Removed rpms ============ - git-interactive-rebase-tool - kanidm - kanidm-clients - kanidm-docs - kanidm-server - kanidm-unixd-clients - kernel-livepatch-6_4_0-150600_20-default - lalburst-devel - lalsimulation-data - lalsimulation-devel - liblalburst6 - liblalsimulation31 - openssh-server-config-rootlogin - python3-lalburst - python3-lalsimulation Added rpms ========== - openssh-server-config-disallow-rootlogin Package Source Changes ====================== apptainer +- Make sure, digest values handled by the Go library + github.com/opencontainers/go-digest and used throughout the + Go-implemented containers ecosystem are always validated. This + prevents attackers from triggering unexpected authenticated + registry accesses. + * Bump-github.com-containers-image-v5-from-5.30.0-to-5.30.1.patch + (CVE-2024-3727, bsc#1224114). + dtb-aarch64 +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + git-cliff +- update to 2.2.2: + * (changelog) Allow adding custom context + * (changelog) Ignore empty lines when using split_commits + * (parser) Allow matching empty commit body + * Documentation updates + +- update to 2.2.1: + * Make rendering errors more verbose + * Support detecting config from project manifest + * Make the bump version rules configurable + * bug fixes and documentation updates +- CVE-2024-32650: rust-rustls: Infinite loop with proper client + input fixes (boo#1223218) + +- Adopt new way to package rust software with obs-service-cargo: + * remove cargo_config. it's part of vendor.tar now +- Update to version 2.1.2: + * feat(npm): add programmatic API for TypeScript + * chore(fixtures): enable verbose logging for output + * refactor(clippy): apply clippy suggestions + * refactor(changelog): do not output to stdout when prepend is used + * feat(args): add `--tag-pattern` argument + * fix(config): fix commit parser regex in the default config + * fix(github): sanitize the GitHub token in debug logs + * chore(config): add animation to the header of the changelog + * refactor(clippy): apply clippy suggestions + * docs(security): update security policy + * chore(project): add readme to core package + * chore(embed): do not allow missing docs + * chore(config): skip dependabot commits for dev updates + * docs(readme): mention RustLab 2023 talk + * chore(config): revamp the configuration files + * chore(docker): update versions in Dockerfile + * chore(example): use full links in GitHub templates + * chore(project): bump MSRV to 1.74.1 + * revert(config): use postprocessors for checking the typos + * feat(template): support using PR labels in the GitHub template + * docs(configuration): fix typo + * feat(args): add `--no-exec` flag for skipping command execution + * chore(command): explicitly set the directory of command to current dir + * refactor(ci): use hardcoded workspace members for cargo-msrv command + * refactor(ci): simplify cargo-msrv installation + * refactor(clippy): apply clippy suggestions + * refactor(config): use postprocessors for checking the typos + * chore(project): update copyright years + * chore(github): update templates about GitHub integration + * feat(changelog): set the timestamp of the previous release + * feat(template): support using PR title in the GitHub template + * feat(changelog): improve skipping via `.cliffignore` and `--skip-commit` + * chore(changelog): disable the default behavior of next-version + * fix(git): sort commits in topological order + * test(changelog): use the correct version for missing tags + * chore(changelog): use 0.1.0 as default next release if no tag is found + * feat(github)!: support integration with GitHub repos + * refactor(changelog): support `--bump` for processed releases + * fix(cli): fix broken pipe when stdout is interrupted + * test(fixtures): update the bumped value output to add prefix + * feat(changelog): support tag prefixes with `--bump` + * feat(changelog)!: set tag to `0.0.1` via `--bump` if no tags exist + * fix(commit): trim the trailing newline from message + * docs(readme): use the raw link for the