openSUSE Security Announce
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
January 2022
- 2 participants
- 52 discussions
openSUSE-SU-2022:0149-1: moderate: Security update for rust1.56
by opensuse-security@opensuse.org 21 Jan '22
by opensuse-security@opensuse.org 21 Jan '22
21 Jan '22
openSUSE Security Update: Security update for rust1.56
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0149-1
Rating: moderate
References: #1194767
Cross-References: CVE-2022-21658
CVSS scores:
CVE-2022-21658 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for rust1.56 fixes the following issues:
- CVE-2022-21658: Fixed race condition in std::fs::remove_dir_all
(bsc#1194767).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-149=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cargo1.56-1.56.1-150300.7.6.1
cargo1.56-debuginfo-1.56.1-150300.7.6.1
rust1.56-1.56.1-150300.7.6.1
rust1.56-debuginfo-1.56.1-150300.7.6.1
References:
https://www.suse.com/security/cve/CVE-2022-21658.html
https://bugzilla.suse.com/1194767
1
0
openSUSE-SU-2022:0144-1: moderate: Security update for cryptsetup
by opensuse-security@opensuse.org 20 Jan '22
by opensuse-security@opensuse.org 20 Jan '22
20 Jan '22
openSUSE Security Update: Security update for cryptsetup
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0144-1
Rating: moderate
References: #1194469
Cross-References: CVE-2021-4122
CVSS scores:
CVE-2021-4122 (SUSE): 5.9 CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for cryptsetup fixes the following issues:
- CVE-2021-4122: Fixed possible attacks against data confidentiality
through LUKS2 online reencryption extension crash recovery (bsc#1194469).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-144=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cryptsetup-2.3.7-150300.3.5.1
cryptsetup-debuginfo-2.3.7-150300.3.5.1
cryptsetup-debugsource-2.3.7-150300.3.5.1
libcryptsetup-devel-2.3.7-150300.3.5.1
libcryptsetup12-2.3.7-150300.3.5.1
libcryptsetup12-debuginfo-2.3.7-150300.3.5.1
libcryptsetup12-hmac-2.3.7-150300.3.5.1
- openSUSE Leap 15.3 (noarch):
cryptsetup-lang-2.3.7-150300.3.5.1
- openSUSE Leap 15.3 (x86_64):
libcryptsetup12-32bit-2.3.7-150300.3.5.1
libcryptsetup12-32bit-debuginfo-2.3.7-150300.3.5.1
libcryptsetup12-hmac-32bit-2.3.7-150300.3.5.1
References:
https://www.suse.com/security/cve/CVE-2021-4122.html
https://bugzilla.suse.com/1194469
1
0
openSUSE-SU-2022:0140-1: important: Security update for grafana
by opensuse-security@opensuse.org 20 Jan '22
by opensuse-security@opensuse.org 20 Jan '22
20 Jan '22
openSUSE Security Update: Security update for grafana
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0140-1
Rating: important
References: #1191454 #1193688
Cross-References: CVE-2021-39226 CVE-2021-43813
CVSS scores:
CVE-2021-39226 (NVD) : 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-39226 (SUSE): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2021-43813 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2021-43813 (SUSE): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for grafana fixes the following issues:
- CVE-2021-39226: Fixed snapshot authentication bypass (bsc#1191454)
- CVE-2021-43813: Fixed markdown path traversal (bsc#1193688)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-140=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
grafana-7.5.12-3.18.1
References:
https://www.suse.com/security/cve/CVE-2021-39226.html
https://www.suse.com/security/cve/CVE-2021-43813.html
https://bugzilla.suse.com/1191454
https://bugzilla.suse.com/1193688
1
0
openSUSE-SU-2022:0141-1: moderate: Security update for permissions
by opensuse-security@opensuse.org 20 Jan '22
by opensuse-security@opensuse.org 20 Jan '22
20 Jan '22
openSUSE Security Update: Security update for permissions
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0141-1
Rating: moderate
References: #1169614
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that contains security fixes can now be installed.
Description:
This update for permissions fixes the following issues:
- Update to version 20181225: setuid bit for cockpit session binary
(bsc#1169614).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-141=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
permissions-20181225-23.12.1
permissions-debuginfo-20181225-23.12.1
permissions-debugsource-20181225-23.12.1
- openSUSE Leap 15.3 (noarch):
permissions-zypp-plugin-20181225-23.12.1
References:
https://bugzilla.suse.com/1169614
1
0
openSUSE-SU-2022:0136-1: important: Security update for MozillaFirefox
by opensuse-security@opensuse.org 20 Jan '22
by opensuse-security@opensuse.org 20 Jan '22
20 Jan '22
openSUSE Security Update: Security update for MozillaFirefox
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0136-1
Rating: important
References: #1194547
Cross-References: CVE-2021-4140 CVE-2022-22737 CVE-2022-22738
CVE-2022-22739 CVE-2022-22740 CVE-2022-22741
CVE-2022-22742 CVE-2022-22743 CVE-2022-22744
CVE-2022-22745 CVE-2022-22746 CVE-2022-22747
CVE-2022-22748 CVE-2022-22751
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 14 vulnerabilities is now available.
Description:
This update for MozillaFirefox fixes the following issues:
- CVE-2021-4140: Fixed iframe sandbox bypass with XSLT (bsc#1194547).
- CVE-2022-22737: Fixed race condition when playing audio files
(bsc#1194547).
- CVE-2022-22738: Fixed heap-buffer-overflow in blendGaussianBlur
(bsc#1194547).
- CVE-2022-22739: Fixed missing throttling on external protocol launch
dialog (bsc#1194547).
- CVE-2022-22740: Fixed use-after-free of ChannelEventQueue::mOwner
(bsc#1194547).
- CVE-2022-22741: Fixed browser window spoof using fullscreen mode
(bsc#1194547).
- CVE-2022-22742: Fixed out-of-bounds memory access when inserting text in
edit mode (bsc#1194547).
- CVE-2022-22743: Fixed browser window spoof using fullscreen mode
(bsc#1194547).
- CVE-2022-22744: Fixed possible command injection via the 'Copy as curl'
feature in DevTools (bsc#1194547).
- CVE-2022-22745: Fixed leaking cross-origin URLs through
securitypolicyviolation event (bsc#1194547).
- CVE-2022-22746: Fixed calling into reportValidity could have lead to
fullscreen window spoof (bsc#1194547).
- CVE-2022-22747: Fixed crash when handling empty pkcs7
sequence(bsc#1194547).
- CVE-2022-22748: Fixed spoofed origin on external protocol launch dialog
(bsc#1194547).
- CVE-2022-22751: Fixed memory safety bugs (bsc#1194547).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-136=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
MozillaFirefox-91.5.0-152.12.1
MozillaFirefox-branding-upstream-91.5.0-152.12.1
MozillaFirefox-debuginfo-91.5.0-152.12.1
MozillaFirefox-debugsource-91.5.0-152.12.1
MozillaFirefox-devel-91.5.0-152.12.1
MozillaFirefox-translations-common-91.5.0-152.12.1
MozillaFirefox-translations-other-91.5.0-152.12.1
References:
https://www.suse.com/security/cve/CVE-2021-4140.html
https://www.suse.com/security/cve/CVE-2022-22737.html
https://www.suse.com/security/cve/CVE-2022-22738.html
https://www.suse.com/security/cve/CVE-2022-22739.html
https://www.suse.com/security/cve/CVE-2022-22740.html
https://www.suse.com/security/cve/CVE-2022-22741.html
https://www.suse.com/security/cve/CVE-2022-22742.html
https://www.suse.com/security/cve/CVE-2022-22743.html
https://www.suse.com/security/cve/CVE-2022-22744.html
https://www.suse.com/security/cve/CVE-2022-22745.html
https://www.suse.com/security/cve/CVE-2022-22746.html
https://www.suse.com/security/cve/CVE-2022-22747.html
https://www.suse.com/security/cve/CVE-2022-22748.html
https://www.suse.com/security/cve/CVE-2022-22751.html
https://bugzilla.suse.com/1194547
1
0
openSUSE-SU-2022:0134-1: moderate: Security update for python-numpy
by opensuse-security@opensuse.org 20 Jan '22
by opensuse-security@opensuse.org 20 Jan '22
20 Jan '22
openSUSE Security Update: Security update for python-numpy
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0134-1
Rating: moderate
References: #1193907 #1193913
Cross-References: CVE-2021-33430 CVE-2021-41496
CVSS scores:
CVE-2021-33430 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2021-41496 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes two vulnerabilities is now available.
Description:
This update for python-numpy fixes the following issues:
- CVE-2021-33430: Fixed buffer overflow that could lead to DoS in
PyArray_NewFromDescr_int function of ctors.c (bsc#1193913).
- CVE-2021-41496: Fixed buffer overflow that could lead to DoS in
array_from_pyobj function of fortranobject.c (bsc#1193907).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-134=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
python-numpy-debugsource-1.17.3-10.1
python-numpy_1_17_3-gnu-hpc-debugsource-1.17.3-10.1
python3-numpy-1.17.3-10.1
python3-numpy-debuginfo-1.17.3-10.1
python3-numpy-devel-1.17.3-10.1
python3-numpy-gnu-hpc-1.17.3-10.1
python3-numpy-gnu-hpc-devel-1.17.3-10.1
python3-numpy_1_17_3-gnu-hpc-1.17.3-10.1
python3-numpy_1_17_3-gnu-hpc-debuginfo-1.17.3-10.1
python3-numpy_1_17_3-gnu-hpc-devel-1.17.3-10.1
References:
https://www.suse.com/security/cve/CVE-2021-33430.html
https://www.suse.com/security/cve/CVE-2021-41496.html
https://bugzilla.suse.com/1193907
https://bugzilla.suse.com/1193913
1
0
openSUSE-SU-2022:0135-1: important: Security update for busybox
by opensuse-security@opensuse.org 20 Jan '22
by opensuse-security@opensuse.org 20 Jan '22
20 Jan '22
openSUSE Security Update: Security update for busybox
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0135-1
Rating: important
References: #1064976 #1064978 #1069412 #1099260 #1099263
#1102912 #1121426 #1121428 #1184522 #1192869
#951562 #970662 #970663 #991940
Cross-References: CVE-2011-5325 CVE-2015-9261 CVE-2016-2147
CVE-2016-2148 CVE-2016-6301 CVE-2017-15873
CVE-2017-15874 CVE-2017-16544 CVE-2018-1000500
CVE-2018-1000517 CVE-2018-20679 CVE-2019-5747
CVE-2021-28831 CVE-2021-42373 CVE-2021-42374
CVE-2021-42375 CVE-2021-42376 CVE-2021-42377
CVE-2021-42378 CVE-2021-42379 CVE-2021-42380
CVE-2021-42381 CVE-2021-42382 CVE-2021-42383
CVE-2021-42384 CVE-2021-42385 CVE-2021-42386
CVSS scores:
CVE-2011-5325 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2015-9261 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2015-9261 (SUSE): 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2016-2147 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2016-2148 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2016-6301 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2017-15873 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2017-15873 (SUSE): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2017-15874 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVE-2017-15874 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CVE-2017-16544 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2017-16544 (SUSE): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2018-1000500 (NVD) : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-1000500 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2018-1000517 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2018-1000517 (SUSE): 5.6 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CVE-2018-20679 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2018-20679 (SUSE): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2019-5747 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-28831 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28831 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-42378 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42379 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42380 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42381 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42382 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42383 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42384 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42385 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-42386 (NVD) : 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes 27 vulnerabilities is now available.
Description:
This update for busybox fixes the following issues:
- CVE-2011-5325: Fixed tar directory traversal (bsc#951562).
- CVE-2015-9261: Fixed segfalts and application crashes in huft_build
(bsc#1102912).
- CVE-2016-2147: Fixed out of bounds write (heap) due to integer underflow
in udhcpc (bsc#970663).
- CVE-2016-2148: Fixed heap-based buffer overflow in OPTION_6RD parsing
(bsc#970662).
- CVE-2016-6301: Fixed NTP server denial of service flaw (bsc#991940).
- CVE-2017-15873: Fixed integer overflow in get_next_block function in
archival/libarchive/decompress_bunzip2.c (bsc#1064976).
- CVE-2017-15874: Fixed integer underflow in
archival/libarchive/decompress_unlzma.c (bsc#1064978).
- CVE-2017-16544: Fixed Insufficient sanitization of filenames when
autocompleting (bsc#1069412).
- CVE-2018-1000500 : Fixed missing SSL certificate validation in wget
(bsc#1099263).
- CVE-2018-1000517: Fixed heap-based buffer overflow in the
retrieve_file_data() (bsc#1099260).
- CVE-2018-20679: Fixed out of bounds read in udhcp (bsc#1121426).
- CVE-2019-5747: Fixed out of bounds read in udhcp components
(bsc#1121428).
- CVE-2021-28831: Fixed invalid free or segmentation fault via malformed
gzip data (bsc#1184522).
- CVE-2021-42373: Fixed NULL pointer dereference in man leading to DoS
when a section name is supplied but no page argument is given
(bsc#1192869).
- CVE-2021-42374: Fixed out-of-bounds heap read in unlzma leading to
information leak and DoS when crafted LZMA-compressed input is
decompressed (bsc#1192869).
- CVE-2021-42375: Fixed incorrect handling of a special element in ash
leading to DoS when processing a crafted shell command, due to the shell
mistaking specific characters for reserved characters (bsc#1192869).
- CVE-2021-42376: Fixed NULL pointer dereference in hush leading to DoS
when processing a crafted shell command (bsc#1192869).
- CVE-2021-42377: Fixed attacker-controlled pointer free in hush leading
to DoS and possible code execution when processing a crafted shell
command (bsc#1192869).
- CVE-2021-42378: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the getvar_i
function (bsc#1192869).
- CVE-2021-42379: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the
next_input_file function (bsc#1192869).
- CVE-2021-42380: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the clrvar
function (bsc#1192869).
- CVE-2021-42381: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the hash_init
function (bsc#1192869).
- CVE-2021-42382: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the getvar_s
function (bsc#1192869).
- CVE-2021-42383: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the evaluate
function (bsc#1192869).
- CVE-2021-42384: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the
handle_special function (bsc#1192869).
- CVE-2021-42385: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the evaluate
function (bsc#1192869).
