1185472).
- scsi: lpfc: Fix a bunch of misnamed functions (bsc#1185472).
- scsi: lpfc: Fix a few incorrectly named functions (bsc#1185472).
- scsi: lpfc: Fix a typo (bsc#1185472).
- scsi: lpfc: Fix bad memory access during VPD DUMP mailbox command
(bsc#1186451).
- scsi: lpfc: Fix crash caused by switch reboot (bsc#1182574).
- scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO
response (bsc#1185472).
- scsi: lpfc: Fix crash when lpfc_sli4_hba_setup() fails to initialize the
SGLs (bsc#1186451).
- scsi: lpfc: Fix dropped FLOGI during pt2pt discovery recovery
(bsc#1182574).
- scsi: lpfc: Fix error handling for mailboxes completed in MBX_POLL mode
(bsc#1185472).
- scsi: lpfc: Fix formatting and misspelling issues (bsc#1185472).
- scsi: lpfc: Fix gcc -Wstringop-overread warning (bsc#1185472).
- scsi: lpfc: Fix illegal memory access on Abort IOCBs (bsc#1183203).
- scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe
(bsc#1182574).
- scsi: lpfc: Fix incorrect naming of __lpfc_update_fcf_record()
(bsc#1185472).
- scsi: lpfc: Fix incorrectly documented function
lpfc_debugfs_commonxripools_data() (bsc#1185472).
- scsi: lpfc: Fix kernel-doc formatting issue (bsc#1185472).
- scsi: lpfc: Fix lack of device removal on port swaps with PRLIs
(bsc#1185472).
- scsi: lpfc: Fix lpfc_els_retry() possible null pointer dereference
(bsc#1182574).
- scsi: lpfc: Fix lpfc_hdw_queue attribute being ignored (bsc#1185472).
- scsi: lpfc: Fix missing FDMI registrations after Mgmt Svc login
(bsc#1185472).
- scsi: lpfc: Fix node handling for Fabric Controller and Domain
Controller (bsc#1186451).
- scsi: lpfc: Fix nodeinfo debugfs output (bsc#1182574).
- scsi: lpfc: Fix non-optimized ERSP handling (bsc#1186451).
- scsi: lpfc: Fix null pointer dereference in lpfc_prep_els_iocb()
(bsc#1182574).
- scsi: lpfc: Fix pt2pt connection does not recover after LOGO
(bsc#1182574).
- scsi: lpfc: Fix pt2pt state transition causing rmmod hang (bsc#1182574).
- scsi: lpfc: Fix reference counting errors in lpfc_cmpl_els_rsp()
(bsc#1185472).
- scsi: lpfc: Fix reftag generation sizing errors (bsc#1182574).
- scsi: lpfc: Fix rmmod crash due to bad ring pointers to abort_iotag
(bsc#1185472).
- scsi: lpfc: Fix silent memory allocation failure in
lpfc_sli4_bsg_link_diag_test() (bsc#1185472).
- scsi: lpfc: Fix some error codes in debugfs (bsc#1185472).
- scsi: lpfc: Fix stale node accesses on stale RRQ request (bsc#1182574).
- scsi: lpfc: Fix status returned in lpfc_els_retry() error exit path
(bsc#1182574).
- scsi: lpfc: Fix unnecessary null check in lpfc_release_scsi_buf
(bsc#1182574).
- scsi: lpfc: Fix unreleased RPIs when NPIV ports are created
(bsc#1186451).
- scsi: lpfc: Fix use after free in lpfc_els_free_iocb (bsc#1182574).
- scsi: lpfc: Fix use-after-free on unused nodes after port swap
(bsc#1185472).
- scsi: lpfc: Fix various trivial errors in comments and log messages
(bsc#1185472).
- scsi: lpfc: Fix vport indices in lpfc_find_vport_by_vpid() (bsc#1182574).
- scsi: lpfc: Ignore GID-FT response that may be received after a link
flip (bsc#1186451).
- scsi: lpfc: Reduce LOG_TRACE_EVENT logging for vports (bsc#1182574).
- scsi: lpfc: Remove unsupported mbox PORT_CAPABILITIES logic
(bsc#1185472).
- scsi: lpfc: Reregister FPIN types if ELS_RDF is received from fabric
controller (bsc#1186451).
- scsi: lpfc: Standardize discovery object logging format (bsc#1185472).
- scsi: lpfc: Update copyrights for 12.8.0.7 and 12.8.0.8 changes
(bsc#1182574).
- scsi: lpfc: Update lpfc version to 12.8.0.10 (bsc#1186451).
- scsi: lpfc: Update lpfc version to 12.8.0.8 (bsc#1182574).
- scsi: lpfc: Update lpfc version to 12.8.0.9 (bsc#1185472).
- scsi: mpt3sas: Only one vSES is present even when IOC has multi vSES
(bsc#1185954).
- scsi: pm80xx: Do not sleep in atomic context (bsc#1186353).
- scsi: pm80xx: Fix chip initialization failure (bsc#1186354).
- scsi: pm80xx: Fix potential infinite loop (bsc#1186354).
- scsi: pm80xx: Increase timeout for pm80xx mpi_uninit_check()
(bsc#1186355).
- scsi: qla2xxx: Add H:C:T info in the log message for fc ports
(bsc#1185491).
- scsi: qla2xxx: Add error counters to debugfs node (bsc#1185491).
- scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats()
(bsc#1185491).
- scsi: qla2xxx: Assign boolean values to a bool variable (bsc#1185491).
- scsi: qla2xxx: Check kzalloc() return value (bsc#1185491).
- scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe
(bsc#1185491).
- scsi: qla2xxx: Constify struct qla_tgt_func_tmpl (bsc#1185491).
- scsi: qla2xxx: Do logout even if fabric scan retries got exhausted
(bsc#1185491).
- scsi: qla2xxx: Enable NVMe CONF (BIT_7) when enabling SLER (bsc#1185491).
- scsi: qla2xxx: Fix IOPS drop seen in some adapters (bsc#1185491).
- scsi: qla2xxx: Fix RISC RESET completion polling (bsc#1185491).
- scsi: qla2xxx: Fix a couple of misdocumented functions (bsc#1185491).
- scsi: qla2xxx: Fix a couple of misnamed functions (bsc#1185491).
- scsi: qla2xxx: Fix broken #endif placement (bsc#1185491).
- scsi: qla2xxx: Fix crash in PCIe error handling (bsc#1185491).
- scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() (bsc#1185491).
- scsi: qla2xxx: Fix endianness annotations (bsc#1185491).
- scsi: qla2xxx: Fix incorrectly named function qla8044_check_temp()
(bsc#1185491).
- scsi: qla2xxx: Fix mailbox Ch erroneous error (bsc#1185491).
- scsi: qla2xxx: Fix mailbox recovery during PCIe error (bsc#1185491).
- scsi: qla2xxx: Fix some incorrect formatting/spelling issues
(bsc#1185491).
- scsi: qla2xxx: Fix some memory corruption (bsc#1185491).
- scsi: qla2xxx: Fix stuck session (bsc#1185491).
- scsi: qla2xxx: Fix use after free in bsg (bsc#1185491).
- scsi: qla2xxx: Implementation to get and manage host, target stats and
initiator port (bsc#1185491).
- scsi: qla2xxx: Move some messages from debug to normal log level
(bsc#1185491).
- scsi: qla2xxx: Remove redundant NULL check (bsc#1185491).
- scsi: qla2xxx: Remove unnecessary NULL check (bsc#1185491).
- scsi: qla2xxx: Remove unneeded if-null-free check (bsc#1185491).
- scsi: qla2xxx: Replace __qla2x00_marker()'s missing underscores
(bsc#1185491).
- scsi: qla2xxx: Reserve extra IRQ vectors (bsc#1184436).
- scsi: qla2xxx: Reuse existing error handling path (bsc#1185491).
- scsi: qla2xxx: Simplify if statement (bsc#1185491).
- scsi: qla2xxx: Simplify qla8044_minidump_process_control() (bsc#1185491).
- scsi: qla2xxx: Simplify the calculation of variables (bsc#1185491).
- scsi: qla2xxx: Suppress Coverity complaints about dseg_r* (bsc#1185491).
- scsi: qla2xxx: Update default AER debug mask (bsc#1185491).
- scsi: qla2xxx: Update version to 10.02.00.105-k (bsc#1185491).
- scsi: qla2xxx: Update version to 10.02.00.106-k (bsc#1185491).
- scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1185491).
- scsi: qla2xxx: Wait for ABTS response on I/O timeouts for NVMe
(bsc#1185491).
- scsi: qla2xxx: fc_remote_port_chkready() returns a SCSI result value
(bsc#1185491).
- scsi: smartpqi: Correct driver removal with HBA disks (bsc#1178089).
- scsi: smartpqi: Correct driver removal with HBA disks (bsc#1178089).
- scsi: smartpqi: Correct pqi_sas_smp_handler busy condition (bsc#1178089).
- scsi: smartpqi: Correct pqi_sas_smp_handler busy condition (bsc#1178089).
- scsi: smartpqi: Update version to 1.2.16-012 (bsc#1178089).
- scsi: smartpqi: Update version to 1.2.16-012 (bsc#1178089).
- scsi: target: pscsi: Avoid OOM in pscsi_map_sg() (bsc#1183843).
- scsi: target: pscsi: Clean up after failure in pscsi_map_sg()
(bsc#1183843).
- scsi: target: tcmu: Fix use-after-free of se_cmd->priv (bsc#1186356).
- scsi: target: tcmu: Fix warning: 'page' may be used uninitialized
(bsc#1186357).
- sctp: delay auto_asconf init until binding the first addr
(<cover.1620748346.git.mkubecek(a)suse.cz>).
- security: keys: trusted: fix TPM2 authorizations (git-fixes).
- selftests/bpf: Fix BPF_CORE_READ_BITFIELD() macro (bsc#1177028).
- selftests/bpf: Fix the ASSERT_ERR_PTR macro (bsc#1177028).
- selftests/bpf: Mask bpf_csum_diff() return value to 16 bits in
test_verifier (bsc#1155518).
- selftests/bpf: No need to drop the packet when there is no geneve opt
(bsc#1155518).
- selftests/bpf: Re-generate vmlinux.h and BPF skeletons if bpftool
changed (bsc#1177028).
- selftests/bpf: Set gopt opt_class to 0 if get tunnel opt failed
(bsc#1155518).
- selftests/powerpc: Add pkey helpers for rights (bsc#1184934 ltc#191460).
- selftests/powerpc: Add test for execute-disabled pkeys (bsc#1184934
ltc#191460).
- selftests/powerpc: Add test for pkey siginfo verification (bsc#1184934
ltc#191460).
- selftests/powerpc: Add wrapper for gettid (bsc#1184934 ltc#191460).
- selftests/powerpc: Fix L1D flushing tests for Power10 (bsc#1184934
ltc#191460).
- selftests/powerpc: Fix exit status of pkey tests (bsc#1184934
ltc#191460).
- selftests/powerpc: Fix pkey syscall redefinitions (bsc#1184934
ltc#191460).
- selftests/powerpc: Move pkey helpers to headers (bsc#1184934 ltc#191460).
- selftests/powerpc: refactor entry and rfi_flush tests (bsc#1184934
ltc#191460).
- selftests: mlxsw: Remove a redundant if statement in tc_flower_scale
test (bsc#1176774).
- selinux: Fix error return code in sel_ib_pkey_sid_slow() (git-fixes).
- selinux: fix error initialization in inode_doinit_with_dentry()
(git-fixes).
- selinux: fix inode_doinit_with_dentry() LABEL_INVALID error handling
(git-fixes).
- serial: core: fix suspicious security_locked_down() call (git-fixes).
- serial: core: return early on unsupported ioctls (git-fixes).
- serial: sh-sci: Fix off-by-one error in FIFO threshold register setting
(git-fixes).
- serial: stm32: fix incorrect characters on console (git-fixes).
- serial: stm32: fix tx_empty condition (git-fixes).
- serial: tegra: Fix a mask operation that is always true (git-fixes).
- smb3: Fix out-of-bounds bug in SMB2_negotiate() (bsc#1183540).
- smb3: add dynamic trace point to trace when credits obtained
(bsc#1181507).
- smb3: fix crediting for compounding when only one request in flight
(bsc#1181507).
- smc: disallow TCP_ULP in smc_setsockopt() (git-fixes).
- soc/fsl: qbman: fix conflicting alignment attributes (git-fixes).
- soc: aspeed: fix a ternary sign expansion bug (git-fixes).
