openSUSE Security Announce
Threads by month
- ----- 2024 -----
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
October 2022
- 1 participants
- 107 discussions
openSUSE-SU-2022:10183-1: moderate: Security update for pyenv
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
openSUSE Security Update: Security update for pyenv
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10183-1
Rating: moderate
References: #1201582
Cross-References: CVE-2022-35861
CVSS scores:
CVE-2022-35861 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for pyenv fixes the following issues:
Update to 2.3.5
- Add CPython 3.10.7 by @edgarrmondragon in #2454
- Docs: update Fish PATH update by @gregorias in #2449
- Add CPython 3.7.14, 3.8.14 and 3.9.14 by @edgarrmondragon in #2456
- Update miniconda3-3.9-4.12.0 by @Tsuki in #2460
- Add CPython 3.11.0rc2 by @ViktorHaag in #2459
- Add patches for 3.7.14 to support Apple Silicon by @samdoran in #2463
- Add ability to easily skip all use of Homebrew by @samdoran in #2464
- Drop Travis integration by @sobolevn in #2468
- Build CPython 3.12+ with --with-dsymutil in MacOS by @native-api in #2471
- Add Pyston 2.3.5 by @scop in #2476 Full Changelog:
https://github.com/pyenv/pyenv/compare/v2.3.4...v2.3.5
Update to 2.3.4
- Add CPython 3.11.0rc1 by @edgarrmondragon in #2434
- Add support for multiple versions in pyenv uninstall by @hardikpnsp in
#2432
- Add micropython 1.18 and 1.19.1 by @dmitriy-serdyuk in #2443
- CI: support Micropython, deleted scripts; build with -v by @native-api
in #2447
- Re-allow paths in .python-version while still preventing CVE-2022-35861
by @comrumino in #2442
- CI: Bump OS versions by @native-api in #2448
- Add Cinder 3.8 by @filips123 in #2433
- Add support for multiple versions in pyenv uninstall in #2432
- Add micropython 1.18 and 1.19.1 in #2443
- Add Cinder 3.8 in #2433
Update to 2.3.3
- Use version sort in pyenv versions by @fofoni in #2405
- Add CPython 3.11.0b4 by @majorgreys in #2411
- Python-build: Replace deprecated git protocol use with https in docs by
@ssbarnea in #2413
- Fix relative path traversal due to using version string in path by
@comrumino in #2412
- Allow pypy2 and pypy3 patching by @brogon in #2421, #2419
- Add CPython 3.11.0b5 by @edgarrmondragon in #2420
- Add GraalPython 22.2.0 by @msimacek in #2425
- Add CPython 3.10.6 by @edgarrmondragon in #2428
- Add CPython 3.11.0b4 by @majorgreys in #2411
- Replace deprecated git protocol use with https by @ssbarnea in docs #2413
- Fix relative path traversal due to using version string in path by
@comrumino in #2412
- Fix patterns for pypy2.*/pypy3.* versions by @brogon in #2419
Update to 2.3.2
- Add CPython 3.11.0b2 by @saaketp in #2380
- Honor CFLAGS_EXTRA for MicroPython #2006 by @yggdr in #2007
- Add post-install checks for curses, ctypes, lzma, and tkinter by
@aphedges in #2353
- Add CPython 3.11.0b3 by @edgarrmondragon in #2382
- Add flags for Homebrew into python-config --ldflags by @native-api in
#2384
- Add CPython 3.10.5 by @illia-v in #2386
- Add Anaconda 2019.10, 2021.04, 2022.05; support Anaconda in
add_miniconda.py by @native-api in #2385
- Add Pyston-2.3.4 by @dand-oss in #2390
- Update Anaconda3-2022.05 MacOSX arm64 md5 by @bkbncn in #2391
- Fix boo#1201582 to fix CVE-2022-35861 (from commit 22fa683, file
pyenv-CVE-2022-35861.patch)
Update to 2.3.0
- Bump openssl 1.1 to 1.1.1n for CPython 3.7 3.8 3.9 by @tuzi3040 in #2276
- Doc Fix: Escape a hash character causing unwanted GitHub Issue linking
by @edrogers in #2282
- Add CPython 3.9.12 by @saaketp in #2296
- Add CPython 3.10.4 by @saaketp in #2295
- Add patch for 3.6.15 to support Xcode 13.3 by @nshine in #2288
- Add patch for 3.7.12 to support Xcode 13.3 by @samdoran in #2292
- Add CONTRIBUTING.md by @native-api in #2287
- Add PyPy 7.3.9 release 2022-03-30 by @dand-oss in #2308
- Add Pyston 2.3.3 by @scop in #2316
- Add CPython 3.11.0a7 by @illia-v in #2315
- Add "nogil" Python v3.9.10 by @colesbury in #2342
- Support XCode 13.3 in all releases that officially support MacOS 11 by
@native-api in #2344
- Add GraalPython 22.1.0 by @msimacek in #2346
- Make PYENV_DEBUG imply -v for pyenv install by @native-api in #2347
- Simplify init scheme by @native-api in #2310
- Don't use Homebrew outside of MacOS by @native-api in #2349
- Add :latest syntax to documentation for the install command by @hay in
#2351
Update to 2.2.5
- fix issue 2236 for CPython 3.6.15 and 3.7.12 by @fofoni in #2237
- python-build: add URL for get-pip for Python 3.6 by @fofoni in #2238
- Add pyston-2.3.2 by @dmrlawson in #2240
- CPython 3.11.0a5 by @saaketp in #2241
- CPython 3.11.0a6 by @saaketp in #2266
- Add miniconda 4.11.0 by @aphedges in #2268
- docs(pyenv-prefix): note support for multiple versions by @scop in #2270
- pypy 7.3.8 02/20/2022 release by @dand-oss in #2253
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10183=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
pyenv-2.3.5-bp154.2.3.1
- openSUSE Backports SLE-15-SP4 (noarch):
pyenv-bash-completion-2.3.5-bp154.2.3.1
pyenv-fish-completion-2.3.5-bp154.2.3.1
pyenv-zsh-completion-2.3.5-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-35861.html
https://bugzilla.suse.com/1201582
1
0
SUSE-SU-2022:3820-1: moderate: Security update for podman
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
SUSE Security Update: Security update for podman
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3820-1
Rating: moderate
References: #1202809
Cross-References: CVE-2022-2989
CVSS scores:
CVE-2022-2989 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2022-2989 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected Products:
SUSE Linux Enterprise High Performance Computing 15-SP4
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Module for Containers 15-SP4
SUSE Linux Enterprise Server 15-SP4
SUSE Linux Enterprise Server for SAP Applications 15-SP4
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for podman fixes the following issues:
- CVE-2022-2989: Fixed possible information disclosure and modification
(bsc#1202809).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-3820=1
- SUSE Linux Enterprise Module for Containers 15-SP4:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2022-3820=1
- SUSE Linux Enterprise Micro 5.3:
zypper in -t patch SUSE-SLE-Micro-5.3-2022-3820=1
Package List:
- openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64):
podman-3.4.7-150400.4.6.1
podman-debuginfo-3.4.7-150400.4.6.1
podman-remote-3.4.7-150400.4.6.1
podman-remote-debuginfo-3.4.7-150400.4.6.1
- openSUSE Leap 15.4 (noarch):
podman-cni-config-3.4.7-150400.4.6.1
podman-docker-3.4.7-150400.4.6.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (aarch64 ppc64le s390x x86_64):
podman-3.4.7-150400.4.6.1
podman-debuginfo-3.4.7-150400.4.6.1
podman-remote-3.4.7-150400.4.6.1
podman-remote-debuginfo-3.4.7-150400.4.6.1
- SUSE Linux Enterprise Module for Containers 15-SP4 (noarch):
podman-cni-config-3.4.7-150400.4.6.1
podman-docker-3.4.7-150400.4.6.1
- SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64):
podman-3.4.7-150400.4.6.1
podman-debuginfo-3.4.7-150400.4.6.1
- SUSE Linux Enterprise Micro 5.3 (noarch):
podman-cni-config-3.4.7-150400.4.6.1
References:
https://www.suse.com/security/cve/CVE-2022-2989.html
https://bugzilla.suse.com/1202809
1
0
SUSE-SU-2022:3819-1: moderate: Security update for podman
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
SUSE Security Update: Security update for podman
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3819-1
Rating: moderate
References: #1202809
Cross-References: CVE-2022-2989
CVSS scores:
CVE-2022-2989 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
CVE-2022-2989 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected Products:
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15-SP3
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Containers 15-SP3
SUSE Linux Enterprise Server 15-SP3
SUSE Linux Enterprise Server for SAP Applications 15-SP3
SUSE Linux Enterprise Storage 7.1
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
openSUSE Leap 15.3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for podman fixes the following issues:
- CVE-2022-2989: Fixed possible information disclosure and modification
(bsc#1202809).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3819=1
- openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-3819=1
- SUSE Linux Enterprise Module for Containers 15-SP3:
zypper in -t patch SUSE-SLE-Module-Containers-15-SP3-2022-3819=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3819=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3819=1
- SUSE Enterprise Storage 7.1:
zypper in -t patch SUSE-Storage-7.1-2022-3819=1
Package List:
- openSUSE Leap Micro 5.2 (aarch64 x86_64):
podman-3.4.7-150300.9.12.1
podman-debuginfo-3.4.7-150300.9.12.1
- openSUSE Leap Micro 5.2 (noarch):
podman-cni-config-3.4.7-150300.9.12.1
- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):
podman-3.4.7-150300.9.12.1
- openSUSE Leap 15.3 (noarch):
podman-cni-config-3.4.7-150300.9.12.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (aarch64 ppc64le s390x x86_64):
podman-3.4.7-150300.9.12.1
- SUSE Linux Enterprise Module for Containers 15-SP3 (noarch):
podman-cni-config-3.4.7-150300.9.12.1
- SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64):
podman-3.4.7-150300.9.12.1
podman-debuginfo-3.4.7-150300.9.12.1
- SUSE Linux Enterprise Micro 5.2 (noarch):
podman-cni-config-3.4.7-150300.9.12.1
- SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64):
podman-3.4.7-150300.9.12.1
- SUSE Linux Enterprise Micro 5.1 (noarch):
podman-cni-config-3.4.7-150300.9.12.1
- SUSE Enterprise Storage 7.1 (aarch64 x86_64):
podman-3.4.7-150300.9.12.1
podman-debuginfo-3.4.7-150300.9.12.1
References:
https://www.suse.com/security/cve/CVE-2022-2989.html
https://bugzilla.suse.com/1202809
1
0
openSUSE-SU-2022:10179-1: important: Security update for jhead
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
openSUSE Security Update: Security update for jhead
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10179-1
Rating: important
References: #1204409
Cross-References: CVE-2022-41751
CVSS scores:
CVE-2022-41751 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jhead fixes the following issues:
- CVE-2022-41751: Fixed shell injection via filenames (boo#1204409)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10179=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 i586 ppc64le s390x x86_64):
jhead-3.06.0.1-bp154.2.3.1
References:
https://www.suse.com/security/cve/CVE-2022-41751.html
https://bugzilla.suse.com/1204409
1
0
openSUSE-SU-2022:10181-1: important: Security update for opera
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10181-1
Rating: important
References:
Cross-References: CVE-2022-3445 CVE-2022-3446 CVE-2022-3447
CVE-2022-3448 CVE-2022-3449 CVE-2022-3450
Affected Products:
openSUSE Leap 15.3:NonFree
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
Update to 92.0.4561.21
- CHR-9037 Update chromium on desktop-stable-106-4561 to 106.0.5249.119
- DNA-102295 Missing GX.games section in settings
- DNA-102308 Presubmit errors
- DNA-102329 [Consent flow] clicking on "Customize settings" doesn't
resize the popup
- DNA-102340 Sidebar control panel doesn't hide
- DNA-102348 Replace old Dify url with a new one
- DNA-102430 Translations for O92
- DNA-102534 Allow staging RH Agent extension to use VPN Pro API
- DNA-102548 Rich hints extension crashes on Linux
- DNA-102551 Promote O92 to stable
- Complete Opera 92.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-92/
- The update to chromium 106.0.5249.119 fixes following issues:
CVE-2022-3445, CVE-2022-3446, CVE-2022-3447, CVE-2022-3448,
CVE-2022-3449, CVE-2022-3450
Update to 91.0.4516.77
- DNA-101988 Implement dark mode for consent flow popups
- DNA-102348 Replace old Dify url with a new one
Update to 91.0.4516.65
- DNA-101240 Save ���remind in 3 days��� setting
- DNA-101622 Add a way to check if browser is connected to webenv
- DNA-101838 Unfiltered dropdown disabled by default on stable
- DNA-101990 Boost sites into top sites
- DNA-101998 flag tiktok-panel doesn���t work
- DNA-102075 Crash at extensions::ExtensionApiFrameIdMap::
OnRenderFrameDeleted(content::RenderFrameHost*)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.3:NonFree:
zypper in -t patch openSUSE-2022-10181=1
Package List:
- openSUSE Leap 15.3:NonFree (x86_64):
opera-92.0.4561.21-lp153.2.66.1
References:
https://www.suse.com/security/cve/CVE-2022-3445.html
https://www.suse.com/security/cve/CVE-2022-3446.html
https://www.suse.com/security/cve/CVE-2022-3447.html
https://www.suse.com/security/cve/CVE-2022-3448.html
https://www.suse.com/security/cve/CVE-2022-3449.html
https://www.suse.com/security/cve/CVE-2022-3450.html
1
0
openSUSE-SU-2022:10178-1: important: Security update for jhead
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
openSUSE Security Update: Security update for jhead
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10178-1
Rating: important
References: #1204409
Cross-References: CVE-2022-41751
CVSS scores:
CVE-2022-41751 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes one vulnerability is now available.