- CVE-2021-42386: Fixed use-after-free in awk leading to DoS and possibly
code execution when processing a crafted awk pattern in the nvalloc
function (bsc#1192869).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-135=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
busybox-1.34.1-4.9.1
busybox-static-1.34.1-4.9.1
References:
https://www.suse.com/security/cve/CVE-2011-5325.html
https://www.suse.com/security/cve/CVE-2015-9261.html
https://www.suse.com/security/cve/CVE-2016-2147.html
https://www.suse.com/security/cve/CVE-2016-2148.html
https://www.suse.com/security/cve/CVE-2016-6301.html
https://www.suse.com/security/cve/CVE-2017-15873.html
https://www.suse.com/security/cve/CVE-2017-15874.html
https://www.suse.com/security/cve/CVE-2017-16544.html
https://www.suse.com/security/cve/CVE-2018-1000500.html
https://www.suse.com/security/cve/CVE-2018-1000517.html
https://www.suse.com/security/cve/CVE-2018-20679.html
https://www.suse.com/security/cve/CVE-2019-5747.html
https://www.suse.com/security/cve/CVE-2021-28831.html
https://www.suse.com/security/cve/CVE-2021-42373.html
https://www.suse.com/security/cve/CVE-2021-42374.html
https://www.suse.com/security/cve/CVE-2021-42375.html
https://www.suse.com/security/cve/CVE-2021-42376.html
https://www.suse.com/security/cve/CVE-2021-42377.html
https://www.suse.com/security/cve/CVE-2021-42378.html
https://www.suse.com/security/cve/CVE-2021-42379.html
https://www.suse.com/security/cve/CVE-2021-42380.html
https://www.suse.com/security/cve/CVE-2021-42381.html
https://www.suse.com/security/cve/CVE-2021-42382.html
https://www.suse.com/security/cve/CVE-2021-42383.html
https://www.suse.com/security/cve/CVE-2021-42384.html
https://www.suse.com/security/cve/CVE-2021-42385.html
https://www.suse.com/security/cve/CVE-2021-42386.html
https://bugzilla.suse.com/1064976
https://bugzilla.suse.com/1064978
https://bugzilla.suse.com/1069412
https://bugzilla.suse.com/1099260
https://bugzilla.suse.com/1099263
https://bugzilla.suse.com/1102912
https://bugzilla.suse.com/1121426
https://bugzilla.suse.com/1121428
https://bugzilla.suse.com/1184522
https://bugzilla.suse.com/1192869
https://bugzilla.suse.com/951562
https://bugzilla.suse.com/970662
https://bugzilla.suse.com/970663
https://bugzilla.suse.com/991940
1
0
openSUSE-SU-2022:0131-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 19 Jan '22
by opensuse-security@opensuse.org 19 Jan '22
19 Jan '22
openSUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0131-1
Rating: important
References: #1139944 #1151927 #1152489 #1153275 #1154353
#1154355 #1161907 #1164565 #1166780 #1169514
#1176242 #1176447 #1176536 #1176544 #1176545
#1176546 #1176548 #1176558 #1176559 #1176774
#1176940 #1176956 #1177440 #1178134 #1178270
#1179211 #1179424 #1179426 #1179427 #1179599
#1181148 #1181507 #1181710 #1182404 #1183534
#1183540 #1183897 #1184318 #1185726 #1185902
#1186332 #1187541 #1189126 #1189158 #1191793
#1191876 #1192267 #1192320 #1192507 #1192511
#1192569 #1192606 #1192691 #1192845 #1192847
#1192874 #1192946 #1192969 #1192987 #1192990
#1192998 #1193002 #1193042 #1193139 #1193169
#1193306 #1193318 #1193349 #1193440 #1193442
#1193655 #1193993 #1194087 #1194094 SLE-22574
Cross-References: CVE-2020-24504 CVE-2020-27820 CVE-2021-28711
CVE-2021-28712 CVE-2021-28713 CVE-2021-28714
CVE-2021-28715 CVE-2021-4001 CVE-2021-4002
CVE-2021-43975 CVE-2021-43976 CVE-2021-45485
CVE-2021-45486
CVSS scores:
CVE-2020-24504 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-24504 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2020-27820 (SUSE): 3.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L
CVE-2021-28711 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28711 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28712 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28712 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28713 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVE-2021-28713 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28714 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-28715 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-4001 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2021-4002 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CVE-2021-43975 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2021-43976 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2021-45485 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE-2021-45486 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that solves 13 vulnerabilities, contains one
feature and has 61 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 kernel was updated
- Unprivileged BPF has been disabled by default to reduce attack surface
as too many security issues have happened in the past (jsc#SLE-22573)
You can reenable via systemctl setting
/proc/sys/kernel/unprivileged_bpf_disabled to 0.
(kernel.unprivileged_bpf_disabled = 0)
The following security bugs were fixed:
- CVE-2021-45485: Fixed an information leak because of certain use of a
hash table which use IPv6 source addresses. (bsc#1194094)
- CVE-2021-45486: Fixed an information leak because the hash table is very
small in net/ipv4/route.c. (bnc#1194087).
- CVE-2021-4001: Fixed a race condition when the EBPF map is frozen.
(bsc#1192990)
- CVE-2021-28715: Fixed an issue where a guest could force Linux netback
driver to hog large amounts of kernel memory by do not queueing
unlimited number of packages. (bsc#1193442)
- CVE-2021-28714: Fixed an issue where a guest could force Linux netback
driver to hog large amounts of kernel memory by fixing rx queue stall
detection. (bsc#1193442)
- CVE-2021-28713: Fixed a rogue backends that could cause DoS of guests
via high frequency events by hardening hvc_xen against event channel
storms. (bsc#1193440)
- CVE-2021-28712: Fixed a rogue backends that could cause DoS of guests
via high frequency events by hardening netfront against event channel
storms. (bsc#1193440)
- CVE-2021-28711: Fixed a rogue backends that could cause DoS of guests
via high frequency events by hardening blkfront against event channel
storms. (bsc#1193440)
- CVE-2020-24504: Fixed an uncontrolled resource consumption in some
Intel(R) Ethernet E810 Adapter drivers that may have allowed an
authenticated user to potentially enable denial of service via local
access. (bnc#1182404)
- CVE-2021-43975: Fixed a flaw in hw_atl_utils_fw_rpc_wait that could
allow an attacker (who can introduce a crafted device) to trigger an
out-of-bounds write via a crafted length value. (bnc#1192845)
- CVE-2021-43976: Fixed a flaw that could allow an attacker (who can
connect a crafted USB device) to cause a denial of service. (bnc#1192847)
- CVE-2021-4002: Added a missing TLB flush that could lead to leak or
corruption of data in hugetlbfs. (bsc#1192946)
- CVE-2020-27820: Fixed a vulnerability where a use-after-frees in
nouveau's postclose() handler could happen if removing device.
(bnc#1179599)
The following non-security bugs were fixed:
- ACPI: battery: Accept charges over the design capacity as full
(git-fixes).
- ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses (git-fixes).
- ACPICA: Avoid evaluating methods too early during system resume
(git-fixes).
- Add SMB 2 support for getting and setting SACLs (bsc#1192606).
- Add to supported.conf: fs/smbfs_common/cifs_arc4 fs/smbfs_common/cifs_md4
- ALSA: ctxfi: Fix out-of-range access (git-fixes).
- ALSA: gus: fix null pointer dereference on pointer block (git-fixes).
- ALSA: hda: hdac_ext_stream: fix potential locking issues (git-fixes).
- ALSA: hda: hdac_stream: fix potential locking issue in
snd_hdac_stream_assign() (git-fixes).
- ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS UX550VE (git-fixes).
- ALSA: hda/realtek: Add quirk for Clevo PC70HS (git-fixes).
- ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED
(git-fixes).
- ALSA: ISA: not for M68K (git-fixes).
- ALSA: synth: missing check for possible NULL after the call to kstrdup
(git-fixes).
- ALSA: timer: Fix use-after-free problem (git-fixes).
- ALSA: timer: Unconditionally unlink slave instances, too (git-fixes).
- ALSA: usb-audio: Add registration quirk for JBL Quantum 400 (git-fixes).
- ARM: 8970/1: decompressor: increase tag size (git-fixes).
- ARM: 8974/1: use SPARSMEM_STATIC when SPARSEMEM is enabled (git-fixes)
- ARM: 8986/1: hw_breakpoint: Do not invoke overflow handler on uaccess
watchpoints (git-fixes)
- ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT
(git-fixes)
- ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe
(git-fixes)
- ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores
(git-fixes)
- ARM: 9064/1: hw_breakpoint: Do not directly check the event's (git-fixes)
- ARM: 9071/1: uprobes: Do not hook on thumb instructions (git-fixes)
- ARM: 9081/1: fix gcc-10 thumb2-kernel regression (git-fixes)
- ARM: 9091/1: Revert "mm: qsd8x50: Fix incorrect permission faults"
(git-fixes)
- ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned (git-fixes)
- ARM: 9134/1: remove duplicate memcpy() definition (git-fixes)
- ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype (git-fixes)
- ARM: 9141/1: only warn about XIP address when not compile testing
(git-fixes)
- ARM: 9155/1: fix early early_iounmap() (git-fixes)
- ARM: at91: pm: add missing put_device() call in at91_pm_sram_init()
(git-fixes)
- ARM: at91: pm: of_node_put() after its usage (git-fixes)
- ARM: at91: pm: use proper master clock register offset (git-fixes)
- ARM: bcm: Select ARM_TIMER_SP804 for ARCH_BCM_NSP (git-fixes)
- ARM: dts sunxi: Relax a bit the CMA pool allocation range (git-fixes)
- ARM: dts: am335x-pocketbeagle: Fix mmc0 Write Protect (git-fixes)
- ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema
(git-fixes)
- ARM: dts: am437x-idk-evm: Fix incorrect OPP node names (git-fixes)
- ARM: dts: am437x-l4: fix typo in can@0 node (git-fixes)
- ARM: dts: armada-38x: fix NETA lockup when repeatedly switching speeds
(git-fixes)
- ARM: dts: armada388-helios4: assign pinctrl to each fan (git-fixes)
- ARM: dts: armada388-helios4: assign pinctrl to LEDs (git-fixes)
- ARM: dts: aspeed: s2600wf: Fix VGA memory region location (git-fixes)
- ARM: dts: aspeed: tiogapass: Remove vuart (git-fixes)
- ARM: dts: at91-sama5d27_som1: fix phy address to 7 (git-fixes)
- ARM: dts: at91: add pinctrl-{names, 0} for all gpios (git-fixes)
- ARM: dts: at91: at91sam9rl: fix ADC triggers (git-fixes)
- ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description (git-fixes)
- ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin (git-fixes)
- ARM: dts: at91: sama5d2_xplained: classd: pull-down the R1 and R3 lines
(git-fixes)
- ARM: dts: at91: sama5d2: fix CAN message ram offset and size (git-fixes)
- ARM: dts: at91: sama5d2: map securam as device (git-fixes)
- ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host (git-fixes)
- ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host (git-fixes)
- ARM: dts: at91: sama5d4: fix pinctrl muxing (git-fixes)
- ARM: dts: at91: tse850: the emaclt;->phy interface is rmii (git-fixes)
- ARM: dts: bcm: HR2: Fix PPI interrupt types (git-fixes)
- ARM: dts: bcm: HR2: Fixed QSPI compatible string (git-fixes)
- ARM: dts: bcm2835-rpi-zero-w: Fix led polarity (git-fixes)
- ARM: dts: BCM5301X: Add interrupt properties to GPIO node (git-fixes)
- ARM: dts: BCM5301X: Fix I2C controller interrupt (git-fixes)
- ARM: dts: BCM5301X: Fixed QSPI compatible string (git-fixes)
- ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz (git-fixes)
- ARM: dts: Configure missing thermal interrupt for 4430 (git-fixes)
- ARM: dts: dra76x: Fix mmc3 max-frequency (git-fixes)
- ARM: dts: dra76x: m_can: fix order of clocks (git-fixes)
- ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source (git-fixes)
- ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas
(git-fixes)
- ARM: dts: exynos: correct MUIC interrupt trigger level on Midas
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Midas
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Monk
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Snow
(git-fixes)
- ARM: dts: exynos: correct PMIC interrupt trigger level on Spring
(git-fixes)
- ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's
bus (git-fixes)
- ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1 (git-fixes)
- ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 (git-fixes)
- ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 (git-fixes)
- ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (git-fixes)
- ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid
(git-fixes)
- ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on
(git-fixes)
- ARM: dts: Fix dcan driver probe failed on am437x platform (git-fixes)
- ARM: dts: Fix duovero smsc interrupt for suspend (git-fixes)
- ARM: dts: gemini-rut1xx: remove duplicate ethernet node (git-fixes)
- ARM: dts: gose: Fix ports node name for adv7180 (git-fixes)
- ARM: dts: gose: Fix ports node name for adv7612 (git-fixes)
- ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells (git-fixes)
- ARM: dts: imx: Fix USB host power regulator polarity on M53Menlo
(git-fixes)
- ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out
(git-fixes)
- ARM: dts: imx27-phytec-phycard-s-rdk: Fix the I2C1 pinctrl entries
(git-fixes)
- ARM: dts: imx50-evk: Fix the chip select 1 IOMUX (git-fixes)
- ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces
(git-fixes)
- ARM: dts: imx6: phycore-som: fix arm and soc minimum voltage (git-fixes)
- ARM: dts: imx6: phycore-som: fix emmc supply (git-fixes)
- ARM: dts: imx6: Use gpc for FEC interrupt controller to fix wake on LAN
(git-fixes)
- ARM: dts: imx6dl-colibri-eval-v3: fix sram compatible properties
(git-fixes).
- ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch
(git-fixes)
- ARM: dts: imx6dl-yapp4: Fix Ursa board Ethernet connection (git-fixes)
- ARM: dts: imx6q-dhcom: Add gpios pinctrl for i2c bus recovery (git-fixes)
- ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators (git-fixes)
- ARM: dts: imx6q-dhcom: Fix ethernet plugin detection problems (git-fixes)
- ARM: dts: imx6q-dhcom: Fix ethernet reset time properties (git-fixes)
- ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming (git-fixes)
- ARM: dts: imx6qdl-gw551x: Do not use 'simple-audio-card,dai-link'
(git-fixes)
- ARM: dts: imx6qdl-gw551x: fix audio SSI (git-fixes)
- ARM: dts: imx6qdl-icore: Fix OTG_ID pin and sdcard detect (git-fixes)
- ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status
(git-fixes)
- ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin (git-fixes)
- ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms
(git-fixes)
- ARM: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy (git-fixes)
- ARM: dts: imx6sl: fix rng node (git-fixes)
- ARM: dts: imx6sx-sabreauto: Fix the phy-mode on fec2 (git-fixes)
- ARM: dts: imx6sx-sdb: Fix the phy-mode on fec2 (git-fixes)
- ARM: dts: imx6sx: Add missing UART RTS/CTS pins mux (git-fixes)
- ARM: dts: imx6sx: fix the pad QSPI1B_SCLK mux mode for uart3 (git-fixes)
- ARM: dts: imx6sx: Improve UART pins macro defines (git-fixes)
- ARM: dts: imx7-colibri: Fix frequency for sd/mmc (git-fixes)
- ARM: dts: imx7-colibri: fix muxing of usbc_det pin (git-fixes)
- ARM: dts: imx7-colibri: prepare module device tree for FlexCAN
(git-fixes)
- ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property (git-fixes)
- ARM: dts: imx7d-pico: Fix the 'tuning-step' property (git-fixes)
- ARM: dts: imx7d: Correct speed grading fuse settings (git-fixes)
- ARM: dts: imx7d: fix opp-supported-hw (git-fixes)
- ARM: dts: imx7ulp: Correct gpio ranges (git-fixes)
- ARM: dts: logicpd-som-lv-baseboard: Fix broken audio (git-fixes)
- ARM: dts: logicpd-som-lv-baseboard: Fix missing video (git-fixes)
- ARM: dts: logicpd-torpedo-baseboard: Fix broken audio (git-fixes)
- ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL (git-fixes)
- ARM: dts: ls1021a: fix QuadSPI-memory reg range (git-fixes)
- ARM: dts: ls1021a: Restore MDIO compatible to gianfar (git-fixes)
- ARM: dts: meson: fix PHY deassert timing requirements (git-fixes)
- ARM: dts: meson8: remove two invalid interrupt lines from the GPU
(git-fixes)
- ARM: dts: meson8: Use a higher default GPU clock frequency (git-fixes)
- ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties
(git-fixes)
- ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties
(git-fixes)
- ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties
(git-fixes)
- ARM: dts: mt7623: add missing pause for switchport (git-fixes)
- ARM: dts: N900: fix onenand timings (git-fixes).