- soc: fsl: qe: replace qe_io{read,write}* wrappers by generic
io{read,write}* (git-fixes).
- soc: qcom: mdt_loader: Detect truncated read of segments (git-fixes).
- soc: qcom: mdt_loader: Validate that p_filesz < p_memsz (git-fixes).
- software node: Fix node registration (git-fixes).
- soundwire: bus: Fix device found flag correctly (git-fixes).
- soundwire: stream: fix memory leak in stream config error path
(git-fixes).
- spi: Introduce dspi_slave_abort() function for NXP's dspi SPI driver
(bsc#1167260).
- spi: ath79: always call chipselect function (git-fixes).
- spi: ath79: remove spi-master setup and cleanup assignment (git-fixes).
- spi: cadence: set cqspi to the driver_data field of struct device
(git-fixes).
- spi: dln2: Fix reference leak to master (git-fixes).
- spi: fsl-dspi: fix NULL pointer dereference (bsc#1167260).
- spi: fsl-dspi: fix use-after-free in remove path (bsc#1167260).
- spi: fsl-dspi: fix wrong pointer in suspend/resume (bsc#1167260).
- spi: fsl-lpspi: Fix PM reference leak in lpspi_prepare_xfer_hardware()
(git-fixes).
- spi: omap-100k: Fix reference leak to master (git-fixes).
- spi: qup: fix PM reference leak in spi_qup_remove() (git-fixes).
- spi: spi-fsl-dspi: Accelerate transfers using larger word size if
possible (bsc#1167260).
- spi: spi-fsl-dspi: Add comments around dspi_pop_tx and dspi_push_rx
functions (bsc#1167260).
- spi: spi-fsl-dspi: Add support for LS1028A (bsc#1167260).
- spi: spi-fsl-dspi: Adding shutdown hook (bsc#1167260).
- spi: spi-fsl-dspi: Always use the TCFQ devices in poll mode
(bsc#1167260).
- spi: spi-fsl-dspi: Avoid NULL pointer in dspi_slave_abort for non-DMA
mode (bsc#1167260).
- spi: spi-fsl-dspi: Avoid reading more data than written in EOQ mode
(bsc#1167260).
- spi: spi-fsl-dspi: Change usage pattern of SPI_MCR_* and SPI_CTAR_*
macros (bsc#1167260).
- spi: spi-fsl-dspi: Convert TCFQ users to XSPI FIFO mode (bsc#1167260).
- spi: spi-fsl-dspi: Convert the instantiations that support it to DMA
(bsc#1167260).
- spi: spi-fsl-dspi: Demistify magic value in SPI_SR_CLEAR (bsc#1167260).
- spi: spi-fsl-dspi: Do not access reserved fields in SPI_MCR
(bsc#1167260).
- spi: spi-fsl-dspi: Do not mask off undefined bits (bsc#1167260).
- spi: spi-fsl-dspi: Exit the ISR with IRQ_NONE when it's not ours
(bsc#1167260).
- spi: spi-fsl-dspi: Fix 16-bit word order in 32-bit XSPI mode
(bsc#1167260).
- spi: spi-fsl-dspi: Fix a resource leak in an error handling path
(git-fixes).
- spi: spi-fsl-dspi: Fix bits-per-word acceleration in DMA mode
(bsc#1167260).
- spi: spi-fsl-dspi: Fix code alignment (bsc#1167260).
- spi: spi-fsl-dspi: Fix external abort on interrupt in resume or exit
paths (bsc#1167260).
- spi: spi-fsl-dspi: Fix interrupt-less DMA mode taking an XSPI code path
(bsc#1167260).
- spi: spi-fsl-dspi: Fix little endian access to PUSHR CMD and TXDATA
(bsc#1167260).
- spi: spi-fsl-dspi: Fix lockup if device is removed during SPI transfer
(bsc#1167260).
- spi: spi-fsl-dspi: Fix lockup if device is shutdown during SPI transfer
(bsc#1167260).
- spi: spi-fsl-dspi: Fix race condition in TCFQ/EOQ interrupt
(bsc#1167260).
- spi: spi-fsl-dspi: Fix typos (bsc#1167260).
- spi: spi-fsl-dspi: Free DMA memory with matching function (bsc#1167260).
- spi: spi-fsl-dspi: Implement .max_message_size method for EOQ mode
(bsc#1167260).
- spi: spi-fsl-dspi: Initialize completion before possible interrupt
(bsc#1167260).
- spi: spi-fsl-dspi: LS2080A and LX2160A support XSPI mode (bsc#1167260).
- spi: spi-fsl-dspi: Make bus-num property optional (bsc#1167260).
- spi: spi-fsl-dspi: Move dspi_interrupt above dspi_transfer_one_message
(bsc#1167260).
- spi: spi-fsl-dspi: Move invariant configs out of
dspi_transfer_one_message (bsc#1167260).
- spi: spi-fsl-dspi: Optimize dspi_setup_accel for lowest interrupt count
(bsc#1167260).
- spi: spi-fsl-dspi: Parameterize the FIFO size and DMA buffer size
(bsc#1167260).
- spi: spi-fsl-dspi: Protect against races on dspi->words_in_flight
(bsc#1167260).
- spi: spi-fsl-dspi: Reduce indentation in dspi_release_dma()
(bsc#1167260).
- spi: spi-fsl-dspi: Reduce indentation level in dspi_interrupt
(bsc#1167260).
- spi: spi-fsl-dspi: Remove impossible to reach error check (bsc#1167260).
- spi: spi-fsl-dspi: Remove pointless assignment of master->transfer to
NULL (bsc#1167260).
- spi: spi-fsl-dspi: Remove unused chip->void_write_data (bsc#1167260).
- spi: spi-fsl-dspi: Remove unused defines and includes (bsc#1167260).
- spi: spi-fsl-dspi: Remove unused initialization of 'ret' in dspi_probe
(bsc#1167260).
- spi: spi-fsl-dspi: Rename fifo_{read,write} and {tx,cmd}_fifo_write
(bsc#1167260).
- spi: spi-fsl-dspi: Replace interruptible wait queue with a simple
completion (bsc#1167260).
- spi: spi-fsl-dspi: Replace legacy spi_master names with spi_controller
(bsc#1167260).
- spi: spi-fsl-dspi: Simplify bytes_per_word gymnastics (bsc#1167260).
- spi: spi-fsl-dspi: Take software timestamp in dspi_fifo_write
(bsc#1167260).
- spi: spi-fsl-dspi: Use BIT() and GENMASK() macros (bsc#1167260).
- spi: spi-fsl-dspi: Use EOQ for last word in buffer even for XSPI mode
(bsc#1167260).
- spi: spi-fsl-dspi: Use dma_request_chan() instead
dma_request_slave_channel() (bsc#1167260).
- spi: spi-fsl-dspi: Use poll mode in case the platform IRQ is missing
(bsc#1167260).
- spi: spi-fsl-dspi: Use reverse Christmas tree declaration order
(bsc#1167260).
- spi: spi-fsl-dspi: Use specific compatible strings for all SoC
instantiations (bsc#1167260).
- spi: spi-fsl-dspi: delete EOQ transfer mode (bsc#1167260).
- spi: spi-fsl-dspi: fix DMA mapping (bsc#1167260).
- spi: spi-fsl-dspi: fix native data copy (bsc#1167260).
- spi: spi-fsl-dspi: remove git-fixes Remove git-fixes. Prepare to update
the driver. References: bsc#1167260
- spi: spi-fsl-dspi: set ColdFire to DMA mode (bsc#1167260).
- spi: spi-fsl-dspi: use XSPI mode instead of DMA for DPAA2 SoCs
(bsc#1167260).
- spi: spi-ti-qspi: Free DMA resources (git-fixes).
- spi: stm32: make spurious and overrun interrupts visible (git-fixes).
- squashfs: fix inode lookup sanity checks (bsc#1183750).
- squashfs: fix xattr id and id lookup sanity checks (bsc#1183750).
- staging: bcm2835-audio: Replace unsafe strcpy() with strscpy()
(git-fixes).
- staging: comedi: addi_apci_1032: Fix endian problem for COS sample
(git-fixes).
- staging: comedi: addi_apci_1500: Fix endian problem for command sample
(git-fixes).
- staging: comedi: adv_pci1710: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: cb_pcidas64: fix request_irq() warn (git-fixes).
- staging: comedi: cb_pcidas: fix request_irq() warn (git-fixes).
- staging: comedi: das6402: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: das800: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: dmm32at: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: me4000: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: pcl711: Fix endian problem for AI command data
(git-fixes).
- staging: comedi: pcl818: Fix endian problem for AI command data
(git-fixes).
- staging: emxx_udc: fix loop in _nbu2ss_nuke() (git-fixes).
- staging: fwserial: Fix error handling in fwserial_create (git-fixes).
- staging: fwserial: fix TIOCGSERIAL implementation (git-fixes).
- staging: fwserial: fix TIOCSSERIAL implementation (git-fixes).
- staging: fwserial: fix TIOCSSERIAL jiffies conversions (git-fixes).
- staging: fwserial: fix TIOCSSERIAL permission check (git-fixes).
- staging: iio: cdc: ad7746: avoid overwrite of num_channels (git-fixes).
- staging: ks7010: prevent buffer overflow in ks_wlan_set_scan()
(git-fixes).
- staging: most: sound: add sanity check for function argument (git-fixes).
- staging: rtl8188eu: fix potential memory corruption in
rtw_check_beacon_data() (git-fixes).
- staging: rtl8188eu: prevent ->ssid overflow in rtw_wx_set_scan()
(git-fixes).
- staging: rtl8192e: Change state information from u16 to u8 (git-fixes).
- staging: rtl8192e: Fix incorrect source in memcpy() (git-fixes).
- staging: rtl8192e: Fix possible buffer overflow in _rtl92e_wx_set_scan
(git-fixes).
- staging: rtl8192u: Fix potential infinite loop (git-fixes).
- staging: rtl8192u: fix ->ssid overflow in r8192_wx_set_scan()
(git-fixes).
- staging: rtl8712: Fix possible buffer overflow in r8712_sitesurvey_cmd
(git-fixes).
- staging: rtl8712: unterminated string leads to read overflow (git-fixes).
- stop_machine: mark helpers __always_inline (git-fixes).
- supported.conf:
- supported.conf: add bsc1185010 dependency
- supported.conf: mark usb_otg_fsm as supported (bsc#1185010)
- tcp: fix to update snd_wl1 in bulk receiver fast path
(<cover.1620748346.git.mkubecek(a)suse.cz>).
- tee: optee: remove need_resched() before cond_resched() (git-fixes).
- tee: optee: replace might_sleep with cond_resched (git-fixes).
- thermal/core: Add NULL pointer check before using cooling device stats
(git-fixes).
- thermal/drivers/cpufreq_cooling: Update cpufreq_state only if state has
changed (git-fixes).
- thermal/drivers/ti-soc-thermal/bandgap Remove unused variable 'val'
(git-fixes).
- thermal: thermal_of: Fix error return code of
thermal_of_populate_bind_params() (git-fixes).
- thunderbolt: Fix a leak in tb_retimer_add() (git-fixes).
- thunderbolt: Fix a leak in tb_retimer_add() (git-fixes).
- thunderbolt: Fix off by one in tb_port_find_retimer() (git-fixes).
- thunderbolt: Fix off by one in tb_port_find_retimer() (git-fixes).
- thunderbolt: Initialize HopID IDAs in tb_switch_alloc() (git-fixes).
- thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
(git-fixes).
- tools/resolve_btfids: Fix build error with older host toolchains
(bsc#1177028).
- tpm: acpi: Check eventlog signature before using it (git-fixes).
- tracing: Map all PIDs to command lines (git-fixes).
- tty: amiserial: fix TIOCSSERIAL permission check (git-fixes).
- tty: fix memory leak in vc_deallocate (git-fixes).
- tty: moxa: fix TIOCSSERIAL jiffies conversions (git-fixes).
- tty: moxa: fix TIOCSSERIAL permission check (git-fixes).
- tty: serial: lpuart: fix lpuart32_write usage (git-fixes).
- tty: serial: ucc_uart: replace qe_io{read,write}* wrappers by generic
io{read,write}* (git-fixes).
- udlfb: Fix memory leak in dlfb_usb_probe (git-fixes).
- uio: uio_hv_generic: use devm_kzalloc() for private data alloc
(git-fixes).
- uio_hv_generic: Fix a memory leak in error handling paths (git-fixes).
