openSUSE Updates
Threads by month
- ----- 2024 -----
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
February 2024
- 5 participants
- 157 discussions
openSUSE-RU-2024:0049-1: moderate: Recommended update for kmozillahelper
by maintenance@opensuse.org 14 Feb '24
by maintenance@opensuse.org 14 Feb '24
14 Feb '24
openSUSE Recommended Update: Recommended update for kmozillahelper
______________________________________________________________________________
Announcement ID: openSUSE-RU-2024:0049-1
Rating: moderate
References: #1176852
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that has one recommended fix can now be installed.
Description:
This update for kmozillahelper fixes the following issues:
Update to 5.0.6:
* Exclude kmozillahelper from session management (boo#1176852)
* Supplement not only MozillaFirefox, but also MozillaThunderbird
Patch Instructions:
To install this openSUSE Recommended Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-49=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64):
kmozillahelper-5.0.6-bp155.3.5.1
kmozillahelper-debuginfo-5.0.6-bp155.3.5.1
kmozillahelper-debugsource-5.0.6-bp155.3.5.1
References:
https://bugzilla.suse.com/1176852
1
0
openSUSE-SU-2024:0048-1: important: Security update for pdns-recursor
by opensuse-security@opensuse.org 14 Feb '24
by opensuse-security@opensuse.org 14 Feb '24
14 Feb '24
openSUSE Security Update: Security update for pdns-recursor
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0048-1
Rating: important
References: #1209897 #1219823 #1219826
Cross-References: CVE-2023-26437 CVE-2023-50387 CVE-2023-50868
CVSS scores:
CVE-2023-26437 (NVD) : 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:N/A:L
CVE-2023-50387 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2023-50868 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for pdns-recursor fixes the following issues:
Update to 4.8.6:
* fixes case when crafted DNSSEC records in a zone can lead to a denial of
service in Recursor
https://doc.powerdns.com/recursor/security-advisories/powerdns-advisory-202
4-01.html (boo#1219823, boo#1219826, CVE-2023-50387, CVE-2023-50868)
Changes in 4.8.5:
* (I)XFR: handle partial read of len prefix.
* YaHTTP: Prevent integer overflow on very large chunks.
* Fix setting of policy tags for packet cache hits.
Changes in 4.8.4:
* Deterred spoofing attempts can lead to authoritative servers being
marked unavailable (boo#1209897, CVE-2023-26437)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-48=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 ppc64le x86_64):
pdns-recursor-4.8.6-bp155.2.3.1
References:
https://www.suse.com/security/cve/CVE-2023-26437.html
https://www.suse.com/security/cve/CVE-2023-50387.html
https://www.suse.com/security/cve/CVE-2023-50868.html
https://bugzilla.suse.com/1209897
https://bugzilla.suse.com/1219823
https://bugzilla.suse.com/1219826
1
0
openSUSE-SU-2024:0047-1: important: Security update for hugin
by opensuse-security@opensuse.org 14 Feb '24
by opensuse-security@opensuse.org 14 Feb '24
14 Feb '24
openSUSE Security Update: Security update for hugin
______________________________________________________________________________
Announcement ID: openSUSE-SU-2024:0047-1
Rating: important
References: #1219819 #1219820 #1219821 #1219822
Cross-References: CVE-2024-25442 CVE-2024-25443 CVE-2024-25445
CVE-2024-25446
Affected Products:
openSUSE Backports SLE-15-SP5
______________________________________________________________________________
An update that fixes four vulnerabilities is now available.
Description:
This update for hugin fixes the following issues:
Update to version 2023.0.0:
* PTBatcherGUI can now also queue user defined assistant and user
defined output sequences.
* PTBatcherGUI: Added option to generate panorama sequences from an
existing pto template.
* Assistant: Added option to select different output options like
projection, FOV or canvas size depending on different variables (e.g.
image count, field of view, lens type).
* Allow building with epoxy instead of GLEW for OpenGL pointer
management.
* Several improvements to crop tool (outside crop, aspect ratio, ...).
* Several bug fixes (e.g. in verdandi/internal blender).
* Updated translations.
- fixed: boo#1219819 (CVE-2024-25442), boo#1219820 (CVE-2024-25443)
boo#1219821 (CVE-2024-25445), boo#1219822 (CVE-2024-25446)
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2024-47=1
Package List:
- openSUSE Backports SLE-15-SP5 (aarch64 ppc64le s390x x86_64):
hugin-2023.0.0-bp155.2.3.1
References:
https://www.suse.com/security/cve/CVE-2024-25442.html
https://www.suse.com/security/cve/CVE-2024-25443.html
https://www.suse.com/security/cve/CVE-2024-25445.html
https://www.suse.com/security/cve/CVE-2024-25446.html
https://bugzilla.suse.com/1219819
https://bugzilla.suse.com/1219820
https://bugzilla.suse.com/1219821
https://bugzilla.suse.com/1219822
1
0
14 Feb '24
# Recommended update for numatop
Announcement ID: SUSE-RU-2024:0465-1
Rating: moderate
References:
* jsc#PED-5450
* jsc#PED-5667
* jsc#PED-6038
* jsc#PED-6059
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* SUSE CaaS Platform 4.0
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
An update that contains four features can now be installed.
## Description:
This update for numatop fixes the following issues:
* update to version 2.4
* Support EMR processors (jsc#PED-6059, jsc#PED-6038)
* Support Power10 processors (jsc#PED-5450, jsc#PED-5667)
* Support Zen3, Zen4 processors
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-465=1
* SUSE CaaS Platform 4.0
To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform
you if it detects new updates and let you then trigger updating of the complete
cluster in a controlled way.
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-465=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-465=1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2024-465=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-465=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-465=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-465=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-465=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-465=1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1
zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2024-465=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-465=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-465=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-465=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2024-465=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-465=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-465=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-465=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-465=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-465=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-465=1
## Package List:
* SUSE Enterprise Storage 7.1 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE CaaS Platform 4.0 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* openSUSE Leap 15.5 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* Basesystem Module 15-SP5 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Manager Proxy 4.3 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
* SUSE Manager Server 4.3 (ppc64le x86_64)
* numatop-debuginfo-2.4-150100.3.9.1
* numatop-2.4-150100.3.9.1
* numatop-debugsource-2.4-150100.3.9.1
## References:
* https://jira.suse.com/browse/PED-5450
* https://jira.suse.com/browse/PED-5667
* https://jira.suse.com/browse/PED-6038
* https://jira.suse.com/browse/PED-6059
1
0
14 Feb '24
# Recommended update for syslinux
Announcement ID: SUSE-RU-2024:0466-1
Rating: important
References:
* jsc#MSC-749
Affected Products:
* Basesystem Module 15-SP5
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Manager Server 4.3 Module 4.3
An update that contains one feature can now be installed.
## Description:
This update for syslinux fixes the following issues:
* syslinux RPM package was rebuilt to address issues with aarch64 built
binaries
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-466=1
* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-466=1
* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-466=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-466=1
* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-466=1
* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-466=1
* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-466=1
* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-466=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-466=1
* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-466=1
* SUSE Manager Server 4.3 Module 4.3
zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-466=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-466=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-466=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-466=1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-466=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-466=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-466=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-466=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-466=1
* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-466=1
* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-466=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-466=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-466=1
## Package List:
* openSUSE Leap 15.3 (x86_64 i586)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x)
* syslinux-debuginfo-x86_64-4.04-150300.17.2.1
* syslinux-x86_64-4.04-150300.17.2.1
* openSUSE Leap Micro 5.3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* openSUSE Leap Micro 5.4 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* openSUSE Leap 15.5 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x)
* syslinux-debuginfo-x86_64-4.04-150300.17.2.1
* syslinux-x86_64-4.04-150300.17.2.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* Basesystem Module 15-SP5 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x)
* syslinux-x86_64-4.04-150300.17.2.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Manager Proxy 4.3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Manager Server 4.3 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
* SUSE Enterprise Storage 7.1 (x86_64)
* syslinux-debuginfo-4.04-150300.17.2.1
* syslinux-debugsource-4.04-150300.17.2.1
* syslinux-4.04-150300.17.2.1
## References:
* https://jira.suse.com/browse/MSC-749
1
0
SUSE-RU-2024:0467-1: critical: Recommended update for google-guest-agent, google-guest-oslogin
by OPENSUSE-UPDATES 14 Feb '24
by OPENSUSE-UPDATES 14 Feb '24
14 Feb '24
# Recommended update for google-guest-agent, google-guest-oslogin
Announcement ID: SUSE-RU-2024:0467-1
Rating: critical
References:
* bsc#1219642
Affected Products:
* openSUSE Leap 15.5
* Public Cloud Module 15-SP2
* Public Cloud Module 15-SP3
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.1
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.1
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.1
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3
An update that has one fix can now be installed.
## Description:
This update for google-guest-agent, google-guest-oslogin contains the following
fix:
* Add explicit versioned dependency on google-guest-oslogin (bsc#1219642)
* Add explicit versioned dependency on google-guest-agent (bsc#1219642)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-467=1
* Public Cloud Module 15-SP2
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-467=1
* Public Cloud Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-467=1
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-467=1
* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-467=1
## Package List:
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* google-guest-oslogin-20231101.00-150000.1.38.1
* google-guest-oslogin-debugsource-20231101.00-150000.1.38.1
* google-guest-oslogin-debuginfo-20231101.00-150000.1.38.1
* google-guest-agent-20231031.01-150000.1.43.1
* Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64)
* google-guest-oslogin-20231101.00-150000.1.38.1
* google-guest-oslogin-debugsource-20231101.00-150000.1.38.1
* google-guest-oslogin-debuginfo-20231101.00-150000.1.38.1
* google-guest-agent-20231031.01-150000.1.43.1
* Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
* google-guest-oslogin-20231101.00-150000.1.38.1
* google-guest-oslogin-debugsource-20231101.00-150000.1.38.1
* google-guest-oslogin-debuginfo-20231101.00-150000.1.38.1
* google-guest-agent-20231031.01-150000.1.43.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* google-guest-oslogin-20231101.00-150000.1.38.1
* google-guest-oslogin-debugsource-20231101.00-150000.1.38.1
* google-guest-oslogin-debuginfo-20231101.00-150000.1.38.1
* google-guest-agent-20231031.01-150000.1.43.1
* Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* google-guest-oslogin-20231101.00-150000.1.38.1
* google-guest-oslogin-debugsource-20231101.00-150000.1.38.1
* google-guest-oslogin-debuginfo-20231101.00-150000.1.38.1
* google-guest-agent-20231031.01-150000.1.43.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1219642
1
0
SUSE-RU-2024:0471-1: moderate: Recommended update for lifecycle-data-sle-module-live-patching
by OPENSUSE-UPDATES 14 Feb '24
by OPENSUSE-UPDATES 14 Feb '24
14 Feb '24
# Recommended update for lifecycle-data-sle-module-live-patching
Announcement ID: SUSE-RU-2024:0471-1
Rating: moderate
References:
* bsc#1020320
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP2
* SUSE Linux Enterprise Live Patching 15-SP1
* SUSE Linux Enterprise Live Patching 15-SP3
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP1
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
An update that has one fix can now be installed.
