Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2023:3171-1
Rating:	important
References:	#1150305 #1193629 #1194869 #1207894 #1208788 #1210565 #1210584 #1210853 #1211243 #1211811 #1211867 #1212301 #1212846 #1212905 #1213010 #1213011 #1213012 #1213013 #1213014 #1213015 #1213016 #1213017 #1213018 #1213019 #1213020 #1213021 #1213024 #1213025 #1213032 #1213034 #1213035 #1213036 #1213037 #1213038 #1213039 #1213040 #1213041 #1213059 #1213061 #1213087 #1213088 #1213089 #1213090 #1213092 #1213093 #1213094 #1213095 #1213096 #1213098 #1213099 #1213100 #1213102 #1213103 #1213104 #1213105 #1213106 #1213107 #1213108 #1213109 #1213110 #1213111 #1213112 #1213113 #1213114 #1213134 #1213245 #1213247 #1213252 #1213258 #1213259 #1213263 #1213264 #1213286 #1213523 #1213524 #1213543 #1213705
Cross-References:	CVE-2023-20593 CVE-2023-2985 CVE-2023-3117 CVE-2023-31248 CVE-2023-3390 CVE-2023-35001 CVE-2023-3812
CVSS scores:	CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2023-20593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2023-2985 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2023-2985 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2023-3117 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3117 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-31248 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-31248 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3390 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3390 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-35001 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-35001 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3812 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2023-3812 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:	Basesystem Module 15-SP4 Development Tools Module 15-SP4 Legacy Module 15-SP4 openSUSE Leap 15.4 openSUSE Leap Micro 5.3 openSUSE Leap Micro 5.4 SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise High Availability Extension 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise Live Patching 15-SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro for Rancher 5.3 SUSE Linux Enterprise Micro for Rancher 5.4 SUSE Linux Enterprise Real Time 15 SP4 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Workstation Extension 15 SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3

An update that solves seven vulnerabilities and has 70 fixes can now be installed.

Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

• CVE-2023-2985: Fixed an use-after-free vulnerability in hfsplus_put_super in fs/hfsplus/super.c that could allow a local user to cause a denial of service (bsc#1211867).
• CVE-2023-3117: Fixed an use-after-free vulnerability in the netfilter subsystem when processing named and anonymous sets in batch requests that could allow a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system (bsc#1213245).
• CVE-2023-3390: Fixed an use-after-free vulnerability in the netfilter subsystem in net/netfilter/nf_tables_api.c that could allow a local attacker with user access to cause a privilege escalation issue (bsc#1212846).
• CVE-2023-3812: Fixed an out-of-bounds memory access flaw in the TUN/TAP device driver functionality that could allow a local user to crash or potentially escalate their privileges on the system (bsc#1213543).
• CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potentially access sensitive information (bsc#1213286).
• CVE-2023-31248: Fixed an use-after-free vulnerability in nft_chain_lookup_byid that could allow a local attacker to escalate their privilege (bsc#1213061).
• CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nft_byteorder that could allow a local attacker to escalate their privilege (bsc#1213059).

The following non-security bugs were fixed:

• ACPI: utils: Fix acpi_evaluate_dsm_typed() redefinition error (git-fixes).
• ALSA: fireface: make read-only const array for model names static (git-fixes).
• ALSA: hda/realtek - remove 3k pull low procedure (git-fixes).
• ALSA: hda/realtek: Add quirk for ASUS ROG G614Jx (git-fixes).
• ALSA: hda/realtek: Add quirk for ASUS ROG GA402X (git-fixes).
• ALSA: hda/realtek: Add quirk for ASUS ROG GX650P (git-fixes).
• ALSA: hda/realtek: Add quirk for ASUS ROG GZ301V (git-fixes).
• ALSA: hda/realtek: Add quirk for Clevo NPx0SNx (git-fixes).
• ALSA: hda/realtek: Add quirk for Clevo NS70AU (git-fixes).
• ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760 (git-fixes).
• ALSA: hda/realtek: Add support for DELL Oasis 13/14/16 laptops (git-fixes).
• ALSA: hda/realtek: Amend G634 quirk to enable rear speakers (git-fixes).
• ALSA: hda/realtek: Enable Mute LED on HP Laptop 15s-eq2xxx (git-fixes).
• ALSA: hda/realtek: Fix generic fixup definition for cs35l41 amp (git-fixes).
• ALSA: hda/realtek: Whitespace fix (git-fixes).
• ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() (git-fixes).
• ALSA: oxfw: make read-only const array models static (git-fixes).
• ALSA: pcm: Fix potential data race at PCM memory allocation helpers (git-fixes).
• ASoC: codecs: wcd-mbhc-v2: fix resource leaks on component remove (git-fixes).
• ASoC: codecs: wcd934x: fix resource leaks on component remove (git-fixes).
• ASoC: codecs: wcd938x: fix codec initialisation race (git-fixes).
• ASoC: codecs: wcd938x: fix dB range for HPHL and HPHR (git-fixes).
• ASoC: codecs: wcd938x: fix missing clsh ctrl error handling (git-fixes).
• ASoC: codecs: wcd938x: fix soundwire initialisation race (git-fixes).
• ASoC: tegra: Fix ADX byte map (git-fixes).
• ASoC: tegra: Fix AMX byte map (git-fixes).
• Add MODULE_FIRMWARE() for FIRMWARE_TG357766 (git-fixes).
• Documentation: ABI: sysfs-class-net-qmi: pass_through contact update (git-fixes).
• Documentation: bonding: fix the doc of peer_notif_delay (git-fixes).
• Documentation: timers: hrtimers: Make hybrid union historical (git-fixes).