animation + * chore(example): remove limited commits example + * feat(args): add `-x` short argument for `--context` + * revert(deps): bump actions/upload-pages-artifact from 2 to 3 + * revert(deps): bump actions/deploy-pages from 3 to 4 + * chore(dependabot): group the dependency updates for creating less PRs + * feat(parser): support using SHA1 of the commit + * feat(commit): add merge_commit flag to the context + * chore(mergify): don't update PRs for the main branch + * fix(links): skip checking the GitHub commit URLs + * fix(changelog): fix previous version links + * feat(parser): support using regex scope values + * test(fixture): update the date for example test fixture + * docs(fixtures): add instructions for adding new fixtures + * feat(args): support initialization with built-in templates + * feat(changelog)!: support templating in the footer + * feat(args): allow returning the bumped version + * test(fixture): add test fixture for bumping version + * fix: allow version bump with a single previous release + * fix(changelog): set the correct previous tag when a custom tag is given + * feat(args): set `CHANGELOG.md` as default missing value for output option + * refactor(config): remove unnecessary newline from configs + +- Update to version 1.4.0: + * Support bumping the semantic version via `--bump` + * Add 'typos' check + * Log the output of failed external commands - + * breaking change: Support regex in 'tag_pattern' configuration + * Add field and value matchers to the commit parser +- Update service file to new obs service cargo requirements +- Add zstd in build requirements for tar scm + kernel-64kb +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-azure +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + kernel-debug +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-default +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-docs +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-kvmsmall +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-obs-build +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-obs-qa +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-source +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-source-azure +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + kernel-syms +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + kernel-syms-azure +- drm/i915/vma: Fix UAF on destroy against retire race (CVE-2024-26939 bsc#1223679). +- commit 0c69759 + +- rds: tcp: Fix use-after-free of net in reqsk_timer_handler() + (CVE-2024-26865 bsc#1223062). +- commit 4df5c35 + +- Update + patches.suse/0001-s390-cio-fix-race-condition-during-online-processing.patch + (bsc#1219485 bsc#1219451 git-fixes CVE-2024-27009 bsc#1223699). +- Update + patches.suse/Bluetooth-btnxpuart-Fix-btnxpuart_close.patch + (git-fixes CVE-2024-26959 bsc#1223667). +- Update + patches.suse/USB-usb-storage-Prevent-divide-by-0-error-in-isd200_.patch + (git-fixes CVE-2024-27059 bsc#1223738). +- Update + patches.suse/backlight-hx8357-Fix-potential-NULL-pointer-derefere.patch + (git-fixes CVE-2024-27071 bsc#1223734). +- Update patches.suse/clk-Fix-clk_core_get-NULL-dereference.patch + (git-fixes CVE-2024-27038 bsc#1223816). +- Update + patches.suse/clk-hisilicon-hi3559a-Fix-an-erroneous-devm_kfree.patch + (git-fixes CVE-2024-27039 bsc#1223821). +- Update + patches.suse/clk-qcom-gcc-ipq6018-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26970 bsc#1223644). +- Update + patches.suse/clk-qcom-gcc-ipq8074-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26969 bsc#1223645). +- Update + patches.suse/clk-qcom-gcc-ipq9574-fix-terminating-of-frequency-ta.patch + (git-fixes CVE-2024-26968 bsc#1223642). +- Update + patches.suse/clk-qcom-mmcc-apq8084-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26966 bsc#1223646). +- Update + patches.suse/clk-qcom-mmcc-msm8974-fix-terminating-of-frequency-t.patch + (git-fixes CVE-2024-26965 bsc#1223648). +- Update + patches.suse/clk-zynq-Prevent-null-pointer-dereference-caused-by-.patch + (git-fixes CVE-2024-27037 