Description:
This update for jhead fixes the following issues:
- CVE-2022-41751: Fixed shell injection via filenames (boo#1204409)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10178=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64):
jhead-3.00-bp153.3.3.1
References:
https://www.suse.com/security/cve/CVE-2022-41751.html
https://bugzilla.suse.com/1204409
1
0
openSUSE-SU-2022:10182-1: important: Security update for opera
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
openSUSE Security Update: Security update for opera
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10182-1
Rating: important
References:
Cross-References: CVE-2022-3445 CVE-2022-3446 CVE-2022-3447
CVE-2022-3448 CVE-2022-3449 CVE-2022-3450
Affected Products:
openSUSE Leap 15.4:NonFree
______________________________________________________________________________
An update that fixes 6 vulnerabilities is now available.
Description:
This update for opera fixes the following issues:
Update to 92.0.4561.21
- CHR-9037 Update chromium on desktop-stable-106-4561 to 106.0.5249.119
- DNA-102295 Missing GX.games section in settings
- DNA-102308 Presubmit errors
- DNA-102329 [Consent flow] clicking on "Customize settings" doesn't
resize the popup
- DNA-102340 Sidebar control panel doesn't hide
- DNA-102348 Replace old Dify url with a new one
- DNA-102430 Translations for O92
- DNA-102534 Allow staging RH Agent extension to use VPN Pro API
- DNA-102548 Rich hints extension crashes on Linux
- DNA-102551 Promote O92 to stable
- Complete Opera 92.0 changelog at:
https://blogs.opera.com/desktop/changelog-for-92/
- The update to chromium 106.0.5249.119 fixes following issues:
CVE-2022-3445, CVE-2022-3446, CVE-2022-3447, CVE-2022-3448,
CVE-2022-3449, CVE-2022-3450
Update to 91.0.4516.77
- DNA-101988 Implement dark mode for consent flow popups
- DNA-102348 Replace old Dify url with a new one
Update to 91.0.4516.65
- DNA-101240 Save ���remind in 3 days��� setting
- DNA-101622 Add a way to check if browser is connected to webenv
- DNA-101838 Unfiltered dropdown disabled by default on stable
- DNA-101990 Boost sites into top sites
- DNA-101998 flag tiktok-panel doesn���t work
- DNA-102075 Crash at extensions::ExtensionApiFrameIdMap::
OnRenderFrameDeleted(content::RenderFrameHost*)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.4:NonFree:
zypper in -t patch openSUSE-2022-10182=1
Package List:
- openSUSE Leap 15.4:NonFree (x86_64):
opera-92.0.4561.21-lp154.2.26.1
References:
https://www.suse.com/security/cve/CVE-2022-3445.html
https://www.suse.com/security/cve/CVE-2022-3446.html
https://www.suse.com/security/cve/CVE-2022-3447.html
https://www.suse.com/security/cve/CVE-2022-3448.html
https://www.suse.com/security/cve/CVE-2022-3449.html
https://www.suse.com/security/cve/CVE-2022-3450.html
1
0
openSUSE-SU-2022:10177-1: important: Security update for chromium
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10177-1
Rating: important
References: #1204732 #1204819
Cross-References: CVE-2022-3652 CVE-2022-3653 CVE-2022-3654
CVE-2022-3655 CVE-2022-3656 CVE-2022-3657
CVE-2022-3658 CVE-2022-3659 CVE-2022-3660
CVE-2022-3661 CVE-2022-3723
Affected Products:
openSUSE Backports SLE-15-SP3
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 107.0.5304.87 (boo#1204819)
* CVE-2022-3723: Type Confusion in V8
Chromium 107.0.5304.68 (boo#1204732)
* CVE-2022-3652: Type Confusion in V8
* CVE-2022-3653: Heap buffer overflow in Vulkan
* CVE-2022-3654: Use after free in Layout
* CVE-2022-3655: Heap buffer overflow in Media Galleries
* CVE-2022-3656: Insufficient data validation in File System
* CVE-2022-3657: Use after free in Extensions
* CVE-2022-3658: Use after free in Feedback service on Chrome OS
* CVE-2022-3659: Use after free in Accessibility
* CVE-2022-3660: Inappropriate implementation in Full screen mode
* CVE-2022-3661: Insufficient data validation in Extensions
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP3:
zypper in -t patch openSUSE-2022-10177=1
Package List:
- openSUSE Backports SLE-15-SP3 (aarch64 x86_64):
chromedriver-107.0.5304.87-bp153.2.133.1
chromedriver-debuginfo-107.0.5304.87-bp153.2.133.1
chromium-107.0.5304.87-bp153.2.133.1
chromium-debuginfo-107.0.5304.87-bp153.2.133.1
References:
https://www.suse.com/security/cve/CVE-2022-3652.html
https://www.suse.com/security/cve/CVE-2022-3653.html
https://www.suse.com/security/cve/CVE-2022-3654.html
https://www.suse.com/security/cve/CVE-2022-3655.html
https://www.suse.com/security/cve/CVE-2022-3656.html
https://www.suse.com/security/cve/CVE-2022-3657.html
https://www.suse.com/security/cve/CVE-2022-3658.html
https://www.suse.com/security/cve/CVE-2022-3659.html
https://www.suse.com/security/cve/CVE-2022-3660.html
https://www.suse.com/security/cve/CVE-2022-3661.html
https://www.suse.com/security/cve/CVE-2022-3723.html
https://bugzilla.suse.com/1204732
https://bugzilla.suse.com/1204819
1
0
SUSE-SU-2022:3809-1: important: Security update for the Linux Kernel
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:3809-1
Rating: important
References: #1023051 #1065729 #1152489 #1156395 #1177471
#1179722 #1179723 #1181862 #1185032 #1191662
#1191667 #1191881 #1192594 #1194023 #1194272
#1194535 #1196444 #1197158 #1197659 #1197755
#1197756 #1197757 #1197760 #1197763 #1197920
#1198971 #1199291 #1200288 #1200313 #1200431
#1200622 #1200845 #1200868 #1200869 #1200870
#1200871 #1200872 #1200873 #1201019 #1201309
#1201310 #1201420 #1201489 #1201610 #1201705
#1201726 #1201865 #1201948 #1201990 #1202095
#1202096 #1202097 #1202341 #1202346 #1202347
#1202385 #1202393 #1202396 #1202447 #1202577
#1202636 #1202638 #1202672 #1202677 #1202701
#1202708 #1202709 #1202710 #1202711 #1202712
#1202713 #1202714 #1202715 #1202716 #1202717
#1202718 #1202720 #1202722 #1202745 #1202756
#1202810 #1202811 #1202860 #1202895 #1202898
#1202960 #1202984 #1203063 #1203098 #1203107
#1203117 #1203135 #1203136 #1203137 #1203159
#1203290 #1203389 #1203410 #1203424 #1203514
#1203552 #1203622 #1203737 #1203769 #1203770
#1203802 #1203906 #1203909 #1203935 #1203939
#1203987 #1203992 #1204051 #1204059 #1204060
#1204125 PED-529 SLE-24635
Cross-References: CVE-2016-3695 CVE-2020-16119 CVE-2020-27784
CVE-2021-4155 CVE-2021-4203 CVE-2022-20368
CVE-2022-20369 CVE-2022-2503 CVE-2022-2586
CVE-2022-2588 CVE-2022-26373 CVE-2022-2663
CVE-2022-2905 CVE-2022-2977 CVE-2022-3028
CVE-2022-3169 CVE-2022-32296 CVE-2022-3239
CVE-2022-3303 CVE-2022-36879 CVE-2022-39188
CVE-2022-39190 CVE-2022-40768 CVE-2022-41218
CVE-2022-41222 CVE-2022-41674 CVE-2022-41848
CVE-2022-41849 CVE-2022-42719 CVE-2022-42720
CVE-2022-42721 CVE-2022-42722
CVSS scores:
CVE-2016-3695 (NVD) : 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2016-3695 (SUSE): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
CVE-2020-16119 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-16119 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2020-27784 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2020-27784 (SUSE): 4 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2021-4155 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-4155 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2021-4203 (NVD) : 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
CVE-2021-4203 (SUSE): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
CVE-2022-20368 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-20368 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-20369 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-20369 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-2503 (NVD) : 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2503 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2586 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2588 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-26373 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-26373 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-2663 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
CVE-2022-2663 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVE-2022-2905 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-2905 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVE-2022-2977 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-2977 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H
CVE-2022-3028 (NVD) : 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3028 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3169 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3169 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-32296 (NVD) : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVE-2022-32296 (SUSE): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-3239 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3239 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
CVE-2022-3303 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-3303 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-36879 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-36879 (SUSE): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
CVE-2022-39188 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-39188 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-39190 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-39190 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-40768 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-40768 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-41218 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-41218 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41222 (NVD) : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
CVE-2022-41222 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41674 (NVD) : 8.1 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVE-2022-41674 (SUSE): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41848 (NVD) : 4.2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-41848 (SUSE): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-41849 (NVD) : 4.2 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2022-41849 (SUSE): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42719 (NVD) : 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42719 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42720 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42720 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42721 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42721 (SUSE): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE-2022-42722 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVE-2022-42722 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Realtime 15-SP3
SUSE Linux Enterprise Real Time 15-SP3
openSUSE Leap Micro 5.2
______________________________________________________________________________
An update that solves 32 vulnerabilities, contains two
features and has 84 fixes is now available.