- ARM: dts: NSP: Correct FA2 mailbox node (git-fixes)
- ARM: dts: NSP: Disable PL330 by default, add dma-coherent property
(git-fixes)
- ARM: dts: NSP: Fixed QSPI compatible string (git-fixes)
- ARM: dts: omap3-gta04a4: accelerometer irq fix (git-fixes)
- ARM: dts: omap3430-sdp: Fix NAND device node (git-fixes)
- ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers (git-fixes)
- ARM: dts: oxnas: Fix clear-mask property (git-fixes)
- ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard
(git-fixes)
- ARM: dts: qcom: apq8064: Use 27MHz PXO clock as DSI PLL reference
(git-fixes)
- ARM: dts: qcom: msm8974: Add xo_board reference clock to DSI0 PHY
(git-fixes)
- ARM: dts: r7s9210: Remove bogus clock-names from OSTM nodes (git-fixes)
- ARM: dts: r8a73a4: Add missing CMT1 interrupts (git-fixes)
- ARM: dts: r8a7740: Add missing extal2 to CPG node (git-fixes)
- ARM: dts: r8a7779, marzen: Fix DU clock names (git-fixes)
- ARM: dts: Remove non-existent i2c1 from 98dx3236 (git-fixes)
- ARM: dts: renesas: Fix IOMMU device node names (git-fixes)
- ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries
(git-fixes)
- ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema
(git-fixes)
- ARM: dts: socfpga: fix register entry for timer3 on Arria10 (git-fixes)
- ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32f429
(git-fixes)
- ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32h743
(git-fixes)
- ARM: dts: sun6i: a31-hummingbird: Enable RGMII RX/TX delay on (git-fixes)
- ARM: dts: sun7i: a20: bananapro: Fix ethernet phy-mode (git-fixes)
- ARM: dts: sun7i: bananapi-m1-plus: Enable RGMII RX/TX delay on
(git-fixes)
- ARM: dts: sun7i: bananapi: Enable RGMII RX/TX delay on Ethernet PHY
(git-fixes)
- ARM: dts: sun7i: cubietruck: Enable RGMII RX/TX delay on Ethernet PHY
(git-fixes)
- ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY
(git-fixes)
- ARM: dts: sun8i-a83t-tbs-a711: Fix USB OTG mode detection (git-fixes)
- ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity (git-fixes)
- ARM: dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY
(git-fixes)
- ARM: dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on
(git-fixes)
- ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator (git-fixes)
- ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator (git-fixes)
- ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node (git-fixes)
- ARM: dts: sun8i: r40: Move AHCI device node based on address order
(git-fixes)
- ARM: dts: sun8i: v3s: fix GIC node memory range (git-fixes)
- ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node (git-fixes)
- ARM: dts: sun9i: Enable both RGMII RX/TX delay on Ethernet PHY
(git-fixes)
- ARM: dts: sunxi: bananapi-m2-plus-v1.2: Fix CPU supply voltages
(git-fixes)
- ARM: dts: sunxi: bananapi-m2-plus: Enable RGMII RX/TX delay on
(git-fixes)
- ARM: dts: sunxi: Fix DE2 clocks register range (git-fixes)
- ARM: dts: turris-omnia: add comphy handle to eth2 (git-fixes)
- ARM: dts: turris-omnia: add SFP node (git-fixes)
- ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin
(git-fixes)
- ARM: dts: turris-omnia: describe switch interrupt (git-fixes)
- ARM: dts: turris-omnia: enable HW buffer management (git-fixes)
- ARM: dts: turris-omnia: fix hardware buffer management (git-fixes)
- ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins
(git-fixes)
- ARM: dts: uniphier: Set SCSSI clock and reset IDs for each channel
(git-fixes).
- ARM: dts: vf610-zii-dev-rev-b: Remove #address-cells and #size-cells
(git-fixes)
- ARM: dts: vfxxx: Add syscon compatible with OCOTP (git-fixes)
- ARM: exynos: add missing of_node_put for loop iteration (git-fixes)
- ARM: exynos: MCPM: Restore big.LITTLE cpuidle support (git-fixes)
- ARM: footbridge: fix PCI interrupt mapping (git-fixes)
- ARM: imx: add missing clk_disable_unprepare() (git-fixes)
- ARM: imx: add missing iounmap() (git-fixes)
- ARM: imx: build suspend-imx6.S with arm instruction set (git-fixes)
- ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init
(git-fixes)
- ARM: imx5: add missing put_device() call in imx_suspend_alloc_ocram()
(git-fixes)
- ARM: imx6: disable the GIC CPU interface before calling stby-poweroff
(git-fixes)
- ARM: mvebu: drop pointless check for coherency_base (git-fixes)
- ARM: OMAP2+: Fix legacy mode dss_reset (git-fixes)
- ARM: OMAP2+: omap_device: fix idling of devices during probe (git-fixes)
- ARM: OMAP2+: pm33xx-core: Make am43xx_get_rtc_base_addr static
(git-fixes)
- ARM: p2v: fix handling of LPAE translation in BE mode (git-fixes)
- ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc()
(git-fixes)
- ARM: s3c24xx: fix missing system reset (git-fixes)
- ARM: s3c24xx: fix mmc gpio lookup tables (git-fixes)
- ARM: samsung: do not build plat/pm-common for Exynos (git-fixes)
- ARM: samsung: fix PM debug build with DEBUG_LL but !MMU (git-fixes)
- ARM: socfpga: PM: add missing put_device() call in
socfpga_setup_ocram_self_refresh() (git-fixes)
- ASoC: DAPM: Cover regression by kctl change notification fix (git-fixes).
- ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect
(git-fixes).
- ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer (git-fixes).
- ASoC: SOF: Intel: hda-dai: fix potential locking issue (git-fixes).
- ASoC: topology: Add missing rwsem around snd_ctl_remove() calls
(git-fixes).
- ath: dfs_pattern_detector: Fix possible null-pointer dereference in
channel_detector_create() (git-fixes).
- ath10k: fix invalid dma_addr_t token assignment (git-fixes).
- ath10k: high latency fixes for beacon buffer (git-fixes).
- Bbluetooth: btusb: Add another Bluetooth part for Realtek 8852AE
(bsc#1193655).
- bfq: Limit number of requests consumed by each cgroup (bsc#1184318).
- bfq: Store full bitmap depth in bfq_data (bsc#1184318).
- bfq: Track number of allocated requests in bfq_entity (bsc#1184318).
- block: Fix use-after-free issue accessing struct io_cq (bsc#1193042).
- block: Provide blk_mq_sched_get_icq() (bsc#1184318).
- Bluetooth: Add additional Bluetooth part for Realtek 8852AE
(bsc#1193655).
- Bluetooth: btrtl: Refine the ic_id_table for clearer and more regular
(bsc#1193655).
- Bluetooth: btusb: Add the more support IDs for Realtek RTL8822CE
(bsc#1193655).
- Bluetooth: btusb: Add the new support ID for Realtek RTL8852A
(bsc#1193655).
- Bluetooth: btusb: btrtl: Add support for RTL8852A (bsc#1193655).
- Bluetooth: fix use-after-free error in lock_sock_nested() (git-fixes).
- bnxt_en: reject indirect blk offload when hw-tc-offload is off
(jsc#SLE-8372 bsc#1153275).
- bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed
(git-fixes).
- bpf, arm: Fix register clobbering in div/mod implementation (git-fixes)
- bpf, s390: Fix potential memory leak about jit_data (git-fixes).
- bpf, x86: Fix "no previous prototype" warning (git-fixes).
- brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet
(git-fixes).
- btrfs: do not ignore error from btrfs_next_leaf() when inserting
checksums (bsc#1193002).
- btrfs: fix fsync failure and transaction abort after writes to prealloc
extents (bsc#1193002).
- btrfs: fix lost inode on log replay after mix of fsync, rename and inode
eviction (bsc#1192998).
- btrfs: fix race causing unnecessary inode logging during link and rename
(bsc#1192998).
- btrfs: make checksum item extension more efficient (bsc#1193002).
- cfg80211: call cfg80211_stop_ap when switch from P2P_GO type (git-fixes).
- cifs use true,false for bool variable (bsc#1164565).
- cifs_atomic_open(): fix double-put on late allocation failure
(bsc#1192606).
- cifs_debug: use %pd instead of messing with ->d_name (bsc#1192606).
- cifs: add a debug macro that prints \\server\share for errors
(bsc#1164565).
- cifs: add a function to get a cached dir based on its dentry
(bsc#1192606).
- cifs: add a helper to find an existing readable handle to a file
(bsc#1154355).
- cifs: add a timestamp to track when the lease of the cached dir was
taken (bsc#1192606).
- cifs: add an smb3_fs_context to cifs_sb (bsc#1192606).
- cifs: add FALLOC_FL_INSERT_RANGE support (bsc#1192606).
- cifs: add files to host new mount api (bsc#1192606).
- cifs: add fs_context param to parsing helpers (bsc#1192606).
- cifs: Add get_security_type_str function to return sec type
(bsc#1192606).
- cifs: add initial reconfigure support (bsc#1192606).
- cifs: add missing mount option to /proc/mounts (bsc#1164565).
- cifs: add missing parsing of backupuid (bsc#1192606).
- cifs: Add missing sentinel to smb3_fs_parameters (bsc#1192606).
- cifs: add mount parameter tcpnodelay (bsc#1192606).
- cifs: add multichannel mount options and data structs (bsc#1192606).
- cifs: add new debugging macro cifs_server_dbg (bsc#1164565).
- cifs: Add new mount parameter "acdirmax" to allow caching directory
metadata (bsc#1192606).
- cifs: Add new parameter "acregmax" for distinct file and directory
metadata timeout (bsc#1192606).
- cifs: add NULL check for ses->tcon_ipc (bsc#1178270).
- cifs: add passthrough for smb2 setinfo (bsc#1164565).
- cifs: add server param (bsc#1192606).
- cifs: add shutdown support (bsc#1192606).
- cifs: add smb2 POSIX info level (bsc#1164565).
- cifs: add SMB2_open() arg to return POSIX data (bsc#1164565).
- cifs: add SMB3 change notification support (bsc#1164565).
- cifs: add support for FALLOC_FL_COLLAPSE_RANGE (bsc#1192606).
- cifs: add support for fallocate mode 0 for non-sparse files
(bsc#1164565).
- cifs: add support for flock (bsc#1164565).
- cifs: Add support for setting owner info, dos attributes, and create
time (bsc#1164565).
- cifs: Add tracepoints for errors on flush or fsync (bsc#1164565).
- cifs: Add witness information to debug data dump (bsc#1192606).
- cifs: add witness mount option and data structs (bsc#1192606).
- cifs: added WARN_ON for all the count decrements (bsc#1192606).
- cifs: Adjust indentation in smb2_open_file (bsc#1164565).
- cifs: Adjust key sizes and key generation routines for AES256 encryption
(bsc#1192606).
- cifs: allocate buffer in the caller of build_path_from_dentry()
(bsc#1192606).
- cifs: Allocate crypto structures on the fly for calculating signatures
of incoming packets (bsc#1192606).
- cifs: Allocate encryption header through kmalloc (bsc#1192606).
- cifs: allow chmod to set mode bits using special sid (bsc#1164565).
- cifs: allow syscalls to be restarted in __smb_send_rqst() (bsc#1176956).
- cifs: allow unlock flock and OFD lock across fork (bsc#1192606).
- cifs: Always update signing key of first channel (bsc#1192606).
- cifs: ask for more credit on async read/write code paths (bsc#1192606).
- cifs: Assign boolean values to a bool variable (bsc#1192606).
- cifs: Avoid doing network I/O while holding cache lock (bsc#1164565).
- cifs: Avoid error pointer dereference (bsc#1192606).
- cifs: avoid extra calls in posix_info_parse (bsc#1192606).
- cifs: Avoid field over-reading memcpy() (bsc#1192606).
- cifs: avoid starvation when refreshing dfs cache (bsc#1185902).
- cifs: avoid using MID 0xFFFF (bnc#1151927 5.3.8).
- cifs: call wake_up(server->response_q) inside of cifs_reconnect()
(bsc#1164565).
- cifs: change confusing field serverName (to ip_addr) (bsc#1192606).
- cifs: change format of CIFS_FULL_KEY_DUMP ioctl (bsc#1192606).
- cifs: change noisy error message to FYI (bsc#1181507).
- cifs: Change SIDs in ACEs while transferring file ownership
(bsc#1192606).
- cifs: check all path components in resolved dfs target (bsc#1181710).
- cifs: check new file size when extending file by fallocate (bsc#1192606).
- cifs: check pointer before freeing (bsc#1183534).
- cifs: check the timestamp for the cached dirent when deciding on
revalidate (bsc#1192606).
- cifs: cifs_md4 convert to SPDX identifier (bsc#1192606).
- cifs: cifspdu.h: Replace one-element array with flexible-array member
(bsc#1192606).
- cifs: cifspdu.h: Replace zero-length array with flexible-array member
(bsc#1192606).
- cifs: cifsssmb: remove redundant assignment to variable ret
(bsc#1164565).
- cifs: clarify comment about timestamp granularity for old servers
(bsc#1192606).
- cifs: clarify hostname vs ip address in /proc/fs/cifs/DebugData
(bsc#1192606).
- cifs: Clarify SMB1 code for delete (bsc#1192606).
- cifs: Clarify SMB1 code for POSIX Create (bsc#1192606).
- cifs: Clarify SMB1 code for POSIX delete file (bsc#1192606).
- cifs: Clarify SMB1 code for POSIX Lock (bsc#1192606).
- cifs: Clarify SMB1 code for rename open file (bsc#1192606).
- cifs: Clarify SMB1 code for SetFileSize (bsc#1192606).
- cifs: clarify SMB1 code for UnixCreateHardLink (bsc#1192606).
- cifs: Clarify SMB1 code for UnixCreateSymLink (bsc#1192606).
- cifs: Clarify SMB1 code for UnixSetPathInfo (bsc#1192606).
- cifs: Clean up DFS referral cache (bsc#1164565).
- cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (bsc#1192606).
- cifs: cleanup misc.c (bsc#1192606).
- cifs: clear PF_MEMALLOC before exiting demultiplex thread (bsc#1192606).
- cifs: Close cached root handle only if it had a lease (bsc#1164565).
- cifs: Close open handle after interrupted close (bsc#1164565).
- cifs: close the shared root handle on tree disconnect (bsc#1164565).
- cifs: compute full_path already in cifs_readdir() (bsc#1192606).
- cifs: connect individual channel servers to primary channel server
(bsc#1192606).
- cifs: connect: style: Simplify bool comparison (bsc#1192606).
- cifs: constify get_normalized_path() properly (bsc#1185902).
- cifs: constify path argument of ->make_node() (bsc#1192606).
- cifs: constify pathname arguments in a bunch of helpers (bsc#1192606).
- cifs: Constify static struct genl_ops (bsc#1192606).
- cifs: convert list_for_each to entry variant (bsc#1192606,
jsc#SLE-20042).
- cifs: convert list_for_each to entry variant in cifs_debug.c
(bsc#1192606).
- cifs: convert list_for_each to entry variant in smb2misc.c (bsc#1192606).
- cifs: convert revalidate of directories to using directory metadata
cache timeout (bsc#1192606).
- cifs: convert to use be32_add_cpu() (bsc#1192606).
- cifs: Convert to use the fallthrough macro (bsc#1192606).
- cifs: correct comments explaining internal semaphore usage in the module
(bsc#1192606).
- cifs: correct four aliased mount parms to allow use of previous names
(bsc#1192606).
- cifs: create a helper function to parse the query-directory response
buffer (bsc#1164565).
- cifs: create a helper to find a writeable handle by path name
(bsc#1154355).
- cifs: create a MD4 module and switch cifs.ko to use it (bsc#1192606).
- cifs: Create a new shared file holding smb2 pdu definitions
(bsc#1192606).
- cifs: create sd context must be a multiple of 8 (bsc#1192606).
- cifs: Deal with some warnings from W=1 (bsc#1192606).
- cifs: Delete a stray unlock in cifs_swn_reconnect() (bsc#1192606).
- cifs: delete duplicated words in header files (bsc#1192606).
- cifs: detect dead connections only when echoes are enabled (bsc#1192606).
- cifs: Display local UID details for SMB sessions in DebugData
(bsc#1192606).
- cifs: do d_move in rename (bsc#1164565).
- cifs: do not allow changing posix_paths during remount (bsc#1192606).
- cifs: do not cargo-cult strndup() (bsc#1185902).
- cifs: do not create a temp nls in cifs_setup_ipc (bsc#1192606).
- cifs: do not disable noperm if multiuser mount option is not provided
(bsc#1192606).
- cifs: Do not display RDMA transport on reconnect (bsc#1164565).
- cifs: do not duplicate fscache cookie for secondary channels
(bsc#1192606).