• Enable NXP SNVS RTC driver for i.MX 8MQ/8MP (jsc#PED-4758)
• Fix documentation of panic_on_warn (git-fixes).
• IB/hfi1: Use bitmap_zalloc() when applicable (git-fixes)
• PCI/PM: Avoid putting EloPOS E2/S2/H2 PCIe Ports in D3cold (git-fixes).
• PCI: Add function 1 DMA alias quirk for Marvell 88SE9235 (git-fixes).
• RDMA/rxe: Fix access checks in rxe_check_bind_mw (git-fixes)
• Revert "arm64: dts: zynqmp: Add address-cells property to interrupt (git-fixes)
• Revert "drm/amd/display: edp do not add non-edid timings" (git-fixes).
• USB: dwc2: Fix some error handling paths (git-fixes).
• USB: dwc2: platform: Improve error reporting for problems during .remove() (git-fixes).
• USB: gadget: udc: core: Offload usb_udc_vbus_handler processing (git-fixes).
• USB: gadget: udc: core: Prevent soft_connect_store() race (git-fixes).
• USB: serial: option: add LARA-R6 01B PIDs (git-fixes).
• Update config and supported.conf files due to renaming.
• apparmor: fix missing error check for rhashtable_insert_fast (git-fixes).
• arm64/mm: mark private VM_FAULT_X defines as vm_fault_t (git-fixes)
• arm64: dts: microchip: sparx5: do not use PSCI on reference boards (git-fixes)
• arm64: vdso: Pass (void *) to virt_to_page() (git-fixes)
• arm64: xor-neon: mark xor_arm64_neon_*() static (git-fixes)
• can: bcm: Fix UAF in bcm_proc_show() (git-fixes).
• cifs: add a warning when the in-flight count goes negative (bsc#1193629).
• cifs: address unused variable warning (bsc#1193629).
• cifs: do all necessary checks for credits within or before locking (bsc#1193629).
• cifs: fix lease break oops in xfstest generic/098 (bsc#1193629).
• cifs: fix max_credits implementation (bsc#1193629).
• cifs: fix session state check in reconnect to avoid use-after-free issue (bsc#1193629).
• cifs: fix session state check in smb2_find_smb_ses (bsc#1193629).
• cifs: fix session state transition to avoid use-after-free issue (bsc#1193629).
• cifs: fix sockaddr comparison in iface_cmp (bsc#1193629).
• cifs: fix status checks in cifs_tree_connect (bsc#1193629).
• cifs: log session id when a matching ses is not found (bsc#1193629).
• cifs: new dynamic tracepoint to track ses not found errors (bsc#1193629).
• cifs: prevent use-after-free by freeing the cfile later (bsc#1193629).
• cifs: print all credit counters in DebugData (bsc#1193629).
• cifs: print client_guid in DebugData (bsc#1193629).
• cifs: print more detail when invalidate_inode_mapping fails (bsc#1193629).
• cifs: print nosharesock value while dumping mount options (bsc#1193629).
• clk: qcom: camcc-sc7180: Add parent dependency to all camera GDSCs (git-fixes).
• clk: qcom: gcc-ipq6018: Use floor ops for sdcc clocks (git-fixes).
• codel: fix kernel-doc notation warnings (git-fixes).
• crypto: kpp - Add helper to set reqsize (git-fixes).
• crypto: qat - Use helper to set reqsize (git-fixes).
• devlink: fix kernel-doc notation warnings (git-fixes).
• docs: networking: Update codeaurora references for rmnet (git-fixes).
• drm/amd/display: Correct DMUB_FW_VERSION macro (git-fixes).
• drm/amdgpu: Set vmbo destroy after pt bo is created (git-fixes).
• drm/amdgpu: Validate VM ioctl flags (git-fixes).
• drm/amdgpu: avoid restore process run into dead loop (git-fixes).
• drm/amdgpu: fix clearing mappings for BOs that are always valid in VM (git-fixes).
• drm/atomic: Allow vblank-enabled + self-refresh "disable" (git-fixes).
• drm/atomic: Fix potential use-after-free in nonblocking commits (git-fixes).
• drm/bridge: tc358768: Add atomic_get_input_bus_fmts() implementation (git-fixes).
• drm/bridge: tc358768: fix TCLK_TRAILCNT computation (git-fixes).
• drm/bridge: tc358768: fix THS_TRAILCNT computation (git-fixes).
• drm/bridge: tc358768: fix THS_ZEROCNT computation (git-fixes).
• drm/client: Fix memory leak in drm_client_target_cloned (git-fixes).
• drm/i915/psr: Use hw.adjusted mode when calculating io/fast wake times (git-fixes).
• drm/i915: Fix one wrong caching mode enum usage (git-fixes).
• drm/msm/disp/dpu: get timing engine status from intf status register (git-fixes).
• drm/msm/dpu: Set DPU_DATA_HCTL_EN for in INTF_SC7180_MASK (git-fixes).
• drm/panel: simple: Add Powertip PH800480T013 drm_display_mode flags (git-fixes).
• drm/panel: simple: Add connector_type for innolux_at043tn24 (git-fixes).
• drm/ttm: Do not leak a resource on swapout move error (git-fixes).
• dt-bindings: phy: brcm,brcmstb-usb-phy: Fix error in "compatible" conditional schema (git-fixes).
• ext4: Fix reusing stale buffer heads from last failed mounting (bsc#1213020).
• ext4: add EA_INODE checking to ext4_iget() (bsc#1213106).
• ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid() (bsc#1213088).
• ext4: add lockdep annotations for i_data_sem for ea_inode's (bsc#1213109).
• ext4: add strict range checks while freeing blocks (bsc#1213089).
