March 2022 - openSUSE Security Announce

openSUSE-SU-2022:0056-1: important: Security update for the Linux Kernel
by opensuse-security＠opensuse.org 01 Mar '22

01 Mar '22

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0056-1 Rating: important References: #1139944 #1151927 #1152489 #1153275 #1154353 #1154355 #1161907 #1164565 #1166780 #1169514 #1176242 #1176447 #1176536 #1176544 #1176545 #1176546 #1176548 #1176558 #1176559 #1176774 #1176940 #1176956 #1177440 #1178134 #1178270 #1179211 #1179424 #1179426 #1179427 #1179599 #1181148 #1181507 #1181710 #1182404 #1183534 #1183540 #1183897 #1184318 #1185726 #1185902 #1186332 #1187541 #1189126 #1189158 #1191793 #1191876 #1192267 #1192320 #1192507 #1192511 #1192569 #1192606 #1192691 #1192845 #1192847 #1192874 #1192877 #1192946 #1192969 #1192987 #1192990 #1192998 #1193002 #1193042 #1193139 #1193169 #1193306 #1193318 #1193349 #1193440 #1193442 #1193655 #1193993 #1194087 #1194094 #1194175 #1194176 #1194177 #1194266 Cross-References: CVE-2020-24504 CVE-2020-27820 CVE-2021-28711 CVE-2021-28712 CVE-2021-28713 CVE-2021-28714 CVE-2021-28715 CVE-2021-33098 CVE-2021-4001 CVE-2021-4002 CVE-2021-43975 CVE-2021-43976 CVE-2021-45485 CVE-2021-45486 CVE-2022-23096 CVE-2022-23097 CVE-2022-23098 CVSS scores: CVE-2020-24504 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2020-24504 (SUSE): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2020-27820 (SUSE): 3.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L CVE-2021-28711 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-28711 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-28712 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-28712 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-28713 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-28713 (SUSE): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-28714 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-28714 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-28715 (NVD) : 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2021-28715 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-33098 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-33098 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-4001 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-4002 (SUSE): 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2021-43975 (SUSE): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-43976 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2021-45485 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-45485 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2021-45486 (NVD) : 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-45486 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-23096 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2022-23096 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2022-23097 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2022-23097 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2022-23098 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-23098 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Backports SLE-15-SP3 openSUSE Leap 15.3 ______________________________________________________________________________ An update that solves 17 vulnerabilities and has 62 fixes is now available. Description: The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2021-45485: Fixed an information leak because of certain use of a hash table which use IPv6 source addresses. (bsc#1194094) - CVE-2021-45486: Fixed an information leak because the hash table is very small in net/ipv4/route.c. (bnc#1194087). - CVE-2021-4001: Fixed a race condition when the EBPF map is frozen. (bsc#1192990) - CVE-2021-28715: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by do not queueing unlimited number of packages. (bsc#1193442) - CVE-2021-28714: Fixed an issue where a guest could force Linux netback driver to hog large amounts of kernel memory by fixing rx queue stall detection. (bsc#1193442) - CVE-2021-28713: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening hvc_xen against event channel storms. (bsc#1193440) - CVE-2021-28712: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening netfront against event channel storms. (bsc#1193440) - CVE-2021-28711: Fixed a rogue backends that could cause DoS of guests via high frequency events by hardening blkfront against event channel storms. (bsc#1193440) - CVE-2020-24504: Fixed an uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers that may have allowed an authenticated user to potentially enable denial of service via local access. (bnc#1182404) - CVE-2021-43975: Fixed a flaw in hw_atl_utils_fw_rpc_wait that could allow an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. (bnc#1192845) - CVE-2021-43976: Fixed a flaw that could allow an attacker (who can connect a crafted USB device) to cause a denial of service. (bnc#1192847) - CVE-2021-4002: Added a missing TLB flush that could lead to leak or corruption of data in hugetlbfs. (bsc#1192946) - CVE-2020-27820: Fixed a vulnerability where a use-after-frees in nouveau's postclose() handler could happen if removing device. (bnc#1179599) - CVE-2021-33098: Fixed a potential denial of service in Intel(R) Ethernet ixgbe driver due to improper input validation. (bnc#1192877) The following non-security bugs were fixed: - ACPI: battery: Accept charges over the design capacity as full (git-fixes). - ACPI: PMIC: Fix intel_pmic_regs_handler() read accesses (git-fixes). - ACPICA: Avoid evaluating methods too early during system resume (git-fixes). - ALSA: ctxfi: Fix out-of-range access (git-fixes). - ALSA: gus: fix null pointer dereference on pointer block (git-fixes). - ALSA: hda: hdac_ext_stream: fix potential locking issues (git-fixes). - ALSA: hda: hdac_stream: fix potential locking issue in snd_hdac_stream_assign() (git-fixes). - ALSA: hda/realtek: Add a quirk for Acer Spin SP513-54N (git-fixes). - ALSA: hda/realtek: Add quirk for ASUS UX550VE (git-fixes). - ALSA: hda/realtek: Add quirk for Clevo PC70HS (git-fixes). - ALSA: hda/realtek: Add quirk for HP EliteBook 840 G7 mute LED (git-fixes). - ALSA: ISA: not for M68K (git-fixes). - ALSA: synth: missing check for possible NULL after the call to kstrdup (git-fixes). - ALSA: timer: Fix use-after-free problem (git-fixes). - ALSA: timer: Unconditionally unlink slave instances, too (git-fixes). - ALSA: usb-audio: Add registration quirk for JBL Quantum 400 (git-fixes). - ARM: 8970/1: decompressor: increase tag size (git-fixes). - ARM: 8974/1: use SPARSMEM_STATIC when SPARSEMEM is enabled (git-fixes) - ARM: 8986/1: hw_breakpoint: Do not invoke overflow handler on uaccess watchpoints (git-fixes) - ARM: 9007/1: l2c: fix prefetch bits init in L2X0_AUX_CTRL using DT (git-fixes) - ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe (git-fixes) - ARM: 9046/1: decompressor: Do not clear SCTLR.nTLSMD for ARMv7+ cores (git-fixes) - ARM: 9064/1: hw_breakpoint: Do not directly check the event's (git-fixes) - ARM: 9071/1: uprobes: Do not hook on thumb instructions (git-fixes) - ARM: 9081/1: fix gcc-10 thumb2-kernel regression (git-fixes) - ARM: 9091/1: Revert "mm: qsd8x50: Fix incorrect permission faults" (git-fixes) - ARM: 9133/1: mm: proc-macros: ensure *_tlb_fns are 4B aligned (git-fixes) - ARM: 9134/1: remove duplicate memcpy() definition (git-fixes) - ARM: 9139/1: kprobes: fix arch_init_kprobes() prototype (git-fixes) - ARM: 9141/1: only warn about XIP address when not compile testing (git-fixes) - ARM: 9155/1: fix early early_iounmap() (git-fixes) - ARM: at91: pm: add missing put_device() call in at91_pm_sram_init() (git-fixes) - ARM: at91: pm: of_node_put() after its usage (git-fixes) - ARM: at91: pm: use proper master clock register offset (git-fixes) - ARM: bcm: Select ARM_TIMER_SP804 for ARCH_BCM_NSP (git-fixes) - ARM: dts sunxi: Relax a bit the CMA pool allocation range (git-fixes) - ARM: dts: am335x-pocketbeagle: Fix mmc0 Write Protect (git-fixes) - ARM: dts: am335x: align ti,pindir-d0-out-d1-in property with dt-shema (git-fixes) - ARM: dts: am437x-idk-evm: Fix incorrect OPP node names (git-fixes) - ARM: dts: am437x-l4: fix typo in can@0 node (git-fixes) - ARM: dts: armada-38x: fix NETA lockup when repeatedly switching speeds (git-fixes) - ARM: dts: armada388-helios4: assign pinctrl to each fan (git-fixes) - ARM: dts: armada388-helios4: assign pinctrl to LEDs (git-fixes) - ARM: dts: aspeed: s2600wf: Fix VGA memory region location (git-fixes) - ARM: dts: aspeed: tiogapass: Remove vuart (git-fixes) - ARM: dts: at91-sama5d27_som1: fix phy address to 7 (git-fixes) - ARM: dts: at91: add pinctrl-{names, 0} for all gpios (git-fixes) - ARM: dts: at91: at91sam9rl: fix ADC triggers (git-fixes) - ARM: dts: at91: sama5d2_ptc_ek: fix sdmmc0 node description (git-fixes) - ARM: dts: at91: sama5d2_ptc_ek: fix vbus pin (git-fixes) - ARM: dts: at91: sama5d2_xplained: classd: pull-down the R1 and R3 lines (git-fixes) - ARM: dts: at91: sama5d2: fix CAN message ram offset and size (git-fixes) - ARM: dts: at91: sama5d2: map securam as device (git-fixes) - ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host (git-fixes) - ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host (git-fixes) - ARM: dts: at91: sama5d4: fix pinctrl muxing (git-fixes) - ARM: dts: at91: tse850: the emaclt;->phy interface is rmii (git-fixes) - ARM: dts: bcm: HR2: Fix PPI interrupt types (git-fixes) - ARM: dts: bcm: HR2: Fixed QSPI compatible string (git-fixes) - ARM: dts: bcm2835-rpi-zero-w: Fix led polarity (git-fixes) - ARM: dts: BCM5301X: Add interrupt properties to GPIO node (git-fixes) - ARM: dts: BCM5301X: Fix I2C controller interrupt (git-fixes) - ARM: dts: BCM5301X: Fixed QSPI compatible string (git-fixes) - ARM: dts: colibri-imx6ull: limit SDIO clock to 25MHz (git-fixes) - ARM: dts: Configure missing thermal interrupt for 4430 (git-fixes) - ARM: dts: dra76x: Fix mmc3 max-frequency (git-fixes) - ARM: dts: dra76x: m_can: fix order of clocks (git-fixes) - ARM: dts: dra7xx-clocks: Fixup IPU1 mux clock parent source (git-fixes) - ARM: dts: exynos: correct fuel gauge interrupt trigger level on Midas (git-fixes) - ARM: dts: exynos: correct MUIC interrupt trigger level on Midas (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Arndale (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Artik 5 (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Midas (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Monk (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid XU3 (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Rinato (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250 (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Snow (git-fixes) - ARM: dts: exynos: correct PMIC interrupt trigger level on Spring (git-fixes) - ARM: dts: exynos: Fix GPIO polarity for thr GalaxyS3 CM36651 sensor's bus (git-fixes) - ARM: dts: exynos: fix PWM LED max brightness on Odroid HC1 (git-fixes) - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU/XU3 (git-fixes) - ARM: dts: exynos: fix PWM LED max brightness on Odroid XU4 (git-fixes) - ARM: dts: exynos: fix roles of USB 3.0 ports on Odroid XU (git-fixes) - ARM: dts: exynos: fix USB 3.0 pins supply being turned off on Odroid (git-fixes) - ARM: dts: exynos: fix USB 3.0 VBUS control and over-current pins on (git-fixes) - ARM: dts: Fix dcan driver probe failed on am437x platform (git-fixes) - ARM: dts: Fix duovero smsc interrupt for suspend (git-fixes) - ARM: dts: gemini-rut1xx: remove duplicate ethernet node (git-fixes) - ARM: dts: gose: Fix ports node name for adv7180 (git-fixes) - ARM: dts: gose: Fix ports node name for adv7612 (git-fixes) - ARM: dts: imx: emcon-avari: Fix nxp,pca8574 #gpio-cells (git-fixes) - ARM: dts: imx: Fix USB host power regulator polarity on M53Menlo (git-fixes) - ARM: dts: imx: Swap M53Menlo pinctrl_power_button/pinctrl_power_out (git-fixes) - ARM: dts: imx27-phytec-phycard-s-rdk: Fix the I2C1 pinctrl entries (git-fixes) - ARM: dts: imx50-evk: Fix the chip select 1 IOMUX (git-fixes) - ARM: dts: imx6: pbab01: Set vmmc supply for both SD interfaces (git-fixes) - ARM: dts: imx6: phycore-som: fix arm and soc minimum voltage (git-fixes) - ARM: dts: imx6: phycore-som: fix emmc supply (git-fixes) - ARM: dts: imx6: Use gpc for FEC interrupt controller to fix wake on LAN (git-fixes) - ARM: dts: imx6dl-colibri-eval-v3: fix sram compatible properties (git-fixes). - ARM: dts: imx6dl-yapp4: Fix RGMII connection to QCA8334 switch (git-fixes) - ARM: dts: imx6dl-yapp4: Fix Ursa board Ethernet connection (git-fixes) - ARM: dts: imx6q-dhcom: Add gpios pinctrl for i2c bus recovery (git-fixes) - ARM: dts: imx6q-dhcom: Add PU,VDD1P1,VDD2P5 regulators (git-fixes) - ARM: dts: imx6q-dhcom: Fix ethernet plugin detection problems (git-fixes) - ARM: dts: imx6q-dhcom: Fix ethernet reset time properties (git-fixes) - ARM: dts: imx6qdl-gw52xx: fix duplicate regulator naming (git-fixes) - ARM: dts: imx6qdl-gw551x: Do not use 'simple-audio-card,dai-link' (git-fixes) - ARM: dts: imx6qdl-gw551x: fix audio SSI (git-fixes) - ARM: dts: imx6qdl-icore: Fix OTG_ID pin and sdcard detect (git-fixes) - ARM: dts: imx6qdl-kontron-samx6i: fix i2c_lcd/cam default status (git-fixes) - ARM: dts: imx6qdl-kontron-samx6i: fix I2C_PM scl pin (git-fixes) - ARM: dts: imx6qdl-sr-som: Increase the PHY reset duration to 10ms (git-fixes) - ARM: dts: imx6qdl-udoo: fix rgmii phy-mode for ksz9031 phy (git-fixes) - ARM: dts: imx6sl: fix rng node (git-fixes) - ARM: dts: imx6sx-sabreauto: Fix the phy-mode on fec2 (git-fixes) - ARM: dts: imx6sx-sdb: Fix the phy-mode on fec2 (git-fixes) - ARM: dts: imx6sx: Add missing UART RTS/CTS pins mux (git-fixes) - ARM: dts: imx6sx: fix the pad QSPI1B_SCLK mux mode for uart3 (git-fixes) - ARM: dts: imx6sx: Improve UART pins macro defines (git-fixes) - ARM: dts: imx7-colibri: Fix frequency for sd/mmc (git-fixes) - ARM: dts: imx7-colibri: fix muxing of usbc_det pin (git-fixes) - ARM: dts: imx7-colibri: prepare module device tree for FlexCAN (git-fixes) - ARM: dts: imx7d-meerkat96: Fix the 'tuning-step' property (git-fixes) - ARM: dts: imx7d-pico: Fix the 'tuning-step' property (git-fixes) - ARM: dts: imx7d: Correct speed grading fuse settings (git-fixes) - ARM: dts: imx7d: fix opp-supported-hw (git-fixes) - ARM: dts: imx7ulp: Correct gpio ranges (git-fixes) - ARM: dts: logicpd-som-lv-baseboard: Fix broken audio (git-fixes) - ARM: dts: logicpd-som-lv-baseboard: Fix missing video (git-fixes) - ARM: dts: logicpd-torpedo-baseboard: Fix broken audio (git-fixes) - ARM: dts: lpc32xx: Revert set default clock rate of HCLK PLL (git-fixes) - ARM: dts: ls1021a: fix QuadSPI-memory reg range (git-fixes) - ARM: dts: ls1021a: Restore MDIO compatible to gianfar (git-fixes) - ARM: dts: meson: fix PHY deassert timing requirements (git-fixes) - ARM: dts: meson8: remove two invalid interrupt lines from the GPU (git-fixes) - ARM: dts: meson8: Use a higher default GPU clock frequency (git-fixes) - ARM: dts: meson8b: ec100: Fix the pwm regulator supply properties (git-fixes) - ARM: dts: meson8b: mxq: Fix the pwm regulator supply properties (git-fixes) - ARM: dts: meson8b: odroidc1: Fix the pwm regulator supply properties (git-fixes) - ARM: dts: mt7623: add missing pause for switchport (git-fixes) - ARM: dts: N900: fix onenand timings (git-fixes). - ARM: dts: NSP: Correct FA2 mailbox node (git-fixes) - ARM: dts: NSP: Disable PL330 by default, add dma-coherent property (git-fixes) - ARM: dts: NSP: Fixed QSPI compatible string (git-fixes) - ARM: dts: omap3-gta04a4: accelerometer irq fix (git-fixes) - ARM: dts: omap3430-sdp: Fix NAND device node (git-fixes) - ARM: dts: owl-s500: Fix incorrect PPI interrupt specifiers (git-fixes) - ARM: dts: oxnas: Fix clear-mask property (git-fixes) - ARM: dts: pandaboard: fix pinmux for gpio user button of Pandaboard (git-fixes) - ARM: dts: qcom: apq8064: Use 27MHz PXO clock as DSI PLL reference (git-fixes) - ARM: dts: qcom: msm8974: Add xo_board reference clock to DSI0 PHY (git-fixes) - ARM: dts: r7s9210: Remove bogus clock-names from OSTM nodes (git-fixes) - ARM: dts: r8a73a4: Add missing CMT1 interrupts (git-fixes) - ARM: dts: r8a7740: Add missing extal2 to CPG node (git-fixes) - ARM: dts: r8a7779, marzen: Fix DU clock names (git-fixes) - ARM: dts: Remove non-existent i2c1 from 98dx3236 (git-fixes) - ARM: dts: renesas: Fix IOMMU device node names (git-fixes) - ARM: dts: s5pv210: Set keep-power-in-suspend for SDHCI1 on Aries (git-fixes) - ARM: dts: socfpga: Align L2 cache-controller nodename with dtschema (git-fixes) - ARM: dts: socfpga: fix register entry for timer3 on Arria10 (git-fixes) - ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32f429 (git-fixes) - ARM: dts: stm32: fix a typo for DAC io-channel-cells on stm32h743 (git-fixes) - ARM: dts: sun6i: a31-hummingbird: Enable RGMII RX/TX delay on (git-fixes) - ARM: dts: sun7i: a20: bananapro: Fix ethernet phy-mode (git-fixes) - ARM: dts: sun7i: bananapi-m1-plus: Enable RGMII RX/TX delay on (git-fixes) - ARM: dts: sun7i: bananapi: Enable RGMII RX/TX delay on Ethernet PHY (git-fixes) - ARM: dts: sun7i: cubietruck: Enable RGMII RX/TX delay on Ethernet PHY (git-fixes) - ARM: dts: sun7i: pcduino3-nano: enable RGMII RX/TX delay on PHY (git-fixes) - ARM: dts: sun8i-a83t-tbs-a711: Fix USB OTG mode detection (git-fixes) - ARM: dts: sun8i-h2-plus-bananapi-m2-zero: Fix led polarity (git-fixes) - ARM: dts: sun8i: a83t: Enable both RGMII RX/TX delay on Ethernet PHY (git-fixes) - ARM: dts: sun8i: h3: orangepi-plus2e: Enable RGMII RX/TX delay on (git-fixes) - ARM: dts: sun8i: r40: bananapi-m2-berry: Fix dcdc1 regulator (git-fixes) - ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix dcdc1 regulator (git-fixes) - ARM: dts: sun8i: r40: bananapi-m2-ultra: Fix ethernet node (git-fixes) - ARM: dts: sun8i: r40: Move AHCI device node based on address order (git-fixes) - ARM: dts: sun8i: v3s: fix GIC node memory range (git-fixes) - ARM: dts: sun8i: v40: bananapi-m2-berry: Fix ethernet node (git-fixes) - ARM: dts: sun9i: Enable both RGMII RX/TX delay on Ethernet PHY (git-fixes) - ARM: dts: sunxi: bananapi-m2-plus-v1.2: Fix CPU supply voltages (git-fixes) - ARM: dts: sunxi: bananapi-m2-plus: Enable RGMII RX/TX delay on (git-fixes) - ARM: dts: sunxi: Fix DE2 clocks register range (git-fixes) - ARM: dts: turris-omnia: add comphy handle to eth2 (git-fixes) - ARM: dts: turris-omnia: add SFP node (git-fixes) - ARM: dts: turris-omnia: configure LED[2]/INTn pin as interrupt pin (git-fixes) - ARM: dts: turris-omnia: describe switch interrupt (git-fixes) - ARM: dts: turris-omnia: enable HW buffer management (git-fixes) - ARM: dts: turris-omnia: fix hardware buffer management (git-fixes) - ARM: dts: uniphier: Change phy-mode to RGMII-ID to enable delay pins (git-fixes) - ARM: dts: uniphier: Set SCSSI clock and reset IDs for each channel (git-fixes). - ARM: dts: vf610-zii-dev-rev-b: Remove #address-cells and #size-cells (git-fixes) - ARM: dts: vfxxx: Add syscon compatible with OCOTP (git-fixes) - ARM: exynos: add missing of_node_put for loop iteration (git-fixes) - ARM: exynos: MCPM: Restore big.LITTLE cpuidle support (git-fixes) - ARM: footbridge: fix PCI interrupt mapping (git-fixes) - ARM: imx: add missing clk_disable_unprepare() (git-fixes) - ARM: imx: add missing iounmap() (git-fixes) - ARM: imx: build suspend-imx6.S with arm instruction set (git-fixes) - ARM: imx: fix missing 3rd argument in macro imx_mmdc_perf_init (git-fixes) - ARM: imx5: add missing put_device() call in imx_suspend_alloc_ocram() (git-fixes) - ARM: imx6: disable the GIC CPU interface before calling stby-poweroff (git-fixes) - ARM: mvebu: drop pointless check for coherency_base (git-fixes) - ARM: OMAP2+: Fix legacy mode dss_reset (git-fixes) - ARM: OMAP2+: omap_device: fix idling of devices during probe (git-fixes) - ARM: OMAP2+: pm33xx-core: Make am43xx_get_rtc_base_addr static (git-fixes) - ARM: p2v: fix handling of LPAE translation in BE mode (git-fixes) - ARM: s3c: irq-s3c24xx: Fix return value check for s3c24xx_init_intc() (git-fixes) - ARM: s3c24xx: fix missing system reset (git-fixes) - ARM: s3c24xx: fix mmc gpio lookup tables (git-fixes) - ARM: samsung: do not build plat/pm-common for Exynos (git-fixes) - ARM: samsung: fix PM debug build with DEBUG_LL but !MMU (git-fixes) - ARM: socfpga: PM: add missing put_device() call in socfpga_setup_ocram_self_refresh() (git-fixes) - ASoC: DAPM: Cover regression by kctl change notification fix (git-fixes). - ASoC: nau8824: Add DMI quirk mechanism for active-high jack-detect (git-fixes). - ASoC: qdsp6: q6routing: Conditionally reset FrontEnd Mixer (git-fixes). - ASoC: SOF: Intel: hda-dai: fix potential locking issue (git-fixes). - ASoC: topology: Add missing rwsem around snd_ctl_remove() calls (git-fixes). - ath: dfs_pattern_detector: Fix possible null-pointer dereference in channel_detector_create() (git-fixes). - ath10k: fix invalid dma_addr_t token assignment (git-fixes). - ath10k: high latency fixes for beacon buffer (git-fixes). - bfq: Limit number of requests consumed by each cgroup (bsc#1184318). - bfq: Store full bitmap depth in bfq_data (bsc#1184318). - bfq: Track number of allocated requests in bfq_entity (bsc#1184318). - block: Fix use-after-free issue accessing struct io_cq (bsc#1193042). - block: Provide blk_mq_sched_get_icq() (bsc#1184318). - Bluetooth: Add additional Bluetooth part for Realtek 8852AE (bsc#1193655). - Bluetooth: btrtl: Refine the ic_id_table for clearer and more regular (bsc#1193655). - Bluetooth: btusb: Add another Bluetooth part for Realtek 8852AE (bsc#1193655). - Bluetooth: btusb: Add the more support IDs for Realtek RTL8822CE (bsc#1193655). - Bluetooth: btusb: Add the new support ID for Realtek RTL8852A (bsc#1193655). - Bluetooth: btusb: btrtl: Add support for RTL8852A (bsc#1193655). - Bluetooth: fix use-after-free error in lock_sock_nested() (git-fixes). - bnxt_en: reject indirect blk offload when hw-tc-offload is off (jsc#SLE-8372 bsc#1153275). - bonding: Fix a use-after-free problem when bond_sysfs_slave_add() failed (git-fixes). - bpf, arm: Fix register clobbering in div/mod implementation (git-fixes) - bpf, s390: Fix potential memory leak about jit_data (git-fixes). - bpf, x86: Fix "no previous prototype" warning (git-fixes). - brcmfmac: Add DMI nvram filename quirk for Cyberbook T116 tablet (git-fixes). - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums (bsc#1193002). - btrfs: fix fsync failure and transaction abort after writes to prealloc extents (bsc#1193002). - btrfs: fix lost inode on log replay after mix of fsync, rename and inode eviction (bsc#1192998). - btrfs: fix race causing unnecessary inode logging during link and rename (bsc#1192998). - btrfs: make checksum item extension more efficient (bsc#1193002). - cfg80211: call cfg80211_stop_ap when switch from P2P_GO type (git-fixes). - cifs: add a debug macro that prints \\server\share for errors (bsc#1164565). - cifs: add a function to get a cached dir based on its dentry (bsc#1192606). - cifs: add a helper to find an existing readable handle to a file (bsc#1154355). - cifs: add a timestamp to track when the lease of the cached dir was taken (bsc#1192606). - cifs: add an smb3_fs_context to cifs_sb (bsc#1192606). - cifs: add FALLOC_FL_INSERT_RANGE support (bsc#1192606). - cifs: add files to host new mount api (bsc#1192606). - cifs: add fs_context param to parsing helpers (bsc#1192606). - cifs: Add get_security_type_str function to return sec type (bsc#1192606). - cifs: add initial reconfigure support (bsc#1192606). - cifs: add missing mount option to /proc/mounts (bsc#1164565). - cifs: add missing parsing of backupuid (bsc#1192606). - cifs: Add missing sentinel to smb3_fs_parameters (bsc#1192606). - cifs: add mount parameter tcpnodelay (bsc#1192606). - cifs: add multichannel mount options and data structs (bsc#1192606). - cifs: add new debugging macro cifs_server_dbg (bsc#1164565). - cifs: Add new mount parameter "acdirmax" to allow caching directory metadata (bsc#1192606). - cifs: Add new parameter "acregmax" for distinct file and directory metadata timeout (bsc#1192606). - cifs: add NULL check for ses->tcon_ipc (bsc#1178270). - cifs: add passthrough for smb2 setinfo (bsc#1164565). - cifs: add server param (bsc#1192606). - cifs: add shutdown support (bsc#1192606). - cifs: add smb2 POSIX info level (bsc#1164565). - cifs: add SMB2_open() arg to return POSIX data (bsc#1164565). - cifs: add SMB3 change notification support (bsc#1164565). - cifs: add support for FALLOC_FL_COLLAPSE_RANGE (bsc#1192606). - cifs: add support for fallocate mode 0 for non-sparse files (bsc#1164565). - cifs: add support for flock (bsc#1164565). - cifs: Add support for setting owner info, dos attributes, and create time (bsc#1164565). - cifs: Add tracepoints for errors on flush or fsync (bsc#1164565). - cifs: Add witness information to debug data dump (bsc#1192606). - cifs: add witness mount option and data structs (bsc#1192606). - cifs: added WARN_ON for all the count decrements (bsc#1192606). - cifs: Adjust indentation in smb2_open_file (bsc#1164565). - cifs: Adjust key sizes and key generation routines for AES256 encryption (bsc#1192606). - cifs: allocate buffer in the caller of build_path_from_dentry() (bsc#1192606). - cifs: Allocate crypto structures on the fly for calculating signatures of incoming packets (bsc#1192606). - cifs: Allocate encryption header through kmalloc (bsc#1192606). - cifs: allow chmod to set mode bits using special sid (bsc#1164565). - cifs: allow syscalls to be restarted in __smb_send_rqst() (bsc#1176956). - cifs: allow unlock flock and OFD lock across fork (bsc#1192606). - cifs: Always update signing key of first channel (bsc#1192606). - cifs: ask for more credit on async read/write code paths (bsc#1192606). - cifs: Assign boolean values to a bool variable (bsc#1192606). - cifs: Avoid doing network I/O while holding cache lock (bsc#1164565). - cifs: Avoid error pointer dereference (bsc#1192606). - cifs: avoid extra calls in posix_info_parse (bsc#1192606). - cifs: Avoid field over-reading memcpy() (bsc#1192606). - cifs: avoid starvation when refreshing dfs cache (bsc#1185902). - cifs: avoid using MID 0xFFFF (bnc#1151927 5.3.8). - cifs: call wake_up(server->response_q) inside of cifs_reconnect() (bsc#1164565). - cifs: change confusing field serverName (to ip_addr) (bsc#1192606). - cifs: change format of CIFS_FULL_KEY_DUMP ioctl (bsc#1192606). - cifs: change noisy error message to FYI (bsc#1181507). - cifs: Change SIDs in ACEs while transferring file ownership (bsc#1192606). - cifs: check all path components in resolved dfs target (bsc#1181710). - cifs: check new file size when extending file by fallocate (bsc#1192606). - cifs: check pointer before freeing (bsc#1183534). - cifs: check the timestamp for the cached dirent when deciding on revalidate (bsc#1192606). - cifs: cifs_md4 convert to SPDX identifier (bsc#1192606). - cifs: cifspdu.h: Replace one-element array with flexible-array member (bsc#1192606). - cifs: cifspdu.h: Replace zero-length array with flexible-array member (bsc#1192606). - cifs: cifsssmb: remove redundant assignment to variable ret (bsc#1164565). - cifs: clarify comment about timestamp granularity for old servers (bsc#1192606). - cifs: clarify hostname vs ip address in /proc/fs/cifs/DebugData (bsc#1192606). - cifs: Clarify SMB1 code for delete (bsc#1192606). - cifs: Clarify SMB1 code for POSIX Create (bsc#1192606). - cifs: Clarify SMB1 code for POSIX delete file (bsc#1192606). - cifs: Clarify SMB1 code for POSIX Lock (bsc#1192606). - cifs: Clarify SMB1 code for rename open file (bsc#1192606). - cifs: Clarify SMB1 code for SetFileSize (bsc#1192606). - cifs: clarify SMB1 code for UnixCreateHardLink (bsc#1192606). - cifs: Clarify SMB1 code for UnixCreateSymLink (bsc#1192606). - cifs: Clarify SMB1 code for UnixSetPathInfo (bsc#1192606). - cifs: Clean up DFS referral cache (bsc#1164565). - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (bsc#1192606). - cifs: cleanup misc.c (bsc#1192606). - cifs: clear PF_MEMALLOC before exiting