- uio_hv_generic: Fix another memory leak in error handling paths
(git-fixes).
- uio_hv_generic: add missed sysfs_remove_bin_file (git-fixes).
- usb-storage: Add quirk to defeat Kindle's automatic unload (git-fixes).
- usb: Remove dev_err() usage after platform_get_irq() (git-fixes).
- usb: core: hub: Fix PM reference leak in usb_port_resume() (git-fixes).
- usb: core: hub: fix race condition about TRSMRCY of resume (git-fixes).
- usb: dwc2: Fix HPRT0.PrtSusp bit setting for HiKey 960 board (git-fixes).
- usb: dwc2: Fix gadget DMA unmap direction (git-fixes).
- usb: dwc2: Fix hibernation between host and device modes (git-fixes).
- usb: dwc2: Fix host mode hibernation exit with remote wakeup flow
(git-fixes).
- usb: dwc2: Fix session request interrupt handler (git-fixes).
- usb: dwc2: Prevent core suspend when port connection flag is 0
(git-fixes).
- usb: dwc3: Switch to use device_property_count_u32() (git-fixes).
- usb: dwc3: Update soft-reset wait polling rate (git-fixes).
- usb: dwc3: gadget: Enable suspend events (git-fixes).
- usb: dwc3: gadget: Fix START_TRANSFER link state check (git-fixes).
- usb: dwc3: gadget: Return success always for kick transfer in ep queue
(git-fixes).
- usb: dwc3: keystone: use devm_platform_ioremap_resource() to simplify
code (git-fixes).
- usb: dwc3: meson-g12a: use devm_platform_ioremap_resource() to simplify
code (git-fixes).
- usb: dwc3: omap: improve extcon initialization (git-fixes).
- usb: dwc3: pci: Enable usb2-gadget-lpm-disable for Intel Merrifield
(git-fixes).
- usb: dwc3: qcom: Add missing DWC3 OF node refcount decrement (git-fixes).
- usb: dwc3: qcom: Honor wakeup enabled/disabled state (git-fixes).
- usb: fotg210-hcd: Fix an error message (git-fixes).
- usb: gadget/function/f_fs string table fix for multiple languages
(git-fixes).
- usb: gadget: Fix double free of device descriptor pointers (git-fixes).
- usb: gadget: aspeed: fix dma map failure (git-fixes).
- usb: gadget: configfs: Fix KASAN use-after-free (git-fixes).
- usb: gadget: dummy_hcd: fix gpf in gadget_setup (git-fixes).
- usb: gadget: f_uac1: stop playback on function disable (git-fixes).
- usb: gadget: f_uac1: validate input parameters (git-fixes).
- usb: gadget: f_uac2: always increase endpoint max_packet_size by one
audio slot (git-fixes).
- usb: gadget: f_uac2: validate input parameters (git-fixes).
- usb: gadget: pch_udc: Check for DMA mapping error (git-fixes).
- usb: gadget: pch_udc: Check if driver is present before calling
->setup() (git-fixes).
- usb: gadget: pch_udc: Move pch_udc_init() to satisfy kernel doc
(git-fixes).
- usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits()
(git-fixes).
- usb: gadget: pch_udc: Revert d3cb25a12138 completely (git-fixes).
- usb: gadget: r8a66597: Add missing null check on return from
platform_get_resource (git-fixes).
- usb: gadget: udc: amd5536udc_pci fix null-ptr-dereference (git-fixes).
- usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen()
(git-fixes).
- usb: gadget: uvc: add bInterval checking for HS mode (git-fixes).
- usb: musb: Fix suspend with devices connected for a64 (git-fixes).
- usb: musb: fix PM reference leak in musb_irq_work() (git-fixes).
- usb: pci-quirks: disable D3cold on xhci suspend for s2idle on AMD
Renoire (bsc#1185840).
- usb: renesas_usbhs: Clear PIPECFG for re-enabling pipe with other EPNUM
(git-fixes).
- usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode()
(git-fixes).
- usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode()
(git-fixes).
- usb: sl811-hcd: improve misleading indentation (git-fixes).
- usb: typec: Remove vdo[3] part of tps6598x_rx_identity_reg struct
(git-fixes).
- usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS
(git-fixes).
- usb: typec: tcpm: Address incorrect values of tcpm psy for fixed supply
(git-fixes).
- usb: typec: tcpm: Honour pSnkStdby requirement during negotiation
(git-fixes).
- usb: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy-
(git-fixes).
- usb: typec: tcpm: Invoke power_supply_changed for tcpm-source-psy-
(git-fixes).
- usb: typec: tps6598x: Fix return value check in tps6598x_probe()
(git-fixes).
- usb: typec: tps6598x: Fix return value check in tps6598x_probe()
(git-fixes).
- usb: typec: ucsi: Put fwnode in any case during ->probe() (git-fixes).
- usb: webcam: Invalid size of Processing Unit Descriptor (git-fixes).
- usb: xhci-mtk: fix broken streams issue on 0.96 xHCI (git-fixes).
- usb: xhci-mtk: improve bandwidth scheduling with TT (git-fixes).
- usb: xhci-mtk: remove or operator for setting schedule parameters
(git-fixes).
- usb: xhci: Fix ASMedia ASM1042A and ASM3242 DMA addressing (git-fixes).
- usb: xhci: Fix port minor revision (git-fixes).
- usb: xhci: Increase timeout for HC halt (git-fixes).
- usb: xhci: do not perform Soft Retry for some xHCI hosts (git-fixes).
- usbip: Fix incorrect double assignment to udc->ud.tcp_rx (git-fixes).
- usbip: fix stub_dev to check for stream socket (git-fixes).
- usbip: fix stub_dev usbip_sockfd_store() races leading to gpf
(git-fixes).
- usbip: fix vhci_hcd attach_store() races leading to gpf (git-fixes).
- usbip: fix vhci_hcd to check for stream socket (git-fixes).
- usbip: fix vudc to check for stream socket (git-fixes).
- usbip: fix vudc usbip_sockfd_store races leading to gpf (git-fixes).
- usbip: tools: fix build error for multiple definition (git-fixes).
- usbip: vhci_hcd fix shift out-of-bounds in vhci_hub_control()
(git-fixes).
- use __netdev_notify_peers in ibmvnic (bsc#1183871 ltc#192139).
- veth: Store queue_mapping independently of XDP prog presence (git-fixes).
- vfio-pci/zdev: fix possible segmentation fault issue (git-fixes).
- vfio/iommu_type1: Populate full dirty when detach non-pinned group
(bsc#1183326).
- vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer
(git-fixes).
- vfio/mdev: Make to_mdev_device() into a static inline (git-fixes).
- vfio/pci: Add missing range check in vfio_pci_mmap (git-fixes).
- vfio/pci: Move VGA and VF initialization to functions (git-fixes).
- vfio/pci: Re-order vfio_pci_probe() (git-fixes).
- vgacon: Record video mode changes with VT_RESIZEX (git-fixes).
- video: fbdev: acornfb: remove free_unused_pages() (bsc#1152489)
- video: hyperv_fb: Add ratelimit on error message (bsc#1185725).
- video: hyperv_fb: Fix a double free in hvfb_probe (git-fixes).
- virt_wifi: Return micros for BSS TSF values (git-fixes).
- virtiofs: fix memory leak in virtio_fs_probe() (bsc#1185558).
- vrf: fix a comment about loopback device (git-fixes).
- vt/consolemap: do font sum unsigned (git-fixes).
- vxlan: do not modify the shared tunnel info when PMTU triggers an ICMP
reply (bsc#1176447).
- vxlan: move debug check after netdev unregister (git-fixes).
- watchdog/softlockup: Remove obsolete check of last reported task
(bsc#1185982).
- watchdog/softlockup: report the overall time of softlockups
(bsc#1185982).
- watchdog: explicitly update timestamp when reporting softlockup
(bsc#1185982).
- watchdog: rename __touch_watchdog() to a better descriptive name
(bsc#1185982).
- whitespace cleanup
- wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join (git-fixes).
- wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt (git-fixes).
- wlcore: Fix command execute failure 19 for wl12xx (git-fixes).
- workqueue: Minor follow-ups to the rescuer destruction change
(bsc#1185911).
- workqueue: Move the position of debug_work_activate() in __queue_work()
(bsc#1184893).
- workqueue: more destroy_workqueue() fixes (bsc#1185911).
- x86,swiotlb: Adjust SWIOTLB bounce buffer size for SEV guests
(bsc#1186219).
- x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported
(bsc#1152489).
- x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access
(bsc#1152489).
- x86/fsgsbase/64: Fix NULL deref in 86_fsgsbase_read_task (bsc#1152489).
- x86/insn: Add some Intel instructions to the opcode map (bsc#1184760).
- x86/insn: Add some more Intel instructions to the opcode map
(bsc#1184760).
- x86/ioapic: Ignore IRQ2 again (bsc#1152489).
- x86/mem_encrypt: Correct physical address calculation in
__set_clr_pte_enc() (bsc#1152489).
- x86/microcode: Check for offline CPUs before requesting new microcode
(bsc#1152489).
- x86/mm: Fix NX bit clearing issue in kernel_map_pages_in_pgd
(bsc#1152489).
- x86/platform/uv: Set section block size for hubless architectures
(bsc#1152489).
- x86/reboot: Force all cpus to exit VMX root if VMX is supported
(bsc#1152489).
- x86/sev-es: Invalidate the GHCB after completing VMGEXIT (bsc#1178134).
- x86/sev-es: Move sev_es_put_ghcb() in prep for follow on patch
(bsc#1178134).
- x86: Introduce TS_COMPAT_RESTART to fix get_nr_restart_syscall()
(bsc#1152489).
- xen/events: avoid handling the same event on two cpus at the same time
(git-fixes).
- xen/events: do not unmask an event channel when an eoi is pending
(git-fixes).
- xen/events: reset affinity of 2-level event when tearing it down
(git-fixes).
- xen/evtchn: Change irq_info lock to raw_spinlock_t (git-fixes).
- xfrm: Provide private skb extensions for segmented and hw offloaded ESP
packets (bsc#1176447).
- xfs: group quota should return EDQUOT when prj quota enabled
(bsc#1180980).
- xhci: Do not use GFP_KERNEL in (potentially) atomic context (git-fixes).
- xhci: Fix repeated xhci wake after suspend due to uncleared internal
wake state (git-fixes).
- xhci: Improve detection of device initiated wake signal (git-fixes).
- xhci: check control context is valid before dereferencing it (git-fixes).
- xhci: fix potential array out of bounds with several interrupters
(git-fixes).
- xsk: Respect device's headroom and tailroom on generic xmit path
(git-fixes).
