Packages changed: apparmor atk busybox catatonit (0.1.6 -> 0.1.7) ceph (16.2.7.640+gceb23c7491b -> 16.2.7.654+gd5a90ff46f0) cups (2.3.3op2 -> 2.4.1) dracut (055+suse.238.gacab0df5 -> 056+suse.261.gf83268d5) ethtool (5.16 -> 5.17) freetype2 (2.11.1 -> 2.12.0) gcc12 (11.2.1+git1406 -> 12.0.1+git192423) glib2 harfbuzz (4.1.0 -> 4.2.0) kernel-firmware (20220309 -> 20220411) kernel-source (5.17.1 -> 5.17.2) ldb (2.4.2 -> 2.5.0) libX11 (1.7.3.1 -> 1.7.5) libXcursor (1.2.0 -> 1.2.1) libapparmor libarchive (3.6.0 -> 3.6.1) libeconf (0.4.4+git20220104.962774f -> 0.4.5+git20220406.c9658f2) libmnl (1.0.4 -> 1.0.5) libnfnetlink (1.0.1 -> 1.0.2) libnvme (1.0~8 -> 1.0) mozilla-nss (3.75 -> 3.76.1) nvme-cli (2.0~8 -> 2.0) open-iscsi perl-Bootloader (0.937 -> 0.938) podman (3.4.4 -> 4.0.3) procps (3.3.17 -> 4.0.0) python-M2Crypto python-SQLAlchemy (1.4.32 -> 1.4.35) qemu salt shared-mime-info (2.1 -> 2.2) systemd tdb (1.4.4 -> 1.4.6) tpm2.0-abrmd u-boot-rpiarm64 (2022.01 -> 2022.04) yast2 (4.4.47 -> 4.5.1) === Details === ==== apparmor ==== Subpackages: apparmor-abstractions apparmor-parser apparmor-profiles apparmor-utils python3-apparmor - add profile for zgrep and xzgrep to prevent CVE-2022-1271 (zgrep-profile-mr870.diff) - ensure precompiled cache files are newer than (text) profiles - reload profiles in %posttrans instead of %post to ensure both - profiles and -abstractons package are updated before the cache in /var/cache/apparmor/ gets built (boo#1195463 #c20) ==== atk ==== - Drop dependency from main package to -lang package: there seems to be no indication to this being needed. ==== busybox ==== - Enable udhcpc ==== catatonit ==== Version update (0.1.6 -> 0.1.7) - Update to catatont v0.1.7 - This release adds the ability for catatonit to be used as the only process in a pause container, by passing the -P flag (in this mode no subprocess is spawned and thus no signal forwarding is done). ==== ceph ==== Version update (16.2.7.640+gceb23c7491b -> 16.2.7.654+gd5a90ff46f0) Subpackages: ceph-common libcephfs2 librados2 librbd1 librgw2 python3-ceph-argparse python3-ceph-common python3-cephfs python3-rados python3-rbd python3-rgw - Update to v16.2.7-654-gd5a90ff46f0 + (bsc#1196733) remove build directory during %clean - Update to v16.2.7-652-gf5dc462fdb5 + (bsc#1194875) [SES7P] include/buffer: include - Update to 16.2.7-650-gd083eaa3886 + (pr#469) cephadm: update image paths to registry.suse.com + (pr#468) cephadm: use snmp-notifier image from registry.suse.de + (pr#467) cephadm: infer the default container image during pull + (pr#465) mgr/cephadm: try to get FQDN for inventory address + Sync _constaints file for IBS and OBS ==== cups ==== Version update (2.3.3op2 -> 2.4.1) Subpackages: cups-config libcups2 - Have cups.pc in %{_libdir} to avoid a conflict that cups-devel and cups-devel-32bit would both contain /usr/lib/pkgconfig/cups.pc because when cups.pc is arch dependent it has to be in %{_libdir} which it is because it contains 'libdir=/usr/lib64' on x86_64 (if it was arch independent it would have to be in %{_datadir}) cf. https://build.opensuse.org/request/show/965680 - Improved comments in spec file and in changes file - Have cups.keyring in ASCII armored format - Do not error out when 'make test' fails in the 'check' section because https://github.com/OpenPrinting/cups/issues/155 is not yet actually fixed so currently the testsuite still sometimes fails - Version upgrade to 2.4.1: See https://github.com/openprinting/cups/releases CUPS 2.4.1 is the first bug fix release from 2.4.x series. Among the other bug fixes it fixes sharing default color mode to clients and several memory leaks. * The default color mode now is now configurable and defaults to the printer's reported default mode (Issue #277) * Configuration script now checks linking for -Wl,-pie flags (Issue #303) * Fixed memory leaks - in testi18n (Issue #313), in cups_enum_dests() (Issue #317), in _cupsEncodeOption() and http_tls_upgrade() (Issue #322) * Fixed missing bracket in de/index.html (Issue #299) * Fixed typos in configuration scripts (Issues #304, #316) * Removed remaining legacy code for RIP_MAX_CACHE environment variable (Issue #323) * Removed deprecated directives from cupsctl and cups-files.conf (Issue #300) * Removed purge-jobs legacy code from CGI scripts and templates (Issue #325) - Version upgrade to 2.4.0: CUPS 2.4.0 is the latest stable OpenPrinting CUPS release. Among the changes from beta and release candidate the stable release adds two new configuration options for optimizing cupsd setup on servers and several other changes. * Added configure option --with-idle-exit-timeout (Issue #294) * Added --with-systemd-timeoutstartsec configure option (Issue #298) * DigestOptions now are applied for MD5 Digest authentication defined by RFC 2069 as well (Issue #287) * Fixed compilation on Solaris (Issue #293) * Fixed and improved German translations (Issue #296, Issue #297) - Version upgrade to 2.4rc1: CUPS 2.4rc1 is a release candidate for OpenPrinting CUPS 2.4.0, which adds two enhancements before the stable release. * Added warning and debug messages when loading printers if the queue is raw or with driver (Issue #286) * Compilation now uses -fstack-protector-strong if available (Issue #285) - Version upgrade to 2.4b1: CUPS 2.4b1 is the beta release for OpenPrinting CUPS 2.4 which contains several new features such as basic OAuth support, support for AirPrint and Mopria clients and support for running CUPS as a snap, several deprecations (Kerberos, cups-config), removals of old deprecated directives, and many bug fixes. * Added support for CUPS running in a Snapcraft snap. * Added basic OAuth 2.0 client support (Issue #100) * Added support for AirPrint and Mopria clients (Issue #105) * Added configure support for specifying systemd dependencies in the CUPS service file (Issue #144) * Added several features and improvements to ipptool (Issue #153) * Added a JSON output mode for ipptool. * The ipptool command now correctly reports an error when a test file cannot be found. * CUPS library now uses thread safe getpwnam_r and getpwuid_r functions (Issue #274) * Fixed Kerberos authentication for the web interface (Issue #19) * The ZPL sample driver now supports more "standard" label sizes (Issue #70) * Fixed reporting of printer instances when enumerating and when no options are set for the main instance (Issue #71) * Reverted USB read limit enforcement change from CUPS 2.2.12 (Issue #72) * The IPP backend did not return the correct status code when a job was canceled at the printer/server (Issue #74) * The testlang unit test program now loops over all of the available locales by default (Issue #85) * The cupsfilter command now shows error messages when options are used incorrectly (Issue #88) * The PPD functions now treat boolean values as case-insensitive (Issue #106) * Temporary queue names no longer end with an underscore (Issue #110) * The USB backend now runs as root (Issue #121) * Added pkg-config file for libcups (Issue #122) * Fixed a PPD memory leak caused by emulator definitions (Issue #124) * Fixed a DISPLAY bug in ipptool (Issue #139) * The scheduler now includes the [Job N] prefix for job log messages, even when using syslog logging (Issue #154) * Added support for locales using the GB18030 character set (Issue #159) * httpReconnect2 did not reset the socket file descriptor when the TLS negotiation failed (Apple #5907) * httpUpdate did not reset the socket file descriptor when the TLS negotiation failed (Apple #5915) * The IPP backend now retries Validate-Job requests (Issue #132) * Now show better error messages when a driver interface program fails to provide a PPD file (Issue #148) * Added dark mode support to the CUPS web interface (Issue #152) * Added a workaround for Solaris in httpAddrConnect2 (Issue #156) * Fixed an interaction between --remote-admin and --remote-any for the cupsctl command (Issue #158) * Now use a 60 second timeout for reading USB backchannel data (Issue #160) * The USB backend now tries harder to find a serial number (Issue #170) * Fixed @IF(name) handling in cupsd.conf (Apple #5918) * Fixed documentation and added examples for CUPS' limited CGI support (Apple #5940) * Fixed the lpc command prompt (Apple #5946) * Now always pass "localhost" in the Host: header when talking over a domain socket or the loopback interface (Issue #185) * Fixed a job history update issue in the scheduler (Issue #187) * Fixed job-pages-per-set value for duplex print jobs. * Fixed an edge case in ippReadIO to make sure that only complete attributes and values are retained on an error (Issue #195) * Hardened ippReadIO to prevent invalid IPP messages from being propagated (Issue #195, Issue #196) * The scheduler now supports the "everywhere" model directly (Issue #201) * Fixed some IPP Everywhere option mapping problems (Issue #238) * Fixed support for "job-hold-until" with the Restart-Job operation (Issue #250) * Fixed the default color/grayscale presets for IPP Everywhere PPDs (Issue #262) * Fixed support for the 'offline-report' state for all USB backends (Issue #264) * Documentation fixes (Issue #92, Issue #163, Issue #177, Issue #184) * Localization updates (Issue #123, Issue #129, Issue #134, Issue #146, Issue #164) * USB quirk updates (Issue #192, Issue #270, Apple #5766, Apple #5838, Apple #5843, Apple #5867) * Web interface updates (Issue #142, Issue #218) * The ippeveprinter tool now automatically uses an available port. * Fixed several Windows TLS and hashing issues. * Deprecated cups-config (Issue #97) * Deprecated Kerberos (AuthType Negotiate) authentication (Issue #98) * Removed support for the (long deprecated and unused) FontPath, ListenBackLog, LPDConfigFile, KeepAliveTimeout, RIPCache, and SMBConfigFile directives in cupsd.conf and cups-files.conf. * Stubbed out deprecated httpMD5 functions. * Add test for undefined page ranges during printing. - downgrade-autoconf-requirement.patch downgrades the autoconf requirement to what is currently available in openSUSE - fix-negotiate-authentication-between-CGIs-and-scheduler.patch is obsolete because it is included in the upstream code, see https://github.com/OpenPrinting/cups/commit/3ff789ee90b18205c735e42e599eb3ee3043e88a https://github.com/OpenPrinting/cups/pull/19 https://github.com/apple/cups/pull/5847 https://github.com/apple/cups/issues/5596 - upstream_pull_174.patch is obsolete because it is included in the upstream code, see https://github.com/OpenPrinting/cups/commit/43edb9df51b977d92929b084186dcd67d4f5ca44 https://github.com/OpenPrinting/cups/pull/174 https://github.com/OpenPrinting/cups/issues/72 - patch cups-2.1.0-cups-systemd-socket.patch is obsolete because it is included in the upstream code, see https://github.com/OpenPrinting/cups/commit/e96e96b4bd0d4e6f634bbb66b95d6e475501541c - Updated upstream source tarball signing key in cups.keyring, see https://github.com/OpenPrinting/cups/discussions/327#discussioncomment-2060579 - Re-enabled the CUPS upstream testsuite via 'make test' and removed 'make check' because since the upstream commit https://github.com/OpenPrinting/cups/commit/96ba46ebc818b610b0e40cbc9d62ef1dcd3ec9b6 the two Makefile targets 'test' and 'check' are identical. - Changed cups-2.1.0-cups-systemd-socket.patch to accomodate new coding style - Changed cups-config-libs.orig to accommodate recent code changes (SSL->TLS) - Changed cups-2.1.0-default-webcontent-path.patch to accommodate code changes - Enhanced harden_cups.service.patch by adding ReadWritePaths=/etc/cups because cupsd needs write access in /etc/cups (boo#1195288) - Added hardening to systemd service(s) (bsc#1181400), see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort Added patch: harden_cups.service.patch ==== dracut ==== Version update (055+suse.238.gacab0df5 -> 056+suse.261.gf83268d5) Subpackages: dracut-ima dracut-mkinitrd-deprecated - Update to version 056+suse.261.gf83268d5: * chore(suse): remove fipscheck requirement (bsc#1198065) - Update to version 056+suse.259.g16e9c5e9: * fix(ifcfg): repair POSIX compliance * fix(network-legacy): repair POSIX compliance * fix(dracut-install): copy files preserving ownership attributes (bsc#1197967) * fix(bluetooth): make $dbussystem/bluetooth.conf optional (bsc#1195047) - Update to version 056+suse.252.g75c0d4d5: See https://github.com/dracutdevs/dracut/releases/tag/056 for details. Additional changes: * feat(resume): sanity check (bsc#1197192) * fix(dracut-initramfs-restore.sh): unpack uncompressed initrd as last option (bsc#1197195) * fix(resume): only exclude this module when swap is netdev * fix(network): do not use network-wicked as default network handler * chore(suse): update spec ==== ethtool ==== Version update (5.16 -> 5.17) - update to upstream release 5.17 * Feature: transceiver module power mode (--set-module) * Feature: transceiver module extended state (--show-module) * Feature: get/set rx buffer length (-g and -G) * Feature: tx copybreak buffer size (--get-tunable and - -set-tunable) * Feature: JSON output for features (-k) * Feature: support OSFP transceiver modules (-m) * Fix: add missing free() calls (--get-tunable and --set-tunable) ==== freetype2 ==== Version update (2.11.1 -> 2.12.0) - update to 2.12.0: - FreeType now handles OT-SVG fonts, to be controlled with `FT_CONFIG_OPTION_SVG` configuration macro. By default, it can only load the 'SVG ' table of an OpenType font. However, by using the `svg-hooks` property of the new 'ot-svg' module it is possible to register an external SVG rendering engine. The FreeType demo programs have been set up to use 'librsvg' as the rendering library. - The handling of fonts with an 'sbix' table has been improved. - The internal 'zlib' code has been updated to be in sync with the current 'zlib' version (1.2.11). - The previously internal load flag `FT_LOAD_SBITS_ONLY` is now public. - Some minor improvements of the building systems, in particular handling of the 'zlib' library (internal vs. external). - Support for non-desktop Universal Windows Platform. - Various other minor bug and documentation fixes. - The `ftdump` demo program shows more information for Type1 fonts if option `-n` is given. - `ftgrid` can now display embedded bitmap strikes. ==== gcc12 ==== Version update (11.2.1+git1406 -> 12.0.1+git192423) Subpackages: libgcc_s1 libgomp1 libstdc++6 - Bump to 86242eb1bd03eba82d8e22b01b16925d43bcc539, git192423. Fixes aarch64 bootstrap issue (PR105144). - Add provides/conflicts to glibc crosses since only one GCC version for the same target can be installed at the same time. - Add provides/conflicts to libgccjit - Bump to 9f37d31324f89d0b7b2abac988a976d121ae29c6, git192251. - Bump to e8cd3edc0fc6c02a732dcecf519c22d835e5f422, git192197. - Bump to c43cb355f25dd22133d15819bd6ec03d3d3939fd, git192094. - Add a proper barebones cross compiler for hppa (named cross-hppa-gcc12-bootstrap). Doesn't yet drop or rename the icecream variant cross-hppa-gcc12, not does this add a proper glibc-using cross compiler for hppa. - drop armv5tel, merge arm and armv6hl - use --with-cpu rather than specifying --with-arch/--with-tune - Bump to 40c1d4a07e5798c01e4364336c9617550744861d, git191925. - Drop unconditional -gccN suffix from libstdc++6-pp packages and instead use the same suffix as for the matching libstdc++6 package it supplements to ease future updates. Add Obsoletes to pre-existing libstdc++6-pp-gcc{9,10,11} packages to allow updates to happen. [bsc#1196107] - Use proper patch for SLE 15.x. - Bump to 4a1c20df82c9e14478d79fbe1ae9690a36285ac1, git191847. - Add gcc12-d-workaround.patch that fixes issue with gcc11 compiler. - Bump to 673a10aee1aafe0c99bfadc29a7458339bdddb3a, git191845. - Bump to 37b583b9d7719f663656ce65ac822c11471fb540, git191817. - Bump sover of libgo library. - Update to trunk head, 165947fecf4d78c7effb0f1ee15e694 (git191602) - Add gcc12-PIE, similar to gcc-PIE but affecting gcc12 [bsc#1195628] - Put libstdc++6-pp Requires on the shared library and drop to Recoomends. - Bump to 943d631abdd7be623cbf2b870d3d0cfef89f5f26, git191519. - Update to trunk head, 978abe918f8c8deed28e92297d3c0cc (git191254) - Fix filenames in the following patches: gcc11-amdgcn-disable-hot-cold-partitioning.patch, gcc41-ppc32-retaddr.patch. - Bump to 0bd247bbbe4cf396173f09eeec37e116e98f8471. - Fix filename in gcc10-amdgcn-llvm-as.patch. - Remove sys/rseq.h from include-fixed - Bump to 3c4a54adb2164315d18fd8980c0fc37eb3d22252. - Rebase patches after .cc renaming. - New package, inherits from gcc11 * Enable LSAN and TSAN for s390x target. * Require gcc-d as dependency for proper bootstrap. * Use gcc11-amdgcn-disable-hot-cold-partitioning.patch only conditionally on older SUSE products. * Add --enable-offload-defaulted to configure options. * Include a couple of new header files. * Do not require llvm11 for cross compilers (assembler was fixed in latest LLVM releases), use llvm11 only on SLE 15. * Remove unnecessary gcc10-foffload-default.patch patch. - Take patches inherited from GCC 11. * gcc-add-defaultsspec.diff, add the ability to provide a specs file that is read by default * tls-no-direct.diff, avoid direct %fs references on x86 to not slow down Xen * gcc43-no-unwind-tables.diff, do not produce unwind tables for CRT files * gcc41-ppc32-retaddr.patch, fix expansion of __builtin_return_addr for ppc, just a testcase * gcc44-textdomain.patch, make translation files version specific and adjust textdomain to find them * gcc44-rename-info-files.patch, fix cross-references in info files when renaming them to be version specific * gcc48-libstdc++-api-reference.patch, fix link in the installed libstdc++ html documentation * gcc48-remove-mpfr-2.4.0-requirement.patch, make GCC work with earlier mpfr versions on old products * gcc5-no-return-gcc43-workaround.patch, make build work with host gcc 4.3 * gcc7-remove-Wexpansion-to-defined-from-Wextra.patch, removes new warning from -Wextra * gcc7-avoid-fixinc-error.diff * gcc9-reproducible-builds-buildid-for-checksum.patch * gcc9-reproducible-builds.patch * gcc10-amdgcn-llvm-as.patch ==== glib2 ==== Subpackages: glib2-tools libgio-2_0-0 libglib-2_0-0 libgmodule-2_0-0 libgobject-2_0-0 - remove provides/obsoletes on glib2-doc, it was split into two packages again - spec-cleaner reorderings ==== harfbuzz ==== Version update (4.1.0 -> 4.2.0) - Update to version 4.2.0: + Revert Indic shaper change in previous release that broke some fonts and instead make per-syllable restriction of ?GSUB? application limited to script-specific Indic features, while applying them and discretionary features in one go + Fix decoding of private in gvar table + Fix handling of contextual lookups that delete too many glyphs + Make ?morx? deleted glyphs don?t block ?GPOS? application ==== kernel-firmware ==== Version update (20220309 -> 20220411) Subpackages: kernel-firmware-all kernel-firmware-amdgpu kernel-firmware-ath10k kernel-firmware-ath11k kernel-firmware-atheros kernel-firmware-bluetooth kernel-firmware-bnx2 kernel-firmware-brcm kernel-firmware-chelsio kernel-firmware-dpaa2 kernel-firmware-i915 kernel-firmware-intel kernel-firmware-iwlwifi kernel-firmware-liquidio kernel-firmware-marvell kernel-firmware-media kernel-firmware-mediatek kernel-firmware-mellanox kernel-firmware-mwifiex kernel-firmware-network kernel-firmware-nfp kernel-firmware-nvidia kernel-firmware-platform kernel-firmware-prestera kernel-firmware-qcom kernel-firmware-qlogic kernel-firmware-radeon kernel-firmware-realtek kernel-firmware-serial kernel-firmware-sound kernel-firmware-ti kernel-firmware-ueagle kernel-firmware-usb-network - Update to version 20220411 (git commit f219d616f42b): * mediatek: Add mt8192 SCP firmware * linux-firmware: Update AMD cpu microcode * nvidia: add GA102/GA103/GA104/GA106/GA107 signed firmware * brcm: rename Rock960 NVRAM to AP6356S and link devices to it * linux-firmware: Update firmware file for Intel Bluetooth 9462 * linux-firmware: Update firmware file for Intel Bluetooth 9462 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX211 * linux-firmware: Update firmware file for Intel Bluetooth AX210 * linux-firmware: Update firmware file for Intel Bluetooth AX200 * linux-firmware: Update firmware file for Intel Bluetooth AX201 * linux-firmware: Update firmware file for Intel Bluetooth 9560 * linux-firmware: Update firmware file for Intel Bluetooth 9260 * amdgpu: update green sardine VCN firmware * amdgpu: update renoir VCN firmware * amdgpu: update navi14 VCN firmware * amdgpu: update navi12 VCN firmware * amdgpu: update navi10 VCN firmware * linux-firmware: update firmware for MT7921 WiFi device * linux-firmware: update firmware for mediatek bluetooth chip (MT7921) * rtw88: 8821c: Update normal firmware to v24.11.00 * ice: Add wireless edge file for Intel E800 series driver * ice: update ice DDP comms package to 1.3.31.0 * amdgpu: update PSP 13.0.8 firmware * amdgpu: update GC 10.3.7 firmware * rtl_bt: Add firmware and config files for RTL8852B - Update aliases ==== kernel-source ==== Version update (5.17.1 -> 5.17.2) - Linux 5.17.2 (bsc#1012628). - USB: serial: pl2303: add IBM device IDs (bsc#1012628). - dt-bindings: usb: hcd: correct usb-device path (bsc#1012628). - USB: serial: pl2303: fix GS type detection (bsc#1012628). - USB: serial: simple: add Nokia phone driver (bsc#1012628). - mm: kfence: fix missing objcg housekeeping for SLAB (bsc#1012628). - locking/lockdep: Avoid potential access of invalid memory in lock_class (bsc#1012628). - drm/amdgpu: move PX checking into amdgpu_device_ip_early_init (bsc#1012628). - drm/amdgpu: only check for _PR3 on dGPUs (bsc#1012628). - iommu/iova: Improve 32-bit free space estimate (bsc#1012628). - block: flush plug based on hardware and software queue order (bsc#1012628). - block: ensure plug merging checks the correct queue at least once (bsc#1012628). - usb: typec: tipd: Forward plug orientation to typec subsystem (bsc#1012628). - USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c (bsc#1012628). - xhci: fix garbage USBSTS being logged in some cases (bsc#1012628). - xhci: fix runtime PM imbalance in USB2 resume (bsc#1012628). - xhci: make xhci_handshake timeout for xhci_reset() adjustable (bsc#1012628). - xhci: fix uninitialized string returned by xhci_decode_ctrl_ctx() (bsc#1012628). - mei: me: disable driver on the ign firmware (bsc#1012628). - mei: me: add Alder Lake N device id (bsc#1012628). - mei: avoid iterator usage outside of list_for_each_entry (bsc#1012628). - bus: mhi: pci_generic: Add mru_default for Quectel EM1xx series (bsc#1012628). - bus: mhi: Fix pm_state conversion to string (bsc#1012628). - bus: mhi: Fix MHI DMA structure endianness (bsc#1012628). - docs: sphinx/requirements: Limit jinja2<3.1 (bsc#1012628). - coresight: Fix TRCCONFIGR.QE sysfs interface (bsc#1012628). - coresight: syscfg: Fix memleak on registration failure in cscfg_create_device (bsc#1012628). - dt-bindings: iio: adc: zynqmp_ams: Add clock entry (bsc#1012628). - iio: adc: xilinx-ams: Fix single channel switching sequence (bsc#1012628). - iio: accel: mma8452: use the correct logic to get mma8452_data (bsc#1012628). - iio: adc: aspeed: Add divider flag to fix incorrect voltage reading (bsc#1012628). - iio: imu: st_lsm6dsx: use dev_to_iio_dev() to get iio_dev struct (bsc#1012628). - iio: afe: rescale: use s64 for temporary scale calculations (bsc#1012628). - iio: adc: xilinx-ams: Fixed missing PS channels (bsc#1012628). - iio: adc: xilinx-ams: Fixed wrong sequencer register settings (bsc#1012628). - iio: inkern: apply consumer scale on IIO_VAL_INT cases (bsc#1012628). - iio: inkern: apply consumer scale when no channel scale is available (bsc#1012628). - iio: inkern: make a best effort on offset calculation (bsc#1012628). - greybus: svc: fix an error handling bug in gb_svc_hello() (bsc#1012628). - clk: rockchip: re-add rational best approximation algorithm to the fractional divider (bsc#1012628). - clk: uniphier: Fix fixed-rate initialization (bsc#1012628). - ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE (bsc#1012628). - cifs: truncate the inode and mapping when we simulate fcollapse (bsc#1012628). - cifs: fix handlecache and multiuser (bsc#1012628). - cifs: we do not need a spinlock around the tree access during umount (bsc#1012628). - KEYS: fix length validation in keyctl_pkey_params_get_2() (bsc#1012628). - KEYS: asymmetric: enforce that sig algo matches key algo (bsc#1012628). - KEYS: asymmetric: properly validate hash_algo and encoding (bsc#1012628). - Documentation: add link to stable release candidate tree (bsc#1012628). - Documentation: update stable tree link (bsc#1012628). - firmware: stratix10-svc: add missing callback parameter on RSU (bsc#1012628). - firmware: sysfb: fix platform-device leak in error path (bsc#1012628). - HID: intel-ish-hid: Use dma_alloc_coherent for firmware update (bsc#1012628). - SUNRPC: avoid race between mod_timer() and del_timer_sync() (bsc#1012628). - SUNRPC: Do not dereference non-socket transports in sysfs (bsc#1012628). - NFS: NFSv2/v3 clients should never be setting NFS_CAP_XATTR (bsc#1012628). - NFSD: prevent underflow in nfssvc_decode_writeargs() (bsc#1012628). - NFSD: prevent integer overflow on 32 bit systems (bsc#1012628). - f2fs: fix to unlock page correctly in error path of is_alive() (bsc#1012628). - f2fs: quota: fix loop condition at f2fs_quota_sync() (bsc#1012628). - f2fs: fix to do sanity check on .cp_pack_total_block_count (bsc#1012628). - remoteproc: Fix count check in rproc_coredump_write() (bsc#1012628). - mm/mlock: fix two bugs in user_shm_lock() (bsc#1012628). - pinctrl: ingenic: Fix regmap on X series SoCs (bsc#1012628). - pinctrl: samsung: drop pin banks references on error paths (bsc#1012628). - net: bnxt_ptp: fix compilation error (bsc#1012628). - spi: mxic: Fix the transmit path (bsc#1012628). - mtd: spi-nor: Skip erase logic when SPI_NOR_NO_ERASE is set (bsc#1012628). - mtd: rawnand: protect access to rawnand devices while in suspend (bsc#1012628). - can: m_can: m_can_tx_handler(): fix use after free of skb (bsc#1012628). - jffs2: fix use-after-free in jffs2_clear_xattr_subsystem (bsc#1012628). - jffs2: fix memory leak in jffs2_do_mount_fs (bsc#1012628). - jffs2: fix memory leak in jffs2_scan_medium (bsc#1012628). - mm: fs: fix lru_cache_disabled race in bh_lru (bsc#1012628). - mm: don't skip swap entry even if zap_details specified (bsc#1012628). - mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node (bsc#1012628). - mm: invalidate hwpoison page cache page in fault path (bsc#1012628). - mempolicy: mbind_range() set_policy() after vma_merge() (bsc#1012628). - scsi: core: sd: Add silence_suspend flag to suppress some PM messages (bsc#1012628). - scsi: ufs: Fix runtime PM messages never-ending cycle (bsc#1012628). - scsi: scsi_transport_fc: Fix FPIN Link Integrity statistics counters (bsc#1012628). - scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands (bsc#1012628). - qed: display VF trust config (bsc#1012628). - qed: validate and restrict untrusted VFs vlan promisc mode (bsc#1012628). - riscv: dts: canaan: Fix SPI3 bus width (bsc#1012628). - riscv: Fix fill_callchain return value (bsc#1012628). - riscv: Increase stack size under KASAN (bsc#1012628). - RISC-V: Declare per cpu boot data as static (bsc#1012628). - cifs: do not skip link targets when an I/O fails (bsc#1012628). - cifs: fix incorrect use of list iterator after the loop (bsc#1012628). - cifs: prevent bad output lengths in smb2_ioctl_query_info() (bsc#1012628). - cifs: fix NULL ptr dereference in smb2_ioctl_query_info() (bsc#1012628). - ALSA: cs4236: fix an incorrect NULL check on list iterator (bsc#1012628). - ALSA: hda: Avoid unsol event during RPM suspending (bsc#1012628). - ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock (bsc#1012628). - ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020 (bsc#1012628). - rtc: mc146818-lib: fix locking in mc146818_set_time (bsc#1012628). - rtc: pl031: fix rtc features null pointer dereference (bsc#1012628). - io_uring: ensure that fsnotify is always called (bsc#1012628). - ocfs2: fix crash when mount with quota enabled (bsc#1012628). - drm/simpledrm: Add "panel orientation" property on non-upright mounted LCD panels (bsc#1012628). - mm: madvise: skip unmapped vma holes passed to process_madvise (bsc#1012628). - mm: madvise: return correct bytes advised with process_madvise (bsc#1012628). - Revert "mm: madvise: skip unmapped vma holes passed to process_madvise" (bsc#1012628). - mm,hwpoison: unmap poisoned page before invalidation (bsc#1012628). - mm: only re-generate demotion targets when a numa node changes its N_CPU state (bsc#1012628). - mm/kmemleak: reset tag when compare object pointer (bsc#1012628). - dm stats: fix too short end duration_ns when using precise_timestamps (bsc#1012628). - dm: fix use-after-free in dm_cleanup_zoned_dev() (bsc#1012628). - dm: interlock pending dm_io and dm_wait_for_bios_completion (bsc#1012628). - dm: fix double accounting of flush with data (bsc#1012628). - dm integrity: set journal entry unused when shrinking device (bsc#1012628). - tracing: Have trace event string test handle zero length strings (bsc#1012628). - drbd: fix potential silent data corruption (bsc#1012628). - can: isotp: sanitize CAN ID checks in isotp_bind() (bsc#1012628). - PCI: fu740: Force 2.5GT/s for initial device probe (bsc#1012628). - arm64: signal: nofpsimd: Do not allocate fp/simd context when not available (bsc#1012628). - arm64: Do not defer reserve_crashkernel() for platforms with no DMA memory zones (bsc#1012628). - arm64: dts: qcom: sm8250: Fix MSI IRQ for PCIe1 and PCIe2 (bsc#1012628). - arm64: dts: ti: k3-am65: Fix gic-v3 compatible regs (bsc#1012628). - arm64: dts: ti: k3-j721e: Fix gic-v3 compatible regs (bsc#1012628). - arm64: dts: ti: k3-j7200: Fix gic-v3 compatible regs (bsc#1012628). - arm64: dts: ti: k3-am64: Fix gic-v3 compatible regs (bsc#1012628). - arm64: dts: ti: k3-j721s2: Fix gic-v3 compatible regs (bsc#1012628). - ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM (bsc#1012628). - mmc: core: use sysfs_emit() instead of sprintf() (bsc#1012628). - Revert "ACPI: Pass the same capabilities to the _OSC regardless of the query flag" (bsc#1012628). - ACPI: properties: Consistently return -ENOENT if there are no more references (bsc#1012628). - coredump: Also dump first pages of non-executable ELF libraries (bsc#1012628). - ext4: fix ext4_fc_stats trace point (bsc#1012628). - ext4: fix fs corruption when tring to remove a non-empty directory with IO error (bsc#1012628). - ext4: make mb_optimize_scan option work with set/unset mount cmd (bsc#1012628). - ext4: make mb_optimize_scan performance mount option work with extents (bsc#1012628). - samples/landlock: Fix path_list memory leak (bsc#1012628). - landlock: Use square brackets around "landlock-ruleset" (bsc#1012628). - mailbox: tegra-hsp: Flush whole channel (bsc#1012628). - btrfs: zoned: put block group after final usage (bsc#1012628). - block: fix rq-qos breakage from skipping rq_qos_done_bio() (bsc#1012628). - block: limit request dispatch loop duration (bsc#1012628). - block: don't merge across cgroup boundaries if blkcg is enabled (bsc#1012628). - drm/edid: check basic audio support on CEA extension block (bsc#1012628). - fbdev: Hot-unplug firmware fb devices on forced removal (bsc#1012628). - video: fbdev: sm712fb: Fix crash in smtcfb_read() (bsc#1012628). - video: fbdev: atari: Atari 2 bpp (STe) palette bugfix (bsc#1012628). - rfkill: make new event layout opt-in (bsc#1012628). - ARM: dts: at91: sama7g5: Remove unused properties in i2c nodes (bsc#1012628). - ARM: dts: at91: sama5d2: Fix PMERRLOC resource size (bsc#1012628). - ARM: dts: exynos: fix UART3 pins configuration in Exynos5250 (bsc#1012628). - ARM: dts: exynos: add missing HDMI supplies on SMDK5250 (bsc#1012628). - ARM: dts: exynos: add missing HDMI supplies on SMDK5420 (bsc#1012628). - mgag200 fix memmapsl configuration in GCTL6 register (bsc#1012628). - carl9170: fix missing bit-wise or operator for tx_params (bsc#1012628). - pstore: Don't use semaphores in always-atomic-context code (bsc#1012628). - thermal: int340x: Increase bitmap size (bsc#1012628). - lib/raid6/test: fix multiple definition linking error (bsc#1012628). - exec: Force single empty string when argv is empty (bsc#1012628). - crypto: rsa-pkcs1pad - only allow with rsa (bsc#1012628). - crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (bsc#1012628). - crypto: rsa-pkcs1pad - restore signature length check (bsc#1012628). - crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (bsc#1012628). - bcache: fixup multiple threads crash (bsc#1012628). - PM: domains: Fix sleep-in-atomic bug caused by genpd_debug_remove() (bsc#1012628). - DEC: Limit PMAX memory probing to R3k systems (bsc#1012628). - media: gpio-ir-tx: fix transmit with long spaces on Orange Pi PC (bsc#1012628). - media: omap3isp: Use struct_group() for memcpy() region (bsc#1012628). - media: venus: vdec: fixed possible memory leak issue (bsc#1012628). - media: venus: hfi_cmds: List HDR10 property as unsupported for v1 and v3 (bsc#1012628). - media: venus: venc: Fix h264 8x8 transform control (bsc#1012628). - media: davinci: vpif: fix unbalanced runtime PM get (bsc#1012628). - media: davinci: vpif: fix unbalanced runtime PM enable (bsc#1012628). - media: davinci: vpif: fix use-after-free on driver unbind (bsc#1012628). - mips: Always permit to build u-boot images (bsc#1012628). - btrfs: zoned: mark relocation as writing (bsc#1012628). - btrfs: extend locking to all space_info members accesses (bsc#1012628). - btrfs: verify the tranisd of the to-be-written dirty extent buffer (bsc#1012628). - xtensa: define update_mmu_tlb function (bsc#1012628). - xtensa: fix stop_machine_cpuslocked call in patch_text (bsc#1012628). - xtensa: fix xtensa_wsr always writing 0 (bsc#1012628). - KVM: s390x: fix SCK locking (bsc#1012628). - drm/syncobj: flatten dma_fence_chains on transfer (bsc#1012628). - drm/nouveau/backlight: Fix LVDS backlight detection on some laptops (bsc#1012628). - drm/nouveau/backlight: Just set all backlight types as RAW (bsc#1012628). - drm/fb-helper: Mark screen buffers in system memory with FBINFO_VIRTFB (bsc#1012628). - brcmfmac: firmware: Allocate space for default boardrev in nvram (bsc#1012628). - brcmfmac: pcie: Release firmwares in the brcmf_pcie_setup error path (bsc#1012628). - brcmfmac: pcie: Declare missing firmware files in pcie.c (bsc#1012628). - brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio (bsc#1012628). - brcmfmac: pcie: Fix crashes due to early IRQs (bsc#1012628). - drm/i915/opregion: check port number bounds for SWSCI display power state (bsc#1012628). - drm/i915/gem: add missing boundary check in vm_access (bsc#1012628). - PCI: imx6: Allow to probe when dw_pcie_wait_for_link() fails (bsc#1012628). - PCI: pciehp: Clear cmd_busy bit in polling mode (bsc#1012628). - PCI: xgene: Revert "PCI: xgene: Use inbound resources for setup" (bsc#1012628). - PCI: xgene: Revert "PCI: xgene: Fix IB window setup" (bsc#1012628). - regulator: qcom_smd: fix for_each_child.cocci warnings (bsc#1012628). - selinux: access superblock_security_struct in LSM blob way (bsc#1012628). - selinux: check return value of sel_make_avc_files (bsc#1012628). - crypto: ccp - Ensure psp_ret is always init'd in __sev_platform_init_locked() (bsc#1012628). - crypto: qat - fix a signedness bug in get_service_enabled() (bsc#1012628). - hwrng: cavium - HW_RANDOM_CAVIUM should depend on ARCH_THUNDER (bsc#1012628). - crypto: sun8i-ss - really disable hash on A80 (bsc#1012628). - crypto: kdf - Select hmac in addition to sha256 (bsc#1012628). - crypto: qat - fix access to PFVF interrupt registers for GEN4 (bsc#1012628). - crypto: authenc - Fix sleep in atomic context in decrypt_tail (bsc#1012628). - crypto: octeontx2 - select CONFIG_NET_DEVLINK (bsc#1012628). - crypto: mxs-dcp - Fix scatterlist processing (bsc#1012628). - selinux: Fix selinux_sb_mnt_opts_compat() (bsc#1012628). - thermal: int340x: Check for NULL after calling kmemdup() (bsc#1012628). - crypto: octeontx2 - remove CONFIG_DM_CRYPT check (bsc#1012628). - spi: tegra114: Add missing IRQ check in tegra_spi_probe (bsc#1012628). - spi: tegra210-quad: Fix missin IRQ check in tegra_qspi_probe (bsc#1012628). - perf: MARVELL_CN10K_TAD_PMU should depend on ARCH_THUNDER (bsc#1012628). - selftests/sgx: Fix NULL-pointer-dereference upon early test failure (bsc#1012628). - selftests/sgx: Do not attempt enclave build without valid enclave (bsc#1012628). - selftests/sgx: Ensure enclave data available during debug print (bsc#1012628). - stack: Constrain and fix stack offset randomization with Clang builds (bsc#1012628). - arm64/mm: avoid fixmap race condition when create pud mapping (bsc#1012628). - security: add sctp_assoc_established hook (bsc#1012628). - security: implement sctp_assoc_established hook in selinux (bsc#1012628). - blk-cgroup: set blkg iostat after percpu stat aggregation (bsc#1012628). - selftests/x86: Add validity check and allow field splitting (bsc#1012628). - selftests/sgx: Treat CC as one argument (bsc#1012628). - crypto: rockchip - ECB does not need IV (bsc#1012628). - block: update io_ticks when io hang (bsc#1012628). - audit: log AUDIT_TIME_* records only from rules (bsc#1012628). - EVM: fix the evm= __setup handler return value (bsc#1012628). - crypto: ccree - don't attempt 0 len DMA mappings (bsc#1012628). - crypto: hisilicon/sec - fix the aead software fallback for engine (bsc#1012628). - spi: pxa2xx-pci: Balance reference count for PCI DMA device (bsc#1012628). - hwmon: (pmbus) Add mutex to regulator ops (bsc#1012628). - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (bsc#1012628). - nvme: cleanup __nvme_check_ids (bsc#1012628). - nvme: fix the check for duplicate unique identifiers (bsc#1012628). - block: don't delete queue kobject before its children (bsc#1012628). - PM: hibernate: fix __setup handler error handling (bsc#1012628). - PM: suspend: fix return value of __setup handler (bsc#1012628). - spi: spi-zynqmp-gqspi: Handle error for dma_set_mask (bsc#1012628). - hwrng: atmel - disable trng on failure path (bsc#1012628). - crypto: sun8i-ss - call finalize with bh disabled (bsc#1012628). - crypto: sun8i-ce - call finalize with bh disabled (bsc#1012628). - crypto: amlogic - call finalize with bh disabled (bsc#1012628). - crypto: gemini - call finalize with bh disabled (bsc#1012628). - crypto: vmx - add missing dependencies (bsc#1012628). - clocksource/drivers/timer-ti-dm: Fix regression from errata i940 fix (bsc#1012628). - clocksource/drivers/exynos_mct: Handle DTS with higher number of interrupts (bsc#1012628). - clocksource/drivers/timer-microchip-pit64b: Use notrace (bsc#1012628). - clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (bsc#1012628). - arm64: prevent instrumentation of bp hardening callbacks (bsc#1012628). - perf/arm-cmn: Hide XP PUB events for CMN-600 (bsc#1012628). - perf/arm-cmn: Update watchpoint format (bsc#1012628). - KEYS: trusted: Fix trusted key backends when building as module (bsc#1012628). - KEYS: trusted: Avoid calling null function trusted_key_exit (bsc#1012628). - ACPI: APEI: fix return value of __setup handlers (bsc#1012628). - crypto: ccp - ccp_dmaengine_unregister release dma channels (bsc#1012628). - crypto: ccree - Fix use after free in cc_cipher_exit() (bsc#1012628). - crypto: qat - fix initialization of pfvf cap_msg structures (bsc#1012628). - crypto: qat - fix initialization of pfvf rts_map_msg structures (bsc#1012628). - hwrng: nomadik - Change clk_disable to clk_disable_unprepare (bsc#1012628). - hwmon: (pmbus) Add Vin unit off handling (bsc#1012628). - clocksource: acpi_pm: fix return value of __setup handler (bsc#1012628). - io_uring: don't check unrelated req->open.how in accept request (bsc#1012628). - io_uring: terminate manual loop iterator loop correctly for non-vecs (bsc#1012628). - watch_queue: Fix NULL dereference in error cleanup (bsc#1012628). - watch_queue: Actually free the watch (bsc#1012628). - f2fs: fix to enable ATGC correctly via gc_idle sysfs interface (bsc#1012628). - sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa (bsc#1012628). - sched/core: Export pelt_thermal_tp (bsc#1012628). - sched/sugov: Ignore 'busy' filter when rq is capped by uclamp_max (bsc#1012628). - sched/uclamp: Fix iowait boost escaping uclamp restriction (bsc#1012628). - rseq: Remove broken uapi field layout on 32-bit little endian (bsc#1012628). - perf/core: Fix address filter parser for multiple filters (bsc#1012628). - perf/x86/intel/pt: Fix address filter config for 32-bit kernel (bsc#1012628). - sched/fair: Improve consistency of allowed NUMA balance calculations (bsc#1012628). - f2fs: fix missing free nid in f2fs_handle_failed_inode (bsc#1012628). - ext4: fix remount with 'abort' option (bsc#1012628). - nfsd: more robust allocation failure handling in nfsd_file_cache_init (bsc#1012628). - sched/cpuacct: Fix charge percpu cpuusage (bsc#1012628). - sched/rt: Plug rt_mutex_setprio() vs push_rt_task() race (bsc#1012628). - f2fs: fix to avoid potential deadlock (bsc#1012628). - btrfs: fix unexpected error path when reflinking an inline extent (bsc#1012628). - iomap: Fix iomap_invalidatepage tracepoint (bsc#1012628). - fs: erofs: add sanity check for kobject in erofs_unregister_sysfs (bsc#1012628). - f2fs: fix compressed file start atomic write may cause data corruption (bsc#1012628). - cifs: use a different reconnect helper for non-cifsd threads (bsc#1012628). - selftests, x86: fix how check_cc.sh is being invoked (bsc#1012628). - drivers/base/memory: add memory block to memory group after registration succeeded (bsc#1012628). - kunit: make kunit_test_timeout compatible with comment (bsc#1012628). - pinctrl: samsung: Remove EINT handler for Exynos850 ALIVE and CMGP gpios (bsc#1012628). - media: staging: media: zoran: fix usage of vb2_dma_contig_set_max_seg_size (bsc#1012628). - media: camss: csid-170: fix non-10bit formats (bsc#1012628). - media: camss: csid-170: don't enable unused irqs (bsc#1012628). - media: camss: csid-170: set the right HALT_CMD when disabled (bsc#1012628). - media: camss: vfe-170: fix "VFE halt timeout" error (bsc#1012628). - media: staging: media: imx: imx7-mipi-csis: Make subdev name unique (bsc#1012628). - media: v4l2-mem2mem: Apply DST_QUEUE_OFF_BASE on MMAP buffers across ioctls (bsc#1012628). - media: mtk-vcodec: potential dereference of null pointer (bsc#1012628). - media: imx: imx8mq-mipi-csi2: remove wrong irq config write operation (bsc#1012628). - media: imx: imx8mq-mipi_csi2: fix system resume (bsc#1012628). - media: bttv: fix WARNING regression on tunerless devices (bsc#1012628). - media: atmel: atmel-sama7g5-isc: fix ispck leftover (bsc#1012628). - ASoC: sh: rz-ssi: Drop calling rz_ssi_pio_recv() recursively (bsc#1012628). - ASoC: codecs: Check for error pointer after calling devm_regmap_init_mmio (bsc#1012628). - ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (bsc#1012628). - ASoC: simple-card-utils: Set sysclk on all components (bsc#1012628). - memory: tegra20-emc: Correct memory device mask (bsc#1012628). - media: coda: Fix missing put_device() call in coda_get_vdoa_data (bsc#1012628). - media: meson: vdec: potential dereference of null pointer (bsc#1012628). - media: hantro: Fix overfill bottom register field name (bsc#1012628). - media: ov6650: Fix set format try processing path (bsc#1012628). - media: v4l: Avoid unaligned access warnings when printing 4cc modifiers (bsc#1012628). - media: ov5648: Don't pack controls struct (bsc#1012628). - media: ov2740: identify module after subdev initialisation (bsc#1012628). - media: aspeed: Correct value for h-total-pixels (bsc#1012628). - video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (bsc#1012628). - video: fbdev: controlfb: Fix COMPILE_TEST build (bsc#1012628). - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (bsc#1012628). - video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (bsc#1012628). - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (bsc#1012628). - ARM: dts: Fix OpenBMC flash layout label addresses (bsc#1012628). - ASoC: max98927: add missing header file (bsc#1012628). - arm64: dts: qcom: sc7280: Fix gmu unit address (bsc#1012628). - firmware: qcom: scm: Remove reassignment to desc following initializer (bsc#1012628). - ARM: dts: qcom: ipq4019: fix sleep clock (bsc#1012628). - soc: qcom: rpmpd: Check for null return of devm_kcalloc (bsc#1012628). - soc: qcom: ocmem: Fix missing put_device() call in of_get_ocmem (bsc#1012628). - soc: qcom: aoss: Fix missing put_device call in qmp_get (bsc#1012628). - soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (bsc#1012628). - arm64: dts: qcom: sdm845: fix microphone bias properties and values (bsc#1012628). - arm64: dts: qcom: sm8250: fix PCIe bindings to follow schema (bsc#1012628). - arm64: dts: qcom: msm8916-j5: Fix typo (bsc#1012628). - arm64: dts: broadcom: bcm4908: use proper TWD binding (bsc#1012628). - arm64: dts: qcom: sm8150: Correct TCS configuration for apps rsc (bsc#1012628). - arm64: dts: qcom: sm8350: Correct TCS configuration for apps rsc (bsc#1012628). - arm64: dts: qcom: sm8450: Update cpuidle states parameters (bsc#1012628). - arm64: dts: qcom: msm8994: Provide missing "xo_board" and "sleep_clk" to GCC (bsc#1012628). - arm64: dts: qcom: ipq6018: fix usb reference period (bsc#1012628). - firmware: ti_sci: Fix compilation failure when CONFIG_TI_SCI_PROTOCOL is not defined (bsc#1012628). - soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (bsc#1012628). - cpuidle: qcom-spm: Check if any CPU is managed by SPM (bsc#1012628). - ARM: dts: sun8i: v3s: Move the csi1 block to follow address order (bsc#1012628). - ARM: dts: stm32: fix AV96 board SAI2 pin muxing on stm32mp15 (bsc#1012628). - vsprintf: Fix potential unaligned access (bsc#1012628). - ARM: dts: qcom: sdx55: Fix the address used for PCIe EP local addr space (bsc#1012628). - ARM: dts: imx: Add missing LVDS decoder on M53Menlo (bsc#1012628). - media: mexon-ge2d: fixup frames size in registers (bsc#1012628). - media: video/hdmi: handle short reads of hdmi info frame (bsc#1012628). - media: ti-vpe: cal: Fix a NULL pointer dereference in cal_ctx_v4l2_init_formats() (bsc#1012628). - media: em28xx: initialize refcount before kref_get (bsc#1012628). - media: uapi: Init VP9 stateless decode params (bsc#1012628). - media: usb: go7007: s2250-board: fix leak in probe() (bsc#1012628). - media: cedrus: H265: Fix neighbour info buffer size (bsc#1012628). - media: cedrus: h264: Fix neighbour info buffer size (bsc#1012628). - arm64: dts: ti: k3-j721s2-mcu-wakeup: Fix the interrupt-parent for wkup_gpioX instances (bsc#1012628). - ASoC: codecs: rx-macro: fix accessing compander for aux (bsc#1012628). - ASoC: codecs: rx-macro: fix accessing array out of bounds for enum type (bsc#1012628). - ASoC: codecs: va-macro: fix accessing array out of bounds for enum type (bsc#1012628). - ASoC: codecs: wc938x: fix accessing array out of bounds for enum type (bsc#1012628). - ASoC: codecs: wcd938x: fix kcontrol max values (bsc#1012628). - ASoC: codecs: wcd934x: fix kcontrol max values (bsc#1012628). - ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (bsc#1012628). - media: v4l2-core: Initialize h264 scaling matrix (bsc#1012628). - media: hantro: sunxi: Fix VP9 steps (bsc#1012628). - media: ov5640: Fix set format, v4l2_mbus_pixelcode not updated (bsc#1012628). - selftests: vm: remove dependecy from internal kernel macros (bsc#1012628). - selftests/lkdtm: Add UBSAN config (bsc#1012628). - vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1012628). - uaccess: fix nios2 and microblaze get_user_8() (bsc#1012628). - ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (bsc#1012628). - ASoC: acp: check the return value of devm_kzalloc() in acp_legacy_dai_links_create() (bsc#1012628). - soc: mediatek: pm-domains: Add wakeup capacity support in power domain (bsc#1012628). - mmc: sdhci_am654: Fix the driver data of AM64 SoC (bsc#1012628). - ASoC: ti: davinci-i2s: Add check for clk_enable() (bsc#1012628). - ALSA: spi: Add check for clk_enable() (bsc#1012628). - arm64: dts: ns2: Fix spi-cpol and spi-cpha property (bsc#1012628). - arm64: dts: broadcom: Fix sata nodename (bsc#1012628). - printk: fix return value of printk.devkmsg __setup handler (bsc#1012628). - ASoC: mxs-saif: Handle errors for clk_enable (bsc#1012628). - ASoC: atmel_ssc_dai: Handle errors for clk_enable (bsc#1012628). - ASoC: dwc-i2s: Handle errors for clk_enable (bsc#1012628). - ASoC: soc-compress: prevent the potentially use of null pointer (bsc#1012628). - media: i2c: Fix pixel array positions in ov8865 (bsc#1012628). - memory: emif: Add check for setup_interrupts (bsc#1012628). - memory: emif: check the pointer temp in get_device_details() (bsc#1012628). - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (bsc#1012628). - arm64: dts: rockchip: Fix SDIO regulator supply properties on rk3399-firefly (bsc#1012628). - m68k: coldfire/device.c: only build for MCF_EDMA when h/w macros are defined (bsc#1012628). - media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (bsc#1012628). - media: vidtv: Check for null return of vzalloc (bsc#1012628). - ASoC: cs35l41: Fix GPIO2 configuration (bsc#1012628). - ASoC: cs35l41: Fix max number of TX channels (bsc#1012628). - ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (bsc#1012628). - ASoC: wm8350: Handle error for wm8350_register_irq (bsc#1012628). - ASoC: fsi: Add check for clk_enable (bsc#1012628). - video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (bsc#1012628). - media: saa7134: fix incorrect use to determine if list is empty (bsc#1012628). - ivtv: fix incorrect device_caps for ivtvfb (bsc#1012628). - ASoC: atmel: Fix error handling in snd_proto_probe (bsc#1012628). - ASoC: rockchip: i2s: Fix missing clk_disable_unprepare() in rockchip_i2s_probe (bsc#1012628). - ASoC: SOF: Add missing of_node_put() in imx8m_probe (bsc#1012628). - ASoC: mediatek: mt8192-mt6359: Fix error handling in mt8192_mt6359_dev_probe (bsc#1012628). - ASoC: rk817: Fix missing clk_disable_unprepare() in rk817_platform_probe (bsc#1012628). - ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (bsc#1012628). - ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (bsc#1012628). - ASoC: fsl_spdif: Disable TX clock when stop (bsc#1012628). - ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (bsc#1012628). - ASoC: SOF: Intel: enable DMI L1 for playback streams (bsc#1012628). - ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (bsc#1012628). - mmc: davinci_mmc: Handle error for clk_enable (bsc#1012628). - rtla/osnoise: Fix osnoise hist stop tracing message (bsc#1012628). - ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume (bsc#1012628). - ASoC: atmel: Fix error handling in sam9x5_wm8731_driver_probe (bsc#1012628). - ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (bsc#1012628). - ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe (bsc#1012628). - ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (bsc#1012628). - ASoC: amd: Fix reference to PCM buffer address (bsc#1012628). - ARM: configs: multi_v5_defconfig: re-enable CONFIG_V4L_PLATFORM_DRIVERS (bsc#1012628). - ARM: configs: multi_v5_defconfig: re-enable DRM_PANEL and FB_xxx (bsc#1012628). - drm/bridge: sn65dsi83: Fix an error handling path in sn65dsi83_probe() (bsc#1012628). - drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (bsc#1012628). - drm/meson: Fix error handling when afbcd.ops->init fails (bsc#1012628). - drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev (bsc#1012628). - drm/bridge: Add missing pm_runtime_disable() in __dw_mipi_dsi_probe (bsc#1012628). - drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (bsc#1012628). - drm: bridge: adv7511: Fix ADV7535 HPD enablement (bsc#1012628). - ath11k: add missing of_node_put() to avoid leak (bsc#1012628). - ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern (bsc#1012628). - drm/v3d/v3d_drv: Check for error num after setting mask (bsc#1012628). - Bluetooth: hci_sync: unlock on error in hci_inquiry_result_with_rssi_evt() (bsc#1012628). - ath11k: free peer for station when disconnect from AP for QCA6390/WCN6855 (bsc#1012628). - drm/panfrost: Check for error num after setting mask (bsc#1012628). - bpftool: Fix error check when calling hashmap__new() (bsc#1012628). - libbpf: Fix possible NULL pointer dereference when destroying skeleton (bsc#1012628). - bpftool: Only set obj->skeleton on complete success (bsc#1012628). - ath11k: fix error code in ath11k_qmi_assign_target_mem_chunk() (bsc#1012628). - udmabuf: validate ubuf->pagecount (bsc#1012628). - bpf: Fix UAF due to race between btf_try_get_module and load_module (bsc#1012628). - drm/selftests/test-drm_dp_mst_helper: Fix memory leak in sideband_msg_req_encode_decode (bsc#1012628). - drm/locking: fix drm_modeset_acquire_ctx kernel-doc (bsc#1012628). - selftests: bpf: Fix bind on used port (bsc#1012628). - Bluetooth: btintel: Fix WBS setting for Intel legacy ROM products (bsc#1012628). - Bluetooth: hci_serdev: call init_rwsem() before p->open() (bsc#1012628). - Bluetooth: mt7921s: fix firmware coredump retrieve (bsc#1012628). - Bluetooth: mt7921s: fix bus hang with wrong privilege (bsc#1012628). - Bluetooth: btmtksdio: refactor btmtksdio_runtime_[suspend|resume]() (bsc#1012628). - Bluetooth: mt7921s: fix btmtksdio_[drv|fw]_pmctrl() (bsc#1012628). - Bluetooth: btmtksdio: mask out interrupt status (bsc#1012628). - mtd: onenand: Check for error irq (bsc#1012628). - mtd: rawnand: gpmi: fix controller timings setting (bsc#1012628). - selftests, xsk: Fix rx_full stats test (bsc#1012628). - drm/edid: Don't clear formats if using deep color (bsc#1012628). - drm/edid: Split deep color modes between RGB and YUV444 (bsc#1012628). - ionic: fix type complaint in ionic_dev_cmd_clean() (bsc#1012628). - ionic: start watchdog after all is setup (bsc#1012628). - ionic: Don't send reset commands if FW isn't running (bsc#1012628). - ionic: fix up printing of timeout error (bsc#1012628). - ionic: Correctly print AQ errors if completions aren't received (bsc#1012628). - net: dsa: Move VLAN filtering syncing out of dsa_switch_bridge_leave (bsc#1012628). - net: dsa: Avoid cross-chip syncing of VLAN filtering (bsc#1012628). - Bluetooth: hci_event: Fix HCI_EV_VENDOR max_len (bsc#1012628). - drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (bsc#1012628). - drm/amd/display: Call dc_stream_release for remove link enc assignment (bsc#1012628). - drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes() (bsc#1012628). - drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (bsc#1012628). - net: phy: at803x: move page selection fix to config_init (bsc#1012628). - selftests/bpf/test_xdp_redirect_multi: use temp netns for testing (bsc#1012628). - ath9k_htc: fix uninit value bugs (bsc#1012628). - ath11k: set WMI_PEER_40MHZ while peer assoc for 6 GHz (bsc#1012628). - RDMA/core: Set MR type in ib_reg_user_mr (bsc#1012628). - KVM: PPC: Fix vmx/vsx mixup in mmio emulation (bsc#1012628). - selftests/net: timestamping: Fix bind_phc check (bsc#1012628). - rtw88: check for validity before using a pointer (bsc#1012628). - rtw88: fix idle mode flow for hw scan (bsc#1012628). - rtw88: fix memory overrun and memory leak during hw_scan (bsc#1012628). - drm/bridge: lt9611: Fix an error handling path in lt9611_probe() (bsc#1012628). - i40e: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (bsc#1012628). - i40e: respect metadata on XSK Rx to skb (bsc#1012628). - ice: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (bsc#1012628). - ice: respect metadata on XSK Rx to skb (bsc#1012628). - igc: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (bsc#1012628). - ixgbe: pass bi->xdp to ixgbe_construct_skb_zc() directly (bsc#1012628). - ixgbe: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (bsc#1012628). - ixgbe: respect metadata on XSK Rx to skb (bsc#1012628). - power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe (bsc#1012628). - ray_cs: Check ioremap return value (bsc#1012628). - powerpc: dts: t1040rdb: fix ports names for Seville Ethernet switch (bsc#1012628). - KVM: PPC: Book3S HV: Check return value of kvmppc_radix_init (bsc#1012628). - powerpc/perf: Don't use perf_hw_context for trace IMC PMU (bsc#1012628). - mt76: connac: fix sta_rec_wtbl tag len (bsc#1012628). - mt76: mt7915: use proper aid value in mt7915_mcu_wtbl_generic_tlv in sta mode (bsc#1012628). - mt76: mt7915: use proper aid value in mt7915_mcu_sta_basic_tlv (bsc#1012628). - mt76: mt76_connac: fix MCU_CE_CMD_SET_ROC definition error (bsc#1012628). - mt76: mt7921: set EDCA parameters with the MCU CE command (bsc#1012628). - mt76: mt7921: do not always disable fw runtime-pm (bsc#1012628). - mt76: mt7921: fix a leftover race in runtime-pm (bsc#1012628). - mt76: mt7615: fix a leftover race in runtime-pm (bsc#1012628). - mt76: mt7915: fix ht mcs in mt7915_mac_add_txs_skb() (bsc#1012628). - mt76: mt7921: fix ht mcs in mt7921_mac_add_txs_skb() (bsc#1012628). - mt76: mt7921s: fix mt7921s_mcu_[fw|drv]_pmctrl (bsc#1012628). - mt76: mt7921e: fix possible probe failure after reboot (bsc#1012628). - mt76: mt7603: check sta_rates pointer in mt7603_sta_rate_tbl_update (bsc#1012628). - mt76: mt7615: check sta_rates pointer in mt7615_sta_rate_tbl_update (bsc#1012628). - mt76: mt7915: fix possible memory leak in mt7915_mcu_add_sta (bsc#1012628). - mt76: mt7921s: fix a possible memory leak in mt7921_load_patch (bsc#1012628). - mt76: mt7915: fix mcs_map in mt7915_mcu_set_sta_he_mcs() (bsc#1012628). - mt76: mt7915: fix the nss setting in bitrates (bsc#1012628). - ptp: unregister virtual clocks when unregistering physical clock (bsc#1012628). - net: dsa: mv88e6xxx: Enable port policy support on 6097 (bsc#1012628). - bpf: Fix a btf decl_tag bug when tagging a function (bsc#1012628). - mac80211: limit bandwidth in HE capabilities (bsc#1012628). - scripts/dtc: Call pkg-config POSIXly correct (bsc#1012628). - livepatch: Fix build failure on 32 bits processors (bsc#1012628). - net: asix: add proper error handling of usb read errors (bsc#1012628). - i2c: bcm2835: Fix the error handling in 'bcm2835_i2c_probe()' (bsc#1012628). - mtd: mchp23k256: Add SPI ID table (bsc#1012628). - mtd: mchp48l640: Add SPI ID table (bsc#1012628). - selftests/bpf: Extract syscall wrapper (bsc#1012628). - selftests/bpf: Use "__se_" prefix on architectures without syscall wrapper (bsc#1012628). - igc: avoid kernel warning when changing RX ring parameters (bsc#1012628). - igb: refactor XDP registration (bsc#1012628). - drm/amdgpu: Don't offset by 2 in FRU EEPROM (bsc#1012628). - PCI: aardvark: Fix reading MSI interrupt number (bsc#1012628). - PCI: aardvark: Fix reading PCI_EXP_RTSTA_PME bit on emulated bridge (bsc#1012628). - RDMA/rxe: Check the last packet by RXE_END_MASK (bsc#1012628). - libbpf: Fix signedness bug in btf_dump_array_data() (bsc#1012628). - libbpf: Fix riscv register names (bsc#1012628). - cxl/core: Fix cxl_probe_component_regs() error message (bsc#1012628). - tools/testing/cxl: Fix root port to host bridge assignment (bsc#1012628). - cxl/regs: Fix size of CXL Capability Header Register (bsc#1012628). - Netvsc: Call hv_unmap_memory() in the netvsc_device_remove() (bsc#1012628). - net:enetc: allocate CBD ring data memory using DMA coherent methods (bsc#1012628). - libbpf: Fix compilation warning due to mismatched printf format (bsc#1012628). - rtw88: fix use after free in rtw_hw_scan_update_probe_req() (bsc#1012628). - drm/bridge: dw-hdmi: use safe format when first in bridge chain (bsc#1012628). - power: supply: ab8500: Swap max and overvoltage (bsc#1012628). - libbpf: Fix libbpf.map inheritance chain for LIBBPF_0.7.0 (bsc#1012628). - libbpf: Use dynamically allocated buffer when receiving netlink messages (bsc#1012628). - power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init (bsc#1012628). - HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports (bsc#1012628). - iommu/ipmmu-vmsa: Check for error num after setting mask (bsc#1012628). - drm/bridge: anx7625: Fix overflow issue on reading EDID (bsc#1012628). - ath11k: fix uninitialized rate_idx in ath11k_dp_tx_update_txcompl() (bsc#1012628). - i2c: pasemi: Drop I2C classes from platform driver variant (bsc#1012628). - bpftool: Fix the error when lookup in no-btf maps (bsc#1012628). - drm/amd/pm: enable pm sysfs write for one VF mode (bsc#1012628). - drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (bsc#1012628). - bpftool: Fix pretty print dump for maps without BTF loaded (bsc#1012628). - libbpf: Fix memleak in libbpf_netlink_recv() (bsc#1012628). - IB/cma: Allow XRC INI QPs to set their local ACK timeout (bsc#1012628). - cxl/core/port: Rename bus.c to port.c (bsc#1012628). - cxl/port: Hold port reference until decoder release (bsc#1012628). - dax: make sure inodes are flushed before destroy cache (bsc#1012628). - selftests: mptcp: add csum mib check for mptcp_connect (bsc#1012628). - iwlwifi: mvm: Don't call iwl_mvm_sta_from_mac80211() with NULL sta (bsc#1012628). - iwlwifi: mvm: don't iterate unadded vifs when handling FW SMPS req (bsc#1012628). - iwlwifi: mvm: align locking in D3 test debugfs (bsc#1012628). - iwlwifi: yoyo: remove DBGI_SRAM address reset writing (bsc#1012628). - iwlwifi: yoyo: Avoid using dram data if allocation failed (bsc#1012628). - iwlwifi: mvm: fix off by one in iwl_mvm_stat_iterator_all_macs() (bsc#1012628). - iwlwifi: Fix -EIO error code that is never returned (bsc#1012628). - iwlwifi: mvm: Fix an error code in iwl_mvm_up() (bsc#1012628). - mtd: rawnand: pl353: Set the nand chip node as the flash node (bsc#1012628). - drm/msm/dp: do not initialize phy until plugin interrupt received (bsc#1012628). - drm/msm/dp: populate connector of struct dp_panel (bsc#1012628). - drm/msm/dp: stop link training after link training 2 failed (bsc#1012628). - drm/msm/dp: always add fail-safe mode into connector mode list (bsc#1012628). - drm/msm/dsi: Use "ref" fw clock instead of global name for VCO parent (bsc#1012628). - drm/msm/dsi/phy: fix 7nm v4.0 settings for C-PHY mode (bsc#1012628). - drm/msm/dpu: add DSPP blocks teardown (bsc#1012628). - drm/msm/dpu: fix dp audio condition (bsc#1012628). - drm/msm/dpu: remove msm_dp cached in dpu_encoder_virt (bsc#1012628). - drm/msm/dp: fix panel bridge attachment (bsc#1012628). - i40e: remove dead stores on XSK hotpath (bsc#1012628). - ath11k: Invalidate cached reo ring entry before accessing it (bsc#1012628). - mips: Enable KCSAN (bsc#1012628). - dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS (bsc#1012628). - vfio/pci: fix memory leak during D3hot to D0 transition (bsc#1012628). - vfio/pci: wake-up devices around reset functions (bsc#1012628). - scsi: fnic: Fix a tracing statement (bsc#1012628). - scsi: pm8001: Fix command initialization in pm80XX_send_read_log() (bsc#1012628). - scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req() (bsc#1012628). - scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config() (bsc#1012628). - scsi: pm8001: Fix le32 values handling in pm80xx_set_sas_protocol_timer_config() (bsc#1012628). - scsi: pm8001: Fix payload initialization in pm80xx_encrypt_update() (bsc#1012628). - scsi: pm8001: Fix le32 values handling in pm80xx_chip_ssp_io_req() (bsc#1012628). - scsi: pm8001: Fix le32 values handling in pm80xx_chip_sata_req() (bsc#1012628). - scsi: pm8001: Fix NCQ NON DATA command task initialization (bsc#1012628). - scsi: pm8001: Fix NCQ NON DATA command completion handling (bsc#1012628). - scsi: pm8001: Fix abort all task initialization (bsc#1012628). - mt76: do not always copy ethhdr in reverse_frag0_hdr_trans (bsc#1012628). - mt76: fix endianness errors in reverse_frag0_hdr_trans (bsc#1012628). - mt76: mt7921s: fix missing fc type/sub-type for 802.11 pkts (bsc#1012628). - net: dsa: realtek-smi: fix kdoc warnings (bsc#1012628). - net: dsa: realtek-smi: move to subdirectory (bsc#1012628). - RDMA/mlx5: Fix the flow of a miss in the allocation of a cache ODP MR (bsc#1012628). - drm/amd/display: Remove vupdate_int_entry definition (bsc#1012628). - TOMOYO: fix __setup handlers return values (bsc#1012628). - power: supply: sbs-charger: Don't cancel work that is not initialized (bsc#1012628). - mt76: mt7915: enlarge wcid size to 544 (bsc#1012628). - mt76: mt7915: fix the muru tlv issue (bsc#1012628). - drm/dp: Fix OOB read when handling Post Cursor2 register (bsc#1012628). - ext2: correct max file size computing (bsc#1012628). - drm/tegra: Fix reference leak in tegra_dsi_ganged_probe (bsc#1012628). - power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return (bsc#1012628). - scsi: hisi_sas: Change permission of parameter prot_mask (bsc#1012628). - drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt (bsc#1012628). - bpf, arm64: Call build_prologue() first in first JIT pass (bsc#1012628). - bpf, arm64: Feed byte-offset into bpf line info (bsc#1012628). - xsk: Fix race at socket teardown (bsc#1012628). - RDMA/irdma: Fix netdev notifications for vlan's (bsc#1012628). - RDMA/irdma: Fix Passthrough mode in VM (bsc#1012628). - RDMA/irdma: Remove incorrect masking of PD (bsc#1012628). - libbpf: Fix BPF_MAP_TYPE_PERF_EVENT_ARRAY auto-pinning (bsc#1012628). - gpu: host1x: Fix an error handling path in 'host1x_probe()' (bsc#1012628). - gpu: host1x: Fix a memory leak in 'host1x_remove()' (bsc#1012628). - libbpf: Skip forward declaration when counting duplicated type names (bsc#1012628). - powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1012628). - powerpc/Makefile: Don't pass -mcpu=powerpc64 when building 32-bit (bsc#1012628). - KVM: x86: Fix emulation in writing cr8 (bsc#1012628). - KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor() (bsc#1012628). - KVM: SVM: Exit to userspace on ENOMEM/EFAULT GHCB errors (bsc#1012628). - hv_balloon: rate-limit "Unhandled message" warning (bsc#1012628). - KVM: arm64: Enable Cortex-A510 erratum 2077057 by default (bsc#1012628). - i2c: xiic: Make bus names unique (bsc#1012628). - net: phy: micrel: Fix concurrent register access (bsc#1012628). - Bluetooth: hci_sync: fix undefined return of hci_disconnect_all_sync() (bsc#1012628). - Bluetooth: Fix skb allocation in mgmt_remote_name() & mgmt_device_connected() (bsc#1012628). - power: supply: wm8350-power: Handle error for wm8350_register_irq (bsc#1012628). - power: supply: wm8350-power: Add missing free in free_charger_irq (bsc#1012628). - IB/hfi1: Allow larger MTU without AIP (bsc#1012628). - RDMA/core: Fix ib_qp_usecnt_dec() called when error (bsc#1012628). - PCI: Reduce warnings on possible RW1C corruption (bsc#1012628). - net: axienet: fix RX ring refill allocation failure handling (bsc#1012628). - drm/msm/a6xx: Fix missing ARRAY_SIZE() check (bsc#1012628). - mips: DEC: honor CONFIG_MIPS_FP_SUPPORT=n (bsc#1012628). - MIPS: Sanitise Cavium switch cases in TLB handler synthesizers (bsc#1012628). - powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1012628). - powerpc/64s: Don't use DSISR for SLB faults (bsc#1012628). - mfd: mc13xxx: Add check for mc13xxx_irq_request (bsc#1012628). - libbpf: Unmap rings when umem deleted (bsc#1012628). - selftests/bpf: Make test_lwt_ip_encap more stable and faster (bsc#1012628). - platform/x86: huawei-wmi: check the return value of device_create_file() (bsc#1012628). - scsi: mpt3sas: Fix incorrect 4GB boundary check (bsc#1012628). - powerpc: 8xx: fix a return value error in mpc8xx_pic_init (bsc#1012628). - xtensa: add missing XCHAL_HAVE_WINDOWED check (bsc#1012628). - iwlwifi: pcie: fix SW error MSI-X mapping (bsc#1012628). - vxcan: enable local echo for sent CAN frames (bsc#1012628). - ath10k: Fix error handling in ath10k_setup_msa_resources (bsc#1012628). - mips: cdmm: Fix refcount leak in mips_cdmm_phys_base (bsc#1012628). - MIPS: RB532: fix return value of __setup handler (bsc#1012628). - MIPS: pgalloc: fix memory leak caused by pgd_free() (bsc#1012628). - mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init (bsc#1012628). - power: ab8500_chargalg: Use CLOCK_MONOTONIC (bsc#1012628). - RDMA/irdma: Prevent some integer underflows (bsc#1012628). - Revert "RDMA/core: Fix ib_qp_usecnt_dec() called when error" (bsc#1012628). - RDMA/mlx5: Fix memory leak in error flow for subscribe event routine (bsc#1012628). - bpf, sockmap: Fix memleak in sk_psock_queue_msg (bsc#1012628). - bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full (bsc#1012628). - bpf, sockmap: Fix more uncharged while msg has more_data (bsc#1012628). - bpf, sockmap: Fix double uncharge the mem of sk_msg (bsc#1012628). - samples/bpf, xdpsock: Fix race when running for fix duration of time (bsc#1012628). - USB: storage: ums-realtek: fix error code in rts51x_read_mem() (bsc#1012628). - drm/amd/display: Fix double free during GPU reset on DC streams (bsc#1012628). - RDMA/rxe: Change variable and function argument to proper type (bsc#1012628). - RDMA/rxe: Fix ref error in rxe_av.c (bsc#1012628). - powerpc/xive: fix return value of __setup handler (bsc#1012628). - powerpc/time: Fix KVM host re-arming a timer beyond decrementer range (bsc#1012628). - drm/i915/display: Fix HPD short pulse handling for eDP (bsc#1012628). - drm/i915/display: Do not re-enable PSR after it was marked as not reliable (bsc#1012628). - netfilter: flowtable: Fix QinQ and pppoe support for inet table (bsc#1012628). - mt76: mt7921: fix mt7921_queues_acq implementation (bsc#1012628). - can: isotp: return -EADDRNOTAVAIL when reading from unbound socket (bsc#1012628). - can: isotp: support MSG_TRUNC flag when reading from socket (bsc#1012628). - bareudp: use ipv6_mod_enabled to check if IPv6 enabled (bsc#1012628). - PCI: imx6: Invoke the PHY exit function after PHY power off (bsc#1012628). - PCI: imx6: Assert i.MX8MM CLKREQ# even if no device present (bsc#1012628). - ibmvnic: fix race between xmit and reset (bsc#1012628). - af_unix: Fix some data-races around unix_sk(sk)->oob_skb (bsc#1012628). - selftests/bpf: Fix error reporting from sock_fields programs (bsc#1012628). - Bluetooth: hci_uart: add missing NULL check in h5_enqueue (bsc#1012628). - Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed (bsc#1012628). - Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt (bsc#1012628). - RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit() (bsc#1012628). - ipv4: Fix route lookups when handling ICMP redirects and PMTU updates (bsc#1012628). - mptcp: Fix crash due to tcp_tsorted_anchor was initialized before release skb (bsc#1012628). - af_netlink: Fix shift out of bounds in group mask calculation (bsc#1012628). - i2c: meson: Fix wrong speed use from probe (bsc#1012628). - netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned() (bsc#1012628). - i2c: mux: demux-pinctrl: do not deactivate a master that is not active (bsc#1012628). - powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1012628). - ax25: Fix refcount leaks caused by ax25_cb_del() (bsc#1012628). - ax25: Fix NULL pointer dereferences in ax25 timers (bsc#1012628). - drm/i915: Fix renamed struct field (bsc#1012628). - selftests/bpf/test_lirc_mode2.sh: Exit with proper code (bsc#1012628). - bpftool: Fix print error when show bpf map (bsc#1012628). - PCI: Avoid broken MSI on SB600 USB devices (bsc#1012628). - net: bcmgenet: Use stronger register read/writes to assure ordering (bsc#1012628). - tcp: ensure PMTU updates are processed during fastopen (bsc#1012628). - openvswitch: always update flow key after nat (bsc#1012628). - net: dsa: fix panic on shutdown if multi-chip tree failed to probe (bsc#1012628). - net: wwan: qcom_bam_dmux: fix wrong pointer passed to IS_ERR() (bsc#1012628). - tipc: fix the timer expires after interval 100ms (bsc#1012628). - mfd: asic3: Add missing iounmap() on error asic3_mfd_probe (bsc#1012628). - ice: fix 'scheduling while atomic' on aux critical err interrupt (bsc#1012628). - ice: don't allow to run ice_send_event_to_aux() in atomic ctx (bsc#1012628). - drivers: ethernet: cpsw: fix panic when interrupt coaleceing is set via ethtool (bsc#1012628). - kernel/resource: fix kfree() of bootmem memory again (bsc#1012628). - clk: renesas: r9a07g044: Update multiplier and divider values for PLL2/3 (bsc#1012628). - staging: r8188eu: release_firmware is not called if allocation fails (bsc#1012628). - mxser: fix xmit_buf leak in activate when LSR == 0xff (bsc#1012628). - fsi: scom: Fix error handling (bsc#1012628). - fsi: scom: Remove retries in indirect scoms (bsc#1012628). - pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (bsc#1012628). - pps: clients: gpio: Propagate return value from pps_gpio_probe (bsc#1012628). - fsi: Aspeed: Fix a potential double free (bsc#1012628). - misc: alcor_pci: Fix an error handling path (bsc#1012628). - cpufreq: qcom-cpufreq-nvmem: fix reading of PVS Valid fuse (bsc#1012628). - soundwire: intel: fix wrong register name in intel_shim_wake (bsc#1012628). - clk: qcom: ipq8074: fix PCI-E clock oops (bsc#1012628). - dmaengine: idxd: restore traffic class defaults after wq reset (bsc#1012628). - iio: mma8452: Fix probe failing when an i2c_device_id is used (bsc#1012628). - staging: qlge: add unregister_netdev in qlge_probe (bsc#1012628). - serial: 8250_aspeed_vuart: add PORT_ASPEED_VUART port type (bsc#1012628). - staging:iio:adc:ad7280a: Fix handing of device address bit reversing (bsc#1012628). - clk: renesas: r8a779f0: Fix RSW2 clock divider (bsc#1012628). - pinctrl: renesas: r8a77470: Reduce size for narrow VIN1 channel (bsc#1012628). - pinctrl: renesas: checker: Fix miscalculation of number of states (bsc#1012628). - clk: qcom: ipq8074: Use floor ops for SDCC1 clock (bsc#1012628). - phy: dphy: Correct lpx parameter and its derivatives(ta_{get,go,sure}) (bsc#1012628). - phy: phy-brcm-usb: fixup BCM4908 support (bsc#1012628). - serial: 8250_mid: Balance reference count for PCI DMA device (bsc#1012628). - serial: 8250_lpss: Balance reference count for PCI DMA device (bsc#1012628). - NFS: Use of mapping_set_error() results in spurious errors (bsc#1012628). - serial: 8250: Fix race condition in RTS-after-send handling (bsc#1012628). - iio: adc: Add check for devm_request_threaded_irq (bsc#1012628). - habanalabs: Add check for pci_enable_device (bsc#1012628). - NFS: Return valid errors from nfs2/3_decode_dirent() (bsc#1012628). - staging: r8188eu: fix endless loop in recv_func (bsc#1012628). - dma-debug: fix return value of __setup handlers (bsc#1012628). - clk: imx7d: Remove audio_mclk_root_clk (bsc#1012628). - clk: imx: off by one in imx_lpcg_parse_clks_from_dt() (bsc#1012628). - clk: at91: sama7g5: fix parents of PDMCs' GCLK (bsc#1012628). - clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (bsc#1012628). - clk: qcom: clk-rcg2: Update the frac table for pixel clock (bsc#1012628). - clk: starfive: jh7100: Don't round divisor up twice (bsc#1012628). - clk: starfive: jh7100: Handle audio_div clock properly (bsc#1012628). - dmaengine: hisi_dma: fix MSI allocate fail when reload hisi_dma (bsc#1012628). - remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (bsc#1012628). - remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (bsc#1012628). - remoteproc: qcom_q6v5_mss: Fix some leaks in q6v5_alloc_memory_region (bsc#1012628). - nvdimm/region: Fix default alignment for small regions (bsc#1012628). - clk: actions: Terminate clk_div_table with sentinel element (bsc#1012628). - clk: loongson1: Terminate clk_div_table with sentinel element (bsc#1012628). - clk: hisilicon: Terminate clk_div_table with sentinel element (bsc#1012628). - clk: clps711x: Terminate clk_div_table with sentinel element (bsc#1012628). - clk: Fix clk_hw_get_clk() when dev is NULL (bsc#1012628). - clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (bsc#1012628). - mailbox: imx: fix crash in resume on i.mx8ulp (bsc#1012628). - NFS: remove unneeded check in decode_devicenotify_args() (bsc#1012628). - staging: mt7621-dts: fix LEDs and pinctrl on GB-PC1 devicetree (bsc#1012628). - staging: mt7621-dts: fix formatting (bsc#1012628). - staging: mt7621-dts: fix pinctrl properties for ethernet (bsc#1012628). - staging: mt7621-dts: fix GB-PC2 devicetree (bsc#1012628). - pinctrl: ocelot: fix confops resource index (bsc#1012628). - pinctrl: ocelot: fix duplicate debugfs entry (bsc#1012628). - pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (bsc#1012628). - pinctrl: mediatek: paris: Fix PIN_CONFIG_BIAS_* readback (bsc#1012628). - pinctrl: mediatek: paris: Fix "argument" argument type for mtk_pinconf_get() (bsc#1012628). - pinctrl: mediatek: paris: Fix pingroup pin config state readback (bsc#1012628). - pinctrl: mediatek: paris: Skip custom extra pin config dump for virtual GPIOs (bsc#1012628). - pinctrl: ocelot: Fix interrupt parsing (bsc#1012628). - pinctrl: microchip-sgpio: lock RMW access (bsc#1012628). - pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (bsc#1012628). - pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (bsc#1012628). - clk: visconti: prevent array overflow in visconti_clk_register_gates() (bsc#1012628). - tty: hvc: fix return value of __setup handler (bsc#1012628). - kgdboc: fix return value of __setup handler (bsc#1012628). - serial: 8250: fix XOFF/XON sending when DMA is used (bsc#1012628). - virt: acrn: obtain pa from VMA with PFNMAP flag (bsc#1012628). - virt: acrn: fix a memory leak in acrn_dev_ioctl() (bsc#1012628). - kgdbts: fix return value of __setup handler (bsc#1012628). - firmware: google: Properly state IOMEM dependency (bsc#1012628). - driver core: dd: fix return value of __setup handler (bsc#1012628). - perf test arm64: Test unwinding using fame-pointer (fp) mode (bsc#1012628). - jfs: fix divide error in dbNextAG (bsc#1012628). - SUNRPC/call_alloc: async tasks mustn't block waiting for memory (bsc#1012628). - SUNRPC: improve 'swap' handling: scheduling and PF_MEMALLOC (bsc#1012628). - SUNRPC: Don't call connect() more than once on a TCP socket (bsc#1012628). - perf parse-events: Move slots only with topdown (bsc#1012628). - netfilter: egress: Report interface as outgoing (bsc#1012628). - netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options (bsc#1012628). - SUNRPC don't resend a task on an offlined transport (bsc#1012628). - NFSv4.1: don't retry BIND_CONN_TO_SESSION on session error (bsc#1012628). - kdb: Fix the putarea helper function (bsc#1012628). - perf stat: Fix forked applications enablement of counters (bsc#1012628). - net: stmmac: dwmac-qcom-ethqos: Enable RGMII functional clock on resume (bsc#1012628). - clk: qcom: gcc-msm8994: Fix gpll4 width (bsc#1012628). - vsock/virtio: initialize vdev->priv before using VQs (bsc#1012628). - vsock/virtio: read the negotiated features before using VQs (bsc#1012628). - vsock/virtio: enable VQs early on probe (bsc#1012628). - clk: Initialize orphan req_rate (bsc#1012628). - xen: fix is_xen_pmu() (bsc#1012628). - net: enetc: report software timestamping via SO_TIMESTAMPING (bsc#1012628). - net: hns3: fix bug when PF set the duplicate MAC address for VFs (bsc#1012628). - net: hns3: fix port base vlan add fail when concurrent with reset (bsc#1012628). - net: hns3: add vlan list lock to protect vlan list (bsc#1012628). - net: hns3: refine the process when PF set VF VLAN (bsc#1012628). - net: phy: broadcom: Fix brcm_fet_config_init() (bsc#1012628). - selftests: test_vxlan_under_vrf: Fix broken test case (bsc#1012628). - NFS: Don't loop forever in nfs_do_recoalesce() (bsc#1012628). - libperf tests: Fix typo in perf_evlist__open() failure error messages (bsc#1012628). - net: hns3: fix ethtool tx copybreak buf size indicating not aligned issue (bsc#1012628). - net: hns3: add max order judgement for tx spare buffer (bsc#1012628). - net: hns3: clean residual vf config after disable sriov (bsc#1012628). - net: hns3: add netdev reset check for hns3_set_tunable() (bsc#1012628). - net: hns3: add NULL pointer check for hns3_set/get_ringparam() (bsc#1012628). - net: hns3: fix phy can not link up when autoneg off and reset (bsc#1012628). - net: sparx5: depends on PTP_1588_CLOCK_OPTIONAL (bsc#1012628). - qlcnic: dcb: default to returning -EOPNOTSUPP (bsc#1012628). - net/x25: Fix null-ptr-deref caused by x25_disconnect (bsc#1012628). - net: sparx5: switchdev: fix possible NULL pointer dereference (bsc#1012628). - octeontx2-af: initialize action variable (bsc#1012628). - selftests: tls: skip cmsg_to_pipe tests with TLS=n (bsc#1012628). - net/sched: act_ct: fix ref leak when switching zones (bsc#1012628). - NFSv4/pNFS: Fix another issue with a list iterator pointing to the head (bsc#1012628). - net: dsa: bcm_sf2_cfp: fix an incorrect NULL check on list iterator (bsc#1012628). - fs: fd tables have to be multiples of BITS_PER_LONG (bsc#1012628). - lib/test: use after free in register_test_dev_kmod() (bsc#1012628). - fs: fix fd table size alignment properly (bsc#1012628). - LSM: general protection fault in legacy_parse_param (bsc#1012628). - regulator: rpi-panel: Handle I2C errors/timing to the Atmel (bsc#1012628). - crypto: hisilicon/qm - cleanup warning in qm_vf_read_qos (bsc#1012628). - crypto: octeontx2 - CN10K CPT to RNM workaround (bsc#1012628). - gcc-plugins/stackleak: Exactly match strings instead of prefixes (bsc#1012628). - rcu: Kill rnp->ofl_seq and use only rcu_state.ofl_lock for exclusion (bsc#1012628). - pinctrl: npcm: Fix broken references to chip->parent_device (bsc#1012628). - rcu: Mark writes to the rcu_segcblist structure's ->flags field (bsc#1012628). - block: throttle split bio in case of iops limit (bsc#1012628). - memstick/mspro_block: fix handling of read-only devices (bsc#1012628). - block/bfq_wf2q: correct weight to ioprio (bsc#1012628). - crypto: xts - Add softdep on ecb (bsc#1012628). - crypto: hisilicon/sec - not need to enable sm4 extra mode at HW V3 (bsc#1012628). - block, bfq: don't move oom_bfqq (bsc#1012628). - selinux: use correct type for context length (bsc#1012628). - powercap/dtpm_cpu: Reset per_cpu variable in the release function (bsc#1012628). - arm64: module: remove (NOLOAD) from linker script (bsc#1012628). - selinux: allow FIOCLEX and FIONCLEX with policy capability (bsc#1012628). - loop: use sysfs_emit() in the sysfs xxx show() (bsc#1012628). - Fix incorrect type in assignment of ipv6 port for audit (bsc#1012628). - irqchip/qcom-pdc: Fix broken locking (bsc#1012628). - irqchip/nvic: Release nvic_base upon failure (bsc#1012628). - fs/binfmt_elf: Fix AT_PHDR for unusual ELF files (bsc#1012628). - hwrng: cavium - fix NULL but dereferenced coccicheck error (bsc#1012628). - bfq: fix use-after-free in bfq_dispatch_request (bsc#1012628). - ACPICA: Avoid walking the ACPI Namespace if it is not there (bsc#1012628). - ACPI / x86: Add skip i2c clients quirk for Nextbook Ares 8 (bsc#1012628). - ACPI / x86: Add skip i2c clients quirk for Lenovo Yoga Tablet 1050F/L (bsc#1012628). - lib/raid6/test/Makefile: Use $(pound) instead of \# for Make 4.3 (bsc#1012628). - Revert "Revert "block, bfq: honor already-setup queue merges"" (bsc#1012628). - ACPI/APEI: Limit printable size of BERT table data (bsc#1012628). - PM: core: keep irq flags in device_pm_check_callbacks() (bsc#1012628). - parisc: Fix non-access data TLB cache flush faults (bsc#1012628). - parisc: Fix handling off probe non-access faults (bsc#1012628). - nvme-tcp: lockdep: annotate in-kernel sockets (bsc#1012628). - spi: tegra20: Use of_device_get_match_data() (bsc#1012628). - spi: fsi: Implement a timeout for polling status (bsc#1012628). - atomics: Fix atomic64_{read_acquire,set_release} fallbacks (bsc#1012628). - locking/lockdep: Iterate lock_classes directly when reading lockdep files (bsc#1012628). - ext4: correct cluster len and clusters changed accounting in ext4_mb_mark_bb (bsc#1012628). - ext4: fix ext4_mb_mark_bb() with flex_bg with fast_commit (bsc#1012628). - sched/tracing: Report TASK_RTLOCK_WAIT tasks as TASK_UNINTERRUPTIBLE (bsc#1012628). - ext4: don't BUG if someone dirty pages without asking ext4 first (bsc#1012628). - f2fs: fix to do sanity check on curseg->alloc_type (bsc#1012628). - NFSD: Fix nfsd_breaker_owns_lease() return values (bsc#1012628). - f2fs: don't get FREEZE lock in f2fs_evict_inode in frozen fs (bsc#1012628). - btrfs: harden identification of a stale device (bsc#1012628). - btrfs: make search_csum_tree return 0 if we get -EFBIG (bsc#1012628). - btrfs: handle csum lookup errors properly on reads (bsc#1012628). - btrfs: do not double complete bio on errors during compressed reads (bsc#1012628). - btrfs: do not clean up repair bio if submit fails (bsc#1012628). - f2fs: use spin_lock to avoid hang (bsc#1012628). - f2fs: compress: fix to print raw data size in error path of lz4 decompression (bsc#1012628). - Adjust cifssb maximum read size (bsc#1012628). - ntfs: add sanity check on allocation size (bsc#1012628). - media: staging: media: zoran: move videodev alloc (bsc#1012628). - media: staging: media: zoran: calculate the right buffer number for zoran_reap_stat_com (bsc#1012628). - media: staging: media: zoran: fix various V4L2 compliance errors (bsc#1012628). - media: atmel: atmel-isc-base: report frame sizes as full supported range (bsc#1012628). - media: ir_toy: free before error exiting (bsc#1012628). - ASoC: sh: rz-ssi: Make the data structures available before registering the handlers (bsc#1012628). - ASoC: cs42l42: Report full jack status when plug is detected (bsc#1012628). - ASoC: SOF: Intel: match sdw version on link_slaves_found (bsc#1012628). - media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers (bsc#1012628). - ASoC: SOF: Intel: hda: Remove link assignment limitation (bsc#1012628). - media: iommu/mediatek-v1: Free the existed fwspec if the master dev already has (bsc#1012628). - media: iommu/mediatek: Return ENODEV if the device is NULL (bsc#1012628). - media: iommu/mediatek: Add device_link between the consumer and the larb devices (bsc#1012628). - video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow (bsc#1012628). - video: fbdev: w100fb: Reset global state (bsc#1012628). - video: fbdev: cirrusfb: check pixclock to avoid divide by zero (bsc#1012628). - video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit (bsc#1012628). - ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960 (bsc#1012628). - ARM: dts: bcm2837: Add the missing L1/L2 cache information (bsc#1012628). - ASoC: madera: Add dependencies on MFD (bsc#1012628). - media: atomisp_gmin_platform: Add DMI quirk to not turn AXP ELDO2 regulator off on some boards (bsc#1012628). - media: atomisp: fix dummy_ptr check to avoid duplicate active_bo (bsc#1012628). - ARM: ftrace: avoid redundant loads or clobbering IP (bsc#1012628). - ALSA: hda: Fix driver index handling at re-binding (bsc#1012628). - ARM: dts: imx7: Use audio_mclk_post_div instead audio_mclk_root_clk (bsc#1012628). - arm64: defconfig: build imx-sdma as a module (bsc#1012628). - video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf() (bsc#1012628). - video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf() (bsc#1012628). - video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit (bsc#1012628). - ARM: dts: bcm2711: Add the missing L1/L2 cache information (bsc#1012628). - ASoC: soc-core: skip zero num_dai component in searching dai name (bsc#1012628). - ASoC: Intel: sof_es8336: add quirk for Huawei D15 2021 (bsc#1012628). - media: imx-jpeg: fix a bug of accessing array out of bounds (bsc#1012628). - media: cx88-mpeg: clear interrupt status register before streaming video (bsc#1012628). - ASoC: rt5682s: Fix the wrong jack type detected (bsc#1012628). - ARM: tegra: transformer: Drop reg-shift for Tegra HS UART (bsc#1012628). - uaccess: fix type mismatch warnings from access_ok() (bsc#1012628). - lib/test_lockup: fix kernel pointer check for separate address spaces (bsc#1012628). - ARM: tegra: tamonten: Fix I2C3 pad setting (bsc#1012628). - ARM: mmp: Fix failure to remove sram device (bsc#1012628). - ASoC: amd: vg: fix for pm resume callback sequence (bsc#1012628). - ASoC: amd: vangogh: fix uninitialized symbol warning in machine driver (bsc#1012628). - video: fbdev: sm712fb: Fix crash in smtcfb_write() (bsc#1012628). - media: i2c: ov5648: Fix lockdep error (bsc#1012628). - media: Revert "media: em28xx: add missing em28xx_close_extension" (bsc#1012628). - media: hdpvr: initialize dev->worker at hdpvr_register_videodev (bsc#1012628). - ASoC: SOF: debug: clarify operator precedence (bsc#1012628). - ASoC: Intel: sof_sdw: fix quirks for 2022 HP Spectre x360 13" (bsc#1012628). - ASoC: SOF: Intel: hda: retrieve DMIC number for I2S boards (bsc#1012628). - ALSA: intel-nhlt: add helper to detect SSP link mask (bsc#1012628). - ALSA: intel-dsp-config: add more ACPI HIDs for ES83x6 devices (bsc#1012628). - ASoC: Intel: soc-acpi: add more ACPI HIDs for ES83x6 devices (bsc#1012628). - ALSA: intel-dspconfig: add ES8336 support for CNL (bsc#1012628). - ASoC: Intel: Revert "ASoC: Intel: sof_es8336: add quirk for Huawei D15 2021" (bsc#1012628). - ASoC: Intel: sof_es8336: log all quirks (bsc#1012628). - tracing: Have TRACE_DEFINE_ENUM affect trace event types as well (bsc#1012628). - mmc: host: Return an error when ->enable_sdio_irq() ops is missing (bsc#1012628). - ASoC: mediatek: Fix error handling in mt8183_da7219_max98357_dev_probe (bsc#1012628). - media: atomisp: fix bad usage at error handling logic (bsc#1012628). - ALSA: hda/realtek: Add alc256-samsung-headphone fixup (bsc#1012628). - KVM: SVM: Allow AVIC support on system w/ physical APIC ID > 255 (bsc#1012628). - KVM: x86: Reinitialize context if host userspace toggles EFER.LME (bsc#1012628). - KVM: x86/mmu: Use common TDP MMU zap helper for MMU notifier unmap hook (bsc#1012628). - KVM: x86/mmu: Move "invalid" check out of kvm_tdp_mmu_get_root() (bsc#1012628). - KVM: x86/mmu: Zap _all_ roots when unmapping gfn range in TDP MMU (bsc#1012628). - KVM: x86/mmu: Check for present SPTE when clearing dirty bit in TDP MMU (bsc#1012628). - KVM: x86: hyper-v: Drop redundant 'ex' parameter from kvm_hv_send_ipi() (bsc#1012628). - KVM: x86: hyper-v: Drop redundant 'ex' parameter from kvm_hv_flush_tlb() (bsc#1012628). - KVM: x86: hyper-v: Fix the maximum number of sparse banks for XMM fast TLB flush hypercalls (bsc#1012628). - KVM: x86: hyper-v: HVCALL_SEND_IPI_EX is an XMM fast hypercall (bsc#1012628). - powerpc/kasan: Fix early region not updated correctly (bsc#1012628). - powerpc/tm: Fix more userspace r13 corruption (bsc#1012628). - powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1012628). - powerpc/lib/sstep: Fix build errors with newer binutils (bsc#1012628). - powerpc: Add set_memory_{p/np}() and remove set_memory_attr() (bsc#1012628). - powerpc: Fix build errors with newer binutils (bsc#1012628). - drm/dp: Fix off-by-one in register cache size (bsc#1012628). - drm/i915: Treat SAGV block time 0 as SAGV disabled (bsc#1012628). - drm/i915: Fix PSF GV point mask when SAGV is not possible (bsc#1012628). - drm/i915: Reject unsupported TMDS rates on ICL+ (bsc#1012628). - scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1012628). - scsi: qla2xxx: Implement ref count for SRB (bsc#1012628). - scsi: qla2xxx: Fix stuck session in gpdb (bsc#1012628). - scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1012628). - scsi: qla2xxx: Fix scheduling while atomic (bsc#1012628). - scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1012628). - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1012628). - scsi: qla2xxx: Fix warning for missing error code (bsc#1012628). - scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1012628). - scsi: qla2xxx: edif: Fix clang warning (bsc#1012628). - scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1012628). - scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1012628). - scsi: qla2xxx: Check for firmware dump already collected (bsc#1012628). - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1012628). - scsi: qla2xxx: Fix disk failure to rediscover (bsc#1012628). - scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1012628). - scsi: qla2xxx: Fix hang due to session stuck (bsc#1012628). - scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1012628). - scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1012628). - scsi: qla2xxx: Fix crash during module load unload test (bsc#1012628). - scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1012628). - scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1012628). - scsi: qla2xxx: Reduce false trigger to login (bsc#1012628). - scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1012628). - platform: chrome: Split trace include file (bsc#1012628). - MIPS: crypto: Fix CRC32 code (bsc#1012628). - KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (bsc#1012628). - KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (bsc#1012628). - KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated (bsc#1012628). - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address (bsc#1012628). - KVM: Prevent module exit until all VMs are freed (bsc#1012628). - KVM: x86: fix sending PV IPI (bsc#1012628). - KVM: SVM: fix panic on out-of-bounds guest IRQ (bsc#1012628). - KVM: avoid double put_page with gfn-to-pfn cache (bsc#1012628). - ubifs: rename_whiteout: Fix double free for whiteout_ui->data (bsc#1012628). - ubifs: Fix deadlock in concurrent rename whiteout and inode writeback (bsc#1012628). - ubifs: Add missing iput if do_tmpfile() failed in rename whiteout (bsc#1012628). - ubifs: Rename whiteout atomically (bsc#1012628). - ubifs: Fix 'ui->dirty' race between do_tmpfile() and writeback work (bsc#1012628). - ubifs: Rectify space amount budget for mkdir/tmpfile operations (bsc#1012628). - ubifs: setflags: Make dirtied_ino_d 8 bytes aligned (bsc#1012628). - ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock() (bsc#1012628). - ubifs: Fix to add refcount once page is set private (bsc#1012628). - ubifs: rename_whiteout: correct old_dir size computing (bsc#1012628). - nvme: allow duplicate NSIDs for private namespaces (bsc#1012628). - nvme: fix the read-only state for zoned namespaces with unsupposed features (bsc#1012628). - wireguard: queueing: use CFI-safe ptr_ring cleanup function (bsc#1012628). - wireguard: socket: free skb in send6 when ipv6 is disabled (bsc#1012628). - wireguard: socket: ignore v6 endpoints when ipv6 is disabled (bsc#1012628). - XArray: Fix xas_create_range() when multi-order entry present (bsc#1012628). - can: mcba_usb: properly check endpoint type (bsc#1012628). - can: mcp251xfd: mcp251xfd_register_get_dev_id(): fix return of error value (bsc#1012628). - XArray: Include bitmap.h from xarray.h (bsc#1012628). - XArray: Update the LRU list in xas_split() (bsc#1012628). - modpost: restore the warning message for missing symbol versions (bsc#1012628). - rtc: gamecube: Fix refcount leak in gamecube_rtc_read_offset_from_sram (bsc#1012628). - rtc: check if __rtc_read_time was successful (bsc#1012628). - loop: fix ioctl calls using compat_loop_info (bsc#1012628). - gfs2: gfs2_setattr_size error path fix (bsc#1012628). - gfs2: Fix gfs2_file_buffered_write endless loop workaround (bsc#1012628). - gfs2: Make sure FITRIM minlen is rounded up to fs block size (bsc#1012628). - net: hns3: fix the concurrency between functions reading debugfs (bsc#1012628). - net: hns3: fix software vlan talbe of vlan 0 inconsistent with hardware (bsc#1012628). - rxrpc: fix some null-ptr-deref bugs in server_key.c (bsc#1012628). - rxrpc: Fix call timer start racing with call destruction (bsc#1012628). - mailbox: imx: fix wakeup failure from freeze mode (bsc#1012628). - crypto: x86/poly1305 - Fixup SLS (bsc#1012628). - crypto: arm/aes-neonbs-cbc - Select generic cbc and aes (bsc#1012628). - watch_queue: Free the page array when watch_queue is dismantled (bsc#1012628). - pinctrl: pinconf-generic: Print arguments for bias-pull-* (bsc#1012628). - watchdog: rti-wdt: Add missing pm_runtime_disable() in probe function (bsc#1012628). - net: sparx5: uses, depends on BRIDGE or !BRIDGE (bsc#1012628). - pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (bsc#1012628). - pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (bsc#1012628). - ASoC: rockchip: i2s_tdm: Fixup config for SND_SOC_DAIFMT_DSP_A/B (bsc#1012628). - ASoC: mediatek: mt6358: add missing EXPORT_SYMBOLs (bsc#1012628). - ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl (bsc#1012628). - ARM: iop32x: offset IRQ numbers by 1 (bsc#1012628). - block: Fix the maximum minor value is blk_alloc_ext_minor() (bsc#1012628). - Revert "virtio-pci: harden INTX interrupts" (bsc#1012628). - Revert "virtio_pci: harden MSI-X interrupts" (bsc#1012628). - virtio: use virtio_device_ready() in virtio_device_restore() (bsc#1012628). - io_uring: remove poll entry from list when canceling all (bsc#1012628). - io_uring: bump poll refs to full 31-bits (bsc#1012628). - io_uring: fix memory leak of uid in files registration (bsc#1012628). - riscv module: remove (NOLOAD) (bsc#1012628). - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (bsc#1012628). - vhost: handle error while adding split ranges to iotlb (bsc#1012628). - spi: Fix Tegra QSPI example (bsc#1012628). - platform/chrome: cros_ec_typec: Check for EC device (bsc#1012628). - platform/x86: asus-wmi: Fix regression when probing for fan curve control (bsc#1012628). - can: isotp: restore accidentally removed MSG_PEEK feature (bsc#1012628). - proc: bootconfig: Add null pointer check (bsc#1012628). - x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (bsc#1012628). - drm/connector: Fix typo in documentation (bsc#1012628). - scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1012628). - staging: mt7621-dts: fix pinctrl-0 items to be size-1 items on ethernet (bsc#1012628). - docs: fix 'make htmldocs' warning in SCTP.rst (bsc#1012628). - arm64: mm: Drop 'const' from conditional arm64_dma_phys_limit definition (bsc#1012628). - ASoC: soc-compress: Change the check for codec_dai (bsc#1012628). - KVM: x86: SVM: fix avic spec based definitions again (bsc#1012628). - ax25: fix UAF bug in ax25_send_control() (bsc#1012628). - Reinstate some of "swiotlb: rework "fix info leak with DMA_FROM_DEVICE"" (bsc#1012628). - tracing: Have type enum modifications copy the strings (bsc#1012628). - mips: Enable KCSAN - take 2 (bsc#1012628). - net: add skb_set_end_offset() helper (bsc#1012628). - mm/mmap: return 1 from stack_guard_gap __setup() handler (bsc#1012628). - ARM: 9187/1: JIVE: fix return value of __setup handler (bsc#1012628). - mm/memcontrol: return 1 from cgroup.memory __setup() handler (bsc#1012628). - mm/usercopy: return 1 from hardened_usercopy __setup() handler (bsc#1012628). - af_unix: Support POLLPRI for OOB (bsc#1012628). - libbpf: Define BTF_KIND_* constants in btf.h to avoid compilation errors (bsc#1012628). - bpf: Adjust BPF stack helper functions to accommodate skip > 0 (bsc#1012628). - bpf: Fix comment for helper bpf_current_task_under_cgroup() (bsc#1012628). - nbd: fix possible overflow on 'first_minor' in nbd_dev_add() (bsc#1012628). - mmc: rtsx: Use pm_runtime_{get,put}() to handle runtime PM (bsc#1012628). - dt-bindings: mtd: nand-controller: Fix the reg property description (bsc#1012628). - dt-bindings: mtd: nand-controller: Fix a comment in the examples (bsc#1012628). - dt-bindings: spi: mxic: The interrupt property is not mandatory (bsc#1012628). - media: dt-binding: media: hynix,hi846: use $defs/port-base port description (bsc#1012628). - media: dt-bindings: media: hynix,hi846: add link-frequencies description (bsc#1012628). - dt-bindings: memory: mtk-smi: Rename clock to clocks (bsc#1012628). - dt-bindings: memory: mtk-smi: No need mediatek,larb-id for mt8167 (bsc#1012628). - dt-bindings: memory: mtk-smi: Correct minItems to 2 for the gals clocks (bsc#1012628). - dt-bindings: pinctrl: mt8195: fix bias-pull-{up,down} checks (bsc#1012628). - dt-bindings: pinctrl: pinctrl-microchip-sgpio: Fix example (bsc#1012628). - ubi: fastmap: Return error code if memory allocation fails in add_aeb() (bsc#1012628). - net: preserve skb_end_offset() in skb_unclone_keeptruesize() (bsc#1012628). - ASoC: SOF: Intel: Fix build error without SND_SOC_SOF_PCI_DEV (bsc#1012628). - ASoC: topology: Allow TLV control to be either read or write (bsc#1012628). - perf vendor events: Update metrics for SkyLake Server (bsc#1012628). - media: ov6650: Add try support to selection API operations (bsc#1012628). - media: ov6650: Fix crop rectangle affected by set format (bsc#1012628). - pinctrl: canonical rsel resistance selection property (bsc#1012628). - spi: mediatek: support tick_delay without enhance_timing (bsc#1012628). - ARM: dts: spear1340: Update serial node properties (bsc#1012628). - ARM: dts: spear13xx: Update SPI dma properties (bsc#1012628). - arm64: dts: ls1043a: Update i2c dma properties (bsc#1012628). - arm64: dts: ls1046a: Update i2c node dma properties (bsc#1012628). - um: Fix uml_mconsole stop/go (bsc#1012628). - docs: sysctl/kernel: add missing bit to panic_print (bsc#1012628). - xsk: Do not write NULL in SW ring at allocation failure (bsc#1012628). - ice: xsk: Fix indexing in ice_tx_xsk_pool() (bsc#1012628). - vdpa/mlx5: Avoid processing works if workqueue was destroyed (bsc#1012628). - openvswitch: Fixed nd target mask field in the flow dump (bsc#1012628). - torture: Make torture.sh help message match reality (bsc#1012628). - n64cart: convert bi_disk to bi_bdev->bd_disk fix build (bsc#1012628). - Revert "nbd: fix possible overflow on 'first_minor' in nbd_dev_add()" (bsc#1012628). - mmc: rtsx: Let MMC core handle runtime PM (bsc#1012628). - mmc: rtsx: Fix build errors/warnings for unused variable (bsc#1012628). - coredump: Snapshot the vmas in do_coredump (bsc#1012628). - coredump: Remove the WARN_ON in dump_vma_snapshot (bsc#1012628). - coredump/elf: Pass coredump_params into fill_note_info (bsc#1012628). - coredump: Use the vma snapshot in fill_files_note (bsc#1012628). - Update config files. - commit b49cf22 - x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO (bsc#1196961). - commit 18b6eb8 - x86/speculation: Restore speculation related MSRs during S3 resume (git-fixes). - commit ffe3c2b - x86/pm: Save the MSR validity status at context setup (git-fixes). - commit b756c61 - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (CVE-2022-28389 bsc#1198033). - can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (CVE-2022-28388 bsc#1198032). - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (CVE-2022-28390 bsc#1198031). - commit e456953 - series.conf: cleanup - update upstream references and move into sorted section: - patches.suse/Revert-Input-clear-BTN_RIGHT-MIDDLE-on-buttonpads.patch - patches.suse/block-restore-the-old-set_task_ioprio-behaviour-wrt-.patch - commit 6038bd3 ==== ldb ==== Version update (2.4.2 -> 2.5.0) - Update to version 2.5.0 + No code changes, just bump version for samba 4.16.0 release ==== libX11 ==== Version update (1.7.3.1 -> 1.7.5) Subpackages: libX11-6 libX11-data - Update to version 1.7.4 * Don't try to destroy NULL condition variables - Update to version 1.7.4 * bugfix release - supersedes p_khmer-compose.diff ==== libXcursor ==== Version update (1.2.0 -> 1.2.1) - Update to version 1.2.1 * This release provides bug fixes, code cleanups, and some significant documentation improvements. ==== libapparmor ==== - add profile for zgrep and xzgrep to prevent CVE-2022-1271 (zgrep-profile-mr870.diff) - ensure precompiled cache files are newer than (text) profiles - reload profiles in %posttrans instead of %post to ensure both - profiles and -abstractons package are updated before the cache in /var/cache/apparmor/ gets built (boo#1195463 #c20) ==== libarchive ==== Version update (3.6.0 -> 3.6.1) - update to 3.6.1: * 7zip reader: fix PPMD read beyond boundary (#1671) * ZIP reader: fix possible out of bounds read (OSS-Fuzz 38766 #1672) * ISO reader: fix possible heap buffer overflow in read_children() (OSS-Fuzz 38764, #1685) * RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in libarchive 3.6.0) * fix heap use after free in archive_read_format_rar_read_data() (OSS-Fuzz 44547, 52efa50) * fix null dereference in read_data_compressed() (OSS-Fuzz 44843, 1271f77) * fix heap user after free in run_filters() (OSS-Fuzz 46279, #1715) ==== libeconf ==== Version update (0.4.4+git20220104.962774f -> 0.4.5+git20220406.c9658f2) - Update to version 0.4.5+git20220406.c9658f2: * econftool: * * New call "syntax" for checking the configuration files only. Returns an error string with line number if an error occurs. * * New options "--comment" and "--delimeters" * * Parsing one file only if needed. ==== libmnl ==== Version update (1.0.4 -> 1.0.5) - Update to release 1.0.5 * New example program * "MNL_SOCKET_DUMP_SIZE" define, holding a recommended buffer size for netlink dumps. * Resolved compiler warnings ==== libnfnetlink ==== Version update (1.0.1 -> 1.0.2) - Update to release 1.0.2 * Resolved Valgrind warnings due to uninitialized padding in netlink messages. ==== libnvme ==== Version update (1.0~8 -> 1.0) - Update to version 1.0: * tree: Remove default port setting for TCP and RDMA ports * tree: add 'f_args' argument to pass user data to the filter function * tree: remove 'ctrl_get_ana_state()' * tree: add namespace path iterators * tree: filter out namespaces * tree: update nvme_scan_filter_t usage ==== mozilla-nss ==== Version update (3.75 -> 3.76.1) Subpackages: libfreebl3 libsoftokn3 mozilla-nss-certs - Require nss-util in nss.pc and subsequently remove -lnssutil3 - update to NSS 3.76.1 NSS 3.76.1 * bmo#1756271 - Remove token member from NSSSlot struct. NSS 3.76 * bmo#1755555 - Hold tokensLock through nssToken_GetSlot calls in nssTrustDomain_GetActiveSlots. * bmo#1370866 - Check return value of PK11Slot_GetNSSToken. * bmo#1747957 - Use Wycheproof JSON for RSASSA-PSS * bmo#1679803 - Add SHA256 fingerprint comments to old certdata.txt entries. * bmo#1753505 - Avoid truncating files in nss-release-helper.py. * bmo#1751157 - Throw illegal_parameter alert for illegal extensions in handshake message. ==== nvme-cli ==== Version update (2.0~8 -> 2.0) - Update to version 2.0: * fabrics: Create persistent controller using unique subsystem NQN (bsc#1198243) * fabrics: Set KATO for discovery controller when connecting * fabrics: Do no modify default config for discovery controller * fabrics: Set default trsvcid ports for TCP and RDMA (bsc#1195858) * fabrics: Support connect even when no /etc/nvme/hostnqn file exists * nvme: update to nvme_scan_filter_t modifications (bsc#1195938) * plugins/intel: make 'buckets' a json array * plugins: Update WDC capabilities command with new commmands * plugins: Add OCP plugin ==== open-iscsi ==== Subpackages: iscsiuio libopeniscsiusr0_2_0 - Updated to latest upstream, including bug fixes and cleanups. Changes included: * add handling name/value pairs for firmware login (bsc#1196113), including man page update for same * Fix bug where some package parts were installed using DESTDIR twice * general build cleanup (in prep for removing DB files from /etc/iscsi some day soon) Also, now delivering a "package config" file for libopeniscsiusr. ==== perl-Bootloader ==== Version update (0.937 -> 0.938) - merge gh#openSUSE/perl-bootloader#138 - grub2/install: reset error code when passing through recover code (bsc#1198197) - 0.938 ==== podman ==== Version update (3.4.4 -> 4.0.3) Subpackages: podman-cni-config - Add patch to make buildah happy after selinux change: * 0001-Adjust-buildah-to-opencontainers-selinux-v1.10.1.patch - Add patch to fix starting containers on btrfs with SELinux (gh#opencontainers/selinux#172): * 0001-Relabel-relabel-links-instead-of-their-targets.patch - Add patch to fix starting containers as user service with systemd 250 (boo#1197672, gh#containers/podman#13731): * 0002-specgen-do-not-set-OOMScoreAdj-by-default.patch - Update to version 4.0.3: * Security - This release fixes CVE-2022-27649, where containers run by Podman would have excess inheritable