Description:
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2016-3695: Fixed an issue inside the einj_error_inject function in
drivers/acpi/apei/einj.c that allowed users to simulate hardware errors
and consequently cause a denial of service (bnc#1023051).
- CVE-2020-16119: Fixed a use-after-free due to reuse of a DCCP socket
with an attached dccps_hc_tx_ccid object as a listener after being
released (bnc#1177471).
- CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl()
printer_ioctl() when accessing a deallocated instance (bnc#1202895).
- CVE-2021-4155: Fixed a data leak flaw that was found in the way
XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272).
- CVE-2021-4203: Fixed use-after-free read flaw that was found in
sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and
SO_PEERGROUPS race with listen() (bnc#1194535).
- CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()
(bsc#1202346).
- CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of
v4l2-mem2mem.c (bnc#1202347).
- CVE-2022-2503: Fixed a LoadPin bypass in Dm-verity (bnc#1202677).
- CVE-2022-2586: Fixed issue in netfilter that allowed CHAIN_ID to refer
to another table (bsc#1202095).
- CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
- CVE-2022-26373: Fixed non-transparent sharing of return predictor
targets between contexts in some Intel Processors (bnc#1201726).
- CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where
the message handling could be confused and incorrectly matches the
message (bnc#1202097).
- CVE-2022-2905: Fixed tnum_range usage on array range checking for poke
descriptors (bsc#1202564, bsc#1202860).
- CVE-2022-2977: Fixed reference counting for struct tpm_chip
(bsc#1202672).
- CVE-2022-3028: Fixed race condition that was found in the IP framework
for transforming packets (XFRM subsystem) (bnc#1202898).
- CVE-2022-3169: Fixed a denial of service that resulted in a PCIe link
disconnect (bnc#1203290).
- CVE-2022-32296: Fixed issue where TCP servers were able to identify
clients by observing what source ports are used (bnc#1200288).
- CVE-2022-3239: Fixed a use-after-free in the video4linux driver
(bnc#1203552).
- CVE-2022-3303: Fixed a race at SNDCTL_DSP_SYNC (bsc#1203769).
- CVE-2022-36879: Fixed an issue in xfrm_expand_policies in
net/xfrm/xfrm_policy.c where a refcount could be dropped twice
(bnc#1201948).
- CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where
a device driver can free a page while it still has stale TLB entries
(bnc#1203107).
- CVE-2022-39190: Fixed an issue that was discovered in
net/netfilter/nf_tables_api.c and could cause a denial of service upon
binding to an already bound chain (bnc#1203117).
- CVE-2022-40768: Fixed information leak in drivers/scsi/stex.c due to
stex_queuecommand_lck lack a memset for the PASSTHRU_CMD case
(bnc#1203514).
- CVE-2022-41218: Fixed a use-after-free due to refcount races at
releasing (bsc#1202960).
- CVE-2022-41222: Fixed a use-after-free via a stale TLB because an rmap
lock is not held during a PUD move (bnc#1203622).
- CVE-2022-41674: Fixed a DoS issue where kernel can crash on the
reception of specific WiFi Frames (bsc#1203770).
- CVE-2022-41848: Fixed a use-after-free in mgslpc_ops (bsc#1203987).
- CVE-2022-41849: Fixed a use-after-free in ufx_ops_open() (bsc#1203992).
- CVE-2022-42719: Fixed MBSSID parsing use-after-free (bsc#1204051).
- CVE-2022-42720: Fixed BSS refcounting bugs (bsc#1204059).
- CVE-2022-42721: Avoid nontransmitted BSS list corruption (bsc#1204060).
- CVE-2022-42722: Fixed crash in beacon protection for P2P-device
(bsc#1204125).
The following non-security bugs were fixed:
- Fixed parsing of rpm/macros.kernel-source on SLE12 (bsc#1201019).
- acpi: EC: Remove duplicate ThinkPad X1 Carbon 6th entry from DMI quirks
(git-fixes).
- acpi: LPSS: Fix missing check in register_device_clock() (git-fixes).
- acpi: PM: save NVS memory for Lenovo G40-45 (git-fixes).
- acpi: processor idle: Practically limit "Dummy wait" workaround to old
Intel systems (bnc#1203802).
- acpi: processor: Remove freq Qos request for all CPUs (git-fixes).
- acpi: property: Return type of acpi_add_nondev_subnodes() should be bool
(git-fixes).
- acpi: video: Force backlight native for some TongFang devices
(git-fixes).
- alsa: aloop: Fix random zeros in capture data when using jiffies timer
(git-fixes).
- alsa: bcd2000: Fix a UAF bug on the error path of probing (git-fixes).
- alsa: emu10k1: Fix out of bounds access in
snd_emu10k1_pcm_channel_alloc() (git-fixes).
- alsa: hda/cirrus - support for iMac 12,1 model (git-fixes).
- alsa: hda/conexant: Add quirk for LENOVO 20149 Notebook model
(git-fixes).
- alsa: hda/realtek: Add a quirk for HP OMEN 15 (8786) mute LED
(git-fixes).
- alsa: hda/realtek: Add mute LED quirk for HP Omen laptop (git-fixes).
- alsa: hda/realtek: Add new alc285-hp-amp-init model (git-fixes).
- alsa: hda/realtek: Add pincfg for ASUS G513 HP jack (git-fixes).
- alsa: hda/realtek: Add pincfg for ASUS G533Z HP jack (git-fixes).
- alsa: hda/realtek: Add quirk for ASUS GA503R laptop (git-fixes).
- alsa: hda/realtek: Add quirk for Clevo L140PU (git-fixes).
- alsa: hda/realtek: Add quirk for Clevo NP50PNJ (git-fixes).
- alsa: hda/realtek: Add quirk for Clevo NP70PNJ (git-fixes).
- alsa: hda/realtek: Add quirk for Clevo NP70PNP (git-fixes).
- alsa: hda/realtek: Add quirk for Clevo NS50PU (git-fixes).
- alsa: hda/realtek: Add quirk for Clevo NV45PZ (git-fixes).
- alsa: hda/realtek: Add quirk for Dell Latitude 7520 (git-fixes).
- alsa: hda/realtek: Add quirk for HP Dev One (git-fixes).
- alsa: hda/realtek: Add quirk for HP Spectre x360 15-eb0xxx (git-fixes).
- alsa: hda/realtek: Add quirk for Huawei WRT-WX9 (git-fixes).
- alsa: hda/realtek: Add quirk for TongFang devices with pop noise
(git-fixes).
- alsa: hda/realtek: Add quirk for another Asus K42JZ model (git-fixes).
- alsa: hda/realtek: Add quirk for the Framework Laptop (git-fixes).
- alsa: hda/realtek: Enable 4-speaker output Dell Precision 5530 laptop
(git-fixes).
- alsa: hda/realtek: Fix LED on HP ProBook 435 G7 (git-fixes).
- alsa: hda/realtek: Fix deadlock by COEF mutex (git-fixes).
- alsa: hda/realtek: Fix headset mic for Acer SF313-51 (git-fixes).
- alsa: hda/realtek: Re-arrange quirk table entries (git-fixes).
- alsa: hda/realtek: fix mute/micmute LEDs for HP machines (git-fixes).
- alsa: hda/realtek: fix mute/micmute LEDs for a HP ProBook (git-fixes).
- alsa: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine
(git-fixes).
- alsa: hda/realtek: fix right sounds and mute/micmute LEDs for HP
machines (git-fixes).
- alsa: hda/sigmatel: Fix unused variable warning for beep power change
(git-fixes).
- alsa: hda/sigmatel: Keep power up while beep is enabled (git-fixes).
- alsa: hda/tegra: Align BDL entry to 4KB boundary (git-fixes).
- alsa: hda: add Intel 5 Series / 3400 PCI DID (git-fixes).
- alsa: info: Fix llseek return value when using callback (git-fixes).
- alsa: seq: Fix data-race at module auto-loading (git-fixes).
- alsa: seq: oss: Fix data-race for max_midi_devs access (git-fixes).
- alsa: usb-audio: Fix an out-of-bounds bug in
__snd_usb_parse_audio_interface() (git-fixes).
- alsa: usb-audio: Inform the delayed registration more properly
(git-fixes).
- alsa: usb-audio: More comprehensive mixer map for ASUS ROG Zenith II
(git-fixes).
- alsa: usb-audio: Register card again for iface over delayed_register
option (git-fixes).
- alsa: usb-audio: Split endpoint setups for hw_params and prepare
(git-fixes).
- alsa: usb-audio: fix spelling mistakes (git-fixes).
- arm64/mm: Validate hotplug range before creating linear mapping
(git-fixes)
- arm64: cpufeature: Allow different PMU versions in ID_DFR0_EL1
(git-fixes)
- arm64: dts: allwinner: A64 Sopine: phy-mode rgmii-id (git-fixes)
- arm64: dts: allwinner: H5: NanoPi Neo Plus2: phy-mode rgmii-id
(git-fixes)
- arm64: dts: allwinner: a64-sopine-baseboard: change RGMII mode to
(bsc#1202341)
- arm64: dts: rockchip: Pull up wlan wake# on Gru-Bob (git-fixes)
- arm64: dts: rockchip: Remove 'enable-active-low' from rk3399-puma
(git-fixes)
- arm64: dts: rockchip: Set RK3399-Gru PCLK_EDP to 24 MHz (git-fixes)
- arm64: dts: uniphier: Fix USB interrupts for PXs3 SoC (git-fixes)
- arm64: kexec_file: use more system keyrings to verify kernel image
signature (bsc#1196444).
- arm64: mm: Always update TCR_EL1 from __cpu_set_tcr_t0sz() (git-fixes)
- arm64: mm: fix p?d_leaf() (git-fixes)
- arm64: mm: use a 48-bit ID map when possible on 52-bit VA builds
(git-fixes)
- arm64: signal: nofpsimd: Do not allocate fp/simd context when not
available (git-fixes).
- arm64: tegra: Fix SDMMC1 CD on P2888 (git-fixes)
- arm64: tegra: Remove non existent Tegra194 reset (git-fixes)
- arm64: tlb: fix the TTL value of tlb_get_level (git-fixes)
- arm: 9077/1: PLT: Move struct plt_entries definition to header
(git-fixes).
- arm: 9078/1: Add warn suppress parameter to arm_gen_branch_link()
(git-fixes).
- arm: 9079/1: ftrace: Add MODULE_PLTS support (git-fixes).
- arm: 9098/1: ftrace: MODULE_PLT: Fix build problem without
DYNAMIC_FTRACE (git-fixes).
- asm-generic: sections: refactor memory_intersects (git-fixes).
- asoc: SOF: debug: Fix potential buffer overflow by snprintf()
(git-fixes).
- asoc: audio-graph-card: Add of_node_put() in fail path (git-fixes).
- asoc: codecs: da7210: add check for i2c_add_driver (git-fixes).
- asoc: codecs: msm8916-wcd-digital: move gains from SX_TLV to S8_TLV
(git-fixes).
- asoc: codecs: wcd9335: move gains from SX_TLV to S8_TLV (git-fixes).
- asoc: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe
(git-fixes).
- asoc: nau8824: Fix semaphore unbalance at error paths (git-fixes).
- asoc: qcom: q6dsp: Fix an off-by-one in q6adm_alloc_copp() (git-fixes).
- asoc: tas2770: Allow mono streams (git-fixes).