- cifs: do not fail __smb_send_rqst if non-fatal signals are pending
(git-fixes).
- cifs: do not ignore the SYNC flags in getattr (bsc#1164565).
- cifs: do not leak -EAGAIN for stat() during reconnect (bsc#1164565).
- cifs: Do not leak EDEADLK to dgetents64 for STATUS_USER_SESSION_DELETED
(bsc#1192606).
- cifs: Do not miss cancelled OPEN responses (bsc#1164565).
- cifs: do not negotiate session if session already exists (bsc#1192606).
- cifs: do not send close in compound create+close requests (bsc#1181507).
- cifs: do not send tree disconnect to ipc shares (bsc#1185902).
- cifs: do not share tcons with DFS (bsc#1178270).
- cifs: do not share tcp servers with dfs mounts (bsc#1185902).
- cifs: do not share tcp sessions of dfs connections (bsc#1185902).
- cifs: do not use 'pre:' for MODULE_SOFTDEP (bsc#1164565).
- cifs: Do not use iov_iter::type directly (bsc#1192606).
- cifs: Do not use the original cruid when following DFS links for
multiuser mounts (bsc#1192606).
- cifs: document and cleanup dfs mount (bsc#1178270).
- cifs: dump channel info in DebugData (bsc#1192606).
- cifs: dump Security Type info in DebugData (bsc#1192606).
- cifs: dump the session id and keys also for SMB2 sessions (bsc#1192606).
- cifs: enable change notification for SMB2.1 dialect (bsc#1164565).
- cifs: enable extended stats by default (bsc#1192606).
- cifs: Enable sticky bit with cifsacl mount option (bsc#1192606).
- cifs: ensure correct super block for DFS reconnect (bsc#1178270).
- cifs: escape spaces in share names (bsc#1192606).
- cifs: export supported mount options via new mount_params /proc file
(bsc#1192606).
- cifs: fail i/o on soft mounts if sessionsetup errors out (bsc#1164565).
- cifs: fiemap: do not return EINVAL if get nothing (bsc#1192606).
- cifs: fix a comment for the timeouts when sending echos (bsc#1164565).
- cifs: fix a memleak with modefromsid (bsc#1192606).
- cifs: fix a sign extension bug (bsc#1192606).
- cifs: fix a white space issue in cifs_get_inode_info() (bsc#1164565).
- cifs: fix allocation size on newly created files (bsc#1192606).
- cifs: Fix an error pointer dereference in cifs_mount() (bsc#1178270).
- cifs: Fix atime update check vs mtime (bsc#1164565).
- cifs: Fix bug which the return value by asynchronous read is error
(bsc#1192606).
- cifs: Fix cached_fid refcnt leak in open_shroot (bsc#1192606).
- cifs: fix channel signing (bsc#1192606).
- cifs: fix check of dfs interlinks (bsc#1185902).
- cifs: fix check of tcon dfs in smb1 (bsc#1178270).
- cifs: Fix chmod with modefromsid when an older ACE already exists
(bsc#1192606).
- cifs: fix chown and chgrp when idsfromsid mount option enabled
(bsc#1192606).
- cifs: Fix cifsacl ACE mask for group and others (bsc#1192606).
- cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs
(bnc#1151927 5.3.10).
- cifs: fix credit accounting for extra channel (bsc#1192606).
- cifs: fix dereference on ses before it is null checked (bsc#1164565).
- cifs: fix dfs domain referrals (bsc#1192606).
- cifs: fix DFS failover (bsc#1192606).
- cifs: fix DFS mount with cifsacl/modefromsid (bsc#1178270).
- cifs: fix dfs-links (bsc#1192606).
- cifs: fix doc warnings in cifs_dfs_ref.c (bsc#1192606).
- cifs: Fix double add page to memcg when cifs_readpages (bsc#1192606).
- cifs: fix double free error on share and prefix (bsc#1178270).
- cifs: Fix fall-through warnings for Clang (bsc#1192606).
- cifs: fix fallocate when trying to allocate a hole (bsc#1192606).
- cifs: fix gcc warning in sid_to_id (bsc#1192606).
- cifs: fix handling of escaped ',' in the password mount argument
(bsc#1192606).
- cifs: Fix in error types returned for out-of-credit situations
(bsc#1192606).
- cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
- cifs: Fix inconsistent indenting (bsc#1192606).
- cifs: Fix inconsistent IS_ERR and PTR_ERR (bsc#1192606).
- cifs: fix incorrect check for null pointer in header_assemble
(bsc#1192606).
- cifs: fix incorrect kernel doc comments (bsc#1192606).
- cifs: fix interrupted close commands (git-fixes).
- cifs: fix ipv6 formating in cifs_ses_add_channel (bsc#1192606).
- cifs: fix leak in cifs_smb3_do_mount() ctx (bsc#1192606).
- cifs: Fix leak when handling lease break for cached root fid
(bsc#1176242).
- cifs: fix leaked reference on requeued write (bsc#1178270).
- cifs: Fix lookup of root ses in DFS referral cache (bsc#1164565).
- cifs: Fix lookup of SMB connections on multichannel (bsc#1192606).
- cifs: fix max ea value size (bnc#1151927 5.3.4).
- cifs: Fix memory allocation in __smb2_handle_cancelled_cmd()
(bsc#1164565).
- cifs: fix memory leak in smb2_copychunk_range (git-fixes).
- cifs: fix memory leak of smb3_fs_context_dup::server_hostname
(bsc#1192606).
- cifs: fix minor typos in comments and log messages (bsc#1192606).
- cifs: Fix missed free operations (bnc#1151927 5.3.8).
- cifs: fix missing null session check in mount (bsc#1192606).
- cifs: fix missing spinlock around update to ses->status (bsc#1192606).
- cifs: fix misspellings using codespell tool (bsc#1192606).
- cifs: fix mode bits from dir listing when mounted with modefromsid
(bsc#1164565).
- cifs: Fix mode output in debugging statements (bsc#1164565).
- cifs: fix mount option display for sec=krb5i (bsc#1161907).
- cifs: Fix mount options set in automount (bsc#1164565).
- cifs: fix mounts to subdirectories of target (bsc#1192606).
- cifs: fix nodfs mount option (bsc#1181710).
- cifs: fix NULL dereference in match_prepath (bsc#1164565).
- cifs: fix NULL dereference in smb2_check_message() (bsc#1192606).
- cifs: Fix null pointer check in cifs_read (bsc#1192606).
- cifs: Fix NULL pointer dereference in mid callback (bsc#1164565).
- cifs: Fix NULL-pointer dereference in smb2_push_mandatory_locks
(bnc#1151927 5.3.16).
- cifs: Fix oplock handling for SMB 2.1+ protocols (bnc#1151927 5.3.4).
- cifs: fix out-of-bound memory access when calling smb3_notify() at mount
point (bsc#1192606).
- cifs: fix path comparison and hash calc (bsc#1185902).
- cifs: fix possible uninitialized access and race on iface_list
(bsc#1192606).
- cifs: Fix potential deadlock when updating vol in cifs_reconnect()
(bsc#1164565).
- cifs: fix potential mismatch of UNC paths (bsc#1164565).
- cifs: Fix potential softlockups while refreshing DFS cache (bsc#1164565).
- cifs: fix potential use-after-free bugs (bsc#1192606, jsc#SLE-20042).
- cifs: fix potential use-after-free in cifs_echo_request() (bsc#1139944).
- cifs: Fix preauth hash corruption (git-fixes).
- cifs: fix print of hdr_flags in dfscache_proc_show() (bsc#1192606,
jsc#SLE-20042).
- cifs: fix reference leak for tlink (bsc#1192606).
- cifs: fix regression when mounting shares with prefix paths
(bsc#1192606).
- cifs: fix rename() by ensuring source handle opened with DELETE bit
(bsc#1164565).
- cifs: Fix resource leak (bsc#1192606).
- cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1164565).
- cifs: Fix retry mid list corruption on reconnects (bnc#1151927 5.3.10).
- cifs: Fix return value in __update_cache_entry (bsc#1164565).
- cifs: fix rsize/wsize to be negotiated values (bsc#1192606).
- cifs: fix SMB1 error path in cifs_get_file_info_unix (bsc#1192606).
- cifs: Fix SMB2 oplock break processing (bsc#1154355 bnc#1151927 5.3.16).
- cifs: fix soft mounts hanging in the reconnect code (bsc#1164565).
- cifs: fix soft mounts hanging in the reconnect code (bsc#1164565).
- cifs: Fix some error pointers handling detected by static checker
(bsc#1192606).
- cifs: Fix spelling of 'security' (bsc#1192606).
- cifs: fix string declarations and assignments in tracepoints
(bsc#1192606).
- cifs: Fix support for remount when not changing rsize/wsize
(bsc#1192606).
- cifs: Fix task struct use-after-free on reconnect (bsc#1164565).
- cifs: fix the out of range assignment to bit fields in
parse_server_interfaces (bsc#1192606).
- cifs: Fix the target file was deleted when rename failed (bsc#1192606).
- cifs: fix trivial typo (bsc#1192606).
- cifs: fix uninitialised lease_key in open_shroot() (bsc#1178270).
- cifs: fix uninitialized variable in smb3_fs_context_parse_param
(bsc#1192606).
- cifs: fix unitialized variable poential problem with network I/O cache
lock patch (bsc#1164565).
- cifs: Fix unix perm bits to cifsacl conversion for "other" bits
(bsc#1192606).
- cifs: fix unneeded null check (bsc#1192606).
- cifs: fix use after free in cifs_smb3_do_mount() (bsc#1192606).
- cifs: Fix use after free of file info structures (bnc#1151927 5.3.8).
- cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1164565).
- cifs: fix wrong release in sess_alloc_buffer() failed path (bsc#1192606).
- cifs: for compound requests, use open handle if possible (bsc#1192606).
- cifs: Force reval dentry if LOOKUP_REVAL flag is set (bnc#1151927 5.3.7).
- cifs: Force revalidate inode when dentry is stale (bnc#1151927 5.3.7).
- cifs: fork arc4 and create a separate module for it for cifs and other
users (bsc#1192606).
- cifs: get mode bits from special sid on stat (bsc#1164565).
- cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902).
- cifs: get rid of cifs_sb->mountdata (bsc#1192606).
- cifs: Get rid of kstrdup_const()'d paths (bsc#1164565).
- cifs: get rid of unused parameter in reconn_setup_dfs_targets()
(bsc#1178270).
- cifs: Grab a reference for the dentry of the cached directory during the
lifetime of the cache (bsc#1192606).
- cifs: Gracefully handle QueryInfo errors during open (bnc#1151927 5.3.7).
- cifs: handle -EINTR in cifs_setattr (bsc#1192606).
- cifs: handle "guest" mount parameter (bsc#1192606).
- cifs: handle "nolease" option for vers=1.0 (bsc#1192606).
- cifs: handle different charsets in dfs cache (bsc#1185902).
- cifs: handle empty list of targets in cifs_reconnect() (bsc#1178270).
- cifs: handle hostnames that resolve to same ip in failover (bsc#1178270).
- cifs: handle prefix paths in reconnect (bsc#1164565).
- cifs: handle reconnect of tcon when there is no cached dfs referral
(bsc#1192606).
- cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect
(bsc#1178270).
- cifs: Handle witness client move notification (bsc#1192606).
- cifs: have ->mkdir() handle race with another client sanely
(bsc#1192606).
- cifs: have cifs_fattr_to_inode() refuse to change type on live inode
(bsc#1192606).
- cifs: Identify a connection by a conn_id (bsc#1192606).
- cifs: If a corrupted DACL is returned by the server, bail out
(bsc#1192606).
- cifs: ignore auto and noauto options if given (bsc#1192606).
- cifs: ignore cached share root handle closing errors (bsc#1166780).
- cifs: improve fallocate emulation (bsc#1192606).
- cifs: improve read performance for page size 64KB cache=strict vers=2.1+
(bsc#1192606).
- cifs: In the new mount api we get the full devname as source=
(bsc#1192606).
- cifs: Increment num_remote_opens stats counter even in case of
smb2_query_dir_first (bsc#1192606).
- cifs: Initialize filesystem timestamp ranges (bsc#1164565).
- cifs: introduce cifs_ses_mark_for_reconnect() helper (bsc#1192606).
- cifs: introduce helper for finding referral server (bsc#1181710).
- cifs: Introduce helpers for finding TCP connection (bsc#1164565).
- cifs: introduce new helper for cifs_reconnect() (bsc#1192606,
jsc#SLE-20042).
- cifs: keep referral server sessions alive (bsc#1185902).
- cifs: log mount errors using cifs_errorf() (bsc#1192606).
- cifs: log warning message (once) if out of disk space (bsc#1164565).
- cifs: make build_path_from_dentry() return const char * (bsc#1192606).
- cifs: make const array static, makes object smaller (bsc#1192606).
- cifs: Make extract_hostname function public (bsc#1192606).
- cifs: Make extract_sharename function public (bsc#1192606).
- cifs: make fs_context error logging wrapper (bsc#1192606).
- cifs: make locking consistent around the server session status
(bsc#1192606).
- cifs: make multichannel warning more visible (bsc#1192606).
- cifs: Make SMB2_notify_init static (bsc#1164565).
- cifs: make sure we do not overflow the max EA buffer size (bsc#1164565).
- cifs: make use of cap_unix(ses) in cifs_reconnect_tcon() (bsc#1164565).
- cifs: map STATUS_ACCOUNT_LOCKED_OUT to -EACCES (bsc#1192606).
- cifs: merge __{cifs,smb2}_reconnect[_tcon]() into cifs_tree_connect()
(bsc#1178270).
- cifs: Merge is_path_valid() into get_normalized_path() (bsc#1164565).
- cifs: minor fix to two debug messages (bsc#1192606).
- cifs: minor kernel style fixes for comments (bsc#1192606).
- cifs: minor simplification to smb2_is_network_name_deleted (bsc#1192606).
- cifs: minor update to comments around the cifs_tcp_ses_lock mutex
(bsc#1192606).
- cifs: minor updates to Kconfig (bsc#1192606).
- cifs: misc: Use array_size() in if-statement controlling expression
(bsc#1192606).
- cifs: missed ref-counting smb session in find (bsc#1192606).
- cifs: missing null check for newinode pointer (bsc#1192606).
- cifs: missing null pointer check in cifs_mount (bsc#1185902).
- cifs: modefromsid: make room for 4 ACE (bsc#1164565).
- cifs: modefromsid: write mode ACE first (bsc#1164565).
- cifs: move [brw]size from cifs_sb to cifs_sb->ctx (bsc#1192606).
- cifs: move cache mount options to fs_context.ch (bsc#1192606).
- cifs: move cifs_cleanup_volume_info[_content] to fs_context.c
(bsc#1192606).
- cifs: move cifs_parse_devname to fs_context.c (bsc#1192606).
- cifs: move cifsFileInfo_put logic into a work-queue (bsc#1154355).
- cifs: move debug print out of spinlock (bsc#1192606).
- cifs: Move more definitions into the shared area (bsc#1192606).
- cifs: move NEGOTIATE_PROTOCOL definitions out into the common area
(bsc#1192606).
- cifs: move security mount options into fs_context.ch (bsc#1192606).
- cifs: move SMB FSCTL definitions to common code (bsc#1192606).
- cifs: move smb version mount options into fs_context.c (bsc#1192606).
- cifs: Move SMB2_Create definitions to the shared area (bsc#1192606).
- cifs: move some variables off the stack in smb2_ioctl_query_info
(bsc#1192606).
- cifs: move the check for nohandlecache into open_shroot (bsc#1192606).
- cifs: move the enum for cifs parameters into fs_context.h (bsc#1192606).
- cifs: move update of flags into a separate function (bsc#1192606).
- cifs: multichannel: always zero struct cifs_io_parms (bsc#1192606).
- cifs: multichannel: move channel selection above transport layer
(bsc#1192606).
- cifs: multichannel: move channel selection in function (bsc#1192606).