demultiplex thread (bsc#1192606). - cifs: Close cached root handle only if it had a lease (bsc#1164565). - cifs: Close open handle after interrupted close (bsc#1164565). - cifs: close the shared root handle on tree disconnect (bsc#1164565). - cifs: compute full_path already in cifs_readdir() (bsc#1192606). - cifs: connect individual channel servers to primary channel server (bsc#1192606). - cifs: connect: style: Simplify bool comparison (bsc#1192606). - cifs: constify get_normalized_path() properly (bsc#1185902). - cifs: constify path argument of ->make_node() (bsc#1192606). - cifs: constify pathname arguments in a bunch of helpers (bsc#1192606). - cifs: Constify static struct genl_ops (bsc#1192606). - cifs: convert list_for_each to entry variant (bsc#1192606, jsc#SLE-20042). - cifs: convert list_for_each to entry variant in cifs_debug.c (bsc#1192606). - cifs: convert list_for_each to entry variant in smb2misc.c (bsc#1192606). - cifs: convert revalidate of directories to using directory metadata cache timeout (bsc#1192606). - cifs: convert to use be32_add_cpu() (bsc#1192606). - cifs: Convert to use the fallthrough macro (bsc#1192606). - cifs: correct comments explaining internal semaphore usage in the module (bsc#1192606). - cifs: correct four aliased mount parms to allow use of previous names (bsc#1192606). - cifs: create a helper function to parse the query-directory response buffer (bsc#1164565). - cifs: create a helper to find a writeable handle by path name (bsc#1154355). - cifs: create a MD4 module and switch cifs.ko to use it (bsc#1192606). - cifs: Create a new shared file holding smb2 pdu definitions (bsc#1192606). - cifs: create sd context must be a multiple of 8 (bsc#1192606). - cifs: Deal with some warnings from W=1 (bsc#1192606). - cifs: Delete a stray unlock in cifs_swn_reconnect() (bsc#1192606). - cifs: delete duplicated words in header files (bsc#1192606). - cifs: detect dead connections only when echoes are enabled (bsc#1192606). - cifs: Display local UID details for SMB sessions in DebugData (bsc#1192606). - cifs: do d_move in rename (bsc#1164565). - cifs: do not allow changing posix_paths during remount (bsc#1192606). - cifs: do not cargo-cult strndup() (bsc#1185902). - cifs: do not create a temp nls in cifs_setup_ipc (bsc#1192606). - cifs: do not disable noperm if multiuser mount option is not provided (bsc#1192606). - cifs: Do not display RDMA transport on reconnect (bsc#1164565). - cifs: do not duplicate fscache cookie for secondary channels (bsc#1192606). - cifs: do not fail __smb_send_rqst if non-fatal signals are pending (git-fixes). - cifs: do not ignore the SYNC flags in getattr (bsc#1164565). - cifs: do not leak -EAGAIN for stat() during reconnect (bsc#1164565). - cifs: Do not leak EDEADLK to dgetents64 for STATUS_USER_SESSION_DELETED (bsc#1192606). - cifs: Do not miss cancelled OPEN responses (bsc#1164565). - cifs: do not negotiate session if session already exists (bsc#1192606). - cifs: do not send close in compound create+close requests (bsc#1181507). - cifs: do not send tree disconnect to ipc shares (bsc#1185902). - cifs: do not set ->i_mode of something we had not created (bsc#1192606). - cifs: do not share tcons with DFS (bsc#1178270). - cifs: do not share tcp servers with dfs mounts (bsc#1185902). - cifs: do not share tcp sessions of dfs connections (bsc#1185902). - cifs: do not use 'pre:' for MODULE_SOFTDEP (bsc#1164565). - cifs: Do not use iov_iter::type directly (bsc#1192606). - cifs: Do not use the original cruid when following DFS links for multiuser mounts (bsc#1192606). - cifs: document and cleanup dfs mount (bsc#1178270). - cifs: dump channel info in DebugData (bsc#1192606). - cifs: dump Security Type info in DebugData (bsc#1192606). - cifs: dump the session id and keys also for SMB2 sessions (bsc#1192606). - cifs: enable change notification for SMB2.1 dialect (bsc#1164565). - cifs: enable extended stats by default (bsc#1192606). - cifs: Enable sticky bit with cifsacl mount option (bsc#1192606). - cifs: ensure correct super block for DFS reconnect (bsc#1178270). - cifs: escape spaces in share names (bsc#1192606). - cifs: export supported mount options via new mount_params /proc file (bsc#1192606). - cifs: fail i/o on soft mounts if sessionsetup errors out (bsc#1164565). - cifs: fiemap: do not return EINVAL if get nothing (bsc#1192606). - cifs: fix a comment for the timeouts when sending echos (bsc#1164565). - cifs: fix a memleak with modefromsid (bsc#1192606). - cifs: fix a sign extension bug (bsc#1192606). - cifs: fix a white space issue in cifs_get_inode_info() (bsc#1164565). - cifs: fix allocation size on newly created files (bsc#1192606). - cifs: Fix an error pointer dereference in cifs_mount() (bsc#1178270). - cifs: Fix atime update check vs mtime (bsc#1164565). - cifs: Fix bug which the return value by asynchronous read is error (bsc#1192606). - cifs: Fix cached_fid refcnt leak in open_shroot (bsc#1192606). - cifs: fix channel signing (bsc#1192606). - cifs: fix check of dfs interlinks (bsc#1185902). - cifs: fix check of tcon dfs in smb1 (bsc#1178270). - cifs: Fix chmod with modefromsid when an older ACE already exists (bsc#1192606). - cifs: fix chown and chgrp when idsfromsid mount option enabled (bsc#1192606). - cifs: Fix cifsacl ACE mask for group and others (bsc#1192606). - cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (bnc#1151927 5.3.10). - cifs: fix credit accounting for extra channel (bsc#1192606). - cifs: Fix data inconsistent when punch hole (bsc#1176544). - cifs: Fix data inconsistent when zero file range (bsc#1176536). - cifs: fix dereference on ses before it is null checked (bsc#1164565). - cifs: fix dfs domain referrals (bsc#1192606). - cifs: fix DFS failover (bsc#1192606). - cifs: fix DFS mount with cifsacl/modefromsid (bsc#1178270). - cifs: fix dfs-links (bsc#1192606). - cifs: fix doc warnings in cifs_dfs_ref.c (bsc#1192606). - cifs: Fix double add page to memcg when cifs_readpages (bsc#1192606). - cifs: fix double free error on share and prefix (bsc#1178270). - cifs: fix double-put on late allocation failure (bsc#1192606). - cifs: Fix fall-through warnings for Clang (bsc#1192606). - cifs: fix fallocate when trying to allocate a hole (bsc#1192606). - cifs: fix gcc warning in sid_to_id (bsc#1192606). - cifs: fix handling of escaped ',' in the password mount argument (bsc#1192606). - cifs: Fix in error types returned for out-of-credit situations (bsc#1192606). - cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211). - cifs: Fix inconsistent indenting (bsc#1192606). - cifs: Fix inconsistent IS_ERR and PTR_ERR (bsc#1192606). - cifs: fix incorrect check for null pointer in header_assemble (bsc#1192606). - cifs: fix incorrect kernel doc comments (bsc#1192606). - cifs: fix interrupted close commands (git-fixes). - cifs: fix ipv6 formating in cifs_ses_add_channel (bsc#1192606). - cifs: fix leak in cifs_smb3_do_mount() ctx (bsc#1192606). - cifs: Fix leak when handling lease break for cached root fid (bsc#1176242). - cifs: fix leaked reference on requeued write (bsc#1178270). - cifs: Fix lookup of root ses in DFS referral cache (bsc#1164565). - cifs: Fix lookup of SMB connections on multichannel (bsc#1192606). - cifs: fix max ea value size (bnc#1151927 5.3.4). - cifs: Fix memory allocation in __smb2_handle_cancelled_cmd() (bsc#1164565). - cifs: fix memory leak in smb2_copychunk_range (git-fixes). - cifs: fix memory leak of smb3_fs_context_dup::server_hostname (bsc#1192606). - cifs: fix minor typos in comments and log messages (bsc#1192606). - cifs: Fix missed free operations (bnc#1151927 5.3.8). - cifs: fix missing null session check in mount (bsc#1192606). - cifs: fix missing spinlock around update to ses->status (bsc#1192606). - cifs: fix misspellings using codespell tool (bsc#1192606). - cifs: fix mode bits from dir listing when mounted with modefromsid (bsc#1164565). - cifs: Fix mode output in debugging statements (bsc#1164565). - cifs: fix mount option display for sec=krb5i (bsc#1161907). - cifs: Fix mount options set in automount (bsc#1164565). - cifs: fix mounts to subdirectories of target (bsc#1192606). - cifs: fix nodfs mount option (bsc#1181710). - cifs: fix NULL dereference in match_prepath (bsc#1164565). - cifs: fix NULL dereference in smb2_check_message() (bsc#1192606). - cifs: Fix null pointer check in cifs_read (bsc#1192606). - cifs: Fix NULL pointer dereference in mid callback (bsc#1164565). - cifs: Fix NULL-pointer dereference in smb2_push_mandatory_locks (bnc#1151927 5.3.16). - cifs: Fix oplock handling for SMB 2.1+ protocols (bnc#1151927 5.3.4). - cifs: fix out-of-bound memory access when calling smb3_notify() at mount point (bsc#1192606). - cifs: fix path comparison and hash calc (bsc#1185902). - cifs: fix possible uninitialized access and race on iface_list (bsc#1192606). - cifs: Fix potential deadlock when updating vol in cifs_reconnect() (bsc#1164565). - cifs: fix potential mismatch of UNC paths (bsc#1164565). - cifs: Fix potential softlockups while refreshing DFS cache (bsc#1164565). - cifs: fix potential use-after-free bugs (bsc#1192606, jsc#SLE-20042). - cifs: fix potential use-after-free in cifs_echo_request() (bsc#1139944). - cifs: Fix preauth hash corruption (git-fixes). - cifs: fix print of hdr_flags in dfscache_proc_show() (bsc#1192606, jsc#SLE-20042). - cifs: fix reference leak for tlink (bsc#1192606). - cifs: fix regression when mounting shares with prefix paths (bsc#1192606). - cifs: fix rename() by ensuring source handle opened with DELETE bit (bsc#1164565). - cifs: Fix resource leak (bsc#1192606). - cifs: Fix retrieval of DFS referrals in cifs_mount() (bsc#1164565). - cifs: Fix retry mid list corruption on reconnects (bnc#1151927 5.3.10). - cifs: Fix return value in __update_cache_entry (bsc#1164565). - cifs: fix rsize/wsize to be negotiated values (bsc#1192606). - cifs: fix SMB1 error path in cifs_get_file_info_unix (bsc#1192606). - cifs: Fix SMB2 oplock break processing (bsc#1154355 bnc#1151927 5.3.16). - cifs: fix soft mounts hanging in the reconnect code (bsc#1164565). - cifs: fix soft mounts hanging in the reconnect code (bsc#1164565). - cifs: Fix some error pointers handling detected by static checker (bsc#1192606). - cifs: Fix spelling of 'security' (bsc#1192606). - cifs: fix string declarations and assignments in tracepoints (bsc#1192606). - cifs: Fix support for remount when not changing rsize/wsize (bsc#1192606). - cifs: Fix task struct use-after-free on reconnect (bsc#1164565). - cifs: fix the out of range assignment to bit fields in parse_server_interfaces (bsc#1192606). - cifs: Fix the target file was deleted when rename failed (bsc#1192606). - cifs: fix trivial typo (bsc#1192606). - cifs: fix uninitialised lease_key in open_shroot() (bsc#1178270). - cifs: fix uninitialized variable in smb3_fs_context_parse_param (bsc#1192606). - cifs: fix unitialized variable poential problem with network I/O cache lock patch (bsc#1164565). - cifs: Fix unix perm bits to cifsacl conversion for "other" bits (bsc#1192606). - cifs: fix unneeded null check (bsc#1192606). - cifs: fix use after free in cifs_smb3_do_mount() (bsc#1192606). - cifs: Fix use after free of file info structures (bnc#1151927 5.3.8). - cifs: Fix use-after-free bug in cifs_reconnect() (bsc#1164565). - cifs: fix wrong release in sess_alloc_buffer() failed path (bsc#1192606). - cifs: for compound requests, use open handle if possible (bsc#1192606). - cifs: Force reval dentry if LOOKUP_REVAL flag is set (bnc#1151927 5.3.7). - cifs: Force revalidate inode when dentry is stale (bnc#1151927 5.3.7). - cifs: fork arc4 and create a separate module for it for cifs and other users (bsc#1192606). - cifs: get mode bits from special sid on stat (bsc#1164565). - cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902). - cifs: get rid of cifs_sb->mountdata (bsc#1192606). - cifs: Get rid of kstrdup_const()'d paths (bsc#1164565). - cifs: get rid of unused parameter in reconn_setup_dfs_targets() (bsc#1178270). - cifs: Grab a reference for the dentry of the cached directory during the lifetime of the cache (bsc#1192606). - cifs: Gracefully handle QueryInfo errors during open (bnc#1151927 5.3.7). - cifs: handle -EINTR in cifs_setattr (bsc#1192606). - cifs: handle "guest" mount parameter (bsc#1192606). - cifs: handle "nolease" option for vers=1.0 (bsc#1192606). - cifs: handle different charsets in dfs cache (bsc#1185902). - cifs: handle empty list of targets in cifs_reconnect() (bsc#1178270). - cifs: handle ERRBaduid for SMB1 (bsc#1192606). - cifs: handle hostnames that resolve to same ip in failover (bsc#1178270). - cifs: handle prefix paths in reconnect (bsc#1164565). - cifs: handle reconnect of tcon when there is no cached dfs referral (bsc#1192606). - cifs: handle RESP_GET_DFS_REFERRAL.PathConsumed in reconnect (bsc#1178270). - cifs: Handle witness client move notification (bsc#1192606). - cifs: have ->mkdir() handle race with another client sanely (bsc#1192606). - cifs: have cifs_fattr_to_inode() refuse to change type on live inode (bsc#1192606). - cifs: Identify a connection by a conn_id (bsc#1192606). - cifs: If a corrupted DACL is returned by the server, bail out (bsc#1192606). - cifs: ignore auto and noauto options if given (bsc#1192606). - cifs: ignore cached share root handle closing errors (bsc#1166780). - cifs: improve fallocate emulation (bsc#1192606). - cifs: improve read performance for page size 64KB cache=strict vers=2.1+ (bsc#1192606). - cifs: In the new mount api we get the full devname as source= (bsc#1192606). - cifs: Increment num_remote_opens stats counter even in case of smb2_query_dir_first (bsc#1192606). - cifs: Initialize filesystem timestamp ranges (bsc#1164565). - cifs: introduce cifs_ses_mark_for_reconnect() helper (bsc#1192606). - cifs: introduce helper for finding referral server (bsc#1181710). - cifs: Introduce helpers for finding TCP connection (bsc#1164565). - cifs: introduce new helper for cifs_reconnect() (bsc#1192606, jsc#SLE-20042). - cifs: keep referral server sessions