• ext4: avoid deadlock in fs reclaim with page writeback (bsc#1213016).
• ext4: bail out of ext4_xattr_ibody_get() fails for any reason (bsc#1213018).
• ext4: block range must be validated before use in ext4_mb_clear_bb() (bsc#1213090).
• ext4: check iomap type only if ext4_iomap_begin() does not fail (bsc#1213103).
• ext4: disallow ea_inodes with extended attributes (bsc#1213108).
• ext4: fail ext4_iget if special inode unallocated (bsc#1213010).
• ext4: fix WARNING in ext4_update_inline_data (bsc#1213012).
• ext4: fix WARNING in mb_find_extent (bsc#1213099).
• ext4: fix bug_on in __es_tree_search caused by bad quota inode (bsc#1213111).
• ext4: fix data races when using cached status extents (bsc#1213102).
• ext4: fix deadlock when converting an inline directory in nojournal mode (bsc#1213105).
• ext4: fix i_disksize exceeding i_size problem in paritally written case (bsc#1213015).
• ext4: fix lockdep warning when enabling MMP (bsc#1213100).
• ext4: fix task hung in ext4_xattr_delete_inode (bsc#1213096).
• ext4: fix to check return value of freeze_bdev() in ext4_shutdown() (bsc#1213021).
• ext4: fix use-after-free read in ext4_find_extent for bigalloc + inline (bsc#1213098).
• ext4: improve error handling from ext4_dirhash() (bsc#1213104).
• ext4: improve error recovery code paths in __ext4_remount() (bsc#1213017).
• ext4: move where set the MAY_INLINE_DATA flag is set (bsc#1213011).
• ext4: only update i_reserved_data_blocks on successful block allocation (bsc#1213019).
• ext4: refactor ext4_free_blocks() to pull out ext4_mb_clear_bb() (bsc#1213087).
• ext4: refuse to create ea block when umounted (bsc#1213093).
• ext4: set lockdep subclass for the ea_inode in ext4_xattr_inode_cache_find() (bsc#1213107).
• ext4: turn quotas off if mount failed after enabling quotas (bsc#1213110).
• ext4: update s_journal_inum if it changes after journal replay (bsc#1213094).
• ext4: use ext4_fc_tl_mem in fast-commit replay path (bsc#1213092).
• ext4: zero i_disksize when initializing the bootloader inode (bsc#1213013).
• fbdev: au1200fb: Fix missing IRQ check in au1200fb_drv_probe (git-fixes).
• fbdev: imxfb: warn about invalid left/right margin (git-fixes).
• fuse: ioctl: translate ENOSYS in outarg (bsc#1213524).
• fuse: revalidate: do not invalidate if interrupted (bsc#1213523).
• hvcs: Fix hvcs port reference counting (bsc#1213134 ltc#202861).
• hvcs: Get reference to tty in remove (bsc#1213134 ltc#202861).
• hvcs: Synchronize hotplug remove with port free (bsc#1213134 ltc#202861).
• hvcs: Use dev_groups to manage hvcs device attributes (bsc#1213134 ltc#202861).
• hvcs: Use driver groups to manage driver attributes (bsc#1213134 ltc#202861).
• hvcs: Use vhangup in hotplug remove (bsc#1213134 ltc#202861).
• hwmon: (adm1275) Allow setting sample averaging (git-fixes).
• hwmon: (pmbus/adm1275) Fix problems with temperature monitoring on ADM1272 (git-fixes).
• i2c: xiic: Defer xiic_wakeup() and __xiic_start_xfer() in xiic_process() (git-fixes).
• i2c: xiic: Do not try to handle more interrupt events after error (git-fixes).
• inotify: Avoid reporting event with invalid wd (bsc#1213025).
• jbd2: fix data missing when reusing bh which is ready to be checkpointed (bsc#1213095).
• jdb2: Do not refuse invalidation of already invalidated buffers (bsc#1213014).
• kABI: do not check external trampolines for signature (kabi bsc#1207894 bsc#1211243).
• kabi/severities: Add VAS symbols changed due to recent fix VAS accelerators are directly tied to the architecture, there is no reason to have out-of-tree production drivers
• kselftest: vDSO: Fix accumulation of uninitialized ret when CLOCK_REALTIME is undefined (git-fixes).
• leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename (git-fixes).
• media: atomisp: gmin_platform: fix out_len in gmin_get_config_dsm_var() (git-fixes).
• media: cec: i2c: ch7322: also select REGMAP (git-fixes).
• media: i2c: Correct format propagation for st-mipid02 (git-fixes).
• media: usb: Check az6007_read() return value (git-fixes).
• media: usb: siano: Fix warning due to null work_func_t function pointer (git-fixes).
• media: venus: helpers: Fix ALIGN() of non power of two (git-fixes).
• media: videodev2.h: Fix struct v4l2_input tuner index comment (git-fixes).
• memcg: drop kmem.limit_in_bytes (bsc#1208788, bsc#1212905).
• mmc: core: disable TRIM on Kingston EMMC04G-M627 (git-fixes).
• mmc: sdhci: fix DMA configure compatibility issue when 64bit DMA mode is used (git-fixes).
• net: mana: Add support for vlan tagging (bsc#1212301).
• net: phy: prevent stale pointer dereference in phy_init() (git-fixes).
• ntb: amd: Fix error handling in amd_ntb_pci_driver_init() (git-fixes).
• ntb: idt: Fix error handling in idt_pci_driver_init() (git-fixes).
• ntb: intel: Fix error handling in intel_ntb_pci_driver_init() (git-fixes).
• ntb: ntb_tool: Add check for devm_kcalloc (git-fixes).