- xsk: Respect device's headroom and tailroom on generic xmit path
(git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1975=1
Package List:
- openSUSE Leap 15.3 (noarch):
kernel-devel-azure-5.3.18-38.3.1
kernel-source-azure-5.3.18-38.3.1
- openSUSE Leap 15.3 (x86_64):
cluster-md-kmp-azure-5.3.18-38.3.1
cluster-md-kmp-azure-debuginfo-5.3.18-38.3.1
dlm-kmp-azure-5.3.18-38.3.1
dlm-kmp-azure-debuginfo-5.3.18-38.3.1
gfs2-kmp-azure-5.3.18-38.3.1
gfs2-kmp-azure-debuginfo-5.3.18-38.3.1
kernel-azure-5.3.18-38.3.1
kernel-azure-debuginfo-5.3.18-38.3.1
kernel-azure-debugsource-5.3.18-38.3.1
kernel-azure-devel-5.3.18-38.3.1
kernel-azure-devel-debuginfo-5.3.18-38.3.1
kernel-azure-extra-5.3.18-38.3.1
kernel-azure-extra-debuginfo-5.3.18-38.3.1
kernel-azure-livepatch-devel-5.3.18-38.3.1
kernel-azure-optional-5.3.18-38.3.1
kernel-azure-optional-debuginfo-5.3.18-38.3.1
kernel-syms-azure-5.3.18-38.3.1
kselftests-kmp-azure-5.3.18-38.3.1
kselftests-kmp-azure-debuginfo-5.3.18-38.3.1
ocfs2-kmp-azure-5.3.18-38.3.1
ocfs2-kmp-azure-debuginfo-5.3.18-38.3.1
reiserfs-kmp-azure-5.3.18-38.3.1
reiserfs-kmp-azure-debuginfo-5.3.18-38.3.1
References:
https://www.suse.com/security/cve/CVE-2019-18814.html
https://www.suse.com/security/cve/CVE-2019-19769.html
https://www.suse.com/security/cve/CVE-2020-24586.html
https://www.suse.com/security/cve/CVE-2020-24587.html
https://www.suse.com/security/cve/CVE-2020-24588.html
https://www.suse.com/security/cve/CVE-2020-25670.html
https://www.suse.com/security/cve/CVE-2020-25671.html
https://www.suse.com/security/cve/CVE-2020-25672.html
https://www.suse.com/security/cve/CVE-2020-25673.html
https://www.suse.com/security/cve/CVE-2020-26139.html
https://www.suse.com/security/cve/CVE-2020-26141.html
https://www.suse.com/security/cve/CVE-2020-26145.html
https://www.suse.com/security/cve/CVE-2020-26147.html
https://www.suse.com/security/cve/CVE-2020-27170.html
https://www.suse.com/security/cve/CVE-2020-27171.html
https://www.suse.com/security/cve/CVE-2020-27673.html
https://www.suse.com/security/cve/CVE-2020-27815.html
https://www.suse.com/security/cve/CVE-2020-35519.html
https://www.suse.com/security/cve/CVE-2020-36310.html
https://www.suse.com/security/cve/CVE-2020-36311.html
https://www.suse.com/security/cve/CVE-2020-36312.html
https://www.suse.com/security/cve/CVE-2020-36322.html
https://www.suse.com/security/cve/CVE-2021-20268.html
https://www.suse.com/security/cve/CVE-2021-23134.html
https://www.suse.com/security/cve/CVE-2021-27363.html
https://www.suse.com/security/cve/CVE-2021-27364.html
https://www.suse.com/security/cve/CVE-2021-27365.html
https://www.suse.com/security/cve/CVE-2021-28038.html
https://www.suse.com/security/cve/CVE-2021-28375.html
https://www.suse.com/security/cve/CVE-2021-28660.html
https://www.suse.com/security/cve/CVE-2021-28688.html
https://www.suse.com/security/cve/CVE-2021-28950.html
https://www.suse.com/security/cve/CVE-2021-28952.html
https://www.suse.com/security/cve/CVE-2021-28964.html
https://www.suse.com/security/cve/CVE-2021-28971.html
https://www.suse.com/security/cve/CVE-2021-28972.html
https://www.suse.com/security/cve/CVE-2021-29154.html
https://www.suse.com/security/cve/CVE-2021-29155.html
https://www.suse.com/security/cve/CVE-2021-29264.html
https://www.suse.com/security/cve/CVE-2021-29265.html
https://www.suse.com/security/cve/CVE-2021-29647.html
https://www.suse.com/security/cve/CVE-2021-29650.html
https://www.suse.com/security/cve/CVE-2021-30002.html
https://www.suse.com/security/cve/CVE-2021-32399.html
https://www.suse.com/security/cve/CVE-2021-33034.html
https://www.suse.com/security/cve/CVE-2021-33200.html
https://www.suse.com/security/cve/CVE-2021-3428.html
https://www.suse.com/security/cve/CVE-2021-3444.html
https://www.suse.com/security/cve/CVE-2021-3483.html
https://www.suse.com/security/cve/CVE-2021-3489.html
https://www.suse.com/security/cve/CVE-2021-3490.html
https://www.suse.com/security/cve/CVE-2021-3491.html
https://bugzilla.suse.com/1043990
https://bugzilla.suse.com/1047233
https://bugzilla.suse.com/1055117
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1087082
https://bugzilla.suse.com/1113295
https://bugzilla.suse.com/1133021
https://bugzilla.suse.com/1152457
https://bugzilla.suse.com/1152472
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153274
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1155518
https://bugzilla.suse.com/1156256
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1159280
https://bugzilla.suse.com/1160634
https://bugzilla.suse.com/1164648
https://bugzilla.suse.com/1167260
https://bugzilla.suse.com/1167574
https://bugzilla.suse.com/1167773
https://bugzilla.suse.com/1168777
https://bugzilla.suse.com/1168838
https://bugzilla.suse.com/1169709
https://bugzilla.suse.com/1171295
https://bugzilla.suse.com/1173485
https://bugzilla.suse.com/1174416
https://bugzilla.suse.com/1174426
https://bugzilla.suse.com/1175995
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1177028
https://bugzilla.suse.com/1177326
https://bugzilla.suse.com/1177411
https://bugzilla.suse.com/1177437
https://bugzilla.suse.com/1177666
https://bugzilla.suse.com/1178089
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1178163
https://bugzilla.suse.com/1178181
https://bugzilla.suse.com/1178330
https://bugzilla.suse.com/1178378
https://bugzilla.suse.com/1178418
https://bugzilla.suse.com/1178612
https://bugzilla.suse.com/1179243
https://bugzilla.suse.com/1179454
https://bugzilla.suse.com/1179458
https://bugzilla.suse.com/1179519
https://bugzilla.suse.com/1179825
https://bugzilla.suse.com/1179827
https://bugzilla.suse.com/1179851
https://bugzilla.suse.com/1180100
https://bugzilla.suse.com/1180197
https://bugzilla.suse.com/1180814
https://bugzilla.suse.com/1180846
https://bugzilla.suse.com/1180980
https://bugzilla.suse.com/1181104
https://bugzilla.suse.com/1181161
https://bugzilla.suse.com/1181383
https://bugzilla.suse.com/1181507
https://bugzilla.suse.com/1181674
https://bugzilla.suse.com/1181862
https://bugzilla.suse.com/1182077
https://bugzilla.suse.com/1182257
https://bugzilla.suse.com/1182377
https://bugzilla.suse.com/1182378
https://bugzilla.suse.com/1182552
https://bugzilla.suse.com/1182574
https://bugzilla.suse.com/1182591
https://bugzilla.suse.com/1182613
https://bugzilla.suse.com/1182712
https://bugzilla.suse.com/1182713
https://bugzilla.suse.com/1182715
https://bugzilla.suse.com/1182716
https://bugzilla.suse.com/1182717
https://bugzilla.suse.com/1182999
https://bugzilla.suse.com/1183022
https://bugzilla.suse.com/1183048
https://bugzilla.suse.com/1183069
https://bugzilla.suse.com/1183077
https://bugzilla.suse.com/1183095
https://bugzilla.suse.com/1183120
https://bugzilla.suse.com/1183203
https://bugzilla.suse.com/1183249
https://bugzilla.suse.com/1183252
https://bugzilla.suse.com/1183277
https://bugzilla.suse.com/1183278
https://bugzilla.suse.com/1183279
https://bugzilla.suse.com/1183280
https://bugzilla.suse.com/1183281
https://bugzilla.suse.com/1183282
https://bugzilla.suse.com/1183283
https://bugzilla.suse.com/1183284
https://bugzilla.suse.com/1183285
https://bugzilla.suse.com/1183286
https://bugzilla.suse.com/1183287
https://bugzilla.suse.com/1183288
https://bugzilla.suse.com/1183289
https://bugzilla.suse.com/1183310
https://bugzilla.suse.com/1183311
https://bugzilla.suse.com/1183312
https://bugzilla.suse.com/1183313
https://bugzilla.suse.com/1183314
https://bugzilla.suse.com/1183315
https://bugzilla.suse.com/1183316
https://bugzilla.suse.com/1183317
https://bugzilla.suse.com/1183318
https://bugzilla.suse.com/1183319
https://bugzilla.suse.com/1183320
https://bugzilla.suse.com/1183321
https://bugzilla.suse.com/1183322
https://bugzilla.suse.com/1183323
https://bugzilla.suse.com/1183324
https://bugzilla.suse.com/1183325
https://bugzilla.suse.com/1183326
https://bugzilla.suse.com/1183346
https://bugzilla.suse.com/1183366
https://bugzilla.suse.com/1183369
https://bugzilla.suse.com/1183386
https://bugzilla.suse.com/1183405
https://bugzilla.suse.com/1183412
https://bugzilla.suse.com/1183427
https://bugzilla.suse.com/1183428
https://bugzilla.suse.com/1183445
https://bugzilla.suse.com/1183447
https://bugzilla.suse.com/1183491
https://bugzilla.suse.com/1183501
https://bugzilla.suse.com/1183509
https://bugzilla.suse.com/1183530
https://bugzilla.suse.com/1183534
https://bugzilla.suse.com/1183540
https://bugzilla.suse.com/1183593
https://bugzilla.suse.com/1183596
https://bugzilla.suse.com/1183598
https://bugzilla.suse.com/1183637
https://bugzilla.suse.com/1183646
https://bugzilla.suse.com/1183658
https://bugzilla.suse.com/1183662
https://bugzilla.suse.com/1183686
https://bugzilla.suse.com/1183692
https://bugzilla.suse.com/1183696
https://bugzilla.suse.com/1183750
https://bugzilla.suse.com/1183757
https://bugzilla.suse.com/1183775
https://bugzilla.suse.com/1183815
https://bugzilla.suse.com/1183843
https://bugzilla.suse.com/1183859
https://bugzilla.suse.com/1183868
https://bugzilla.suse.com/1183871
https://bugzilla.suse.com/1183873
https://bugzilla.suse.com/1183932
https://bugzilla.suse.com/1183947
https://bugzilla.suse.com/1183976
https://bugzilla.suse.com/1184074
https://bugzilla.suse.com/1184081
https://bugzilla.suse.com/1184082
https://bugzilla.suse.com/1184120
https://bugzilla.suse.com/1184167
https://bugzilla.suse.com/1184168
https://bugzilla.suse.com/1184170
https://bugzilla.suse.com/1184171
https://bugzilla.suse.com/1184176
https://bugzilla.suse.com/1184192
https://bugzilla.suse.com/1184193
https://bugzilla.suse.com/1184194
https://bugzilla.suse.com/1184196
https://bugzilla.suse.com/1184197
https://bugzilla.suse.com/1184198
https://bugzilla.suse.com/1184199
https://bugzilla.suse.com/1184208
https://bugzilla.suse.com/1184209
https://bugzilla.suse.com/1184211
https://bugzilla.suse.com/1184217
https://bugzilla.suse.com/1184218
https://bugzilla.suse.com/1184219
https://bugzilla.suse.com/1184220
https://bugzilla.suse.com/1184224
https://bugzilla.suse.com/1184259
https://bugzilla.suse.com/1184264
https://bugzilla.suse.com/1184386
https://bugzilla.suse.com/1184388
https://bugzilla.suse.com/1184391
https://bugzilla.suse.com/1184393
https://bugzilla.suse.com/1184436
https://bugzilla.suse.com/1184485
https://bugzilla.suse.com/1184509
https://bugzilla.suse.com/1184511
https://bugzilla.suse.com/1184512
https://bugzilla.suse.com/1184514
https://bugzilla.suse.com/1184583
https://bugzilla.suse.com/1184585
https://bugzilla.suse.com/1184611
https://bugzilla.suse.com/1184615
https://bugzilla.suse.com/1184650
https://bugzilla.suse.com/1184710
https://bugzilla.suse.com/1184724
https://bugzilla.suse.com/1184728
https://bugzilla.suse.com/1184730
https://bugzilla.suse.com/1184731
https://bugzilla.suse.com/1184736
https://bugzilla.suse.com/1184737
https://bugzilla.suse.com/1184738
https://bugzilla.suse.com/1184740
https://bugzilla.suse.com/1184741