alive (bsc#1185902). - cifs: log mount errors using cifs_errorf() (bsc#1192606). - cifs: log warning message (once) if out of disk space (bsc#1164565). - cifs: make build_path_from_dentry() return const char * (bsc#1192606). - cifs: make const array static, makes object smaller (bsc#1192606). - cifs: Make extract_hostname function public (bsc#1192606). - cifs: Make extract_sharename function public (bsc#1192606). - cifs: make fs_context error logging wrapper (bsc#1192606). - cifs: make locking consistent around the server session status (bsc#1192606). - cifs: make multichannel warning more visible (bsc#1192606). - cifs: Make SMB2_notify_init static (bsc#1164565). - cifs: make sure we do not overflow the max EA buffer size (bsc#1164565). - cifs: make use of cap_unix(ses) in cifs_reconnect_tcon() (bsc#1164565). - cifs: map STATUS_ACCOUNT_LOCKED_OUT to -EACCES (bsc#1192606). - cifs: merge __{cifs,smb2}_reconnect[_tcon]() into cifs_tree_connect() (bsc#1178270). - cifs: Merge is_path_valid() into get_normalized_path() (bsc#1164565). - cifs: minor fix to two debug messages (bsc#1192606). - cifs: minor kernel style fixes for comments (bsc#1192606). - cifs: minor simplification to smb2_is_network_name_deleted (bsc#1192606). - cifs: minor update to comments around the cifs_tcp_ses_lock mutex (bsc#1192606). - cifs: minor updates to Kconfig (bsc#1192606). - cifs: misc: Use array_size() in if-statement controlling expression (bsc#1192606). - cifs: missed ref-counting smb session in find (bsc#1192606). - cifs: missing null check for newinode pointer (bsc#1192606). - cifs: missing null pointer check in cifs_mount (bsc#1185902). - cifs: modefromsid: make room for 4 ACE (bsc#1164565). - cifs: modefromsid: write mode ACE first (bsc#1164565). - cifs: move [brw]size from cifs_sb to cifs_sb->ctx (bsc#1192606). - cifs: move cache mount options to fs_context.ch (bsc#1192606). - cifs: move cifs_cleanup_volume_info[_content] to fs_context.c (bsc#1192606). - cifs: move cifs_parse_devname to fs_context.c (bsc#1192606). - cifs: move cifsFileInfo_put logic into a work-queue (bsc#1154355). - cifs: move debug print out of spinlock (bsc#1192606). - cifs: Move more definitions into the shared area (bsc#1192606). - cifs: move NEGOTIATE_PROTOCOL definitions out into the common area (bsc#1192606). - cifs: move security mount options into fs_context.ch (bsc#1192606). - cifs: move SMB FSCTL definitions to common code (bsc#1192606). - cifs: move smb version mount options into fs_context.c (bsc#1192606). - cifs: Move SMB2_Create definitions to the shared area (bsc#1192606). - cifs: move some variables off the stack in smb2_ioctl_query_info (bsc#1192606). - cifs: move the check for nohandlecache into open_shroot (bsc#1192606). - cifs: move the enum for cifs parameters into fs_context.h (bsc#1192606). - cifs: move update of flags into a separate function (bsc#1192606). - cifs: multichannel: always zero struct cifs_io_parms (bsc#1192606). - cifs: multichannel: move channel selection above transport layer (bsc#1192606). - cifs: multichannel: move channel selection in function (bsc#1192606). - cifs: multichannel: try to rebind when reconnecting a channel (bsc#1192606). - cifs: multichannel: use pointer for binding channel (bsc#1192606). - cifs: mute -Wunused-const-variable message (bnc#1151927 5.3.9). - cifs: New optype for session operations (bsc#1181507). - cifs: nosharesock should be set on new server (bsc#1192606). - cifs: nosharesock should not share socket with future sessions (bsc#1192606). - cifs: On cifs_reconnect, resolve the hostname again (bsc#1192606). - cifs: only update prefix path of DFS links in cifs_tree_connect() (bsc#1178270). - cifs: only write 64kb at a time when fallocating a small region of a file (bsc#1192606). - cifs: Optimize readdir on reparse points (bsc#1164565). - cifs: pass a path to open_shroot and check if it is the root or not (bsc#1192606). - cifs: pass the dentry instead of the inode down to the revalidation check functions (bsc#1192606). - cifs: plumb smb2 POSIX dir enumeration (bsc#1164565). - cifs: populate server_hostname for extra channels (bsc#1192606). - cifs: potential unintitliazed error code in cifs_getattr() (bsc#1164565). - cifs: prepare SMB2_Flush to be usable in compounds (bsc#1154355). - cifs: prepare SMB2_query_directory to be used with compounding (bsc#1164565). - cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902). - cifs: prevent truncation from long to int in wait_for_free_credits (bsc#1192606). - cifs: print MIDs in decimal notation (bsc#1181507). - cifs: Print the address and port we are connecting to in generic_ip_connect() (bsc#1192606). - cifs: print warning mounting with vers=1.0 (bsc#1164565). - cifs: properly invalidate cached root handle when closing it (bsc#1192606). - cifs: Properly process SMB3 lease breaks (bsc#1164565). - cifs: protect session channel fields with chan_lock (bsc#1192606). - cifs: protect srv_count with cifs_tcp_ses_lock (bsc#1192606). - cifs: protect updating server->dstaddr with a spinlock (bsc#1192606). - cifs: Re-indent cifs_swn_reconnect() (bsc#1192606). - cifs: reduce number of referral requests in DFS link lookups (bsc#1178270). - cifs: reduce stack use in smb2_compound_op (bsc#1192606). - cifs: refactor cifs_get_inode_info() (bsc#1164565). - cifs: refactor create_sd_buf() and and avoid corrupting the buffer (bsc#1192606). - cifs: Reformat DebugData and index connections by conn_id (bsc#1192606). - cifs: Register generic netlink family (bsc#1192606). Update configs with CONFIG_SWN_UPCALL unset. - cifs: release lock earlier in dequeue_mid error case (bsc#1192606). - cifs: remove [gu]id/backup[gu]id/file_mode/dir_mode from cifs_sb (bsc#1192606). - cifs: remove actimeo from cifs_sb (bsc#1192606). - cifs: remove bogus debug code (bsc#1179427). - cifs: remove ctx argument from cifs_setup_cifs_sb (bsc#1192606). - cifs: remove duplicated prototype (bsc#1192606). - cifs: remove old dead code (bsc#1192606). - cifs: remove pathname for file from SPDX header (bsc#1192606). - cifs: remove redundant assignment to pointer pneg_ctxt (bsc#1164565). - cifs: remove redundant assignment to variable rc (bsc#1164565). - cifs: remove redundant initialization of variable rc (bsc#1192606). - cifs: remove redundant initialization of variable rc (bsc#1192606). - cifs: Remove repeated struct declaration (bsc#1192606). - cifs: Remove set but not used variable 'capabilities' (bsc#1164565). - cifs: remove set but not used variable 'server' (bsc#1164565). - cifs: remove set but not used variables 'cinode' and 'netfid' (bsc#1164565). - cifs: remove set but not used variables (bsc#1164565). - cifs: remove some minor warnings pointed out by kernel test robot (bsc#1192606). - cifs: remove the devname argument to cifs_compose_mount_options (bsc#1192606). - cifs: remove the retry in cifs_poxis_lock_set (bsc#1192606). - cifs: Remove the superfluous break (bsc#1192606). - cifs: remove two cases where rc is set unnecessarily in sid_to_id (bsc#1192606). - cifs: remove unnecessary copies of tcon->crfid.fid (bsc#1192606). - cifs: Remove unnecessary struct declaration (bsc#1192606). - cifs: remove unneeded variable in smb3_fs_context_dup (bsc#1192606). - cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902). - cifs: remove unused variable 'server' (bsc#1192606). - cifs: remove unused variable 'sid_user' (bsc#1164565). - cifs: remove unused variable (bsc#1164565). - cifs: Remove useless variable (bsc#1192606). - cifs: remove various function description warnings (bsc#1192606). - cifs: rename a variable in SendReceive() (bsc#1164565). - cifs: rename cifs_common to smbfs_common (bsc#1192606). - cifs: rename dup_vol to smb3_fs_context_dup and move it into fs_context.c (bsc#1192606). - cifs: rename posix create rsp (bsc#1164565). - cifs: rename reconn_inval_dfs_target() (bsc#1178270). - cifs: rename smb_vol as smb3_fs_context and move it to fs_context.h (bsc#1192606). - cifs: rename the *_shroot* functions to *_cached_dir* (bsc#1192606). - cifs: report error instead of invalid when revalidating a dentry fails (bsc#1177440). - cifs: Respect O_SYNC and O_DIRECT flags during reconnect (bsc#1164565). - cifs: Retain old ACEs when converting between mode bits and ACL (bsc#1192606). - cifs: retry lookup and readdir when EAGAIN is returned (bsc#1192606). - cifs: return cached_fid from open_shroot (bsc#1192606). - cifs: Return correct error code from smb2_get_enc_key (git-fixes). - cifs: Return directly after a failed build_path_from_dentry() in cifs_do_create() (bsc#1164565). - cifs: return proper error code in statfs(2) (bsc#1181507). - cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426). - cifs: returning mount parm processing errors correctly (bsc#1192606). - cifs: revalidate mapping when we open files for SMB1 POSIX (bsc#1192606). - cifs: Send witness register and unregister commands to userspace daemon (bsc#1192606). - cifs: Send witness register messages to userspace daemon in echo task (bsc#1192606). - cifs: send workstation name during ntlmssp session setup (bsc#1192606). - cifs: set a minimum of 120s for next dns resolution (bsc#1192606). - cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902). - cifs: Set CIFS_MOUNT_USE_PREFIX_PATH flag on setting cifs_sb->prepath (bsc#1192606). - cifs: set correct max-buffer-size for smb2_ioctl_init() (bsc#1164565). - cifs: set server->cipher_type to AES-128-CCM for SMB3.0 (bsc#1192606). - cifs: set up next DFS target before generic_ip_connect() (bsc#1178270). - cifs: Set witness notification handler for messages from userspace daemon (bsc#1192606). - cifs: Silently ignore unknown oplock break handle (bsc#1192606). - cifs: Simplify bool comparison (bsc#1192606). - cifs: simplify handling of cifs_sb/ctx->local_nls (bsc#1192606). - cifs: Simplify reconnect code when dfs upcall is enabled (bsc#1192606). - cifs: simplify SWN code with dummy funcs instead of ifdefs (bsc#1192606). - cifs: smb1: Try failing back to SetFileInfo if SetPathInfo fails (bsc#1192606). - cifs: smb2pdu.h: Replace zero-length array with flexible-array member (bsc#1192606). - cifs: smbd: Add messages on RDMA session destroy and reconnection (bsc#1164565). - cifs: smbd: Calculate the correct maximum packet size for segmented SMBDirect send/receive (bsc#1192606). - cifs: smbd: Check and extend sender credits in interrupt context (bsc#1192606). - cifs: smbd: Check send queue size before posting a send (bsc#1192606). - cifs: smbd: Do not schedule work to send immediate packet on every receive (bsc#1192606). - cifs: smbd: Invalidate and deregister memory registration on re-send for direct I/O (bsc#1164565). - cifs: smbd: Merge code to track pending packets (bsc#1192606). - cifs: smbd: Only queue work for error recovery on memory registration (bsc#1164565). - cifs: smbd: Properly process errors on ib_post_send (bsc#1192606). - cifs: smbd: Return -EAGAIN when transport is reconnecting (bsc#1164565). - cifs: smbd: Return -ECONNABORTED when trasnport is not in connected state (bsc#1164565). - cifs: smbd: Return -EINVAL when the number of iovs exceeds SMBDIRECT_MAX_SGE (bsc#1164565). - cifs: smbd: Update receive credits before sending and deal with credits roll back on failure before sending (bsc#1192606). - cifs: sort interface list by speed (bsc#1192606). - cifs: Spelling s/EACCESS/EACCES/ (bsc#1192606). - cifs: split out dfs code from cifs_reconnect() (bsc#1192606, jsc#SLE-20042). - cifs: Standardize logging output (bsc#1192606). - cifs: store a pointer to the root dentry in cifs_sb_info once we have completed mounting the share (bsc#1192606). - cifs: style: replace one-element array with flexible-array (bsc#1192606). - cifs: support nested dfs links over reconnect (bsc#1192606, jsc#SLE-20042). - cifs: support share failover when remounting (bsc#1192606, jsc#SLE-20042). - cifs: switch build_path_from_dentry() to using dentry_path_raw() (bsc#1192606). - cifs: switch servers depending on binding state (bsc#1192606). - cifs: switch to new mount api (bsc#1192606). - cifs: To match file servers, make sure the server hostname matches (bsc#1192606). - cifs: Tracepoints and logs for tracing credit changes (bsc#1181507). - cifs: try harder to open new channels (bsc#1192606). - cifs: try opening channels after mounting (bsc#1192606). - cifs: uncomplicate printing the iocharset parameter (bsc#1192606). - cifs: Unlock on errors in cifs_swn_reconnect() (bsc#1192606). - cifs: update ctime and mtime during truncate (bsc#1192606). - cifs: update FSCTL definitions (bsc#1192606). - cifs: update internal module version number (bsc#1192606). - cifs: update internal module version number (bsc#1192606). - cifs: update internal module version number (bsc#1192606). - cifs: update internal module version number (bsc#1192606). - cifs: update internal module version number (bsc#1192606). - cifs: update internal module version number (bsc#1192606). - cifs: update internal module version number (bsc#1192606). - cifs: update internal module version number (bsc#1192606). - cifs: update internal version number (bsc#1192606). - cifs: update internal version number (bsc#1192606). - cifs: update internal version number (bsc#1192606). - cifs: update internal version number (bsc#1192606). - cifs: update mnt_cifs_flags during reconfigure (bsc#1192606). - cifs: update new ACE pointer after populate_new_aces (bsc#1192606). - cifs: update super_operations to show_devname (bsc#1192606). - cifs: Use #define in cifs_dbg (bsc#1164565). - cifs: use %pd instead of messing with ->d_name (bsc#1192606). - cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic (bnc#1151927 5.3.7). - cifs: Use common error handling code in smb2_ioctl_query_info() (bsc#1164565). - cifs: use compounding for open and first query-dir for readdir() (bsc#1164565). - cifs: use discard iterator to discard unneeded network data more efficiently (bsc#1192606). - cifs: use echo_interval even when connection not ready (bsc#1192606). - cifs: use existing handle for compound_op(OP_SET_INFO) when possible (bsc#1154355). - cifs: use helpers when parsing uid/gid mount options and validate them (bsc#1192606). - cifs: Use memdup_user() rather than duplicating its implementation (bsc#1164565). - cifs: use mod_delayed_work() for server->reconnect if already queued (bsc#1164565). - cifs: use PTR_ERR_OR_ZERO() to simplify code (bsc#1164565). - cifs: use SPDX-Licence-Identifier (bsc#1192606). - cifs: use the expiry output of dns_query to schedule next resolution (bsc#1192606). - cifs: use true,false for bool variable (bsc#1164565). - cifs: use true,false for bool variable (bsc#1164565). - cifs: warn and fail if trying to use rootfs without the config option (bsc#1192606). - cifs: Warn less noisily on default mount (bsc#1192606). - cifs: we do not allow changing username/password/unc/... during remount (bsc#1192606). - clk: imx: imx6ul: Move csi_sel mux to correct base register (git-fixes). - clk: ingenic: Fix bugs with divided dividers (git-fixes). - crypto: ecc - fix CRYPTO_DEFAULT_RNG dependency (git-fixes). - crypto: pcrypt - Delay write to padata->info (git-fixes). - crypto: s5p-sss - Add error handling in s5p_aes_probe() (git-fixes). - cxgb4: fix eeprom len when diagnostics not implemented (git-fixes). - dm: fix deadlock when swapping to encrypted device (bsc#1186332). - dm: remove unnecessary discard limits for raid0 and raid10 (bsc#1192320). - dmaengine: at_xdmac: fix AT_XDMAC_CC_PERID() macro (git-fixes). - dmaengine: dmaengine_desc_callback_valid(): Check for `callback_result` (git-fixes). - drm: panel-orientation-quirks: Add quirk for Aya Neo 2021 (git-fixes). - drm: panel-orientation-quirks: Add quirk for GPD Win3 (git-fixes). - drm: panel-orientation-quirks: Add quirk for KD Kurio Smart C15200 2-in-1 (git-fixes). - drm: panel-orientation-quirks: Add quirk for the Samsung Galaxy Book 10.6 (git-fixes). - drm: panel-orientation-quirks: Update the Lenovo Ideapad D330 quirk (v2) (git-fixes). - drm/amd/display: Set plane update flags for all planes in reset (git-fixes). - drm/amdgpu: fix set scaling mode Full/Full aspect/Center not works on vga and dvi connectors (git-fixes). - drm/msm: Do hw_init() before capturing GPU state (git-fixes). - drm/msm/a6xx: Allocate enough space for GMU registers (git-fixes). - drm/nouveau: hdmigv100.c: fix corrupted HDMI Vendor InfoFrame (git-fixes). - drm/nouveau/acr: fix a couple NULL vs IS_ERR() checks (git-fixes). - drm/nouveau/svm: Fix refcount leak bug and missing check against null bug (git-fixes). - drm/panel-orientation-quirks: add Valve Steam Deck (git-fixes). - drm/pl111: Actually fix CONFIG_VEXPRESS_CONFIG depends (git-fixes). - drm/plane-helper: fix uninitialized variable reference (git-fixes). - drm/vc4: fix error code in vc4_create_object() (git-fixes). - e1000e: Separate TGP board type from SPT (bsc#1192874). - EDAC/amd64: Handle three rank interleaving mode (bsc#1152489). - elfcore: correct reference to CONFIG_UML (git-fixes). - elfcore: fix building with clang (bsc#1169514). - ethtool: fix ethtool msg len calculation for pause stats (jsc#SLE-15075). - firmware: qcom_scm: Mark string array const (git-fixes). - fuse: release pipe buf after last use (bsc#1193318). - gve: Add netif_set_xps_queue call (bsc#1176940). - gve: Add rx buffer pagecnt bias (bsc#1176940). - gve: Allow pageflips on larger pages (bsc#1176940). - gve: Do lazy cleanup in TX path (git-fixes). - gve: DQO: avoid unused variable warnings (bsc#1176940). - gve: Switch to use napi_complete_done (git-fixes). - gve: Track RX buffer allocation failures (bsc#1176940). - hwmon: (k10temp) Add additional missing Zen2 and Zen3 APUs (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Add support for yellow carp (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Add support for Zen3 CPUs (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Create common functions and macros for Zen CPU families (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Define SVI telemetry and current factors for Zen2 CPUs (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Do not show Tdie for all Zen/Zen2/Zen3 CPU/APU (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) make some symbols static (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Remove residues of current and voltage (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Remove support for displaying voltage and current on Zen CPUs (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Reorganize and simplify temperature support detection (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Rework the temperature offset calculation (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) support Zen3 APUs (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Swap Tdie and Tctl on Family 17h CPUs (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Update documentation and add temp2_input info (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Update driver documentation (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - hwmon: (k10temp) Zen3 Ryzen Desktop CPUs support (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - i2c: cbus-gpio: set atomic transfer callback (git-fixes). - i2c: stm32f7: flush TX FIFO upon transfer errors (git-fixes). - i2c: stm32f7: recover the bus on access timeout (git-fixes). - i2c: stm32f7: stop dma transfer in case of NACK (git-fixes). - i2c: xlr: Fix a resource leak in the error handling path of 'xlr_i2c_probe()' (git-fixes). - i40e: Fix changing previously set num_queue_pairs for PFs (git-fixes). - i40e: Fix correct max_pkt_size on VF RX queue (git-fixes). - i40e: Fix creation of first queue by omitting it if is not power of two (git-fixes). - i40e: Fix display error code in dmesg (git-fixes). - i40e: Fix failed opcode appearing if handling messages from VF (git-fixes). - i40e: Fix NULL ptr dereference on VSI filter sync (git-fixes). - i40e: Fix ping is lost after configuring ADq on VF (git-fixes). - i40e: Fix pre-set max number of queues for VF (git-fixes). - i40e: Fix warning message and call stack during rmmod i40e driver (git-fixes). - iavf: check for null in iavf_fix_features (git-fixes). - iavf: do not clear a lock we do not hold (git-fixes). - iavf: Fix failure to exit out from last all-multicast mode (git-fixes). - iavf: Fix for setting queues to 0 (jsc#SLE-12877). - iavf: Fix for the false positive ASQ/ARQ errors while issuing VF reset (git-fixes). - iavf: Fix reporting when setting descriptor count (git-fixes). - iavf: Fix return of set the new channel count (jsc#SLE-12877). - iavf: free q_vectors before queues in iavf_disable_vf (git-fixes). - iavf: prevent accidental free of filter structure (git-fixes). - iavf: Prevent changing static ITR values if adaptive moderation is on (git-fixes). - iavf: Restore VLAN filters after link down (git-fixes). - iavf: validate pointers (git-fixes). - ibmvnic: drop bad optimization in reuse_rx_pools() (bsc#1193349 ltc#195568). - ibmvnic: drop bad optimization in reuse_tx_pools() (bsc#1193349 ltc#195568). - ice: avoid bpf_prog refcount underflow (jsc#SLE-7926). - ice: avoid bpf_prog refcount underflow (jsc#SLE-7926). - ice: Delete always true check of PF pointer (git-fixes). - ice: Fix not stopping Tx queues for VFs (jsc#SLE-7926). - ice: Fix VF true promiscuous mode (jsc#SLE-12878). - ice: fix vsi->txq_map sizing (jsc#SLE-7926). - ice: ignore dropped packets during init (git-fixes). - ice: Remove toggling of antispoof for VF trusted promiscuous mode (jsc#SLE-12878). - igb: fix netpoll exit with traffic (git-fixes). - igc: Remove _I_PHY_ID checking (bsc#1193169). - igc: Remove phy->type checking (bsc#1193169). - iio: imu: st_lsm6dsx: Avoid potential array overflow in st_lsm6dsx_set_odr() (git-fixes). - Input: iforce - fix control-message timeout (git-fixes). - iommu: Check if group is NULL before remove device (git-fixes). - iommu/amd: Relocate GAMSup check to early_enable_iommus (git-fixes). - iommu/amd: Remove iommu_init_ga() (git-fixes). - iommu/mediatek: Fix out-of-range warning with clang (git-fixes). - iommu/vt-d: Consolidate duplicate cache invaliation code (git-fixes). - iommu/vt-d: Fix incomplete cache flush in intel_pasid_tear_down_entry() (git-fixes). - iommu/vt-d: Update the virtual command related registers (git-fixes). - ipmi: Disable some operations during a panic (git-fixes). - kABI: dm: fix deadlock when swapping to encrypted device (bsc#1186332). - kabi: hide changes to struct uv_info (git-fixes). - lib/xz: Avoid overlapping memcpy() with invalid input with in-place decompression (git-fixes). - lib/xz: Validate the value before assigning it to an enum variable (git-fixes). - libata: fix checking of DMA state (git-fixes). - linux/parser.h: add include guards (bsc#1192606). - lpfc: Reintroduce old IRQ probe logic (bsc#1183897). - md: add md_submit_discard_bio() for submitting discard bio (bsc#1192320). - md: extend r10bio devs to raid disks (bsc#1192320). - md: fix a lock order reversal in md_alloc (git-fixes). - md: improve discard request for far layout (bsc#1192320). - md: improve raid10 discard request (bsc#1192320). - md: initialize r10_bio->read_slot before use (bsc#1192320). - md: pull the code that wait for blocked dev into one function (bsc#1192320). - md: Remove unnecessary rcu_dereference in raid10_handle_discard (bsc#1192320). - mdio: aspeed: Fix "Link is Down" issue (bsc#1176447). - media: imx: set a media_device bus_info string (git-fixes). - media: ipu3-imgu: imgu_fmt: Handle properly try (git-fixes). - media: ipu3-imgu: VIDIOC_QUERYCAP: Fix bus_info (git-fixes). - media: ir-kbd-i2c: improve responsiveness of hauppauge zilog receivers (git-fixes). - media: mceusb: return without resubmitting URB in case of -EPROTO error (git-fixes). - media: mt9p031: Fix corrupted frame after restarting stream (git-fixes). - media: netup_unidvb: handle interrupt properly according to the firmware (git-fixes). - media: rcar-csi2: Add checking to rcsi2_start_receiver() (git-fixes). - media: s5p-mfc: fix possible null-pointer dereference in s5p_mfc_probe() (git-fixes). - media: stm32: Potential NULL pointer dereference in dcmi_irq_thread() (git-fixes). - media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() (git-fixes). - media: uvcvideo: Return -EIO for control errors (git-fixes). - media: uvcvideo: Set capability in s_param (git-fixes). - media: uvcvideo: Set unique vdev name based in type (git-fixes). - memstick: r592: Fix a UAF bug when removing the driver (git-fixes). - MM: reclaim mustn't enter FS for swap-over-NFS (bsc#1191876). - mmc: dw_mmc: Dont wait for DRTO on Write RSP error (git-fixes). - mmc: winbond: do not build on M68K (git-fixes). - mtd: core: do not remove debugfs directory if device is in use (git-fixes). - mwifiex: Properly initialize private structure on interface type changes (git-fixes). - mwifiex: Read a PCI register after writing the TX ring write pointer (git-fixes). - mwifiex: Run SET_BSS_MODE when changing from P2P to STATION vif-type (git-fixes). - mwl8k: Fix use-after-free in mwl8k_fw_state_machine() (git-fixes). - net: asix: fix uninit value bugs (git-fixes). - net: bnx2x: fix variable dereferenced before check (git-fixes). - net: bridge: fix under estimation in br_get_linkxstats_size() (bsc#1176447). - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero (git-fixes). - net: delete redundant function declaration (git-fixes). - net: hns3: change affinity_mask to numa node range (bsc#1154353). - net: hns3: fix misuse vf id and vport id in some logs (bsc#1154353). - net: hns3: remove check VF uc mac exist when set by PF (bsc#1154353). - net: hso: fix control-request directions (git-fixes). - net: hso: fix muxed tty registration (git-fixes). - net: linkwatch: fix failure to restore device state across suspend/resume (bsc#1192511). - net: mana: Allow setting the number of queues while the NIC is down (jsc#SLE-18779, bsc#1185726). - net: mana: Fix memory leak in mana_hwc_create_wq (jsc#SLE-18779, bsc#1185726). - net: mana: Fix spelling mistake "calledd" -> "called" (jsc#SLE-18779, bsc#1185726). - net: mana: Fix the netdev_err()'s vPort argument in mana_init_port() (jsc#SLE-18779, bsc#1185726). - net: mana: Improve the HWC error handling (jsc#SLE-18779, bsc#1185726). - net: mana: Support hibernation and kexec (jsc#SLE-18779, bsc#1185726). - net: mana: Use kcalloc() instead of kzalloc() (jsc#SLE-18779, bsc#1185726). - net: pegasus: fix uninit-value in get_interrupt_interval (git-fixes). - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() (git-fixes). - net: stmmac: add EHL 2.5Gbps PCI info and PCI ID (bsc#1192691). - net: stmmac: add EHL PSE0 PSE1 1Gbps PCI info and PCI ID (bsc#1192691). - net: stmmac: add EHL RGMII 1Gbps PCI info and PCI ID (bsc#1192691). - net: stmmac: add EHL SGMII 1Gbps PCI info and PCI ID (bsc#1192691). - net: stmmac: add TGL SGMII 1Gbps PCI info and PCI ID (bsc#1192691). - net: stmmac: create dwmac-intel.c to contain all Intel platform (bsc#1192691). - net: stmmac: pci: Add HAPS support using GMAC5 (bsc#1192691). - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available (git-fixes). - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available (git-fixes). - net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32 (git-fixes). - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() (git-fixes). - net/mlx5: E-Switch, return error if encap isn't supported (jsc#SLE-15172). - net/mlx5e: reset XPS on error flow if netdev isn't registered yet (git-fixes). - net/sched: sch_ets: do not peek at classes beyond 'nbands' (bsc#1176774). - netfilter: ctnetlink: do not erase error code with EINVAL (bsc#1176447). - netfilter: ctnetlink: fix filtering with CTA_TUPLE_REPLY (bsc#1176447). - netfilter: flowtable: fix IPv6 tunnel addr match (bsc#1176447). - NFC: add NCI_UNREG flag to eliminate the race (git-fixes). - NFC: pn533: Fix double free when pn533_fill_fragment_skbs() fails (git-fixes). - NFC: reorder the logic in nfc_{un,}register_device (git-fixes). - NFC: reorganize the functions in nci_request (git-fixes). - nfp: checking parameter process