- asoc: tas2770: Reinit regcache on reset (git-fixes).
- ata: libata-eh: Add missing command name (git-fixes).
- atm: idt77252: fix use-after-free bugs caused by tst_timer (git-fixes).
- blk-iocost: clamp inuse and skip noops in __propagate_weights()
(bsc#1202722).
- blk-iocost: fix operation ordering in iocg_wake_fn() (bsc#1202720).
- blk-iocost: fix weight updates of inner active iocgs (bsc#1202717).
- blk-iocost: rename propagate_active_weights() to propagate_weights()
(bsc#1202722).
- blktrace: fix blk_rq_merge documentation (git-fixes).
- bluetooth: L2CAP: Fix build errors in some archs (git-fixes).
- bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (git-fixes).
- bluetooth: MGMT: Fixes build warnings with C=1 (git-fixes).
- bpf: Compile out btf_parse_module() if module BTF is not enabled
(git-fixes).
- can: ems_usb: fix clang's -Wunaligned-access warning (git-fixes).
- can: gs_usb: gs_can_open(): fix race dev->can.state condition
(git-fixes).
- ceph: do not leak snap_rwsem in handle_cap_grant (bsc#1202810).
- ceph: do not truncate file in atomic_open (bsc#1202811).
- cgroup: Trace event cgroup id fields should be u64 (git-fixes).
- cgroup: Use separate src/dst nodes when preloading css_sets for
migration (bsc#1201610).
- cgroup: cgroup_get_from_id() must check the looked-up kn is a directory
(bsc#1203906).
- clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (git-fixes).
- clk: core: Fix runtime PM sequence in clk_core_unprepare() (git-fixes).
- clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (git-fixes).
- clk: imx: imx6sx: remove the SET_RATE_PARENT flag for QSPI clocks
(git-fixes).
- clk: iproc: Do not rely on node name for correct PLL setup (git-fixes).
- clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (git-fixes).
- clk: rockchip: add sclk_mac_lbtest to rk3188_critical_clocks (git-fixes).
- coresight: cti: Correct the parameter for pm_runtime_put (git-fixes).
- crypto: arm64/gcm - Select AEAD for GHASH_ARM64_CE (git-fixes)
- crypto: arm64/poly1305 - fix a read out-of-bound (git-fixes)
- devlink: Fix use-after-free after a failed reload (git-fixes).
- dm raid: fix KASAN warning in raid5_add_disks (git-fixes).
- dmaengine: sprd: Cleanup in .remove() after pm_runtime_get_sync() failed
(git-fixes).
- dpaa2-eth: unregister the netdev before disconnecting from the PHY
(git-fixes).
- driver core: Do not probe devices after bus_type.match() probe deferral
(git-fixes).
- drm/amd/display: Limit user regamma to a valid value (git-fixes).
- drm/amdgpu: Check BO's requested pinning domains against its
preferred_domains (git-fixes).
- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup (git-fixes).
- drm/amdgpu: do not register a dirty callback for non-atomic (git-fixes).
- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (git-fixes).
- drm/amdgpu: remove useless condition in
amdgpu_job_stop_all_jobs_on_sched() (git-fixes).
- drm/amdgpu: use dirty framebuffer helper (git-fixes).
- drm/gem: Fix GEM handle release errors (git-fixes).
- drm/gem: Properly annotate WW context on drm_gem_lock_reservations()
error (git-fixes).
- drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (git-fixes).
- drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported"
(git-fixes).
- drm/meson: Correct OSD1 global alpha value (git-fixes).
- drm/meson: Fix OSD1 RGB to YCbCr coefficient (git-fixes).
- drm/meson: Fix overflow implicit truncation warnings (git-fixes).
- drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()
(git-fixes).
- drm/msm/dsi: Fix number of regulators for SDM660 (git-fixes).
- drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (git-fixes).
- drm/msm/dsi: fix the inconsistent indenting (git-fixes).
- drm/msm/rd: Fix FIFO-full deadlock (git-fixes).
- drm/radeon: add a force flush to delay work when radeon (git-fixes).
- drm/rockchip: Fix return type of cdn_dp_connector_mode_valid (git-fixes).
- drm/sun4i: dsi: Prevent underflow when computing packet sizes
(git-fixes).
- dtb: Do not include sources in src.rpm - refer to kernel-source Same as
other kernel binary packages there is no need to carry duplicate sources
in dtb packages.
- efi: capsule-loader: Fix use-after-free in efi_capsule_write (git-fixes).
- ehea: fix error return code in ehea_restart_qps() (git-fixes).
- enetc: Fix endianness issues for enetc_qos (git-fixes).
- ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read()
(git-fixes).
- ext4: Fix BUG_ON in ext4_bread when write quota data (bsc#1197755).
- ext4: add reserved GDT blocks check (bsc#1202712).
- ext4: do not set SB_ACTIVE in ext4_orphan_cleanup() (bsc#1202708).
- ext4: do not use the orphan list when migrating an inode (bsc#1197756).
- ext4: fix bug_on in ext4_writepages (bsc#1200872).
- ext4: fix error handling code in add_new_gdb (bsc#1179722).
- ext4: fix error handling in ext4_restore_inline_data() (bsc#1197757).
- ext4: fix invalid inode checksum (bsc#1179723).
- ext4: fix loff_t overflow in ext4_max_bitmap_size() (bsc#1202709).
- ext4: fix overhead calculation to account for the reserved gdt blocks
(bsc#1200869).
- ext4: fix potential infinite loop in ext4_dx_readdir() (bsc#1191662).
- ext4: fix race when reusing xattr blocks (bsc#1198971).
- ext4: fix symlink file size not match to file content (bsc#1200868).
- ext4: fix use-after-free in ext4_rename_dir_prepare (bsc#1200871).
- ext4: fix use-after-free in ext4_search_dir (bsc#1202710).
- ext4: fix warning in ext4_handle_inode_extension (bsc#1202711).
- ext4: force overhead calculation if the s_overhead_cluster makes no
sense (bsc#1200870).
- ext4: recover csum seed of tmp_inode after migrating to extents
(bsc#1202713).
- ext4: remove EA inode entry from mbcache on inode eviction (bsc#1198971).
- ext4: unindent codeblock in ext4_xattr_block_set() (bsc#1198971).
- fbcon: Fix boundary checks for fbcon=vc:n1-n2 parameters (git-fixes).
- fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init()
(git-fixes).
- fbdev: fb_pm2fb: Avoid potential divide by zero error (git-fixes).
- firmware: tegra: bpmp: Do only aligned access to IPC memory area
(git-fixes).
- fs-writeback: writeback_sb_inodes: Recalculate 'wrote' according skipped
pages (bsc#1200873).
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace
is dead (git-fixes).
- fuse: Remove the control interface for virtio-fs (bsc#1203137).
- fuse: ioctl: translate ENOSYS (bsc#1203136).
- fuse: limit nsec (bsc#1203135).
- gadgetfs: ep_io - wait until IRQ finishes (git-fixes).
- geneve: do not use RT_TOS for IPv6 flowlabel (git-fixes).
- geneve: fix TOS inheriting for ipv4 (git-fixes).
- gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx
(git-fixes).
- gpio: pca953x: Add mutex_lock for regcache sync in PM (git-fixes).
- hid: alps: Declare U1_UNICORN_LEGACY support (git-fixes).
- hid: intel-ish-hid: ishtp: Fix ishtp client sending disordered message
(git-fixes).
- hid: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (git-fixes).
- hid: steam: Prevent NULL pointer dereference in steam_{recv,send}_report
(git-fixes).
- hid: wacom: Do not register pad_input for touch switch (git-fixes).
- hid: wacom: Only report rotation for art pen (git-fixes).
- hv_netvsc: Load and store the proper (NBL_HASH_INFO) per-packet info
(bsc#1202701).
- hwmon: (gpio-fan) Fix array out of bounds access (git-fixes).
- i2c: imx: Make sure to unregister adapter on remove() (git-fixes).
- ice: report supported and advertised autoneg using PHY capabilities
(git-fixes).
- ieee802154/adf7242: defer destroy_workqueue call (git-fixes).
- ieee802154: cc2520: add rc code in cc2520_tx() (git-fixes).
- iio: adc: mcp3911: make use of the sign bit (git-fixes).
- iio: adc: mcp3911: use correct formula for AD conversion (git-fixes).
- ima: force signature verification when CONFIG_KEXEC_SIG is configured
(bsc#1203737).
- input: iforce - add support for Boeder Force Feedback Wheel (git-fixes).
- input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag
(git-fixes).
- input: melfas_mip4 - fix return value check in mip4_probe() (git-fixes).
- input: rk805-pwrkey - fix module autoloading (git-fixes).
- input: snvs_pwrkey - fix SNVS_HPVIDR1 register address (git-fixes).
- intel_th: pci: Add Meteor Lake-P support (git-fixes).
- intel_th: pci: Add Raptor Lake-S CPU support (git-fixes).
- intel_th: pci: Add Raptor Lake-S PCH support (git-fixes).
- iommu/amd: Simplify and Consolidate Virtual APIC (AVIC) Enablement
(git-fixes).
- iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop
(git-fixes).
- iommu/exynos: Handle failed IOMMU device registration properly
(git-fixes).
- iommu/iova: Improve 32-bit free space estimate (git-fixes).
- iommu/ipmmu-vmsa: Check for error num after setting mask (git-fixes).
- iommu/mediatek: Add list_del in mtk_iommu_remove (git-fixes).
- iommu/msm: Fix an incorrect NULL check on list iterator (git-fixes).
- iommu/omap: Fix regression in probe for NULL pointer dereference
(git-fixes).
- iommu/vt-d: Calculate mask for non-aligned flushes (git-fixes).
- iommu/vt-d: Fix PCI bus rescan device hot add (git-fixes).
- iommu/vt-d: Fix RID2PASID setup/teardown failure (git-fixes).
- iommu/vt-d: avoid invalid memory access via node_online(NUMA_NO_NODE)
(git-fixes).
- ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (git-fixes).
- ipmi: ssif: initialize ssif_info->client early (git-fixes).
- ixgbevf: add correct exception tracing for XDP (git-fixes).
- jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when journal
aborted (bsc#1202716).
- jbd2: fix outstanding credits assert in
jbd2_journal_commit_transaction() (bsc#1202715).
- jfs: fix GPF in diFree (bsc#1203389).
- jfs: fix memleak in jfs_mount (git-fixes).
- jfs: more checks for invalid superblock (git-fixes).
- jfs: prevent NULL deref in diFree (bsc#1203389).
- kABI: x86: kexec: hide new include from genksyms (bsc#1196444).
- kabi: cgroup: Restore KABI of css_set (bsc#1201610).
- kbuild: do not create built-in objects for external module builds
(jsc#SLE-24559 bsc#1202756).
- kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (bsc#1181862
git-fixes).
- kbuild: dummy-tools: avoid tmpdir leak in dummy gcc (git-fixes).
- kernel-binary: move @NOSOURCE@ to @SOURCES@ as in other packages
- kernel-obs-build: include qemu_fw_cfg (boo#1201705)
- kernel-source: include the kernel signature file We assume that the
upstream tarball is used for released kernels. Then we can also include
the signature file and keyring in the kernel-source src.rpm. Because of
mkspec code limitation exclude the signature and keyring from binary
packages always - mkspec does not parse spec conditionals.
- kexec, KEYS, s390: Make use of built-in and secondary keyring for
signature verification (bsc#1196444).
- kexec, KEYS: make the code in bzImage64_verify_sig generic (bsc#1196444).