• ntb: ntb_transport: fix possible memory leak while device_register() fails (git-fixes).
• nvme-multipath: support io stats on the mpath device (bsc#1210565).
• nvme: introduce nvme_start_request (bsc#1210565).
• ocfs2: Switch to security_inode_init_security() (git-fixes).
• ocfs2: check new file size on fallocate call (git-fixes).
• ocfs2: fix use-after-free when unmounting read-only filesystem (git-fixes).
• opp: Fix use-after-free in lazy_opp_tables after probe deferral (git-fixes).
• phy: Revert "phy: Remove SOC_EXYNOS4212 dep. from PHY_EXYNOS4X12_USB" (git-fixes).
• phy: tegra: xusb: Clear the driver reference in usb-phy dev (git-fixes).
• phy: tegra: xusb: check return value of devm_kzalloc() (git-fixes).
• pie: fix kernel-doc notation warning (git-fixes).
• pinctrl: amd: Detect internal GPIO0 debounce handling (git-fixes).
• pinctrl: amd: Fix mistake in handling clearing pins at startup (git-fixes).
• pinctrl: amd: Only use special debounce behavior for GPIO 0 (git-fixes).
• powerpc/64: Only WARN if __pa()/__va() called with bad addresses (bsc#1194869).
• powerpc/64s: Fix VAS mm use after free (bsc#1194869).
• powerpc/book3s64/mm: Fix DirectMap stats in /proc/meminfo (bsc#1194869).
• powerpc/bpf: Fix use of user_pt_regs in uapi (bsc#1194869).
• powerpc/ftrace: Remove ftrace init tramp once kernel init is complete (bsc#1194869).
• powerpc/interrupt: Do not read MSR from interrupt_exit_kernel_prepare() (bsc#1194869).
• powerpc/mm/dax: Fix the condition when checking if altmap vmemap can cross-boundary (bsc#1150305 ltc#176097 git-fixes).
• powerpc/mm: Switch obsolete dssall to .long (bsc#1194869).
• powerpc/powernv/sriov: perform null check on iov before dereferencing iov (bsc#1194869).
• powerpc/powernv/vas: Assign real address to rx_fifo in vas_rx_win_attr (bsc#1194869).
• powerpc/prom_init: Fix kernel config grep (bsc#1194869).
• powerpc/secvar: fix refcount leak in format_show() (bsc#1194869).
• powerpc/xics: fix refcount leak in icp_opal_init() (bsc#1194869).
• powerpc: clean vdso32 and vdso64 directories (bsc#1194869).
• powerpc: define get_cycles macro for arch-override (bsc#1194869).
• powerpc: update ppc_save_regs to save current r1 in pt_regs (bsc#1194869).
• pwm: ab8500: Fix error code in probe() (git-fixes).
• pwm: imx-tpm: force 'real_period' to be zero in suspend (git-fixes).
• pwm: sysfs: Do not apply state to already disabled PWMs (git-fixes).
• rpm/check-for-config-changes: ignore also RISCV_ISA_ and DYNAMIC_SIGFRAME They depend on CONFIG_TOOLCHAIN_HAS_.
• rsi: remove kernel-doc comment marker (git-fixes).
• s390/ap: fix status returned by ap_aqic() (git-fixes bsc#1213259).
• s390/ap: fix status returned by ap_qact() (git-fixes bsc#1213258).
• s390/debug: add ASM_S390 prefix to header guard (git-fixes bsc#1213263).
• s390/percpu: add READ_ONCE() to arch_this_cpu_to_op_simple() (git-fixes bsc#1213252).
• s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36 (git-fixes bsc#1213264).
• s390: discard .interp section (git-fixes bsc#1213247).
• sched/debug: fix dentry leak in update_sched_domain_debugfs (git-fixes)
• sched: Fix DEBUG && !SCHEDSTATS warn (git-fixes)
• security: keys: Modify mismatched function name (git-fixes).
• selftests: mptcp: depend on SYN_COOKIES (git-fixes).
• selftests: mptcp: sockopt: return error if wrong mark (git-fixes).
• selftests: rtnetlink: remove netdevsim device after ipsec offload test (git-fixes).
• selftests: tc: add 'ct' action kconfig dep (git-fixes).
• selftests: tc: add ConnTrack procfs kconfig (git-fixes).
• selftests: tc: set timeout to 15 minutes (git-fixes).
• signal/powerpc: On swapcontext failure force SIGSEGV (bsc#1194869).
• signal: Replace force_sigsegv(SIGSEGV) with force_fatal_sig(SIGSEGV) (bsc#1194869).
• smb3: do not reserve too many oplock credits (bsc#1193629).
• smb3: missing null check in SMB2_change_notify (bsc#1193629).
• smb: client: fix broken file attrs with nodfs mounts (bsc#1193629).
• smb: client: fix missed ses refcounting (git-fixes).
• smb: client: fix parsing of source mount option (bsc#1193629).
• smb: client: fix shared DFS root mounts with different prefixes (bsc#1193629).
• smb: client: fix warning in CIFSFindFirst() (bsc#1193629).
• smb: client: fix warning in CIFSFindNext() (bsc#1193629).
• smb: client: fix warning in cifs_match_super() (bsc#1193629).
• smb: client: fix warning in cifs_smb3_do_mount() (bsc#1193629).
• smb: client: fix warning in generic_ip_connect() (bsc#1193629).
• smb: client: improve DFS mount check (bsc#1193629).
• smb: client: remove redundant pointer 'server' (bsc#1193629).
• smb: delete an unnecessary statement (bsc#1193629).
• smb: move client and server files to common directory fs/smb (bsc#1193629).