for rx-usecs/tx-usecs is invalid (git-fixes). - nfp: Fix memory leak in nfp_cpp_area_cache_add() (git-fixes). - NFS: do not alloc under spinlock in rpc_parse_scope_id (git-fixes). - NFS: Do not set NFS_INO_DATA_INVAL_DEFER and NFS_INO_INVALID_DATA (git-fixes). - NFS: do not take i_rwsem for swap IO (bsc#1191876). - NFS: Fix a regression in nfs_set_open_stateid_locked() (git-fixes). - NFS: Fix deadlocks in nfs_scan_commit_list() (git-fixes). - NFS: fix error handling of register_pernet_subsys() in init_nfsd() (git-fixes). - NFS: Fix up commit deadlocks (git-fixes). - NFS: Handle the NFSv4 READDIR 'dircount' hint being zero (git-fixes). - NFS: move generic_write_checks() call from nfs_file_direct_write() to nfs_file_write() (bsc#1191876). - nvme: add NO APST quirk for Kioxia device (git-fixes). - nvme: Skip not ready namespaces when revalidating paths (bsc#1191793 bsc#1192507 bsc#1192969). - objtool: Support Clang non-section symbols in ORC generation (bsc#1169514). - Pass consistent param->type to fs_parse() (bsc#1192606). [ ematsumiya: - drop the case fs_param_is_fd - leave .has_value in fs_parse_result so it does not break kabi - still set .has_value in fs_parse() for real kabi compatibility ] - PCI: Add PCI_EXP_DEVCTL_PAYLOAD_* macros (git-fixes). - PCI: Mark Atheros QCA6174 to avoid bus reset (git-fixes). - PCI/MSI: Deal with devices lying about their MSI mask capability (git-fixes). - perf: Correctly handle failed perf_get_aux_event() (git-fixes). - perf/x86/intel: Fix unchecked MSR access error caused by VLBR_EVENT (git-fixes). - perf/x86/intel/uncore: Fix Intel ICX IIO event constraints (git-fixes). - perf/x86/intel/uncore: Fix M2M event umask for Ice Lake server (git-fixes). - perf/x86/intel/uncore: Fix the scale of the IMC free-running events (git-fixes). - perf/x86/intel/uncore: Support extra IMC channel on Ice Lake server (git-fixes). - perf/x86/vlbr: Add c->flags to vlbr event constraints (git-fixes). - platform/x86: hp_accel: Fix an error handling path in 'lis3lv02d_probe()' (git-fixes). - platform/x86: wmi: do not fail if disabling fails (git-fixes). - PM: hibernate: Get block device exclusively in swsusp_check() (git-fixes). - PM: hibernate: use correct mode for swsusp_close() (git-fixes). - pnfs/flexfiles: Fix misplaced barrier in nfs4_ff_layout_prepare_ds (git-fixes). - powerpc: fix unbalanced node refcount in check_kvm_guest() (jsc#SLE-15869 jsc#SLE-16321 git-fixes). - powerpc/iommu: Report the correct most efficient DMA mask for PCI devices (git-fixes). - powerpc/paravirt: correct preempt debug splat in vcpu_is_preempted() (bsc#1181148 ltc#190702 git-fixes). - powerpc/paravirt: vcpu_is_preempted() commentary (bsc#1181148 ltc#190702 git-fixes). - powerpc/perf: Fix cycles/instructions as PM_CYC/PM_INST_CMPL in power10 (jsc#SLE-13513 git-fixes). - powerpc/pseries: Move some PAPR paravirt functions to their own file (bsc#1181148 ltc#190702 git-fixes). - powerpc/watchdog: Avoid holding wd_smp_lock over printk and smp_send_nmi_ipi (bsc#1187541 ltc#192129). - powerpc/watchdog: Fix missed watchdog reset due to memory ordering race (bsc#1187541 ltc#192129). - powerpc/watchdog: Fix wd_smp_last_reset_tb reporting (bsc#1187541 ltc#192129). - powerpc/watchdog: read TB close to where it is used (bsc#1187541 ltc#192129). - powerpc/watchdog: tighten non-atomic read-modify-write access (bsc#1187541 ltc#192129). - printk: Remove printk.h inclusion in percpu.h (bsc#1192987). - qede: validate non LSO skb length (git-fixes). - r8152: limit the RX buffer size of RTL8153A for USB 2.0 (git-fixes). - r8169: Add device 10ec:8162 to driver r8169 (git-fixes). - RDMA/bnxt_re: Update statistics counter name (jsc#SLE-16649). - recordmcount.pl: fix typo in s390 mcount regex (bsc#1192267). - recordmcount.pl: look for jgnop instruction as well as bcrl on s390 (bsc#1192267). - reset: socfpga: add empty driver allowing consumers to probe (git-fixes). - ring-buffer: Protect ring_buffer_reset() from reentrancy (bsc#1179960). - rpm/*.spec.in: use buildroot macro instead of env variable The RPM_BUILD_ROOT variable is considered deprecated over a buildroot macro. future proof the spec files. - rpm/kernel-binary.spec.in: do not strip vmlinux again (bsc#1193306) After usrmerge, vmlinux file is not named vmlinux-lt;version>, but simply vmlinux. And this is not reflected in STRIP_KEEP_SYMTAB we set. So fix this by removing the dash... - rpm/kernel-obs-build.spec.in: move to zstd for the initrd Newer distros have capability to decompress zstd, which provides a 2-5% better compression ratio at very similar cpu overhead. Plus this tests the zstd codepaths now as well. - rt2x00: do not mark device gone on EPROTO errors during start (git-fixes). - rxrpc: Fix rxrpc_local leak in rxrpc_lookup_peer() (bsc#1154353 bnc#1151927 5.3.9). - s390: mm: Fix secure storage access exception handling (git-fixes). - s390/bpf: Fix branch shortening during codegen pass (bsc#1193993). - s390/uv: fully validate the VMA before calling follow_page() (git-fixes). - scsi: iscsi: Adjust iface sysfs attr detection (git-fixes). - scsi: lpfc: Add additional debugfs support for CMF (bsc#1194266). - scsi: lpfc: Adjust CMF total bytes and rxmonitor (bsc#1194266). - scsi: lpfc: Cap CMF read bytes to MBPI (bsc#1194266). - scsi: lpfc: Change return code on I/Os received during link bounce (bsc#1194266). - scsi: lpfc: Fix leaked lpfc_dmabuf mbox allocations with NPIV (bsc#1194266). - scsi: lpfc: Fix lpfc_force_rscn ndlp kref imbalance (bsc#1194266). - scsi: lpfc: Fix non-recovery of remote ports following an unsolicited LOGO (bsc#1189126). - scsi: lpfc: Fix NPIV port deletion crash (bsc#1194266). - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup (bsc#1194266). - scsi: lpfc: Update lpfc version to 14.0.0.4 (bsc#1194266). - scsi: mpi3mr: Fix duplicate device entries when scanning through sysfs (git-fixes). - scsi: mpt3sas: Fix kernel panic during drive powercycle test (git-fixes). - scsi: mpt3sas: Fix system going into read-only mode (git-fixes). - scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc() (git-fixes). - scsi: qla2xxx: edif: Fix app start delay (git-fixes). - scsi: qla2xxx: edif: Fix app start fail (git-fixes). - scsi: qla2xxx: edif: Fix EDIF bsg (git-fixes). - scsi: qla2xxx: edif: Fix off by one bug in qla_edif_app_getfcinfo() (git-fixes). - scsi: qla2xxx: edif: Flush stale events and msgs on session down (git-fixes). - scsi: qla2xxx: edif: Increase ELS payload (git-fixes). - scsi: qla2xxx: Fix gnl list corruption (git-fixes). - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id() (git-fixes). - scsi: qla2xxx: Format log strings only if needed (git-fixes). - scsi: qla2xxx: Relogin during fabric disturbance (git-fixes). - scsi: qla2xxx: Turn off target reset during issue_lip (git-fixes). - serial: 8250_pci: Fix ACCES entries in pci_serial_quirks array (git-fixes). - serial: 8250_pci: rewrite pericom_do_set_divisor() (git-fixes). - serial: 8250: Fix RTS modem control while in rs485 mode (git-fixes). - serial: core: fix transmit-buffer reset and memleak (git-fixes). - smb2: clarify rc initialization in smb2_reconnect (bsc#1192606). - smb2: fix use-after-free in smb2_ioctl_query_info() (bsc#1192606). - smb3: add additional null check in SMB2_ioctl (bsc#1192606). - smb3: add additional null check in SMB2_open (bsc#1192606). - smb3: add additional null check in SMB2_tcon (bsc#1192606). - smb3: add additional null check in SMB311_posix_mkdir (bsc#1192606). - smb3: Add debug message for new file creation with idsfromsid mount option (bsc#1192606). - smb3: add debug messages for closing unmatched open (bsc#1164565). - smb3: add defines for new crypto algorithms (bsc#1192606). - smb3: Add defines for new information level, FileIdInformation (bsc#1164565). - smb3: add defines for new signing negotiate context (bsc#1192606). - smb3: add dynamic trace point to trace when credits obtained (bsc#1181507). - smb3: add dynamic trace points for socket connection (bsc#1192606). - smb3: add dynamic tracepoints for flush and close (bsc#1164565). - smb3: add indatalen that can be a non-zero value to calculation of credit charge in smb2 ioctl (bsc#1192606). - smb3: add missing flag definitions (bsc#1164565). - smb3: Add missing reparse tags (bsc#1164565). - smb3: add missing worker function for SMB3 change notify (bsc#1164565). - smb3: add mount option to allow forced caching of read only share (bsc#1164565). - smb3: add mount option to allow RW caching of share accessed by only 1 client (bsc#1164565). - smb3: Add new compression flags (bsc#1192606). - smb3: Add new info level for query directory (bsc#1192606). - smb3: add new module load parm enable_gcm_256 (bsc#1192606). - smb3: add new module load parm require_gcm_256 (bsc#1192606). - smb3: Add new parm "nodelete" (bsc#1192606). - smb3: add one more dynamic tracepoint missing from strict fsync path (bsc#1164565). - smb3: add rasize mount parameter to improve readahead performance (bsc#1192606). - smb3: add some missing definitions from MS-FSCC (bsc#1192606). - smb3: add some more descriptive messages about share when mounting cache=ro (bsc#1164565). - smb3: Add support for getting and setting SACLs (bsc#1192606). - smb3: Add support for lookup with posix extensions query info (bsc#1192606). - smb3: Add support for negotiating signing algorithm (bsc#1192606). - smb3: Add support for query info using posix extensions (level 100) (bsc#1192606). - smb3: add support for recognizing WSL reparse tags (bsc#1192606). - smb3: Add support for SMB311 query info (non-compounded) (bsc#1192606). - smb3: add support for stat of WSL reparse points for special file types (bsc#1192606). - smb3: add support for using info level for posix extensions query (bsc#1192606). - smb3: Add tracepoints for new compound posix query info (bsc#1192606). - smb3: Additional compression structures (bsc#1192606). - smb3: allow decryption keys to be dumped by admin for debugging (bsc#1164565). - smb3: allow disabling requesting leases (bnc#1151927 5.3.4). - smb3: allow dumping GCM256 keys to improve debugging of encrypted shares (bsc#1192606). - smb3: allow dumping keys for multiuser mounts (bsc#1192606). - smb3: allow parallelizing decryption of reads (bsc#1164565). - smb3: allow skipping signature verification for perf sensitive configurations (bsc#1164565). - smb3: allow uid and gid owners to be set on create with idsfromsid mount option (bsc#1192606). - smb3: avoid confusing warning message on mount to Azure (bsc#1192606). - smb3: Avoid Mid pending list corruption (bsc#1192606). - smb3: Backup intent flag missing from some more ops (bsc#1164565). - smb3: Call cifs reconnect from demultiplex thread (bsc#1192606). - smb3: change noisy error message to FYI (bsc#1192606). - smb3: cleanup some recent endian errors spotted by updated sparse (bsc#1164565). - smb3: correct server pointer dereferencing check to be more consistent (bsc#1192606). - smb3: correct smb3 ACL security descriptor (bsc#1192606). - smb3: default to minimum of two channels when multichannel specified (bsc#1192606). - smb3: display max smb3 requests in flight at any one time (bsc#1164565). - smb3: do not attempt multichannel to server which does not support it (bsc#1192606). - smb3: do not error on fsync when readonly (bsc#1192606). - smb3: do not fail if no encryption required but server does not support it (bsc#1192606). - smb3: do not log warning message if server does not populate salt (bsc#1192606). - smb3: do not setup the fscache_super_cookie until fsinfo initialized (bsc#1192606). - smb3: do not try to cache root directory if dir leases not supported (bsc#1192606). - smb3: dump in_send and num_waiters stats counters by default (bsc#1164565). - smb3: enable negotiating stronger encryption by default (bsc#1192606). - smb3: enable offload of decryption of large reads via mount option (bsc#1164565). - smb3: enable swap on SMB3 mounts (bsc#1192606). - smb3: extend fscache mount volume coherency check (bsc#1192606). - smb3: fix access denied on change notify request to some servers (bsc#1192606). - smb3: fix cached file size problems in duplicate extents (reflink) (bsc#1192606). - smb3: Fix crash in SMB2_open_init due to uninitialized field in compounding path (bsc#1164565). - smb3: fix crediting for compounding when only one request in flight (bsc#1181507). - smb3: fix default permissions on new files when mounting with modefromsid (bsc#1164565). - smb3: Fix ids returned in POSIX query dir (bsc#1192606). - smb3: fix incorrect number of credits when ioctl MaxOutputResponse > 64K (bsc#1192606). - smb3: fix leak in "open on server" perf counter (bnc#1151927 5.3.4). - smb3: Fix mkdir when idsfromsid configured on mount (bsc#1192606). - smb3: fix mode passed in on create for modetosid mount option (bsc#1164565). - smb3: fix mount failure to some servers when compression enabled (bsc#1192606). - smb3: Fix out-of-bounds bug in SMB2_negotiate() (bsc#1183540). - smb3: fix performance regression with setting mtime (bsc#1164565). - smb3: Fix persistent handles reconnect (bnc#1151927 5.3.11). - smb3: fix posix extensions mount option (bsc#1192606). - smb3: fix possible access to uninitialized pointer to DACL (bsc#1192606). - smb3: fix potential null dereference in decrypt offload (bsc#1164565). - smb3: fix problem with null cifs super block with previous patch (bsc#1164565). - smb3: fix readpage for large swap cache (bsc#1192606). - smb3: fix refcount underflow warning on unmount when no directory leases (bsc#1164565). - smb3: Fix regression in time handling (bsc#1164565). - smb3: fix signing verification of large reads (bsc#1154355). - smb3: fix stat when special device file and mounted with modefromsid (bsc#1192606). - smb3: fix typo in compression flag (bsc#1192606). - smb3: fix typo in header file (bsc#1192606). - smb3: fix typo in mount options displayed in /proc/mounts (bsc#1192606). - smb3: fix uninitialized value for port in witness protocol move (bsc#1192606). - smb3: fix unmount hang in open_shroot (bnc#1151927 5.3.4). - smb3: fix