https://bugzilla.suse.com/1184742
https://bugzilla.suse.com/1184760
https://bugzilla.suse.com/1184769
https://bugzilla.suse.com/1184811
https://bugzilla.suse.com/1184855
https://bugzilla.suse.com/1184893
https://bugzilla.suse.com/1184934
https://bugzilla.suse.com/1184942
https://bugzilla.suse.com/1184943
https://bugzilla.suse.com/1184952
https://bugzilla.suse.com/1184953
https://bugzilla.suse.com/1184955
https://bugzilla.suse.com/1184957
https://bugzilla.suse.com/1184969
https://bugzilla.suse.com/1184984
https://bugzilla.suse.com/1185010
https://bugzilla.suse.com/1185041
https://bugzilla.suse.com/1185110
https://bugzilla.suse.com/1185113
https://bugzilla.suse.com/1185233
https://bugzilla.suse.com/1185269
https://bugzilla.suse.com/1185365
https://bugzilla.suse.com/1185428
https://bugzilla.suse.com/1185454
https://bugzilla.suse.com/1185472
https://bugzilla.suse.com/1185491
https://bugzilla.suse.com/1185495
https://bugzilla.suse.com/1185497
https://bugzilla.suse.com/1185549
https://bugzilla.suse.com/1185550
https://bugzilla.suse.com/1185558
https://bugzilla.suse.com/1185573
https://bugzilla.suse.com/1185581
https://bugzilla.suse.com/1185586
https://bugzilla.suse.com/1185587
https://bugzilla.suse.com/1185589
https://bugzilla.suse.com/1185606
https://bugzilla.suse.com/1185640
https://bugzilla.suse.com/1185641
https://bugzilla.suse.com/1185642
https://bugzilla.suse.com/1185645
https://bugzilla.suse.com/1185670
https://bugzilla.suse.com/1185677
https://bugzilla.suse.com/1185680
https://bugzilla.suse.com/1185703
https://bugzilla.suse.com/1185725
https://bugzilla.suse.com/1185736
https://bugzilla.suse.com/1185758
https://bugzilla.suse.com/1185796
https://bugzilla.suse.com/1185840
https://bugzilla.suse.com/1185857
https://bugzilla.suse.com/1185859
https://bugzilla.suse.com/1185860
https://bugzilla.suse.com/1185861
https://bugzilla.suse.com/1185862
https://bugzilla.suse.com/1185863
https://bugzilla.suse.com/1185898
https://bugzilla.suse.com/1185899
https://bugzilla.suse.com/1185911
https://bugzilla.suse.com/1185938
https://bugzilla.suse.com/1185950
https://bugzilla.suse.com/1185954
https://bugzilla.suse.com/1185980
https://bugzilla.suse.com/1185982
https://bugzilla.suse.com/1185987
https://bugzilla.suse.com/1185988
https://bugzilla.suse.com/1186009
https://bugzilla.suse.com/1186060
https://bugzilla.suse.com/1186061
https://bugzilla.suse.com/1186062
https://bugzilla.suse.com/1186111
https://bugzilla.suse.com/1186118
https://bugzilla.suse.com/1186219
https://bugzilla.suse.com/1186285
https://bugzilla.suse.com/1186320
https://bugzilla.suse.com/1186349
https://bugzilla.suse.com/1186352
https://bugzilla.suse.com/1186353
https://bugzilla.suse.com/1186354
https://bugzilla.suse.com/1186355
https://bugzilla.suse.com/1186356
https://bugzilla.suse.com/1186357
https://bugzilla.suse.com/1186390
https://bugzilla.suse.com/1186401
https://bugzilla.suse.com/1186408
https://bugzilla.suse.com/1186416
https://bugzilla.suse.com/1186439
https://bugzilla.suse.com/1186441
https://bugzilla.suse.com/1186451
https://bugzilla.suse.com/1186460
https://bugzilla.suse.com/1186467
https://bugzilla.suse.com/1186479
https://bugzilla.suse.com/1186484
https://bugzilla.suse.com/1186498
https://bugzilla.suse.com/1186501
https://bugzilla.suse.com/1186512
https://bugzilla.suse.com/1186573
https://bugzilla.suse.com/1186681
1
0
openSUSE-SU-2021:1998-1: moderate: Security update for tpm2.0-tools
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for tpm2.0-tools
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1998-1
Rating: moderate
References: #1186490
Cross-References: CVE-2021-3565
CVSS scores:
CVE-2021-3565 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-3565 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for tpm2.0-tools fixes the following issues:
- CVE-2021-3565: Fixed issue when no encrypted session with the TPM is
used (bsc#1186490).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1998=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
tpm2.0-tools-4.3.0-4.3.1
tpm2.0-tools-debuginfo-4.3.0-4.3.1
tpm2.0-tools-debugsource-4.3.0-4.3.1
References:
https://www.suse.com/security/cve/CVE-2021-3565.html
https://bugzilla.suse.com/1186490
1
0
openSUSE-SU-2021:2153-1: important: Security update for gupnp
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for gupnp
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2153-1
Rating: important
References: #1186590
Cross-References: CVE-2021-33516
CVSS scores:
CVE-2021-33516 (NVD) : 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVE-2021-33516 (SUSE): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for gupnp fixes the following issues:
- CVE-2021-33516: Fixed a DNS rebinding, which could trick the browser
into triggering actions against local UPnP services (bsc#1186590).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2153=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
gupnp-debugsource-1.2.2-3.3.1
libgupnp-1_2-0-1.2.2-3.3.1
libgupnp-1_2-0-debuginfo-1.2.2-3.3.1
libgupnp-devel-1.2.2-3.3.1
typelib-1_0-GUPnP-1_0-1.2.2-3.3.1
- openSUSE Leap 15.3 (x86_64):
libgupnp-1_2-0-32bit-1.2.2-3.3.1
libgupnp-1_2-0-32bit-debuginfo-1.2.2-3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-33516.html
https://bugzilla.suse.com/1186590
1
0
openSUSE-SU-2021:1951-1: important: Security update for salt
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for salt
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1951-1
Rating: important
References: #1185281 #1186674 ECO-3212 SLE-18028 SLE-18033
Cross-References: CVE-2021-31607
CVSS scores:
CVE-2021-31607 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-31607 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves one vulnerability, contains three
features and has one errata is now available.
Description:
This update for salt fixes the following issues:
- Check if dpkgnotify is executable (bsc#1186674)
- Update to Salt release version 3002.2 (jsc#ECO-3212, jsc#SLE-18033,
jsc#SLE-18028)
- Drop support for Python2. Obsoletes `python2-salt` package
(jsc#SLE-18028)
- Fix issue parsing errors in ansiblegate state module
- Prevent command injection in the snapper module (bsc#1185281,
CVE-2021-31607)
- transactional_update: detect recursion in the executor
- Add subpackage `salt-transactional-update` (jsc#SLE-18033)
- Remove duplicate directories
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1951=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python3-salt-3002.2-8.41.8.1
salt-3002.2-8.41.8.1
salt-api-3002.2-8.41.8.1
salt-cloud-3002.2-8.41.8.1
salt-doc-3002.2-8.41.8.1
salt-master-3002.2-8.41.8.1
salt-minion-3002.2-8.41.8.1
salt-proxy-3002.2-8.41.8.1
salt-ssh-3002.2-8.41.8.1
salt-standalone-formulas-configuration-3002.2-8.41.8.1
salt-syndic-3002.2-8.41.8.1
salt-transactional-update-3002.2-8.41.8.1
- openSUSE Leap 15.3 (noarch):
salt-bash-completion-3002.2-8.41.8.1
salt-fish-completion-3002.2-8.41.8.1
salt-zsh-completion-3002.2-8.41.8.1
References:
https://www.suse.com/security/cve/CVE-2021-31607.html
https://bugzilla.suse.com/1185281
https://bugzilla.suse.com/1186674
1
0
openSUSE-SU-2021:1917-1: moderate: Security update for libxml2
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for libxml2
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1917-1
Rating: moderate
References: #1186015
Cross-References: CVE-2021-3541
CVSS scores:
CVE-2021-3541 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libxml2 fixes the following issues:
- CVE-2021-3541: Fixed exponential entity expansion attack bypasses all
existing protection mechanisms. (bsc#1186015)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1917=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libxml2-2-2.9.7-3.37.1
libxml2-2-debuginfo-2.9.7-3.37.1
libxml2-debugsource-2.9.7-3.37.1
libxml2-devel-2.9.7-3.37.1
libxml2-tools-2.9.7-3.37.1
libxml2-tools-debuginfo-2.9.7-3.37.1
python-libxml2-python-debugsource-2.9.7-3.37.1
python2-libxml2-python-2.9.7-3.37.1
python2-libxml2-python-debuginfo-2.9.7-3.37.1
python3-libxml2-python-2.9.7-3.37.1
python3-libxml2-python-debuginfo-2.9.7-3.37.1
- openSUSE Leap 15.3 (noarch):
libxml2-doc-2.9.7-3.37.1
- openSUSE Leap 15.3 (x86_64):
libxml2-2-32bit-2.9.7-3.37.1
libxml2-2-32bit-debuginfo-2.9.7-3.37.1
libxml2-devel-32bit-2.9.7-3.37.1
References:
https://www.suse.com/security/cve/CVE-2021-3541.html
https://bugzilla.suse.com/1186015
1
0
openSUSE-SU-2021:1942-1: important: Security update for qemu
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for qemu
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1942-1
Rating: important
References: #1149813 #1163019 #1175144 #1175534 #1176681
#1178683 #1178935 #1179477 #1179484 #1179686
#1181103 #1182282 #1182425 #1182968 #1182975
#1183373 #1186290
Cross-References: CVE-2019-15890 CVE-2020-14364 CVE-2020-17380
CVE-2020-25085 CVE-2020-25707 CVE-2020-25723
CVE-2020-27821 CVE-2020-29129 CVE-2020-29130
CVE-2020-8608 CVE-2021-20263 CVE-2021-3409
CVE-2021-3416 CVE-2021-3419
CVSS scores:
CVE-2019-15890 (SUSE): 5.8 CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2020-14364 (NVD) : 5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-14364 (SUSE): 5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-17380 (NVD) : 6.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
CVE-2020-17380 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
CVE-2020-25085 (NVD) : 5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-25085 (SUSE): 5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-25707 (SUSE): 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2020-25723 (NVD) : 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
CVE-2020-25723 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
CVE-2020-27821 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2020-27821 (SUSE): 5.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2020-29129 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2020-29129 (SUSE): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CVE-2020-29130 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2020-29130 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2020-8608 (NVD) : 5.6 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2020-8608 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H
CVE-2021-20263 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2021-20263 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE-2021-3409 (NVD) : 5.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2021-3409 (SUSE): 5.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
CVE-2021-3416 (NVD) : 6 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2021-3416 (SUSE): 3.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
CVE-2021-3419 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 14 vulnerabilities and has three
fixes is now available.