## Description:
This update for lifecycle-data-sle-module-live-patching fixes the following
issues:
* Added data for 4_12_14-150100_197_160, 4_12_14-150100_197_165,
5_14_21-150400_24_100, 5_14_21-150400_24_66, 5_14_21-150400_24_88,
5_14_21-150400_24_92, 5_14_21-150400_24_97, 5_14_21-150500_55_28,
5_14_21-150500_55_31, 5_14_21-150500_55_36, 5_14_21-150500_55_39,
5_3_18-150200_24_166, 5_3_18-150200_24_169, 5_3_18-150200_24_172,
5_3_18-150300_59_138, 5_3_18-150300_59_141, 5_3_18-150300_59_144, +kernel-
livepatch-5_14_21-150400_15_53-rt, _,+kernel-
livepatch-5_14_21-150400_15_56-rt,_ ,+kernel-
livepatch-5_14_21-150400_15_59-rt, _,+kernel-
livepatch-5_14_21-150400_15_62-rt,_ ,+kernel-
livepatch-5_14_21-150500_13_18-rt, _,+kernel-
livepatch-5_14_21-150500_13_21-rt,_ ,+kernel-
livepatch-5_14_21-150500_13_24-rt, _,+kernel-
livepatch-5_14_21-150500_13_27-rt,_. (bsc#1020320)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Enterprise Live Patching 15-SP1
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP1-2024-471=1
* SUSE Linux Enterprise Live Patching 15-SP2
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-471=1
* SUSE Linux Enterprise Live Patching 15-SP3
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-471=1
* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-471=1
* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-471=1
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-471=1
## Package List:
* SUSE Linux Enterprise Live Patching 15-SP1 (noarch)
* lifecycle-data-sle-module-live-patching-15-150000.4.105.1
* SUSE Linux Enterprise Live Patching 15-SP2 (noarch)
* lifecycle-data-sle-module-live-patching-15-150000.4.105.1
* SUSE Linux Enterprise Live Patching 15-SP3 (noarch)
* lifecycle-data-sle-module-live-patching-15-150000.4.105.1
* SUSE Linux Enterprise Live Patching 15-SP4 (noarch)
* lifecycle-data-sle-module-live-patching-15-150000.4.105.1
* SUSE Linux Enterprise Live Patching 15-SP5 (noarch)
* lifecycle-data-sle-module-live-patching-15-150000.4.105.1
* openSUSE Leap 15.5 (noarch)
* lifecycle-data-sle-module-live-patching-15-150000.4.105.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1020320
1
0
14 Feb '24
# Security update for tomcat
Announcement ID: SUSE-SU-2024:0472-1
Rating: important
References:
* bsc#1216118
* bsc#1216119
* bsc#1216120
* bsc#1217402
* bsc#1217649
* bsc#1217768
* bsc#1219208
Cross-References:
* CVE-2023-42794
* CVE-2023-42795
* CVE-2023-45648
* CVE-2023-46589
* CVE-2024-22029
CVSS scores:
* CVE-2023-42794 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-42794 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-42795 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-42795 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-45648 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2023-45648 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2023-46589 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2023-46589 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-22029 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Server 4.3
* Web and Scripting Module 15-SP5
An update that solves five vulnerabilities and has two security fixes can now be
installed.
## Description:
This update for tomcat fixes the following issues:
Updated to Tomcat 9.0.85:
* CVE-2023-45648: Improve trailer header parsing (bsc#1216118).
* CVE-2023-42794: FileUpload: remove tmp files to avoid DoS on Windows
(bsc#1216120).
* CVE-2023-42795: Improve handling of failures during recycle() methods
(bsc#1216119).
* CVE-2023-46589: Fixed HTTP request smuggling due to incorrect headers
parsing (bsc#1217649)
* CVE-2024-22029: Fixed escalation to root from tomcat user via %post script.
(bsc#1219208)
The following non-security issues were fixed:
* Fixed the file permissions for server.xml (bsc#1217768, bsc#1217402).
Find the full release notes at:
https://tomcat.apache.org/tomcat-9.0-doc/changelog.html
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-472=1
* Web and Scripting Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-472=1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-472=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-472=1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-472=1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-472=1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-472=1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-472=1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-472=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-472=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-472=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-472=1
* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-472=1
* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-472=1
## Package List:
* openSUSE Leap 15.5 (noarch)
* tomcat-javadoc-9.0.85-150200.57.1
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-embed-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* tomcat-docs-webapp-9.0.85-150200.57.1
* tomcat-jsvc-9.0.85-150200.57.1
* Web and Scripting Module 15-SP5 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Manager Server 4.3 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
* SUSE Enterprise Storage 7.1 (noarch)
* tomcat-lib-9.0.85-150200.57.1
* tomcat-el-3_0-api-9.0.85-150200.57.1
* tomcat-servlet-4_0-api-9.0.85-150200.57.1
* tomcat-webapps-9.0.85-150200.57.1
* tomcat-admin-webapps-9.0.85-150200.57.1
* tomcat-9.0.85-150200.57.1
* tomcat-jsp-2_3-api-9.0.85-150200.57.1
## References:
* https://www.suse.com/security/cve/CVE-2023-42794.html
* https://www.suse.com/security/cve/CVE-2023-42795.html
* https://www.suse.com/security/cve/CVE-2023-45648.html
* https://www.suse.com/security/cve/CVE-2023-46589.html
* https://www.suse.com/security/cve/CVE-2024-22029.html
* https://bugzilla.suse.com/show_bug.cgi?id=1216118
* https://bugzilla.suse.com/show_bug.cgi?id=1216119
* https://bugzilla.suse.com/show_bug.cgi?id=1216120
* https://bugzilla.suse.com/show_bug.cgi?id=1217402
* https://bugzilla.suse.com/show_bug.cgi?id=1217649
* https://bugzilla.suse.com/show_bug.cgi?id=1217768
* https://bugzilla.suse.com/show_bug.cgi?id=1219208
1
0
14 Feb '24
# Security update for the Linux Kernel
Announcement ID: SUSE-SU-2024:0469-1
Rating: important
References:
* bsc#1065729
* bsc#1108281
* bsc#1141539
* bsc#1174649
* bsc#1181674
* bsc#1193285
* bsc#1194869
* bsc#1209834
* bsc#1210443
* bsc#1211515
* bsc#1212091
* bsc#1214377
* bsc#1215275
* bsc#1215885
* bsc#1216441
* bsc#1216559
* bsc#1216702
* bsc#1217895
* bsc#1217987
* bsc#1217988
* bsc#1217989
* bsc#1218005
* bsc#1218447
* bsc#1218527
* bsc#1218659
* bsc#1218713
* bsc#1218723
* bsc#1218730
* bsc#1218738
* bsc#1218752
* bsc#1218757
* bsc#1218768
* bsc#1218778
* bsc#1218779
* bsc#1218804
* bsc#1218832
* bsc#1218836
* bsc#1218916
* bsc#1218948
* bsc#1218958
* bsc#1218968
* bsc#1218997
* bsc#1219006
* bsc#1219012
* bsc#1219013
* bsc#1219014
* bsc#1219053
* bsc#1219067
* bsc#1219120
* bsc#1219128
* bsc#1219136
* bsc#1219285
* bsc#1219349
* bsc#1219412
* bsc#1219429
* bsc#1219434
* bsc#1219490
* bsc#1219512
* bsc#1219568
* bsc#1219582
* jsc#PED-4729
* jsc#PED-6694
* jsc#PED-7322
* jsc#PED-7615
* jsc#PED-7616
* jsc#PED-7620
* jsc#PED-7622
* jsc#PED-7623
Cross-References:
* CVE-2021-33631
* CVE-2023-46838
* CVE-2023-47233
* CVE-2023-4921
* CVE-2023-51042
* CVE-2023-51043
* CVE-2023-51780
* CVE-2023-51782
* CVE-2023-6040
* CVE-2023-6356
* CVE-2023-6531
* CVE-2023-6535
* CVE-2023-6536
* CVE-2023-6915
* CVE-2024-0565
* CVE-2024-0641
* CVE-2024-0775
* CVE-2024-1085
* CVE-2024-1086
CVSS scores:
* CVE-2021-33631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-33631 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-46838 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-46838 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-47233 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-47233 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-4921 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-4921 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-51042 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-51042 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-51043 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-51043 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-51780 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-51780 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-51782 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-51782 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6040 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2023-6040 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6915 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0565 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0565 ( NVD ): 7.4 CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-0641 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0641 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0775 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-0775 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2024-1085 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-1085 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-1086 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-1086 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Real Time Module 15-SP5
An update that solves 19 vulnerabilities, contains eight features and has 41
security fixes can now be installed.
## Description:
The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various
security bugfixes.
The following security bugs were fixed:
* CVE-2024-1085: Fixed nf_tables use-after-free vulnerability in the
nft_setelem_catchall_deactivate() function (bsc#1219429).
* CVE-2024-1086: Fixed a use-after-free vulnerability inside the nf_tables
component that could have been exploited to achieve local privilege
escalation (bsc#1219434).
* CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in
drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128).
* CVE-2023-51780: Fixed a use-after-free in do_vcc_ioctl in net/atm/ioctl.c,
because of a vcc_recvmsg race condition (bsc#1218730).
* CVE-2023-46838: Fixed an issue with Xen netback processing of zero-length
transmit fragment (bsc#1218836).
* CVE-2021-33631: Fixed an integer overflow in ext4_write_inline_data_end()
(bsc#1219412).
* CVE-2023-6535: Fixed a NULL pointer dereference in nvmet_tcp_execute_request
(bsc#1217988).
* CVE-2023-6536: Fixed a NULL pointer dereference in __nvmet_req_complete
(bsc#1217989).
* CVE-2023-6356: Fixed a NULL pointer dereference in nvmet_tcp_build_pdu_iovec
(bsc#1217987).
* CVE-2023-47233: Fixed a use-after-free in the device unplugging (disconnect
the USB by hotplug) code inside the brcm80211 component (bsc#1216702).
* CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network
scheduler which could be exploited to achieve local privilege escalation
(bsc#1215275).
* CVE-2023-51043: Fixed use-after-free during a race condition between a
nonblocking atomic commit and a driver unload in
drivers/gpu/drm/drm_atomic.c (bsc#1219120).
* CVE-2024-0775: Fixed use-after-free in __ext4_remount in fs/ext4/super.c
that could allow a local user to cause an information leak problem while
freeing the old quota file names before a potential failure (bsc#1219053).
* CVE-2023-6040: Fixed an out-of-bounds access vulnerability while creating a
new netfilter table, lack of a safeguard against invalid nf_tables family
(pf) values within `nf_tables_newtable` function (bsc#1218752).
* CVE-2024-0641: Fixed a denial of service vulnerability in
tipc_crypto_key_revoke in net/tipc/crypto.c (bsc#1218916).
* CVE-2024-0565: Fixed an out-of-bounds memory read flaw in
receive_encrypted_standard in fs/smb/client/smb2ops.c (bsc#1218832).
* CVE-2023-6915: Fixed a NULL pointer dereference problem in ida_free in
lib/idr.c (bsc#1218804).
* CVE-2023-51782: Fixed use-after-free in rose_ioctl in net/rose/af_rose.c
because of a rose_accept race condition (bsc#1218757).
* CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix
garbage collector's deletion of SKB races with unix_stream_read_generic()on
the socket that the SKB is queued on (bsc#1218447).
The following non-security bugs were fixed:
* Store the old kernel changelog entries in kernel-docs package (bsc#1218713).
* ACPI: LPIT: Avoid u32 multiplication overflow (git-fixes).
* ACPI: LPSS: Fix the fractional clock divider flags (git-fixes).
* ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (bsc#1214377)
* ACPI: extlog: Clear Extended Error Log status when RAS_CEC handled the error
(git-fixes).
* ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241
(bsc#1214377)
* ACPI: property: Allow _DSD buffer data only for byte accessors (git-fixes).
* ACPI: resource: Add another DMI match for the TongFang GMxXGxx (git-fixes).
* ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (bsc#1214377)
* ACPI: video: check for error while searching for backlight device parent
(git-fixes).
* ALSA: hda/conexant: Fix headset auto detect fail in cx8070 and SN6140 (git-
fixes).
* ALSA: hda/cs8409: Suppress vmaster control for Dolphin models (git-fixes).
* ALSA: hda/realtek: Add quirks for ASUS Zenbook 2022 Models (git-fixes).
* ALSA: hda/realtek: Enable headset mic on Lenovo M70 Gen5 (git-fixes).
* ALSA: hda/realtek: Enable mute/micmute LEDs and limit mic boost on HP ZBook
(git-fixes).
* ALSA: hda/realtek: Fix mute and mic-mute LEDs for HP Envy X360 13-ay0xxx
(git-fixes).
* ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq2xxx (git-fixes).
* ALSA: hda: Refer to correct stream index at loops (git-fixes).
* ALSA: hda: intel-nhlt: Ignore vbps when looking for DMIC 32 bps format (git-
fixes).
* ALSA: oxygen: Fix right channel of capture volume mixer (git-fixes).
* ASoC: Intel: Skylake: Fix mem leak in few functions (git-fixes).
* ASoC: Intel: Skylake: mem leak in skl register function (git-fixes).
* ASoC: Intel: bytcr_rt5640: Add quirk for the Medion Lifetab S10346 (git-
fixes).
* ASoC: Intel: glk_rt5682_max98357a: fix board id mismatch (git-fixes).
* ASoC: amd: Add Dell G15 5525 to quirks list (bsc#1219136).
* ASoC: amd: Add check for acp config flags (bsc#1219136).
* ASoC: amd: Add new dmi entries to config entry (bsc#1219136).
* ASoC: amd: Drop da7219_aad_jack_det() usage (bsc#1219136).
* ASoC: amd: Drop empty platform remove function (bsc#1219136).
* ASoC: amd: Update Pink Sardine platform ACP register header (bsc#1219136).
* ASoC: amd: acp-config: Add missing MODULE_DESCRIPTION (git-fixes).
* ASoC: amd: acp-da7219-max98357a: Map missing jack kcontrols (bsc#1219136).
* ASoC: amd: acp-rt5645: Map missing jack kcontrols (bsc#1219136).
* ASoC: amd: acp3x-rt5682-max9836: Configure jack as not detecting Line Out
(bsc#1219136).
* ASoC: amd: acp3x-rt5682-max9836: Map missing jack kcontrols (bsc#1219136).
* ASoC: amd: acp: Add TDM slots setting support for ACP I2S controller
(bsc#1219136).
* ASoC: amd: acp: Add TDM support for acp i2s stream (bsc#1219136).
* ASoC: amd: acp: Add i2s tdm support in machine driver (bsc#1219136).
* ASoC: amd: acp: Add kcontrols and widgets per-codec in common code
(bsc#1219136).
* ASoC: amd: acp: Add missing MODULE_DESCRIPTION in mach-common (git-fixes).
* ASoC: amd: acp: Add new cpu dai's in machine driver (bsc#1219136).
* ASoC: amd: acp: Add setbias level for rt5682s codec in machine driver
(bsc#1219136).
* ASoC: amd: acp: Enable i2s tdm support for skyrim platforms (bsc#1219136).
* ASoC: amd: acp: Fix possible UAF in acp_dma_open (bsc#1219136).
* ASoC: amd: acp: Initialize list to store acp_stream during pcm_open
(bsc#1219136).
* ASoC: amd: acp: Map missing jack kcontrols (bsc#1219136).
* ASoC: amd: acp: Modify dai_id macros to be more generic (bsc#1219136).
* ASoC: amd: acp: Refactor bit width calculation (bsc#1219136).
* ASoC: amd: acp: Refactor dai format implementation (bsc#1219136).
* ASoC: amd: acp: Refactor i2s clocks programming sequence (bsc#1219136).
* ASoC: amd: acp: add a label to make error path more clean (bsc#1219136).
* ASoC: amd: acp: add acp i2s master clock generation for rembrandt platform
(bsc#1219136).
* ASoC: amd: acp: add pm ops support for acp pci driver (bsc#1219136).
* ASoC: amd: acp: add pm ops support for rembrandt platform (bsc#1219136).
* ASoC: amd: acp: clean up some inconsistent indentings (bsc#1219136).
* ASoC: amd: acp: clear pdm dma interrupt mask (bsc#1219136).
* ASoC: amd: acp: delete unnecessary NULL check (bsc#1219136).
* ASoC: amd: acp: export config_acp_dma() and config_pte_for_stream() symbols
(bsc#1219136).
* ASoC: amd: acp: fix SND_SOC_AMD_ACP_PCI depdenencies (bsc#1219136).
* ASoC: amd: acp: move pdm macros to common header file (bsc#1219136).
* ASoC: amd: acp: refactor the acp init and de-init sequence (bsc#1219136).
* ASoC: amd: acp: rembrandt: Drop if blocks with always false condition
(bsc#1219136).
* ASoC: amd: acp: remove acp poweroff function (bsc#1219136).
* ASoC: amd: acp: remove the redundant acp enable/disable interrupts functions
(bsc#1219136).
* ASoC: amd: acp: remove unnecessary NULL checks (bsc#1219136).
* ASoC: amd: acp: store platform device reference created in pci probe call
(bsc#1219136).
* ASoC: amd: acp: store the pdm stream channel mask (bsc#1219136).
* ASoC: amd: acp: store xfer_resolution of the stream (bsc#1219136).
* ASoC: amd: acp: switch to use dev_err_probe() (bsc#1219136).
* ASoC: amd: acp: use devm_kcalloc() instead of devm_kzalloc() (bsc#1219136).
* ASoC: amd: acp: use function devm_kcalloc() instead of devm_kzalloc()
(bsc#1219136).
* ASoC: amd: add Pink Sardine ACP PCI driver (bsc#1219136).
* ASoC: amd: add Pink Sardine machine driver using dmic (bsc#1219136).
* ASoC: amd: add Pink Sardine platform ACP IP register header (bsc#1219136).
* ASoC: amd: add acp6.2 init/de-init functions (bsc#1219136).
* ASoC: amd: add acp6.2 irq handler (bsc#1219136).
* ASoC: amd: add acp6.2 pci driver pm ops (bsc#1219136).
* ASoC: amd: add acp6.2 pdm driver dma ops (bsc#1219136).
* ASoC: amd: add acp6.2 pdm driver pm ops (bsc#1219136).
* ASoC: amd: add acp6.2 pdm platform driver (bsc#1219136).
* ASoC: amd: add platform devices for acp6.2 pdm driver and dmic driver
(bsc#1219136).
* ASoC: amd: create platform device for acp6.2 machine driver (bsc#1219136).
* ASoC: amd: enable Pink Sardine acp6.2 drivers build (bsc#1219136).
* ASoC: amd: enable Pink sardine platform machine driver build (bsc#1219136).
* ASoC: amd: fix ACP version typo mistake (bsc#1219136).
* ASoC: amd: fix spelling mistake: "i.e" -> "i.e." (bsc#1219136).
* ASoC: amd: ps: Add a module parameter to influence pdm_gain (bsc#1219136).
* ASoC: amd: ps: Adjust the gain for PDM DMIC (bsc#1219136).
* ASoC: amd: ps: Fix uninitialized ret in create_acp64_platform_devs()
(bsc#1219136).
* ASoC: amd: ps: Move acp63_dev_data strcture from PCI driver (bsc#1219136).
* ASoC: amd: ps: Update copyright notice (bsc#1219136).
* ASoC: amd: ps: add mutex lock for accessing common registers (bsc#1219136).
* ASoC: amd: ps: fix for acp_lock access in pdm driver (bsc#1219136).
* ASoC: amd: ps: implement api to retrieve acp device config (bsc#1219136).
* ASoC: amd: ps: move irq handler registration (bsc#1219136).
* ASoC: amd: ps: refactor acp power on and reset functions (bsc#1219136).
* ASoC: amd: ps: refactor platform device creation logic (bsc#1219136).
* ASoC: amd: ps: remove the register read and write wrappers (bsc#1219136).
* ASoC: amd: ps: remove unused variable (bsc#1219136).
* ASoC: amd: ps: update dev index value in irq handler (bsc#1219136).
* ASoC: amd: ps: update macros with ps platform naming convention
(bsc#1219136).
* ASoC: amd: ps: update the acp clock source (bsc#1219136).
* ASoC: amd: ps: use acp_lock to protect common registers in pdm driver
(bsc#1219136).
* ASoC: amd: ps: use static function (bsc#1219136).
* ASoC: amd: renoir: Add a module parameter to influence pdm_gain
(bsc#1219136).
* ASoC: amd: renoir: Adjust the gain for PDM DMIC (bsc#1219136).
* ASoC: amd: update pm_runtime enable sequence (bsc#1219136).
* ASoC: amd: vangogh: Add check for acp config flags in vangogh platform
(bsc#1219136).
* ASoC: amd: vangogh: Make use of DRV_NAME (bsc#1219136).
* ASoC: amd: vangogh: Remove unnecessary init function (bsc#1219136).
* ASoC: amd: vangogh: select CONFIG_SND_AMD_ACP_CONFIG (bsc#1219136).
* ASoC: amd: yc: Add ASUS M3402RA into DMI table (bsc#1219136).
* ASoC: amd: yc: Add ASUS M5402RA into DMI table (bsc#1219136).
* ASoC: amd: yc: Add Alienware m17 R5 AMD into DMI table (bsc#1219136).
* ASoC: amd: yc: Add Asus VivoBook Pro 14 OLED M6400RC to the quirks list for
acp6x (bsc#1219136).
* ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A42)
(bsc#1219136).
* ASoC: amd: yc: Add DMI entries to support HP OMEN 16-n0xxx (8A43)
(bsc#1219136).
* ASoC: amd: yc: Add DMI entries to support Victus by HP Gaming Laptop
15-fb0xxx (8A3E) (bsc#1219136).
* ASoC: amd: yc: Add DMI entries to support Victus by HP Laptop 16-e1xxx
(8A22) (bsc#1219136).
* ASoC: amd: yc: Add DMI entry to support System76 Pangolin 12 (bsc#1219136).
* ASoC: amd: yc: Add DMI entry to support System76 Pangolin 13 (bsc#1219136).
* ASoC: amd: yc: Add DMI support for new acer/emdoor platforms (bsc#1219136).
* ASoC: amd: yc: Add HP 255 G10 into quirk table (bsc#1219136).
* ASoC: amd: yc: Add Lenovo Thinkbook 14+ 2022 21D0 to quirks table
(bsc#1219136).
* ASoC: amd: yc: Add MECHREVO Jiaolong Series MRID6 into DMI table
(bsc#1219136).
* ASoC: amd: yc: Add Razer Blade 14 2022 into DMI table (bsc#1219136).
* ASoC: amd: yc: Add ThinkBook 14 G5+ ARP to quirks list for acp6x
(bsc#1219136).
* ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x (bsc#1219136).