unneeded error message on change notify (bsc#1192606). - smb3: Handle error case during offload read path (bsc#1192606). - smb3: Honor 'handletimeout' flag for multiuser mounts (bsc#1176558). - smb3: Honor 'posix' flag for multiuser mounts (bsc#1176559). - smb3: Honor 'seal' flag for multiuser mounts (bsc#1176545). - smb3: Honor lease disabling for multiuser mounts (git-fixes). - smb3: Honor persistent/resilient handle flags for multiuser mounts (bsc#1176546). - smb3: if max_channels set to more than one channel request multichannel (bsc#1192606). - smb3: improve check for when we send the security descriptor context on create (bsc#1164565). - smb3: improve handling of share deleted (and share recreated) (bsc#1154355). - smb3: incorrect file id in requests compounded with open (bsc#1192606). - smb3: Incorrect size for netname negotiate context (bsc#1154355). - smb3: limit noisy error (bsc#1192606). - smb3: log warning if CSC policy conflicts with cache mount option (bsc#1164565). - smb3: Minor cleanup of protocol definitions (bsc#1192606). - smb3: minor update to compression header definitions (bsc#1192606). - smb3: missing ACL related flags (bsc#1164565). - smb3: negotiate current dialect (SMB3.1.1) when version 3 or greater requested (bsc#1192606). - smb3: only offload decryption of read responses if multiple requests (bsc#1164565). - smb3: pass mode bits into create calls (bsc#1164565). - smb3: prevent races updating CurrentMid (bsc#1192606). - smb3: print warning if server does not support requested encryption type (bsc#1192606). - smb3: print warning once if posix context returned on open (bsc#1164565). - smb3: query attributes on file close (bsc#1164565). - smb3: rc uninitialized in one fallocate path (bsc#1192606). - smb3: remind users that witness protocol is experimental (bsc#1192606). - smb3: remove confusing dmesg when mounting with encryption ("seal") (bsc#1164565). - smb3: remove confusing mount warning when no SPNEGO info on negprot rsp (bsc#1192606). - smb3: remove dead code for non compounded posix query info (bsc#1192606). - smb3: remove noisy debug message and minor cleanup (bsc#1164565). - smb3: remove overly noisy debug line in signing errors (bsc#1192606). - smb3: remove static checker warning (bsc#1192606). - smb3: remove trivial dfs compile warning (bsc#1192606, jsc#SLE-20042). - smb3: remove two unused variables (bsc#1192606). - smb3: remove unused flag passed into close functions (bsc#1164565). - smb3: rename nonces used for GCM and CCM encryption (bsc#1192606). - smb3: Resolve data corruption of TCP server info fields (bsc#1192606). - smb3: set COMPOUND_FID to FileID field of subsequent compound request (bsc#1192606). - smb3: set gcm256 when requested (bsc#1192606). - smb3: smbdirect support can be configured by default (bsc#1192606). - smb3: update comments clarifying SPNEGO info in negprot response (bsc#1192606). - smb3: update protocol header definitions based to include new flags (bsc#1192606). - smb3: update structures for new compression protocol definitions (bsc#1192606). - smb3: use SMB2_SIGNATURE_SIZE define (bsc#1192606). - smb3: warn on confusing error scenario with sec=krb5 (bsc#1176548). - smb3: when mounting with multichannel include it in requested capabilities (bsc#1192606). - smbdirect: missing rc checks while waiting for rdma events (bsc#1192606). - soc/tegra: Fix an error handling path in tegra_powergate_power_up() (git-fixes). - soc/tegra: pmc: Fix imbalanced clock disabling in error code path (git-fixes). - spi: bcm-qspi: Fix missing clk_disable_unprepare() on error in bcm_qspi_probe() (git-fixes). - spi: spl022: fix Microwire full duplex mode (git-fixes). - SUNRPC: async tasks mustn't block waiting for memory (bsc#1191876). - SUNRPC: async tasks mustn't block waiting for memory (bsc#1191876). - SUNRPC: async tasks mustn't block waiting for memory (bsc#1191876). - SUNRPC: improve 'swap' handling: scheduling and PF_MEMALLOC (bsc#1191876). - SUNRPC: remove scheduling boost for "SWAPPER" tasks (bsc#1191876). - supported.conf: add pwm-rockchip References: jsc#SLE-22615 - swiotlb-xen: avoid double free (git-fixes). - swiotlb: Fix the type of index (git-fixes). - TCON Reconnect during STATUS_NETWORK_NAME_DELETED (bsc#1192606). - tlb: mmu_gather: add tlb_flush_*_range APIs - tracing: Add length protection to histogram string copies (git-fixes). - tracing: Change STR_VAR_MAX_LEN (git-fixes). - tracing: Check pid filtering when creating events (git-fixes). - tracing: Fix pid filtering when triggers are attached (git-fixes). - tracing: use %ps format string to print symbols (git-fixes). - tracing/histogram: Do not copy the fixed-size char array field over the field size (git-fixes). - tty: hvc: replace BUG_ON() with negative return value (git-fixes). - tty: serial: msm_serial: Deactivate RX DMA for polling support (git-fixes). - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (git-fixes). - update structure definitions from updated protocol documentation (bsc#1192606). - usb: Add compatibility quirk flags for iODD 2531/2541 (git-fixes). - usb: chipidea: ci_hdrc_imx: fix potential error pointer dereference in probe (git-fixes). - usb: dwc2: gadget: Fix ISOC flow for elapsed frames (git-fixes). - usb: dwc2: hcd_queue: Fix use of floating point literal (git-fixes). - usb: host: ohci-tmio: check return value after calling platform_get_resource() (git-fixes). - usb: musb: tusb6010: check return value after calling platform_get_resource() (git-fixes). - usb: serial: option: add Fibocom FM101-GL variants (git-fixes). - usb: serial: option: add Telit LE910S1 0x9200 composition (git-fixes). - usb: typec: fusb302: Fix masking of comparator and bc_lvl interrupts (git-fixes). - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (git-fixes). - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (git-fixes). - usb: xhci: Enable runtime-pm by default on AMD Yellow Carp platform (git-fixes). - vfs: do not parse forbidden flags (bsc#1192606). - wireguard: allowedips: add missing __rcu annotation to satisfy sparse (git-fixes). - wireguard: device: reset peer src endpoint when netns exits (git-fixes). - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc() (git-fixes). - wireguard: receive: drop handshakes if queue lock is contended (git-fixes). - wireguard: receive: use ring buffer for incoming handshakes (git-fixes). - wireguard: selftests: actually test for routing loops (git-fixes). - wireguard: selftests: increase default dmesg log size (git-fixes). - x86/amd_nb: Add AMD family 19h model 50h PCI ids (jsc#SLE-17823 jsc#SLE-23139 jsc#ECO-3666). - x86/cpu: Fix migration safety with X86_BUG_NULL_SEL (bsc#1152489). - x86/efi: Restore Firmware IDT before calling ExitBootServices() (git-fixes). - x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry() (bsc#1178134). - x86/mpx: Disable MPX for 32-bit userland (bsc#1193139). - x86/pkey: Fix undefined behaviour with PKRU_WD_BIT (bsc#1152489). - x86/pvh: add prototype for xen_pvh_init() (git-fixes). - x86/sev: Allow #VC exceptions on the VC2 stack (git-fixes). - x86/sev: Fix SEV-ES INS/OUTS instructions for word, dword, and qword (bsc#1178134). - x86/sev: Fix stack type check in vc_switch_off_ist() (git-fixes). - x86/xen: Add xenpv_restore_regs_and_return_to_usermode() (bsc#1152489). - x86/Xen: swap NX determination and GDT setup on BSP (git-fixes). - xen: sync include/xen/interface/io/ring.h with Xen's newest version (git-fixes). - xen/blkfront: do not take local copy of a request from the ring page (git-fixes). - xen/blkfront: do not trust the backend response data blindly (git-fixes). - xen/blkfront: read response from backend only once (git-fixes). - xen/netfront: disentangle tx_skb_freelist (git-fixes). - xen/netfront: do not read data from request on the ring page (git-fixes). - xen/netfront: do not trust the backend response data blindly (git-fixes). - xen/netfront: read response from backend only once (git-fixes). - xen/privcmd: fix error handling in mmap-resource processing (git-fixes). - xen/pvh: add missing prototype to header (git-fixes). - xen/x86: fix PV trap handling on secondary processors (git-fixes). - xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1192569). - xhci: Fix commad ring abort, write all 64 bits to CRCR register (bsc#1192569). - xhci: Fix commad ring abort, write all 64 bits to CRCR register (git-fixes). - xhci: Fix USB 3.1 enumeration issues by increasing roothub power-on-good delay (git-fixes). - zram: fix return value on writeback_store (git-fixes). - zram: off by one in read_block_state() (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-56=1 - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-56=1 Package List: - openSUSE Leap 15.3 (x86_64): cluster-md-kmp-azure-5.3.18-38.34.1 cluster-md-kmp-azure-debuginfo-5.3.18-38.34.1 dlm-kmp-azure-5.3.18-38.34.1 dlm-kmp-azure-debuginfo-5.3.18-38.34.1 gfs2-kmp-azure-5.3.18-38.34.1 gfs2-kmp-azure-debuginfo-5.3.18-38.34.1 kernel-azure-5.3.18-38.34.1 kernel-azure-debuginfo-5.3.18-38.34.1 kernel-azure-debugsource-5.3.18-38.34.1 kernel-azure-devel-5.3.18-38.34.1 kernel-azure-devel-debuginfo-5.3.18-38.34.1 kernel-azure-extra-5.3.18-38.34.1 kernel-azure-extra-debuginfo-5.3.18-38.34.1 kernel-azure-livepatch-devel-5.3.18-38.34.1 kernel-azure-optional-5.3.18-38.34.1 kernel-azure-optional-debuginfo-5.3.18-38.34.1 kernel-syms-azure-5.3.18-38.34.1 kselftests-kmp-azure-5.3.18-38.34.1 kselftests-kmp-azure-debuginfo-5.3.18-38.34.1 ocfs2-kmp-azure-5.3.18-38.34.1 ocfs2-kmp-azure-debuginfo-5.3.18-38.34.1 reiserfs-kmp-azure-5.3.18-38.34.1 reiserfs-kmp-azure-debuginfo-5.3.18-38.34.1 - openSUSE Leap 15.3 (noarch): kernel-devel-azure-5.3.18-38.34.1 kernel-source-azure-5.3.18-38.34.1 - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64): connman-1.41-bp153.2.3.1 connman-client-1.41-bp153.2.3.1 connman-devel-1.41-bp153.2.3.1 connman-doc-1.41-bp153.2.3.1 connman-nmcompat-1.41-bp153.2.3.1 connman-plugin-iospm-1.41-bp153.2.3.1 connman-plugin-l2tp-1.41-bp153.2.3.1 connman-plugin-openvpn-1.41-bp153.2.3.1 connman-plugin-polkit-1.41-bp153.2.3.1 connman-plugin-pptp-1.41-bp153.2.3.1 connman-plugin-wireguard-1.41-bp153.2.3.1 connman-test-1.41-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64): connman-plugin-vpnc-1.41-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (aarch64 i586 s390x x86_64): connman-plugin-hh2serial-gps-1.41-bp153.2.3.1 connman-plugin-tist-1.41-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2020-24504.html https://www.suse.com/security/cve/CVE-2020-27820.html https://www.suse.com/security/cve/CVE-2021-28711.html https://www.suse.com/security/cve/CVE-2021-28712.html https://www.suse.com/security/cve/CVE-2021-28713.html https://www.suse.com/security/cve/CVE-2021-28714.html https://www.suse.com/security/cve/CVE-2021-28715.html https://www.suse.com/security/cve/CVE-2021-33098.html https://www.suse.com/security/cve/CVE-2021-4001.html https://www.suse.com/security/cve/CVE-2021-4002.html https://www.suse.com/security/cve/CVE-2021-43975.html https://www.suse.com/security/cve/CVE-2021-43976.html https://www.suse.com/security/cve/CVE-2021-45485.html https://www.suse.com/security/cve/CVE-2021-45486.html https://www.suse.com/security/cve/CVE-2022-23096.html https://www.suse.com/security/cve/CVE-2022-23097.html https://www.suse.com/security/cve/CVE-2022-23098.html https://bugzilla.suse.com/1139944 https://bugzilla.suse.com/1151927 https://bugzilla.suse.com/1152489 https://bugzilla.suse.com/1153275 https://bugzilla.suse.com/1154353 https://bugzilla.suse.com/1154355 https://bugzilla.suse.com/1161907 https://bugzilla.suse.com/1164565 https://bugzilla.suse.com/1166780 https://bugzilla.suse.com/1169514 https://bugzilla.suse.com/1176242 https://bugzilla.suse.com/1176447 https://bugzilla.suse.com/1176536 https://bugzilla.suse.com/1176544 https://bugzilla.suse.com/1176545 https://bugzilla.suse.com/1176546 https://bugzilla.suse.com/1176548 https://bugzilla.suse.com/1176558 https://bugzilla.suse.com/1176559 https://bugzilla.suse.com/1176774 https://bugzilla.suse.com/1176940 https://bugzilla.suse.com/1176956 https://bugzilla.suse.com/1177440 https://bugzilla.suse.com/1178134 https://bugzilla.suse.com/1178270 https://bugzilla.suse.com/1179211 https://bugzilla.suse.com/1179424 https://bugzilla.suse.com/1179426 https://bugzilla.suse.com/1179427 https://bugzilla.suse.com/1179599 https://bugzilla.suse.com/1181148 https://bugzilla.suse.com/1181507 https://bugzilla.suse.com/1181710 https://bugzilla.suse.com/1182404 https://bugzilla.suse.com/1183534 https://bugzilla.suse.com/1183540 https://bugzilla.suse.com/1183897 https://bugzilla.suse.com/1184318 https://bugzilla.suse.com/1185726 https://bugzilla.suse.com/1185902 https://bugzilla.suse.com/1186332 https://bugzilla.suse.com/1187541 https://bugzilla.suse.com/1189126 https://bugzilla.suse.com/1189158 https://bugzilla.suse.com/1191793 https://bugzilla.suse.com/1191876 https://bugzilla.suse.com/1192267 https://bugzilla.suse.com/1192320 https://bugzilla.suse.com/1192507 https://bugzilla.suse.com/1192511 https://bugzilla.suse.com/1192569 https://bugzilla.suse.com/1192606 https://bugzilla.suse.com/1192691 https://bugzilla.suse.com/1192845 https://bugzilla.suse.com/1192847 https://bugzilla.suse.com/1192874 https://bugzilla.suse.com/1192877 https://bugzilla.suse.com/1192946 https://bugzilla.suse.com/1192969 https://bugzilla.suse.com/1192987 https://bugzilla.suse.com/1192990 https://bugzilla.suse.com/1192998 https://bugzilla.suse.com/1193002 https://bugzilla.suse.com/1193042 https://bugzilla.suse.com/1193139 https://bugzilla.suse.com/1193169 https://bugzilla.suse.com/1193306 https://bugzilla.suse.com/1193318 https://bugzilla.suse.com/1193349 https://bugzilla.suse.com/1193440 https://bugzilla.suse.com/1193442 https://bugzilla.suse.com/1193655 https://bugzilla.suse.com/1193993 https://bugzilla.suse.com/1194087 https://bugzilla.suse.com/1194094 https://bugzilla.suse.com/1194175 https://bugzilla.suse.com/1194176 https://bugzilla.suse.com/1194177 https://bugzilla.suse.com/1194266