bsc#1223717). +- Update + patches.suse/cpufreq-brcmstb-avs-cpufreq-add-check-for-cpufreq_cp.patch + (git-fixes CVE-2024-27051 bsc#1223769). +- Update + patches.suse/crypto-qat-resolve-race-condition-during-AER-recover.patch + (git-fixes CVE-2024-26974 bsc#1223638). +- Update + patches.suse/drm-amd-display-Add-replay-NULL-check-in-edp_set_rep.patch + (git-fixes CVE-2024-27040 bsc#1223711). +- Update + patches.suse/drm-amd-display-Fix-a-potential-buffer-overflow-in-d.patch + (git-fixes CVE-2024-27045 bsc#1223826). +- Update + patches.suse/drm-amd-display-Fix-potential-NULL-pointer-dereferen.patch + (git-fixes CVE-2024-27044 bsc#1223723). +- Update + patches.suse/drm-amd-display-fix-NULL-checks-for-adev-dm.dc-in-am.patch + (git-fixes CVE-2024-27041 bsc#1223714). +- Update + patches.suse/drm-amdgpu-Fix-potential-out-of-bounds-access-in-amd.patch + (git-fixes CVE-2024-27042 bsc#1223823). +- Update + patches.suse/drm-vmwgfx-Fix-possible-null-pointer-derefence-with-.patch + (git-fixes CVE-2024-26979 bsc#1223628). +- Update + patches.suse/md-Fix-missing-release-of-active_io-for-flush-8556.patch + (jsc#PED-7542 CVE-2024-27023 bsc#1223776). +- Update + patches.suse/media-dvb-frontends-avoid-stack-overflow-warnings-wi.patch + (git-fixes CVE-2024-27075 bsc#1223842). +- Update patches.suse/media-edia-dvbdev-fix-a-use-after-free.patch + (git-fixes CVE-2024-27043 bsc#1223824). +- Update + patches.suse/media-go7007-fix-a-memleak-in-go7007_load_encoder.patch + (git-fixes CVE-2024-27074 bsc#1223844). +- Update + patches.suse/media-imx-csc-scaler-fix-v4l2_ctrl_handler-memory-le.patch + (git-fixes CVE-2024-27076 bsc#1223779). +- Update + patches.suse/media-ttpci-fix-two-memleaks-in-budget_av_attach.patch + (git-fixes CVE-2024-27073 bsc#1223843). +- Update + patches.suse/media-usbtv-Remove-useless-locks-in-usbtv_video_free.patch + (git-fixes CVE-2024-27072 bsc#1223837). +- Update + patches.suse/media-v4l2-mem2mem-fix-a-memleak-in-v4l2_m2m_registe.patch + (git-fixes CVE-2024-27077 bsc#1223780). +- Update + patches.suse/media-v4l2-tpg-fix-some-memleaks-in-tpg_alloc.patch + (git-fixes CVE-2024-27078 bsc#1223781). +- Update + patches.suse/net-phy-fix-phy_get_internal_delay-accessing-an-empt.patch + (git-fixes CVE-2024-27047 bsc#1223828). +- Update + patches.suse/nilfs2-fix-failure-to-detect-DAT-corruption-in-btree.patch + (git-fixes CVE-2024-26956 bsc#1223663). +- Update + patches.suse/nilfs2-prevent-kernel-bug-at-submit_bh_wbc.patch + (git-fixes CVE-2024-26955 bsc#1223657). +- Update patches.suse/pci_iounmap-Fix-MMIO-mapping-leak.patch + (git-fixes CVE-2024-26977 bsc#1223631). +- Update + patches.suse/powercap-intel_rapl-Fix-a-NULL-pointer-dereference.patch + (git-fixes CVE-2024-26975 bsc#1223632). +- Update + patches.suse/s390-Once-the-discipline-is-associated-with-the-device-de.patch + (bsc#1141539 git-fixes CVE-2024-27054 bsc#1223819). +- Update + patches.suse/scsi-qla2xxx-Fix-command-flush-on-cable-pull.patch + (bsc#1221816 CVE-2024-26931 bsc#1223627). +- Update patches.suse/scsi-qla2xxx-Fix-double-free-of-fcport.patch + (bsc#1221816 CVE-2024-26929 bsc#1223715). +- Update + patches.suse/scsi-qla2xxx-Fix-double-free-of-the-ha-vp_map-pointe.patch + (bsc#1221816 CVE-2024-26930 bsc#1223626). +- Update + patches.suse/thermal-drivers-mediatek-lvts_thermal-Fix-a-memory-l.patch + (git-fixes CVE-2024-27068 bsc#1223808). +- Update + patches.suse/thunderbolt-Fix-NULL-pointer-dereference-in-tb_port_.patch + (git-fixes CVE-2024-27060 bsc#1223725). +- Update patches.suse/usb-ulpi-Fix-debugfs-directory-leak.patch + (git-fixes CVE-2024-26919 bsc#1223847). +- Update + patches.suse/wifi-brcm80211-handle-pmk_op-allocation-failure.patch + (git-fixes CVE-2024-27048 bsc#1223760). +- Update + patches.suse/wifi-rtl8xxxu-add-cancel_work_sync-for-c2hcmd_work.patch + (git-fixes CVE-2024-27052 bsc#1223829). +- Update + patches.suse/wifi-wilc1000-do-not-realloc-workqueue-everytime-an-.patch + (git-fixes CVE-2024-27391 bsc#1223709). +- Update + patches.suse/wifi-wilc1000-fix-RCU-usage-in-connect-path.patch + (git-fixes CVE-2024-27053 