• smb: remove obsolete comment (bsc#1193629).
• soundwire: qcom: fix storing port config out-of-bounds (git-fixes).
• spi: bcm-qspi: return error if neither hif_mspi nor mspi is available (git-fixes).
• spi: bcm63xx: fix max prepend length (git-fixes).
• tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (git-fixes).
• tty: serial: fsl_lpuart: add earlycon for imx8ulp platform (git-fixes).
• ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size (bsc#1210584).
• ubi: ensure that VID header offset + VID header size <= alloc, size (bsc#1210584).
• udf: Avoid double brelse() in udf_rename() (bsc#1213032).
• udf: Define EFSCORRUPTED error code (bsc#1213038).
• udf: Detect system inodes linked into directory hierarchy (bsc#1213114).
• udf: Discard preallocation before extending file with a hole (bsc#1213036).
• udf: Do not bother looking for prealloc extents if i_lenExtents matches i_size (bsc#1213035).
• udf: Do not bother merging very long extents (bsc#1213040).
• udf: Do not update file length for failed writes to inline files (bsc#1213041).
• udf: Fix error handling in udf_new_inode() (bsc#1213112).
• udf: Fix extending file within last block (bsc#1213037).
• udf: Fix preallocation discarding at indirect extent boundary (bsc#1213034).
• udf: Preserve link count of system files (bsc#1213113).
• udf: Truncate added extents on failed expansion (bsc#1213039).
• wifi: airo: avoid uninitialized warning in airo_get_rate() (git-fixes).
• wifi: ray_cs: Drop useless status variable in parse_addr() (git-fixes).
• wifi: ray_cs: Utilize strnlen() in parse_addr() (git-fixes).
• wifi: rtw89: debug: fix error code in rtw89_debug_priv_send_h2c_set() (git-fixes).
• wl3501_cs: use eth_hw_addr_set() (git-fixes).
• writeback: fix call of incorrect macro (bsc#1213024).
• x86: Fix .brk attribute in linker script (git-fixes).
• xfs: AIL needs asynchronous CIL forcing (bsc#1211811).
• xfs: CIL work is serialised, not pipelined (bsc#1211811).
• xfs: XLOG_STATE_IOERROR must die (bsc#1211811).
• xfs: async CIL flushes need pending pushes to be made stable (bsc#1211811).
• xfs: attach iclog callbacks in xlog_cil_set_ctx_write_state() (bsc#1211811).
• xfs: clean up the rtbitmap fsmap backend (git-fixes).
• xfs: do not deplete the reserve pool when trying to shrink the fs (git-fixes).
• xfs: do not reverse order of items in bulk AIL insertion (git-fixes).
• xfs: do not run shutdown callbacks on active iclogs (bsc#1211811).
• xfs: drop async cache flushes from CIL commits (bsc#1211811).
• xfs: factor out log write ordering from xlog_cil_push_work() (bsc#1211811).
• xfs: fix getfsmap reporting past the last rt extent (git-fixes).
• xfs: fix integer overflows in the fsmap rtbitmap and logdev backends (git-fixes).
• xfs: fix interval filtering in multi-step fsmap queries (git-fixes).
• xfs: fix logdev fsmap query result filtering (git-fixes).
• xfs: fix off-by-one error when the last rt extent is in use (git-fixes).
• xfs: fix uninitialized variable access (git-fixes).
• xfs: make fsmap backend function key parameters const (git-fixes).
• xfs: make the record pointer passed to query_range functions const (git-fixes).
• xfs: move the CIL workqueue to the CIL (bsc#1211811).
• xfs: move xlog_commit_record to xfs_log_cil.c (bsc#1211811).
• xfs: order CIL checkpoint start records (bsc#1211811).
• xfs: pass a CIL context to xlog_write() (bsc#1211811).
• xfs: pass explicit mount pointer to rtalloc query functions (git-fixes).
• xfs: rework xlog_state_do_callback() (bsc#1211811).
• xfs: run callbacks before waking waiters in xlog_state_shutdown_callbacks (bsc#1211811).
• xfs: separate out log shutdown callback processing (bsc#1211811).
• xfs: wait iclog complete before tearing down AIL (bsc#1211811).
• xhci: Fix TRB prefetch issue of ZHAOXIN hosts (git-fixes).
• xhci: Fix resume issue of some ZHAOXIN hosts (git-fixes).
• xhci: Show ZHAOXIN xHCI root hub speed correctly (git-fixes).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• openSUSE Leap 15.4
  zypper in -t patch SUSE-2023-3171=1 openSUSE-SLE-15.4-2023-3171=1
• openSUSE Leap Micro 5.3
  zypper in -t patch openSUSE-Leap-Micro-5.3-2023-3171=1
• openSUSE Leap Micro 5.4
  zypper in -t patch openSUSE-Leap-Micro-5.4-2023-3171=1
• SUSE Linux Enterprise Micro for Rancher 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2023-3171=1
• SUSE Linux Enterprise Micro 5.3
  zypper in -t patch SUSE-SLE-Micro-5.3-2023-3171=1
• SUSE Linux Enterprise Micro for Rancher 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2023-3171=1
• SUSE Linux Enterprise Micro 5.4
  zypper in -t patch SUSE-SLE-Micro-5.4-2023-3171=1
• Basesystem Module 15-SP4
  zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3171=1
• Development Tools Module 15-SP4
  zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2023-3171=1
• Legacy Module 15-SP4
  zypper in -t patch SUSE-SLE-Module-Legacy-15-SP4-2023-3171=1
• SUSE Linux Enterprise Live Patching 15-SP4
  zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2023-3171=1
  Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates.