capabilities set. * Changes - The podman machine rm --force command will now remove running machines as well (such machines are shut down first, then removed) (#13448). - When a podman machine VM is started that is using a too-old VM image, it will now start in a reduced functionality mode, and provide instructions on how to recreate it (previously, VMs were effectively unusable) (#13510). * Bugfixes - Fixed a bug where devices added to containers by the --device option to podman run and podman create would not be accessible within the container. - Fixed a bug where Podman would refuse to create containers when the working directory in the container was a symlink (#13346). - Fixed a bug where pods would be created with cgroups even if cgroups were disabled in containers.conf (#13411). - Fixed a bug where the podman play kube command would produce confusing errors if invalid YAML with duplicated container named was passed (#13332). - Fixed a bug where the podman machine rm command would not remove the Podman API socket on the host that was associated with the VM. - Fixed a bug where the remote Podman client was unable to properly resize the TTYs of containers on non-Linux OSes. - Fixed a bug where rootless Podman could hang indefinitely when starting containers on systems with IPv6 disabled (#13388). - Fixed a bug where the podman version command could sometimes print excess blank lines as part of its output. - Fixed a bug where the podman generate systemd command would sometimes generate systemd services with names beginning with a hyphen (#13272). - Fixed a bug where locally building the pause image could fail if the current directory contained a .dockerignore file (#13529). - Fixed a bug where root containers in VMs created by podman machine could not bind ports to specific IPs on the host (#13543). - Fixed a bug where the storage utilization percentages displayed by podman system df were incorrect (#13516). - Fixed a bug where the CPU utilization percentages displayed by podman stats were incorrect (#13597). - Fixed a bug where containers created with the --no-healthcheck option would still display healthcheck status in podman inspect (#13578). - Fixed a bug where the podman pod rm command could print a warning about a missing cgroup (#13382). - Fixed a bug where the podman exec command could sometimes print a timed out waiting for file error after the process in the container exited (#13227). - Fixed a bug where virtual machines created by podman machine were not tolerant of changes to the path to the qemu binary on the host (#13394). - Fixed a bug where the remote Podman client's podman build command did not properly handle the context directory if a Containerfile was manually specified using -f (#13293). - Fixed a bug where Podman would not properly detect the use of systemd as PID 1 in a container when the entrypoint was prefixed with /bin/sh -c (#13324). - Fixed a bug where rootless Podman could, on systems that do not use systemd as init, print a warning message about the rootless network namespace (#13703). - Fixed a bug where the default systemd unit file for podman system service did not delegate all cgroup controllers, resulting in podman info queries against the remote API returning incorrect cgroup controllers (#13710). - Fixed a bug where the slirp4netns port forwarder for rootless Podman would only publish the first port of a range (#13643). * API - Fixed a bug where the Compat Create API for containers did not properly handle permissions for tmpfs mounts (#13108). * Misc - The static binary for Linux is now built with CGo disabled to avoid panics due to a Golang bug (#13557). - Updated Buildah to v1.24.3 - Updated the containers/storage library to v1.38.3 - Updated the containers/image library to v5.19.2 - Updated the containers/common library to v0.47.5 - Update to version 4.0.2: * Bump to v4.0.2 * Update release notes for v4.0.2 * Revert "use GetRuntimeDir() from c/common" * Revert "Option --url and --connection should imply --remote." * Option --url and --connection should imply --remote. * Bump to v4.0.2-dev * Bump to v4.0.1 * Update release notes for v4.0.1 * Fix a potential flake in volume plugins tests * Propagate $CONTAINERS_CONF to conmon * tests: Remove inaccurate comment * System tests: show one-line config overview * provide better error on invalid flag * use GetRuntimeDir() from c/common * kube: honor --build=false and make --build=true by default * system tests: cleanup networks on teardown * Remove the runtime lock * Don't log errors on removing volumes inuse, if container --volumes-from * kube: honor mount propagation mode * Load ip_tables modules at boot * Cirrus: Disable F34 aka prior-fedora testing * Cirrus: Update VM Images for 4.0 release * Bump to v4.0.1-dev * Bump to v4.0.0 * Release notes for v4.0.0 final * Fix lint * Fix manifest 4.0 Endpoints Branch forced 4.0 only endpoints * Introduce podman machine init --root=t|f and podman machine set --root=t|f * Initial implementation of mac forwarding using a privileged docker sock claim helper * ignition: propagate proxy settings from a host into a vm * Update to podman4 copr stream * Unify ls --filter docs for networks and pods * e2e: merge after/since image-filter tests * podman network: add documentation for netavark * create: Fix key=value annotation in the flag output * enable netavark specific tests * Fix checkpoint/restore pod tests * Make sure building with relative paths work correctly. * Add 409 response to swagger godoc * Fix images since/after tests * Changes of docker descriptions * Temporarily pull machine images from side repo * Cirrus: TODO: netavark/aardvark release branches * Cirrus: Expand netavark testing to include rootless * Cirrus: Minor - limit release task applicability * Cirrus: Add [CI:BUILD] magic that only builds * CI: fix nightly builds * Cirrus: Log netavark/aardvark binary build info. * Cirrus: Add netavark/aardvark system test task * Cirrus: Also download aardvark-dns binary * Cirrus: Add e2e task w/ upstream netavark * Revert minimum API change * netavark e2e tests * Bump to v4.0.0-dev * Bump to v4.0.0-RC5 * Update release notes for v4.0.0-RC5 * Modify /etc/resolv.conf when connecting/disconnecting * Do not set the network config dir to cni plugin dir * Show API doc for several versions * [NO NEW TEST NEEDED] Add schema for ImageCreate 200 response. * fix: Multiplication of durations * move rootless netns slirp4netns process to systemd user.slice * compat: endpoint /build must set header content type as application/json in reponse * Cleanup: remove obsolete/misleading bug workaround * tests: retrofit healthcheck system tests * healthcheck, libpod: Read healthcheck event output from os pipe * Fix: Do not print error when parsing journald log fails * Bump github.com/buger/goterm from 1.0.1 to 1.0.4 * append podman dns search domain * Podman pod create --share-parent vs --share=cgroup * System tests: revert emergency skip of checkpoint tests * Add version guard to libpod API endpoints * [v4.0] Bump c/common to v0.47.4 * idmap should be able to be specified along with other options * Vendor in containers/buildah v1.24.1 * Bump to v4.0.0-dev * Bump to v4.0.0-RC4 * Disable failing E2E test * Revert "Move each search dns to its own line" * Move each search dns to its own line * Update release notes for v4.0.0-RC4 * Document `schema` values in the `--url` flag * podman image scp syntax correction * system prune: remove all networks * Only change network fields if they were actually changed by the user * docs: clarify rootless net stats * Fix size to match Docker selection * libpod: enforce noexec,nosuid,nodev for /dev/shm * Clarify remote client means Mac and Windows * libpod: report slirp4netns network stats * Add notes to "--oom-kill-disable" not supported on cgroups V2 * Fix use of infra image to clarify default * Adapt podman images ls filters docs to be aligned with prune filters docs * ignition, machine: delegate cpu,io cgroup controllers to machine's default users * pkg/bindings/images.Build(): slashify "dockerfile" values, too * Remove mention of IPv6 portfwd from release notes * Bump to v4.0.0-dev * Bump to v4.0.0-RC3 * Update release notes for v4.0.0-RC3 * Fix Cirrus destination branch * volume: add support for non-volatile upperdir,workdir for overlay volumes * github: label issues based on os fix regex * github: label issues based on os * Cirrus: Fix get_ci_vm.sh initial setup * System tests: emergency skip of checkpoint tests * network create: allow multiple subnets * Update troubleshooting.md * Fix sort ordering of filters * Unify podman prune filter description: volumes, networks, system * Bump Buildah to v1.24.0 * rootless: drop permission check for devices * switch podman image scp from depending on machinectl to just os/exec * Bump github.com/containers/image/v5 from 5.18.0 to 5.19.0 * Bump github.com/containers/storage from 1.38.0 to 1.38.1 * change location of where make outputs podman binary on osx * Github workflow: Fix parsing of GraphQL response JSON * Github-workflow: Fix YAML syntax * Update godoc, swagger using wrong struct * Makefile: install targets independent of build * [CI:DOCS] Fix typos and improve language * CI: enable rootless-remote system tests * pkg/specgen/generate/security: fix error message * Github workflow: Send e-mail on job error * Github workflow: Update Cirrus-cron GraphQL query * remote build: set rootless oci isolation correctly * [CI:DOCS] Fix typos and improve language * Fix handling of duplicate matches on id expansion * Show correct default values or show none * exec: retry rm -rf on ENOTEMPTY and EBUSY * container create: do not check for network dns support * libpod: fix leaking fd * libpod: fix connection leak * [CI:DOCS] fix typo subpordinate * Fix filter description and unify filters docs for containers/images prune * Remove unused param and clean API handlers * Restore machine start logic that was hanging * Bump to v4.0.0-dev * Bump to v4.0.0-RC2 * Final release notes for v4.0.0-rc2 * Run codespell on code * Update release notes for Podman v4.0.0 * Fix #2 for compat commit handling of --changes * Fix nil pointer dereference for configmap optional * Make error message matching in 030-run.bats less fragile * Don't explicitly check for crun|runc in package information * Don't segfault if an image layer has no creation timestamp * compat: remove hardcoded index from load images output report * compat: images/load must be able to load tar with multiple images * System tests: fix for new systemd on rawhide * Remove rootless_networking option from containers.conf * vendor c/psgo@v1.7.2 * Engine.Remote from containers.conf * vendor: bump c/common and other vendors * rootless: report correctly the error * Implement API forwarding for podman machine on Windows * Implement env parsing on Windows * Handle changes in docker compat mode * Show package version when running on alpine * Handlers for `generate systemd` with custom dependencies * APIv2 tests: followup to recent log test * Add IndexConfigs to compat /info endpoint * Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0 * apiv2 test: add regression test for #12904 * SECURITY.md: fix the project name * rename --cni-config-dir to --network-config-dir * compat attach: fix write on closed channel * upgrade all dependencies * Revert "Cirrus: Temporarily disable OSX Cross task" * Bump github.com/opencontainers/runc from 1.0.3 to 1.1.0 * bump go module to version 4 * [NO NEW TESTS NEEDED] add builddeps to copr template * CI: rootless user: also create in some root tests * [WIP] Tests for podman image scp (the sudo form) * Revamp Libpod state strings for Docker compat * Cirrus: Temporarily disable OSX Cross task * update c/common to latest * Use PODMAN_USERNS environment variable when running as a service * Unify the method of parsing filters in cmd * fix default branch links * [CI:DOCS] fix default branch links * [CI:DOCS] Unprivileged native overlayfs is now supported * [CI:DOCS] Fix typo in --env * Recursively copy cert files. * Refactor manifest list operations * Add rpkg template for COPR autobuild * Fix cgroup mode handling in api server * Standardize on capatalized Cgroups * test/system: podman run update /etc/hosts * Remove two GetImages functions from API * Use fully-qualified device name in CDI test * Use new CDI API * troubleshooting links to main branch * Podman Build use absolute filepath * Prohibit --uid/gid map and --pod for container create/run * podman container rm: remove pod * Manual fixes for PR #12642: * podman build enable --all-platforms and --unsetenv * use events_logfile_path from containers.conf for events log. * Podman Pod Create --sysctl support * Wait for podman stop to complete * libpod: fix check for systemd session * libpod: refine check for empty pod cgroup * fix buildah-bud test diff * upgrade test: check that network backend is cni * use netns package from c/common * update buildah to latest and use new network stack * podman image scp: implement --quiet * use libnetwork from c/common * Add --noout option to prevent the output of ids * remote events: convert TimeNano properly * Bump github.com/BurntSushi/toml from 0.4.1 to 1.0.0 * vendor latest c/common * add additional fields to podman machine ls --json * buildah bud tests: skip failing tests * Fix permission on secrets directory * Add podman rm --depend * fix host.containers.internal entry for macvlan networks * It takes some time to start a VM * Pretty Print output of podman machine ls --format json * Use the InfraImage defined in containers.conf * Cirrus: Freshen VM images * Revert "Cirrus: Temp. ignore gitlab task failures" * pkg: use PROXY_VARS from c/common * ignition: add support from setting SSL_CERT_FILE * ignition: propogate HTTP proxy variables from host to remote * System tests: fix RHEL8 gating tests * vendor c/common * Remove dead RuntimeOption functions * Update docker cli message for case where user creates directory * Don't add env if optional and not found * Fix type-o in podman.wxs * [CI:DOCS] fixes indentation of example pod yaml * Prevent double decoding of storage options * Emergency system-test fixes * add OCI Runtime name to errors * fix healthcheck timeouts and ut8 coercion * Don't rename pod if container has the same name * Set volume NeedsCopyUp to false iff data was copied up * Fix CI * correct typo words in docs * Change Tests to ignore missing containers when removing --all * test/e2e/pod_initcontainers: fix a flake * test/e2e/run: don't use date +%N on Alpine * Support all volume mounts for rootless containers * Fix wrong 'podman search --format' placeholder * Fix Container List API call to return mount info * fix misleading comment regarding default value of cpu period [NO NEW TESTS NEEDED] * add --ip6 flag to podman create/run * legacy events: also set exitCode * Don't initialize the global RNG with GinkgoRandomSeed() in e2e tests * Avoid collisions on RemoteSocket paths * Refactor remote socket path determination in tests * fix doc * test/system: podman run image with filesystem permission * test/system: podman run with log-opt option * Update swagger documentation * Make it possible to select the volume driver * Check the mount type for future compatibility * Implement virtfs volumes for podman machine * [CI:DOCS] Add example of cpus to init command * prefix imageId with sha256: in containers list test for compat API ImageId * Pod Security Option support * ignition: add certs from current user into the machine while init * docs: sort swagger operations alpabetically * .service file removal on failure * Introduce Windows WSL implementation of podman machine * podman image scp never enter podman user NS * Allow users to add host user accounts to /etc/passwd * container creation: don't apply reserved annotations from image * [CI:DOCS] clarify `io.podman.annotations.seccomp` * Error out early if system does not support pre-copy checkpointing * Update go-criu to v5.3.0 * [CI:DOCS] docs: document rootless userns mappings * Switch to a new installer approach using a path manipulation helper * e2e: Add dev/shm checkpoint/restore test * Enable checkpoint/restore for /dev/shm * Update github.com/checkpoint-restore/checkpointctl * Always run passwd management code when DB value is nil * Warn on use of --kernel-memory * support hosts without /etc/hosts * Podman run --passwd * ci: force scratch build for crun * Use hosts public ip address in rootless containers * compat: image normalization: handle sha256 prefix * specgen: honor userns=auto from containers.conf * [CI:DOCS] Small checkpoint/restore man page fixes * [CI:DOCS] Explicitly mention that checkpointing systemd containers might fail * vendor: update containers/storage * build: fix test for subid 4 * test: add --rm to podman run commands * fix(generate): fix up podman generate kube missing env field bug * legacy events: also set Action="die" * rootless: include the args in the debug message * apiv2 tests: use quay.io/libpod/testimage:20210610 for platform tests * image rm: allow for force-remove infra images * tests: adjust old build test to expect exit code * Test for checkpoint specific inspect fields * Add more checkpoint/restore information to 'inspect' * build: relay exitcode from imagebuildah to registry * Removed .service file for healthchecks * Set machine timezone * MovePauseProcessToScope do not seed everytime * bindings rmi test: clarify behavior * bump cobra to 1.3.0 * .github: revert to the old template * oci: configure the devices cgroup with default devices * kill: fix output * e2e: search flake: skip test on registry.redhat.io * APIv2 tests: fail on syntax/logic errors * Show --external containers even without --all option * apiv2 tests: refactor complicated curls * fix network id handling * Update Windows Install Doc * Fixes #12063 Add docker compatible output after image build. * pause scope: don't use the global math/rand RNG * specgen: check that networks are only set with bridge * container restore/import: store networks from db * play kube add support for multiple networks * support advanced network configuration via cli * Add new networks format to spegecen * fix incorrect swagger doc for network dis/connect * network connect allow ip, ipv6 and mac address * network db: add new strucutre to container create * remove unneeded return value from c.Networks() * network db rewrite: migrate existing settings * network ls: show networks in deterministic order * Bump github.com/docker/docker * pprof flakes: bump timeout to 20 seconds * Add secret list --filter to cli * Cirrus: Temp. ignore gitlab task failures * compat build: adhere to q/quiet * Make XRegistryAuthHeader and XRegistryConfigHeader private * Remove the authfile parameter of MakeXRegistryAuthHeader * Simplify the header decision in pkg/bindings/images.Build a bit * Remove the authfile parameter of MakeXRegistryConfigHeader * Remove no-longer-useful name variables * Consolidate creation of SystemContext with auth.json into a helper * Remove pkg/auth.Header * Call MakeXRegistryAuthHeader instead of Header(..., XRegistryAuthHeader) * Turn headerAuth into MakeXRegistryAuthHeader * Call MakeXRegistryConfigHeader instead of Header(..., XRegistryConfigHeader) * Turn headerConfig into MakeXRegistryConfigHeader * Move the auth file creation to GetCredentials * Consolidate the error handling path in GetCredentials * Only look up HTTP header values once in GetCredentials * Use Header.Values in GetCredentials.has * Beautify GetCredentials.has a bit * Pass a header value directly to parseSingleAuthHeader and parseMultiAuthHeader * Simplify parseSingleAuthHeader * Simplify the interface of parseSingleAuthHeader * Don't return a header name from auth.GetCredentials * Fix normalizeAuthFileKey to use the correct semantics * Rename normalize and a few variables * Add TestHeaderGetCredentialsRoundtrip * Add tests for auth.Header * Improve TestAuthConfigsToAuthFile * Add unit tests for singleAuthHeader * Add unit tests for multiAuthHeader * fix e2e test missing network cleanup * pprof CI flakes: enforce 5 seconds grace period * [NO NEW TESTS NEEDED] rootless: declare TEMP_FAILURE_RETRY before usage (Fixes: #12563) * --hostname should be set when using --pod new:foobar * Cirrus: Use cached swagger binary * inotify: make sure to remove files * System tests: remove rm_pause_image() * specgen: honor empty args for entrypoint * generate systemd: support entrypoint JSON strings * Bump github.com/uber/jaeger-client-go * remove runlabel test for global opts * utils: reintroduce moveToCgroup * autocopr: distro conditionals for containers-common * vendor c/image/v5@main * Update vendor or containers/common moving pkg/cgroups there * volume: apply exact permission of target directory without adding extra 0111 * Cirrus: Remove remnants of nix-based static build * Refactor podman pods to report.Formatter * rootless netns: resolve all path components for resolv.conf * tests: clean up FIXMEs and noise * fix remote run/start flake * e2e: fix pprof flakes * Bump github.com/opencontainers/runc from 1.0.2 to 1.0.3 * vendor c/common@main * Escape trailing slash in install directory location so the closing quote is not escaped * centos 9 stream cannot use %autochangelog * Refactor podman system to report.Formatter [NO NEW TESTS NEEDED] * add spec file for automated copr builds * Add restart-sec option to systemd generate * Fix documentation of (podman image save --compress --uncompressed) * Improve documentation of (podman image save --format) * Add support for configmap volumes to play kube * cmd, push: use the configured compression format * [CI:DOCS] logformatter: fix corner case with links * UPdate vendor of image-spec and containers/storage * vendor: update containers/common * Update doc to explictly mention using ed25519 in ssh keys * Refactor podman image command output * Manual fixes * Same thing, with BeNumerically("==", x) * Use HaveLen(x) instead of Expect(len(y)).To(Equal(x)) * Same thing, for BeNumerically("==", 0) * Use BeEmpty() instead of len(x).To(Equal(0)) * Same as previous, for assertions other than Equal() * e2e tests: a little more minor cleanup * compat API: push: report size of manifest * compat: images/json * Add ashley-cui, lsm5 and floutoc to owners * remove ARTIFACT_DIR and ArtifactPath * Image caches: allow overriding cache dir * Rename CrioRoot as just Root * Fix possible rootless netns cleanup race * [NO NEW TESTS NEEDED] Refactor podman container command output * Hostname in `spec.hostname` should be passed to infra ctr init opt * container, cgroup: detect pid termination * top: parse ps(1) args correctly * podman, push: expose --compression-format * e2e: yet more cleanup of BeTrue/BeFalse * Ensure the generated NodePort values are unique * Allow containerPortsToServicePorts to fail * Don't use the global math/rand RNG for service ports * Move a comment to the relevant place * a few more manual BeTrue cleanups * Convert strings.Contains() to Expect(ContainSubstring) * e2e tests: more cleanup of BeTrue()s * Implement 'podman run --blkio-weight-device' * systemd: replace multi-user with default.target * compat API: allow enforcing short-names resolution to Docker Hub * Fixed the containerfile not found during remote build. * podman-remote: prevent leaking secret into image * podman-remote: copy secret to contextdir is absolute path on host * api: allow build api to accept secrets * Only open save output file with WRONLY * List /etc/containers/certs.d as default for --cert-path * e2e tests: enable golint * fix: parsing of HostConfig.Mounts for container create * Move the chown to after the ADDs * fix: error reporting for archive endpoint * Bindings test: emit GIT_COMMIT, for links in logs * checkpoint do not modify XDG_RUNTIME_DIR * libpod: improve heuristic to detect cgroup * libpod, inspect: export cgroup path * stats: get the memory limit from the spec * compat: Add compatiblity with Docker/Moby API for scenarios where build fails * libpod: leave thread locked on errors * Find and fix empty Expect()s * Unset SocketLabel after system finishes checkpointing * Remove StringInSlice(), part 2 * Remove StringInSlice(), part 1 * e2e test cleanup, continued * Update basic_networking.md * Warn on failing to update container status * oci: ack crun output when container is not there * oci: exit gracefully if container is already dead * Support env variables based on ConfigMaps sent in payload * image lookup: do not match *any* tags * generate systemd: add --start-timeout flag * Oops! Manual edits to broken tests * e2e tests: clean up antihelpful BeTrue()s * Cirrus: Strip out static nix build * Rename pod on generate of container * [CI:DOCS] Update notes on java TZ in man page * Bump github.com/containers/image/v5 from 5.16.1 to 5.17.0 * Fix netavark error handling and teardown issue * swagger: add layers to build api docs * compat: add layer caching compatiblity for non podman clients * Bump github.com/opencontainers/selinux from 1.9.1 to 1.10.0 * Add note about volume with unprivileged container * Add EXPOSE e2e test * Support EXPOSE with port ranges * compat: Add subnet mask behind IP address to match Docker API * [CI:DOCS] Add java TZ note to run manpage * Bump github.com/rootless-containers/rootlesskit from 0.14.5 to 0.14.6 * podman-remote does not support signature-policy * Add tests for restore runtime verification * Use same runtime to restore a container as during checkpointing * Force iptables driver for netavark tests * Make sure netavark output is logged to the syslog * filter: use filepath.Match to maintain consistency with other pattern matching in podman * Semiperiodic cleanup of obsolete Skip()s * [CI:DOCS]upload a translation file * api/handlers: Add checkpoint/restore FileLocks * test: Update error string for --file-locks test * fix duplicated logs command * Bump github.com/docker/docker * Bump k8s.io/api from 0.22.3 to 0.22.4 * Do not store the exit command in container config * Add test for checkpoint/restore with --file-locks * Add --file-locks checkpoint/restore option * Cirrus: Bump Fedora to release 35 * Cirrus: Partially revert catatonit --force install * Revert "Cirrus: Temp. disable prior-fedora testing" * Cirrus: Workaround log_driver=journald setting * Cirrus: Fix bindings test hang b/c logging config mismatch * Cirrus: Timeout bindings test after 30m * Cirrus: Log more things in bindings and unit tests * Minor Makefile fix * rootless netns, one netns per libpod tmp dir * Introduce Address type to be used in secondary IPv4 and IPv6 inspect data structure. * volumes: add new option idmap * remote checkpoint/restore: more fixes * fix CI * fix: take absolute path for dd on apple silicon * System tests: new checkpoint tests * rootless: use catatonit to maintain user+mnt namespace * rootless: drop strerror(errno) calls * rootless: reuse existing open_namespace function * rootless: use auto cleanup functions * utils: use podman-pause-$RANDOM.scope name * hack/bats: deal with new bin helpers * Change error message for compatibility with docker * rename libpod nettypes fields * podman machine start wait for ssh * fix remote checkpoint/restore * Add --unsetenv & --unsetenv-all to remove def environment variables * Set config environment variables early in Podman init * journald logs: keep reading until the journal's end * secret: honor custom target for secrets with run * bindings: reuse context for API requests * podman machine improve port forwarding * Network test: fix podman-remote-rootless corner case * filter: add basic pattern matching for label keys * cirrus: force-install catatonit * infra container: replace pause with catatonit * Revert "add kubernetes pause" * Added test for checkpoint/restore --print-stats * Update man pages for checkpoint/restore --print-stats * Added optional container restore statistics * Added optional container checkpointing statistics * Error logs --follow if events-backend != journald, event-logger=journald * Enable 'podman run --memory-swappiness=0' * Fix network mode in play kube * Always create working directory when using compat API * play kube: don't force-pull infra image * Podman Image SCP transfer patch * --authfile command line argument for image sign command. * Cirrus: Temp. disable prior-fedora testing * Cirrus: Update to Ubuntu 21.10 * Add failing run test for netavark * Add flag to overwrite network backend from config * libpod: create /etc/mtab safely * Add network backend to podman info * Add more netavark tests * select network backend based on config * Fix RUST_LOG envar for netavark * netavark IPAM assignment * netavark network interface * Make networking code reusable * Fix flake in upgrade tests * export adding id-specifier code to setContainerNameForTemplate * VOLUME must be declared after RUN chown command * network reload return error if we cannot reload ports * network reload without ports should not reload ports * Print headers for system connection ls * [CI:DOCS] Add CI check for SEE ALSO in man pages * podman load: support downloading files * Add links to all SEE ALSO sections * pod create: read infra image from containers.conf * rootless: adjust error message * Fix rootless networking with userns and ports * support health checks from image configs * change from run to create in 250-systemd.bats * Exclude already built sources for static build * shm_lock: Handle ENOSPC better in AllocateSemaphore * Fix Zsh completion command documentation * Match .c files in Makefile * Add Static Build download instructions to README * Add links to podman build,run, create see also * Minor test tweaks * pod create: read network mode from config * Bump Catatonit up to v0.1.7 * test connection add * system: Adds support for removing all named destination via --all * pod/container create: resolve conflicts of generated names * podman-generate-kube - remove empty structs from YAML * Add some information about disabling SELinux when using system volumes * Fix swagger definition for the new mac address type * Log Apache access_log-like entries at Info level [NO NEW TESTS NEEDED] * Test to check for presence of 'stats-dump' in exported checkpoints * Add 'stats-dump' file to exported checkpoint * Podman Image SCP rootful to rootless transfer * rename rootless cni ns to rootless netns * mount full XDG_RUNTIME_DIR in rootless cni ns * Bump github.com/checkpoint-restore/go-criu/v5 from 5.1.0 to 5.2.0 * Keep error semantics intact * Fix rootless cni netns cleanup logic * tweak a couple of flag descriptions in help output * Update swagger doc make filed optional * Fix bindings container log test * test: run --cgroups=split in new cgroup * MAC address json unmarshal should allow strings * Make stop message more similar to start * Implement top streaming for containers and pods * Handle HTTP 409 error messages properly for Pod actions * Add tests * Fix swagger definitions * More conforming libpod API and swagger types * More conforming libpod API and swagger types * Better emptiness test for custom JSON serializer * System tests: enhance volume test, add debug prints * add unit test to containers_test * Use correct swagger type in doc-comment * Cirrus: Authorize rootless user self-ssh * Fix libpod API conformance to swagger * Fix help message case for `podman version` * Fix pause usage example * Use systemctl in local system test * Allow label and labels when creating volumes * volumes: be more tolerant and fix infinite loop * Add information on how podman machine is updated * volumes: allow more options for devpts * volumes: do not pass mount opt as formatter string * Bump k8s.io/api from 0.22.2 to 0.22.3 * runtime: change PID existence check * oci: rename sub-cgroup to runtime instead of supervisor * libpod: deduplicate ports in db * Set flags to test 'logs -f' with journald driver * Set Checkpointed state to false after restore * container create: fix --tls-verify parsing * runtime: check for pause pid existence * utils: do not overwrite the err variable * Fix systemd PID1 test * Record the image stream along with the path * cgroups: use SessionBusPrivateNoAutoStartup * vendor: update godbus to v5.0.6 * Slirp4netns with ipv6 set net.ipv6.conf.default.accept_dad=0 * Fix a few problems in 'podman logs --tail' with journald driver * Allow 'container restore' with '--ipc host' * Document to not set K8S envars for CNI * Bump github.com/docker/docker * pod create: remove need for pause image * add kubernetes pause * cirrus: containers: mount directory in /var/tmp to /tmp * overlay root fs: create mount on runtime dir * Update vendor github.com/opencontainers/runtime-tools * If Dockerfile exists in same directory as service, we should not use it. * Fix tests of podman image trust --raw and --json * Tighten the expected output of the "podman image trust show" test * Use INTEGRATION_ROOT instead of current directory * Add support to play kube for --log-opt * [NO NEW TESTS NEEDED] Fix off-by-one index comparision (reported by LGTM) * Fix some typos in documentation and comments (found by codespell) * Replace 'an user' => 'a user' * [CI:DOCS] Fix typo keep_id -> keep-id * Set DOCKER_HOST in the VM * fuse-overlay probably means fuse-overlayfs. * Support template unit files in podman generate systemd * Remove --kernel-memory options * tag: Support tagging manifest list instead of resolving to images * Remove infra ID from DB before removing containers * System tests: confirm that -a and -l clash * systemd: compatible with rootless mode * system tests: CONTAINER_* and --help: cleanup * podman run --memory=0 ... should not set memory limit * Add information on how to discover default log driver * Add test for system connection * Generate Kube should not print default structs * libpod: change mountpoint ownership c.Root when using overlay on top of external rootfs * Change podman connection list to use default field * Allow API to specify size and inode quota * Use exponential backoff when waiting for a journal entry * Pod Rm Infra Improvements * system tests: socket activation: clean up * rootfs-overlay: fix overlaybase path for cleanups * Move CONTAINER_HOST and _CONNECTION to IsRemote Function * We should only be relabeling when on first run * If CONTAINER_HOST env variable is set default podman --remote=true * Set targetPort to the port value in the kube yaml * Do not add TCP to protocol in generated kube yaml * Use CGO_ENABLED=1 when building natively on darwin * Test-hang fix: Wait for ready + timeout on connect. * Checkpoint/Restore test fixes * Don't include ctr.log if not using file logging * Don't use docker/pkg/archive, use containers/storage/pkg/archive * Fix codespell errors * Adjust tests to verify all subcommands show the help message * Fix panic in container create compat api * Don't add image entrypoint to the generate kube yaml * Display help text on empty subcommand by default * podman search: display only name and description by default * codespell code * Add information about .containerignore to podman build man page * CNI: fix network create --ip-range * Kube Gen run as user/group issues * rootlessport: reduce memory usage of the process * No space in kube annotations for bind mounts * Fix CI flake on time of shutdown for API service * Refactor podman search to be more code friendly * Unit files: Use actual installed path for podman * Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 * cgroups: use cgroup.controllers to read controllers * builder: Add support for builder prune * Remove a volume with --force if container is running * Use SplitN(2) when copying env variables * podman stats: move cgroup validation to server * fix test * Support readonly rootfs contains colon * [CI:DOCS] oci-hooks.5.md: fixup section in header * Enable /debug/pprof API service endpoints * Not all fields in machine list were set properly * faster image inspection * Warn if podman stop timeout expires that sigkill was sent * [CI:DOCS] introduce --replace flag for play kube * [CI:DOCS] Include manifest example usage * Change podman.1 man page to show corret log-level default * Bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1 * Fixes #11668 * libpod: fix race when closing STDIN * Ensure `podman ps --sync` functions * Allow `podman stop` to be run on Stopping containers * Bump github.com/containers/image/v5 from 5.16.0 to 5.16.1 * Bump github.com/docker/docker * It really should be no **NEW** tests needed * README.md: Point to Podman's channels * Add podman-plugins to upstream image * CNI networks: reload networks if needed * bump c/common to latest and c/storage to 1.37.0 * Add --time out for podman * rm -f commands * Cirrus: Fix defunct package metadata breaking cache * Pod Events Logging Fix * [NO TESTS NEEDED] Ignore removed containers * Pod Volumes From Support * Add note about empty fields and null values for API responses * Bump github.com/containers/buildah from 1.23.0 to 1.23.1 * Add podman play kube --no-hosts options * Gating tests: fix permissions error * pkg/specgen: cache image in generator * cirrus: gitlab: download packages * Add guard for BuildOptions.CommonBuildOpts * System tests: tighten 'is' operator * Update README and release notes for v3.4.0 * sdnotify test: accept MAINPID anywhere * machine: silently cleanup dangling sockets before rm if possible * Add expose type map[uint16]string to description * [NO TESTS NEEDED] Fix typo in storage.conf file exists message * Support selinux options with bind mounts play/gen * kube: fix conversion from milliCPU to period/quota * Bump github.com/mattn/go-isatty from 0.0.12 to 0.0.14 * test: use new helper * test: skip test on rootless cgroupsv1 * machine: Info on successfully stopping qemu machine * Allow a value of -1 to set unlimited pids limit * Vendor in latest containers/storage * Storage can remove ErrNotAContainer as well * libpod: container create: init variable: do not deep copy spec * libpod: add GetConfigNoCopy() * libpod: add execSessionNoCopy * libpod: do not call (*container).Spec() * Pod Device-Read-BPS support * Remind user to check connection or use podman machine * Ensure pod ID bucket is properly updated on rename * Fix contributor make targets on Ubuntu and Debian * Implement PR template to assist review & release * libpod: do not call (*container).Config() * [NO TESTS NEEDED] Add port configuration to first regular container * [CI:DOCS] cmd/podman: no dot for short descriptions * move network alias validation to container create * set --cni-config-dir for exit command * always add short container id as net alias * image prune: support removing external containers * System tests: speed up. They've gotten too slow. * Add dockerfile.5 as man link to containerfile man page * Set MSI to be 64-bit only. * fix podman network prune integration test flakes * Cirrus: Add gitlab podman runner test * CNI: network remove do not error for ENOENT * remote build: EvalSymlinks() the context directory * stop: Do nothing if container was never created in runtime * logging: new mode -l passthrough * Allow machine options to be set from containers.conf * Vendor in containers/common v0.46.0 * podman machine: do not join userns * Disable docker and alias to podman in FCOS ignition * added healthcheck to ps command * Fix english on prune prompt * Document missing /images/search query parameters * rootful: do not set XDG_RUNTIME_DIR for cni plugins * Revert "rootful: unset XDG_RUNTIME_DIR" * Add completion for machine list format * Set context dir for play kube build * Makefile: use -ldflags/-gccgoflags depending on the go implemenatiton * Update docs for --platform in podman-build.1 * shell completion: do not show images without tag * podman inspect add State.Health field for docker compat * podman save: enforce signature removal * Add JSON version of the machine list * Add support for :U flag with --mount option * [CI:DOCS] Add link to running ctrimage on enablesysadm * Ignore mount errors except ErrContainerUnknown when cleaningup container * standardize logrus messages to upper case * podman generate kube should not include images command * Fix machine image * sync container state before reading the healthcheck * Also show the (initial) disk size * Show cpus and memory in machine list * Eighty-six eighty-eighty * net types: remove omitempty from required fields * podman save: add `--uncompressed` * Bump CNI to v1.0.1 * vendor c/psgo@v1.7.1 * [CI:DOCS] Add network alias note in man pages * Add a backoff and retries to retrieving exited event * Cross-build release-archives w/ arch in filename * Fix Error, empty output for info: 'VERSION' * Generate kube should'd add podman default environment vars * volume: Add support for overlay on named volumes * Pod Device Support * Support --format tables in ps output * Remove references to kube being development * Add support for retrieving system service --timeout * Add podman image/container inspect man pages * [CI:DOCS] Add link to skopeo delete in podman rmi * vendor c/common@main * remote untag: support digests * Created MapOptions for PodCreate * Bump k8s.io/api from 0.22.1 to 0.22.2 * compat API: /images/json prefix image id with sha256 * podman machine: use gvproxy for host.containers.internal * utils: return error message from StartTransientUnit * utils: raise warning only on cgroupv2 * Add podman machine init --now option * System tests: cleanup, and remove obsolete skips * Add username flag for machine ssh * Remove unused code from libpod * [CI:DOCS] markdown cleanup * Fix up build the docs site * Use a new markdown converter for sphinx * runtime: move pause process to scope * system: move MovePauseProcessToScope to utils * system: always move pause process when running on systemd * system: avoid reading pause pid file * Only add 127.0.0.1 entry to /etc/hosts with --net=none * Add no-trunc support to podman-events * CNI: add ipvlan driver * CNI: network create support macvlan modes * Do not allow network modes to be used as network names * fix inverted condition * Fix /auth compat endpoint * Add Drivers method to the Network Interface * CI: load ipv6 kernel modules for rootless tests * Drop OCICNI dependency * Wire network interface into libpod * cni network configs set ipv6 enables correctly * default network: do not validate the used subnets * network create: validate the input subnet * Set default storage from containers.conf for temporary images * container runlabel remove image tag from name * build.bats: fix copy tests after containers/buildah#3486 * build: mirror --authfile to filesystem if pointing to FD instead of file * Fix example in podman machine init man page * vendor: Bump github.com/containers/buildah from 1.22.3 to 1.23.0 * api: handle nil pointer dereference in rest endpoints * build: take advantage of --platform lists * Document `all` query parameter for /libpod/images/prune * Show variant and codename of the distribution * Use new aarch64 fcos repos * Enhance bindings for IDE hints * Pod Volumes Support * test: enable --cgroup-parent test * libpod: honor --cgroups=split also with pods * tests: enable --cgroups=disabled test for rootless * tests: simplify --cgroups=disabled test * libpod: rootful close binded ports * Search gvproxy with config.FindHelperBinary() * rootfs: Add support for rootfs-overlay and bump to buildah v1.22.1-0.202108 * fix restart always with rootlessport * Cirrus: NM/CNI workaround + Remove prior-Ubuntu * If container exits with 125 podman should exit with 125 * Bump github.com/json-iterator/go from 1.1.11 to 1.1.12 * bump c/common to v0.44.0 * remove rootlessport socket to prevent EADDRINUSE * Add deprecated fields for 1.22+ clients that still expect them * Use default username for podman machine ssh ==== procps ==== Version update (3.3.17 -> 4.0.0) - Drop patch procps-ng-4.0.0-aix_sortformats.dif as replaced by upstream patch 0002-ps-restore-aix-behavior-while-keeping-an-original-fi.patch - Add upstream patches * 0001-top-update-one-function-prologue-after-rcfile-change.patch * 0003-ps-restore-thread-display-when-using-a-pidlist-optio.patch - Drop not needed patch procps-ng-3.3.9-watch.patch as the API has changed here - Add patch procps-ng-4.0.0-floats.dif to avoid float errors on 32bit architectures - Add patch procps-ng-4.0.0-aix_sortformats.dif to restore AIX sort format support as well - Update to procps-ng-4.0.0 + Warning: new shared library interface with libproc-2 * Rename pwait to pidwait * free: Add committed line option merge #25 * free: Fix -h --si combined options issue #133, #223 * free: Fix first column justification issue #229, #204, #206, Debian #1001689 * free: Better spacing for Chinese language issue #213 * library: renamed to libproc-2 and reset to 0:0:0 * library: add support for accessing smaps_rollup issue #112, #201 * library: add support for accessing autogroups * library: add support for LIBPROC_HIDE_KERNEL env var merge #147 * library: add support for cpu utilization to pids i/f * pkill: Check for lt- variants of program name issue #192 * pgrep: Add newline after regex error message merge #91 * pgrep: Fix selection where uid/gid > 2^31 merge !146 * pgrep: Select on cgroup v2 paths issue #168 * ps: Add OOM and OOMADJ fields issue #198 * ps: Add IO Accounting fields issue #184 * ps: Add PSS and USS fields issue #112 * ps: Add two new autogroup fields * ps: Ignore SIGURG merge !142 * slabtop: Don't combine d and o options issue #160 * sysctl: Add support for systemd glob patterns issue #191 * sysctl: Check resolved path to be under /proc/sys issue #179 * sysctl: return non-zero if EINVAL return for write merge #76 * sysctl.conf.5: Note max line length issue #77 * top: added LOGID similar to 3.3.13 ps LUID * top: added EXE identical to 3.3.17 ps EXE * top: exploit some library smaps_rollup provisions issue #112 * top: added four new IO accounting fields issue #184 * top: 'F' key is now a new forest view 'focus' toggle * top: summary area memory lines can print two abreast * top: added two new autogroup fields * top: added long versions of command line options * top: added cpu utilization & 2 time related fields * top: the time related fields can now be user scaled * uptime: print short/pretty format correctly issue #217 * vmstat: add -y option to remove first line merge !72 - Remove patch now upstream fixed * procps-3.3.17-bsc1181976.patch * procps-ng-3.3.10-bnc634071_procstat2.diff * procps-ng-3.3.10-fdleak.dif * bsc1195468-23da4f40.patch - Port patches * procps-ng-3.3.10-errno.patch * procps-ng-3.3.10-large_pcpu.patch * procps-ng-3.3.10-slab.patch * procps-ng-3.3.10-xen.dif * procps-ng-3.3.11-pmap4suse.patch * procps-ng-3.3.8-bnc634840.patch * procps-ng-3.3.8-ignore-scan_unevictable_pages.patch * procps-ng-3.3.8-petabytes.patch * procps-ng-3.3.8-readeof.patch * procps-ng-3.3.8-tinfo.dif * procps-ng-3.3.8-vmstat-terabyte.dif * procps-ng-3.3.9-w-notruncate.diff * procps-v3.3.3-columns.dif * procps-v3.3.3-ia64.diff * procps-v3.3.3-read-sysctls-also-from-boot-sysctl.conf-kernelversion.diff - Port and rename patch * procps-ng-3.3.8-accuracy.dif becomes procps-ng-4.0.0-accuracy.dif * procps-ng-3.3.10-integer-overflow.patch becomes procps-ng-4.0.0-integer-overflow.patch ==== python-M2Crypto ==== - Add missing bug references to this changelog. ==== python-SQLAlchemy ==== Version update (1.4.32 -> 1.4.35) - update to version 1.4.35: * sql + [sql] [bug] Fixed bug in newly implemented FunctionElement.table_valued.joins_implicitly feature where the parameter would not automatically propagate from the original TableValuedAlias object to the secondary object produced when calling upon TableValuedAlias.render_derived() or TableValuedAlias.alias(). Additionally repaired these issues in TableValuedAlias: - repaired a potential memory issue which could occur when repeatedly calling TableValuedAlias.render_derived() against successive copies of the same object (for .alias(), we currently have to still continue chaining from the previous element. not sure if this can be improved but this is standard behavior for .alias() elsewhere) - repaired issue where the individual element types would be lost when calling upon TableValuedAlias.render_derived() or TableValuedAlias.alias(). References: #7890 + [sql] [bug] [regression] Fixed regression caused by #7823 which impacted the caching system, such that bound parameters that had been ?cloned? within ORM operations, such as polymorphic loading, would in some cases not acquire their correct execution-time value leading to incorrect bind values being rendered. References: #7903 - changes from version 1.4.34: * orm + [orm] [bug] [regression] Fixed regression caused by #7861 where invoking an Insert construct which contained ORM entities directly via Session.execute() would fail. References: #7878 * postgresql + [postgresql] [bug] Scaled back a fix made for #6581 where ?executemany values? mode for psycopg2 were disabled for all ?ON CONFLICT? styles of INSERT, to not apply to the ?ON CONFLICT DO NOTHING? clause, which does not include any parameters and is safe for ?executemany values? mode. ?ON CONFLICT DO UPDATE? is still blocked from ?executemany values? as there may be additional parameters in the DO UPDATE clause that cannot be batched (which is the original issue fixed by #6581). References: #7880 - changes from version 1.4.33: * orm + [orm] [usecase] Added with_polymorphic.adapt_on_names to the with_polymorphic() function, which allows a polymorphic load (typically with concrete mapping) to be stated against an alternative selectable that will adapt to the original mapped selectable on column names alone. References: #7805 + [orm] [usecase] Added new attributes UpdateBase.returning_column_descriptions and UpdateBase.entity_description to allow for inspection of ORM attributes and entities that are installed as part of an Insert, Update, or Delete construct. The Select.column_descriptions accessor is also now implemented for Core-only selectables. References: #7861 + [orm] [bug] [regression] Fixed regression in ?dynamic? loader strategy where the Query.filter_by() method would not be given an appropriate entity to filter from, in the case where a ?secondary? table were present in the relationship being queried and the mapping were against something complex such as a ?with polymorphic?. References: #7868 + [orm] [bug] Fixed bug where composite() attributes would not work in conjunction with the selectin_polymorphic() loader strategy for joined table inheritance. References: #7801 + [orm] [bug] [performance] Improvements in memory usage by the ORM, removing a significant set of intermediary expression objects that are typically stored when a copy of an expression object is created. These clones have been greatly reduced, reducing the number of total expression objects stored in memory by ORM mappings by about 30%. References: #7823 + [orm] [bug] Fixed issue where the selectin_polymorphic() loader option would not work with joined inheritance mappers that don?t have a fixed ?polymorphic_on? column. Additionally added test support for a wider variety of usage patterns with this construct. References: #7799 + [orm] [bug] Fixed bug in with_loader_criteria() function where loader criteria would not be applied to a joined eager load that were invoked within the scope of a refresh operation for the parent object. References: #7862 + [orm] [bug] Fixed issue where the Mapper would reduce a user-defined Mapper.primary_key argument too aggressively, in the case of mapping to a UNION where for some of the SELECT entries, two columns are essentially equivalent, but in another, they are not, such as in a recursive CTE. The logic here has been changed to accept a given user-defined PK as given, where columns will be related to the mapped selectable but no longer ?reduced? as this heuristic can?t accommodate for all situations. References: #7842 * engine + [engine] [usecase] Added new parameter Engine.dispose.close, defaulting to True. When False, the engine disposal does not touch the connections in the old pool at all, simply dropping the pool and replacing it. This use case is so that when the original pool is transferred from a parent process, the parent process may continue to use those connections. See also Using Connection Pools with Multiprocessing or os.fork() - revised documentation References: #7815, #7877 + [engine] [bug] Further clarified connection-level logging to indicate the BEGIN, ROLLBACK and COMMIT log messages do not actually indicate a real transaction when the AUTOCOMMIT isolation level is in use; messaging has been extended to include the BEGIN message itself, and the messaging has also been fixed to accommodate when the Engine level create_engine.isolation_level parameter was used directly. References: #7853 * sql + [sql] [usecase] Added new parameter FunctionElement.table_valued.joins_implicitly, for the FunctionElement.table_valued() construct. This parameter indicates that the given table-valued function implicitly joins to the table it refers towards, essentially disabling the ?from linting? feature, i.e. the ?cartesian product? warning, from taking effect due to the presence of this parameter. May be used for functions such as func.json_each(). References: #7845 + [sql] [bug] The bindparam.literal_execute parameter now takes part of the cache generation of a bindparam(), since it changes the sql string generated by the compiler. Previously the correct bind values were used, but the literal_execute would be ignored on subsequent executions of the same query. References: #7876 + [sql] [bug] [regression] Fixed regression caused by #7760 where the new capabilities of TextualSelect were not fully implemented within the compiler properly, leading to issues with composed INSERT constructs such as ?INSERT FROM SELECT? and ?INSERT?ON CONFLICT? when combined with CTE and textual statements. References: #7798 * schema + [schema] [usecase] Added support so that the Table.to_metadata.referred_schema_fn callable passed to Table.to_metadata() may return the value BLANK_SCHEMA to indicate that the referenced foreign key should be reset to None. The RETAIN_SCHEMA symbol may also be returned from this function to indicate ?no change?, which will behave the same as None currently does which also indicates no change. References: [#7860] * sqlite + [sqlite] [bug] [reflection] Fixed bug where the name of CHECK constraints under SQLite would not be reflected if the name were created using quotes, as is the case when the name uses mixed case or special characters. References: #5463 * mssql + [mssql] [bug] [regression] Fixed regression caused by #7160 where FK reflection in conjunction with a low compatibility level setting (compatibility level 80: SQL Server 2000) causes an ?Ambiguous column name? error. Patch courtesy @Lin-Your. References: #7812 * misc + [bug] [ext] Improved the error message that?s raised for the case where the association_proxy() construct attempts to access a target attribute at the class level, and this access fails. The particular use case here is when proxying to a hybrid attribute that does not include a working class-level implementation. References: #7827 ==== qemu ==== - Backport aqmp patches from upstream which can fix iotest issues * Patches added: python-aqmp-add-__del__-method-to-legacy.patch python-aqmp-add-_session_guard.patch python-aqmp-add-SocketAddrT-to-package-r.patch python-aqmp-add-socket-bind-step-to-lega.patch python-aqmp-add-start_server-and-accept-.patch python-aqmp-copy-type-definitions-from-q.patch python-aqmp-drop-_bind_hack.patch python-aqmp-fix-docstring-typo.patch python-aqmp-Fix-negotiation-with-pre-oob.patch python-aqmp-fix-race-condition-in-legacy.patch Python-aqmp-fix-type-definitions-for-myp.patch python-aqmp-handle-asyncio.TimeoutError-.patch python-aqmp-refactor-_do_accept-into-two.patch python-aqmp-remove-_new_session-and-_est.patch python-aqmp-rename-accept-to-start_serve.patch python-aqmp-rename-AQMPError-to-QMPError.patch python-aqmp-split-_client_connected_cb-o.patch python-aqmp-squelch-pylint-warning-for-t.patch python-aqmp-stop-the-server-during-disco.patch python-introduce-qmp-shell-wrap-convenie.patch python-machine-raise-VMLaunchFailure-exc.patch python-move-qmp-shell-under-the-AQMP-pac.patch python-move-qmp-utilities-to-python-qemu.patch python-qmp-switch-qmp-shell-to-AQMP.patch python-support-recording-QMP-session-to-.patch python-upgrade-mypy-to-0.780.patch - Drop the patches which are workaround to fix iotest issues * Patches dropped: Revert-python-iotests-replace-qmp-with-a.patch Revert-python-machine-add-instance-disam.patch Revert-python-machine-add-sock_dir-prope.patch Revert-python-machine-handle-fast-QEMU-t.patch Revert-python-machine-move-more-variable.patch Revert-python-machine-remove-_remove_mon.patch ==== salt ==== Subpackages: python3-salt salt-master salt-minion salt-standalone-formulas-configuration salt-transactional-update - Fix salt-ssh opts poisoning (bsc#1197637) - Added: * fix-salt-ssh-opts-poisoning-bsc-1197637-3004-501.patch - Fix multiple security issues (bsc#1197417) - * Sign authentication replies to prevent MiTM (CVE-2022-22935) - * Sign pillar data to prevent MiTM attacks. (CVE-2022-22934) - * Prevent job and fileserver replays (CVE-2022-22936) - * Fixed targeting bug, especially visible when using syndic and user auth. (CVE-2022-22941) - Added: * fix-multiple-security-issues-bsc-1197417.patch ==== shared-mime-info ==== Version update (2.1 -> 2.2) - Update to 2.2: * model/3mf: new type * Match shared libraries with version suffix * model/obj: add mtllib and Blender comment based magic * model/mtl: add Blender comment magic, increase newmtl range * model/obj, model/mtl: new types * Add Electron Archive Format type application/x-asar * text/x-qml: Lower match priority to avoid conflicts with Python * Move '*.blend' to top of Blender glob list * Adding SPARQL media types * application/zip: Add `*.zipx` glob and test fixture * Added DSD mime type * Differentiate comic book archives * FITS: Add missing `application/fits` and legacy globs * Add Godot engine files * Add FlashForge "xgcode" mime-type * text/x-objc++src: new type * image/heif: test .hif extension too * image/hif: add *.hif glob * image/heif: add another test case * image/heif: add magics * Add a build-tools option to allow installing only the mime data * Add compressed SVG glob pattern `*.svg.gz` * Add Apple Wallet pass type application/vnd.apple.pkpass * migrate from custom itstool to builtin msgfmt for creating translated XML * Make the remaining plain text types subclasses of text/plain * audio/mobile-xmf: separate from audio/x-xmf * Adding ZIM file * Make text/x-mrml a subclass of application/xml * image/avif: move acronym and expansion to separate fields from comment * freedesktop_generate.sh: Don't hardcode ninja * Add text/x-mpl2 * application/x-apple-systemprofiler+xml: require _SPCommandLineArguments in plist * image/jpeg: add test case with embedded property list XML * audio/vnd.dts.hd: include parent type magic in magic match * model/gltf+json: new type * model/gltf-binary: new type * application/x-object: add *.mod and a test case * application/x-mod: add some ProTracker magics and a test case * image/jxl: include test files in test list * tests: add trailing linefeed to mime-detection list * Make application/x-mswinurl a subclass of text/plain * Change description for *.desktop files to "desktop entry" * application/x-x509-ca-cert: add magics and test cases * application/pkix-cert: add BEGIN/END X509 CERTIFICATE magic * application/pkix-crl: add magic and test case * application/pkix-cert: add magic and test case * image/jxl: new type * Added .sc filename extension for Scala source code, as it is occasionally used * application/schema+json: new type * Add text/x-crystal * application/x-krita: remove stray period from comment * adding org-mode * Add Elixir source code mime type * Add two new offsets for .kra and .krz * text/x-python3: add *.pyi glob (Python stub files) * image/x-canon-cr3: new type * image/x-xpixmap: make XPM3 magic more specific * image/x-xpixmap: add XPM2 magic * application/x-troff-man: add *.[1-9] glob * application/toml: new type * Lower priority of "BEGIN {" for perl, awk uses that too * Add Smacker video type video/vnd.radgamettools.smacker * Clarify database license * meson: make xmlto optional, build spec only if found * application/x-7z-compressed: add *.7z.001 glob * Add Bink video type video/vnd.radgamettools.bink * image/x-nikon-nrw: add test case * image/x-nikon-nrw: new type * application/x-vhdx-disk: improve acronym and its expansion * application/ovf: new type * application/x-qed-disk: new type * application/x-vdi-disk: new type * application/x-vmdk-disk: new type * application/x-vhd-disk, /x-vhdx-disk: new types * application/vnd.apple.numbers, .pages: add older magics and test cases * Add text/x-dart * application/vnd.apple.numbers, /vnd.apple.pages: new types * xdgmime: configure as submodule - Drop obsolete patches: * fix-build-meson-0_60.patch * drop-itstool-dep.patch ==== systemd ==== Subpackages: libsystemd0 libudev1 udev - Import commit e43a1b018899266b764ab81afb9c30fb417675c6 1c229f8fc1 cryptsetup: fall back to traditional unlocking if any TPM2 operation fails 8881f21539 cryptsetup: fix typo 5882148902 journald: make use of CLAMP() in cache_space_refresh() 6ee0601f73 journald: make sure journal_file_open() doesn't leave a corrupted file around after failing (bsc#1198114) fe928f3d49 fs-util: make sure openat_report_new() initializes return param also on shortcut 3881af1806 fs-util: fix typos in comments 96060b73ba journal-file: port journal_file_open() to openat_report_new() 611d9955bb fs-util: add openat_report_new() wrapper around openat() f16edb41d4 network: ignore all errors in loading .network files (bsc#1197968) 5422730a7b meson: build kernel-install man page when necessary 45c627cfc2 build: include status of TPM2 in the feature string show by --version - Drop 0001-meson-build-kernel-install-man-page-when-necessary.patch It's been merged in the SUSE git repo. - spec: define %bootstrap with %bcond_with so it can be used with %when. Also re-order the meson options a bit. - spec: make sure /lib exists when installing conf files in /lib/modprobe.d - Temporarily disable 'libcryptsetup plugins until dracut 056 is merged in Factory - Add 0001-meson-build-kernel-install-man-page-when-necessary.patch Submitted to upstream: https://github.com/systemd/systemd/pull/22918 - Move systemd-boot and all components managing (secure) UEFI boot into udev sub-package: they may deserve a dedicated sub-package in the future but for now move them to udev so they aren't installed in systemd based containers. - Move a bunch of components operating on (mainly block) devices into udev as without udev they're most likely useless. - spec: enable 'efi' support regardless of whether sd_boot is enabled or not We should support EFI systems even if systemd-boot is not enabled. ==== tdb ==== Version update (1.4.4 -> 1.4.6) - Update to 1.4.6 + Drop obsolete patch 0001-tdb-Fix-invalid-syntax-in-tdb.h.patch + Fix Python docstrings + Use atomic operations for tdb_[increment|get]_seqnum + Raw performance torture to beat tdb_increment_seqnum ==== tpm2.0-abrmd ==== Subpackages: libtss2-tcti-tabrmd0 tpm2.0-abrmd-selinux - dbus-access.patch: restrict D-Bus access to tpm2-abrmd to members of the tss group (bsc#1197532). This prevents arbitrary users from meddling with TPM state and thus potential denial-of-service vectors. ==== u-boot-rpiarm64 ==== Version update (2022.01 -> 2022.04) Subpackages: u-boot-rpiarm64-doc - Add new build dependencies - Update to 2022.04 Patch queue updated from https://github.com/openSUSE/u-boot.git tumbleweed-2022.04 * Patches dropped: 0010-sunxi-Enable-SPI-support-on-Orange-.patch 0011-Disable-CONFIG_CMD_BTRFS-in-xilinx_.patch 0012-smbios-Fix-table-when-no-string-is-.patch 0013-riscv-enable-CMD_BTRFS.patch 0014-Disable-timer-check-in-file-loading.patch 0015-Enable-EFI-and-ISO-partitions-suppo.patch 0016-mx6qsabrelite-Enable-DM_ETH-to-re-e.patch 0017-rockchip-sdhci-Fix-RK3399-eMMC-PHY-.patch * Patches added: 0010-Disable-CONFIG_CMD_BTRFS-in-xilinx_.patch 0011-smbios-Fix-table-when-no-string-is-.patch 0012-riscv-enable-CMD_BTRFS.patch 0013-Disable-timer-check-in-file-loading.patch 0014-Enable-EFI-and-ISO-partitions-suppo.patch 0015-mx6qsabrelite-Enable-DM_ETH-to-re-e.patch ==== yast2 ==== Version update (4.4.47 -> 4.5.1) - Show file conflict checking progress in delayed popup (bsc#1195608) PR: https://github.com/yast/yast-yast2/pull/1252 - 4.5.1 - Bump version to 4.5.0 (#bsc1198109)