* ASoC: amd: yc: Add VivoBook Pro 15 to quirks list for acp6x (bsc#1219136).
* ASoC: amd: yc: Add Xiaomi Redmi Book Pro 14 2022 into DMI table
(bsc#1219136).
* ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table
(bsc#1219136).
* ASoC: amd: yc: Add a module parameter to influence pdm_gain (bsc#1219136).
* ASoC: amd: yc: Adding Lenovo ThinkBook 14 Gen 4+ ARA and Lenovo ThinkBook 16
Gen 4+ ARA to the Quirks List (bsc#1219136).
* ASoC: amd: yc: Adjust the gain for PDM DMIC (bsc#1219136).
* ASoC: amd: yc: Fix a non-functional mic on Lenovo 82TL (bsc#1219136).
* ASoC: amd: yc: Fix non-functional mic on ASUS E1504FA (bsc#1219136).
* ASoC: amd: yp: Add OMEN by HP Gaming Laptop 16z-n000 to quirks
(bsc#1219136).
* ASoC: codecs: lpass-wsa-macro: fix compander volume hack (git-fixes).
* ASoC: codecs: wcd938x: fix headphones volume controls (git-fixes).
* ASoC: codecs: wcd938x: handle deferred probe (git-fixes).
* ASoC: cs35l33: Fix GPIO name and drop legacy include (git-fixes).
* ASoC: cs43130: Fix incorrect frame delay configuration (git-fixes).
* ASoC: cs43130: Fix the position of const qualifier (git-fixes).
* ASoC: da7219: Support low DC impedance headset (git-fixes).
* ASoC: nau8822: Fix incorrect type in assignment and cast to restricted
__be16 (git-fixes).
* ASoC: ops: add correct range check for limiting volume (git-fixes).
* ASoC: rt5645: Drop double EF20 entry from dmi_platform_data[] (git-fixes).
* ASoC: rt5650: add mutex to avoid the jack detection failure (git-fixes).
* ASoC: sun4i-spdif: Fix requirements for H6 (git-fixes).
* ASoC: wm8974: Correct boost mixer inputs (git-fixes).
* Add DMI ID for MSI Bravo 15 B7ED (bsc#1219136).
* Bluetooth: Fix atomicity violation in {min,max}_key_size_set (git-fixes).
* Bluetooth: btmtkuart: fix recv_buf() return value (git-fixes).
* Documentation: Begin a RAS section (jsc#PED-7622).
* EDAC/amd64: Add context struct (jsc#PED-7615).
* EDAC/amd64: Add get_err_info() to pvt->ops (jsc#PED-7615).
* EDAC/amd64: Add support for AMD heterogeneous Family 19h Model 30h-3Fh
(jsc#PED-7616).
* EDAC/amd64: Add support for ECC on family 19h model 60h-7Fh (jsc#PED-7615).
* EDAC/amd64: Add support for family 0x19, models 0x90-9f devices
(jsc#PED-7622).
* EDAC/amd64: Allow for DF Indirect Broadcast reads (jsc#PED-7615).
* EDAC/amd64: Cache and use GPU node map (jsc#PED-7616).
* EDAC/amd64: Do not discover ECC symbol size for Family 17h and later
(jsc#PED-7615).
* EDAC/amd64: Do not set up EDAC PCI control on Family 17h+ (jsc#PED-7615).
* EDAC/amd64: Document heterogeneous system enumeration (jsc#PED-7616).
* EDAC/amd64: Drop dbam_to_cs() for Family 17h and later (jsc#PED-7615).
* EDAC/amd64: Fix indentation in umc_determine_edac_cap() (jsc#PED-7615).
* EDAC/amd64: Merge struct amd64_family_type into struct amd64_pvt
(jsc#PED-7615).
* EDAC/amd64: Remove PCI Function 0 (jsc#PED-7615).
* EDAC/amd64: Remove PCI Function 6 (jsc#PED-7615).
* EDAC/amd64: Remove early_channel_count() (jsc#PED-7615).
* EDAC/amd64: Remove module version string (jsc#PED-7615).
* EDAC/amd64: Remove scrub rate control for Family 17h and later
(jsc#PED-7615).
* EDAC/amd64: Rename debug_display_dimm_sizes() (jsc#PED-7615).
* EDAC/amd64: Rename f17h_determine_edac_ctl_cap() (jsc#PED-7615).
* EDAC/amd64: Rework hw_info_{get,put} (jsc#PED-7615).
* EDAC/amd64: Shut up an -Werror,-Wsometimes-uninitialized clang false
positive (jsc#PED-7615).
* EDAC/amd64: Split determine_edac_cap() into dct/umc functions
(jsc#PED-7615).
* EDAC/amd64: Split determine_memory_type() into dct/umc functions
(jsc#PED-7615).
* EDAC/amd64: Split dump_misc_regs() into dct/umc functions (jsc#PED-7615).
* EDAC/amd64: Split ecc_enabled() into dct/umc functions (jsc#PED-7615).
* EDAC/amd64: Split get_csrow_nr_pages() into dct/umc functions
(jsc#PED-7615).
* EDAC/amd64: Split init_csrows() into dct/umc functions (jsc#PED-7615).
* EDAC/amd64: Split prep_chip_selects() into dct/umc functions (jsc#PED-7615).
* EDAC/amd64: Split read_base_mask() into dct/umc functions (jsc#PED-7615).
* EDAC/amd64: Split read_mc_regs() into dct/umc functions (jsc#PED-7615).
* EDAC/amd64: Split setup_mci_misc_attrs() into dct/umc functions
(jsc#PED-7615).
* EDAC/mc: Add new HBM2 memory type (jsc#PED-7616).
* EDAC/mc: Add support for HBM3 memory type (jsc#PED-7622).
* EDAC/mce_amd: Remove SMCA Extended Error code descriptions (jsc#PED-7622).
* EDAC/thunderx: Fix possible out-of-bounds string access (git-fixes).
* Fix crash in vmw_context_cotables_unref when 3d support is enabled
(bsc#1218738)
* HID: i2c-hid-of: fix NULL-deref on failed power up (git-fixes).
* HID: wacom: Correct behavior when processing some confidence == false
touches (git-fixes).
* IB/iser: Prevent invalidating wrong MR (git-fixes)
* Input: atkbd - do not skip atkbd_deactivate() when skipping ATKBD_CMD_GETID
(git-fixes).
* Input: atkbd - skip ATKBD_CMD_GETID in translated mode (git-fixes).
* Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID (git-
fixes).
* Input: atkbd - use ab83 as id when skipping the getid command (git-fixes).
* Input: bcm5974 - check endpoint type before starting traffic (git-fixes).
* Input: i8042 - add nomux quirk for Acer P459-G2-M (git-fixes).
* Input: xpad - add Razer Wolverine V2 support (git-fixes).
* KVM: SVM: Update EFER software model on CR0 trap for SEV-ES (git-fixes).
* KVM: s390: vsie: Fix STFLE interpretive execution identification (git-fixes
bsc#1218997).
* KVM: x86: Mask LVTPC when handling a PMI (jsc#PED-7322).
* Limit kernel-source build to architectures for which the kernel binary is
built (bsc#1108281).
* PCI/AER: Configure ECRC only if AER is native (bsc#1218778)
* PCI/P2PDMA: Remove reference to pci_p2pdma_map_sg() (git-fixes).
* PCI: Add ACS quirk for more Zhaoxin Root Ports (git-fixes).
* PCI: keystone: Fix race condition when initializing PHYs (git-fixes).
* PM: hibernate: Enforce ordering during image compression/decompression (git-
fixes).
* RDMA/hns: Fix inappropriate err code for unsupported operations (git-fixes)
* RDMA/hns: Fix unnecessary err return when using invalid congest control
algorithm (git-fixes)
* RDMA/hns: Remove unnecessary checks for NULL in mtr_alloc_bufs() (git-fixes)
* RDMA/irdma: Add wait for suspend on SQD (git-fixes)
* RDMA/irdma: Avoid free the non-cqp_request scratch (git-fixes)
* RDMA/irdma: Do not modify to SQD on error (git-fixes)
* RDMA/irdma: Fix UAF in irdma_sc_ccq_get_cqe_info() (git-fixes)
* RDMA/irdma: Refactor error handling in create CQP (git-fixes)
* RDMA/rtrs-clt: Fix the max_send_wr setting (git-fixes)
* RDMA/rtrs-clt: Remove the warnings for req in_use check (git-fixes)
* RDMA/rtrs-clt: Start hb after path_up (git-fixes)
* RDMA/rtrs-srv: Check return values while processing info request (git-fixes)
* RDMA/rtrs-srv: Destroy path files after making sure no IOs in-flight (git-
fixes)
* RDMA/rtrs-srv: Do not unconditionally enable irq (git-fixes)
* RDMA/rtrs-srv: Free srv_mr iu only when always_invalidate is true (git-
fixes)
* RDMA/usnic: Silence uninitialized symbol smatch warnings (git-fixes)
* USB: xhci: workaround for grace period (git-fixes).
* Update config files: enable ASoC AMD PS drivers (bsc#1219136)
* Update patch reference for ax88179 fix (bsc#1218948)
* acpi: property: Let args be NULL in __acpi_node_get_property_reference (git-
fixes).
* aio: fix mremap after fork null-deref (git-fixes).
* apparmor: avoid crash when parsed profile name is empty (git-fixes).
* arm64: Add CNT{P,V}CTSS_EL0 alternatives to cnt{p,v}ct_el0 (jsc#PED-4729)
* arm64: Add a capability for FEAT_ECV (jsc#PED-4729) Use cpu_hwcaps
PLACEHOLDER_4 for HAS_ECV.
* arm64: alternative: patch alternatives in the vDSO (jsc#PED-4729)
* arm64: dts: armada-3720-turris-mox: set irq type for RTC (git-fixes)
* arm64: dts: imx8mp: imx8mq: Add parkmode-disable-ss-quirk on DWC3 (git-
fixes)
* arm64: dts: imx8mq: drop usb3-resume-missing-cas from usb (git-fixes)
* arm64: dts: ls208xa: use a pseudo-bus to constrain usb dma size (git-fixes)
* arm64: dts: rockchip: Expand reg size of vdec node for RK3399 (git-fixes)
* arm64: mm: Always make sw-dirty PTEs hw-dirty in pte_modify (git-fixes)
* arm64: module: move find_section to header (jsc#PED-4729)
* arm64: vdso: Fix "no previous prototype" warning (jsc#PED-4729)
* arm64: vdso: remove two .altinstructions related symbols (jsc#PED-4729)
* arm64: vdso: use SYS_CNTVCTSS_EL0 for gettimeofday (jsc#PED-4729)
* asix: Add check for usbnet_get_endpoints (git-fixes).
* attr: block mode changes of symlinks (git-fixes).
* badblocks: add helper routines for badblock ranges handling (bsc#1174649).
* badblocks: add more helper structure and routines in badblocks.h
(bsc#1174649).
* badblocks: avoid checking invalid range in badblocks_check() (bsc#1174649).
* badblocks: improve badblocks_check() for multiple ranges handling
(bsc#1174649).
* badblocks: improve badblocks_clear() for multiple ranges handling
(bsc#1174649).
* badblocks: improve badblocks_set() for multiple ranges handling
(bsc#1174649).
* badblocks: switch to the improved badblock handling code (bsc#1174649).
* bpf: Limit the number of kprobes when attaching program to multiple kprobes
(git-fixes).