Description:
This update for qemu fixes the following issues:
- Switch method of splitting off hw-s390x-virtio-gpu-ccw.so as a module to
what was accepted upstream (bsc#1181103)
- Fix OOB access in sdhci interface (CVE-2020-17380, bsc#1175144,
CVE-2020-25085, bsc#1176681, CVE-2021-3409, bsc#1182282)
- Fix potential privilege escalation in virtiofsd tool (CVE-2021-20263,
bsc#1183373)
- Fix OOB access (stack overflow) in rtl8139 NIC emulation (CVE-2021-3416,
bsc#1182968)
- Fix heap overflow in MSIx emulation (CVE-2020-27821, bsc#1179686)
- Fix package scripts to not use hard coded paths for temporary working
directories and log files (bsc#1182425)
- QEMU BIOS fails to read stage2 loader on s390x (bsc#1186290)
- For the record, these issues are fixed in this package already. Most are
alternate references to previously mentioned issues: (CVE-2019-15890,
bsc#1149813, CVE-2020-8608, bsc#1163019, CVE-2020-14364, bsc#1175534,
CVE-2020-25707, bsc#1178683, CVE-2020-25723, bsc#1178935,
CVE-2020-29130, bsc#1179477, CVE-2020-29129, bsc#1179484, CVE-2021-3419,
bsc#1182975)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1942=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
qemu-5.2.0-17.1
qemu-arm-5.2.0-17.1
qemu-arm-debuginfo-5.2.0-17.1
qemu-audio-alsa-5.2.0-17.1
qemu-audio-alsa-debuginfo-5.2.0-17.1
qemu-audio-pa-5.2.0-17.1
qemu-audio-pa-debuginfo-5.2.0-17.1
qemu-audio-spice-5.2.0-17.1
qemu-audio-spice-debuginfo-5.2.0-17.1
qemu-block-curl-5.2.0-17.1
qemu-block-curl-debuginfo-5.2.0-17.1
qemu-block-dmg-5.2.0-17.1
qemu-block-dmg-debuginfo-5.2.0-17.1
qemu-block-gluster-5.2.0-17.1
qemu-block-gluster-debuginfo-5.2.0-17.1
qemu-block-iscsi-5.2.0-17.1
qemu-block-iscsi-debuginfo-5.2.0-17.1
qemu-block-nfs-5.2.0-17.1
qemu-block-nfs-debuginfo-5.2.0-17.1
qemu-block-rbd-5.2.0-17.1
qemu-block-rbd-debuginfo-5.2.0-17.1
qemu-block-ssh-5.2.0-17.1
qemu-block-ssh-debuginfo-5.2.0-17.1
qemu-chardev-baum-5.2.0-17.1
qemu-chardev-baum-debuginfo-5.2.0-17.1
qemu-chardev-spice-5.2.0-17.1
qemu-chardev-spice-debuginfo-5.2.0-17.1
qemu-debuginfo-5.2.0-17.1
qemu-debugsource-5.2.0-17.1
qemu-extra-5.2.0-17.1
qemu-extra-debuginfo-5.2.0-17.1
qemu-guest-agent-5.2.0-17.1
qemu-guest-agent-debuginfo-5.2.0-17.1
qemu-hw-display-qxl-5.2.0-17.1
qemu-hw-display-qxl-debuginfo-5.2.0-17.1
qemu-hw-display-virtio-gpu-5.2.0-17.1
qemu-hw-display-virtio-gpu-debuginfo-5.2.0-17.1
qemu-hw-display-virtio-gpu-pci-5.2.0-17.1
qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-17.1
qemu-hw-display-virtio-vga-5.2.0-17.1
qemu-hw-display-virtio-vga-debuginfo-5.2.0-17.1
qemu-hw-s390x-virtio-gpu-ccw-5.2.0-17.1
qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-17.1
qemu-hw-usb-redirect-5.2.0-17.1
qemu-hw-usb-redirect-debuginfo-5.2.0-17.1
qemu-hw-usb-smartcard-5.2.0-17.1
qemu-hw-usb-smartcard-debuginfo-5.2.0-17.1
qemu-ivshmem-tools-5.2.0-17.1
qemu-ivshmem-tools-debuginfo-5.2.0-17.1
qemu-ksm-5.2.0-17.1
qemu-lang-5.2.0-17.1
qemu-ppc-5.2.0-17.1
qemu-ppc-debuginfo-5.2.0-17.1
qemu-s390x-5.2.0-17.1
qemu-s390x-debuginfo-5.2.0-17.1
qemu-tools-5.2.0-17.1
qemu-tools-debuginfo-5.2.0-17.1
qemu-ui-curses-5.2.0-17.1
qemu-ui-curses-debuginfo-5.2.0-17.1
qemu-ui-gtk-5.2.0-17.1
qemu-ui-gtk-debuginfo-5.2.0-17.1
qemu-ui-opengl-5.2.0-17.1
qemu-ui-opengl-debuginfo-5.2.0-17.1
qemu-ui-spice-app-5.2.0-17.1
qemu-ui-spice-app-debuginfo-5.2.0-17.1
qemu-ui-spice-core-5.2.0-17.1
qemu-ui-spice-core-debuginfo-5.2.0-17.1
qemu-vhost-user-gpu-5.2.0-17.1
qemu-vhost-user-gpu-debuginfo-5.2.0-17.1
qemu-x86-5.2.0-17.1
qemu-x86-debuginfo-5.2.0-17.1
- openSUSE Leap 15.3 (s390x x86_64):
qemu-kvm-5.2.0-17.1
- openSUSE Leap 15.3 (noarch):
qemu-ipxe-1.0.0+-17.1
qemu-microvm-5.2.0-17.1
qemu-seabios-1.14.0_0_g155821a-17.1
qemu-sgabios-8-17.1
qemu-skiboot-5.2.0-17.1
qemu-vgabios-1.14.0_0_g155821a-17.1
References:
https://www.suse.com/security/cve/CVE-2019-15890.html
https://www.suse.com/security/cve/CVE-2020-14364.html
https://www.suse.com/security/cve/CVE-2020-17380.html
https://www.suse.com/security/cve/CVE-2020-25085.html
https://www.suse.com/security/cve/CVE-2020-25707.html
https://www.suse.com/security/cve/CVE-2020-25723.html
https://www.suse.com/security/cve/CVE-2020-27821.html
https://www.suse.com/security/cve/CVE-2020-29129.html
https://www.suse.com/security/cve/CVE-2020-29130.html
https://www.suse.com/security/cve/CVE-2020-8608.html
https://www.suse.com/security/cve/CVE-2021-20263.html
https://www.suse.com/security/cve/CVE-2021-3409.html
https://www.suse.com/security/cve/CVE-2021-3416.html
https://www.suse.com/security/cve/CVE-2021-3419.html
https://bugzilla.suse.com/1149813
https://bugzilla.suse.com/1163019
https://bugzilla.suse.com/1175144
https://bugzilla.suse.com/1175534
https://bugzilla.suse.com/1176681
https://bugzilla.suse.com/1178683
https://bugzilla.suse.com/1178935
https://bugzilla.suse.com/1179477
https://bugzilla.suse.com/1179484
https://bugzilla.suse.com/1179686
https://bugzilla.suse.com/1181103
https://bugzilla.suse.com/1182282
https://bugzilla.suse.com/1182425
https://bugzilla.suse.com/1182968
https://bugzilla.suse.com/1182975
https://bugzilla.suse.com/1183373
https://bugzilla.suse.com/1186290
1
0
openSUSE-SU-2021:1859-1: moderate: Security update for python-py
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for python-py
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1859-1
Rating: moderate
References: #1179805 #1184505
Cross-References: CVE-2020-29651
CVSS scores:
CVE-2020-29651 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2020-29651 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for python-py fixes the following issues:
- CVE-2020-29651: Fixed regular expression denial of service in svnwc.py
(bsc#1179805, bsc#1184505).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1859=1
Package List:
- openSUSE Leap 15.3 (noarch):
python2-py-1.8.1-5.6.1
python3-py-1.8.1-5.6.1
References:
https://www.suse.com/security/cve/CVE-2020-29651.html
https://bugzilla.suse.com/1179805
https://bugzilla.suse.com/1184505
1
0
openSUSE-SU-2021:1840-1: important: Security update for xstream
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for xstream
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1840-1
Rating: important
References: #1184372 #1184373 #1184374 #1184375 #1184376
#1184377 #1184378 #1184379 #1184380 #1184796
#1184797
Cross-References: CVE-2021-21341 CVE-2021-21342 CVE-2021-21343
CVE-2021-21344 CVE-2021-21345 CVE-2021-21346
CVE-2021-21347 CVE-2021-21348 CVE-2021-21349
CVE-2021-21350 CVE-2021-21351
CVSS scores:
CVE-2021-21341 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21341 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21342 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-21342 (SUSE): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CVE-2021-21343 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2021-21343 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2021-21344 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21344 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-21345 (NVD) : 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-21345 (SUSE): 8.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
CVE-2021-21346 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21346 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21347 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21347 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21348 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21348 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-21349 (NVD) : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CVE-2021-21349 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-21350 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21350 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-21351 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVE-2021-21351 (SUSE): 8 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for xstream fixes the following issues:
- Upgrade to 1.4.16
- CVE-2021-21351: remote attacker to load and execute arbitrary code
(bsc#1184796)
- CVE-2021-21349: SSRF can lead to a remote attacker to request data from
internal resources (bsc#1184797)
- CVE-2021-21350: arbitrary code execution (bsc#1184380)
- CVE-2021-21348: remote attacker could cause denial of service by
consuming maximum CPU time (bsc#1184374)
- CVE-2021-21347: remote attacker to load and execute arbitrary code from
a remote host (bsc#1184378)
- CVE-2021-21344: remote attacker could load and execute arbitrary code
from a remote host (bsc#1184375)
- CVE-2021-21342: server-side forgery (bsc#1184379)
- CVE-2021-21341: remote attacker could cause a denial of service by
allocating 100% CPU time (bsc#1184377)
- CVE-2021-21346: remote attacker could load and execute arbitrary code
(bsc#1184373)
- CVE-2021-21345: remote attacker with sufficient rights could execute
commands (bsc#1184372)
- CVE-2021-21343: replace or inject objects, that result in the deletion
of files on the local host (bsc#1184376)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1840=1
Package List:
- openSUSE Leap 15.3 (noarch):
xstream-1.4.16-3.8.1
xstream-benchmark-1.4.16-3.8.1
xstream-javadoc-1.4.16-3.8.1
xstream-parent-1.4.16-3.8.1
References:
https://www.suse.com/security/cve/CVE-2021-21341.html
https://www.suse.com/security/cve/CVE-2021-21342.html
https://www.suse.com/security/cve/CVE-2021-21343.html
https://www.suse.com/security/cve/CVE-2021-21344.html
https://www.suse.com/security/cve/CVE-2021-21345.html
https://www.suse.com/security/cve/CVE-2021-21346.html
https://www.suse.com/security/cve/CVE-2021-21347.html
https://www.suse.com/security/cve/CVE-2021-21348.html
https://www.suse.com/security/cve/CVE-2021-21349.html
https://www.suse.com/security/cve/CVE-2021-21350.html
https://www.suse.com/security/cve/CVE-2021-21351.html
https://bugzilla.suse.com/1184372
https://bugzilla.suse.com/1184373
https://bugzilla.suse.com/1184374
https://bugzilla.suse.com/1184375
https://bugzilla.suse.com/1184376
https://bugzilla.suse.com/1184377
https://bugzilla.suse.com/1184378
https://bugzilla.suse.com/1184379
https://bugzilla.suse.com/1184380
https://bugzilla.suse.com/1184796
https://bugzilla.suse.com/1184797
1
0
openSUSE-SU-2021:2147-1: moderate: Security update for freeradius-server
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for freeradius-server
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2147-1
Rating: moderate
References: #1184016
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for freeradius-server fixes the following issues:
- Fixed plaintext password entries in logfiles (bsc#1184016).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2147=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
freeradius-server-3.0.21-3.9.1
freeradius-server-debuginfo-3.0.21-3.9.1
freeradius-server-debugsource-3.0.21-3.9.1
freeradius-server-devel-3.0.21-3.9.1
freeradius-server-doc-3.0.21-3.9.1
freeradius-server-krb5-3.0.21-3.9.1
freeradius-server-krb5-debuginfo-3.0.21-3.9.1
freeradius-server-ldap-3.0.21-3.9.1
freeradius-server-ldap-debuginfo-3.0.21-3.9.1
freeradius-server-libs-3.0.21-3.9.1
freeradius-server-libs-debuginfo-3.0.21-3.9.1
freeradius-server-mysql-3.0.21-3.9.1
freeradius-server-mysql-debuginfo-3.0.21-3.9.1
freeradius-server-perl-3.0.21-3.9.1
freeradius-server-perl-debuginfo-3.0.21-3.9.1
freeradius-server-postgresql-3.0.21-3.9.1
freeradius-server-postgresql-debuginfo-3.0.21-3.9.1
freeradius-server-python3-3.0.21-3.9.1
freeradius-server-python3-debuginfo-3.0.21-3.9.1
freeradius-server-sqlite-3.0.21-3.9.1
freeradius-server-sqlite-debuginfo-3.0.21-3.9.1
freeradius-server-utils-3.0.21-3.9.1
freeradius-server-utils-debuginfo-3.0.21-3.9.1
References:
https://bugzilla.suse.com/1184016
1
0
openSUSE-SU-2021:1876-1: important: Security update for snakeyaml
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for snakeyaml
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1876-1
Rating: important
References: #1159488 #1186088
Cross-References: CVE-2017-18640
CVSS scores:
CVE-2017-18640 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-18640 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
This update for snakeyaml fixes the following issues:
- Upgrade to 1.28
- CVE-2017-18640: The Alias feature allows entity expansion during a load
operation (bsc#1159488, bsc#1186088)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1876=1
Package List:
- openSUSE Leap 15.3 (noarch):
snakeyaml-1.28-3.5.1
snakeyaml-javadoc-1.28-3.5.1
References:
https://www.suse.com/security/cve/CVE-2017-18640.html
https://bugzilla.suse.com/1159488
https://bugzilla.suse.com/1186088
1
0
openSUSE-SU-2021:1785-1: moderate: Security update for postgresql13
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for postgresql13
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1785-1
Rating: moderate
References: #1179945 #1183118 #1183168 #1185924 #1185925
#1185926
Cross-References: CVE-2021-32027 CVE-2021-32028 CVE-2021-32029
CVSS scores:
CVE-2021-32027 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-32027 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
CVE-2021-32028 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-32029 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves three vulnerabilities and has three
fixes is now available.
Description:
This update for postgresql13 fixes the following issues:
- Upgrade to version 13.3:
- CVE-2021-32027: Fixed integer overflows in array subscripting
calculations (bsc#1185924).
- CVE-2021-32028: Fixed mishandling of junk columns in INSERT ... ON
CONFLICT ... UPDATE target lists (bsc#1185925).
- CVE-2021-32029: Fixed possibly-incorrect computation of UPDATE ...
RETURNING outputs for joined cross-partition updates (bsc#1185926).
- Don't use %_stop_on_removal, because it was meant to be private and got
removed from openSUSE. %_restart_on_update is also private, but still
supported and needed for now (bsc#1183168).
- Re-enable build of the llvmjit subpackage on SLE, but it will only be
delivered on PackageHub for now (bsc#1183118).