• SUSE Linux Enterprise High Availability Extension 15 SP4
  zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2023-3171=1
• SUSE Linux Enterprise Workstation Extension 15 SP4
  zypper in -t patch SUSE-SLE-Product-WE-15-SP4-2023-3171=1

Package List:

• openSUSE Leap 15.4 (noarch nosrc)
  • kernel-docs-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (noarch)
  • kernel-devel-5.14.21-150400.24.74.1
  • kernel-source-vanilla-5.14.21-150400.24.74.1
  • kernel-macros-5.14.21-150400.24.74.1
  • kernel-docs-html-5.14.21-150400.24.74.1
  • kernel-source-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (nosrc ppc64le x86_64)
  • kernel-debug-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (ppc64le x86_64)
  • kernel-debug-debugsource-5.14.21-150400.24.74.1
  • kernel-debug-debuginfo-5.14.21-150400.24.74.1
  • kernel-debug-livepatch-devel-5.14.21-150400.24.74.1
  • kernel-debug-devel-5.14.21-150400.24.74.1
  • kernel-debug-devel-debuginfo-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
  • kernel-kvmsmall-devel-5.14.21-150400.24.74.1
  • kernel-default-base-5.14.21-150400.24.74.1.150400.24.33.3
  • kernel-default-base-rebuild-5.14.21-150400.24.74.1.150400.24.33.3
  • kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.74.1
  • kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.74.1
  • kernel-kvmsmall-debugsource-5.14.21-150400.24.74.1
  • kernel-kvmsmall-debuginfo-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • dlm-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • ocfs2-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • kernel-default-devel-debuginfo-5.14.21-150400.24.74.1
  • kselftests-kmp-default-5.14.21-150400.24.74.1
  • cluster-md-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • kselftests-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • kernel-default-livepatch-5.14.21-150400.24.74.1
  • gfs2-kmp-default-5.14.21-150400.24.74.1
  • kernel-default-livepatch-devel-5.14.21-150400.24.74.1
  • kernel-obs-build-debugsource-5.14.21-150400.24.74.1
  • reiserfs-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • ocfs2-kmp-default-5.14.21-150400.24.74.1
  • kernel-default-optional-debuginfo-5.14.21-150400.24.74.1
  • kernel-obs-qa-5.14.21-150400.24.74.1
  • dlm-kmp-default-5.14.21-150400.24.74.1
  • kernel-default-devel-5.14.21-150400.24.74.1
  • reiserfs-kmp-default-5.14.21-150400.24.74.1
  • kernel-syms-5.14.21-150400.24.74.1
  • gfs2-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • cluster-md-kmp-default-5.14.21-150400.24.74.1
  • kernel-default-extra-5.14.21-150400.24.74.1
  • kernel-default-optional-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
  • kernel-obs-build-5.14.21-150400.24.74.1
  • kernel-default-extra-debuginfo-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
  • kernel-kvmsmall-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (ppc64le s390x x86_64)
  • kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-1-150400.9.3.3
  • kernel-livepatch-SLE15-SP4_Update_15-debugsource-1-150400.9.3.3
  • kernel-livepatch-5_14_21-150400_24_74-default-1-150400.9.3.3
• openSUSE Leap 15.4 (nosrc s390x)
  • kernel-zfcpdump-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (s390x)
  • kernel-zfcpdump-debugsource-5.14.21-150400.24.74.1
  • kernel-zfcpdump-debuginfo-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (nosrc)
  • dtb-aarch64-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (aarch64)
  • kernel-64kb-devel-5.14.21-150400.24.74.1
  • dtb-exynos-5.14.21-150400.24.74.1
  • kselftests-kmp-64kb-5.14.21-150400.24.74.1
  • kernel-64kb-debuginfo-5.14.21-150400.24.74.1
  • kernel-64kb-debugsource-5.14.21-150400.24.74.1
  • kernel-64kb-optional-debuginfo-5.14.21-150400.24.74.1
  • reiserfs-kmp-64kb-5.14.21-150400.24.74.1
  • ocfs2-kmp-64kb-5.14.21-150400.24.74.1
  • dtb-arm-5.14.21-150400.24.74.1
  • cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.74.1
  • cluster-md-kmp-64kb-5.14.21-150400.24.74.1
  • dtb-sprd-5.14.21-150400.24.74.1
  • dtb-qcom-5.14.21-150400.24.74.1
  • dtb-allwinner-5.14.21-150400.24.74.1
  • dtb-nvidia-5.14.21-150400.24.74.1
  • dtb-lg-5.14.21-150400.24.74.1
  • dtb-hisilicon-5.14.21-150400.24.74.1
  • kernel-64kb-extra-5.14.21-150400.24.74.1
  • dtb-rockchip-5.14.21-150400.24.74.1
  • dtb-cavium-5.14.21-150400.24.74.1
  • dlm-kmp-64kb-debuginfo-5.14.21-150400.24.74.1
  • kernel-64kb-optional-5.14.21-150400.24.74.1
  • dtb-apm-5.14.21-150400.24.74.1
  • gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.74.1
  • dtb-socionext-5.14.21-150400.24.74.1
  • dtb-amlogic-5.14.21-150400.24.74.1
  • kernel-64kb-devel-debuginfo-5.14.21-150400.24.74.1
  • ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.74.1
  • kernel-64kb-extra-debuginfo-5.14.21-150400.24.74.1
  • dtb-marvell-5.14.21-150400.24.74.1