* bus: mhi: host: Add alignment check for event ring read pointer (git-fixes).
* bus: mhi: host: Add spinlock to protect WP access when queueing TREs (git-
fixes).
* bus: mhi: host: Drop chan lock before queuing buffers (git-fixes).
* ceph: select FS_ENCRYPTION_ALGS if FS_ENCRYPTION (bsc#1219568).
* clk: qcom: gpucc-sm8150: Update the gpu_cc_pll1 config (git-fixes).
* clk: qcom: videocc-sm8150: Add missing PLL config property (git-fixes).
* clk: rockchip: rk3128: Fix HCLK_OTG gate register (git-fixes).
* clk: samsung: Fix kernel-doc comments (git-fixes).
* clk: si5341: fix an error code problem in si5341_output_clk_set_rate (git-
fixes).
* clk: zynqmp: Add a check for NULL pointer (git-fixes).
* clk: zynqmp: make bestdiv unsigned (git-fixes).
* clocksource: Skip watchdog check for large watchdog intervals (git-fixes).
* clocksource: disable watchdog checks on TSC when TSC is watchdog
(bsc#1215885).
* coresight: etm4x: Add ACPI support in platform driver (bsc#1218779)
* coresight: etm4x: Allocate and device assign 'struct etmv4_drvdata'
(bsc#1218779)
* coresight: etm4x: Change etm4_platform_driver driver for MMIO devices
(bsc#1218779)
* coresight: etm4x: Drop iomem 'base' argument from etm4_probe() (bsc#1218779)
* coresight: etm4x: Drop pid argument from etm4_probe() (bsc#1218779)
* coresight: etm4x: Ensure valid drvdata and clock before clk_put()
(bsc#1218779)
* coresight: platform: acpi: Ignore the absence of graph (bsc#1218779)
* crypto: ccp - fix memleak in ccp_init_dm_workarea (git-fixes).
* crypto: s390/aes - Fix buffer overread in CTR mode (git-fixes).
* crypto: sa2ul - Return crypto_aead_setkey to transfer the error (git-fixes).
* crypto: sahara - do not resize req->src when doing hash operations (git-
fixes).
* crypto: sahara - fix ahash reqsize (git-fixes).
* crypto: sahara - fix ahash selftest failure (git-fixes).
* crypto: sahara - fix cbc selftest failure (git-fixes).
* crypto: sahara - fix processing hash requests with req->nbytes <
sg->length (git-fixes).
* crypto: sahara - fix processing requests with cryptlen < sg->length (git-
fixes).
* crypto: sahara - fix wait_for_completion_timeout() error handling (git-
fixes).
* crypto: sahara - handle zero-length aes requests (git-fixes).
* crypto: sahara - improve error handling in sahara_sha_process() (git-fixes).
* crypto: sahara - remove FLAGS_NEW_KEY logic (git-fixes).
* crypto: scomp - fix req->dst buffer overflow (git-fixes).
* dma-debug: fix kernel-doc warnings (git-fixes).
* dmaengine: fix NULL pointer in channel unregistration function (git-fixes).
* dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV (git-
fixes).
* dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools (git-fixes).
* dmaengine: idxd: Protect int_handle field in hw descriptor (git-fixes).
* dmaengine: ti: k3-udma: Report short packet errors (git-fixes).
* doc/README.KSYMS: Add to repo.
* drivers/amd/pm: fix a use-after-free in kv_parse_power_table (git-fixes).
* drivers: clk: zynqmp: calculate closest mux rate (git-fixes).
* drivers: clk: zynqmp: update divider round rate logic (git-fixes).
* drm/amd/display: Fix tiled display misalignment (git-fixes).
* drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A (git-
fixes).
* drm/amd/display: add nv12 bounding box (git-fixes).
* drm/amd/display: get dprefclk ss info from integration info table (git-
fixes).
* drm/amd/display: make flip_timestamp_in_us a 64-bit variable (git-fixes).
* drm/amd/display: pbn_div need be updated for hotplug event (git-fixes).
* drm/amd/display: update dcn315 lpddr pstate latency (git-fixes).
* drm/amd/pm/smu7: fix a memleak in smu7_hwmgr_backend_init (git-fixes).
* drm/amd/pm: fix a double-free in amdgpu_parse_extended_power_table (git-
fixes).
* drm/amd/pm: fix a double-free in si_dpm_init (git-fixes).
* drm/amd/powerplay: Fix kzalloc parameter 'ATOM_Tonga_PPM_Table' in
'get_platform_power_management_table()' (git-fixes).
* drm/amdgpu/debugfs: fix error code when smc register accessors are NULL
(git-fixes).
* drm/amdgpu/pm: Fix the power source flag error (git-fixes).
* drm/amdgpu: Add NULL checks for function pointers (git-fixes).
* drm/amdgpu: Drop 'fence' check in 'to_amdgpu_amdkfd_fence()' (git-fixes).
* drm/amdgpu: Fix '*fw' from request_firmware() not released in
'amdgpu_ucode_request()' (git-fixes).
* drm/amdgpu: Fix cat debugfs amdgpu_regs_didt causes kernel null pointer
(git-fixes).
* drm/amdgpu: Fix ecc irq enable/disable unpaired (git-fixes).
* drm/amdgpu: Fix missing error code in 'gmc_v6/7/8/9_0_hw_init()' (git-
fixes).
* drm/amdgpu: Fix with right return code '-EIO' in
'amdgpu_gmc_vram_checking()' (git-fixes).
* drm/amdgpu: Let KFD sync with VM fences (git-fixes).
* drm/amdgpu: Release 'adev->pm.fw' before return in
'amdgpu_device_need_post()' (git-fixes).
* drm/amdgpu: fix ftrace event amdgpu_bo_move always move on same heap (git-
fixes).
* drm/amdgpu: skip gpu_info fw loading on navi12 (git-fixes).
* drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in
kfd_topology.c (git-fixes).
* drm/amdkfd: Fix 'node' NULL check in 'svm_range_get_range_boundaries()'
(git-fixes).
* drm/amdkfd: Fix iterator used outside loop in 'kfd_add_peer_prop()' (git-
fixes).
* drm/amdkfd: Fix lock dependency warning (git-fixes).
* drm/amdkfd: Fix lock dependency warning with srcu (git-fixes).
* drm/amdkfd: Use resource_size() helper function (git-fixes).
* drm/amdkfd: fixes for HMM mem allocation (git-fixes).
* drm/bridge: Fix typo in post_disable() description (git-fixes).
* drm/bridge: anx7625: Ensure bridge is suspended in disable() (git-fixes).
* drm/bridge: cdns-mhdp8546: Fix use of uninitialized variable (git-fixes).
* drm/bridge: nxp-ptn3460: fix i2c_master_send() error checking (git-fixes).
* drm/bridge: nxp-ptn3460: simplify some error checking (git-fixes).
* drm/bridge: parade-ps8640: Ensure bridge is suspended in .post_disable()
(git-fixes).
* drm/bridge: parade-ps8640: Make sure we drop the AUX mutex in the error case
(git-fixes).
* drm/bridge: parade-ps8640: Wait for HPD when doing an AUX transfer (git-
fixes).
* drm/bridge: tc358767: Fix return value on error case (git-fixes).
* drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function
(git-fixes).
* drm/crtc: Fix uninit-value bug in drm_mode_setcrtc (git-fixes).
* drm/crtc: fix uninitialized variable use (git-fixes).
* drm/drv: propagate errors from drm_modeset_register_all() (git-fixes).
* drm/exynos: Call drm_atomic_helper_shutdown() at shutdown/unbind time (git-
fixes).
* drm/exynos: fix a potential error pointer dereference (git-fixes).
* drm/exynos: fix a wrong error checking (git-fixes).
* drm/exynos: fix accidental on-stack copy of exynos_drm_plane (git-fixes).
* drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume (git-
fixes).
* drm/framebuffer: Fix use of uninitialized variable (git-fixes).
* drm/mediatek: Return error if MDP RDMA failed to enable the clock (git-
fixes).
* drm/msm/dpu: Drop enable and frame_count parameters from dpu_hw_setup_misr()
(git-fixes).
* drm/msm/dpu: Ratelimit framedone timeout msgs (git-fixes).
* drm/msm/dpu: Set input_sel bit for INTF (git-fixes).
* drm/msm/dpu: fix writeback programming for YUV cases (git-fixes).
* drm/msm/dpu: rename dpu_encoder_phys_wb_setup_cdp to match its functionality
(git-fixes).
* drm/msm/dsi: Enable runtime PM (git-fixes).
* drm/msm/dsi: Use pm_runtime_resume_and_get to prevent refcnt leaks (git-
fixes).
* drm/msm/mdp4: flush vblank event on disable (git-fixes).
* drm/nouveau/fence:: fix warning directly dereferencing a rcu pointer (git-
fixes).
* drm/panel-edp: Add override_edid_mode quirk for generic edp (git-fixes).
* drm/panel-elida-kd35t133: hold panel in reset for unprepare (git-fixes).
* drm/panel: nt35510: fix typo (git-fixes).
* drm/panfrost: Ignore core_mask for poweroff and disable PWRTRANS irq (git-
fixes).
* drm/panfrost: Really power off GPU cores in panfrost_gpu_power_off() (git-
fixes).
* drm/radeon/dpm: fix a memleak in sumo_parse_power_table (git-fixes).
* drm/radeon/r100: Fix integer overflow issues in r100_cs_track_check() (git-
fixes).
* drm/radeon/r600_cs: Fix possible int overflows in r600_cs_check_reg() (git-
fixes).
* drm/radeon/trinity_dpm: fix a memleak in trinity_parse_power_table (git-
fixes).
* drm/radeon: check return value of radeon_ring_lock() (git-fixes).
* drm/radeon: check the alloc_workqueue return value in radeon_crtc_init()
(git-fixes).
* drm/tidss: Check for K2G in in dispc_softreset() (git-fixes).
* drm/tidss: Fix atomic_flush check (git-fixes).
* drm/tidss: Fix dss reset (git-fixes).
* drm/tidss: Move reset to the end of dispc_init() (git-fixes).
* drm/tidss: Return error value from from softreset (git-fixes).
* drm/tilcdc: Fix irq free on unload (git-fixes).
* drm: Do not unref the same fb many times by mistake due to deadlock handling
(git-fixes).
* drm: panel-simple: add missing bus flags for Tianma tm070jvhg[30/33] (git-
fixes).
* drm: using mul_u32_u32() requires linux/math64.h (git-fixes).
* dt-bindings: gpio: Remove FSI domain ports on Tegra234 (jsc#PED-6694)
* efi/libstub: Disable PCI DMA before grabbing the EFI memory map (git-fixes).
* eventfd: prevent underflow for eventfd semaphores (git-fixes).
* exfat: fix reporting fs error when reading dir beyond EOF (git-fixes).
* exfat: support handle zero-size directory (git-fixes).
* exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree (git-fixes).
* fbdev: Only disable sysfb on the primary device (bsc#1216441)
* fbdev: Only disable sysfb on the primary device (bsc#1216441) Update an
existing patch to fix bsc#1216441.
* fbdev: flush deferred IO before closing (git-fixes).
* fbdev: flush deferred work in fb_deferred_io_fsync() (git-fixes).
* fbdev: imxfb: fix left margin setting (git-fixes).
* fbdev: mmp: Fix typo and wording in code comment (git-fixes).