- Disable icu for PostgreSQL 10 (and older) on TW (bsc#1179945).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1785=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
postgresql13-13.3-5.10.1
postgresql13-contrib-13.3-5.10.1
postgresql13-contrib-debuginfo-13.3-5.10.1
postgresql13-debuginfo-13.3-5.10.1
postgresql13-debugsource-13.3-5.10.1
postgresql13-devel-13.3-5.10.1
postgresql13-devel-debuginfo-13.3-5.10.1
postgresql13-devel-mini-13.3-5.10.1
postgresql13-devel-mini-debuginfo-13.3-5.10.1
postgresql13-llvmjit-13.3-5.10.1
postgresql13-llvmjit-debuginfo-13.3-5.10.1
postgresql13-plperl-13.3-5.10.1
postgresql13-plperl-debuginfo-13.3-5.10.1
postgresql13-plpython-13.3-5.10.1
postgresql13-plpython-debuginfo-13.3-5.10.1
postgresql13-pltcl-13.3-5.10.1
postgresql13-pltcl-debuginfo-13.3-5.10.1
postgresql13-server-13.3-5.10.1
postgresql13-server-debuginfo-13.3-5.10.1
postgresql13-server-devel-13.3-5.10.1
postgresql13-server-devel-debuginfo-13.3-5.10.1
postgresql13-test-13.3-5.10.1
- openSUSE Leap 15.3 (noarch):
postgresql13-docs-13.3-5.10.1
References:
https://www.suse.com/security/cve/CVE-2021-32027.html
https://www.suse.com/security/cve/CVE-2021-32028.html
https://www.suse.com/security/cve/CVE-2021-32029.html
https://bugzilla.suse.com/1179945
https://bugzilla.suse.com/1183118
https://bugzilla.suse.com/1183168
https://bugzilla.suse.com/1185924
https://bugzilla.suse.com/1185925
https://bugzilla.suse.com/1185926
1
0
openSUSE-SU-2021:1759-1: important: Security update for rubygem-actionpack-5_1
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for rubygem-actionpack-5_1
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1759-1
Rating: important
References: #1185715
Cross-References: CVE-2021-22885
CVSS scores:
CVE-2021-22885 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-22885 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rubygem-actionpack-5_1 fixes the following issues:
- CVE-2021-22885: Fixed possible information disclosure / unintended
method execution in Action Pack (bsc#1185715).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1759=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
ruby2.5-rubygem-actionpack-5_1-5.1.4-3.9.1
ruby2.5-rubygem-actionpack-doc-5_1-5.1.4-3.9.1
References:
https://www.suse.com/security/cve/CVE-2021-22885.html
https://bugzilla.suse.com/1185715
1
0
openSUSE-SU-2021:2157-1: important: Security update for libgcrypt
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for libgcrypt
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2157-1
Rating: important
References: #1187212
Cross-References: CVE-2021-33560
CVSS scores:
CVE-2021-33560 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-33560 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libgcrypt fixes the following issues:
- CVE-2021-33560: Fixed a side-channel against ElGamal encryption, caused
by missing exponent blinding (bsc#1187212).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2157=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libgcrypt-cavs-1.8.2-8.39.1
libgcrypt-cavs-debuginfo-1.8.2-8.39.1
libgcrypt-debugsource-1.8.2-8.39.1
libgcrypt-devel-1.8.2-8.39.1
libgcrypt-devel-debuginfo-1.8.2-8.39.1
libgcrypt20-1.8.2-8.39.1
libgcrypt20-debuginfo-1.8.2-8.39.1
libgcrypt20-hmac-1.8.2-8.39.1
- openSUSE Leap 15.3 (x86_64):
libgcrypt-devel-32bit-1.8.2-8.39.1
libgcrypt-devel-32bit-debuginfo-1.8.2-8.39.1
libgcrypt20-32bit-1.8.2-8.39.1
libgcrypt20-32bit-debuginfo-1.8.2-8.39.1
libgcrypt20-hmac-32bit-1.8.2-8.39.1
References:
https://www.suse.com/security/cve/CVE-2021-33560.html
https://bugzilla.suse.com/1187212
1
0
openSUSE-SU-2021:1995-1: important: Security update for xstream
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for xstream
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1995-1
Rating: important
References: #1186651
Cross-References: CVE-2021-29505
CVSS scores:
CVE-2021-29505 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-29505 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for xstream fixes the following issues:
Upgrade to 1.4.17
- CVE-2021-29505: Fixed potential code execution when unmarshalling with
XStream instances using an uninitialized security framework (bsc#1186651)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1995=1
Package List:
- openSUSE Leap 15.3 (noarch):
xstream-1.4.17-3.11.2
xstream-benchmark-1.4.17-3.11.2
xstream-javadoc-1.4.17-3.11.2
xstream-parent-1.4.17-3.11.2
References:
https://www.suse.com/security/cve/CVE-2021-29505.html
https://bugzilla.suse.com/1186651
1
0
openSUSE-SU-2021:2008-1: important: Security update for python-rsa
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for python-rsa
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2008-1
Rating: important
References: #1172389
Cross-References: CVE-2020-13757
CVSS scores:
CVE-2020-13757 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2020-13757 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for python-rsa fixes the following issues:
- CVE-2020-13757: Proper handling of leading '\0' bytes during decryption
of ciphertext (bsc#1172389)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2008=1
Package List:
- openSUSE Leap 15.3 (noarch):
python2-rsa-3.4.2-3.4.1
python3-rsa-3.4.2-3.4.1
References:
https://www.suse.com/security/cve/CVE-2020-13757.html
https://bugzilla.suse.com/1172389
1
0
openSUSE-SU-2021:2005-1: important: Security update for jetty-minimal
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for jetty-minimal
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2005-1
Rating: important
References: #1184366 #1184367 #1184368 #1187117
Cross-References: CVE-2021-28163 CVE-2021-28164 CVE-2021-28165
CVE-2021-28169
CVSS scores:
CVE-2021-28163 (NVD) : 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CVE-2021-28163 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-28164 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-28164 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-28165 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28165 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28169 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-28169 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for jetty-minimal fixes the following issues:
Update to version 9.4.42.v20210604
- Fix: bsc#1187117, CVE-2021-28169 - possible for requests to the
ConcatServlet with a doubly encoded path to access protected resources
within the WEB-INF directory
- Fix: bsc#1184367, CVE-2021-28165 - jetty server high CPU when client
send data length > 17408
- Fix: bsc#1184368, CVE-2021-28164 - Normalize ambiguous URIs
- Fix: bsc#1184366, CVE-2021-28163 - Exclude webapps directory from
deployment scan
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2005=1
Package List:
- openSUSE Leap 15.3 (noarch):
jetty-annotations-9.4.42-3.9.1
jetty-client-9.4.42-3.9.1
jetty-continuation-9.4.42-3.9.1
jetty-http-9.4.42-3.9.1
jetty-io-9.4.42-3.9.1
jetty-jaas-9.4.42-3.9.1
jetty-javax-websocket-client-impl-9.4.42-3.9.1
jetty-javax-websocket-server-impl-9.4.42-3.9.1
jetty-jmx-9.4.42-3.9.1
jetty-jndi-9.4.42-3.9.1
jetty-jsp-9.4.42-3.9.1
jetty-minimal-javadoc-9.4.42-3.9.1
jetty-openid-9.4.42-3.9.1
jetty-plus-9.4.42-3.9.1
jetty-proxy-9.4.42-3.9.1
jetty-security-9.4.42-3.9.1
jetty-server-9.4.42-3.9.1
jetty-servlet-9.4.42-3.9.1
jetty-util-9.4.42-3.9.1
jetty-util-ajax-9.4.42-3.9.1
jetty-webapp-9.4.42-3.9.1
jetty-websocket-api-9.4.42-3.9.1
jetty-websocket-client-9.4.42-3.9.1
jetty-websocket-common-9.4.42-3.9.1
jetty-websocket-javadoc-9.4.42-3.9.1
jetty-websocket-server-9.4.42-3.9.1
jetty-websocket-servlet-9.4.42-3.9.1
jetty-xml-9.4.42-3.9.1
References:
https://www.suse.com/security/cve/CVE-2021-28163.html
https://www.suse.com/security/cve/CVE-2021-28164.html
https://www.suse.com/security/cve/CVE-2021-28165.html
https://www.suse.com/security/cve/CVE-2021-28169.html
https://bugzilla.suse.com/1184366
https://bugzilla.suse.com/1184367
https://bugzilla.suse.com/1184368
https://bugzilla.suse.com/1187117
1
0
openSUSE-SU-2021:1961-1: important: Security update for squid
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for squid
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1961-1
Rating: important
References: #1171164 #1171569 #1183436 #1185916 #1185918
#1185919 #1185921 #1185923
Cross-References: CVE-2020-25097 CVE-2021-28651 CVE-2021-28652
CVE-2021-28662 CVE-2021-31806
CVSS scores:
CVE-2020-25097 (NVD) : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CVE-2020-25097 (SUSE): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
CVE-2021-28651 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28651 (SUSE): 7.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
CVE-2021-28652 (NVD) : 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28652 (SUSE): 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28662 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-28662 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-31806 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-31806 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 5 vulnerabilities and has three fixes
is now available.
Description:
This update for squid fixes the following issues:
- update to 4.15:
- CVE-2021-28652: Broken cache manager URL parsing (bsc#1185918)
- CVE-2021-28651: Memory leak in RFC 2169 response parsing (bsc#1185921)
- CVE-2021-28662: Limit HeaderLookupTable_t::lookup() to BadHdr and
specific IDs (bsc#1185919)
- CVE-2021-31806: Handle more Range requests (bsc#1185916)
- CVE-2020-25097: HTTP Request Smuggling vulnerability (bsc#1183436)
- Handle more partial responses (bsc#1185923)
- fix previous change to reinstante permissions macros, because the wrong
path has been used (bsc#1171569).
- use libexecdir instead of libdir to conform to recent changes in Factory
(bsc#1171164).
- Reinstate permissions macros for pinger binary, because the permissions
package is also responsible for setting up the cap_net_raw capability,
currently a fresh squid install doesn't get a capability bit at all
(bsc#1171569).
- Change pinger and basic_pam_auth helper to use standard permissions.
pinger uses cap_net_raw=ep instead (bsc#1171569)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1961=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
squid-4.15-5.26.1
squid-debuginfo-4.15-5.26.1
squid-debugsource-4.15-5.26.1
References:
https://www.suse.com/security/cve/CVE-2020-25097.html
https://www.suse.com/security/cve/CVE-2021-28651.html
https://www.suse.com/security/cve/CVE-2021-28652.html
https://www.suse.com/security/cve/CVE-2021-28662.html
https://www.suse.com/security/cve/CVE-2021-31806.html
https://bugzilla.suse.com/1171164
https://bugzilla.suse.com/1171569
https://bugzilla.suse.com/1183436
https://bugzilla.suse.com/1185916
https://bugzilla.suse.com/1185918
https://bugzilla.suse.com/1185919
https://bugzilla.suse.com/1185921
https://bugzilla.suse.com/1185923
1
0
openSUSE-SU-2021:1655-1: important: Security update for fribidi
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for fribidi
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1655-1
Rating: important
References: #1156260
Cross-References: CVE-2019-18397
CVSS scores:
CVE-2019-18397 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2019-18397 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for fribidi fixes the following issues:
Security issues fixed:
- CVE-2019-18397: Avoid buffer overflow. (bsc#1156260)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1655=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
fribidi-1.0.5-3.3.1
fribidi-debuginfo-1.0.5-3.3.1
fribidi-debugsource-1.0.5-3.3.1
fribidi-devel-1.0.5-3.3.1
libfribidi0-1.0.5-3.3.1
libfribidi0-debuginfo-1.0.5-3.3.1
- openSUSE Leap 15.3 (x86_64):
libfribidi0-32bit-1.0.5-3.3.1
libfribidi0-32bit-debuginfo-1.0.5-3.3.1
References:
https://www.suse.com/security/cve/CVE-2019-18397.html
https://bugzilla.suse.com/1156260
1
0
openSUSE-SU-2021:2143-1: important: Security update for libnettle
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for libnettle
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2143-1
Rating: important
References: #1187060
Cross-References: CVE-2021-3580
CVSS scores:
CVE-2021-3580 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for libnettle fixes the following issues:
- CVE-2021-3580: Fixed a remote denial of service in the RSA decryption
via manipulated ciphertext (bsc#1187060).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2143=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
libhogweed4-3.4.1-4.18.1
libhogweed4-debuginfo-3.4.1-4.18.1
libnettle-debugsource-3.4.1-4.18.1
libnettle-devel-3.4.1-4.18.1
libnettle6-3.4.1-4.18.1
libnettle6-debuginfo-3.4.1-4.18.1
nettle-3.4.1-4.18.1
nettle-debuginfo-3.4.1-4.18.1
- openSUSE Leap 15.3 (x86_64):
libhogweed4-32bit-3.4.1-4.18.1
libhogweed4-32bit-debuginfo-3.4.1-4.18.1
libnettle-devel-32bit-3.4.1-4.18.1
libnettle6-32bit-3.4.1-4.18.1
libnettle6-32bit-debuginfo-3.4.1-4.18.1
References:
https://www.suse.com/security/cve/CVE-2021-3580.html
https://bugzilla.suse.com/1187060
1
0
openSUSE-SU-2021:2274-1: moderate: Security update for kubevirt
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for kubevirt
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2274-1
Rating: moderate
References: ECO-2415 ECO-3633 SLE-11089
Cross-References: CVE-2021-20286
CVSS scores:
CVE-2021-20286 (NVD) : 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability, contains three
features is now available.