  • dtb-amazon-5.14.21-150400.24.74.1
  • reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.74.1
  • dtb-freescale-5.14.21-150400.24.74.1
  • dtb-mediatek-5.14.21-150400.24.74.1
  • dtb-apple-5.14.21-150400.24.74.1
  • gfs2-kmp-64kb-5.14.21-150400.24.74.1
  • kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.74.1
  • dtb-xilinx-5.14.21-150400.24.74.1
  • dlm-kmp-64kb-5.14.21-150400.24.74.1
  • dtb-amd-5.14.21-150400.24.74.1
  • kernel-64kb-livepatch-devel-5.14.21-150400.24.74.1
  • dtb-renesas-5.14.21-150400.24.74.1
  • dtb-broadcom-5.14.21-150400.24.74.1
  • dtb-altera-5.14.21-150400.24.74.1
• openSUSE Leap 15.4 (aarch64 nosrc)
  • kernel-64kb-5.14.21-150400.24.74.1
• openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64)
  • kernel-default-5.14.21-150400.24.74.1
• openSUSE Leap Micro 5.3 (aarch64 x86_64)
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
  • kernel-default-base-5.14.21-150400.24.74.1.150400.24.33.3
• openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64)
  • kernel-default-5.14.21-150400.24.74.1
• openSUSE Leap Micro 5.4 (aarch64 x86_64)
  • kernel-default-base-5.14.21-150400.24.74.1.150400.24.33.3
• openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
  • kernel-default-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
  • kernel-default-base-5.14.21-150400.24.74.1.150400.24.33.3
• SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
  • kernel-default-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
  • kernel-default-base-5.14.21-150400.24.74.1.150400.24.33.3
• SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
  • kernel-default-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
  • kernel-default-base-5.14.21-150400.24.74.1.150400.24.33.3
• SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
  • kernel-default-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
  • kernel-default-base-5.14.21-150400.24.74.1.150400.24.33.3
• SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
• Basesystem Module 15-SP4 (aarch64 nosrc)
  • kernel-64kb-5.14.21-150400.24.74.1
• Basesystem Module 15-SP4 (aarch64)
  • kernel-64kb-debuginfo-5.14.21-150400.24.74.1
  • kernel-64kb-debugsource-5.14.21-150400.24.74.1
  • kernel-64kb-devel-debuginfo-5.14.21-150400.24.74.1
  • kernel-64kb-devel-5.14.21-150400.24.74.1
• Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-5.14.21-150400.24.74.1
• Basesystem Module 15-SP4 (aarch64 ppc64le x86_64)
  • kernel-default-base-5.14.21-150400.24.74.1.150400.24.33.3
• Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64)
  • kernel-default-devel-5.14.21-150400.24.74.1
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
  • kernel-default-devel-debuginfo-5.14.21-150400.24.74.1
• Basesystem Module 15-SP4 (noarch)
  • kernel-macros-5.14.21-150400.24.74.1
  • kernel-devel-5.14.21-150400.24.74.1
• Basesystem Module 15-SP4 (nosrc s390x)
  • kernel-zfcpdump-5.14.21-150400.24.74.1
• Basesystem Module 15-SP4 (s390x)
  • kernel-zfcpdump-debugsource-5.14.21-150400.24.74.1
  • kernel-zfcpdump-debuginfo-5.14.21-150400.24.74.1
• Development Tools Module 15-SP4 (noarch nosrc)
  • kernel-docs-5.14.21-150400.24.74.1
• Development Tools Module 15-SP4 (aarch64 ppc64le s390x x86_64)
  • kernel-syms-5.14.21-150400.24.74.1
  • kernel-obs-build-debugsource-5.14.21-150400.24.74.1
  • kernel-obs-build-5.14.21-150400.24.74.1
• Development Tools Module 15-SP4 (noarch)
  • kernel-source-5.14.21-150400.24.74.1
• Legacy Module 15-SP4 (nosrc)
  • kernel-default-5.14.21-150400.24.74.1
• Legacy Module 15-SP4 (aarch64 ppc64le s390x x86_64)
  • reiserfs-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • reiserfs-kmp-default-5.14.21-150400.24.74.1
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
  • kernel-default-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-livepatch-5_14_21-150400_24_74-default-1-150400.9.3.3
  • kernel-livepatch-SLE15-SP4_Update_15-debugsource-1-150400.9.3.3
  • kernel-default-livepatch-devel-5.14.21-150400.24.74.1
  • kernel-default-livepatch-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
  • kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-1-150400.9.3.3
• SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64)
  • cluster-md-kmp-default-5.14.21-150400.24.74.1
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • dlm-kmp-default-5.14.21-150400.24.74.1
  • dlm-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • ocfs2-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • ocfs2-kmp-default-5.14.21-150400.24.74.1
  • gfs2-kmp-default-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
  • cluster-md-kmp-default-debuginfo-5.14.21-150400.24.74.1
  • gfs2-kmp-default-debuginfo-5.14.21-150400.24.74.1
• SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