* firewire: core: correct documentation of fw_csr_string() kernel API (git-
fixes).
* firewire: ohci: suppress unexpected system reboot in AMD Ryzen machines and
ASM108x/VT630x PCIe cards (git-fixes).
* firmware: ti_sci: Fix an off-by-one in ti_sci_debugfs_create() (git-fixes).
* fjes: fix memleaks in fjes_hw_setup (git-fixes).
* fs/mount_setattr: always cleanup mount_kattr (git-fixes).
* fs: Fix error checking for d_hash_and_lookup() (git-fixes).
* fs: Move notify_change permission checks into may_setattr (git-fixes).
* fs: do not audit the capability check in simple_xattr_list() (git-fixes).
* fs: drop peer group ids under namespace lock (git-fixes).
* fs: indicate request originates from old mount API (git-fixes).
* fs: sendfile handles O_NONBLOCK of out_fd (git-fixes).
* fuse: dax: set fc->dax to NULL in fuse_dax_conn_free() (bsc#1218659).
* gfs2: Always check inode size of inline inodes (git-fixes).
* gfs2: Cosmetic gfs2_dinode_{in,out} cleanup (git-fixes).
* gfs2: Disable page faults during lockless buffered reads (git-fixes).
* gfs2: Eliminate ip->i_gh (git-fixes).
* gfs2: Eliminate vestigial HIF_FIRST (git-fixes).
* gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (git-fixes).
* gfs2: Introduce flag for glock holder auto-demotion (git-fixes).
* gfs2: Move the inode glock locking to gfs2_file_buffered_write (git-fixes).
* gfs2: Remove redundant check from gfs2_glock_dq (git-fixes).
* gfs2: Switch to wait_event in gfs2_logd (git-fixes).
* gfs2: assign rgrp glock before compute_bitstructs (git-fixes).
* gfs2: low-memory forced flush fixes (git-fixes).
* gfs2: release iopen glock early in evict (git-fixes).
* gpio: eic-sprd: Clear interrupt after set the interrupt type (git-fixes).
* gpu/drm/radeon: fix two memleaks in radeon_vm_init (git-fixes).
* hv_netvsc: rndis_filter needs to select NLS (git-fixes).
* hwmon: (corsair-psu) Fix probe when built-in (git-fixes).
* hwrng: core - Fix page fault dead lock on mmap-ed hwrng (git-fixes).
* i2c: rk3x: fix potential spinlock recursion on poll (git-fixes).
* i2c: s3c24xx: fix read transfers in polling mode (git-fixes).
* i2c: s3c24xx: fix transferring more than one message in polling mode (git-
fixes).
* iio: adc: ad7091r: Pass iio_dev to event handler (git-fixes).
* iio: adc: ad9467: add mutex to struct ad9467_state (git-fixes).
* iio: adc: ad9467: do not ignore error codes (git-fixes).
* iio: adc: ad9467: fix reset gpio handling (git-fixes).
* ipmi: Use regspacings passed as a module parameter (git-fixes).
* kabi, vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895).
* kabi/severities: ignore ASoC AMD acp driver symbols (bsc#1219136)
* kabi/severities: ignore _rtl92c_phy_calculate_bit_shift symbol It's an
internal function that shouldn't have been exported
* kdb: Fix a potential buffer overflow in kdb_local() (git-fixes).
* kernel-doc: handle a void function without producing a warning (git-fixes).
* kernel-source: Fix description typo
* kernfs: fix missing kernfs_idr_lock to remove an ID from the IDR (git-
fixes).
* leds: aw2013: Select missing dependency REGMAP_I2C (git-fixes).
* leds: ledtrig-tty: Free allocated ttyname buffer on deactivate (git-fixes).
* libapi: Add missing linux/types.h header to get the __u64 type on io.h (git-
fixes).
* md: fix bi_status reporting in md_end_clone_io (bsc#1210443).
* media: cx231xx: fix a memleak in cx231xx_init_isoc (git-fixes).
* media: dt-bindings: ov8856: decouple lanes and link frequency from driver
(git-fixes).
* media: dvb-frontends: m88ds3103: Fix a memory leak in an error handling path
of m88ds3103_probe() (git-fixes).
* media: imx355: Enable runtime PM before registering async sub-device (git-
fixes).
* media: ov9734: Enable runtime PM before registering async sub-device (git-
fixes).
* media: pvrusb2: fix use after free on context disconnection (git-fixes).
* media: rkisp1: Disable runtime PM in probe error path (git-fixes).
* media: rkisp1: Fix media device memory leak (git-fixes).
* media: rkisp1: Read the ID register at probe time instead of streamon (git-
fixes).
* media: videobuf2-dma-sg: fix vmap callback (git-fixes).
* mfd: intel-lpss: Fix the fractional clock divider flags (git-fixes).
* misc: fastrpc: Mark all sessions as invalid in cb_remove (git-fixes).
* mkspec: Include constraints for both multibuild and plain package always
There is no need to check for multibuild flag, the constraints can be always
generated for both cases.
* mkspec: Use variant in constraints template Constraints are not applied
consistently with kernel package variants. Add variant to the constraints
template as appropriate, and expand it in mkspec.
* mm: fs: initialize fsdata passed to write_begin/write_end interface (git-
fixes).
* mmc: core: Cancel delayed work before releasing host (git-fixes).
* modpost: move **attribute** ((format(printf, 2, 3))) to modpost.h (git-
fixes).
* mtd: Fix gluebi NULL pointer dereference caused by ftl notifier (git-fixes).
* mtd: rawnand: Increment IFC_TIMEOUT_MSECS for nand controller response (git-
fixes).
* mtd: rawnand: pl353: Fix kernel doc (git-fixes).
* mtd: rawnand: rockchip: Add missing title to a kernel doc comment (git-
fixes).
* mtd: rawnand: rockchip: Rename a structure (git-fixes).
* net: phy: micrel: populate .soft_reset for KSZ9131 (git-fixes).
* net: usb: ax88179_178a: Bind only to vendor-specific interface
(bsc#1218948).
* net: usb: ax88179_178a: avoid two consecutive device resets (bsc#1218948).
* net: usb: ax88179_178a: move priv to driver_priv (git-fixes).
* net: usb: ax88179_178a: remove redundant init code (git-fixes).
* net: usb: ax88179_178a: restore state on resume (bsc#1218948).
* nfc: nci: free rx_data_reassembly skb on NCI device cleanup (git-fixes).
* nfsd4: add refcount for nfsd4_blocked_lock (bsc#1218968 bsc#1219349).
* nfsd: fix RELEASE_LOCKOWNER (bsc#1218968).
* nouveau/tu102: flush all pdbs on vmm flush (git-fixes).
* nouveau/vmm: do not set addr on the fail path to avoid warning (git-fixes).
* nsfs: add compat ioctl handler (git-fixes).
* nvme-loop: always quiesce and cancel commands before destroying admin q
(bsc#1211515).
* nvme-pci: add BOGUS_NID for Intel 0a54 device (git-fixes).
* nvme-pci: fix sleeping function called from interrupt context (git-fixes).
* nvme-rdma: Fix transfer length when write_generate/read_verify are 0 (git-
fixes).
* nvme-tcp: avoid open-coding nvme_tcp_teardown_admin_queue() (bsc#1211515).
* nvme: fix max_discard_sectors calculation (git-fixes).
* nvme: introduce helper function to get ctrl state (git-fixes).
* nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515).
* nvme: start keep-alive after admin queue setup (bsc#1211515).
* nvme: trace: avoid memcpy overflow warning (git-fixes).
* nvmet: re-fix tracing strncpy() warning (git-fixes).
* of: Fix double free in of_parse_phandle_with_args_map (git-fixes).
* of: unittest: Fix of_count_phandle_with_args() expected value message (git-
fixes).
* parport: parport_serial: Add Brainboxes BAR details (git-fixes).
* parport: parport_serial: Add Brainboxes device IDs and geometry (git-fixes).
* perf/x86/intel/uncore: Factor out topology_gidnid_map() (bsc#1218958).
* perf/x86/intel/uncore: Fix NULL pointer dereference issue in
upi_fill_topology() (bsc#1218958).
* perf/x86/uncore: Use u64 to replace unsigned for the uncore offsets array
(bsc#1219512).
* phy: renesas: rcar-gen3-usb2: Fix returning wrong error code (git-fixes).
* phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (git-fixes).
* pinctrl: intel: Revert "Unexport intel_pinctrl_probe()" (git-fixes).
* platform/x86/amd/hsmp: Fix iomem handling (jsc#PED-7620).
* platform/x86/amd/hsmp: add support for metrics tbl (jsc#PED-7620).
* platform/x86/amd/hsmp: create plat specific struct (jsc#PED-7620).
* platform/x86/amd/hsmp: improve the error log (jsc#PED-7620).
* platform/x86: ISST: Reduce noise for missing numa information in logs
(bsc#1219285).
* platform/x86: use PLATFORM_DEVID_NONE instead of -1 (jsc#PED-7620).
* power: supply: bq256xx: fix some problem in bq256xx_hw_init (git-fixes).
* power: supply: cw2015: correct time_to_empty units in sysfs (git-fixes).
* powerpc/fadump: reset dump area size if fadump memory reserve fails
(bsc#1194869).
* powerpc/powernv: Add a null pointer check in opal_event_init()
(bsc#1065729).
* powerpc/powernv: Add a null pointer check in opal_powercap_init()
(bsc#1181674 ltc#189159 git-fixes).
* powerpc/powernv: Add a null pointer check to scom_debug_init_one()
(bsc#1194869).
* powerpc/pseries/iommu: enable_ddw incorrectly returns direct mapping for SR-
IOV device (bsc#1212091 ltc#199106 git-fixes).
* powerpc/pseries/memhp: Fix access beyond end of drmem array (bsc#1065729).
* powerpc/pseries: fix possible memory leak in ibmebus_bus_init()
(bsc#1194869).
* powerpc/pseries: fix potential memory leak in init_cpu_associativity()
(bsc#1194869).
* powerpc/xive: Fix endian conversion size (bsc#1194869).
* pstore: ram_core: fix possible overflow in persistent_ram_init_ecc() (git-
fixes).
* pwm: Fix out-of-bounds access in of_pwm_single_xlate() (git-fixes).
* pwm: jz4740: Do not use dev_err_probe() in .request() (git-fixes).
* pwm: stm32: Fix enable count for clk in .probe() (git-fixes).
* pwm: stm32: Use hweight32 in stm32_pwm_detect_channels (git-fixes).
* pwm: stm32: Use regmap_clear_bits and regmap_set_bits where applicable (git-
fixes).
* r8152: add vendor/device ID pair for ASUS USB-C2500 (git-fixes).
* r8152: add vendor/device ID pair for D-Link DUB-E250 (git-fixes).
* reset: hisilicon: hi6220: fix Wvoid-pointer-to-enum-cast warning (git-
fixes).
* ring-buffer/Documentation: Add documentation on buffer_percent file (git-
fixes).
* ring-buffer: Do not record in NMI if the arch does not support cmpxchg in
NMI (git-fixes).
* s390/dasd: fix double module refcount decrement (bsc#1141539).
* s390/pci: fix max size calculation in zpci_memcpy_toio() (git-fixes
bsc#1219006).
* s390/vfio-ap: always filter entire AP matrix (git-fixes bsc#1219012).