- cifs: multichannel: try to rebind when reconnecting a channel
(bsc#1192606).
- cifs: multichannel: use pointer for binding channel (bsc#1192606).
- cifs: mute -Wunused-const-variable message (bnc#1151927 5.3.9).
- cifs: New optype for session operations (bsc#1181507).
- cifs: nosharesock should be set on new server (bsc#1192606).
- cifs: nosharesock should not share socket with future sessions
(bsc#1192606).
- cifs: On cifs_reconnect, resolve the hostname again (bsc#1192606).
- cifs: only update prefix path of DFS links in cifs_tree_connect()
(bsc#1178270).
- cifs: only write 64kb at a time when fallocating a small region of a
file (bsc#1192606).
- cifs: Optimize readdir on reparse points (bsc#1164565).
- cifs: pass a path to open_shroot and check if it is the root or not
(bsc#1192606).
- cifs: pass the dentry instead of the inode down to the revalidation
check functions (bsc#1192606).
- cifs: plumb smb2 POSIX dir enumeration (bsc#1164565).
- cifs: populate server_hostname for extra channels (bsc#1192606).
- cifs: potential unintitliazed error code in cifs_getattr() (bsc#1164565).
- cifs: prepare SMB2_Flush to be usable in compounds (bsc#1154355).
- cifs: prepare SMB2_query_directory to be used with compounding
(bsc#1164565).
- cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902).
- cifs: prevent truncation from long to int in wait_for_free_credits
(bsc#1192606).
- cifs: print MIDs in decimal notation (bsc#1181507).
- cifs: Print the address and port we are connecting to in
generic_ip_connect() (bsc#1192606).
- cifs: print warning mounting with vers=1.0 (bsc#1164565).
- cifs: properly invalidate cached root handle when closing it
(bsc#1192606).
- cifs: Properly process SMB3 lease breaks (bsc#1164565).
- cifs: protect session channel fields with chan_lock (bsc#1192606).
- cifs: protect srv_count with cifs_tcp_ses_lock (bsc#1192606).
- cifs: protect updating server->dstaddr with a spinlock (bsc#1192606).
- cifs: Re-indent cifs_swn_reconnect() (bsc#1192606).
- cifs: reduce number of referral requests in DFS link lookups
(bsc#1178270).
- cifs: reduce stack use in smb2_compound_op (bsc#1192606).
- cifs: refactor cifs_get_inode_info() (bsc#1164565).
- cifs: refactor create_sd_buf() and and avoid corrupting the buffer
(bsc#1192606).
- cifs: Reformat DebugData and index connections by conn_id (bsc#1192606).
- cifs: Register generic netlink family (bsc#1192606). Update configs with
CONFIG_SWN_UPCALL unset.
- cifs: release lock earlier in dequeue_mid error case (bsc#1192606).
- cifs: remove [gu]id/backup[gu]id/file_mode/dir_mode from cifs_sb
(bsc#1192606).
- cifs: remove actimeo from cifs_sb (bsc#1192606).
- cifs: remove bogus debug code (bsc#1179427).
- cifs: remove ctx argument from cifs_setup_cifs_sb (bsc#1192606).
- cifs: remove duplicated prototype (bsc#1192606).
- cifs: remove old dead code (bsc#1192606).
- cifs: remove pathname for file from SPDX header (bsc#1192606).
- cifs: remove redundant assignment to pointer pneg_ctxt (bsc#1164565).
- cifs: remove redundant assignment to variable rc (bsc#1164565).
- cifs: remove redundant initialization of variable rc (bsc#1192606).
- cifs: remove redundant initialization of variable rc (bsc#1192606).
- cifs: Remove repeated struct declaration (bsc#1192606).
- cifs: Remove set but not used variable 'capabilities' (bsc#1164565).
- cifs: remove set but not used variable 'server' (bsc#1164565).
- cifs: remove set but not used variables 'cinode' and 'netfid'
(bsc#1164565).
- cifs: remove set but not used variables (bsc#1164565).
- cifs: remove some minor warnings pointed out by kernel test robot
(bsc#1192606).
- cifs: remove the devname argument to cifs_compose_mount_options
(bsc#1192606).
- cifs: remove the retry in cifs_poxis_lock_set (bsc#1192606).
- cifs: Remove the superfluous break (bsc#1192606).
- cifs: remove two cases where rc is set unnecessarily in sid_to_id
(bsc#1192606).
- cifs: remove unnecessary copies of tcon->crfid.fid (bsc#1192606).
- cifs: Remove unnecessary struct declaration (bsc#1192606).
- cifs: remove unneeded variable in smb3_fs_context_dup (bsc#1192606).
- cifs: Remove unused inline function is_sysvol_or_netlogon()
(bsc#1185902).
- cifs: remove unused variable 'server' (bsc#1192606).
- cifs: remove unused variable 'sid_user' (bsc#1164565).
- cifs: remove unused variable (bsc#1164565).
- cifs: Remove useless variable (bsc#1192606).
- cifs: remove various function description warnings (bsc#1192606).
- cifs: rename a variable in SendReceive() (bsc#1164565).
- cifs: rename cifs_common to smbfs_common (bsc#1192606).
- cifs: rename dup_vol to smb3_fs_context_dup and move it into
fs_context.c (bsc#1192606).
- cifs: rename posix create rsp (bsc#1164565).
- cifs: rename reconn_inval_dfs_target() (bsc#1178270).
- cifs: rename smb_vol as smb3_fs_context and move it to fs_context.h
(bsc#1192606).
- cifs: rename the *_shroot* functions to *_cached_dir* (bsc#1192606).
- cifs: report error instead of invalid when revalidating a dentry fails
(bsc#1177440).
- cifs: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1164565).
- cifs: Retain old ACEs when converting between mode bits and ACL
(bsc#1192606).
- cifs: retry lookup and readdir when EAGAIN is returned (bsc#1192606).
- cifs: return cached_fid from open_shroot (bsc#1192606).
- cifs: Return correct error code from smb2_get_enc_key (git-fixes).
- cifs: Return directly after a failed build_path_from_dentry() in
cifs_do_create() (bsc#1164565).
- cifs: return proper error code in statfs(2) (bsc#1181507).
- cifs: Return the error from crypt_message when enc/dec key not found
(bsc#1179426).
- cifs: returning mount parm processing errors correctly (bsc#1192606).
- cifs: revalidate mapping when we open files for SMB1 POSIX (bsc#1192606).
- cifs: Send witness register and unregister commands to userspace daemon
(bsc#1192606).
- cifs: Send witness register messages to userspace daemon in echo task
(bsc#1192606).
- cifs: send workstation name during ntlmssp session setup (bsc#1192606).
- cifs: set a minimum of 120s for next dns resolution (bsc#1192606).
- cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902).
- cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath
(bsc#1192606).
- cifs: set correct max-buffer-size for smb2_ioctl_init() (bsc#1164565).
- cifs: set server->cipher_type to AES-128-CCM for SMB3.0 (bsc#1192606).
- cifs: set up next DFS target before generic_ip_connect() (bsc#1178270).
- cifs: Set witness notification handler for messages from userspace
daemon (bsc#1192606).
- cifs: Silently ignore unknown oplock break handle (bsc#1192606).
- cifs: Simplify bool comparison (bsc#1192606).
- cifs: simplify handling of cifs_sb/ctx->local_nls (bsc#1192606).
- cifs: Simplify reconnect code when dfs upcall is enabled (bsc#1192606).
- cifs: simplify SWN code with dummy funcs instead of ifdefs (bsc#1192606).
- cifs: smb1: Try failing back to SetFileInfo if SetPathInfo fails
(bsc#1192606).
- cifs: smb2pdu.h: Replace zero-length array with flexible-array member
(bsc#1192606).
- cifs: smbd: Add messages on RDMA session destroy and reconnection
(bsc#1164565).
- cifs: smbd: Calculate the correct maximum packet size for segmented
SMBDirect send/receive (bsc#1192606).
- cifs: smbd: Check and extend sender credits in interrupt context
(bsc#1192606).
- cifs: smbd: Check send queue size before posting a send (bsc#1192606).
- cifs: smbd: Do not schedule work to send immediate packet on every
receive (bsc#1192606).
- cifs: smbd: Invalidate and deregister memory registration on re-send for
direct I/O (bsc#1164565).
- cifs: smbd: Merge code to track pending packets (bsc#1192606).
- cifs: smbd: Only queue work for error recovery on memory registration
(bsc#1164565).
- cifs: smbd: Properly process errors on ib_post_send (bsc#1192606).
- cifs: smbd: Return -EAGAIN when transport is reconnecting (bsc#1164565).
- cifs: smbd: Return -ECONNABORTED when trasnport is not in connected
state (bsc#1164565).
- cifs: smbd: Return -EINVAL when the number of iovs exceeds
SMBDIRECT_MAX_SGE (bsc#1164565).
- cifs: smbd: Update receive credits before sending and deal with credits
roll back on failure before sending (bsc#1192606).
- cifs: sort interface list by speed (bsc#1192606).
- cifs: Spelling s/EACCESS/EACCES/ (bsc#1192606).
- cifs: split out dfs code from cifs_reconnect() (bsc#1192606,
jsc#SLE-20042).
- cifs: Standardize logging output (bsc#1192606).
- cifs: store a pointer to the root dentry in cifs_sb_info once we have
completed mounting the share (bsc#1192606).
- cifs: style: replace one-element array with flexible-array (bsc#1192606).
- cifs: support nested dfs links over reconnect (bsc#1192606,
jsc#SLE-20042).
- cifs: support share failover when remounting (bsc#1192606,
jsc#SLE-20042).
- cifs: switch build_path_from_dentry() to using dentry_path_raw()
(bsc#1192606).
- cifs: switch servers depending on binding state (bsc#1192606).
- cifs: switch to new mount api (bsc#1192606).
- cifs: To match file servers, make sure the server hostname matches
(bsc#1192606).
- cifs: Tracepoints and logs for tracing credit changes (bsc#1181507).
- cifs: try harder to open new channels (bsc#1192606).
- cifs: try opening channels after mounting (bsc#1192606).
- cifs: uncomplicate printing the iocharset parameter (bsc#1192606).
- cifs: Unlock on errors in cifs_swn_reconnect() (bsc#1192606).
- cifs: update ctime and mtime during truncate (bsc#1192606).
- cifs: update FSCTL definitions (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal module version number (bsc#1192606).
- cifs: update internal version number (bsc#1192606).
- cifs: update internal version number (bsc#1192606).
- cifs: update internal version number (bsc#1192606).
- cifs: update internal version number (bsc#1192606).
- cifs: update mnt_cifs_flags during reconfigure (bsc#1192606).
- cifs: update new ACE pointer after populate_new_aces (bsc#1192606).
- cifs: update super_operations to show_devname (bsc#1192606).
- cifs: Use #define in cifs_dbg (bsc#1164565).
- cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic
(bnc#1151927 5.3.7).
- cifs: Use common error handling code in smb2_ioctl_query_info()
(bsc#1164565).
- cifs: use compounding for open and first query-dir for readdir()
(bsc#1164565).
- cifs: use discard iterator to discard unneeded network data more
efficiently (bsc#1192606).
- cifs: use echo_interval even when connection not ready (bsc#1192606).
- cifs: use existing handle for compound_op(OP_SET_INFO) when possible
(bsc#1154355).
- cifs: use helpers when parsing uid/gid mount options and validate them
(bsc#1192606).
- cifs: Use memdup_user() rather than duplicating its implementation
(bsc#1164565).
- cifs: use mod_delayed_work() for server->reconnect if already queued
(bsc#1164565).
- cifs: use PTR_ERR_OR_ZERO() to simplify code (bsc#1164565).
- cifs: use SPDX-Licence-Identifier (bsc#1192606).
- cifs: use the expiry output of dns_query to schedule next resolution
(bsc#1192606).
- cifs: use true,false for bool variable (bsc#1164565).
- cifs: warn and fail if trying to use rootfs without the config option
(bsc#1192606).
- cifs: Warn less noisily on default mount (bsc#1192606).
- cifs: we do not allow changing username/password/unc/... during remount
(bsc#1192606).
- cifs/smb3: Fix data inconsistent when punch hole (bsc#1176544).
- cifs/smb3: Fix data inconsistent when zero file range (bsc#1176536).
- cifs`: handle ERRBaduid for SMB1 (bsc#1192606).
- clk: imx: imx6ul: Move csi_sel mux to correct base register (git-fixes).
- clk: ingenic: Fix bugs with divided dividers (git-fixes).
- config: refresh BPF configs (jsc#SLE-22574) The SUSE-commit 9a413cc7eb56
("config: disable unprivileged BPF by default (jsc#SLE-22573)")
inherited from SLE15-SP2 puts the BPF config into the wrong place due to
SLE15-SP3 additionally backported b24abcff918a ("bpf, kconfig: Add
consolidated menu entry for bpf with core options"), and leads to
duplicate CONFIG_BPF_UNPRIV_DEFAULT_OFF entires; this commit remove
those BPF config. Also, disable unprivileged BPF for armv7hl, which did
not inherit the config change from SLE15-SP2.
- constraints: Build aarch64 on recent ARMv8.1 builders. Request asimdrdm
feature which is available only on recent ARMv8.1 CPUs. This should
prevent scheduling the kernel on an older slower builder.
- Convert trailing spaces and periods in path components (bsc#1179424).
- crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency (git-fixes).
- crypto: pcrypt - Delay write to padata->info (git-fixes).
- crypto: s5p-sss - Add error handling in s5p_aes_probe() (git-fixes).
- cxgb4: fix eeprom len when diagnostics not implemented (git-fixes).
- dm raid: remove unnecessary discard limits for raid0 and raid10
(bsc#1192320).
- dm: fix deadlock when swapping to encrypted device (bsc#1186332).
- dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro (git-fixes).
- dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result`
(git-fixes).
- do_cifs_create(): do not set ->i_mode of something we had not created
(bsc#1192606).
- drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win3 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200
2-in-1 (git-fixes).
- drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book
10.6 (git-fixes).
- drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2)
(git-fixes).
- drm/amd/display: Set plane update flags for all planes in reset
(git-fixes).
- drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on
vga and dvi connectors (git-fixes).
- drm/msm: Do hw_init() before capturing GPU state (git-fixes).
- drm/msm/a6xx: Allocate enough space for GMU registers (git-fixes).
- drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame
(git-fixes).
- drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks (git-fixes).
- drm/nouveau/svm: Fix refcount leak bug and missing check against null
bug (git-fixes).
- drm/panel-orientation-quirks: add Valve Steam Deck (git-fixes).
- drm/pl111: Actually fix CONFIG_VEXPRESS_CONFIG depends (git-fixes).
- drm/plane-helper: fix uninitialized variable reference (git-fixes).
- drm/vc4: fix error code in vc4_create_object() (git-fixes).
- drop superfluous empty lines
- e1000e: Separate TGP board type from SPT (bsc#1192874).
- EDAC/amd64: Handle three rank interleaving mode (bsc#1152489).
- elfcore: correct reference to CONFIG_UML (git-fixes).
- elfcore: fix building with clang (bsc#1169514).
- ethtool: fix ethtool msg len calculation for pause stats (jsc#SLE-15075).
- firmware: qcom_scm: Mark string array const (git-fixes).
- fuse: release pipe buf after last use (bsc#1193318).
- gve: Add netif_set_xps_queue call (bsc#1176940).
- gve: Add rx buffer pagecnt bias (bsc#1176940).
- gve: Allow pageflips on larger pages (bsc#1176940).
- gve: Do lazy cleanup in TX path (git-fixes).
- gve: DQO: avoid unused variable warnings (bsc#1176940).
- gve: Switch to use napi_complete_done (git-fixes).
- gve: Track RX buffer allocation failures (bsc#1176940).
- hwmon: (k10temp) Add additional missing Zen2 and Zen3 APUs
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Add support for yellow carp (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Add support for Zen3 CPUs (jsc#SLE-17823 jsc#SLE-23139
jsc#ECO-3666).