  • kernel-default-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Workstation Extension 15 SP4 (nosrc)
  • kernel-default-5.14.21-150400.24.74.1
• SUSE Linux Enterprise Workstation Extension 15 SP4 (x86_64)
  • kernel-default-extra-debuginfo-5.14.21-150400.24.74.1
  • kernel-default-debugsource-5.14.21-150400.24.74.1
  • kernel-default-debuginfo-5.14.21-150400.24.74.1
  • kernel-default-extra-5.14.21-150400.24.74.1

References:

• https://www.suse.com/security/cve/CVE-2023-20593.html
• https://www.suse.com/security/cve/CVE-2023-2985.html
• https://www.suse.com/security/cve/CVE-2023-3117.html
• https://www.suse.com/security/cve/CVE-2023-31248.html
• https://www.suse.com/security/cve/CVE-2023-3390.html
• https://www.suse.com/security/cve/CVE-2023-35001.html
• https://www.suse.com/security/cve/CVE-2023-3812.html
• https://bugzilla.suse.com/show_bug.cgi?id=1150305
• https://bugzilla.suse.com/show_bug.cgi?id=1193629
• https://bugzilla.suse.com/show_bug.cgi?id=1194869
• https://bugzilla.suse.com/show_bug.cgi?id=1207894
• https://bugzilla.suse.com/show_bug.cgi?id=1208788
• https://bugzilla.suse.com/show_bug.cgi?id=1210565
• https://bugzilla.suse.com/show_bug.cgi?id=1210584
• https://bugzilla.suse.com/show_bug.cgi?id=1210853
• https://bugzilla.suse.com/show_bug.cgi?id=1211243
• https://bugzilla.suse.com/show_bug.cgi?id=1211811
• https://bugzilla.suse.com/show_bug.cgi?id=1211867
• https://bugzilla.suse.com/show_bug.cgi?id=1212301
• https://bugzilla.suse.com/show_bug.cgi?id=1212846
• https://bugzilla.suse.com/show_bug.cgi?id=1212905
• https://bugzilla.suse.com/show_bug.cgi?id=1213010
• https://bugzilla.suse.com/show_bug.cgi?id=1213011
• https://bugzilla.suse.com/show_bug.cgi?id=1213012
• https://bugzilla.suse.com/show_bug.cgi?id=1213013
• https://bugzilla.suse.com/show_bug.cgi?id=1213014
• https://bugzilla.suse.com/show_bug.cgi?id=1213015
• https://bugzilla.suse.com/show_bug.cgi?id=1213016
• https://bugzilla.suse.com/show_bug.cgi?id=1213017
• https://bugzilla.suse.com/show_bug.cgi?id=1213018
• https://bugzilla.suse.com/show_bug.cgi?id=1213019
• https://bugzilla.suse.com/show_bug.cgi?id=1213020
• https://bugzilla.suse.com/show_bug.cgi?id=1213021
• https://bugzilla.suse.com/show_bug.cgi?id=1213024
• https://bugzilla.suse.com/show_bug.cgi?id=1213025
• https://bugzilla.suse.com/show_bug.cgi?id=1213032
• https://bugzilla.suse.com/show_bug.cgi?id=1213034
• https://bugzilla.suse.com/show_bug.cgi?id=1213035
• https://bugzilla.suse.com/show_bug.cgi?id=1213036
• https://bugzilla.suse.com/show_bug.cgi?id=1213037
• https://bugzilla.suse.com/show_bug.cgi?id=1213038
• https://bugzilla.suse.com/show_bug.cgi?id=1213039
• https://bugzilla.suse.com/show_bug.cgi?id=1213040
• https://bugzilla.suse.com/show_bug.cgi?id=1213041
• https://bugzilla.suse.com/show_bug.cgi?id=1213059
• https://bugzilla.suse.com/show_bug.cgi?id=1213061
• https://bugzilla.suse.com/show_bug.cgi?id=1213087
• https://bugzilla.suse.com/show_bug.cgi?id=1213088
• https://bugzilla.suse.com/show_bug.cgi?id=1213089
• https://bugzilla.suse.com/show_bug.cgi?id=1213090
• https://bugzilla.suse.com/show_bug.cgi?id=1213092
• https://bugzilla.suse.com/show_bug.cgi?id=1213093
• https://bugzilla.suse.com/show_bug.cgi?id=1213094
• https://bugzilla.suse.com/show_bug.cgi?id=1213095
• https://bugzilla.suse.com/show_bug.cgi?id=1213096
• https://bugzilla.suse.com/show_bug.cgi?id=1213098
• https://bugzilla.suse.com/show_bug.cgi?id=1213099
• https://bugzilla.suse.com/show_bug.cgi?id=1213100
• https://bugzilla.suse.com/show_bug.cgi?id=1213102
• https://bugzilla.suse.com/show_bug.cgi?id=1213103
• https://bugzilla.suse.com/show_bug.cgi?id=1213104
• https://bugzilla.suse.com/show_bug.cgi?id=1213105
• https://bugzilla.suse.com/show_bug.cgi?id=1213106
• https://bugzilla.suse.com/show_bug.cgi?id=1213107
• https://bugzilla.suse.com/show_bug.cgi?id=1213108
• https://bugzilla.suse.com/show_bug.cgi?id=1213109
• https://bugzilla.suse.com/show_bug.cgi?id=1213110
• https://bugzilla.suse.com/show_bug.cgi?id=1213111
• https://bugzilla.suse.com/show_bug.cgi?id=1213112
• https://bugzilla.suse.com/show_bug.cgi?id=1213113
• https://bugzilla.suse.com/show_bug.cgi?id=1213114
• https://bugzilla.suse.com/show_bug.cgi?id=1213134
• https://bugzilla.suse.com/show_bug.cgi?id=1213245
• https://bugzilla.suse.com/show_bug.cgi?id=1213247
• https://bugzilla.suse.com/show_bug.cgi?id=1213252
• https://bugzilla.suse.com/show_bug.cgi?id=1213258
• https://bugzilla.suse.com/show_bug.cgi?id=1213259
• https://bugzilla.suse.com/show_bug.cgi?id=1213263
• https://bugzilla.suse.com/show_bug.cgi?id=1213264
• https://bugzilla.suse.com/show_bug.cgi?id=1213286
• https://bugzilla.suse.com/show_bug.cgi?id=1213523
• https://bugzilla.suse.com/show_bug.cgi?id=1213524
• https://bugzilla.suse.com/show_bug.cgi?id=1213543
• https://bugzilla.suse.com/show_bug.cgi?id=1213705