- kexec: clean up arch_kexec_kernel_verify_sig (bsc#1196444).
- kexec: do not verify the signature without the lockdown or mandatory
signature (bsc#1203737).
- kexec: drop weak attribute from functions (bsc#1196444).
- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add]
(bsc#1196444).
- kexec_file: drop weak attribute from functions (bsc#1196444).
- kfifo: fix kfifo_to_user() return type (git-fixes).
- kfifo: fix ternary sign extension bugs (git-fixes).
- kvm: PPC: Book3S HV: Context tracking exit guest context before enabling
irqs (bsc#1065729).
- kvm: PPC: Book3S HV: Prevent POWER7/8 TLB flush flushing SLB
(bsc#1156395).
- kvm: PPC: Book3S HV: Use GLOBAL_TOC for kvmppc_h_set_dabr/xdabr()
(bsc#1156395).
- kvm: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1156395).
- kvm: PPC: Use arch_get_random_seed_long instead of powernv variant
(bsc#1156395).
- kvm: VMX: Refuse to load kvm_intel if EPT and NX are disabled
(git-fixes).
- kvm: nVMX: Let userspace set nVMX MSR to any _host_ supported value
(git-fixes).
- kvm: nVMX: Snapshot pre-VM-Enter BNDCFGS for !nested_run_pending case
(git-fixes).
- kvm: nVMX: Snapshot pre-VM-Enter DEBUGCTL for !nested_run_pending case
(git-fixes).
- kvm: x86: Mark TSS busy during LTR emulation _after_ all fault checks
(git-fixes).
- kvm: x86: Set error code to segment selector on LLDT/LTR non-canonical
#GP (git-fixes).
- kvm: x86: accept userspace interrupt only if no event is injected
(git-fixes).
- lib/list_debug.c: Detect uninitialized lists (git-fixes).
- lib: bitmap: provide devm_bitmap_alloc() and devm_bitmap_zalloc()
(git-fixes).
- libata: add ATA_HORKAGE_NOLPM for Pioneer BDR-207M and BDR-205
(git-fixes).
- lightnvm: Remove lightnvm implemenation (bsc#1191881 bsc#1201420
ZDI-CAN-17325).
- list: add "list_del_init_careful()" to go with "list_empty_careful()"
(bsc#1202745).
- locking/lockdep: Avoid potential access of invalid memory in lock_class
(git-fixes).
- loop: Fix missing discard support when using LOOP_CONFIGURE
(bsc#1202718).
- mbcache: add functions to delete entry if unused (bsc#1198971).
- mbcache: do not reclaim used entries (bsc#1198971).
- md-raid10: fix KASAN warning (git-fixes).
- md/bitmap: do not set sb values if can't pass sanity check (bsc#1197158).
- md: call __md_stop_writes in md_stop (git-fixes).
- md: unlock mddev before reap sync_thread in action_store (bsc#1197659).
- media: aspeed-video: ignore interrupts that are not enabled (git-fixes).
- media: coda: Add more H264 levels for CODA960 (git-fixes).
- media: coda: Fix reported H264 profile (git-fixes).
- media: dvb_vb2: fix possible out of bound access (git-fixes).
- mfd: max77620: Fix refcount leak in max77620_initialise_fps (git-fixes).
- mfd: t7l66xb: Drop platform disable callback (git-fixes).
- misc: fastrpc: fix memory corruption on open (git-fixes).
- misc: fastrpc: fix memory corruption on probe (git-fixes).
- mkspec: eliminate @NOSOURCE@ macro This should be alsways used with
@SOURCES@, just include the content there.
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse
(git-fixes, bsc#1203098).
- mm: bdi: initialize bdi_min_ratio when bdi is unregistered (bsc#1197763).
- mm: memcontrol: fix potential oom_lock recursion deadlock (bsc#1202447).
- mm: pagewalk: Fix race between unmap and page walker (git-fixes,
bsc#1203159).
- mm: proc: smaps_rollup: do not stall write attempts on mmap_lock
(bsc#1201990).
- mm: smaps*: extend smap_gather_stats to support specified beginning
(bsc#1201990).
- mmap locking API: add mmap_lock_is_contended() (bsc#1201990).
- mmc: moxart: fix 4-bit bus width and remove 8-bit bus width (git-fixes).
- mmc: pxamci: Fix an error handling path in pxamci_probe() (git-fixes).
- mmc: pxamci: Fix another error handling path in pxamci_probe()
(git-fixes).
- module: Ignore _GLOBAL_OFFSET_TABLE_ when warning for undefined symbols
(git-fixes).
- mtd: maps: Fix refcount leak in ap_flash_init (git-fixes).
- mtd: maps: Fix refcount leak in of_flash_probe_versatile (git-fixes).
- mtd: partitions: Fix refcount leak in parse_redboot_of (git-fixes).
- mtd: rawnand: meson: Fix a potential double free issue (git-fixes).
- mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release
(git-fixes).
- mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path
(git-fixes).
- net/mlx5e: Check for needed capability for cvlan matching (git-fixes).
- net: bcmgenet: Add mdio-bcm-unimac soft dependency (git-fixes).
- net: cpsw: Properly initialise struct page_pool_params (git-fixes).
- net: cpsw: add missing of_node_put() in cpsw_probe_dt() (git-fixes).
- net: davinci_emac: Fix incorrect masking of tx and rx error channel
(git-fixes).
- net: dsa: felix: suppress -EPROBE_DEFER errors (git-fixes).
- net: dsa: mt7530: fix VLAN traffic leaks (git-fixes).
- net: enetc: Use pci_release_region() to release some resources
(git-fixes).
- net: enetc: report software timestamping via SO_TIMESTAMPING (git-fixes).
- net: enetc: unmap DMA in enetc_send_cmd() (git-fixes).
- net: ethernet: aeroflex: fix UAF in greth_of_remove (git-fixes).
- net: ethernet: ezchip: fix UAF in nps_enet_remove (git-fixes).
- net: ethernet: ezchip: fix error handling (git-fixes).
- net: ethernet: ezchip: remove redundant check (git-fixes).
- net: ethernet: fix potential use-after-free in ec_bhf_remove (git-fixes).
- net: ethernet: ti: cpsw_ale: Fix access to un-initialized memory
(git-fixes).
- net: fec: fix the potential memory leak in fec_enet_init() (git-fixes).
- net: fec_ptp: add clock rate zero check (git-fixes).
- net: hns: Fix kernel-doc (git-fixes).
- net: lantiq: fix memory corruption in RX ring (git-fixes).
- net: mana: Add rmb after checking owner bits (git-fixes).
- net: mana: Add support of XDP_REDIRECT action (bsc#1201310, jsc#PED-529).
- net: mana: Add the Linux MANA PF driver (bsc#1201309, jsc#PED-529).
- net: moxa: Use devm_platform_get_and_ioremap_resource() (git-fixes).
- net: mscc: ocelot: correctly report the timestamping RX filters in
ethtool (git-fixes).
- net: mscc: ocelot: do not downgrade timestamping RX filters in
SIOCSHWTSTAMP (git-fixes).
- net: netcp: Fix an error message (git-fixes).
- net: pch_gbe: Propagate error from devm_gpio_request_one() (git-fixes).
- net: rose: fix netdev reference changes (git-fixes).
- net: sock: tracing: Fix sock_exceed_buf_limit not to dereference stale
pointer (git-fixes).
- net: stmicro: handle clk_prepare() failure during init (git-fixes).
- net: stmmac: disable clocks in stmmac_remove_config_dt() (git-fixes).
- net: stmmac: dwmac1000: Fix extended MAC address registers definition
(git-fixes).
- net: usb: qmi_wwan: add Quectel RM520N (git-fixes).
- net: vmxnet3: fix possible NULL pointer dereference in
vmxnet3_rq_cleanup() (bsc#1200431).
- net: vmxnet3: fix possible use-after-free bugs in
vmxnet3_rq_alloc_rx_buf() (bsc#1200431).
- net: vmxnet3: remove multiple false checks in vmxnet3_ethtool.c
(bsc#1200431).
- net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send
(git-fixes).
- net:enetc: allocate CBD ring data memory using DMA coherent methods
(git-fixes).
- net_sched: cls_route: disallow handle of 0 (bsc#1202393).
- nfs: fix nfs_path in case of a rename retry (git-fixes).
- nfsd: Add missing NFSv2 .pc_func methods (git-fixes).
- nfsd: Clamp WRITE offsets (git-fixes).
- nfsd: Fix offset type in I/O trace points (git-fixes).
- nfsd: Fix possible sleep during nfsd4_release_lockowner() (git-fixes).
- nfsd: fix use-after-free due to delegation race (git-fixes).
- nfsd: prevent integer overflow on 32 bit systems (git-fixes).
- nfsd: prevent underflow in nfssvc_decode_writeargs() (git-fixes).
- nfsv4.1: Do not decrease the value of seq_nr_highest_sent (git-fixes).
- nfsv4.1: Handle NFS4ERR_DELAY replies to OP_SEQUENCE correctly
(git-fixes).
- nfsv4.1: RECLAIM_COMPLETE must handle EACCES (git-fixes).
- nfsv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag
(git-fixes).
- nfsv4: Fix races in the legacy idmapper upcall (git-fixes).
- nfsv4: Fix second deadlock in nfs4_evict_inode() (git-fixes).
- nfsv4: nfs4_proc_set_acl needs to restore NFS_CAP_UIDGID_NOMAP on error
(git-fixes).
- ntb: ntb_tool: uninitialized heap data in tool_fn_write() (git-fixes).
- nvme-fabrics: parse nvme connect Linux error codes (bsc#1201865).
- nvme-rdma: Handle number of queue changes (bsc#1201865).
- nvme-tcp: Handle number of queue changes (bsc#1201865).
- nvme-tcp: fix UAF when detecting digest errors (bsc#1200313 bsc#1201489).
- nvme: fix RCU hole that allowed for endless looping in multipath round
robin (bsc#1202636).
- nvmet: Expose max queues to configfs (bsc#1201865).
- objtool: Add support for intra-function calls (bsc#1202396).
- objtool: Make handle_insn_ops() unconditional (bsc#1202396).
- objtool: Remove INSN_STACK (bsc#1202396).
- objtool: Rework allocating stack_ops on decode (bsc#1202396).
- objtool: Support multiple stack_op per instruction (bsc#1202396).
- ocfs2: drop acl cache for directories too (bsc#1191667).
- ocfs2: fix crash when initialize filecheck kobj fails (bsc#1197920).
- ocfs2: mount fails with buffer overflow in strlen (bsc#1197760).
- of/device: Fix up of_dma_configure_id() stub (git-fixes).
- of: fdt: fix off-by-one error in unflatten_dt_nodes() (git-fixes).
- padata: introduce internal padata_get/put_pd() helpers (bsc#1202638).
- padata: make padata_free_shell() to respect pd's ->refcnt (bsc#1202638).
- parisc/sticon: fix reverse colors (bsc#1152489).
- parisc: parisc-agp requires SBA IOMMU driver (bsc#1152489)
- pci/acpi: Guard ARM64-specific mcfg_quirks (git-fixes).
- pci: Add ACS quirk for Broadcom BCM5750x NICs (git-fixes).
- pci: hv: Fix hv_arch_irq_unmask() for multi-MSI (bsc#1200845).
- pci: hv: Fix interrupt mapping for multi-MSI (bsc#1200845).
- pci: hv: Fix multi-MSI to allow more than one MSI vector (bsc#1200845).