bsc#1223737). +- commit 9296e40 + +- Update + patches.suse/drm-tegra-dsi-Add-missing-check-for-of_find_device_b.patch + (git-fixes CVE-2023-52650 bsc#1223770). +- Update + patches.suse/drm-vkms-Avoid-reading-beyond-LUT-array.patch + (git-fixes CVE-2023-52649 bsc#1223768). +- Update + patches.suse/drm-vmwgfx-Unmap-the-surface-before-resetting-it-on-.patch + (git-fixes CVE-2023-52648 bsc#1223765). +- Update + patches.suse/media-nxp-imx8-isi-Check-whether-crossbar-pad-is-non.patch + (git-fixes CVE-2023-52647 bsc#1223764). +- commit f67398e + +- Update + patches.suse/powerpc-pseries-Fix-potential-memleak-in-papr_get_at.patch + (bsc#1215199 CVE-2022-48669 bsc#1223756). +- commit e9a7939 + +- Delete + patches.suse/iommufd-iova_bitmap-Move-symbols-to-IOMMUFD-namespace. + (bsc#1222654) +- commit dc5c22e + +- Refresh patches.suse/powerpc-pseries-iommu-LPAR-panics-when-rebooted-with.patch. +- commit ca33aea + kernel-zfcpdump +- s390/cpum_cf: make crypto counters upward compatible across + machine types (bsc#1224348). +- commit 36c1e09 + +- cifs: fix underflow in parse_server_interfaces() (CVE-2024-26828 bsc#1223084). +- commit 40aba68 + +- mctp: perform route lookups under a RCU read-side lock + (CVE-2023-52483 bsc#1220738). +- commit 659b74f + +- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts + (bsc#1218562 CVE-2023-6270 CVE-2024-26898 bsc#1223016). +- commit bd4199d + linuxrc +- merge gh#openSUSE/linuxrc#332 +- write /etc/locale.conf and /etc/vconsole.conf (bsc#1218621, + bsc#1222289) +- update year in copyright message +- 7.0.32.7 + openssh +- Add a warning in %post of openssh-clients, openssh-server and + openssh-server-config-disallow-rootlogin to warn the user if + the /etc/ssh/(ssh_config.d|sshd_config.d) directories are not + being used (bsc#1223486). + +- Only for SLE15, restore the patch file removed in + Thu Feb 18 13:54:44 UTC 2021 to restore the previous behaviour + from SP5 of having root password login allowed by default + (fixes bsc#1223486, related to bsc#1173067): + * openssh-7.7p1-allow_root_password_login.patch +- Since the default value for this config option is now set to + permit root to use password logins in SLE15, the + openssh-server-config-rootlogin subpackage isn't useful there so + we now create an openssh-server-config-disallow-rootlogin + subpackage that sets the configuration the other way around + than openssh-server-config-rootlogin. + +- openssh-8.0p1-gssapi-keyex.patch: Added missing struct initializer, + added missing parameter (bsc#1222840) + python-python-jose +- Make python-pycryptodome dependency only required for Factory. + +- Add upstream patches: + * CVE-2024-33663.patch, bsc#1223417, gh#mpdavis/python-jose#349 + * CVE-2024-33664.patch, bsc#1223422, gh#mpdavis/python-jose#345 + * fix-tests-ecdsa-019.patch, gh#mpdavis/python-jose#350 + python-python-multipart +- update to 0.0.9: + * Add support for Python 3.12 #85. + * Drop support for Python 3.7 #95. + * Add `MultipartState(IntEnum)` #96. + * Add `QuerystringState` #97. + * Add `TypedDict` callbacks #98. + * Add config `TypedDict`s #99. + * Cleanup unused regex patterns + * Check if `Message.get_params` return 3-`tuple` instead of + `str` on `parse_options_header` + +- version update to 0.0.7 + 0.0.7 (2024-02-03) + * Refactor header option parser to use the standard library instead of a custom RegEx #75. + [bsc#1219610] CVE-2024-24762 + 0.0.6 (2023-02-27) + * Migrate package installation to pyproject.toml (PEP 621) #54. + * Use yaml.safe_load instead of yaml.load #46. + * Add support for Python 3.11, drop EOL 3.6 #51. + * Add support for Python 3.8-3.10, drop EOL 2.7-3.5 #42. + * QuerystringParser: don't raise an AttributeError in __repr__ #30. +- deleted patches + - python-python-multipart-no-mock.patch (upstreamed) + - python-python-multipart-no-six.patch (upstreamed) + - support-pyyaml-6.patch (upstreamed) + trytond_account +- Version 6.0.25 - Bugfix Release + trytond_stock_lot +- Version 6.0.4 - Bugfix Release + +- sources not signed anymore + +- Version 6.0.3 - Bugfix Release +