Description:
This update for kubevirt fixes the following issues:
General:
- Updated kubevirt to version 0.40.0
- Fixed an issue when calling `virsh-domcapabilities`
- Fixed the the wrong registry path for containers.
Security fixes:
- CVE-2021-20286: A flaw was found in libnbd 1.7.3. An assertion failure
in nbd_unlocked_opt_go in ilb/opt.c may lead to denial of service.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2274=1
Package List:
- openSUSE Leap 15.3 (x86_64):
kubevirt-container-disk-0.40.0-5.11.2
kubevirt-container-disk-debuginfo-0.40.0-5.11.2
kubevirt-manifests-0.40.0-5.11.2
kubevirt-tests-0.40.0-5.11.2
kubevirt-tests-debuginfo-0.40.0-5.11.2
kubevirt-virt-api-0.40.0-5.11.2
kubevirt-virt-api-debuginfo-0.40.0-5.11.2
kubevirt-virt-controller-0.40.0-5.11.2
kubevirt-virt-controller-debuginfo-0.40.0-5.11.2
kubevirt-virt-handler-0.40.0-5.11.2
kubevirt-virt-handler-debuginfo-0.40.0-5.11.2
kubevirt-virt-launcher-0.40.0-5.11.2
kubevirt-virt-launcher-debuginfo-0.40.0-5.11.2
kubevirt-virt-operator-0.40.0-5.11.2
kubevirt-virt-operator-debuginfo-0.40.0-5.11.2
kubevirt-virtctl-0.40.0-5.11.2
kubevirt-virtctl-debuginfo-0.40.0-5.11.2
References:
https://www.suse.com/security/cve/CVE-2021-20286.html
1
0
openSUSE-SU-2021:1841-1: important: Security update for dhcp
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for dhcp
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1841-1
Rating: important
References: #1186382
Cross-References: CVE-2021-25217
CVSS scores:
CVE-2021-25217 (SUSE): 7.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for dhcp fixes the following issues:
- CVE-2021-25217: A buffer overrun in lease file parsing code can be used
to exploit a common vulnerability shared by dhcpd and dhclient
(bsc#1186382)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1841=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
dhcp-4.3.6.P1-6.11.1
dhcp-client-4.3.6.P1-6.11.1
dhcp-client-debuginfo-4.3.6.P1-6.11.1
dhcp-debuginfo-4.3.6.P1-6.11.1
dhcp-debugsource-4.3.6.P1-6.11.1
dhcp-devel-4.3.6.P1-6.11.1
dhcp-doc-4.3.6.P1-6.11.1
dhcp-relay-4.3.6.P1-6.11.1
dhcp-relay-debuginfo-4.3.6.P1-6.11.1
dhcp-server-4.3.6.P1-6.11.1
dhcp-server-debuginfo-4.3.6.P1-6.11.1
References:
https://www.suse.com/security/cve/CVE-2021-25217.html
https://bugzilla.suse.com/1186382
1
0
openSUSE-SU-2021:1948-1: important: Security update for djvulibre
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for djvulibre
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1948-1
Rating: important
References: #1186253
Cross-References: CVE-2021-3500
CVSS scores:
CVE-2021-3500 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-3500 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for djvulibre fixes the following issues:
- CVE-2021-3500: Stack overflow in function
DJVU:DjVuDocument:get_djvu_file() via crafted djvu file (bsc#1186253)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1948=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
djvulibre-3.5.27-11.6.1
djvulibre-debuginfo-3.5.27-11.6.1
djvulibre-debugsource-3.5.27-11.6.1
libdjvulibre-devel-3.5.27-11.6.1
libdjvulibre21-3.5.27-11.6.1
libdjvulibre21-debuginfo-3.5.27-11.6.1
- openSUSE Leap 15.3 (noarch):
djvulibre-doc-3.5.27-11.6.1
References:
https://www.suse.com/security/cve/CVE-2021-3500.html
https://bugzilla.suse.com/1186253
1
0
openSUSE-SU-2021:2177-1: important: Security update for arpwatch
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for arpwatch
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:2177-1
Rating: important
References: #1186240
Cross-References: CVE-2021-25321
CVSS scores:
CVE-2021-25321 (SUSE): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for arpwatch fixes the following issues:
- CVE-2021-25321: Fixed local privilege escalation from runtime user to
root (bsc#1186240).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-2177=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
arpwatch-2.1a15-5.12.1
arpwatch-debuginfo-2.1a15-5.12.1
arpwatch-debugsource-2.1a15-5.12.1
arpwatch-ethercodes-build-2.1a15-5.12.1
References:
https://www.suse.com/security/cve/CVE-2021-25321.html
https://bugzilla.suse.com/1186240
1
0
openSUSE-SU-2021:1845-1: important: Security update for avahi
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for avahi
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1845-1
Rating: important
References: #1180827 #1184521
Cross-References: CVE-2021-26720 CVE-2021-3468
CVSS scores:
CVE-2021-26720 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-26720 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2021-3468 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-3468 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for avahi fixes the following issues:
- CVE-2021-3468: avoid infinite loop by handling HUP event in client_work
(bsc#1184521).
- CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh
(bsc#1180827)
- Update avahi-daemon-check-dns.sh from Debian. Our previous version
relied on ifconfig, route, and init.d.
- Add sudo to requires: used to drop privileges.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1845=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-avahi-0.6.32-5.13.1
python-avahi-gtk-0.6.32-5.13.1
References:
https://www.suse.com/security/cve/CVE-2021-26720.html
https://www.suse.com/security/cve/CVE-2021-3468.html
https://bugzilla.suse.com/1180827
https://bugzilla.suse.com/1184521
1
0
openSUSE-SU-2021:1641-1: important: Security update for djvulibre
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for djvulibre
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1641-1
Rating: important
References: #1185895 #1185900 #1185904 #1185905
Cross-References: CVE-2021-32490 CVE-2021-32491 CVE-2021-32492
CVE-2021-32493
CVSS scores:
CVE-2021-32490 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-32490 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-32491 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-32491 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-32492 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-32492 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-32493 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2021-32493 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for djvulibre fixes the following issues:
- CVE-2021-32490 [bsc#1185895]: Out of bounds write in function
DJVU:filter_bv() via crafted djvu file
- CVE-2021-32491 [bsc#1185900]: Integer overflow in function render() in
tools/ddjvu via crafted djvu file
- CVE-2021-32492 [bsc#1185904]: Out of bounds read in function
DJVU:DataPool:has_data() via crafted djvu file
- CVE-2021-32493 [bsc#1185905]: Heap buffer overflow in function
DJVU:GBitmap:decode() via crafted djvu file
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1641=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
djvulibre-3.5.27-11.3.1
djvulibre-debuginfo-3.5.27-11.3.1
djvulibre-debugsource-3.5.27-11.3.1
libdjvulibre-devel-3.5.27-11.3.1
libdjvulibre21-3.5.27-11.3.1
libdjvulibre21-debuginfo-3.5.27-11.3.1
- openSUSE Leap 15.3 (noarch):
djvulibre-doc-3.5.27-11.3.1
References:
https://www.suse.com/security/cve/CVE-2021-32490.html
https://www.suse.com/security/cve/CVE-2021-32491.html
https://www.suse.com/security/cve/CVE-2021-32492.html
https://www.suse.com/security/cve/CVE-2021-32493.html
https://bugzilla.suse.com/1185895
https://bugzilla.suse.com/1185900
https://bugzilla.suse.com/1185904
https://bugzilla.suse.com/1185905
1
0
openSUSE-SU-2021:1024-1: moderate: Security update for openscad
by opensuse-security@opensuse.org 11 Jul '21
by opensuse-security@opensuse.org 11 Jul '21
11 Jul '21
openSUSE Security Update: Security update for openscad
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1024-1
Rating: moderate
References: #1185975
Cross-References: CVE-2020-28600
CVSS scores:
CVE-2020-28600 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for openscad fixes the following issues:
- CVE-2020-28600: A specially crafted STL file could lead to code
execution via out-of-bounds write in import_stl.cc:import_stl()
(bsc#1185975)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1024=1
Package List:
- openSUSE Leap 15.2 (x86_64):
openscad-2019.05-lp152.2.3.1
openscad-debuginfo-2019.05-lp152.2.3.1
openscad-debugsource-2019.05-lp152.2.3.1
References:
https://www.suse.com/security/cve/CVE-2020-28600.html
https://bugzilla.suse.com/1185975
1
0
openSUSE-SU-2021:1762-1: moderate: Security update for curl
by opensuse-security@opensuse.org 10 Jul '21
by opensuse-security@opensuse.org 10 Jul '21
10 Jul '21
openSUSE Security Update: Security update for curl
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1762-1
Rating: moderate
References: #1186114 SLE-17956
Cross-References: CVE-2021-22898
CVSS scores:
CVE-2021-22898 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-22898 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability, contains one
feature is now available.
Description:
This update for curl fixes the following issues:
- CVE-2021-22898: Fixed curl TELNET stack contents disclosure
(bsc#1186114).
- Allow partial chain verification [jsc#SLE-17956]
* Have intermediate certificates in the trust store be treated as
trust-anchors, in the same way as self-signed root CA certificates
are. This allows users to verify servers using the intermediate cert
only, instead of needing the whole chain.
* Set FLAG_TRUSTED_FIRST unconditionally.
* Do not check partial chains with CRL check.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1762=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
curl-7.66.0-4.17.1
curl-debuginfo-7.66.0-4.17.1
curl-debugsource-7.66.0-4.17.1
curl-mini-7.66.0-4.17.1
curl-mini-debuginfo-7.66.0-4.17.1
curl-mini-debugsource-7.66.0-4.17.1
libcurl-devel-7.66.0-4.17.1
libcurl-mini-devel-7.66.0-4.17.1
libcurl4-7.66.0-4.17.1
libcurl4-debuginfo-7.66.0-4.17.1
libcurl4-mini-7.66.0-4.17.1
libcurl4-mini-debuginfo-7.66.0-4.17.1
- openSUSE Leap 15.3 (x86_64):
libcurl-devel-32bit-7.66.0-4.17.1
libcurl4-32bit-7.66.0-4.17.1
libcurl4-32bit-debuginfo-7.66.0-4.17.1
References:
https://www.suse.com/security/cve/CVE-2021-22898.html
https://bugzilla.suse.com/1186114
1
0
openSUSE-SU-2021:1815-1: important: Security update for nginx
by opensuse-security@opensuse.org 10 Jul '21
by opensuse-security@opensuse.org 10 Jul '21
10 Jul '21
openSUSE Security Update: Security update for nginx
______________________________________________________________________________
Announcement ID: openSUSE-SU-2021:1815-1
Rating: important
References: #1186126
Cross-References: CVE-2021-23017
CVSS scores:
CVE-2021-23017 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-23017 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for nginx fixes the following issues:
- CVE-2021-23017: nginx DNS resolver off-by-one heap write (bsc#1186126)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-1815=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nginx-1.19.8-3.3.1
nginx-debuginfo-1.19.8-3.3.1
nginx-debugsource-1.19.8-3.3.1
- openSUSE Leap 15.3 (noarch):
nginx-source-1.19.8-3.3.1
vim-plugin-nginx-1.19.8-3.3.1
References:
https://www.suse.com/security/cve/CVE-2021-23017.html
https://bugzilla.suse.com/1186126
1
0