- pci: hv: Make the code arch neutral by adding arch specific interfaces
(bsc#1200845).
- pci: hv: Only reuse existing IRTE allocation for Multi-MSI (bsc#1200845).
- pci: hv: Reuse existing IRTE allocation in compose_msi_msg()
(bsc#1200845).
- pci: qcom: Fix pipe clock imbalance (git-fixes).
- perf bench: Share some global variables to fix build with gcc 10
(git-fixes).
- pinctrl/rockchip: fix gpio device creation (git-fixes).
- pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map
(git-fixes).
- pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (git-fixes).
- pinctrl: rockchip: Enhance support for IRQ_TYPE_EDGE_BOTH (git-fixes).
- pinctrl: sunxi: Add I/O bias setting for H6 R-PIO (git-fixes).
- platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap
fixes (git-fixes).
- platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (git-fixes).
- powerpc/drmem: Make lmb_size 64 bit (bsc#1203424 ltc#199544).
- powerpc/memhotplug: Make lmb size 64bit (bsc#1203424 ltc#199544).
- powerpc/perf: Optimize clearing the pending PMI and remove WARN_ON for
PMI check in power_pmu_disable (bsc#1156395).
- powerpc/powernv/kvm: Use darn for H_RANDOM on Power9 (bsc#1065729).
- powerpc/powernv: Avoid crashing if rng is NULL (bsc#1065729).
- powerpc/powernv: Staticify functions without prototypes (bsc#1065729).
- powerpc/powernv: delay rng platform device creation until later in boot
(bsc#1065729).
- powerpc/powernv: rename remaining rng powernv_ functions to pnv_
(bsc#1065729).
- powerpc/powernv: wire up rng during setup_arch (bsc#1065729).
- powerpc/pseries: wire up rng during setup_arch() (bsc#1065729).
- powerpc/xive: Fix refcount leak in xive_get_max_prio (git-fixess).
- powerpc: Enable execve syscall exit tracepoint (bsc#1065729).
- powerpc: define get_cycles macro for arch-override (bsc#1065729).
- powerpc: powernv: kABI: add back powernv_get_random_long (bsc#1065729).
- ppc64/kdump: Limit kdump base to 512MB (bsc#1203410 ltc#199904).
- profiling: fix shift too large makes kernel panic (git-fixes).
- psi: Fix uaf issue when psi trigger is destroyed while being polled
(bsc#1203909).
- qlcnic: Add null check after calling netdev_alloc_skb (git-fixes).
- random: fix crash on multiple early calls to add_bootloader_randomness()
(git-fixes).
- ratelimit: Fix data-races in ___ratelimit() (git-fixes).
- regulator: core: Clean up on enable failure (git-fixes).
- regulator: pfuze100: Fix the global-out-of-bounds access in
pfuze100_regulator_probe() (git-fixes).
- reiserfs: fix handling of -EOPNOTSUPP in reiserfs_for_each_xattr
(bsc#1202714).
- remoteproc: qcom: q6v5-mss: add powerdomains to MSM8996 config
(git-fixes).
- remoteproc: qcom: wcnss: Fix handling of IRQs (git-fixes).
- reset: imx7: Fix the iMX8MP PCIe PHY PERST support (git-fixes).
- rpm/kernel-binary.spec.in: move vdso to a separate package (bsc#1202385)
We do the move only on 15.5+.
- rpm/kernel-binary.spec.in: simplify find for usrmerged The type test and
print line are the same for both cases. The usrmerged case only ignores
more, so refactor it to make it more obvious.
- rpm/kernel-source.spec.in: simplify finding of broken symlinks "find
-xtype l" will report them, so use that to make the search a bit faster
(without using shell).
- s390/crash: fix incorrect number of bytes to copy to user space
(git-fixes).
- s390/crash: make copy_oldmem_page() return number of bytes copied
(git-fixes).
- s390/mm: do not trigger write fault when vma does not allow VM_WRITE
(git-fixes).
- s390/mm: fix 2KB pgtable release race (git-fixes).
- s390/ptrace: pass invalid syscall numbers to tracing (bsc#1192594
LTC#197522).
- s390/qeth: cache link_info for ethtool (bsc#1202984 LTC#199607).
- s390/qeth: clean up default cases for ethtool link mode (bsc#1202984
LTC#199607).
- s390/qeth: improve QUERY CARD INFO processing (bsc#1202984 LTC#199607).
- s390/qeth: improve selection of ethtool link modes (bsc#1202984
LTC#199607).
- s390/qeth: set static link info during initialization (bsc#1202984
LTC#199607).
- s390/qeth: tolerate error when querying card info (bsc#1202984
LTC#199607).
- s390/qeth: use QUERY OAT for initial link info (bsc#1202984 LTC#199607).
- scsi: core: Fix bad pointer dereference when ehandler kthread is invalid
(git-fixes).
- scsi: lpfc: Add missing destroy_workqueue() in error path (bsc#1203939).
- scsi: lpfc: Add missing free iocb and nlp kref put for early return VMID
cases (bsc#1203939).
- scsi: lpfc: Add reporting capability for Link Degrade Signaling
(bsc#1203939).
- scsi: lpfc: Add warning notification period to CMF_SYNC_WQE
(bsc#1203063).
- scsi: lpfc: Check the return value of alloc_workqueue() (bsc#1203063).
- scsi: lpfc: Copyright updates for 14.2.0.6 patches (bsc#1203063).
- scsi: lpfc: Fix FLOGI ACC with wrong SID in PT2PT topology (bsc#1203939).
- scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload
(bsc#1203939).
- scsi: lpfc: Fix multiple NVMe remoteport registration calls for the same
NPort ID (bsc#1203939).
- scsi: lpfc: Fix null ndlp ptr dereference in abnormal exit path for
GFT_ID (bsc#1203063).
- scsi: lpfc: Fix prli_fc4_req checks in PRLI handling (bsc#1203939).
- scsi: lpfc: Fix unsolicited FLOGI receive handling during PT2PT
discovery (bsc#1203063).
- scsi: lpfc: Fix various issues reported by tools (bsc#1203939).
- scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed
phba (bsc#1185032 bsc#1203939).
- scsi: lpfc: Remove SANDiags related code (bsc#1203063).
- scsi: lpfc: Remove the unneeded result variable (bsc#1203939).
- scsi: lpfc: Remove unneeded result variable (bsc#1203939).
- scsi: lpfc: Rename mp/bmp dma buffers to rq/rsp in lpfc_fdmi_cmd
(bsc#1203939).
- scsi: lpfc: Return DID_TRANSPORT_DISRUPTED instead of DID_REQUEUE
(bsc#1203939).
- scsi: lpfc: Rework FDMI attribute registration for unintential padding
(bsc#1203939).
- scsi: lpfc: Rework MIB Rx Monitor debug info logic (bsc#1203063).
- scsi: lpfc: Rework lpfc_fdmi_cmd() routine for cleanup and consistency
(bsc#1203939).
- scsi: lpfc: Update congestion mode logging for Emulex SAN Manager
application (bsc#1203939).
- scsi: lpfc: Update lpfc version to 14.2.0.6 (bsc#1203063).
- scsi: lpfc: Update lpfc version to 14.2.0.7 (bsc#1203939).
- scsi: mpt3sas: Fix use-after-free warning (git-fixes).
- scsi: qla2xxx: Add NVMe parameters support in Auxiliary Image Status
(bsc#1203935).
- scsi: qla2xxx: Add debugfs create/delete helpers (bsc#1203935).
- scsi: qla2xxx: Always wait for qlt_sess_work_fn() from qlt_stop_phase1()
(bsc#1203935).
- scsi: qla2xxx: Avoid flush_scheduled_work() usage (bsc#1203935).
- scsi: qla2xxx: Disable ATIO interrupt coalesce for quad port ISP27XX
(bsc#1203935).
- scsi: qla2xxx: Drop DID_TARGET_FAILURE use (bsc#1203935).
- scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts() (bsc#1203935).
- scsi: qla2xxx: Fix response queue handler reading stale packets
(bsc#1203935).
- scsi: qla2xxx: Log message "skipping scsi_scan_host()" as informational
(bsc#1203935).
- scsi: qla2xxx: Remove unused declarations for qla2xxx (bsc#1203935).
- scsi: qla2xxx: Remove unused del_sess_list field (bsc#1203935).
- scsi: qla2xxx: Remove unused qlt_tmr_work() (bsc#1203935).
- scsi: qla2xxx: Revert "scsi: qla2xxx: Fix response queue handler reading
stale packets" (bsc#1203935).
- scsi: qla2xxx: Update version to 10.02.07.900-k (bsc#1203935).
- scsi: sg: Allow waiting for commands to complete on removed device
(git-fixes).
- scsi: smartpqi: Fix DMA direction for RAID requests (git-fixes).
- scsi: smartpqi: Shorten drive visibility after removal (bsc#1200622).
- scsi: smartpqi: Update LUN reset handler (bsc#1200622).
- selftests: futex: Use variable MAKE instead of make (git-fixes).
- serial: 8250_dw: Store LSR into lsr_saved_flags in
dw8250_tx_wait_empty() (git-fixes).
- serial: Create uart_xmit_advance() (git-fixes).
- serial: fsl_lpuart: RS485 RTS polariy is inverse (git-fixes).
- serial: mvebu-uart: uart2 error bits clearing (git-fixes).
- serial: tegra-tcu: Use uart_xmit_advance(), fixes icount.tx accounting
(git-fixes).
- serial: tegra: Change lower tolerance baud rate limit for tegra20 and
tegra30 (git-fixes).
- serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting
(git-fixes).
- silence nfscache allocation warnings with kvzalloc (git-fixes).
- soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs
(git-fixes).
- soc: sunxi: sram: Actually claim SRAM regions (git-fixes).
- soc: sunxi: sram: Fix debugfs info for A64 SRAM C (git-fixes).
- soc: sunxi: sram: Prevent the driver from being unbound (git-fixes).
- spi: Fix incorrect cs_setup delay handling (git-fixes).
- spi: spi-rspi: Fix PIO fallback on RZ platforms (git-fixes).
- spi: synquacer: Add missing clk_disable_unprepare() (git-fixes).
- spmi: trace: fix stack-out-of-bound access in SPMI tracing functions
(git-fixes).
- squashfs: fix divide error in calculate_skip() (git-fixes).
- staging: rtl8712: fix use after free bugs (git-fixes).
- struct ehci_hcd: hide new member (git-fixes).
- struct otg_fsm: hide new boolean member in gap (git-fixes).
- sunrpc: Clean up scheduling of autoclose (git-fixes).
- sunrpc: Do not call connect() more than once on a TCP socket (git-fixes).
- sunrpc: Do not dereference xprt->snd_task if it's a cookie (git-fixes).
- sunrpc: Do not leak sockets in xs_local_connect() (git-fixes).
- sunrpc: Fix READ_PLUS crasher (git-fixes).
- sunrpc: Fix misplaced barrier in call_decode (git-fixes).
- sunrpc: Prevent immediate close+reconnect (git-fixes).
- sunrpc: RPC level errors should set task->tk_rpc_status (git-fixes).
- sunrpc: Reinitialise the backchannel request buffers before reuse
(git-fixes).
- sunrpc: fix expiry of auth creds (git-fixes).
- svcrdma: Hold private mutex while invoking rdma_accept() (git-fixes).
- tee: optee: Fix incorrect page free bug (git-fixes).
- thermal: Fix NULL pointer dereferences in of_thermal_ functions
(git-fixes).
- thermal: sysfs: Fix cooling_device_stats_setup() error code path
(git-fixes).