- hwmon: (k10temp) Create common functions and macros for Zen CPU families
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Define SVI telemetry and current factors for Zen2 CPUs
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Do not show Tdie for all Zen/Zen2/Zen3 CPU/APU
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) make some symbols static (jsc#SLE-17823 jsc#SLE-23139
jsc#ECO-3666).
- hwmon: (k10temp) Remove residues of current and voltage (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Remove support for displaying voltage and current on
Zen CPUs (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Reorganize and simplify temperature support detection
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Rework the temperature offset calculation
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) support Zen3 APUs (jsc#SLE-17823 jsc#SLE-23139
jsc#ECO-3666).
- hwmon: (k10temp) Swap Tdie and Tctl on Family 17h CPUs (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Update documentation and add temp2_input info
(jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Update driver documentation (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- hwmon: (k10temp) Zen3 Ryzen Desktop CPUs support (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- i2c: cbus-gpio: set atomic transfer callback (git-fixes).
- i2c: stm32f7: flush TX FIFO upon transfer errors (git-fixes).
- i2c: stm32f7: recover the bus on access timeout (git-fixes).
- i2c: stm32f7: stop dma transfer in case of NACK (git-fixes).
- i2c: xlr: Fix a resource leak in the error handling path of
'xlr_i2c_probe()' (git-fixes).
- i40e: Fix changing previously set num_queue_pairs for PFs (git-fixes).
- i40e: Fix correct max_pkt_size on VF RX queue (git-fixes).
- i40e: Fix creation of first queue by omitting it if is not power of two
(git-fixes).
- i40e: Fix display error code in dmesg (git-fixes).
- i40e: Fix failed opcode appearing if handling messages from VF
(git-fixes).
- i40e: Fix NULL ptr dereference on VSI filter sync (git-fixes).
- i40e: Fix ping is lost after configuring ADq on VF (git-fixes).
- i40e: Fix pre-set max number of queues for VF (git-fixes).
- i40e: Fix warning message and call stack during rmmod i40e driver
(git-fixes).
- iavf: check for null in iavf_fix_features (git-fixes).
- iavf: do not clear a lock we do not hold (git-fixes).
- iavf: Fix failure to exit out from last all-multicast mode (git-fixes).
- iavf: Fix for setting queues to 0 (jsc#SLE-12877).
- iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset
(git-fixes).
- iavf: Fix reporting when setting descriptor count (git-fixes).
- iavf: Fix return of set the new channel count (jsc#SLE-12877).
- iavf: free q_vectors before queues in iavf_disable_vf (git-fixes).
- iavf: prevent accidental free of filter structure (git-fixes).
- iavf: Prevent changing static ITR values if adaptive moderation is on
(git-fixes).
- iavf: Restore VLAN filters after link down (git-fixes).
- iavf: validate pointers (git-fixes).
- ibmvnic: drop bad optimization in reuse_rx_pools() (bsc#1193349
ltc#195568).
- ibmvnic: drop bad optimization in reuse_tx_pools() (bsc#1193349
ltc#195568).
- ice: avoid bpf_prog refcount underflow (jsc#SLE-7926).
- ice: avoid bpf_prog refcount underflow (jsc#SLE-7926).
- ice: Delete always true check of PF pointer (git-fixes).
- ice: Fix not stopping Tx queues for VFs (jsc#SLE-7926).
- ice: Fix VF true promiscuous mode (jsc#SLE-12878).
- ice: fix vsi->txq_map sizing (jsc#SLE-7926).
- ice: ignore dropped packets during init (git-fixes).
- ice: Remove toggling of antispoof for VF trusted promiscuous mode
(jsc#SLE-12878).
- igb: fix netpoll exit with traffic (git-fixes).
- igc: Remove _I_PHY_ID checking (bsc#1193169).
- igc: Remove phy->type checking (bsc#1193169).
- iio: imu: st_lsm6dsx: Avoid potential array overflow in
st_lsm6dsx_set_odr() (git-fixes).
- Input: iforce - fix control-message timeout (git-fixes).
- iommu: Check if group is NULL before remove device (git-fixes).
- iommu/amd: Relocate GAMSup check to early_enable_iommus (git-fixes).
- iommu/amd: Remove iommu_init_ga() (git-fixes).
- iommu/mediatek: Fix out-of-range warning with clang (git-fixes).
- iommu/vt-d: Consolidate duplicate cache invaliation code (git-fixes).
- iommu/vt-d: Fix incomplete cache flush in intel_pasid_tear_down_entry()
(git-fixes).
- iommu/vt-d: Update the virtual command related registers (git-fixes).
- ipmi: Disable some operations during a panic (git-fixes).
- kABI: dm: fix deadlock when swapping to encrypted device (bsc#1186332).
- kabi: hide changes to struct uv_info (git-fixes).
- kernel-obs-build: include the preferred kernel parameters Currently the
Open Build Service hardcodes the kernel boot parameters globally.
Recently functionality was added to control the parameters by the
kernel-obs-build package, so make use of that. parameters here will
overwrite what is used by OBS otherwise.
- kernel-obs-build: inform build service about virtio-serial Inform the
build worker code that this kernel supports virtio-serial, which
improves performance and relability of logging.
- kernel-obs-build: remove duplicated/unused parameters lbs=0 - this
parameters is just giving "unused parameter" and it looks like I can not
find any version that implemented this. rd.driver.pre=binfmt_misc is not
needed when setup_obs is used, it alread loads the kernel module. quiet
and panic=1 will now be also always added by OBS, so we do not have to
set it here anymore.
- kernel-source.spec: install-kernel-tools also required on 15.4
- lib/xz: Avoid overlapping memcpy() with invalid input with in-place
decompression (git-fixes).
- lib/xz: Validate the value before assigning it to an enum variable
(git-fixes).
- libata: fix checking of DMA state (git-fixes).
- linux/parser.h: add include guards (bsc#1192606).
- lpfc: Reintroduce old IRQ probe logic (bsc#1183897).
- md: add md_submit_discard_bio() for submitting discard bio (bsc#1192320).
- md: fix a lock order reversal in md_alloc (git-fixes).
- md/raid10: extend r10bio devs to raid disks (bsc#1192320).
- md/raid10: improve discard request for far layout (bsc#1192320).
- md/raid10: improve raid10 discard request (bsc#1192320).
- md/raid10: initialize r10_bio->read_slot before use (bsc#1192320).
- md/raid10: pull the code that wait for blocked dev into one function
(bsc#1192320).
- md/raid10: Remove unnecessary rcu_dereference in raid10_handle_discard
(bsc#1192320).
- mdio: aspeed: Fix "Link is Down" issue (bsc#1176447).
- media: imx: set a media_device bus_info string (git-fixes).
- media: ipu3-imgu: imgu_fmt: Handle properly try (git-fixes).
- media: ipu3-imgu: VIDIOC_QUERYCAP: Fix bus_info (git-fixes).
- media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers
(git-fixes).
- media: mceusb: return without resubmitting URB in case of -EPROTO error
(git-fixes).
- media: mt9p031: Fix corrupted frame after restarting stream (git-fixes).
- media: netup_unidvb: handle interrupt properly according to the firmware
(git-fixes).
- media: rcar-csi2: Add checking to rcsi2_start_receiver() (git-fixes).
- media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe()
(git-fixes).
- media: stm32: Potential NULL pointer dereference in dcmi_irq_thread()
(git-fixes).
- media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte()
(git-fixes).
- media: uvcvideo: Return -EIO for control errors (git-fixes).
- media: uvcvideo: Set capability in s_param (git-fixes).
- media: uvcvideo: Set unique vdev name based in type (git-fixes).
- memstick: r592: Fix a UAF bug when removing the driver (git-fixes).
- MM: reclaim mustn't enter FS for swap-over-NFS (bsc#1191876).
- mmc: dw_mmc: Dont wait for DRTO on Write RSP error (git-fixes).
- mmc: winbond: do not build on M68K (git-fixes).
- mtd: core: do not remove debugfs directory if device is in use
(git-fixes).
- mwifiex: Properly initialize private structure on interface type changes
(git-fixes).
- mwifiex: Read a PCI register after writing the TX ring write pointer
(git-fixes).
- mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type
(git-fixes).
- mwl8k: Fix use-after-free in mwl8k_fw_state_machine() (git-fixes).
- net: asix: fix uninit value bugs (git-fixes).
- net: bnx2x: fix variable dereferenced before check (git-fixes).
- net: bridge: fix under estimation in br_get_linkxstats_size()
(bsc#1176447).
- net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero (git-fixes).
- net: delete redundant function declaration (git-fixes).
- net: hns3: change affinity_mask to numa node range (bsc#1154353).
- net: hns3: fix misuse vf id and vport id in some logs (bsc#1154353).
- net: hns3: remove check VF uc mac exist when set by PF (bsc#1154353).
- net: hso: fix control-request directions (git-fixes).
- net: hso: fix muxed tty registration (git-fixes).
- net: linkwatch: fix failure to restore device state across
suspend/resume (bsc#1192511).
- net: mana: Allow setting the number of queues while the NIC is down
(jsc#SLE-18779, bsc#1185726).
- net: mana: Fix memory leak in mana_hwc_create_wq (jsc#SLE-18779,
bsc#1185726).
- net: mana: Fix spelling mistake "calledd" -> "called" (jsc#SLE-18779,
bsc#1185726).
- net: mana: Fix the netdev_err()'s vPort argument in mana_init_port()
(jsc#SLE-18779, bsc#1185726).
- net: mana: Improve the HWC error handling (jsc#SLE-18779, bsc#1185726).
- net: mana: Support hibernation and kexec (jsc#SLE-18779, bsc#1185726).
- net: mana: Use kcalloc() instead of kzalloc() (jsc#SLE-18779,
bsc#1185726).
- net: pegasus: fix uninit-value in get_interrupt_interval (git-fixes).
- net: qlogic: qlcnic: Fix a NULL pointer dereference in
qlcnic_83xx_add_rings() (git-fixes).
- net: stmmac: add EHL 2.5Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: add EHL PSE0 PSE1 1Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: add EHL RGMII 1Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: add EHL SGMII 1Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: add TGL SGMII 1Gbps PCI info and PCI ID (bsc#1192691).
- net: stmmac: create dwmac-intel.c to contain all Intel platform
(bsc#1192691).
- net: stmmac: pci: Add HAPS support using GMAC5 (bsc#1192691).
- net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
IRQ is available (git-fixes).
- net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no
IRQ is available (git-fixes).
- net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32 (git-fixes).
- net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources()
(git-fixes).
- net/mlx5: E-Switch, return error if encap isn't supported
(jsc#SLE-15172).
- net/mlx5e: reset XPS on error flow if netdev isn't registered yet
(git-fixes).
- net/sched: sch_ets: do not peek at classes beyond 'nbands' (bsc#1176774).
- netfilter: ctnetlink: do not erase error code with EINVAL (bsc#1176447).
- netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY (bsc#1176447).
- netfilter: flowtable: fix IPv6 tunnel addr match (bsc#1176447).
- NFC: add NCI_UNREG flag to eliminate the race (git-fixes).
- NFC: pn533: Fix double free when pn533_fill_fragment_skbs() fails
(git-fixes).
- NFC: reorder the logic in nfc_{un,}register_device (git-fixes).
- NFC: reorganize the functions in nci_request (git-fixes).
- nfp: checking parameter process for rx-usecs/tx-usecs is invalid
(git-fixes).
- nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes).
- NFS: Do not set NFS_INO_DATA_INVAL_DEFER and NFS_INO_INVALID_DATA
(git-fixes).
- NFS: do not take i_rwsem for swap IO (bsc#1191876).
- NFS: Fix deadlocks in nfs_scan_commit_list() (git-fixes).
- NFS: Fix up commit deadlocks (git-fixes).
- NFS: move generic_write_checks() call from nfs_file_direct_write() to
nfs_file_write() (bsc#1191876).
- nfsd: do not alloc under spinlock in rpc_parse_scope_id (git-fixes).
- nfsd: fix error handling of register_pernet_subsys() in init_nfsd()
(git-fixes).
- nfsd4: Handle the NFSv4 READDIR 'dircount' hint being zero (git-fixes).
- NFSv4: Fix a regression in nfs_set_open_stateid_locked() (git-fixes).
- nvme-multipath: Skip not ready namespaces when revalidating paths
(bsc#1191793 bsc#1192507 bsc#1192969).
- nvme-pci: add NO APST quirk for Kioxia device (git-fixes).
- objtool: Support Clang non-section symbols in ORC generation
(bsc#1169514).
- PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros (git-fixes).
- PCI: Mark Atheros QCA6174 to avoid bus reset (git-fixes).
- PCI/MSI: Deal with devices lying about their MSI mask capability
(git-fixes).
- perf: Correctly handle failed perf_get_aux_event() (git-fixes).
- perf/x86/intel: Fix unchecked MSR access error caused by VLBR_EVENT
(git-fixes).
- perf/x86/intel/uncore: Fix Intel ICX IIO event constraints (git-fixes).
- perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server
(git-fixes).
- perf/x86/intel/uncore: Fix the scale of the IMC free-running events
(git-fixes).
- perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server
(git-fixes).
- perf/x86/vlbr: Add c->flags to vlbr event constraints (git-fixes).
- platform/x86: hp_accel: Fix an error handling path in
'lis3lv02d_probe()' (git-fixes).
- platform/x86: wmi: do not fail if disabling fails (git-fixes).
- PM: hibernate: Get block device exclusively in swsusp_check()
(git-fixes).
- PM: hibernate: use correct mode for swsusp_close() (git-fixes).
- pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds
(git-fixes).
- powerpc: fix unbalanced node refcount in check_kvm_guest()
(jsc#SLE-15869 jsc#SLE-16321 git-fixes).
- powerpc/iommu: Report the correct most efficient DMA mask for PCI
devices (git-fixes).
- powerpc/paravirt: correct preempt debug splat in vcpu_is_preempted()
(bsc#1181148 ltc#190702 git-fixes).
- powerpc/paravirt: vcpu_is_preempted() commentary (bsc#1181148 ltc#190702
git-fixes).
- powerpc/perf: Fix cycles/instructions as PM_CYC/PM_INST_CMPL in power10
(jsc#SLE-13513 git-fixes).
- powerpc/pseries: Move some PAPR paravirt functions to their own file
(bsc#1181148 ltc#190702 git-fixes).
- powerpc/watchdog: Avoid holding wd_smp_lock over printk and
smp_send_nmi_ipi (bsc#1187541 ltc#192129).
- powerpc/watchdog: Fix missed watchdog reset due to memory ordering race
(bsc#1187541 ltc#192129).
- powerpc/watchdog: Fix wd_smp_last_reset_tb reporting (bsc#1187541
ltc#192129).
- powerpc/watchdog: read TB close to where it is used (bsc#1187541
ltc#192129).
- powerpc/watchdog: tighten non-atomic read-modify-write access
(bsc#1187541 ltc#192129).
- printk: Remove printk.h inclusion in percpu.h (bsc#1192987).
- qede: validate non LSO skb length (git-fixes).
- r8152: limit the RX buffer size of RTL8153A for USB 2.0 (git-fixes).
- r8169: Add device 10ec:8162 to driver r8169 (git-fixes).
- RDMA/bnxt_re: Update statistics counter name (jsc#SLE-16649).
- recordmcount.pl: fix typo in s390 mcount regex (bsc#1192267).
- recordmcount.pl: look for jgnop instruction as well as bcrl on s390
(bsc#1192267).
- reset: socfpga: add empty driver allowing consumers to probe (git-fixes).
- ring-buffer: Protect ring_buffer_reset() from reentrancy (bsc#1179960).
- rpm/*.spec.in: use buildroot macro instead of env variable The
RPM_BUILD_ROOT variable is considered deprecated over a buildroot macro.
future proof the spec files.