* s390/vfio-ap: let on_scan_complete() callback filter matrix and update
guest's APCB (git-fixes bsc#1219014).
* s390/vfio-ap: loop over the shadow APCB when filtering guest's AP
configuration (git-fixes bsc#1219013).
* s390/vfio-ap: unpin pages on gisc registration failure (git-fixes
bsc#1218723).
* s390: vfio-ap: tighten the NIB validity check (git-fixes).
* sched/isolation: add cpu_is_isolated() API (bsc#1217895).
* scsi: be2iscsi: Fix a memleak in beiscsi_init_wrb_handle() (git-fixes).
* scsi: bnx2fc: Fix skb double free in bnx2fc_rcv() (git-fixes).
* scsi: core: Always send batch on reset or error handling command (git-
fixes).
* scsi: fnic: Return error if vmalloc() failed (git-fixes).
* scsi: hisi_sas: Correct the number of global debugfs registers (git-fixes).
* scsi: hisi_sas: Fix normally completed I/O analysed as failed (git-fixes).
* scsi: hisi_sas: Fix warnings detected by sparse (git-fixes).
* scsi: hisi_sas: Modify v3 HW SATA completion error processing (git-fixes).
* scsi: hisi_sas: Modify v3 HW SSP underflow error processing (git-fixes).
* scsi: hisi_sas: Rename HISI_SAS_{RESET -> RESETTING}_BIT (git-fixes).
* scsi: hisi_sas: Replace with standard error code return value (git-fixes).
* scsi: hisi_sas: Rollback some operations if FLR failed (git-fixes).
* scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs (git-
fixes).
* scsi: ibmvfc: Fix erroneous use of rtas_busy_delay with hcall return code
(git-fixes).
* scsi: ibmvfc: Implement channel queue depth and event buffer accounting
(bsc#1209834 ltc#202097).
* scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (bsc#1209834
ltc#202097).
* scsi: iscsi: Rename iscsi_set_param() to iscsi_if_set_param() (git-fixes).
* scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()
(git-fixes).
* scsi: lpfc: Change VMID driver load time parameters to read only
(bsc#1219582).
* scsi: lpfc: Move determination of vmid_flag after VMID reinitialization
completes (bsc#1219582).
* scsi: lpfc: Reinitialize an NPIV's VMID data structures after FDISC
(bsc#1219582).
* scsi: lpfc: Update lpfc version to 14.2.0.17 (bsc#1219582).
* scsi: megaraid_sas: Fix deadlock on firmware crashdump (git-fixes).
* scsi: megaraid_sas: Increase register read retry rount from 3 to 30 for
selected registers (git-fixes).
* scsi: mpt3sas: Fix an outdated comment (git-fixes).
* scsi: mpt3sas: Fix in error path (git-fixes).
* scsi: mpt3sas: Fix loop logic (bsc#1219067).
* scsi: mpt3sas: Fix loop logic (git-fixes).
* scsi: pm80xx: Avoid leaking tags when processing
OPC_INB_SET_CONTROLLER_CONFIG command (git-fixes).
* scsi: pm80xx: Use phy-specific SAS address when sending PHY_START command
(git-fixes).
* scsi: qla2xxx: Fix system crash due to bad pointer access (git-fixes).
* selftests/net: fix grep checking for fib_nexthop_multiprefix (git-fixes).
* serial: 8250: omap: Do not skip resource freeing if
pm_runtime_resume_and_get() failed (git-fixes).
* serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
* serial: imx: Correct clock error message in function probe() (git-fixes).
* serial: imx: fix tx statemachine deadlock (git-fixes).
* serial: max310x: fail probe if clock crystal is unstable (git-fixes).
* serial: max310x: improve crystal stable clock detection (git-fixes).
* serial: max310x: set default value when reading clock ready bit (git-fixes).
* serial: sc16is7xx: add check for unsupported SPI modes during probe (git-
fixes).
* serial: sc16is7xx: set safe default SPI clock frequency (git-fixes).
* serial: sccnxp: Improve error message if regulator_disable() fails (git-
fixes).
* shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs (git-
fixes).
* software node: Let args be NULL in software_node_get_reference_args (git-
fixes).
* spi: spi-zynqmp-gqspi: fix driver kconfig dependencies (git-fixes).
* swiotlb-xen: provide the "max_mapping_size" method (git-fixes).
* swiotlb: fix a braino in the alignment check fix (bsc#1216559).
* swiotlb: fix slot alignment checks (bsc#1216559).
* trace,smp: Add tracepoints around remotelly called functions (bsc#1217895).
* tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).
* tracing/trigger: Fix to return error if failed to alloc snapshot (git-
fixes).
* tracing: Add size check when printing trace_marker output (git-fixes).
* tracing: Ensure visibility when inserting an element into tracing_map (git-
fixes).
* tracing: Fix uaf issue when open the hist or hist_debug file (git-fixes).
* tracing: Have large events show up as '[LINE TOO BIG]' instead of nothing
(git-fixes).
* ubifs: Check @c->dirty_[n|p]n_cnt and @c->nroot state under @c->lp_mutex
(git-fixes).
* ubifs: ubifs_link: Fix wrong name len calculating when UBIFS is encrypted
(git-fixes).
* ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path (git-
fixes).
* uio: Fix use-after-free in uio_open (git-fixes).
* usb: cdns3: Fix uvc fail when DMA cross 4k boundery since sg enabled (git-
fixes).
* usb: cdns3: fix uvc failure work since sg support enabled (git-fixes).
* usb: chipidea: wait controller resume finished for wakeup irq (git-fixes).
* usb: dwc: ep0: Update request status in dwc3_ep0_stall_restart (git-fixes).
* usb: fsl-mph-dr-of: mark fsl_usb2_mpc5121_init() static (git-fixes).
* usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-
fixes).
* usb: mon: Fix atomicity violation in mon_bin_vma_fault (git-fixes).
* usb: otg numberpad exception (bsc#1218527).
* usb: phy: mxs: remove CONFIG_USB_OTG condition for mxs_phy_is_otg_host()
(git-fixes).
* usb: typec: class: fix typec_altmode_put_partner to put plugs (git-fixes).
* usb: ucsi: Add missing ppm_lock (git-fixes).
* usb: ucsi_acpi: Fix command completion handling (git-fixes).
* usb: xhci-mtk: fix a short packet issue of gen1 isoc-in transfer (git-
fixes).
* usr/Kconfig: fix typos of "its" (git-fixes).
* vfs: make freeze_super abort when sync_filesystem returns error (git-fixes).
* vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE (git-fixes).
* virtio-mmio: fix memory leak of vm_dev (git-fixes).
* virtio_balloon: Fix endless deflation and inflation on arm64 (git-fixes).
* vmstat: skip periodic vmstat update for isolated CPUs (bsc#1217895).
* vsock/virtio: Fix unsigned integer wrap around in
virtio_transport_has_space() (git-fixes).
* watchdog/hpwdt: Only claim UNKNOWN NMI if from iLO (git-fixes).
* watchdog: bcm2835_wdt: Fix WDIOC_SETTIMEOUT handling (git-fixes).
* watchdog: rti_wdt: Drop runtime pm reference count when watchdog is unused
(git-fixes).
* watchdog: set cdev owner before adding (git-fixes).
* wifi: ath11k: Defer on rproc_get failure (git-fixes).
* wifi: cfg80211: lock wiphy mutex for rfkill poll (git-fixes).
* wifi: iwlwifi: mvm: send TX path flush in rfkill (git-fixes).
* wifi: iwlwifi: mvm: set siso/mimo chains to 1 in FW SMPS request (git-
fixes).
* wifi: iwlwifi: pcie: avoid a NULL pointer dereference (git-fixes).
* wifi: libertas: stop selecting wext (git-fixes).
* wifi: mt76: fix broken precal loading from MTD for mt7915 (git-fixes).
* wifi: mt76: mt7921s: fix workqueue problem causes STA association fail (git-
fixes).
* wifi: mwifiex: configure BSSID consistently when starting AP (git-fixes).
* wifi: rtlwifi: Convert LNKCTL change to PCIe cap RMW accessors (git-fixes).
* wifi: rtlwifi: Remove bogus and dangerous ASPM disable/enable code (git-
fixes).
* wifi: rtlwifi: add calculate_bit_shift() (git-fixes).
* wifi: rtlwifi: rtl8188ee: phy: using calculate_bit_shift() (git-fixes).
* wifi: rtlwifi: rtl8192c: using calculate_bit_shift() (git-fixes).
* wifi: rtlwifi: rtl8192ce: using calculate_bit_shift() (git-fixes).
* wifi: rtlwifi: rtl8192cu: using calculate_bit_shift() (git-fixes).
* wifi: rtlwifi: rtl8192de: using calculate_bit_shift() (git-fixes).
* wifi: rtlwifi: rtl8192ee: using calculate_bit_shift() (git-fixes).
* wifi: rtlwifi: rtl8192se: using calculate_bit_shift() (git-fixes).
* wifi: rtlwifi: rtl8821ae: phy: fix an undefined bitwise shift behavior (git-
fixes).
* wifi: rtw88: fix RX filter in FIF_ALLMULTI flag (git-fixes).
* x86/MCE/AMD, EDAC/mce_amd: Decode UMC_V2 ECC errors (jsc#PED-7616).
* x86/MCE/AMD: Add new MA_LLC, USR_DP, and USR_CP bank types (jsc#PED-7622).
* x86/MCE/AMD: Split amd_mce_is_memory_error() (jsc#PED-7623).
* x86/amd_nb: Add AMD Family MI300 PCI IDs (jsc#PED-7622).
* x86/amd_nb: Add MI200 PCI IDs (jsc#PED-7616).
* x86/cpu: Merge Intel and AMD ppin_init() functions (jsc#PED-7615).
* x86/cpu: Read/save PPIN MSR during initialization (jsc#PED-7615).
* x86/entry/ia32: Ensure s32 is sign extended to s64 (bsc#1193285).
* x86/hyperv: Fix the detection of E820_TYPE_PRAM in a Gen2 VM (git-fixes).
* x86/hyperv: Use atomic_try_cmpxchg() to micro-optimize hv_nmi_unknown()
(git-fixes).
* x86/mce: Cleanup mce_usable_address() (jsc#PED-7623).
* x86/mce: Define amd_mce_usable_address() (jsc#PED-7623).
* xen-pciback: Consider INTx disabled when MSI/MSI-X is enabled (git-fixes).
* xen/events: fix delayed eoi list handling (git-fixes).
* xhci: Add grace period after xHC start to prevent premature runtime suspend
(git-fixes).
* xhci: cleanup xhci_hub_control port references (git-fixes).
* xhci: pass port pointer as parameter to xhci_set_port_power() (git-fixes).
* xhci: track port suspend state correctly in unsuccessful resume cases (git-
fixes).