- thunderbolt: Use the actual buffer in tb_async_error() (git-fixes).
- tools/thermal: Fix possible path truncations (git-fixes).
- tracing/histogram: Fix a potential memory leak for kstrdup() (git-fixes).
- tracing/histograms: Fix memory leak problem (git-fixes).
- tracing/probes: Have kprobes and uprobes use $COMM too (git-fixes).
- tracing: Add ustring operation to filtering string pointers (git-fixes).
- tracing: hold caller_addr to hardirq_{enable,disable}_ip (git-fixes).
- tty/serial: atmel: RS485 & ISO7816: wait for TXRDY before sending data
(git-fixes).
- tty: serial: Fix refcount leak bug in ucc_uart.c (git-fixes).
- tty: serial: lpuart: disable flow control while waiting for the transmit
engine to complete (git-fixes).
- tty: vt: initialize unicode screen buffer (git-fixes).
- usb-storage: Add ignore-residue quirk for NXP PN7462AU (git-fixes).
- usb.h: struct usb_device: hide new member (git-fixes).
- usb: add quirks for Lenovo OneLink+ Dock (git-fixes).
- usb: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (git-fixes).
- usb: core: Fix RST error in hub.c (git-fixes).
- usb: core: Prevent nested device-reset calls (git-fixes).
- usb: dwc2: fix wrong order of phy_power_on and phy_init (git-fixes).
- usb: dwc3: Switch to platform_get_irq_byname_optional() (git-fixes).
- usb: dwc3: disable USB core PHY management (git-fixes).
- usb: dwc3: ep0: Fix delay status handling (git-fixes).
- usb: dwc3: gadget: Avoid starting DWC3 gadget during UDC unbind
(git-fixes).
- usb: dwc3: gadget: END_TRANSFER before CLEAR_STALL command (git-fixes).
- usb: dwc3: gadget: Fix IN endpoint max packet size allocation
(git-fixes).
- usb: dwc3: gadget: Prevent repeat pullup() (git-fixes).
- usb: dwc3: gadget: Refactor dwc3_gadget_ep_dequeue (git-fixes).
- usb: dwc3: gadget: Remove FS bInterval_m1 limitation (git-fixes).
- usb: dwc3: gadget: Remove unnecessary checks (git-fixes).
- usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback
(git-fixes).
- usb: dwc3: gadget: Store resource index of start cmd (git-fixes).
- usb: dwc3: qcom: fix missing optional irq warnings.
- usb: ehci: handshake CMD_RUN instead of STS_HALT (git-fixes).
- usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS
(git-fixes).
- usb: gadget: u_audio: fix race condition on endpoint stop (git-fixes).
- usb: gadget: udc-xilinx: replace memcpy with memcpy_toio (git-fixes).
- usb: gadget: uvc: call uvc uvcg_warn on completed status instead of
uvcg_info (git-fixes).
- usb: host: ohci-ppc-of: Fix refcount leak bug (git-fixes).
- usb: otg-fsm: Fix hrtimer list corruption (git-fixes).
- usb: renesas: Fix refcount leak bug (git-fixes).
- usb: serial: ch341: fix disabled rx timer on older devices (git-fixes).
- usb: serial: ch341: fix lost character on LCR updates (git-fixes).
- usb: serial: ch341: name prescaler, divisor registers (git-fixes).
- usb: serial: cp210x: add Decagon UCA device id (git-fixes).
- usb: serial: ftdi_sio: add Omron CS1W-CIF31 device id (git-fixes).
- usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- usb: serial: option: add Quectel BG95 0x0203 composition (git-fixes).
- usb: serial: option: add Quectel EM060K modem (git-fixes).
- usb: serial: option: add Quectel RM520N (git-fixes).
- usb: serial: option: add Quectel RM520N (git-fixes).
- usb: serial: option: add support for Cinterion MV32-WA/WB RmNet mode
(git-fixes).
- usb: serial: option: add support for OPPO R11 diag port (git-fixes).
- usb: storage: Add ASUS <0x0b05:0x1932> to IGNORE_UAS (git-fixes).
- usb: typec: altmodes/displayport: correct pin assignment for UFP
receptacles (git-fixes).
- usb: typec: ucsi: Remove incorrect warning (git-fixes).
- usb: xhci-mtk: add a function to (un)load bandwidth info (git-fixes).
- usb: xhci-mtk: add only one extra CS for FS/LS INTR (git-fixes).
- usb: xhci-mtk: add some schedule error number (git-fixes).
- usb: xhci-mtk: fix issue of out-of-bounds array access (git-fixes).
- usb: xhci-mtk: get the microframe boundary for ESIT (git-fixes).
- usb: xhci-mtk: use @sch_tt to check whether need do TT schedule
(git-fixes).
- usbnet: Fix linkwatch use-after-free on disconnect (git-fixes).
- usbnet: Fix memory leak in usbnet_disconnect() (git-fixes).
- usbnet: smsc95xx: Fix deadlock on runtime resume (git-fixes).
- vboxguest: Do not use devm for irq (git-fixes).
- vfio/ccw: Remove UUID from s390 debug log (git-fixes).
- video: fbdev: amba-clcd: Fix refcount leak bugs (git-fixes).
- video: fbdev: arkfb: Check the size of screen before memset_io()
(git-fixes).
- video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock()
(git-fixes).
- video: fbdev: i740fb: Check the argument of i740_calc_vclk() (git-fixes).
- video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write
(git-fixes).
- video: fbdev: s3fb: Check the size of screen before memset_io()
(git-fixes).
- video: fbdev: sis: fix typos in SiS_GetModeID() (git-fixes).
- video: fbdev: vt8623fb: Check the size of screen before memset_io()
(git-fixes).
- virtio_net: fix memory leak inside XPD_TX with mergeable (git-fixes).
- vmci: Add support for ARM64 (bsc#1199291, jsc#SLE-24635).
- vmci: Check exclusive_vectors when freeing interrupt 1 (bsc#1199291,
jsc#SLE-24635).
- vmci: Enforce queuepair max size for IOCTL_VMCI_QUEUEPAIR_ALLOC
(bsc#1199291, jsc#SLE-24635).
- vmci: Fix some error handling paths in vmci_guest_probe_device()
(bsc#1199291, jsc#SLE-24635).
- vmci: Release notification_bitmap in error path (bsc#1199291,
jsc#SLE-24635).
- vmci: dma dg: add MMIO access to registers (bsc#1199291, jsc#SLE-24635).
- vmci: dma dg: add support for DMA datagrams receive (bsc#1199291,
jsc#SLE-24635).
- vmci: dma dg: add support for DMA datagrams sends (bsc#1199291,
jsc#SLE-24635).
- vmci: dma dg: allocate send and receive buffers for DMA datagrams
(bsc#1199291, jsc#SLE-24635).
- vmci: dma dg: detect DMA datagram capability (bsc#1199291,
jsc#SLE-24635).
- vmci: dma dg: register dummy IRQ handlers for DMA datagrams
(bsc#1199291, jsc#SLE-24635).
- vmci: dma dg: set OS page size (bsc#1199291, jsc#SLE-24635).
- vmci: dma dg: whitespace formatting change for vmci register defines
(bsc#1199291, jsc#SLE-24635).
- vmxnet3: Implement ethtool's get_channels command (bsc#1200431).
- vmxnet3: Record queue number to incoming packets (bsc#1200431).
- vmxnet3: Remove useless DMA-32 fallback configuration (bsc#1200431).
- vmxnet3: add command to set ring buffer sizes (bsc#1200431).
- vmxnet3: add support for capability registers (bsc#1200431).
- vmxnet3: add support for large passthrough BAR register (bsc#1200431).
- vmxnet3: add support for out of order rx completion (bsc#1200431).
- vmxnet3: disable overlay offloads if UPT device does not support
(bsc#1200431).
- vmxnet3: do not reschedule napi for rx processing (bsc#1200431).
- vmxnet3: do not stop tx queues after netif_device_detach() (bsc#1200431).
- vmxnet3: limit number of TXDs used for TSO packet (bsc#1200431).
- vmxnet3: prepare for version 7 changes (bsc#1200431).
- vmxnet3: switch from 'pci_' to 'dma_' API (bsc#1200431).
- vmxnet3: update to version 7 (bsc#1200431).
- vmxnet3: use ext1 field to indicate encapsulated packet (bsc#1200431).
- vsock: Fix memory leak in vsock_connect() (git-fixes).
- vsock: Set socket state back to SS_UNCONNECTED in
vsock_connect_timeout() (git-fixes).
- vt: Clear selection before changing the font (git-fixes).
- vt: selection, introduce vc_is_sel (git-fixes).
- watchdog: armada_37xx_wdt: check the return value of devm_ioremap() in
armada_37xx_wdt_probe() (git-fixes).
- watchdog: wdat_wdt: Set the min and max timeout values properly
(bsc#1194023).
- wifi: cfg80211: debugfs: fix return type in ht40allow_map_read()
(git-fixes).
- wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in
il4965_rs_fill_link_cmd() (git-fixes).
- wifi: mac80211: Do not finalize CSA in IBSS mode if state is
disconnected (git-fixes).
- wifi: mac80211: Fix UAF in ieee80211_scan_rx() (git-fixes).
- wifi: mac80211_hwsim: add back erroneously removed cast (git-fixes).
- wifi: mac80211_hwsim: fix race condition in pending packet (git-fixes).
- wifi: mac80211_hwsim: use 32-bit skb cookie (git-fixes).
- x86/bugs: Reenable retbleed=off While for older kernels the return
thunks are statically built in and cannot be dynamically patched out,
retbleed=off should still work so that it can be disabled.
- x86/kexec: fix memory leak of elf header buffer (bsc#1196444).
- x86/olpc: fix 'logical not is only applied to the left hand side'
(git-fixes).
- x86/xen: Remove undefined behavior in setup_features() (git-fixes).
- xen/xenbus: fix return type in xenbus_file_read() (git-fixes).
- xfs: Fix assert failure in xfs_setattr_size() (git-fixes).
- xfs: bunmapi has unnecessary AG lock ordering issues (git-fixes).
- xfs: check sb_meta_uuid for dabuf buffer recovery (bsc#1202577).
- xfs: make xfs_rtalloc_query_range input parameters const (git-fixes).
- xfs: mark a data structure sick if there are cross-referencing errors
(git-fixes).
- xfs: only reset incore inode health state flags when reclaiming an inode
(git-fixes).
- xfs: prevent a UAF when log IO errors race with unmount (git-fixes).
- xfs: use kmem_cache_free() for kmem_cache objects (git-fixes).
- xprtrdma: Fix XDRBUF_SPARSE_PAGES support (git-fixes).