- rpm/kernel-binary.spec.in: do not strip vmlinux again (bsc#1193306)
After usrmerge, vmlinux file is not named vmlinux-lt;version>, but
simply vmlinux. And this is not reflected in STRIP_KEEP_SYMTAB we set.
So fix this by removing the dash...
- rpm/kernel-obs-build.spec.in: move to zstd for the initrd Newer distros
have capability to decompress zstd, which provides a 2-5% better
compression ratio at very similar cpu overhead. Plus this tests the zstd
codepaths now as well.
- rt2x00: do not mark device gone on EPROTO errors during start
(git-fixes).
- rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1154353
bnc#1151927 5.3.9).
- s390: mm: Fix secure storage access exception handling (git-fixes).
- s390/bpf: Fix branch shortening during codegen pass (bsc#1193993).
- s390/uv: fully validate the VMA before calling follow_page() (git-fixes).
- scsi: iscsi: Adjust iface sysfs attr detection (git-fixes).
- scsi: lpfc: Fix non-recovery of remote ports following an unsolicited
LOGO (bsc#1189126).
- scsi: mpi3mr: Fix duplicate device entries when scanning through sysfs
(git-fixes).
- scsi: mpt3sas: Fix kernel panic during drive powercycle test (git-fixes).
- scsi: mpt3sas: Fix system going into read-only mode (git-fixes).
- scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc()
(git-fixes).
- scsi: qla2xxx: Fix gnl list corruption (git-fixes).
- scsi: qla2xxx: Relogin during fabric disturbance (git-fixes).
- scsi: qla2xxx: Turn off target reset during issue_lip (git-fixes).
- serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array
(git-fixes).
- serial: 8250_pci: rewrite pericom_do_set_divisor() (git-fixes).
- serial: 8250: Fix RTS modem control while in rs485 mode (git-fixes).
- serial: core: fix transmit-buffer reset and memleak (git-fixes).
- smb2: clarify rc initialization in smb2_reconnect (bsc#1192606).
- smb2: fix use-after-free in smb2_ioctl_query_info() (bsc#1192606).
- smb3: add additional null check in SMB2_ioctl (bsc#1192606).
- smb3: add additional null check in SMB2_open (bsc#1192606).
- smb3: add additional null check in SMB2_tcon (bsc#1192606).
- smb3: add additional null check in SMB311_posix_mkdir (bsc#1192606).
- smb3: Add debug message for new file creation with idsfromsid mount
option (bsc#1192606).
- smb3: add debug messages for closing unmatched open (bsc#1164565).
- smb3: add defines for new crypto algorithms (bsc#1192606).
- smb3: Add defines for new information level, FileIdInformation
(bsc#1164565).
- smb3: add defines for new signing negotiate context (bsc#1192606).
- smb3: add dynamic trace point to trace when credits obtained
(bsc#1181507).
- smb3: add dynamic trace points for socket connection (bsc#1192606).
- smb3: add dynamic tracepoints for flush and close (bsc#1164565).
- smb3: add indatalen that can be a non-zero value to calculation of
credit charge in smb2 ioctl (bsc#1192606).
- smb3: add missing flag definitions (bsc#1164565).
- smb3: Add missing reparse tags (bsc#1164565).
- smb3: add missing worker function for SMB3 change notify (bsc#1164565).
- smb3: add mount option to allow forced caching of read only share
(bsc#1164565).
- smb3: add mount option to allow RW caching of share accessed by only 1
client (bsc#1164565).
- smb3: Add new compression flags (bsc#1192606).
- smb3: Add new info level for query directory (bsc#1192606).
- smb3: add new module load parm enable_gcm_256 (bsc#1192606).
- smb3: add new module load parm require_gcm_256 (bsc#1192606).
- smb3: Add new parm "nodelete" (bsc#1192606).
- smb3: add one more dynamic tracepoint missing from strict fsync path
(bsc#1164565).
- smb3: add rasize mount parameter to improve readahead performance
(bsc#1192606).
- smb3: add some missing definitions from MS-FSCC (bsc#1192606).
- smb3: add some more descriptive messages about share when mounting
cache=ro (bsc#1164565).
- smb3: Add support for getting and setting SACLs (bsc#1192606).
- smb3: Add support for lookup with posix extensions query info
(bsc#1192606).
- smb3: Add support for negotiating signing algorithm (bsc#1192606).
- smb3: Add support for query info using posix extensions (level 100)
(bsc#1192606).
- smb3: add support for recognizing WSL reparse tags (bsc#1192606).
- smb3: Add support for SMB311 query info (non-compounded) (bsc#1192606).
- smb3: add support for stat of WSL reparse points for special file types
(bsc#1192606).
- smb3: add support for using info level for posix extensions query
(bsc#1192606).
- smb3: Add tracepoints for new compound posix query info (bsc#1192606).
- smb3: Additional compression structures (bsc#1192606).
- smb3: allow decryption keys to be dumped by admin for debugging
(bsc#1164565).
- smb3: allow disabling requesting leases (bnc#1151927 5.3.4).
- smb3: allow dumping GCM256 keys to improve debugging of encrypted shares
(bsc#1192606).
- smb3: allow dumping keys for multiuser mounts (bsc#1192606).
- smb3: allow parallelizing decryption of reads (bsc#1164565).
- smb3: allow skipping signature verification for perf sensitive
configurations (bsc#1164565).
- smb3: allow uid and gid owners to be set on create with idsfromsid mount
option (bsc#1192606).
- smb3: avoid confusing warning message on mount to Azure (bsc#1192606).
- smb3: Avoid Mid pending list corruption (bsc#1192606).
- smb3: Backup intent flag missing from some more ops (bsc#1164565).
- smb3: Call cifs reconnect from demultiplex thread (bsc#1192606).
- smb3: change noisy error message to FYI (bsc#1192606).
- smb3: cleanup some recent endian errors spotted by updated sparse
(bsc#1164565).
- smb3: correct server pointer dereferencing check to be more consistent
(bsc#1192606).
- smb3: correct smb3 ACL security descriptor (bsc#1192606).
- smb3: default to minimum of two channels when multichannel specified
(bsc#1192606).
- smb3: display max smb3 requests in flight at any one time (bsc#1164565).
- smb3: do not attempt multichannel to server which does not support it
(bsc#1192606).
- smb3: do not error on fsync when readonly (bsc#1192606).
- smb3: do not fail if no encryption required but server does not support
it (bsc#1192606).
- smb3: do not log warning message if server does not populate salt
(bsc#1192606).
- smb3: do not setup the fscache_super_cookie until fsinfo initialized
(bsc#1192606).
- smb3: do not try to cache root directory if dir leases not supported
(bsc#1192606).
- smb3: dump in_send and num_waiters stats counters by default
(bsc#1164565).
- smb3: enable negotiating stronger encryption by default (bsc#1192606).
- smb3: enable offload of decryption of large reads via mount option
(bsc#1164565).
- smb3: enable swap on SMB3 mounts (bsc#1192606).
- smb3: extend fscache mount volume coherency check (bsc#1192606).
- smb3: fix access denied on change notify request to some servers
(bsc#1192606).
- smb3: fix cached file size problems in duplicate extents (reflink)
(bsc#1192606).
- smb3: Fix crash in SMB2_open_init due to uninitialized field in
compounding path (bsc#1164565).
- smb3: fix crediting for compounding when only one request in flight
(bsc#1181507).
- smb3: fix default permissions on new files when mounting with
modefromsid (bsc#1164565).
- smb3: Fix ids returned in POSIX query dir (bsc#1192606).
- smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K
(bsc#1192606).
- smb3: fix leak in "open on server" perf counter (bnc#1151927 5.3.4).
- smb3: Fix mkdir when idsfromsid configured on mount (bsc#1192606).
- smb3: fix mode passed in on create for modetosid mount option
(bsc#1164565).
- smb3: fix mount failure to some servers when compression enabled
(bsc#1192606).
- smb3: Fix out-of-bounds bug in SMB2_negotiate() (bsc#1183540).
- smb3: fix performance regression with setting mtime (bsc#1164565).
- smb3: Fix persistent handles reconnect (bnc#1151927 5.3.11).
- smb3: fix posix extensions mount option (bsc#1192606).
- smb3: fix possible access to uninitialized pointer to DACL (bsc#1192606).
- smb3: fix potential null dereference in decrypt offload (bsc#1164565).
- smb3: fix problem with null cifs super block with previous patch
(bsc#1164565).
- smb3: fix readpage for large swap cache (bsc#1192606).
- smb3: fix refcount underflow warning on unmount when no directory leases
(bsc#1164565).
- smb3: Fix regression in time handling (bsc#1164565).
- smb3: fix signing verification of large reads (bsc#1154355).
- smb3: fix stat when special device file and mounted with modefromsid
(bsc#1192606).
- smb3: fix typo in compression flag (bsc#1192606).
- smb3: fix typo in header file (bsc#1192606).
- smb3: fix typo in mount options displayed in /proc/mounts (bsc#1192606).
- smb3: fix uninitialized value for port in witness protocol move
(bsc#1192606).
- smb3: fix unmount hang in open_shroot (bnc#1151927 5.3.4).
- smb3: fix unneeded error message on change notify (bsc#1192606).
- smb3: Handle error case during offload read path (bsc#1192606).
- smb3: Honor 'handletimeout' flag for multiuser mounts (bsc#1176558).
- smb3: Honor 'posix' flag for multiuser mounts (bsc#1176559).
- smb3: Honor 'seal' flag for multiuser mounts (bsc#1176545).
- smb3: Honor lease disabling for multiuser mounts (git-fixes).
- smb3: Honor persistent/resilient handle flags for multiuser mounts
(bsc#1176546).
- smb3: if max_channels set to more than one channel request multichannel
(bsc#1192606).
- smb3: improve check for when we send the security descriptor context on
create (bsc#1164565).
- smb3: improve handling of share deleted (and share recreated)
(bsc#1154355).
- smb3: incorrect file id in requests compounded with open (bsc#1192606).
- smb3: Incorrect size for netname negotiate context (bsc#1154355).
- smb3: limit noisy error (bsc#1192606).
- smb3: log warning if CSC policy conflicts with cache mount option
(bsc#1164565).
- smb3: Minor cleanup of protocol definitions (bsc#1192606).
- smb3: minor update to compression header definitions (bsc#1192606).
- smb3: missing ACL related flags (bsc#1164565).
- smb3: negotiate current dialect (SMB3.1.1) when version 3 or greater
requested (bsc#1192606).
- smb3: only offload decryption of read responses if multiple requests
(bsc#1164565).
- smb3: pass mode bits into create calls (bsc#1164565).
- smb3: prevent races updating CurrentMid (bsc#1192606).
- smb3: print warning if server does not support requested encryption type
(bsc#1192606).
- smb3: print warning once if posix context returned on open
(bsc#1164565).
- smb3: query attributes on file close (bsc#1164565).
- smb3: rc uninitialized in one fallocate path (bsc#1192606).
- smb3: remind users that witness protocol is experimental (bsc#1192606).
- smb3: remove confusing dmesg when mounting with encryption ("seal")
(bsc#1164565).
- smb3: remove confusing mount warning when no SPNEGO info on negprot rsp
(bsc#1192606).
- smb3: remove dead code for non compounded posix query info (bsc#1192606).
- smb3: remove noisy debug message and minor cleanup (bsc#1164565).
- smb3: remove overly noisy debug line in signing errors (bsc#1192606).
- smb3: remove static checker warning (bsc#1192606).
- smb3: remove trivial dfs compile warning (bsc#1192606, jsc#SLE-20042).
- smb3: remove two unused variables (bsc#1192606).
- smb3: remove unused flag passed into close functions (bsc#1164565).
- smb3: rename nonces used for GCM and CCM encryption (bsc#1192606).
- smb3: Resolve data corruption of TCP server info fields (bsc#1192606).
- smb3: set COMPOUND_FID to FileID field of subsequent compound request
(bsc#1192606).
- smb3: set gcm256 when requested (bsc#1192606).
- smb3: smbdirect support can be configured by default (bsc#1192606).
- smb3: update comments clarifying SPNEGO info in negprot response
(bsc#1192606).
- smb3: update protocol header definitions based to include new flags
(bsc#1192606).
- smb3: update structures for new compression protocol definitions
(bsc#1192606).
- smb3: use SMB2_SIGNATURE_SIZE define (bsc#1192606).
- smb3: warn on confusing error scenario with sec=krb5 (bsc#1176548).
- smb3: when mounting with multichannel include it in requested
capabilities (bsc#1192606).
- smbdirect: missing rc checks while waiting for rdma events (bsc#1192606).
- soc/tegra: Fix an error handling path in tegra_powergate_power_up()
(git-fixes).
- soc/tegra: pmc: Fix imbalanced clock disabling in error code path
(git-fixes).
- spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in
bcm_qspi_probe() (git-fixes).
- spi: spl022: fix Microwire full duplex mode (git-fixes).
- SUNRPC: improve 'swap' handling: scheduling and PF_MEMALLOC
(bsc#1191876).
- SUNRPC: remove scheduling boost for "SWAPPER" tasks (bsc#1191876).
- SUNRPC/auth: async tasks mustn't block waiting for memory (bsc#1191876).
- SUNRPC/call_alloc: async tasks mustn't block waiting for memory
(bsc#1191876).
- SUNRPC/xprt: async tasks mustn't block waiting for memory (bsc#1191876).
- supported.conf: add pwm-rockchip References: jsc#SLE-22615
- swiotlb: avoid double free (git-fixes).
- swiotlb: Fix the type of index (git-fixes).
- TCON Reconnect during STATUS_NETWORK_NAME_DELETED (bsc#1192606).
- tlb: mmu_gather: add tlb_flush_*_range APIs
- tracing: Add length protection to histogram string copies (git-fixes).
- tracing: Change STR_VAR_MAX_LEN (git-fixes).
- tracing: Check pid filtering when creating events (git-fixes).
- tracing: Fix pid filtering when triggers are attached (git-fixes).
- tracing: use %ps format string to print symbols (git-fixes).
- tracing/histogram: Do not copy the fixed-size char array field over the
field size (git-fixes).
- tty: hvc: replace BUG_ON() with negative return value (git-fixes).
- tty: serial: msm_serial: Deactivate RX DMA for polling support
(git-fixes).
- tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (git-fixes).
- usb-storage: Add compatibility quirk flags for iODD 2531/2541
(git-fixes).
- usb: chipidea: ci_hdrc_imx: fix potential error pointer dereference in
probe (git-fixes).
- usb: dwc2: gadget: Fix ISOC flow for elapsed frames (git-fixes).
- usb: dwc2: hcd_queue: Fix use of floating point literal (git-fixes).
- usb: host: ohci-tmio: check return value after calling
platform_get_resource() (git-fixes).
- usb: musb: tusb6010: check return value after calling
platform_get_resource() (git-fixes).
- usb: serial: option: add Fibocom FM101-GL variants (git-fixes).
- usb: serial: option: add Telit LE910S1 0x9200 composition (git-fixes).
- usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts
(git-fixes).
- usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (git-fixes).
- usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (git-fixes).
- usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform
(git-fixes).
- vfs: do not parse forbidden flags (bsc#1192606).
- x86/amd_nb: Add AMD family 19h model 50h PCI ids (jsc#SLE-17823
jsc#SLE-23139 jsc#ECO-3666).
- x86/cpu: Fix migration safety with X86_BUG_NULL_SEL (bsc#1152489).
- x86/efi: Restore Firmware IDT before calling ExitBootServices()
(git-fixes).
- x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry()
(bsc#1178134).
- x86/mpx: Disable MPX for 32-bit userland (bsc#1193139).
- x86/pkey: Fix undefined behaviour with PKRU_WD_BIT (bsc#1152489).
- x86/pvh: add prototype for xen_pvh_init() (git-fixes).
- x86/sev: Allow #VC exceptions on the VC2 stack (git-fixes).
- x86/sev: Fix SEV-ES INS/OUTS instructions for word, dword, and qword
(bsc#1178134).
- x86/sev: Fix stack type check in vc_switch_off_ist() (git-fixes).