1 0

openSUSE-SU-2022:0058-1: important: Security update for MozillaThunderbird
by opensuse-security＠opensuse.org 01 Mar '22

01 Mar '22

openSUSE Security Update: Security update for MozillaThunderbird ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0058-1 Rating: important References: #1144018 #1181400 #1194020 #1194215 #1194681 Cross-References: CVE-2020-15803 CVE-2021-27927 CVE-2021-4126 CVE-2021-44538 CVE-2022-23134 CVSS scores: CVE-2020-15803 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2020-15803 (SUSE): 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N CVE-2021-4126 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2021-44538 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-23134 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVE-2022-23134 (SUSE): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: openSUSE Backports SLE-15-SP3 openSUSE Leap 15.3 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 91.4.1 - CVE-2021-4126: OpenPGP signature status doesn't consider additional message content. (bsc#1194215) - CVE-2021-44538: Matrix chat library libolm bundled with Thunderbird vulnerable to a buffer overflow. (bsc#1194020) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-58=1 - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-58=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): MozillaThunderbird-91.4.1-8.48.1 MozillaThunderbird-debuginfo-91.4.1-8.48.1 MozillaThunderbird-debugsource-91.4.1-8.48.1 MozillaThunderbird-translations-common-91.4.1-8.48.1 MozillaThunderbird-translations-other-91.4.1-8.48.1 - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64): zabbix-agent-4.0.38-bp153.2.3.1 zabbix-java-gateway-4.0.38-bp153.2.3.1 zabbix-phpfrontend-4.0.38-bp153.2.3.1 zabbix-proxy-4.0.38-bp153.2.3.1 zabbix-proxy-mysql-4.0.38-bp153.2.3.1 zabbix-proxy-postgresql-4.0.38-bp153.2.3.1 zabbix-proxy-sqlite-4.0.38-bp153.2.3.1 zabbix-server-4.0.38-bp153.2.3.1 zabbix-server-mysql-4.0.38-bp153.2.3.1 zabbix-server-postgresql-4.0.38-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2020-15803.html https://www.suse.com/security/cve/CVE-2021-27927.html https://www.suse.com/security/cve/CVE-2021-4126.html https://www.suse.com/security/cve/CVE-2021-44538.html https://www.suse.com/security/cve/CVE-2022-23134.html https://bugzilla.suse.com/1144018 https://bugzilla.suse.com/1181400 https://bugzilla.suse.com/1194020 https://bugzilla.suse.com/1194215 https://bugzilla.suse.com/1194681

1 0

openSUSE-SU-2022:0061-1: moderate: Security update for mc
by opensuse-security＠opensuse.org 01 Mar '22

01 Mar '22

openSUSE Security Update: Security update for mc ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0061-1 Rating: moderate References: #1190180 Cross-References: CVE-2021-36370 CVSS scores: CVE-2021-36370 (SUSE): 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for mc fixes the following issues: Midnight Commander 4.8.27: * Core - Reimplement version detection (#3603, #4249) - Significantly reduce rebuilt time after version change (#2252, #4266) - Drop automatic migration of configuration from ~/.mc to XDG-based directories (#3682) - zsh: support custom configuration file: ~/.local/share/mc/.zshrc (#4203) - Widgets: implement WST_VISIBLE state to show/hide widgets (#2919) - Find File: add Follow symlinks option (#2020) * VFS - extfs: support unrar-6 (#4154) - extfs: support official 7z binary (7zz) (#4239) - ftpfs: apply file list parser from lftp project (#2841, #3174) * Editor - Word completion: get candidates from all open files (#4160) - etags: get rid of hardcoded list length and window width (#4132) - Update syntax files: - python (#4140) - Add syntax highlighting: - Verilog and SystemVerilog? header files (#4215) - JSON (#4250) - openrc-run scripts (#4246) * Misc - Filehighlight of c++ and h++ files as sources (#4194) - Filehighlight of JSON files as documents (#4250) - Support of alacritty terminal emulator (��https://github.com/alacritty/alacritty) (#4248) - Support of foot terminal emulator (��https://codeberg.org/dnkl/foot) (#4251) - Support of (alt+)shift+arrow keys in st terminal emulator (st.suckless.org) (#4267) - Mouse support in screen: don't check variable (#4233) - mc.ext: support fb2 e-books (#4167) - ext.d: use mediainfo to view info about various media files (#4167) - Remove OS/distro-specific package-related stuff from source tree (#4217) * Fixes - FTBFS against NCurses on OS X 10.9.5 (#4181) - Segfault on dialog before panels get visible (#4244) - Crash if shadow is out of screen (build against NCurses) (#4192) - Crash in search (#4222) - Crash on startup with enabled subshell in FreeBSD (workaround) (#4213) - Hang on start randomly with zsh as subshell (#4198) - If command line is invisible it's partially displayed (#4182) - Broken handling of zip archives (#4180, #4183) - Broken handling of jar files as zip archives (#4223) - Timestamps of symlinks, sockets, fifos, etc are not preserved after copy/move (#3985) - %view action in the user menu doesn't work on no-exec filesystem (#4242) - Hardlinks are not colored by file type or extension (#3375) - mcedit: silent macro makes terminal disrupted (#4171) - mcedit: disrupting of TAGS file path (#4207) - vfs: unable to browse compressed tar archives (#4191) - sftpfs vfs: CVE-2021-36370: server fingerprint isn't verified (discovered by AUT-milCERT during an audit of open source software) (#4259) - ftpfs vfs: month of file is always January (#4260) - Tests: log files are written by libcheck and automake simultaneously (#3986) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-61=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64): mc-4.8.27-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (noarch): mc-lang-4.8.27-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-36370.html https://bugzilla.suse.com/1190180

1 0

openSUSE-SU-2022:0062-1: important: Security update for cobbler
by opensuse-security＠opensuse.org 01 Mar '22

01 Mar '22

openSUSE Security Update: Security update for cobbler ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0062-1 Rating: important References: #1184561 #1185679 #1186124 #1189458 #1193671 #1193673 #1193675 #1193676 #1193678 #1194333 #1195906 #1195918 Cross-References: CVE-2021-40323 CVE-2021-40324 CVE-2021-40325 CVE-2021-45082 CVE-2021-45083 CVE-2021-45942 CVSS scores: CVE-2021-40323 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2021-40324 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-40325 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2021-45082 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-45083 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2021-45083 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N CVE-2021-45942 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-45942 (SUSE): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H Affected Products: openSUSE Backports SLE-15-SP3 openSUSE Leap 15.3 ______________________________________________________________________________ An update that solves 6 vulnerabilities and has 6 fixes is now available. Description: This update for cobbler fixes the following issues: - CVE-2021-45083: Fixed unsafe permissions on sensitive files (bsc#1193671). - CVE-2021-45082: Fixed incomplete template sanitation (bsc#1193678). - CVE-2021-40323, CVE-2021-40324, CVE-2021-40325: Fixed Remote Code Execution in the XMLRPC API which additionally allowed arbitrary file read and write as root (boo#1189458). The following non-security bugs were fixed: - Fix issues with installation module logging and validation (boo#1195918) - Move configuration files ownership to apache (boo#1195906) - Remove hardcoded test credentials (boo#1193673) - Prevent log pollution (boo#1193675) - Missing sanity check on MongoDB configuration file (boo#1193676) - Avoid traceback when building tftp files for ppc arch system when boot_loader is not set (boo#1185679) - Prevent some race conditions when writting tftpboot files and the destination directory is not existing (boo#1186124) - Fix trail stripping in case of using UTF symbols (boo#1184561) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-62=1 - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-62=1 Package List: - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): libIlmImf-2_2-23-2.2.1-3.41.1 libIlmImf-2_2-23-debuginfo-2.2.1-3.41.1 libIlmImfUtil-2_2-23-2.2.1-3.41.1 libIlmImfUtil-2_2-23-debuginfo-2.2.1-3.41.1 openexr-2.2.1-3.41.1 openexr-debuginfo-2.2.1-3.41.1 openexr-debugsource-2.2.1-3.41.1 openexr-devel-2.2.1-3.41.1 openexr-doc-2.2.1-3.41.1 - openSUSE Leap 15.3 (x86_64): libIlmImf-2_2-23-32bit-2.2.1-3.41.1 libIlmImf-2_2-23-32bit-debuginfo-2.2.1-3.41.1 libIlmImfUtil-2_2-23-32bit-2.2.1-3.41.1 libIlmImfUtil-2_2-23-32bit-debuginfo-2.2.1-3.41.1 - openSUSE Backports SLE-15-SP3 (noarch): cobbler-3.1.2-bp153.2.3.1 cobbler-tests-3.1.2-bp153.2.3.1 cobbler-web-3.1.2-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-40323.html https://www.suse.com/security/cve/CVE-2021-40324.html https://www.suse.com/security/cve/CVE-2021-40325.html https://www.suse.com/security/cve/CVE-2021-45082.html https://www.suse.com/security/cve/CVE-2021-45083.html https://www.suse.com/security/cve/CVE-2021-45942.html https://bugzilla.suse.com/1184561 https://bugzilla.suse.com/1185679 https://bugzilla.suse.com/1186124 https://bugzilla.suse.com/1189458 https://bugzilla.suse.com/1193671 https://bugzilla.suse.com/1193673 https://bugzilla.suse.com/1193675 https://bugzilla.suse.com/1193676 https://bugzilla.suse.com/1193678 https://bugzilla.suse.com/1194333 https://bugzilla.suse.com/1195906 https://bugzilla.suse.com/1195918

1 0

openSUSE-SU-2022:0054-1: moderate: Security update for sphinx
by opensuse-security＠opensuse.org 01 Mar '22

01 Mar '22

openSUSE Security Update: Security update for sphinx ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0054-1 Rating: moderate References: #1157590 #1195227 Cross-References: CVE-2020-29050 CVSS scores: CVE-2020-29050 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: openSUSE Leap 15.3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for sphinx fixes the following issues: - CVE-2020-29050: SphinxSearch in Sphinx Technologies Sphinx allows directory traversal (in conjunction with CVE-2019-14511) because the mysql client can be used for CALL SNIPPETS and load_file operations on a full pathname (e.g., a file in the /etc directory). (boo#1195227) - update to 2.0.6 release Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-2022-54=1 Package List: - openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64): libsphinxclient-0_0_1-2.2.11-lp153.2.3.1 libsphinxclient-devel-2.2.11-lp153.2.3.1 sphinx-2.2.11-lp153.2.3.1 sphinx-debuginfo-2.2.11-lp153.2.3.1 sphinx-debugsource-2.2.11-lp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2020-29050.html https://bugzilla.suse.com/1157590 https://bugzilla.suse.com/1195227

1 0