- xprtrdma: Fix cwnd update ordering (git-fixes).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap Micro 5.2:
zypper in -t patch openSUSE-Leap-Micro-5.2-2022-3809=1
- SUSE Linux Enterprise Module for Realtime 15-SP3:
zypper in -t patch SUSE-SLE-Module-RT-15-SP3-2022-3809=1
- SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-3809=1
- SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-3809=1
Package List:
- openSUSE Leap Micro 5.2 (x86_64):
kernel-rt-5.3.18-150300.106.1
kernel-rt-debuginfo-5.3.18-150300.106.1
kernel-rt-debugsource-5.3.18-150300.106.1
- SUSE Linux Enterprise Module for Realtime 15-SP3 (noarch):
kernel-devel-rt-5.3.18-150300.106.1
kernel-source-rt-5.3.18-150300.106.1
- SUSE Linux Enterprise Module for Realtime 15-SP3 (x86_64):
cluster-md-kmp-rt-5.3.18-150300.106.1
cluster-md-kmp-rt-debuginfo-5.3.18-150300.106.1
dlm-kmp-rt-5.3.18-150300.106.1
dlm-kmp-rt-debuginfo-5.3.18-150300.106.1
gfs2-kmp-rt-5.3.18-150300.106.1
gfs2-kmp-rt-debuginfo-5.3.18-150300.106.1
kernel-rt-5.3.18-150300.106.1
kernel-rt-debuginfo-5.3.18-150300.106.1
kernel-rt-debugsource-5.3.18-150300.106.1
kernel-rt-devel-5.3.18-150300.106.1
kernel-rt-devel-debuginfo-5.3.18-150300.106.1
kernel-rt_debug-debuginfo-5.3.18-150300.106.1
kernel-rt_debug-debugsource-5.3.18-150300.106.1
kernel-rt_debug-devel-5.3.18-150300.106.1
kernel-rt_debug-devel-debuginfo-5.3.18-150300.106.1
kernel-syms-rt-5.3.18-150300.106.1
ocfs2-kmp-rt-5.3.18-150300.106.1
ocfs2-kmp-rt-debuginfo-5.3.18-150300.106.1
- SUSE Linux Enterprise Micro 5.2 (x86_64):
kernel-rt-5.3.18-150300.106.1
kernel-rt-debuginfo-5.3.18-150300.106.1
kernel-rt-debugsource-5.3.18-150300.106.1
- SUSE Linux Enterprise Micro 5.1 (x86_64):
kernel-rt-5.3.18-150300.106.1
kernel-rt-debuginfo-5.3.18-150300.106.1
kernel-rt-debugsource-5.3.18-150300.106.1
References:
https://www.suse.com/security/cve/CVE-2016-3695.html
https://www.suse.com/security/cve/CVE-2020-16119.html
https://www.suse.com/security/cve/CVE-2020-27784.html
https://www.suse.com/security/cve/CVE-2021-4155.html
https://www.suse.com/security/cve/CVE-2021-4203.html
https://www.suse.com/security/cve/CVE-2022-20368.html
https://www.suse.com/security/cve/CVE-2022-20369.html
https://www.suse.com/security/cve/CVE-2022-2503.html
https://www.suse.com/security/cve/CVE-2022-2586.html
https://www.suse.com/security/cve/CVE-2022-2588.html
https://www.suse.com/security/cve/CVE-2022-26373.html
https://www.suse.com/security/cve/CVE-2022-2663.html
https://www.suse.com/security/cve/CVE-2022-2905.html
https://www.suse.com/security/cve/CVE-2022-2977.html
https://www.suse.com/security/cve/CVE-2022-3028.html
https://www.suse.com/security/cve/CVE-2022-3169.html
https://www.suse.com/security/cve/CVE-2022-32296.html
https://www.suse.com/security/cve/CVE-2022-3239.html
https://www.suse.com/security/cve/CVE-2022-3303.html
https://www.suse.com/security/cve/CVE-2022-36879.html
https://www.suse.com/security/cve/CVE-2022-39188.html
https://www.suse.com/security/cve/CVE-2022-39190.html
https://www.suse.com/security/cve/CVE-2022-40768.html
https://www.suse.com/security/cve/CVE-2022-41218.html
https://www.suse.com/security/cve/CVE-2022-41222.html
https://www.suse.com/security/cve/CVE-2022-41674.html
https://www.suse.com/security/cve/CVE-2022-41848.html
https://www.suse.com/security/cve/CVE-2022-41849.html
https://www.suse.com/security/cve/CVE-2022-42719.html
https://www.suse.com/security/cve/CVE-2022-42720.html
https://www.suse.com/security/cve/CVE-2022-42721.html
https://www.suse.com/security/cve/CVE-2022-42722.html
https://bugzilla.suse.com/1023051
https://bugzilla.suse.com/1065729
https://bugzilla.suse.com/1152489
https://bugzilla.suse.com/1156395
https://bugzilla.suse.com/1177471
https://bugzilla.suse.com/1179722
https://bugzilla.suse.com/1179723
https://bugzilla.suse.com/1181862
https://bugzilla.suse.com/1185032
https://bugzilla.suse.com/1191662
https://bugzilla.suse.com/1191667
https://bugzilla.suse.com/1191881
https://bugzilla.suse.com/1192594
https://bugzilla.suse.com/1194023
https://bugzilla.suse.com/1194272
https://bugzilla.suse.com/1194535
https://bugzilla.suse.com/1196444
https://bugzilla.suse.com/1197158
https://bugzilla.suse.com/1197659
https://bugzilla.suse.com/1197755
https://bugzilla.suse.com/1197756
https://bugzilla.suse.com/1197757
https://bugzilla.suse.com/1197760
https://bugzilla.suse.com/1197763
https://bugzilla.suse.com/1197920
https://bugzilla.suse.com/1198971
https://bugzilla.suse.com/1199291
https://bugzilla.suse.com/1200288
https://bugzilla.suse.com/1200313
https://bugzilla.suse.com/1200431
https://bugzilla.suse.com/1200622
https://bugzilla.suse.com/1200845
https://bugzilla.suse.com/1200868
https://bugzilla.suse.com/1200869
https://bugzilla.suse.com/1200870
https://bugzilla.suse.com/1200871
https://bugzilla.suse.com/1200872
https://bugzilla.suse.com/1200873
https://bugzilla.suse.com/1201019
https://bugzilla.suse.com/1201309
https://bugzilla.suse.com/1201310
https://bugzilla.suse.com/1201420
https://bugzilla.suse.com/1201489
https://bugzilla.suse.com/1201610
https://bugzilla.suse.com/1201705
https://bugzilla.suse.com/1201726
https://bugzilla.suse.com/1201865
https://bugzilla.suse.com/1201948
https://bugzilla.suse.com/1201990
https://bugzilla.suse.com/1202095
https://bugzilla.suse.com/1202096
https://bugzilla.suse.com/1202097
https://bugzilla.suse.com/1202341
https://bugzilla.suse.com/1202346
https://bugzilla.suse.com/1202347
https://bugzilla.suse.com/1202385
https://bugzilla.suse.com/1202393
https://bugzilla.suse.com/1202396
https://bugzilla.suse.com/1202447
https://bugzilla.suse.com/1202577
https://bugzilla.suse.com/1202636
https://bugzilla.suse.com/1202638
https://bugzilla.suse.com/1202672
https://bugzilla.suse.com/1202677
https://bugzilla.suse.com/1202701
https://bugzilla.suse.com/1202708
https://bugzilla.suse.com/1202709
https://bugzilla.suse.com/1202710
https://bugzilla.suse.com/1202711
https://bugzilla.suse.com/1202712
https://bugzilla.suse.com/1202713
https://bugzilla.suse.com/1202714
https://bugzilla.suse.com/1202715
https://bugzilla.suse.com/1202716
https://bugzilla.suse.com/1202717
https://bugzilla.suse.com/1202718
https://bugzilla.suse.com/1202720
https://bugzilla.suse.com/1202722
https://bugzilla.suse.com/1202745
https://bugzilla.suse.com/1202756
https://bugzilla.suse.com/1202810
https://bugzilla.suse.com/1202811
https://bugzilla.suse.com/1202860
https://bugzilla.suse.com/1202895
https://bugzilla.suse.com/1202898
https://bugzilla.suse.com/1202960
https://bugzilla.suse.com/1202984
https://bugzilla.suse.com/1203063
https://bugzilla.suse.com/1203098
https://bugzilla.suse.com/1203107
https://bugzilla.suse.com/1203117
https://bugzilla.suse.com/1203135
https://bugzilla.suse.com/1203136
https://bugzilla.suse.com/1203137
https://bugzilla.suse.com/1203159
https://bugzilla.suse.com/1203290
https://bugzilla.suse.com/1203389
https://bugzilla.suse.com/1203410
https://bugzilla.suse.com/1203424
https://bugzilla.suse.com/1203514
https://bugzilla.suse.com/1203552
https://bugzilla.suse.com/1203622
https://bugzilla.suse.com/1203737
https://bugzilla.suse.com/1203769
https://bugzilla.suse.com/1203770
https://bugzilla.suse.com/1203802
https://bugzilla.suse.com/1203906
https://bugzilla.suse.com/1203909
https://bugzilla.suse.com/1203935
https://bugzilla.suse.com/1203939
https://bugzilla.suse.com/1203987
https://bugzilla.suse.com/1203992
https://bugzilla.suse.com/1204051
https://bugzilla.suse.com/1204059
https://bugzilla.suse.com/1204060
https://bugzilla.suse.com/1204125
1
0
openSUSE-SU-2022:10180-1: important: Security update for chromium
by opensuse-security@opensuse.org 31 Oct '22
by opensuse-security@opensuse.org 31 Oct '22
31 Oct '22
openSUSE Security Update: Security update for chromium
______________________________________________________________________________
Announcement ID: openSUSE-SU-2022:10180-1
Rating: important
References: #1204732 #1204819
Cross-References: CVE-2022-3652 CVE-2022-3653 CVE-2022-3654
CVE-2022-3655 CVE-2022-3656 CVE-2022-3657
CVE-2022-3658 CVE-2022-3659 CVE-2022-3660
CVE-2022-3661 CVE-2022-3723
Affected Products:
openSUSE Backports SLE-15-SP4
______________________________________________________________________________
An update that fixes 11 vulnerabilities is now available.
Description:
This update for chromium fixes the following issues:
Chromium 107.0.5304.87 (boo#1204819)
* CVE-2022-3723: Type Confusion in V8
Chromium 107.0.5304.68 (boo#1204732)
* CVE-2022-3652: Type Confusion in V8
* CVE-2022-3653: Heap buffer overflow in Vulkan
* CVE-2022-3654: Use after free in Layout
* CVE-2022-3655: Heap buffer overflow in Media Galleries
* CVE-2022-3656: Insufficient data validation in File System
* CVE-2022-3657: Use after free in Extensions
* CVE-2022-3658: Use after free in Feedback service on Chrome OS
* CVE-2022-3659: Use after free in Accessibility
* CVE-2022-3660: Inappropriate implementation in Full screen mode
* CVE-2022-3661: Insufficient data validation in Extensions
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP4:
zypper in -t patch openSUSE-2022-10180=1
Package List:
- openSUSE Backports SLE-15-SP4 (aarch64 x86_64):
chromedriver-107.0.5304.87-bp154.2.40.1
chromedriver-debuginfo-107.0.5304.87-bp154.2.40.1
chromium-107.0.5304.87-bp154.2.40.1
chromium-debuginfo-107.0.5304.87-bp154.2.40.1
References:
https://www.suse.com/security/cve/CVE-2022-3652.html
https://www.suse.com/security/cve/CVE-2022-3653.html
https://www.suse.com/security/cve/CVE-2022-3654.html
https://www.suse.com/security/cve/CVE-2022-3655.html
https://www.suse.com/security/cve/CVE-2022-3656.html
https://www.suse.com/security/cve/CVE-2022-3657.html
https://www.suse.com/security/cve/CVE-2022-3658.html
https://www.suse.com/security/cve/CVE-2022-3659.html
https://www.suse.com/security/cve/CVE-2022-3660.html
https://www.suse.com/security/cve/CVE-2022-3661.html
https://www.suse.com/security/cve/CVE-2022-3723.html
https://bugzilla.suse.com/1204732
https://bugzilla.suse.com/1204819
1
0