## Special Instructions and Notes:
* Please reboot the system after installing this update.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-469=1 openSUSE-SLE-15.5-2024-469=1
* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-469=1
* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-469=1
* SUSE Real Time Module 15-SP5
zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-469=1
## Package List:
* openSUSE Leap 15.5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.35.1
* kernel-source-rt-5.14.21-150500.13.35.1
* openSUSE Leap 15.5 (x86_64)
* kernel-rt-devel-5.14.21-150500.13.35.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.35.1
* reiserfs-kmp-rt-5.14.21-150500.13.35.1
* kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-1-150500.11.5.1
* kselftests-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.35.1
* kernel-rt-livepatch-devel-5.14.21-150500.13.35.1
* cluster-md-kmp-rt-5.14.21-150500.13.35.1
* kernel-rt_debug-vdso-5.14.21-150500.13.35.1
* kernel-rt-debuginfo-5.14.21-150500.13.35.1
* dlm-kmp-rt-5.14.21-150500.13.35.1
* gfs2-kmp-rt-5.14.21-150500.13.35.1
* reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-rt-livepatch-5.14.21-150500.13.35.1
* kernel-rt-optional-debuginfo-5.14.21-150500.13.35.1
* kernel-rt-debugsource-5.14.21-150500.13.35.1
* kernel-rt-extra-debuginfo-5.14.21-150500.13.35.1
* kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-1-150500.11.5.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.35.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.35.1
* kernel-livepatch-5_14_21-150500_13_35-rt-1-150500.11.5.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.35.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kselftests-kmp-rt-5.14.21-150500.13.35.1
* kernel-rt-vdso-5.14.21-150500.13.35.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-rt_debug-livepatch-devel-5.14.21-150500.13.35.1
* kernel-rt_debug-devel-5.14.21-150500.13.35.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-syms-rt-5.14.21-150500.13.35.1
* kernel-rt-devel-debuginfo-5.14.21-150500.13.35.1
* kernel-rt-extra-5.14.21-150500.13.35.1
* kernel-rt-optional-5.14.21-150500.13.35.1
* ocfs2-kmp-rt-5.14.21-150500.13.35.1
* openSUSE Leap 15.5 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150500.13.35.1
* kernel-rt-5.14.21-150500.13.35.1
* SUSE Linux Enterprise Micro 5.5 (nosrc x86_64)
* kernel-rt-5.14.21-150500.13.35.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* kernel-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-rt-debugsource-5.14.21-150500.13.35.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-1-150500.11.5.1
* kernel-livepatch-5_14_21-150500_13_35-rt-1-150500.11.5.1
* kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-1-150500.11.5.1
* SUSE Real Time Module 15-SP5 (x86_64)
* kernel-rt-devel-5.14.21-150500.13.35.1
* kernel-rt-vdso-debuginfo-5.14.21-150500.13.35.1
* kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.35.1
* cluster-md-kmp-rt-5.14.21-150500.13.35.1
* kernel-rt_debug-vdso-5.14.21-150500.13.35.1
* kernel-rt-debuginfo-5.14.21-150500.13.35.1
* dlm-kmp-rt-5.14.21-150500.13.35.1
* gfs2-kmp-rt-5.14.21-150500.13.35.1
* kernel-rt-debugsource-5.14.21-150500.13.35.1
* ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-rt_debug-debuginfo-5.14.21-150500.13.35.1
* kernel-rt_debug-debugsource-5.14.21-150500.13.35.1
* kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.35.1
* gfs2-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-rt-vdso-5.14.21-150500.13.35.1
* dlm-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-rt_debug-devel-5.14.21-150500.13.35.1
* cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.35.1
* kernel-syms-rt-5.14.21-150500.13.35.1
* kernel-rt-devel-debuginfo-5.14.21-150500.13.35.1
* ocfs2-kmp-rt-5.14.21-150500.13.35.1
* SUSE Real Time Module 15-SP5 (noarch)
* kernel-devel-rt-5.14.21-150500.13.35.1
* kernel-source-rt-5.14.21-150500.13.35.1
* SUSE Real Time Module 15-SP5 (nosrc x86_64)
* kernel-rt_debug-5.14.21-150500.13.35.1
* kernel-rt-5.14.21-150500.13.35.1
## References:
* https://www.suse.com/security/cve/CVE-2021-33631.html
* https://www.suse.com/security/cve/CVE-2023-46838.html
* https://www.suse.com/security/cve/CVE-2023-47233.html
* https://www.suse.com/security/cve/CVE-2023-4921.html
* https://www.suse.com/security/cve/CVE-2023-51042.html
* https://www.suse.com/security/cve/CVE-2023-51043.html
* https://www.suse.com/security/cve/CVE-2023-51780.html
* https://www.suse.com/security/cve/CVE-2023-51782.html
* https://www.suse.com/security/cve/CVE-2023-6040.html
* https://www.suse.com/security/cve/CVE-2023-6356.html
* https://www.suse.com/security/cve/CVE-2023-6531.html
* https://www.suse.com/security/cve/CVE-2023-6535.html
* https://www.suse.com/security/cve/CVE-2023-6536.html
* https://www.suse.com/security/cve/CVE-2023-6915.html
* https://www.suse.com/security/cve/CVE-2024-0565.html
* https://www.suse.com/security/cve/CVE-2024-0641.html
* https://www.suse.com/security/cve/CVE-2024-0775.html
* https://www.suse.com/security/cve/CVE-2024-1085.html
* https://www.suse.com/security/cve/CVE-2024-1086.html
* https://bugzilla.suse.com/show_bug.cgi?id=1065729
* https://bugzilla.suse.com/show_bug.cgi?id=1108281
* https://bugzilla.suse.com/show_bug.cgi?id=1141539
* https://bugzilla.suse.com/show_bug.cgi?id=1174649
* https://bugzilla.suse.com/show_bug.cgi?id=1181674
* https://bugzilla.suse.com/show_bug.cgi?id=1193285
* https://bugzilla.suse.com/show_bug.cgi?id=1194869
* https://bugzilla.suse.com/show_bug.cgi?id=1209834
* https://bugzilla.suse.com/show_bug.cgi?id=1210443
* https://bugzilla.suse.com/show_bug.cgi?id=1211515
* https://bugzilla.suse.com/show_bug.cgi?id=1212091
* https://bugzilla.suse.com/show_bug.cgi?id=1214377
* https://bugzilla.suse.com/show_bug.cgi?id=1215275
* https://bugzilla.suse.com/show_bug.cgi?id=1215885
* https://bugzilla.suse.com/show_bug.cgi?id=1216441
* https://bugzilla.suse.com/show_bug.cgi?id=1216559
* https://bugzilla.suse.com/show_bug.cgi?id=1216702
* https://bugzilla.suse.com/show_bug.cgi?id=1217895
* https://bugzilla.suse.com/show_bug.cgi?id=1217987
* https://bugzilla.suse.com/show_bug.cgi?id=1217988
* https://bugzilla.suse.com/show_bug.cgi?id=1217989
* https://bugzilla.suse.com/show_bug.cgi?id=1218005
* https://bugzilla.suse.com/show_bug.cgi?id=1218447
* https://bugzilla.suse.com/show_bug.cgi?id=1218527
* https://bugzilla.suse.com/show_bug.cgi?id=1218659
* https://bugzilla.suse.com/show_bug.cgi?id=1218713
* https://bugzilla.suse.com/show_bug.cgi?id=1218723
* https://bugzilla.suse.com/show_bug.cgi?id=1218730
* https://bugzilla.suse.com/show_bug.cgi?id=1218738
* https://bugzilla.suse.com/show_bug.cgi?id=1218752
* https://bugzilla.suse.com/show_bug.cgi?id=1218757
* https://bugzilla.suse.com/show_bug.cgi?id=1218768
* https://bugzilla.suse.com/show_bug.cgi?id=1218778
* https://bugzilla.suse.com/show_bug.cgi?id=1218779
* https://bugzilla.suse.com/show_bug.cgi?id=1218804
* https://bugzilla.suse.com/show_bug.cgi?id=1218832
* https://bugzilla.suse.com/show_bug.cgi?id=1218836
* https://bugzilla.suse.com/show_bug.cgi?id=1218916
* https://bugzilla.suse.com/show_bug.cgi?id=1218948
* https://bugzilla.suse.com/show_bug.cgi?id=1218958
* https://bugzilla.suse.com/show_bug.cgi?id=1218968
* https://bugzilla.suse.com/show_bug.cgi?id=1218997
* https://bugzilla.suse.com/show_bug.cgi?id=1219006
* https://bugzilla.suse.com/show_bug.cgi?id=1219012
* https://bugzilla.suse.com/show_bug.cgi?id=1219013
* https://bugzilla.suse.com/show_bug.cgi?id=1219014
* https://bugzilla.suse.com/show_bug.cgi?id=1219053
* https://bugzilla.suse.com/show_bug.cgi?id=1219067
* https://bugzilla.suse.com/show_bug.cgi?id=1219120
* https://bugzilla.suse.com/show_bug.cgi?id=1219128
* https://bugzilla.suse.com/show_bug.cgi?id=1219136
* https://bugzilla.suse.com/show_bug.cgi?id=1219285
* https://bugzilla.suse.com/show_bug.cgi?id=1219349
* https://bugzilla.suse.com/show_bug.cgi?id=1219412
* https://bugzilla.suse.com/show_bug.cgi?id=1219429
* https://bugzilla.suse.com/show_bug.cgi?id=1219434
* https://bugzilla.suse.com/show_bug.cgi?id=1219490
* https://bugzilla.suse.com/show_bug.cgi?id=1219512
* https://bugzilla.suse.com/show_bug.cgi?id=1219568
* https://bugzilla.suse.com/show_bug.cgi?id=1219582
* https://jira.suse.com/browse/PED-4729
* https://jira.suse.com/browse/PED-6694
* https://jira.suse.com/browse/PED-7322
* https://jira.suse.com/browse/PED-7615
* https://jira.suse.com/browse/PED-7616
* https://jira.suse.com/browse/PED-7620
* https://jira.suse.com/browse/PED-7622
* https://jira.suse.com/browse/PED-7623
1
0
14 Feb '24
# Security update for tomcat10
Announcement ID: SUSE-SU-2024:0473-1
Rating: important
References:
* bsc#1219208
Cross-References:
* CVE-2024-22029
CVSS scores:
* CVE-2024-22029 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products:
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* Web and Scripting Module 15-SP5
An update that solves one vulnerability can now be installed.
## Description:
This update for tomcat10 fixes the following issues:
* CVE-2024-22029: Fixed escalation to root from tomcat user via %post script.
(bsc#1219208)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-473=1
* Web and Scripting Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-473=1
## Package List:
* openSUSE Leap 15.5 (noarch)
* tomcat10-admin-webapps-10.1.18-150200.5.11.1
* tomcat10-el-5_0-api-10.1.18-150200.5.11.1
* tomcat10-docs-webapp-10.1.18-150200.5.11.1
* tomcat10-jsp-3_1-api-10.1.18-150200.5.11.1
* tomcat10-10.1.18-150200.5.11.1
* tomcat10-lib-10.1.18-150200.5.11.1
* tomcat10-webapps-10.1.18-150200.5.11.1
* tomcat10-embed-10.1.18-150200.5.11.1
* tomcat10-servlet-6_0-api-10.1.18-150200.5.11.1
* tomcat10-jsvc-10.1.18-150200.5.11.1
* Web and Scripting Module 15-SP5 (noarch)
* tomcat10-admin-webapps-10.1.18-150200.5.11.1
* tomcat10-el-5_0-api-10.1.18-150200.5.11.1
* tomcat10-jsp-3_1-api-10.1.18-150200.5.11.1
* tomcat10-lib-10.1.18-150200.5.11.1
* tomcat10-10.1.18-150200.5.11.1
* tomcat10-webapps-10.1.18-150200.5.11.1
* tomcat10-servlet-6_0-api-10.1.18-150200.5.11.1
## References:
* https://www.suse.com/security/cve/CVE-2024-22029.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219208
1
0