- x86/xen: Add xenpv_restore_regs_and_return_to_usermode() (bsc#1152489).
- x86/Xen: swap NX determination and GDT setup on BSP (git-fixes).
- xen: sync include/xen/interface/io/ring.h with Xen's newest version
(git-fixes).
- xen/blkfront: do not take local copy of a request from the ring page
(git-fixes).
- xen/blkfront: do not trust the backend response data blindly (git-fixes).
- xen/blkfront: read response from backend only once (git-fixes).
- xen/netfront: disentangle tx_skb_freelist (git-fixes).
- xen/netfront: do not read data from request on the ring page (git-fixes).
- xen/netfront: do not trust the backend response data blindly (git-fixes).
- xen/netfront: read response from backend only once (git-fixes).
- xen/privcmd: fix error handling in mmap-resource processing (git-fixes).
- xen/pvh: add missing prototype to header (git-fixes).
- xen/x86: fix PV trap handling on secondary processors (git-fixes).
- xhci: Fix commad ring abort, write all 64 bits to CRCR register
(bsc#1192569).
- xhci: Fix commad ring abort, write all 64 bits to CRCR register
(bsc#1192569).
- xhci: Fix commad ring abort, write all 64 bits to CRCR register
(git-fixes).
- xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good
delay (git-fixes).
- zram: fix return value on writeback_store (git-fixes).
- zram: off by one in read_block_state() (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-131=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
cluster-md-kmp-default-5.3.18-59.40.1
cluster-md-kmp-default-debuginfo-5.3.18-59.40.1
dlm-kmp-default-5.3.18-59.40.1
dlm-kmp-default-debuginfo-5.3.18-59.40.1
gfs2-kmp-default-5.3.18-59.40.1
gfs2-kmp-default-debuginfo-5.3.18-59.40.1
kernel-default-5.3.18-59.40.1
kernel-default-base-5.3.18-59.40.1.18.25.1
kernel-default-base-rebuild-5.3.18-59.40.1.18.25.1
kernel-default-debuginfo-5.3.18-59.40.1
kernel-default-debugsource-5.3.18-59.40.1
kernel-default-devel-5.3.18-59.40.1
kernel-default-devel-debuginfo-5.3.18-59.40.1
kernel-default-extra-5.3.18-59.40.1
kernel-default-extra-debuginfo-5.3.18-59.40.1
kernel-default-livepatch-5.3.18-59.40.1
kernel-default-livepatch-devel-5.3.18-59.40.1
kernel-default-optional-5.3.18-59.40.1
kernel-default-optional-debuginfo-5.3.18-59.40.1
kernel-obs-build-5.3.18-59.40.1
kernel-obs-build-debugsource-5.3.18-59.40.1
kernel-obs-qa-5.3.18-59.40.1
kernel-syms-5.3.18-59.40.1
kselftests-kmp-default-5.3.18-59.40.1
kselftests-kmp-default-debuginfo-5.3.18-59.40.1
ocfs2-kmp-default-5.3.18-59.40.1
ocfs2-kmp-default-debuginfo-5.3.18-59.40.1
reiserfs-kmp-default-5.3.18-59.40.1
reiserfs-kmp-default-debuginfo-5.3.18-59.40.1
- openSUSE Leap 15.3 (aarch64 x86_64):
cluster-md-kmp-preempt-5.3.18-59.40.1
cluster-md-kmp-preempt-debuginfo-5.3.18-59.40.1
dlm-kmp-preempt-5.3.18-59.40.1
dlm-kmp-preempt-debuginfo-5.3.18-59.40.1
gfs2-kmp-preempt-5.3.18-59.40.1
gfs2-kmp-preempt-debuginfo-5.3.18-59.40.1
kernel-preempt-5.3.18-59.40.1
kernel-preempt-debuginfo-5.3.18-59.40.1
kernel-preempt-debugsource-5.3.18-59.40.1
kernel-preempt-devel-5.3.18-59.40.1
kernel-preempt-devel-debuginfo-5.3.18-59.40.1
kernel-preempt-extra-5.3.18-59.40.1
kernel-preempt-extra-debuginfo-5.3.18-59.40.1
kernel-preempt-livepatch-devel-5.3.18-59.40.1
kernel-preempt-optional-5.3.18-59.40.1
kernel-preempt-optional-debuginfo-5.3.18-59.40.1
kselftests-kmp-preempt-5.3.18-59.40.1
kselftests-kmp-preempt-debuginfo-5.3.18-59.40.1
ocfs2-kmp-preempt-5.3.18-59.40.1
ocfs2-kmp-preempt-debuginfo-5.3.18-59.40.1
reiserfs-kmp-preempt-5.3.18-59.40.1
reiserfs-kmp-preempt-debuginfo-5.3.18-59.40.1
- openSUSE Leap 15.3 (ppc64le x86_64):
kernel-debug-5.3.18-59.40.1
kernel-debug-debuginfo-5.3.18-59.40.1
kernel-debug-debugsource-5.3.18-59.40.1
kernel-debug-devel-5.3.18-59.40.1
kernel-debug-devel-debuginfo-5.3.18-59.40.1
kernel-debug-livepatch-devel-5.3.18-59.40.1
kernel-kvmsmall-5.3.18-59.40.1
kernel-kvmsmall-debuginfo-5.3.18-59.40.1
kernel-kvmsmall-debugsource-5.3.18-59.40.1
kernel-kvmsmall-devel-5.3.18-59.40.1
kernel-kvmsmall-devel-debuginfo-5.3.18-59.40.1
kernel-kvmsmall-livepatch-devel-5.3.18-59.40.1
- openSUSE Leap 15.3 (aarch64):
cluster-md-kmp-64kb-5.3.18-59.40.1
cluster-md-kmp-64kb-debuginfo-5.3.18-59.40.1
dlm-kmp-64kb-5.3.18-59.40.1
dlm-kmp-64kb-debuginfo-5.3.18-59.40.1
dtb-al-5.3.18-59.40.1
dtb-allwinner-5.3.18-59.40.1
dtb-altera-5.3.18-59.40.1
dtb-amd-5.3.18-59.40.1
dtb-amlogic-5.3.18-59.40.1
dtb-apm-5.3.18-59.40.1
dtb-arm-5.3.18-59.40.1
dtb-broadcom-5.3.18-59.40.1
dtb-cavium-5.3.18-59.40.1
dtb-exynos-5.3.18-59.40.1
dtb-freescale-5.3.18-59.40.1
dtb-hisilicon-5.3.18-59.40.1
dtb-lg-5.3.18-59.40.1
dtb-marvell-5.3.18-59.40.1
dtb-mediatek-5.3.18-59.40.1
dtb-nvidia-5.3.18-59.40.1
dtb-qcom-5.3.18-59.40.1
dtb-renesas-5.3.18-59.40.1
dtb-rockchip-5.3.18-59.40.1
dtb-socionext-5.3.18-59.40.1
dtb-sprd-5.3.18-59.40.1
dtb-xilinx-5.3.18-59.40.1
dtb-zte-5.3.18-59.40.1
gfs2-kmp-64kb-5.3.18-59.40.1
gfs2-kmp-64kb-debuginfo-5.3.18-59.40.1
kernel-64kb-5.3.18-59.40.1
kernel-64kb-debuginfo-5.3.18-59.40.1
kernel-64kb-debugsource-5.3.18-59.40.1
kernel-64kb-devel-5.3.18-59.40.1
kernel-64kb-devel-debuginfo-5.3.18-59.40.1
kernel-64kb-extra-5.3.18-59.40.1
kernel-64kb-extra-debuginfo-5.3.18-59.40.1
kernel-64kb-livepatch-devel-5.3.18-59.40.1
kernel-64kb-optional-5.3.18-59.40.1
kernel-64kb-optional-debuginfo-5.3.18-59.40.1
kselftests-kmp-64kb-5.3.18-59.40.1
kselftests-kmp-64kb-debuginfo-5.3.18-59.40.1
ocfs2-kmp-64kb-5.3.18-59.40.1
ocfs2-kmp-64kb-debuginfo-5.3.18-59.40.1
reiserfs-kmp-64kb-5.3.18-59.40.1
reiserfs-kmp-64kb-debuginfo-5.3.18-59.40.1
- openSUSE Leap 15.3 (noarch):
kernel-devel-5.3.18-59.40.1
kernel-docs-5.3.18-59.40.1
kernel-docs-html-5.3.18-59.40.1
kernel-macros-5.3.18-59.40.1
kernel-source-5.3.18-59.40.1
kernel-source-vanilla-5.3.18-59.40.1
- openSUSE Leap 15.3 (s390x):
kernel-zfcpdump-5.3.18-59.40.1
kernel-zfcpdump-debuginfo-5.3.18-59.40.1
kernel-zfcpdump-debugsource-5.3.18-59.40.1
References:
https://www.suse.com/security/cve/CVE-2020-24504.html
https://www.suse.com/security/cve/CVE-2020-27820.html
https://www.suse.com/security/cve/CVE-2021-28711.html
https://www.suse.com/security/cve/CVE-2021-28712.html
https://www.suse.com/security/cve/CVE-2021-28713.html
https://www.suse.com/security/cve/CVE-2021-28714.html
https://www.suse.com/security/cve/CVE-2021-28715.html
https://www.suse.com/security/cve/CVE-2021-4001.html
https://www.suse.com/security/cve/CVE-2021-4002.html
https://www.suse.com/security/cve/CVE-2021-43975.html
https://www.suse.com/security/cve/CVE-2021-43976.html
https://www.suse.com/security/cve/CVE-2021-45485.html
https://www.suse.com/security/cve/CVE-2021-45486.html
https://bugzilla.suse.com/1139944
https://bugzilla.suse.com/1151927
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1153275
https://bugzilla.suse.com/1154353
https://bugzilla.suse.com/1154355
https://bugzilla.suse.com/1161907
https://bugzilla.suse.com/1164565
https://bugzilla.suse.com/1166780
https://bugzilla.suse.com/1169514
https://bugzilla.suse.com/1176242
https://bugzilla.suse.com/1176447
https://bugzilla.suse.com/1176536
https://bugzilla.suse.com/1176544
https://bugzilla.suse.com/1176545
https://bugzilla.suse.com/1176546
https://bugzilla.suse.com/1176548
https://bugzilla.suse.com/1176558
https://bugzilla.suse.com/1176559
https://bugzilla.suse.com/1176774
https://bugzilla.suse.com/1176940
https://bugzilla.suse.com/1176956
https://bugzilla.suse.com/1177440
https://bugzilla.suse.com/1178134
https://bugzilla.suse.com/1178270
https://bugzilla.suse.com/1179211
https://bugzilla.suse.com/1179424
https://bugzilla.suse.com/1179426
https://bugzilla.suse.com/1179427
https://bugzilla.suse.com/1179599
https://bugzilla.suse.com/1181148
https://bugzilla.suse.com/1181507
https://bugzilla.suse.com/1181710
https://bugzilla.suse.com/1182404
https://bugzilla.suse.com/1183534
https://bugzilla.suse.com/1183540
https://bugzilla.suse.com/1183897
https://bugzilla.suse.com/1184318
https://bugzilla.suse.com/1185726
https://bugzilla.suse.com/1185902
https://bugzilla.suse.com/1186332
https://bugzilla.suse.com/1187541
https://bugzilla.suse.com/1189126
https://bugzilla.suse.com/1189158
https://bugzilla.suse.com/1191793
https://bugzilla.suse.com/1191876
https://bugzilla.suse.com/1192267
https://bugzilla.suse.com/1192320
https://bugzilla.suse.com/1192507
https://bugzilla.suse.com/1192511
https://bugzilla.suse.com/1192569
https://bugzilla.suse.com/1192606
https://bugzilla.suse.com/1192691
https://bugzilla.suse.com/1192845
https://bugzilla.suse.com/1192847
https://bugzilla.suse.com/1192874
https://bugzilla.suse.com/1192946
https://bugzilla.suse.com/1192969
https://bugzilla.suse.com/1192987
https://bugzilla.suse.com/1192990
https://bugzilla.suse.com/1192998
https://bugzilla.suse.com/1193002
https://bugzilla.suse.com/1193042
https://bugzilla.suse.com/1193139
https://bugzilla.suse.com/1193169
https://bugzilla.suse.com/1193306
https://bugzilla.suse.com/1193318
https://bugzilla.suse.com/1193349
https://bugzilla.suse.com/1193440
https://bugzilla.suse.com/1193442
https://bugzilla.suse.com/1193655
https://bugzilla.suse.com/1193993
https://bugzilla.suse.com/1194087
https://bugzilla.suse.com/1194094
1
0
openSUSE-SU-2022:0113-1: moderate: Security update for nodejs12
by opensuse-security@opensuse.org 18 Jan '22
by opensuse-security@opensuse.org 18 Jan '22
18 Jan '22
openSUSE Security Update: Security update for nodejs12
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0113-1
Rating: moderate
References: #1194511 #1194512 #1194513 #1194514
Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533
CVE-2022-21824
CVSS scores:
CVE-2021-44531 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44532 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44533 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21824 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for nodejs12 fixes the following issues:
- CVE-2021-44531: Fixed improper handling of URI Subject Alternative Names
(bsc#1194511).
- CVE-2021-44532: Fixed certificate Verification Bypass via String
Injection (bsc#1194512).
- CVE-2021-44533: Fixed incorrect handling of certificate subject and
issuer fields (bsc#1194513).
- CVE-2022-21824: Fixed prototype pollution via console.table properties
(bsc#1194514).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-113=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs12-12.22.9-4.25.1
nodejs12-debuginfo-12.22.9-4.25.1
nodejs12-debugsource-12.22.9-4.25.1
nodejs12-devel-12.22.9-4.25.1
npm12-12.22.9-4.25.1
- openSUSE Leap 15.3 (noarch):
nodejs12-docs-12.22.9-4.25.1
References:
https://www.suse.com/security/cve/CVE-2021-44531.html
https://www.suse.com/security/cve/CVE-2021-44532.html
https://www.suse.com/security/cve/CVE-2021-44533.html
https://www.suse.com/security/cve/CVE-2022-21824.html
https://bugzilla.suse.com/1194511
https://bugzilla.suse.com/1194512
https://bugzilla.suse.com/1194513
https://bugzilla.suse.com/1194514
1
0
openSUSE-SU-2022:0112-1: moderate: Security update for nodejs14
by opensuse-security@opensuse.org 18 Jan '22
by opensuse-security@opensuse.org 18 Jan '22
18 Jan '22
openSUSE Security Update: Security update for nodejs14
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:0112-1
Rating: moderate
References: #1194511 #1194512 #1194513 #1194514
Cross-References: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533
CVE-2022-21824
CVSS scores:
CVE-2021-44531 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44532 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2021-44533 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-21824 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for nodejs14 fixes the following issues:
- CVE-2021-44531: Fixed improper handling of URI Subject Alternative Names
(bsc#1194511).
- CVE-2021-44532: Fixed certificate Verification Bypass via String
Injection (bsc#1194512).
- CVE-2021-44533: Fixed incorrect handling of certificate subject and
issuer fields (bsc#1194513).
- CVE-2022-21824: Fixed prototype pollution via console.table properties
(bsc#1194514).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-112=1
Package List:
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
nodejs14-14.18.3-15.24.1
nodejs14-debuginfo-14.18.3-15.24.1
nodejs14-debugsource-14.18.3-15.24.1
nodejs14-devel-14.18.3-15.24.1
npm14-14.18.3-15.24.1
- openSUSE Leap 15.3 (noarch):
nodejs14-docs-14.18.3-15.24.1
References:
https://www.suse.com/security/cve/CVE-2021-44531.html
https://www.suse.com/security/cve/CVE-2021-44532.html
https://www.suse.com/security/cve/CVE-2021-44533.html
https://www.suse.com/security/cve/CVE-2022-21824.html
https://bugzilla.suse.com/1194511
https://bugzilla.suse.com/1194512
https://bugzilla.suse.com/1194513
https://bugzilla.suse.com/1194514
1
0